Skip to content

V
V8
Switch branch/tag
  1. 04 Jan, 2022 2 commits
  3. 03 Jan, 2022 7 commits
    • Anton Bershanskiy's avatar
      Fix gen-keywords-gen-h.py · f3214885
      Anton Bershanskiy authored 
      Commit 84f3877c moved IsInRange to
base::IsInRange and updated src/parsing/keywords-gen.h, but did not
update tools/gen-keywords-gen-h.py.

Bug: v8:12507
Change-Id: I914ba73feac3bac6fd5d08d14d17149faf6c5c76
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3356200Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78467}
      f3214885
    • Benedikt Meurer's avatar
      [debug] Lazily lookup source positions for StackFrameInfo. · 2ffc79b7
      Benedikt Meurer authored 
      This changes the StackFrameInfo to either hold on to a pair of

  (Script,source position)

or a pair of

  (SharedFunctioInfo,bytecode offset)

similar to what we do for MessageLocation. The idea here is to defer the
costly bytecode offset to source position lookup until really needed,
and in particular, avoid the costly lookup during stack trace capturing.

On the `standalone.js` benchmark in crbug.com/1283162#c1, this reduces
overall average execution time by roughly 25%, and the performance is
almost back to where it was before crrev.com/c/3302794 (being only 12%
slower than before on the `standalone.js` test case).

Note that due to unrelated limitations we cannot encode -1 as bytecode
offset in the flags field of the StackFrameInfo, and so we treat this
case specially (happens when stack trace capturing is triggered in the
function entry sequence) and just eagerly resolve it to the source
position.

Bug: chromium:1278650, chromium:1283162, chromium:1280803
Bug: chromium:1280818, chromium:1280831, chromium:1280832
Doc: https://bit.ly/v8-cheaper-inspector-stack-traces
Change-Id: If7cf62fce48d32c0f188895d1f8c9eee51b9e70d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3359633Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78466}
      2ffc79b7
    • Samuel Groß's avatar
      [platform] Use MADV_DONTNEED in OS::DiscardSystemPages on Linux · a457ee76
      Samuel Groß authored 
      This is in line with PartitionAlloc's DiscardSystemPagesInternal.

When the sandbox is enabled, OS::DiscardSystemPages is used instead of
PA's version. As such, these two implementations should ideally be
mostly identical. Using MADV_FREE instead of MADV_DONTNEED as was
previously done appears to cause some memory regressions.

Bug: chromium:1276887
Change-Id: Ied92b106e9894d428e599801d753ab4c8cffd874
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364090Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78465}
      a457ee76
    • Omer Katz's avatar
      cppgc: Fix leftover cached events · 97751649
      Omer Katz authored 
      Clear cached events if there is no embedder recorder.

Bug: chromium:1154636
Change-Id: I9ad3b752ea242d07b417ce3022936789c47afc6a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3358292Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78464}
      97751649
    • Manos Koukoutos's avatar
      [wasm] Fix floating projections when inlining · a8b99992
      Manos Koukoutos authored 
      Int64Lowering may produce projection nodes with floating control input.
When inlining, we need to connect such nodes to the caller's start node
instead of the control dependency of the call node.

Bug: v8:12506, v8:12166
Change-Id: I1a726dc7b0ad40e98f3b745298062c2f7194288a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3352221Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78463}
      a8b99992
    • Benedikt Meurer's avatar
      Revert "[inspector] Fix `Runtime.setMaxCallStackSizeToCapture`." · c51b582d
      Benedikt Meurer authored 
      This reverts commit 34f73cc7.

Reason for revert: Performance regressions throughout a lot of
system health and browsing benchmarks.

Original change's description:
> [inspector] Fix `Runtime.setMaxCallStackSizeToCapture`.
>
> This change fixes the implementation of the previously introduced API
> `Runtime.setMaxCallStackSizeToCapture` to work correctly and also apply
> (consistently) to stack traces captured by V8 when exceptions are
> thrown. It does so in a fully backwards compatible manner.
>
> This change thus makes the previous fix for catapult (which landed in
> http://crrev.com/c/3347789) effective, and therefore ensures that real
> world performance benchmarks aren't affected by the use of the `Runtime`
> domain in the catapult test framework.
>
> Bug: chromium:1283162, chromium:1278650, chromium:1258599
> Bug: chromium:1280803, chromium:1280832, chromium:1280818
> Fixed: chromium:1280831
> Doc: https://bit.ly/v8-cheaper-inspector-stack-traces
> Change-Id: I4ec951a858317fa49096cd4023deb0104d92c9c9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3361839
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78458}

