1. 01 May, 2018 1 commit
    • Kenton Varda's avatar
      Cleanup: Move thread_data_table_ to end of Isolate class. · 5a9b1d5b
      Kenton Varda authored
      In b49206de I changed thread_data_table_ and thread_data_table_mutex_ from
      static members to regular class member variables. To do this, I only deleted
      the `static` keyword and left the declarations where they were. This was a
      little odd in that all of the dynamic class members are declared together in
      one place, but now these two new members weren't next to the rest. Making it
      a little bit weirder is the fact that these two new members actually ended up
      being the first members of the class, since the exsiting dynamic members were
      declared later.
      
      This change merely moves these two members down to the end of the dynamic
      member variable list, where they probably should have gone.
      
      Bug: chromium:837477
      
      Change-Id: If993935cc56c8026bb7331493ed657c42ba06ac7
      Reviewed-on: https://chromium-review.googlesource.com/1036478Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Yang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52902}
      5a9b1d5b
  2. 26 Apr, 2018 4 commits
  3. 25 Apr, 2018 1 commit
  4. 24 Apr, 2018 1 commit
    • Kenton Varda's avatar
      ThreadDataTable: Change global linked list to per-Isolate hash map. · b49206de
      Kenton Varda authored
      For use cases with a large number of threads or a large number of isolates (or
      both), ThreadDataTable can be a major performance bottleneck due to O(n)
      lookup time of the linked list. Switching to a hash map reduces this to O(1).
      
      Example 1: Sandstorm.io, a Node.js app that utilizes "fibers", was observed
      spending the majority of CPU time iterating over the ThreadDataTable.
      See: https://sandstorm.io/news/2016-09-30-fiber-bomb-debugging-story
      
      Example 2: Cloudflare's Workers engine, a high-multi-tenancy web server
      framework built on V8 (but not Node), creates large numbers of threads and
      isolates per-process. It saw a 34x improvement in throughput when we applied
      this patch.
      
      Cloudflare has been using a patch in production since the Workers launch which
      replaces the linked list with a hash map -- but still global.
      
      This commit builds on that but goes further and creates a separate hash map
      and mutex for each isolate, with the table being a member of the Isolate
      class. This avoids any globals and should reduce lock contention.
      
      Bug: v8:5338
      Change-Id: If0d11509afb2e043b888c376e36d3463db931b47
      Reviewed-on: https://chromium-review.googlesource.com/1014407Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Yang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52753}
      b49206de
  5. 23 Apr, 2018 5 commits
    • Alexey Kozyatinskiy's avatar
      [runtime] implemented SafeForInterruptsScope · d3f6c647
      Alexey Kozyatinskiy authored
      This CL introduced SafeForInterruptsScope. This scope overrides
      outer PostponeInterruptsScopes:
      - reschedule postponed interrupts if needed,
      - allow requesting new interrupts.
      As soon as scope removed interrupts are posponed if needed.
      
      This scope will be:
      - used to allow inspector to interrupt and terminate
        DebugeEvaluate::Local,
      - exposed with new flag on Isolate to implement SafeForTerminationScope
        in blink.
      
      R=yangguo@chromium.org
      
      Bug: chromium:820640
      Change-Id: I15befc10c2cee393d1e3be48cecb31ee14dae638
      Reviewed-on: https://chromium-review.googlesource.com/1022969
      Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52743}
      d3f6c647
    • Sigurd Schneider's avatar
      Reland "[builtins] Separate species protectors for Array, TypedArray, Promise" · 30be4797
      Sigurd Schneider authored
      This is a reland of 5728b3fb
      
      Original change's description:
      > [builtins] Separate species protectors for Array, TypedArray, Promise
      > 
      > Previously, there was one species protector for Array, TypedArray and
      > Promise. This CL splits the protector in three separate ones. This means
      > that invalidating one of them does not have negative performance
      > implications for the other ones.
      > 
      > Bug: chromium:835347, v8:7340
      > Change-Id: Id84aa0071f17096192965264eb60ddadd1e8e73f
      > Reviewed-on: https://chromium-review.googlesource.com/1023408
      > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52733}
      
      Bug: chromium:835347, v8:7340
      Change-Id: I0c0188a0723e206ddb362834bcf872b23cd7666d
      Reviewed-on: https://chromium-review.googlesource.com/1023811
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52742}
      30be4797
    • Sigurd Schneider's avatar
      Revert "[builtins] Separate species protectors for Array, TypedArray, Promise" · 75e28234
      Sigurd Schneider authored
      This reverts commit 5728b3fb.
      
