Skip to content

V
V8
Switch branch/tag
  1. 14 Apr, 2018 1 commit
    • Jakob Kummerow's avatar
      [ubsan] Change Address typedef to uintptr_t · 2459046c
      Jakob Kummerow authored 
      The "Address" type is V8's general-purpose type for manipulating memory
addresses. Per the C++ spec, pointer arithmetic and pointer comparisons
are undefined behavior except within the same array; since we generally
don't operate within a C++ array, our general-purpose type shouldn't be
a pointer type.

Bug: v8:3770
Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ib96016c24a0f18bcdba916dabd83e3f24a1b5779
Reviewed-on: https://chromium-review.googlesource.com/988657
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52601}
      2459046c
  3. 26 Mar, 2018 1 commit
  5. 06 Feb, 2018 1 commit
  7. 01 Feb, 2018 1 commit
  9. 30 Jan, 2018 3 commits
  11. 29 Jan, 2018 2 commits
    • Gabriel Charette's avatar
      Revert "v8::ItemParallelJob : Do not launch more Tasks than there are Items to process." · 2407b2bd
      Gabriel Charette authored 
      This reverts commit 8a27c7d3.

Reason for revert: 

Having more tasks then work items is intentional in some use cases, i.e. Scavenging where RunInParallel() does parallel processing on a dynamic workload *after* the initial set of work items:

    {
      barrier_->Start();
      TimedScope scope(&scavenging_time);
      PageScavengingItem* item = nullptr;
      while ((item = GetItem<PageScavengingItem>()) != nullptr) {
        item->Process(scavenger_);
        item->MarkFinished();
      }
      do {
        scavenger_->Process(barrier_);
      } while (!barrier_->Wait());
      scavenger_->Process();
    }

Original change's description:
> v8::ItemParallelJob : Do not launch more Tasks than there are Items to process.
> 
> Except when there are 0 items. For some reason I don't quite understand yet, not
> calling Run() on tasks_[0] when there are 0 items results in DCHECKs...
> 
> Bug: chromium:806237
> Change-Id: I38c8fffde64a42f93f4efda492832651137eebd7
> Reviewed-on: https://chromium-review.googlesource.com/888704
> Commit-Queue: Gabriel Charette <gab@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50924}

TBR=gab@chromium.org,mlippautz@chromium.org

Change-Id: Iad2ab16bb41f339de8e3fbca1c08c5d26b8a0111
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:806237
Reviewed-on: https://chromium-review.googlesource.com/891186Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Gabriel Charette <gab@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50928}
      2407b2bd
    • Gabriel Charette's avatar
      v8::ItemParallelJob : Do not launch more Tasks than there are Items to process. · 8a27c7d3
      Gabriel Charette authored 
      Except when there are 0 items. For some reason I don't quite understand yet, not
calling Run() on tasks_[0] when there are 0 items results in DCHECKs...

Bug: chromium:806237
Change-Id: I38c8fffde64a42f93f4efda492832651137eebd7
Reviewed-on: https://chromium-review.googlesource.com/888704
Commit-Queue: Gabriel Charette <gab@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50924}
      8a27c7d3
  13. 23 Jan, 2018 2 commits
  15. 15 Dec, 2017 1 commit
    • Bill Budge's avatar
      [Memory] Create memory management API in v8::internal. · a449f09f
      Bill Budge authored 
      - Creates a memory management API in v8::internal, which corresponds
  to the existing one in base::OS.
- Implements the new API in terms of the old one.
- Changes all usage of the base::OS API to the one in v8::internal. This
  includes all tests, except platform and OS tests.
- Makes OS:: methods private.
- Moves all LSAN calls into the v8::internal functions.

Bug: chromium:756050
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: Iaa3f022e3e12fdebf937f3c76b6c6455014beb8a
Reviewed-on: https://chromium-review.googlesource.com/794856
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: 's avatarEric Holk <eholk@chromium.org>
Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50139}
      a449f09f
  17. 04 Dec, 2017 1 commit
  19. 02 Dec, 2017 1 commit
    • Mathias Bynens's avatar
      Normalize casing of hexadecimal digits · 822be9b2
      Mathias Bynens authored 
      This patch normalizes the casing of hexadecimal digits in escape
sequences of the form `\xNN` and integer literals of the form
`0xNNNN`.

