1. 16 Oct, 2018 2 commits
    • Jakob Kummerow's avatar
      [ubsan] Replace internal::Object references in v8.h · a2f18248
      Jakob Kummerow authored
      with internal::Address. This is in preparation for the upcoming
      changes to internal::Object. The public API is unchanged, and
      there should be no change in behavior either.
      
      Most of the casts newly introduced here will disappear again once
      the migration is complete.
      
      Bug: v8:3770
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
      Change-Id: I2990b06a2511ccc5de3f98fd95a805f30ed589ab
      Reviewed-on: https://chromium-review.googlesource.com/c/1036612Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#56705}
      a2f18248
    • Dan Elphick's avatar
      Clarify roots iteration · 08b8e0ff
      Dan Elphick authored
      Change Heap::IterateStrongRoots to never iterate the read-only roots. In
      doing so remove VISIT_ALL_BUT_READ_ONLY and
      VISIT_ONLY_STRONG_FOR_SERIALIZATION. All such uses should now use
      VISIT_ALL and VISIT_ONLY_STRONG. Where ReadOnlyRoots iteration is
      required, this adds ReadOnlyRoots(isolate)->Iterate() at the call site.
      
      Add new begin, end, strong_mutable_roots_begin and
      strong_mutable_roots_end methods to RootsTable and try and make the
      existing uses a little more consistent.
      
      Bug: v8:8191
      Change-Id: Ie9d0f9e5186db418428e2fafd38432b0bd879daa
      Reviewed-on: https://chromium-review.googlesource.com/c/1278500
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#56672}
      08b8e0ff
  2. 04 Oct, 2018 1 commit
    • Dan Elphick's avatar
      [heap] Skip marking of read-only roots · df625be0
      Dan Elphick authored
      Adds new VisitModes VISIT_ALL_BUT_READ_ONLY and
      VISIT_STRONG_FOR_SERIALIZATION.
      
      GC-related methods like MarkReachableObjects now now use
      VISIT_ALL_BUT_READ_ONLY instead of VISIT_ALL. All GC-related VisitModes
      skip iterating over the read-only roots.
      
      All Serializer methods should always use a _FOR_SERIALIZATION value to
      ensure they do visit the read-only roots.
      
      Also adds RootsTable::read_only_roots_begin and end methods.
      
      Bug: v8:7464
      Change-Id: I468d7ae9f345d9fc0e10837f01dc5b92bd996412
      Reviewed-on: https://chromium-review.googlesource.com/c/1256245Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#56368}
      df625be0
  3. 27 Sep, 2018 1 commit
  4. 20 Sep, 2018 1 commit
  5. 19 Sep, 2018 2 commits
  6. 18 Sep, 2018 1 commit
  7. 13 Sep, 2018 1 commit
  8. 12 Sep, 2018 1 commit
  9. 11 Sep, 2018 3 commits
  10. 07 Sep, 2018 1 commit
  11. 06 Sep, 2018 1 commit
  12. 05 Sep, 2018 1 commit
  13. 22 Aug, 2018 1 commit
  14. 14 Aug, 2018 1 commit
  15. 03 Aug, 2018 1 commit
  16. 26 Jul, 2018 1 commit
  17. 24 Jul, 2018 1 commit
  18. 06 Jul, 2018 1 commit
  19. 04 Jul, 2018 1 commit
  20. 02 Jul, 2018 1 commit
  21. 28 Jun, 2018 1 commit
  22. 27 Jun, 2018 1 commit
  23. 13 Jun, 2018 1 commit
  24. 06 Jun, 2018 1 commit
  25. 05 Jun, 2018 1 commit
  26. 29 May, 2018 1 commit
  27. 18 May, 2018 1 commit
  28. 08 May, 2018 1 commit
  29. 07 May, 2018 2 commits
  30. 04 May, 2018 1 commit
  31. 30 Apr, 2018 2 commits
    • Georgia Kouveli's avatar
      [arm64] Use direct calls where possible. · 0600afdd
      Georgia Kouveli authored
      This includes the following changes:
      - Limit code space to 128 MB.
      - Use direct branches wherever possible.
      - Where not possible, continue using load literal followed by an indirect
        branch.
      - Sort RelocInfo by target_address_address for the serializer, since mixing
        load literal instructions and branch instructions messes up that order.
      - Ensure we always wipe out targets in the serializer (not just for the
        snapshot) in order to be able to distinguish between constant pool entries
        and branch instructions.
      
