1. 13 May, 2020 1 commit
  2. 05 May, 2020 1 commit
  3. 30 Apr, 2020 1 commit
  4. 27 Apr, 2020 1 commit
  5. 14 Apr, 2020 1 commit
  6. 13 Feb, 2020 1 commit
  7. 10 Feb, 2020 1 commit
    • Joakim Bengtsson's avatar
      Improve V8 GC logic for external memory · 4b1447e4
      Joakim Bengtsson authored
      The logic for V8 GC normally only takes the external memory growth
      since last mark-compact into account. Unfortunately, the amount of
      external memory recorded at the end of MC is often too high. The
      reason is that it might take a while for the external memory
      associated with the GCed objects to be released (e.g. V8 itself post a
      task to release external memory for ArrayBuffer backing stores). In a
      worst case scenario GC is driven only by external memory and none of
      the external memory is released by the end of the MC. Then each MC
      will record the external memory at its highest point and the GC logic
      will allow the external memory to grow a bit higher each time which
      can lead to excessive memory use.
      
      This patch improves the situation a bit by calculating the growth from
      the lowest external memory seen since the last MC. That way the growth
      calculation will be offset from a level presumably closer to the
      intended one (to what it would have been if the external memory
      associated with the GCed objects was released during the MC). Now,
      this fix is not perfect because it can be thrown off by external
      memory growth occurring before the lingering memory is
      released. However, it seems to work rather well in practice (e.g. when
      playing MSE video on YT).
      
      Bug: v8:10185
      Change-Id: Ifcdd87eb45f3ae4a99d2aeec667c3ae4ca9a52b6
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042711Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarDominik Inführ <dinfuehr@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#66193}
      4b1447e4
  8. 17 Oct, 2019 1 commit
    • Toon Verwaest's avatar
      Reland^2 "[runtime] Move Context::native_context to the map" · 3cad6bf5
      Toon Verwaest authored
      This is a reland of c7c47c68.
      
      This makes TSAN happy in addition to:
      
      Previously I presumed that the context read from a frame in the profiler was
      a valid context. Turns out that on non-intel we're not guaranteed that the
      frame is properly set up. In the case we looked at, the profiler took a
      sample right before writing the frame marker indicating a builtin frame,
      causing the "context" pointer from that frame to be a bytecode array. Since
      we'll read random garbage on the stack as a possible context pointer, I made
      the code reading the native context from it a little more defensive.
      
      Bug: v8:9860
      Tbr: ulan@chromium.org, neis@chromium.org, ishell@chromium.org
      
      Original change's description:
      > [runtime] Move Context::native_context to the map
      >
      > Remove the native context slot from contexts by making context maps
      > native-context-specific. Now we require 2 loads to go from a context to the
      > native context, but we have 1 field fewer to store when creating contexts.
      >
      > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
      > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
      > Reviewed-by: Maya Lekova <mslekova@chromium.org>
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#64296}
      
      Change-Id: I4d0ab4cbbb23a9ae616407f17ef8f35a0b68ddb4
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864654
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#64360}
      3cad6bf5
  9. 16 Oct, 2019 2 commits
    • Sathya Gunasekaran's avatar
      Revert "Reland "[runtime] Move Context::native_context to the map"" · 38301e7b
      Sathya Gunasekaran authored
      This reverts commit c7c47c68.
      
      Reason for revert: breaks TSAN
      https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738
      
      Original change's description:
      > Reland "[runtime] Move Context::native_context to the map"
      > 
      > This is a reland of f05bae1e
      > 
      > Previously I presumed that the context read from a frame in the profiler was
      > a valid context. Turns out that on non-intel we're not guaranteed that the
      > frame is properly set up. In the case we looked at, the profiler took a
      > sample right before writing the frame marker indicating a builtin frame,
      > causing the "context" pointer from that frame to be a bytecode array. Since
      > we'll read random garbage on the stack as a possible context pointer, I made
      > the code reading the native context from it a little more defensive.
      > 
      > Bug: v8:9860
      > 
      > Original change's description:
      > > [runtime] Move Context::native_context to the map
      > >
      > > Remove the native context slot from contexts by making context maps
      > > native-context-specific. Now we require 2 loads to go from a context to the
      > > native context, but we have 1 field fewer to store when creating contexts.
      > >
      > > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
      > > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
      > > Reviewed-by: Maya Lekova <mslekova@chromium.org>
      > > Reviewed-by: Georg Neis <neis@chromium.org>
      > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#64296}
      > 
      > Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > Auto-Submit: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#64314}
      
      TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com
      
      Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:9860
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937Reviewed-by: 's avatarSathya Gunasekaran  <gsathya@chromium.org>
      Commit-Queue: Sathya Gunasekaran  <gsathya@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#64316}
      38301e7b
    • Toon Verwaest's avatar
      Reland "[runtime] Move Context::native_context to the map" · c7c47c68
      Toon Verwaest authored
      This is a reland of f05bae1e
      
      Previously I presumed that the context read from a frame in the profiler was
      a valid context. Turns out that on non-intel we're not guaranteed that the
      frame is properly set up. In the case we looked at, the profiler took a
      sample right before writing the frame marker indicating a builtin frame,
      causing the "context" pointer from that frame to be a bytecode array. Since
      we'll read random garbage on the stack as a possible context pointer, I made
      the code reading the native context from it a little more defensive.
      
      Bug: v8:9860
      
      Original change's description:
      > [runtime] Move Context::native_context to the map
      >
      > Remove the native context slot from contexts by making context maps
      > native-context-specific. Now we require 2 loads to go from a context to the
      > native context, but we have 1 field fewer to store when creating contexts.
      >
      > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
      > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
      > Reviewed-by: Maya Lekova <mslekova@chromium.org>
      > Reviewed-by: Georg Neis <neis@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#64296}
      
      Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Commit-Queue: Toon Verwaest <verwaest@chromium.org>
      Auto-Submit: Toon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#64314}
      c7c47c68
  10. 15 Oct, 2019 2 commits
  11. 07 Oct, 2019 1 commit
  12. 26 Sep, 2019 1 commit
  13. 19 Sep, 2019 1 commit
  14. 23 Aug, 2019 1 commit
  15. 20 Aug, 2019 1 commit
  16. 13 Aug, 2019 1 commit
    • Jakob Gruber's avatar
      [isolate-data] Move hot fields closer to isolate_root · fb698cec
      Jakob Gruber authored
      In generated code, we access fields inside IsolateData through the
      root-register. On some platforms it is significantly cheaper to access
      things that are close to the root-register value than things that are
      located far away. The motivation for this CL was a 5% difference in
      Octane/Mandreel scores between
      
      // Part of the stack check.
      cmpq rsp,[r13+0x9ea8]
      
      and
      
      cmpq rsp,[r13-0x30]  // Mandreel score improved by 5%.
      
      This moves the StackGuard up to fix Mandreel. As a drive-by, also move
      two more fields up that are accessed by each CallCFunction.
      
      Tbr: yangguo@chromium.org
      Bug: v8:9534,chromium:993264
      Change-Id: I5418b63d40274a138e285fa3c99b96e33a814fb1
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1751345Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Auto-Submit: Jakob Gruber <jgruber@chromium.org>
      Commit-Queue: Yang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63187}
      fb698cec
  17. 10 May, 2019 1 commit
  18. 24 Apr, 2019 1 commit
  19. 23 Apr, 2019 2 commits
  20. 18 Apr, 2019 1 commit
  21. 19 Mar, 2019 2 commits
    • Igor Sheludko's avatar
      [ptr-compr][ubsan] Use [Read/Write]UnalignedValue for unaligned fields · 0188634e
      Igor Sheludko authored
      When pointer compression is enabled the [u]intptr_t and double fields are
      only kTaggedSize aligned so in order to avoid undefined behavior in C++ code
      we have to access these values in an unaligned pointer friendly way although
      both x64 and arm64 architectures (where pointer compression is supported)
      allow unaligned access.
      
      These changes will be removed once v8:8875 is fixed and all the
      kSystemPointerSize fields are properly aligned.
      
      Bug: v8:7703
      Change-Id: I4df477cbdeab806303bb4f675d52b61c06342c8e
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1528996
      Commit-Queue: Igor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60321}
      0188634e
    • Benedikt Meurer's avatar
      [turbofan] Significantly improve ConsString creation performance. · d6a60a0e
      Benedikt Meurer authored
      This change significantly improves the performance of string
      concatenation in optimized code for the case where the resulting string
      is represented as a ConsString. On the relevant test cases we go from
      
        serializeNaive: 10762 ms.
        serializeClever: 7813 ms.
        serializeConcat: 10271 ms.
      
      to
      
        serializeNaive: 10278 ms.
        serializeClever: 5533 ms.
        serializeConcat: 10310 ms.
      
      which represents a 30% improvement on the "clever" benchmark, which
      tests specifically the ConsString creation performance.
      