Previously, the V8 code base used an inconsistent mixture of uppercase
and lowercase.

Google’s C++ style guide uses uppercase in its examples:
https://google.github.io/styleguide/cppguide.html#Non-ASCII_Characters

Moreover, uppercase letters more clearly stand out from the lowercase
`x` (or `u`) characters at the start, as well as lowercase letters
elsewhere in strings.

BUG=v8:7109
TBR=marja@chromium.org,titzer@chromium.org,mtrofin@chromium.org,mstarzinger@chromium.org,rossberg@chromium.org,yangguo@chromium.org,mlippautz@chromium.org
NOPRESUBMIT=true

Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I790e21c25d96ad5d95c8229724eb45d2aa9e22d6
Reviewed-on: https://chromium-review.googlesource.com/804294
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49810}
      822be9b2
  21. 18 Oct, 2017 1 commit
  23. 10 Oct, 2017 1 commit
    • Michael Lippautz's avatar
      [heap] Introduce on-hold concurrent marking work list · b7e6eb92
      Michael Lippautz authored 
      When hitting objects that are allocated in the most recent lienar
allocation area, the concurrent marker currently has to bail out to the
main thread.

However, we only have to delay processing those objects until we are at
a safepoint, e.g. IM::Step(). With this change we flush those
on-hold-objects back to the shared queue upon performing an incremental
marking step.

Bug: chromium:694255
Change-Id: I25647d0fc581a5c4de0346bc394dc51062f65f70
Reviewed-on: https://chromium-review.googlesource.com/707315
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48424}
      b7e6eb92
  25. 22 Sep, 2017 1 commit
  27. 19 Sep, 2017 1 commit
  29. 30 Aug, 2017 1 commit
  31. 18 Aug, 2017 1 commit
  33. 17 Aug, 2017 1 commit
    • Ulan Degenbaev's avatar
      [heap] New live byte tracking. · dfc6b4dd
      Ulan Degenbaev authored 
      This patch changes how space size and capacity are updated in GC:
- space capacity changes only when a page added/removed from the space.
- space size is reset to zero before sweeping and incremented by
  page->live_bytes_count_ for each to-be-swept page.
- space size is refined after sweeping using the accurate
  page->allocated_bytes counter produces by the sweeper.

Invariants:
1. space.capacity = sum [page.size | for page in space].
2. After marking, before sweeping:
   a) space.size = sum [page.live_bytes_count | for page in space].
3. After sweeping, before marking ends:
   a) space.size = sum [page.allocated_bytes | for page in space].
   b) page.allocated_bytes >= (sum [object.size | for object in page] +
         page.linear_allocation_area).
   c) page.area_size = (page.allocated_bytes + page.wasted_memory +
         sum [free_list_entry.size | for free_list_entry in page].

3.b becomes equality if the mutator is not doing array trimming,
object slack tracking during sweeping.

Bug: chromium:694255
Change-Id: Ic8d16a8171187a113fee2df8bf3c2a4c5e77bc08
Reviewed-on: https://chromium-review.googlesource.com/618889
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47409}
      dfc6b4dd
  35. 09 Aug, 2017 1 commit
  37. 31 Jul, 2017 1 commit
  39. 28 Jul, 2017 1 commit
    • Ulan Degenbaev's avatar
      Revert "[heap] Reland "[heap] Allow a minimum semi-space size of 512K."" · 774a4c5e
      Ulan Degenbaev authored 
      This reverts commit 176a2b24.

Reason for revert: performance regression on the benchmarks.