Bug: chromium:1283162, chromium:1278650, chromium:1258599
Bug: chromium:1280803, chromium:1280832, chromium:1280818
Bug: chromium:1280831
Change-Id: Id1efaffa2f7f08c47f833f68b8a297494edee21e
Fixed: chromium:1283751, chromium:1283749, chromium:1283746
Fixed: chromium:1283729, chromium:1283700, chromium:1283700
Fixed: chromium:1283691, chromium:1283687, chromium:1283678
Fixed: chromium:1283677, chromium:1283676, chromium:1283675
Fixed: chromium:1283674, chromium:1283618, chromium:1283536
Fixed: chromium:1283523, chromium:1283516
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364078
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78462}
      c51b582d
    • v8-ci-autoroll-builder's avatar
      Update V8 DEPS. · 1254cf6e
      v8-ci-autoroll-builder authored 
      Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/6c5151b..555c8b4

R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com

Change-Id: Ie93c78b95a8dae9f353a49d4ba1f90a7e575f8b2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3364387
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78461}
      1254cf6e
  5. 02 Jan, 2022 1 commit
  7. 01 Jan, 2022 1 commit
  9. 31 Dec, 2021 2 commits
  11. 30 Dec, 2021 6 commits
  13. 29 Dec, 2021 3 commits
  15. 28 Dec, 2021 1 commit
  17. 27 Dec, 2021 5 commits
  19. 26 Dec, 2021 1 commit
  21. 25 Dec, 2021 1 commit
  23. 24 Dec, 2021 3 commits
  25. 23 Dec, 2021 3 commits
  27. 22 Dec, 2021 4 commits
    • Milad Fa's avatar
      Fix Wasm atomic waits on big endian platforms · 183a2abc
      Milad Fa authored 
      Wasm values are stored in memory in little endian order even
on BE machines and as a result they need to be manually reversed
after a load.

Other such atomic ops get patched during Wasm compilation or
during code-gen, this is one of the few places where a runtime call is
made to C++ which requires this fix.

As the the runtime stub is used on both TurboFan and Liftoff this
patch will fix both cases.

Up until now the cctest was passing incorrectly as it's mixing the
Wasm memory buffer with TypedArrays. TypedArrays don't have the
LE enforcement and use the native byte order.

With this patch the test is now failing as expected
and is being skipped for now.

Bug: v8:12505
Change-Id: I49fac208f1fab7396b7d9911e803bc047b3b8263
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3350744Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#78433}
      183a2abc
    • Benedikt Meurer's avatar
      [console] Proper type conversions in console builtins. · 099cb420
      Benedikt Meurer authored 
      This updates the following set of console builtins in V8 to match the
Console Standard (https://console.spec.whatwg.org) with respect to
(potentially side effecting) type conversions:

  - console.debug
  - console.error
  - console.info
  - console.log
  - console.trace
  - console.warn
  - console.group
  - console.groupCollapsed
  - console.assert

The V8 implementation only performs the type conversions and updates
the arguments in-place with the results from the %String% constructor,
%parseInt%, or %parseFloat% invocations. The actual formatting is
still left completely to the debugger front-end.

To give a concrete example, the following code

```js
const msgFmt = {
  toString() { return 'Message %i' }
};
console.log('LOG: %s`, msgFmt, 42);
```

sends the following parameters to the debugger front-end

```js
["LOG: %s", "Message %i", 42]
```

and it's then the job of the front-end to perform the actual string
substitutions.

It's also worth calling out that the console builtins are only
concerned with %s, %f, %d, and %i formatting specifiers, since
these are the only ones that trigger type conversions, and %o, %O,
and %c can only be implemented in a meaningful way at a higher
level.

Fixed: chromium:1277944
Bug: chromium:1282076
Doc: https://bit.ly/v8-proper-console-type-conversions
Spec: https://console.spec.whatwg.org
Change-Id: I0996680811aa96236bd0d879e4a11101629ef1a7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3352118Reviewed-by: 's avatarKim-Anh Tran <kimanh@chromium.org>
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78432}
      099cb420
    • Shu-yu Guo's avatar
      [compiler] Fix typing JSLoadNamed of private brands · d19a707d
      Shu-yu Guo authored 
      Private method loads are compiled to a named load of a private brand,
which always loads a BlockContext. This BlockContext holds the private
methods common to all instances of a class. TurboFan currently considers
JSLoadNamed to be of Type::NonInternal(). Private methods break this
assumption, since BlockContext is of Type::OtherInternal().

This CL changes the typing of JSLoadNamed of private brands to be
Type::OtherInternal().

Bug: v8:12500
Change-Id: I91f39747bf9422bd419d299f44152f567d8be8db
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3351167Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78431}
      d19a707d
    • Igor Sheludko's avatar
      [heap] Add instrumentation to GcSafeFindCodeForInnerPointer, pt.2 · 6c30d63a
      Igor Sheludko authored 
      ... in order to ease issues debugging.

Bug: chromium:1241665
Change-Id: I7731a37e642acd0aef02570fb70faf0bc65495ff
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3353367Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78430}
      6c30d63a