Skip to content

V
V8
Switch branch/tag
  1. 05 Nov, 2021 1 commit
  3. 25 Oct, 2021 1 commit
  5. 19 Oct, 2021 1 commit
  7. 15 Oct, 2021 1 commit
  9. 14 Oct, 2021 2 commits
    • Samuel Groß's avatar
      Add special handling for Windows in DetermineAddressSpaceLimit · 72cd8c1a
      Samuel Groß authored 
      On Windows pre 8.1, userspace is limited to 8TB of virtual address
space. Take that into account when determining the size and/or placement
of the virtual memory cage.

Bug: chromium:1218005
Change-Id: Idda94534cad67dc2db77e9ba459e3a4b239dac2a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3222763Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77402}
      72cd8c1a
    • Samuel Groß's avatar
      Implement DetermineAddressSpaceLimit() on x64 · 571eca5c
      Samuel Groß authored 
      This function tries to determine the number of virtual address bits
available on the current CPU and with that the maximum size of the
userspace address space. On x64, it can be implemented through CPUID.

The result of this function is now used in two ways: first, it limits
the maximum size of the virtual memory cage, currently to a quarter of
the address space. Second, it influences the placement of fake cages,
which are attempted to be placed into the lower half of the address
space so that they are followed by large amounts of (hopefully) unused
but addressable virtual memory in which pages can be allocated.

Bug: chromium:1218005
Change-Id: I0edc5d241d899f16dbc47492fa1534b6aaa4aa13
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3220348
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77393}
      571eca5c
  11. 13 Oct, 2021 2 commits
    • Samuel Groß's avatar
      Reland "Implement a fake virtual memory cage mechanism" · 0aaec6ed
      Samuel Groß authored 
      This is a reland of 1ea76c13

Disabled the failing test on Fuchsia until its PageAllocator
respects allocation hints.

Original change's description:
> Implement a fake virtual memory cage mechanism
>
> On operating systems where reserving virtual address space is expensive,
> notably Windows pre 8.1, it is not possible to create a proper virtual
> memory cage. In order to still be able to reference caged objects
> through offsets from the cage base on these systems, this CL introduces
> a fake cage mechanism. When the fake cage is used, most of the virtual
> memory for the cage is not actually reserved. Instead, the cage's page
> allocator simply relies on hints to the OS to obtain pages inside the
> cage. This does, however, not provide the same security benefits as a
> real cage as unrelated allocations might end up inside the cage.
>
> Bug: chromium:1218005
> Change-Id: Ie5314be23966ed0042a017917b63595481b5e7e3
> Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3217200
> Commit-Queue: Samuel Groß <saelo@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77367}

Bug: chromium:1218005
Change-Id: I2ed95d121db164679c38085115e8fa92690c057e
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3220151Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77378}
      0aaec6ed
    • Camillo Bruni's avatar
      Reland "[flags] Skip --random-seed in FlagList::Hash" · b704bc09
      Camillo Bruni authored 
      This is a reland of 9fe53c4f

- Fix data-race by using an atomic for flag_hash;
- Make sure flag_hash != 0
- Initialize flag_hash in V8::InitializeOncePerProcessImpl
- Clear flag_hash in more cases

Original change's description:
> [flags] Skip --random-seed in FlagList::Hash
>
> Node and friends use --random-seed to temporary reset the seed for
> predictable code-cache creation. To allow custom random seeds at runtime
> the flag is reset for encoding the FlagList::Hash in the snapshots.
>
> We will soon disallow changing flags via the API after V8 has been
> initialized. In order to make node work we will exclude --random-seed
> from the FlagList::Hash calculation.
>
> Drive-by-fix:
> * Lazily initialize flag_hash instead of calculating it after every call
>   to SetFlagsFromString / EnforceFlagImplications.
> * Simplify hash string source creation since out << flag now includes
>   the full flag information
>
> Bug: v8:12309
> Change-Id: I1a168f4702d8c4d160ff12fdbea881731e4ea8b6
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3218159
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77345}

Bug: v8:12309
Change-Id: I12cd2931d81dc74e07a4da3564e4bf8dd151300a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3218981
Commit-Queue: Marja Hölttä <marja@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: 's avatarMarja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77373}
      b704bc09
  13. 12 Oct, 2021 2 commits
    • Deepti Gandluri's avatar
      Revert "Implement a fake virtual memory cage mechanism" · 1a0b993d
      Deepti Gandluri authored 
      This reverts commit 1ea76c13.

Reason for revert: The unit test added fails on the Fuchsia bot https://ci.chromium.org/p/v8/builders/ci/V8%20Fuchsia/25976?