      Reason for revert: Breaks noi18n build
      
      Original change's description:
      > [builtins] Separate species protectors for Array, TypedArray, Promise
      > 
      > Previously, there was one species protector for Array, TypedArray and
      > Promise. This CL splits the protector in three separate ones. This means
      > that invalidating one of them does not have negative performance
      > implications for the other ones.
      > 
      > Bug: chromium:835347, v8:7340
      > Change-Id: Id84aa0071f17096192965264eb60ddadd1e8e73f
      > Reviewed-on: https://chromium-review.googlesource.com/1023408
      > Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52733}
      
      TBR=sigurds@chromium.org,bmeurer@chromium.org
      
      Change-Id: Ied8b436e7991c759eb3b98702c142aa127a7e63c
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:835347, v8:7340
      Reviewed-on: https://chromium-review.googlesource.com/1024151Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52736}
      75e28234
    • Sigurd Schneider's avatar
      [builtins] Separate species protectors for Array, TypedArray, Promise · 5728b3fb
      Sigurd Schneider authored
      Previously, there was one species protector for Array, TypedArray and
      Promise. This CL splits the protector in three separate ones. This means
      that invalidating one of them does not have negative performance
      implications for the other ones.
      
      Bug: chromium:835347, v8:7340
      Change-Id: Id84aa0071f17096192965264eb60ddadd1e8e73f
      Reviewed-on: https://chromium-review.googlesource.com/1023408
      Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52733}
      5728b3fb
    • Andreas Haas's avatar
      [api] Split isolate allocation and initialization · 5c9b30ae
      Andreas Haas authored
      At the moment, the isolate is allocated and initialized in a single
      step. This has the downside that the platform cannot register the
      isolate before the isolate gets initialized, and therefore the platform
      is not available for the isolate during initialization. With this CL we
      register the uninitialized isolate on the platform and initialize the
      isolate after that.
      
      This change is needed to allow the creation of task runners already
      during the initialization of the isolate.
      
      The related chromium CL: https://crrev.com/c/1015020
      
      R=yangguo@chromium.org
      
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
      Change-Id: I52e89388a757f2693d1a800e7aa7701aa0080795
      Reviewed-on: https://chromium-review.googlesource.com/1014044Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Andreas Haas <ahaas@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52731}
      5c9b30ae
  6. 17 Apr, 2018 1 commit
  7. 16 Apr, 2018 1 commit
    • Dan Elphick's avatar
      [ubsan] Make Isolate inherit from Factory · 5ed349d6
      Dan Elphick authored
      Previously Isolate and Factory relied on the undefined behavior of
      reinterpret_cast to switch between the two unrelated classes (which worked
      because Factory had no data members).
      
      With Isolate inheriting from Factory, it's now possible to switch between the
      two classes using c-style casts. These are allowed under the C++ standard.
      
      The inheritance is private which allows the continuing separation of the
      Factory and Isolate namespaces.
      
      This is a defensive clean-up, since ubsan does not yet detect the previous
      undefined behavior.
      
      Bug: v8:3770
      Change-Id: I0ccf09f1d34f747550812ce698ab7e182812409e
      Reviewed-on: https://chromium-review.googlesource.com/1010122Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Commit-Queue: Dan Elphick <delphick@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52615}
      5ed349d6
  8. 11 Apr, 2018 1 commit
  9. 09 Apr, 2018 1 commit
  10. 05 Apr, 2018 1 commit
    • Alexey Kozyatinskiy's avatar
      Reland "[debug] introduced runtime side effect check" · 71018812
      Alexey Kozyatinskiy authored
      This is a reland of 7a2c3713
      
      Original change's description:
      > [debug] introduced runtime side effect check
      > 
      > This CL demonstrates minimum valuable addition to existing debug evaluate
      > without side effects mechanism.
      > With this CL user can evaluate expressions like:
      > [a,b] // create any kind of temporary array literals
      > [a,b].reduce((x,y) => x + y, 0); // use reduce method
      > [1,2,3].fill(2); // change temporary arrays
      > 
      > The core idea: any change of the object created during evaluation without
      > side effects is side effect free. As soon as we try to store this temporary
      > object to object existed before evaluation we will terminate execution.
      > 
      > Implementation:
      > - track all objects allocated during evaluation and mark them as temporary,
      > - patch all bytecodes which change objects.
      > 
      > A little more details (including performance analysis): [1].
      > 
      > [1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
      > 
      > Bug: v8:7588
      > Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
      > Reviewed-on: https://chromium-review.googlesource.com/972615
      > Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52370}
      