      Change-Id: I1a1029ce2a5f72a3a94802daf267d14a42c7c790
      Reviewed-on: https://chromium-review.googlesource.com/939175Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
      Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
      Cr-Commit-Position: refs/heads/master@{#52885}
      0600afdd
    • Jaroslav Sevcik's avatar
      Replace array index masking with the poisoning approach. · f53dfd93
      Jaroslav Sevcik authored
      The idea is to mark all the branches and loads participating in array
      bounds checks, and let them contribute-to/use the poisoning register.
      In the code, the marks for array indexing operations now contain
      "Critical" in their name. By default (--untrusted-code-mitigations),
      we only instrument the "critical" operations with poisoning.
      
      With that in place, we also remove the array masking approach based
      on arithmetic.
      
      Since we do not propagate the poison through function calls,
      we introduce a node for poisoning an index that is passed through
      function call - the typical example is the bounds-checked index
      that is passed to the CharCodeAt builtin.
      
      Most of the code in this CL is threads through the three levels of
      protection (safe, critical, unsafe) for loads, branches and flags.
      
      Bug: chromium:798964
      
      Change-Id: Ief68e2329528277b3ba9156115b2a6dcc540d52b
      Reviewed-on: https://chromium-review.googlesource.com/995413
      Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52883}
      f53dfd93
  32. 24 Apr, 2018 1 commit
  33. 19 Apr, 2018 1 commit
    • Dan Elphick's avatar
      Reland "Reland "[heap] Move initial objects into RO_SPACE"" · 9ab6621a
      Dan Elphick authored
      This is a reland of 6c68efac
      
      Updated Heap::CommittedMemory and related functions to iterate over all
      spaces rather than including them manually which can lead to a space
      being overlooked. Also adds a test to ensure this the case.
      
      Original change's description:
      > Revert "Reland "[heap] Move initial objects into RO_SPACE""
      >
      > This reverts commit 6c68efac.
      >
      > Reason for revert: https://bugs.chromium.org/p/v8/issues/detail?id=7668
      >
      > Original change's description:
      > > Reland "[heap] Move initial objects into RO_SPACE"
      > >
      > > This is a reland of f8ae62fe
      > >
      > > Original change's description:
      > > > [heap] Move initial objects into RO_SPACE
      > > >
      > > > This moves:
      > > > * the main oddballs (null, undefined, hole, true, false) as well as
      > > > their supporting maps (also adds hole as an internalized string to make
      > > > this work).
      > > > * most of the internalized strings
      > > > * the struct maps
      > > > * empty array
      > > > * empty enum cache
      > > > * the contents of the initial string table
      > > > * the weak_cell_cache for any map in RO_SPACE (and eagerly creates the
      > > > value avoid writing to it during run-time)
      > > >
      > > > The StartupSerializer stats change as follows:
      > > >
      > > >      RO_SPACE  NEW_SPACE  OLD_SPACE  CODE_SPACE  MAP_SPACE  LO_SPACE
      > > > old         0          0     270264       32608      12144         0
      > > > new     21776          0     253168       32608       8184         0
      > > > Overall memory usage has increased by 720 bytes due to the eager
      > > > initialization of the Map weak cell caches.
      > > >
      > > > Also extends --serialization-statistics to print out separate instance
      > > > type stats for objects in RO_SPACE as shown here:
      > > >
      > > >   Read Only Instance types (count and bytes):
      > > >        404      16736  ONE_BYTE_INTERNALIZED_STRING_TYPE
      > > >          2         32  HEAP_NUMBER_TYPE
      > > >          5        240  ODDBALL_TYPE
      > > >         45       3960  MAP_TYPE
      > > >          1         16  BYTE_ARRAY_TYPE
      > > >          1         24  TUPLE2_TYPE
      > > >          1         16  FIXED_ARRAY_TYPE
      > > >          1         32  DESCRIPTOR_ARRAY_TYPE
      > > >         45        720  WEAK_CELL_TYPE
      > > >
      > > > Bug: v8:7464
      > > > Change-Id: I12981c39c82a7057f68bbbe03f89fb57b0b4c6a6
      > > > Reviewed-on: https://chromium-review.googlesource.com/973722
      > > > Commit-Queue: Dan Elphick <delphick@chromium.org>
      > > > Reviewed-by: Hannes Payer <hpayer@chromium.org>
      > > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > > > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > > > Cr-Commit-Position: refs/heads/master@{#52435}
      > >
      > > Bug: v8:7464
      > > Change-Id: I50427edfeb53ca80ec4cf46566368fb2213ccf7b
      > > Reviewed-on: https://chromium-review.googlesource.com/999654
      > > Commit-Queue: Dan Elphick <delphick@chromium.org>
      > > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > > Reviewed-by: Hannes Payer <hpayer@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#52638}
      >
      > TBR=rmcilroy@chromium.org,yangguo@chromium.org,hpayer@chromium.org,mlippautz@chromium.org,delphick@chromium.org
      >
      > # Not skipping CQ checks because original CL landed > 1 day ago.
      >
      > Bug: v8:7464,v8:7668
      > Change-Id: I10aa03623b51e997f95a3715ea9f0bf5d29d2cdb
      > Reviewed-on: https://chromium-review.googlesource.com/1016600
      > Commit-Queue: Peter Marshall <petermarshall@chromium.org>
      > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52667}
      