Original change's description:
> Implement a fake virtual memory cage mechanism
>
> On operating systems where reserving virtual address space is expensive,
> notably Windows pre 8.1, it is not possible to create a proper virtual
> memory cage. In order to still be able to reference caged objects
> through offsets from the cage base on these systems, this CL introduces
> a fake cage mechanism. When the fake cage is used, most of the virtual
> memory for the cage is not actually reserved. Instead, the cage's page
> allocator simply relies on hints to the OS to obtain pages inside the
> cage. This does, however, not provide the same security benefits as a
> real cage as unrelated allocations might end up inside the cage.
>
> Bug: chromium:1218005
> Change-Id: Ie5314be23966ed0042a017917b63595481b5e7e3
> Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3217200
> Commit-Queue: Samuel Groß <saelo@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77367}

Bug: chromium:1218005
Change-Id: I541bb9656ab2a6a080c2a30d372226fcc5c95391
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3219086
Auto-Submit: Deepti Gandluri <gdeepti@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Owners-Override: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77368}
      1a0b993d
    • Samuel Groß's avatar
      Implement a fake virtual memory cage mechanism · 1ea76c13
      Samuel Groß authored 
      On operating systems where reserving virtual address space is expensive,
notably Windows pre 8.1, it is not possible to create a proper virtual
memory cage. In order to still be able to reference caged objects
through offsets from the cage base on these systems, this CL introduces
a fake cage mechanism. When the fake cage is used, most of the virtual
memory for the cage is not actually reserved. Instead, the cage's page
allocator simply relies on hints to the OS to obtain pages inside the
cage. This does, however, not provide the same security benefits as a
real cage as unrelated allocations might end up inside the cage.

Bug: chromium:1218005
Change-Id: Ie5314be23966ed0042a017917b63595481b5e7e3
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3217200
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77367}
      1ea76c13
  15. 08 Oct, 2021 2 commits
  17. 07 Oct, 2021 2 commits
    • Frank Tang's avatar
      Reland "[intl] Fix consistency in Intl API" · fed33f90
      Frank Tang authored 
      This is a reland of a1e6efd8

Fix Android issue by checking the resources is not filtering out.

Original change's description:
> [intl] Fix consistency in Intl API
>
> Fix several edge cases consistency issues with ICU discovered by test262 test by
> using Intl Enumeration API
> 1. Work around ICU short coming of always fallback in currency display
>  name so when the fallback is "none" in DisplayNames, the force fallback
> code will produce the correct undefined from the of(currency_code) method.
> 2. Always check numbering system is not algorithm based numbering system
> to fix DateTimeFormat/RelativeTimeFormat/NumberFormat
> resolvedOptions().numberingSystem when the reqested numberingSystem is one
> of the numbering systems that we filter out the resources and not supported.
> 3. Generalize the iso8601 bit solution in DateTimeFormat and rename it to
> alt_calendar bit to also fix DateTimeFormat resolvedOptions report
> calendar as "islamic" while requesting "islamic-rgsa".
> 4. Work around reporting inconsistency of currency code and display name
> in ICU.
>
> Bug: v8:12209
> Change-Id: Ibd349ee55426fad7d6f20a5e93fb35ff7438e111
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3153576
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77242}

Bug: v8:12209
Change-Id: I96e1ba33e97f6a4abbe20e23a8fdff6cdf8bc131
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3207380Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
Commit-Queue: Frank Tang <ftang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77290}
      fed33f90
    • Samuel Groß's avatar
      Add PageInitializationMode enum for the BoundedPageAllocator · 18c37d32
      Samuel Groß authored 
      Currently, when compiling with V8_VIRTUAL_MEMORY_CAGE enabled, the
behavior of the BoundedPageAllocator changes from simply making freed
pages inaccessible to decommitting them, which guarantees that they will
be zero-initialized after the next allocation. As this seems to cause
some performance regressions on Mac, this CL introduces a new enum that
specifies how the allocator should behave:
kAllocatedPagesMustBeZeroInitialized causes the pages to be decommitted
during FreePages() and ReleasePages() and thus guarantees
zero-initialization during AllocPages().
kAllocatedPagesCanBeUninitialized only causes the pages to be made
inaccessible, and so does not generally guarantee zero-initialization
for AllocPages().

Finally, this CL also removes some dead code in allocation.cc.

Bug: chromium:1257089
Change-Id: I53fa52c8913df869bee2b536efe252780d1ad893
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3208812
Commit-Queue: Samuel Groß <saelo@chromium.org>
Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77285}
      18c37d32
  19. 06 Oct, 2021 2 commits
    • Frank Tang's avatar
      Revert "[intl] Fix consistency in Intl API" · 34f278b8
      Frank Tang authored 
      This reverts commit a1e6efd8.

Reason for revert: Break Arm64

Original change's description:
> [intl] Fix consistency in Intl API
>
> Fix several edge cases consistency issues with ICU discovered by test262 test by
> using Intl Enumeration API
> 1. Work around ICU short coming of always fallback in currency display
>  name so when the fallback is "none" in DisplayNames, the force fallback
> code will produce the correct undefined from the of(currency_code) method.
> 2. Always check numbering system is not algorithm based numbering system
> to fix DateTimeFormat/RelativeTimeFormat/NumberFormat
> resolvedOptions().numberingSystem when the reqested numberingSystem is one
> of the numbering systems that we filter out the resources and not supported.
> 3. Generalize the iso8601 bit solution in DateTimeFormat and rename it to
> alt_calendar bit to also fix DateTimeFormat resolvedOptions report
> calendar as "islamic" while requesting "islamic-rgsa".
> 4. Work around reporting inconsistency of currency code and display name
> in ICU.
>
> Bug: v8:12209
> Change-Id: Ibd349ee55426fad7d6f20a5e93fb35ff7438e111
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3153576
> Commit-Queue: Frank Tang <ftang@chromium.org>
> Reviewed-by: Shu-yu Guo <syg@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#77242}