      Bug: v8:7588
      Change-Id: Ibc92bf19155f2ddaedae39b0c576b994e84afcf8
      Reviewed-on: https://chromium-review.googlesource.com/996760Reviewed-by: 's avatarAleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52373}
      71018812
  11. 04 Apr, 2018 2 commits
    • Aleksey Kozyatinskiy's avatar
      Revert "[debug] introduced runtime side effect check" · 539a2443
      Aleksey Kozyatinskiy authored
      This reverts commit 7a2c3713.
      
      Reason for revert: msan is broken
      
      Original change's description:
      > [debug] introduced runtime side effect check
      > 
      > This CL demonstrates minimum valuable addition to existing debug evaluate
      > without side effects mechanism.
      > With this CL user can evaluate expressions like:
      > [a,b] // create any kind of temporary array literals
      > [a,b].reduce((x,y) => x + y, 0); // use reduce method
      > [1,2,3].fill(2); // change temporary arrays
      > 
      > The core idea: any change of the object created during evaluation without
      > side effects is side effect free. As soon as we try to store this temporary
      > object to object existed before evaluation we will terminate execution.
      > 
      > Implementation:
      > - track all objects allocated during evaluation and mark them as temporary,
      > - patch all bytecodes which change objects.
      > 
      > A little more details (including performance analysis): [1].
      > 
      > [1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
      > 
      > Bug: v8:7588
      > Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
      > Reviewed-on: https://chromium-review.googlesource.com/972615
      > Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52370}
      
      TBR=ulan@chromium.org,rmcilroy@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org,leszeks@chromium.org
      
      Change-Id: Ied1739c6308b13a4981189e0999f5912316cf456
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7588
      Reviewed-on: https://chromium-review.googlesource.com/996135Reviewed-by: 's avatarAleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52371}
      539a2443
    • Alexey Kozyatinskiy's avatar
      [debug] introduced runtime side effect check · 7a2c3713
      Alexey Kozyatinskiy authored
      This CL demonstrates minimum valuable addition to existing debug evaluate
      without side effects mechanism.
      With this CL user can evaluate expressions like:
      [a,b] // create any kind of temporary array literals
      [a,b].reduce((x,y) => x + y, 0); // use reduce method
      [1,2,3].fill(2); // change temporary arrays
      
      The core idea: any change of the object created during evaluation without
      side effects is side effect free. As soon as we try to store this temporary
      object to object existed before evaluation we will terminate execution.
      
      Implementation:
      - track all objects allocated during evaluation and mark them as temporary,
      - patch all bytecodes which change objects.
      
      A little more details (including performance analysis): [1].
      
      [1] https://docs.google.com/document/d/10qqAtZADspPnpYa6SEdYRxrddfKIZJIzbLtGpsZQkRo/edit#
      
      Bug: v8:7588
      Change-Id: I69f7b96e1ebd7ad0022219e8213211c7be72a111
      Reviewed-on: https://chromium-review.googlesource.com/972615
      Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52370}
      7a2c3713
  12. 27 Mar, 2018 1 commit
    • Ulan Degenbaev's avatar
      [heap,api] Introduce near-heap-limit callbacks. · 84a80e10
      Ulan Degenbaev authored
      The embedder can get notification when V8 heap size approaches the heap limit
      and can extend the heap limit if needed using
      - v8::Isolate::AddNearHeapLimitCallback
      - v8::Isolate::RemoveNearHeapLimitCallback
      
      This generalizes the exiting v8::debug::SetOutOfMemoryCallback API.
      
