1. 11 Jul, 2022 1 commit
    • Samuel Groß's avatar
      [sandbox] Prepare ExternalPointerTable rollout · 8a59678b
      Samuel Groß authored
      This CL does the following:
      - It enables (i.e. allocates and initializes) the per-Isolate
        ExternalPointerTable when the sandbox is enabled.
      - It refactors the list of external pointer tags to mark them as
        "sandboxed" or "unsandboxed". An unsandboxed external pointer has a
        null tag.
      - It changes V8_SANDBOXED_EXTERNAL_POINTERS to now essentially just
        enable sandboxing for all available tags.
      - It modifies all low-level external pointer accessors to perform the
        ExternalPointerLookup only if the tag is non-zero and otherwise treat
        the slot as containing a raw pointer.
      
      This now allows rolling out external pointer sandboxing incrementally
      (separately for each external pointer type), which will in turn allow
      for more precise performance measurements of the impact of the sandbox.
      
      Note: when an external pointer tag is now marked as sandboxed (and
      V8_SANDBOXED_EXTERNAL_POINTERS is not enabled), the underlying slots are
      still 64-bits in size. This simplifies the implementation as we would
      otherwise need to deal with variably-sized external pointer slots. Local
      benchmarking suggests that the benefits from 32-bit external pointer
      slots are insignificant on typical benchmarks, so this should be ok.
      
      Drive-by: rename kExternalPointerSize to kExternalPointerSlotSize to
      make it more clear what it refers to (the on-heap storage size). Also
      delete CodeStubAssembler::InitializeExternalPointerField as it is not
      currently used and the implementation is fairly inefficient.
      
      Bug: v8:10391
      Change-Id: I7c38729c7e9048d737a1a8ced84749f5b1f7feab
      Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3736447Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Commit-Queue: Samuel Groß <saelo@chromium.org>
      Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81636}
      8a59678b
  2. 08 Jul, 2022 1 commit
  3. 07 Jul, 2022 1 commit
  4. 06 Jul, 2022 2 commits
    • Leszek Swirski's avatar
      [maglev] Add a maglev-specific safepoint mechanism · 76356780
      Leszek Swirski authored
      Maglev groups all its tagged spill slots together, and the number of
      them doesn't change. This means that the generality of the existing
      safepoint mechanism is massive overkill for maglev code.
      
      This patch adds a maglev-specific safepoint table, which is the
      safepoint of a code object if-and-only-if that code object has maglev
      code. This safepoint stores the number of tagged and untagged slots
      once, globally, and individual entries are just used for deopts and for
      storing the state of pushed registers (this is currently unused, but
      will be used in the future for pushing registers in deferred calls).
      
      Bug: v8:7700
      Change-Id: I15f84a6e957357825e84e33238f8a36f2e0b3012
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747858
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81564}
      76356780
    • Michael Achenbach's avatar
      [build] Silence gcc warnings on coverage bot. · 6639962a
      Michael Achenbach authored
      GCC warnings are already treated as failures on other bots. They don't
      add value on the coverage bot and only block creating reports.
      
      Bug: v8:13005
      Change-Id: I2d55288a4790e8cd508cdb8340265c696e44b671
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3747864Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Auto-Submit: Michael Achenbach <machenbach@chromium.org>
      Commit-Queue: Michael Achenbach <machenbach@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81552}
      6639962a
  5. 05 Jul, 2022 2 commits
    • Jakob Kummerow's avatar
      [wasm] Add FunctionBodyDisassembler · 7890a89d
      Jakob Kummerow authored
      Unused as of this CL; users will follow.
      
      Bug: v8:12917
      Change-Id: I82658ea8a401834a5b3661068766bbdfec54d5a4
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3726214Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81533}
      7890a89d
    • Anton Bikineev's avatar
      Revert "Reland "cppgc: Enable pointer compression by default on Desktop"" · 603ab659
      Anton Bikineev authored
      This reverts commit 111d20bb.
      
      Reason for revert:
      - crashes
      - flaky test failures
      - ubsan errors
      - Speedometer regression
      