Original change's description:
> [heap] Reland "[heap] Allow a minimum semi-space size of 512K."
> 
> This patch changes the semi-space size to 512K.
> 
> > Original commit message:
> > Revert "[heap] Allow a minimum semi-space size of 512K."
> > This reverts commit 0d2ed6c3.
> > The CL introduced perf regressions: crbug.com/735649.
> > We are going to reland the CL in an isolated V8 roll to ensure
> > that perf regressions are attributed correctly.
> 
> > Original commit message:
> > > [heap] Allow a minimum semi-space size of 512K.
> > > This CL also reduces the minimum semi-space size to 512K.
> > > BUG=chromium:716032
> > BUG=chromium:735649
> 
> Change-Id: Iabc377cba2911b28d51b98bb5b85134d4e893632
> Reviewed-on: https://chromium-review.googlesource.com/575066
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#46763}

TBR=ulan@chromium.org,mlippautz@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Change-Id: I80f8b6699f41e91512f7cec38060c829252ff95e
Reviewed-on: https://chromium-review.googlesource.com/591309Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46982}
      774a4c5e
  41. 19 Jul, 2017 2 commits
    • Ulan Degenbaev's avatar
      [heap] Reland "[heap] Allow a minimum semi-space size of 512K." · 176a2b24
      Ulan Degenbaev authored 
      This patch changes the semi-space size to 512K.

> Original commit message:
> Revert "[heap] Allow a minimum semi-space size of 512K."
> This reverts commit 0d2ed6c3.
> The CL introduced perf regressions: crbug.com/735649.
> We are going to reland the CL in an isolated V8 roll to ensure
> that perf regressions are attributed correctly.

> Original commit message:
> > [heap] Allow a minimum semi-space size of 512K.
> > This CL also reduces the minimum semi-space size to 512K.
> > BUG=chromium:716032
> BUG=chromium:735649

Change-Id: Iabc377cba2911b28d51b98bb5b85134d4e893632
Reviewed-on: https://chromium-review.googlesource.com/575066Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46763}
      176a2b24
    • Ulan Degenbaev's avatar
      [heap] Add API to set heap semi-space limits in KB. · bb29f9a4
      Ulan Degenbaev authored 
      This relands parts of "[heap] Allow a minimum semi-space size of 512K."
excluding the actual semi-space size change.

This partially reverts commit f341bb0f

> Original commit message:
> Revert "[heap] Allow a minimum semi-space size of 512K."
> This reverts commit 0d2ed6c3.
> The CL introduced perf regressions: crbug.com/735649.
> We are going to reland the CL in an isolated V8 roll to ensure
> that perf regressions are attributed correctly.

> Original commit message:
> > [heap] Allow a minimum semi-space size of 512K.
> > This CL also reduces the minimum semi-space size to 512K.
> > BUG=chromium:716032
> BUG=chromium:735649

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5ed66b72104aa877d67fcd20bdadc807ea1551c3
Reviewed-on: https://chromium-review.googlesource.com/575065
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46762}
      bb29f9a4
  43. 14 Jul, 2017 1 commit
    • Ulan Degenbaev's avatar
      [heap] Rework ASLR for base::Platform::VirtualMemory · 0640cbf3
      Ulan Degenbaev authored 
      Currently every VirtualMemory allocation on 64-bit systems
uses a random 46-bit address hint for ASLR.

This leads to wired page leak on MacOS discovered by Erik Chen (see
crbug.com/700928 and https://chromium-review.googlesource.com/c/557958/):
"The Darwin kernel [as of macOS 10.12.5] does not clean up page directory
entries [PDE] created from mmap or mach_vm_allocate, even after
the region is destroyed. Using a virtual address space that is too large
causes a leak of about 1 wired [can never be paged out] page per call to
mmap(). The page is only reclaimed when the process is killed."

This patch changes VirtualMemory to accept the hint parameter explicitly.

On MacOS the hints are confined to 4GB contiguous region. Algorithm:
- On startup, set heap.mmap_region_base_ to a random address.
- For each mmap use heap.mmap_region_base_ + (random_offset % (4*GB)).

BUG=chromium:700928

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I2ae6a024e02fbe63f940105d7920b57c19abacc6
Reviewed-on: https://chromium-review.googlesource.com/558876
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46656}
      0640cbf3
  45. 05 Jul, 2017 1 commit
  47. 04 Jul, 2017 1 commit
  49. 30 Jun, 2017 2 commits
  51. 27 Jun, 2017 1 commit
  53. 26 Jun, 2017 2 commits
  55. 23 Jun, 2017 1 commit
  57. 22 Jun, 2017 1 commit
  59. 19 Jun, 2017 1 commit
  61. 13 Jun, 2017 1 commit
  63. 12 Jun, 2017 2 commits