      Bug: chromium:824214
      
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
      Change-Id: Ia444cb7efb6fe85c57fa3785e8fd1d8b654a5224
      Reviewed-on: https://chromium-review.googlesource.com/979447
      Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52238}
      84a80e10
  13. 26 Mar, 2018 2 commits
  14. 22 Mar, 2018 1 commit
    • jgruber's avatar
      Reland "[builtins] Load external references from the external-reference-table" · 0031724f
      jgruber authored
      This is a reland of 9afde91b
      
      Original change's description:
      > [builtins] Load external references from the external-reference-table
      >
      > Off-heap code cannot embed external references. With this CL, we load
      > from the external reference table (reached through the root pointer)
      > instead.
      >
      > In a follow-up, the table could be stored within the isolate itself,
      > removing one more level of indirection.
      >
      > Bug: v8:6666
      > Change-Id: I4c612ad3d4112ec03c3b389f5bfb9cdc3dc8a671
      > Reviewed-on: https://chromium-review.googlesource.com/970468
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52073}
      
      TBR=mstarzinger@chromium.org
      
      Bug: v8:6666, v8:7580
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng
      Change-Id: I30639fe17ea345119d38a176a29d521c4b1904cb
      Reviewed-on: https://chromium-review.googlesource.com/975241
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52141}
      0031724f
  15. 21 Mar, 2018 2 commits
    • Jakob Gruber's avatar
      Revert "Reland "[builtins] Load external references from the external-reference-table"" · 8aa3a373
      Jakob Gruber authored
      This reverts commit f8184738.
      
      Reason for revert: arm is still unhappy https://build.chromium.org/p/client.v8.ports/builders/V8%20Arm%20GC%20Stress/builds/6633
      
      Original change's description:
      > Reland "[builtins] Load external references from the external-reference-table"
      > 
      > This is a reland of 9afde91b
      > 
      > Original change's description:
      > > [builtins] Load external references from the external-reference-table
      > >
      > > Off-heap code cannot embed external references. With this CL, we load
      > > from the external reference table (reached through the root pointer)
      > > instead.
      > >
      > > In a follow-up, the table could be stored within the isolate itself,
      > > removing one more level of indirection.
      > >
      > > Bug: v8:6666
      > > Change-Id: I4c612ad3d4112ec03c3b389f5bfb9cdc3dc8a671
      > > Reviewed-on: https://chromium-review.googlesource.com/970468
      > > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#52073}
      > 
      > TBR=mstarzinger@chromium.org
      > 
      > Bug: v8:6666, v8:7580
      > Change-Id: I163cfc15605c1183b79ead77df0e37d71d60b6f7
      > Reviewed-on: https://chromium-review.googlesource.com/972821
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52118}
      
      TBR=yangguo@chromium.org,mstarzinger@chromium.org,jgruber@chromium.org
      
      Change-Id: I5bcd1a1c84c6e9a6a24364390c9359d43c77120d
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:6666, v8:7580
      Reviewed-on: https://chromium-review.googlesource.com/973782Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52121}
      8aa3a373
    • jgruber's avatar
      Reland "[builtins] Load external references from the external-reference-table" · f8184738
      jgruber authored
      This is a reland of 9afde91b
      
      Original change's description:
      > [builtins] Load external references from the external-reference-table
      >
      > Off-heap code cannot embed external references. With this CL, we load
      > from the external reference table (reached through the root pointer)
      > instead.
      >
      > In a follow-up, the table could be stored within the isolate itself,
      > removing one more level of indirection.
      >
      > Bug: v8:6666
      > Change-Id: I4c612ad3d4112ec03c3b389f5bfb9cdc3dc8a671
      > Reviewed-on: https://chromium-review.googlesource.com/970468
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#52073}
      
      TBR=mstarzinger@chromium.org
      
      Bug: v8:6666, v8:7580
      Change-Id: I163cfc15605c1183b79ead77df0e37d71d60b6f7
      Reviewed-on: https://chromium-review.googlesource.com/972821
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52118}
      f8184738
  16. 20 Mar, 2018 2 commits
  17. 19 Mar, 2018 4 commits
    • Yang Guo's avatar
      Fix termination within microtasks. · a21d0552
      Yang Guo authored
      Bug: v8:7552
      Change-Id: I6bee9de640bae67e005fc174ea53875d79afc1ba
      Reviewed-on: https://chromium-review.googlesource.com/964281
      Commit-Queue: Yang Guo <yangguo@chromium.org>
      Reviewed-by: 's avatarAdam Klein <adamk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52037}
      a21d0552
    • Benedikt Meurer's avatar
      [async-generators] Add fast-path to skip "then" lookup in AsyncGeneratorResolve. · c15802e1
      Benedikt Meurer authored
      This extends the Promise#then protector to also guard the intrinsic
      %ObjectPrototype%, making it usable for fast-path logic in the
      AsyncGeneratorResolve operation, where we can skip the "then" lookup
      on the iteratorResult in that case. We also add a corresponding fast-
      path to the ResolvePromise builtin itself, which avoids the second
      "then" lookup on the async iterator side.
      