      Original change's description:
      > Reland "cppgc: Enable pointer compression by default on Desktop"
      >
      > Reland since ubsan failures were fixed.
      >
      > Original change's description:
      > > Revert "cppgc: Enable pointer compression by default on Desktop"
      > >
      > > This reverts commit 4cf08c1a.
      > >
      > > Reason for revert: broke ubsan.
      > >
      > > Original change's description:
      > > > cppgc: Enable pointer compression by default on Desktop
      > > >
      > > > The CL enables pointer compression in Oilpan.
      > > >
      > > > For sherrifs: the CL may cause some slight perf regressions (likely
      > > > blink_perf.*), due to slightly higher cost of compression and
      > > > decomrpession.
      > > >
      > > > Speedometer2 is not expected to regress, as was checked locally. Such a
      > > > slight performance degradation is compensated by memory savings that are
      > > > expected to be around 10-20% of Oilpan committed size (~2.5-5% of Renderer
      > > > PMF).
      > > >
      > > > Bug: chromium:1325007
      > > > Change-Id: I2e31fc56250dbe6354a7614fa1f9e926260d842b
      > > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695565
      > > > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
      > > > Cr-Commit-Position: refs/heads/main@{#81442}
      > >
      > > Bug: chromium:1325007
      > > Change-Id: Iabc31ed683841ba0189dee9028da330dc03d7e09
      > > No-Presubmit: true
      > > No-Tree-Checks: true
      > > No-Try: true
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735168
      > > Auto-Submit: Anton Bikineev <bikineev@chromium.org>
      > > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      > > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > > Cr-Commit-Position: refs/heads/main@{#81443}
      >
      > Bug: chromium:1325007
      > Change-Id: Ifc8ea0e73e99d9be622e27d3d4c79d0e35fd459c
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735128
      > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      > Cr-Commit-Position: refs/heads/main@{#81486}
      
      Bug: chromium:1325007
      Change-Id: I35d9085b9c39fd212002f098a3a015d0db7504a0
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3743468
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81516}
      603ab659
  6. 01 Jul, 2022 2 commits
    • Jakob Kummerow's avatar
      [wasm][refactor] Move ModuleDecoderImpl to -impl.h · f76486e6
      Jakob Kummerow authored
      Ctrl+X, Ctrl+V. No change in behavior.
      This is a preparational step for templatizing the module decoder
      for disassembler purposes.
      
      Bug: v8:12917
      Change-Id: I08a5d2e666cd16a207e9862b2691446c0473ddb0
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3738221
      Auto-Submit: Jakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarManos Koukoutos <manoskouk@chromium.org>
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81489}
      f76486e6
    • Anton Bikineev's avatar
      Reland "cppgc: Enable pointer compression by default on Desktop" · 111d20bb
      Anton Bikineev authored
      Reland since ubsan failures were fixed.
      
      Original change's description:
      > Revert "cppgc: Enable pointer compression by default on Desktop"
      >
      > This reverts commit 4cf08c1a.
      >
      > Reason for revert: broke ubsan.
      >
      > Original change's description:
      > > cppgc: Enable pointer compression by default on Desktop
      > >
      > > The CL enables pointer compression in Oilpan.
      > >
      > > For sherrifs: the CL may cause some slight perf regressions (likely
      > > blink_perf.*), due to slightly higher cost of compression and
      > > decomrpession.
      > >
      > > Speedometer2 is not expected to regress, as was checked locally. Such a
      > > slight performance degradation is compensated by memory savings that are
      > > expected to be around 10-20% of Oilpan committed size (~2.5-5% of Renderer
      > > PMF).
      > >
      > > Bug: chromium:1325007
      > > Change-Id: I2e31fc56250dbe6354a7614fa1f9e926260d842b
      > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695565
      > > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
      > > Cr-Commit-Position: refs/heads/main@{#81442}
      >
      > Bug: chromium:1325007
      > Change-Id: Iabc31ed683841ba0189dee9028da330dc03d7e09
      > No-Presubmit: true
      > No-Tree-Checks: true
      > No-Try: true
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735168
      > Auto-Submit: Anton Bikineev <bikineev@chromium.org>
      > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#81443}
      
      Bug: chromium:1325007
      Change-Id: Ifc8ea0e73e99d9be622e27d3d4c79d0e35fd459c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735128
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Cr-Commit-Position: refs/heads/main@{#81486}
      111d20bb
  7. 30 Jun, 2022 1 commit
  8. 29 Jun, 2022 3 commits
    • Jakob Kummerow's avatar
      [wasm] Introduce NamesProvider · 9983fda8
      Jakob Kummerow authored
      NamesProvider class:
      This consolidates logic used so far for the debugger interface.
      It also adds support for the "extended name section" proposal:
      https://github.com/WebAssembly/extended-name-section
      
      StringBuilder class:
      Like std::ostringstream, but 4x faster for this use case.
      
      This lays the groundwork for an updated Wasm disassembler.
      
      Bug: v8:12917
      Change-Id: I98aa258147834bc0e314ba98c5927b4cd6070b8f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3720714Reviewed-by: 's avatarPhilip Pfaffe <pfaffe@chromium.org>
      Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81446}
      9983fda8
    • Anton Bikineev's avatar
      Revert "cppgc: Enable pointer compression by default on Desktop" · cf92762b
      Anton Bikineev authored
      This reverts commit 4cf08c1a.
      