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
      Change-Id: If4b7490c8c4d31612de8ec132de334955a319b11
      Bug: v8:7464, v8:7668
      Reviewed-on: https://chromium-review.googlesource.com/1019020Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52689}
      9ab6621a
  34. 18 Apr, 2018 1 commit
    • Peter Marshall's avatar
      Revert "Reland "[heap] Move initial objects into RO_SPACE"" · c2280f9a
      Peter Marshall authored
      This reverts commit 6c68efac.
      
      Reason for revert: https://bugs.chromium.org/p/v8/issues/detail?id=7668
      
      Original change's description:
      > Reland "[heap] Move initial objects into RO_SPACE"
      >
      > This is a reland of f8ae62fe
      >
      > Original change's description:
      > > [heap] Move initial objects into RO_SPACE
      > >
      > > This moves:
      > > * the main oddballs (null, undefined, hole, true, false) as well as
      > > their supporting maps (also adds hole as an internalized string to make
      > > this work).
      > > * most of the internalized strings
      > > * the struct maps
      > > * empty array
      > > * empty enum cache
      > > * the contents of the initial string table
      > > * the weak_cell_cache for any map in RO_SPACE (and eagerly creates the
      > > value avoid writing to it during run-time)
      > >
      > > The StartupSerializer stats change as follows:
      > >
      > >      RO_SPACE  NEW_SPACE  OLD_SPACE  CODE_SPACE  MAP_SPACE  LO_SPACE
      > > old         0          0     270264       32608      12144         0
      > > new     21776          0     253168       32608       8184         0
      > > Overall memory usage has increased by 720 bytes due to the eager
      > > initialization of the Map weak cell caches.
      > >
      > > Also extends --serialization-statistics to print out separate instance
      > > type stats for objects in RO_SPACE as shown here:
      > >
      > >   Read Only Instance types (count and bytes):
      > >        404      16736  ONE_BYTE_INTERNALIZED_STRING_TYPE
      > >          2         32  HEAP_NUMBER_TYPE
      > >          5        240  ODDBALL_TYPE
      > >         45       3960  MAP_TYPE
      > >          1         16  BYTE_ARRAY_TYPE
      > >          1         24  TUPLE2_TYPE
      > >          1         16  FIXED_ARRAY_TYPE
      > >          1         32  DESCRIPTOR_ARRAY_TYPE
      > >         45        720  WEAK_CELL_TYPE
      > >
      > > Bug: v8:7464
      > > Change-Id: I12981c39c82a7057f68bbbe03f89fb57b0b4c6a6
      > > Reviewed-on: https://chromium-review.googlesource.com/973722
      > > Commit-Queue: Dan Elphick <delphick@chromium.org>
      > > Reviewed-by: Hannes Payer <hpayer@chromium.org>
      > > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
      > > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#52435}
      >
      > Bug: v8:7464
      > Change-Id: I50427edfeb53ca80ec4cf46566368fb2213ccf7b
      > Reviewed-on: https://chromium-review.googlesource.com/999654
      > Commit-Queue: Dan Elphick <delphick@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Reviewed-by: Hannes Payer <hpayer@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52638}
      
      TBR=rmcilroy@chromium.org,yangguo@chromium.org,hpayer@chromium.org,mlippautz@chromium.org,delphick@chromium.org
      
      # Not skipping CQ checks because original CL landed > 1 day ago.
      
      Bug: v8:7464,v8:7668
      Change-Id: I10aa03623b51e997f95a3715ea9f0bf5d29d2cdb
      Reviewed-on: https://chromium-review.googlesource.com/1016600
      Commit-Queue: Peter Marshall <petermarshall@chromium.org>
      Reviewed-by: 's avatarPeter Marshall <petermarshall@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52667}
      c2280f9a