      This reduces execution time of the fibonacci-async-es2017-native test
      from 186.9ms to 171.2ms, which corresponds to an improvement of 8.4%
      in this case.
      
      Bug: v8:7253
      Change-Id: Ia09effc81a016703780d5c308f541e3d797ccabe
      Reviewed-on: https://chromium-review.googlesource.com/967203Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52024}
      c15802e1
    • jgruber's avatar
      Reland "[builtins] Remove off-heap builtins from the snapshot" · fd70917d
      jgruber authored
      This is a reland of f1b1ec70
      
      Original change's description:
      > [builtins] Remove off-heap builtins from the snapshot
      >
      > This CL is the final major step towards shipping off-heap-safe builtins
      > embedded into the binary.
      >
      > Prior to snapshot serialization, we now:
      > * create the embedded blob containing off-heap instruction streams,
      > * use that to generate embedded.cc (containing embedded binary data),
      > * replace off-heap-safe builtins with trampolines,
      > * and serialize those into the final snapshot.
      >
      > The new RelocInfo::OFF_HEAP_TARGET kind is used to fix up trampoline
      > targets on deserialization.
      >
      > Bug: v8:6666
      > Change-Id: Ib07aea9e3bd7ecdec42291c1388b3a7453ea96ce
      > Reviewed-on: https://chromium-review.googlesource.com/950775
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51960}
      
      TBR=yangguo@chromium.org,mstarzinger@chromium.org
      
      Cq-Include-Trybots: luci.v8.try:v8_mac64_dbg,v8_mac64_rel
      Bug: v8:6666
      Change-Id: Id9954af3c8195754ff3658c4603858904fcf88c4
      Reviewed-on: https://chromium-review.googlesource.com/964481
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52006}
      fd70917d
    • Alexey Kozyatinskiy's avatar
      Reland "[inspector] added Runtime.terminateExecution" · 97fc20f3
      Alexey Kozyatinskiy authored
      This is a reland of 14824520
      
      Original change's description:
      > [inspector] added Runtime.terminateExecution
      >
      > Runtime.terminateExecution terminates current or next JavaScript
      > call. Termination flag is automatically reset as soon as v8 call
      > or microtasks are completed.
      >
      > R=pfeldman@chromium.org
      >
      > Bug: chromium:820640
      > Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
      > Change-Id: Ie21c123be3a61fe25cf6e04c38a8b6c664622ed7
      > Reviewed-on: https://chromium-review.googlesource.com/957386
      > Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      > Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51912}
      
      Bug: chromium:820640
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.blink:linux_trusty_blink_rel
      Change-Id: I6dd30f65c06c2b7eefd1e7beb9a3cf50ea5bf8cd
      Reviewed-on: https://chromium-review.googlesource.com/967323
      Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Reviewed-by: 's avatarAleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#52004}
      97fc20f3
  18. 15 Mar, 2018 2 commits
  19. 09 Mar, 2018 3 commits
    • jgruber's avatar
      Reland "[builtins] Execute binary-embedded builtin code" · 5025e415
      jgruber authored
      This is a reland of 6afd25ff
      
      Original change's description:
      > [builtins] Execute binary-embedded builtin code
      >
      > This CL creates trampolines into binary-embedded builtins on
      > isolate-creation, if --stress-off-heap-code is passed.
      >
      > Note that this still overwrites existing code objects with the
      > off-heap trampoline, and that off-heap builtins still exist both in
      > the snapshot and the binary. Addressing these points are the next
      > steps.
      >
      > Drive-by-change: More efficient off-heap code lookups now that the
      > off-heap memory area has a contiguous and static layout.
      >
      > Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
      > Bug: v8:6666
      > Change-Id: I7e7ef0aa2cd7b8184ae3a13fa02bdcbb4f2c9f86
      > Reviewed-on: https://chromium-review.googlesource.com/947969
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51809}
      