      Reason for revert: broke ubsan.
      
      Original change's description:
      > cppgc: Enable pointer compression by default on Desktop
      >
      > The CL enables pointer compression in Oilpan.
      >
      > For sherrifs: the CL may cause some slight perf regressions (likely
      > blink_perf.*), due to slightly higher cost of compression and
      > decomrpession.
      >
      > Speedometer2 is not expected to regress, as was checked locally. Such a
      > slight performance degradation is compensated by memory savings that are
      > expected to be around 10-20% of Oilpan committed size (~2.5-5% of Renderer
      > PMF).
      >
      > Bug: chromium:1325007
      > Change-Id: I2e31fc56250dbe6354a7614fa1f9e926260d842b
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695565
      > Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
      > Cr-Commit-Position: refs/heads/main@{#81442}
      
      Bug: chromium:1325007
      Change-Id: Iabc31ed683841ba0189dee9028da330dc03d7e09
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3735168
      Auto-Submit: Anton Bikineev <bikineev@chromium.org>
      Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81443}
      cf92762b
    • Anton Bikineev's avatar
      cppgc: Enable pointer compression by default on Desktop · 4cf08c1a
      Anton Bikineev authored
      The CL enables pointer compression in Oilpan.
      
      For sherrifs: the CL may cause some slight perf regressions (likely
      blink_perf.*), due to slightly higher cost of compression and
      decomrpession.
      
      Speedometer2 is not expected to regress, as was checked locally. Such a
      slight performance degradation is compensated by memory savings that are
      expected to be around 10-20% of Oilpan committed size (~2.5-5% of Renderer
      PMF).
      
      Bug: chromium:1325007
      Change-Id: I2e31fc56250dbe6354a7614fa1f9e926260d842b
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3695565
      Commit-Queue: Anton Bikineev <bikineev@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#81442}
      4cf08c1a
  9. 27 Jun, 2022 1 commit
  10. 24 Jun, 2022 1 commit
  11. 22 Jun, 2022 2 commits
  12. 21 Jun, 2022 2 commits
  13. 20 Jun, 2022 1 commit
  14. 17 Jun, 2022 1 commit
  15. 16 Jun, 2022 1 commit
  16. 15 Jun, 2022 1 commit
  17. 14 Jun, 2022 1 commit
  18. 13 Jun, 2022 1 commit
  19. 10 Jun, 2022 1 commit
  20. 09 Jun, 2022 2 commits
  21. 08 Jun, 2022 2 commits
  22. 03 Jun, 2022 1 commit
  23. 02 Jun, 2022 2 commits
    • Clemens Backes's avatar
      [flags] Refactor MaybeBoolFlag to use base::Optional · 22b4ab86
      Clemens Backes authored
      Use the existing {base::Optional} instead of the extra {MaybeBoolFlag}
      struct. This makes writing to a maybe-flag simpler because you just
      write a boolean value and that automatically initializes the optional.
      
      R=cbruni@chromium.org
      
      Bug: v8:12887
      Change-Id: I940d20286d65ba4355dc04b4b6068a306706f295
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3686412Reviewed-by: 's avatarCamillo Bruni <cbruni@chromium.org>
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80915}
      22b4ab86
    • Manos Koukoutos's avatar
      [wasm-gc][turbofan] Implement typing phase · aee0ec97
      Manos Koukoutos authored
      We introduce a typing phase into the Turbofan compilation pipeline for
      wasm-gc. It has two functionalities: (1) to type nodes that were not
      typed during code generation (mainly phi nodes) and (2) to narrow types
      as much as possible.
      The following nodes are handled, which should be enough for our
      purposes: TypeGuard, WasmTypeCast, AssertNotNull, Phi, LoadFromObject,
      and LoadImmutableFromObject.
      Loop phi types are computed by first assigning the type of the
      non-recursive input, and updating once we have the type of the recursive
      inputs, and repeating this process to a fixed point.
      
      Drive-by: Remove the narrowing of function signatures during wasm
      inlining, as it created some issues and should not be needed after this
      series of changes.
      
      Bug: v8:7748
      Change-Id: I8a72488d5c221c4ae8257fc5abf6f0368cf10e96
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3678208
      Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
      Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Cr-Commit-Position: refs/heads/main@{#80912}
      aee0ec97
  24. 01 Jun, 2022 2 commits
  25. 31 May, 2022 3 commits
  26. 30 May, 2022 1 commit
  27. 28 May, 2022 1 commit