      This was accomplished via a couple of different steps, which are briefly
      outlined here:
      
        1. The empty_string gets its own map, so that we can easily recognize
           and handle it appropriately in the TurboFan type system. This
           allows us to express (and assert) that the inputs to NewConsString
           are non-empty strings, making sure that TurboFan no longer creates
           "crippled ConsStrings" with empty left or right hand sides.
        2. Further split the existing String types in TurboFan to be able to
           distinguish between OneByte and TwoByte strings on the type system
           level. This allows us to avoid having to dynamically lookup the
           resulting ConsString map in case of ConsString creation (i.e. when
           we know that both input strings are OneByte strings or at least
           one of the input strings is TwoByte).
        3. We also introduced more finegrained feedback for the Add bytecode
           in the interpreter, having it collect feedback about ConsStrings,
           specifically ConsOneByteString and ConsTwoByteString. This feedback
           can be used by TurboFan to only inline the relevant code for what
           was seen so far. This allows us to remove the Octane/Splay specific
           magic in JSTypedLowering to detect ConsString creation, and instead
           purely rely on the feedback of what was seen so far (also making it
           possible to change the semantics of NewConsString to be a low-level
           operator, which is only introduced in SimplifiedLowering by looking
           at the input types of StringConcat).
        4. On top of the before mentioned type and interpreter changes we added
           new operators CheckNonEmptyString, CheckNonEmptyOneByteString, and
           CheckNonEmptyTwoByteString, which perform the appropriate (dynamic)
           checks.
      
      There are several more improvements that are possible based on this, but
      since the change was already quite big, we decided not to put everything
      into the first change, but do some follow up tweaks to the type system,
      and builtin optimizations later.
      
      Tbr: mstarzinger@chromium.org
      Bug: v8:8834, v8:8931, v8:8939, v8:8951
      Change-Id: Ia24e17c6048bf2b04df966d3cd441f0edda05c93
      Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      Doc: https://bit.ly/fast-string-concatenation-in-javascript
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1499497
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarMythri Alle <mythria@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60318}
      d6a60a0e
  22. 18 Mar, 2019 1 commit
  23. 06 Mar, 2019 1 commit
  24. 04 Mar, 2019 2 commits
    • Igor Sheludko's avatar
      [ptr-compr] Prepare for changing kTaggedSize, pt.3 · 17448030
      Igor Sheludko authored
      This CL also gives up trying to maintain double and system word
      fields at aligned addresses because currently it's not always
      maintained (v8:8875) and Torque object definitions do not support
      padding fields (v8:8863).
      
      Given that both platforms where pointer compression is going to be
      enabled (x64 and arm64) support loading of doubles and full words
      from 4-byte aligned addresses we are fine.
      
      Bug: v8:7703
      Change-Id: I99fc6da5a0927f4db9b8fb24c7cc0bfc416523bc
      Reviewed-on: https://chromium-review.googlesource.com/c/1496974
      Auto-Submit: Igor Sheludko <ishell@chromium.org>
      Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60013}
      17448030
    • Benedikt Meurer's avatar
      [cleanup] Remove obsolete "one byte data hint" for strings. · 683cf6f4
      Benedikt Meurer authored
      In the early days of Chrome when we used WebKit there was no support for
      ASCII strings on the C++ side, so we put a hint onto these two-byte
      strings that said "string only contains one byte data", such that
      internally in V8 when these were involved in string operations, we could
      instead create the *cheaper* one byte strings.
      
      Nowadays Blink properly supports one-byte string representations and
      this additional hint only comes with overhead, since we check it in
      quite a few places (i.e. on the hot path for string concatenation), plus
      we end up consuming more memory due to the additional string maps.
      Removing the hint also frees one bit in the InstanceType zoo for
      strings.
      
      This alone improves performance on the `bench-dom-serialize.js` test case
      by around **3%**.
      
      Tbr: mstarzinger@chromium.org
      Bug: v8:6622, v8:8834, v8:8939
      Cq-Include-Trybots: luci.chromium.try:linux-blink-rel
      Change-Id: I0753f2859cee7b5a37b6f0da64d8ec39fcb044ff
      Doc: https://bit.ly/fast-string-concatenation-in-javascript
      Reviewed-on: https://chromium-review.googlesource.com/c/1498478
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60006}
      683cf6f4
  25. 08 Feb, 2019 1 commit
  26. 08 Jan, 2019 1 commit
  27. 27 Dec, 2018 1 commit
  28. 13 Dec, 2018 1 commit
  29. 12 Dec, 2018 1 commit
  30. 11 Dec, 2018 1 commit
  31. 30 Nov, 2018 1 commit
  32. 22 Nov, 2018 1 commit
  33. 21 Nov, 2018 2 commits
  34. 20 Nov, 2018 1 commit