Bug: v8:12209
Change-Id: I6b8ac7dc89eda158e29c9d653825cb20a89341aa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3207379Reviewed-by: 's avatarFrank Tang <ftang@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#77246}
      34f278b8
    • Frank Tang's avatar
      [intl] Fix consistency in Intl API · a1e6efd8
      Frank Tang authored 
      Fix several edge cases consistency issues with ICU discovered by test262 test by
using Intl Enumeration API
1. Work around ICU short coming of always fallback in currency display
 name so when the fallback is "none" in DisplayNames, the force fallback
code will produce the correct undefined from the of(currency_code) method.
2. Always check numbering system is not algorithm based numbering system
to fix DateTimeFormat/RelativeTimeFormat/NumberFormat
resolvedOptions().numberingSystem when the reqested numberingSystem is one
of the numbering systems that we filter out the resources and not supported.
3. Generalize the iso8601 bit solution in DateTimeFormat and rename it to
alt_calendar bit to also fix DateTimeFormat resolvedOptions report
calendar as "islamic" while requesting "islamic-rgsa".
4. Work around reporting inconsistency of currency code and display name
in ICU.

Bug: v8:12209
Change-Id: Ibd349ee55426fad7d6f20a5e93fb35ff7438e111
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3153576
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#77242}
      a1e6efd8
  21. 05 Oct, 2021 1 commit
  23. 01 Oct, 2021 1 commit
  25. 28 Sep, 2021 1 commit
  27. 23 Sep, 2021 1 commit
  29. 20 Sep, 2021 2 commits
  31. 17 Sep, 2021 1 commit
  33. 16 Sep, 2021 2 commits
  35. 14 Sep, 2021 2 commits
  37. 07 Sep, 2021 1 commit
  39. 26 Aug, 2021 1 commit
  41. 25 Aug, 2021 1 commit
  43. 24 Aug, 2021 3 commits
  45. 23 Aug, 2021 2 commits
    • Dan Elphick's avatar
      Revert "[include] Split out v8.h" · 44fe02ce
      Dan Elphick authored 
      This reverts commit d1b27019.

Reason for revert: Broke vtune build, tsan build and possibly others

Original change's description:
> [include] Split out v8.h
>
> This moves every single class/function out of include/v8.h into a
> separate header in include/, which v8.h then includes so that
> externally nothing appears to have changed.
>
> Every include of v8.h from inside v8 has been changed to a more
> fine-grained include.
>
> Previously inline functions defined at the bottom of v8.h would call
> private non-inline functions in the V8 class. Since that class is now
> in v8-initialization.h and is rarely included (as that would create
> dependency cycles), this is not possible and so those methods have been
> moved out of the V8 class into the namespace v8::api_internal.
>
> None of the previous files in include/ now #include v8.h, which means
> if embedders were relying on this transitive dependency then it will
> give compile failures.
>
> v8-inspector.h does depend on v8-scripts.h for the time being to ensure
> that Chrome continue to compile but that change will be reverted once
> those transitive #includes in chrome are changed to include it directly.
>
> Full design:
> https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing
>
> Bug: v8:11965
> Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Reviewed-by: Camillo Bruni <cbruni@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Reviewed-by: Leszek Swirski <leszeks@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Dan Elphick <delphick@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#76424}

Bug: v8:11965
Change-Id: Id57313ae992e720c8b19abc975cd69729e1344aa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3113627
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76428}
      44fe02ce
    • Dan Elphick's avatar
      [include] Split out v8.h · d1b27019
      Dan Elphick authored 
      This moves every single class/function out of include/v8.h into a
separate header in include/, which v8.h then includes so that
externally nothing appears to have changed.

Every include of v8.h from inside v8 has been changed to a more
fine-grained include.

Previously inline functions defined at the bottom of v8.h would call
private non-inline functions in the V8 class. Since that class is now
in v8-initialization.h and is rarely included (as that would create
dependency cycles), this is not possible and so those methods have been
moved out of the V8 class into the namespace v8::api_internal.

None of the previous files in include/ now #include v8.h, which means
if embedders were relying on this transitive dependency then it will
give compile failures.

v8-inspector.h does depend on v8-scripts.h for the time being to ensure
that Chrome continue to compile but that change will be reverted once
those transitive #includes in chrome are changed to include it directly.

Full design:
https://docs.google.com/document/d/1rTD--I8hCAr-Rho1WTumZzFKaDpEp0IJ8ejZtk4nJdA/edit?usp=sharing

Bug: v8:11965
Change-Id: I53b84b29581632710edc80eb11f819c2097a2877
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3097448Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/main@{#76424}
      d1b27019
  47. 19 Aug, 2021 1 commit
  49. 17 Aug, 2021 2 commits
  51. 12 Aug, 2021 2 commits