      TBR=mstarzinger@chromium.org
      
      Bug: v8:6666
      Change-Id: I4e0684de90733e5f18f6f0ea4832e327d03dfbf7
      Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/955595Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51835}
      5025e415
    • jgruber's avatar
      Reland "[builtins] Embed builtins into the binary" · e6476f89
      jgruber authored
      This is a reland of 491d5a81
      
      Original change's description:
      > [builtins] Embed builtins into the binary
      >
      > This embeds code for off-heap-safe builtins into the binary. Actual
      > execution of embedded code is not implemented yet.
      >
      > The embedded file has the following format:
      >
      > namespace v8 {
      > namespace internal {
      >
      > namespace {
      >
      > V8_EMBEDDED_TEXT_HEADER(v8_embedded_blob_)
      > __asm__( /* builtin offsets and lengths */ );
      > __asm__(V8_ASM_LABEL("Builtins_RecordWrite"));
      > __asm__( /* binary instruction stream */ );
      > /* Repeat for other builtins. */
      >
      > extern "C" const uint8_t v8_embedded_blob_[];
      > static const uint32_t v8_embedded_blob_size_ = /* size in bytes */;
      >
      > }  // namespace
      >
      > const uint8_t* DefaultEmbeddedBlob() { return v8_embedded_blob_; }
      > uint32_t DefaultEmbeddedBlobSize() { return v8_embedded_blob_size_; }
      >
      > }  // namespace internal
      > }  // namespace v8
      >
      > Bug: v8:6666
      > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng
      > Change-Id: Ic989f01da69ebe2863f31d934bfbe2c5d6e80864
      > Reviewed-on: https://chromium-review.googlesource.com/946011
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51759}
      
      TBR=yangguo@chromium.org
      
      Bug: v8:6666
      Change-Id: I89b0498f22b4ce573723748d55d86a82ba285a88
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/957024Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Reviewed-by: 's avatarMichael Achenbach <machenbach@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51832}
      e6476f89
    • Jakob Gruber's avatar
      Revert "Reland "[builtins] Embed builtins into the binary"" · 481aa56d
      Jakob Gruber authored
      This reverts commit 36b32aa2.
      
      Reason for revert: https://build.chromium.org/p/client.v8.fyi/builders/Win%20V8%20FYI%20Release%20%28NVIDIA%29/builds/208
      
      Original change's description:
      > Reland "[builtins] Embed builtins into the binary"
      > 
      > This is a reland of 491d5a81
      > 
      > Original change's description:
      > > [builtins] Embed builtins into the binary
      > >
      > > This embeds code for off-heap-safe builtins into the binary. Actual
      > > execution of embedded code is not implemented yet.
      > >
      > > The embedded file has the following format:
      > >
      > > namespace v8 {
      > > namespace internal {
      > >
      > > namespace {
      > >
      > > V8_EMBEDDED_TEXT_HEADER(v8_embedded_blob_)
      > > __asm__( /* builtin offsets and lengths */ );
      > > __asm__(V8_ASM_LABEL("Builtins_RecordWrite"));
      > > __asm__( /* binary instruction stream */ );
      > > /* Repeat for other builtins. */
      > >
      > > extern "C" const uint8_t v8_embedded_blob_[];
      > > static const uint32_t v8_embedded_blob_size_ = /* size in bytes */;
      > >
      > > }  // namespace
      > >
      > > const uint8_t* DefaultEmbeddedBlob() { return v8_embedded_blob_; }
      > > uint32_t DefaultEmbeddedBlobSize() { return v8_embedded_blob_size_; }
      > >
      > > }  // namespace internal
      > > }  // namespace v8
      > >
      > > Bug: v8:6666
      > > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng
      > > Change-Id: Ic989f01da69ebe2863f31d934bfbe2c5d6e80864
      > > Reviewed-on: https://chromium-review.googlesource.com/946011
      > > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > > Cr-Commit-Position: refs/heads/master@{#51759}
      > 
      > TBR=yangguo@chromium.org
      > 
      > Bug: v8:6666
      > Change-Id: I741554cb080b6811dfbcb0913c6e1594e74c0432
      > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng
      > Reviewed-on: https://chromium-review.googlesource.com/955084
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51804}
      
      TBR=yangguo@chromium.org,jgruber@chromium.org
      
      Change-Id: I0e21f958f18b0e4d7edebece5e4a2a3ea094cdd3
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:6666
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/956185Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51828}
      481aa56d
  20. 08 Mar, 2018 4 commits
    • Jakob Gruber's avatar
      Revert "[builtins] Execute binary-embedded builtin code" · d4c4345e
      Jakob Gruber authored
      This reverts commit 6afd25ff.
      
      Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug%20-%20fyi/builds/1437
      
      Original change's description:
      > [builtins] Execute binary-embedded builtin code
      > 
      > This CL creates trampolines into binary-embedded builtins on
      > isolate-creation, if --stress-off-heap-code is passed.
      > 
      > Note that this still overwrites existing code objects with the
      > off-heap trampoline, and that off-heap builtins still exist both in
      > the snapshot and the binary. Addressing these points are the next
      > steps.
      > 
      > Drive-by-change: More efficient off-heap code lookups now that the
      > off-heap memory area has a contiguous and static layout.
      > 
      > Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
      > Bug: v8:6666
      > Change-Id: I7e7ef0aa2cd7b8184ae3a13fa02bdcbb4f2c9f86
      > Reviewed-on: https://chromium-review.googlesource.com/947969
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51809}
      
      TBR=mstarzinger@chromium.org,jgruber@chromium.org
      
      Change-Id: I18276541b468b9d2b2a1366ccd287822e96b6df7
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:6666
      Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/956042Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51816}
      d4c4345e
    • Benedikt Meurer's avatar
      [builtins] Add fast-path for the Promise.resolve lookup. · e122fc45
      Benedikt Meurer authored
      This adds a global protector to guard the lookup of "resolve" on the
      %Promise% intrinsic object (the initial Promise constructor), making
      sure that Promise.resolve yields the initial builtin method. We use
      this protector to avoid the lookup of "resolve" all the time inside
      of Promise.all and Promise.race, when called with constructor being
      the %Promise% intrinsic object.
      
      This improves the performance on the parallel-async-es2017-native
      benchmark by roughly 2-3%.
      
      Bug: v8:7253
      Change-Id: Ida93b88afbaeae61f17be4cd30ea6a78b4267cea
      Reviewed-on: https://chromium-review.googlesource.com/955564Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51810}
      e122fc45
    • jgruber's avatar
      [builtins] Execute binary-embedded builtin code · 6afd25ff
      jgruber authored
      This CL creates trampolines into binary-embedded builtins on
      isolate-creation, if --stress-off-heap-code is passed.
      
      Note that this still overwrites existing code objects with the
      off-heap trampoline, and that off-heap builtins still exist both in
      the snapshot and the binary. Addressing these points are the next
      steps.
      
      Drive-by-change: More efficient off-heap code lookups now that the
      off-heap memory area has a contiguous and static layout.
      
      Cq-Include-Trybots: luci.v8.try:v8_linux64_fyi_rel_ng
      Bug: v8:6666
      Change-Id: I7e7ef0aa2cd7b8184ae3a13fa02bdcbb4f2c9f86
      Reviewed-on: https://chromium-review.googlesource.com/947969
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51809}
      6afd25ff
    • jgruber's avatar
      Reland "[builtins] Embed builtins into the binary" · 36b32aa2
      jgruber authored
      This is a reland of 491d5a81
      
      Original change's description:
      > [builtins] Embed builtins into the binary
      >
      > This embeds code for off-heap-safe builtins into the binary. Actual
      > execution of embedded code is not implemented yet.
      >
      > The embedded file has the following format:
      >
      > namespace v8 {
      > namespace internal {
      >
      > namespace {
      >
      > V8_EMBEDDED_TEXT_HEADER(v8_embedded_blob_)
      > __asm__( /* builtin offsets and lengths */ );
      > __asm__(V8_ASM_LABEL("Builtins_RecordWrite"));
      > __asm__( /* binary instruction stream */ );
      > /* Repeat for other builtins. */
      >
      > extern "C" const uint8_t v8_embedded_blob_[];
      > static const uint32_t v8_embedded_blob_size_ = /* size in bytes */;
      >
      > }  // namespace
      >
      > const uint8_t* DefaultEmbeddedBlob() { return v8_embedded_blob_; }
      > uint32_t DefaultEmbeddedBlobSize() { return v8_embedded_blob_size_; }
      >
      > }  // namespace internal
      > }  // namespace v8
      >
      > Bug: v8:6666
      > Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng
      > Change-Id: Ic989f01da69ebe2863f31d934bfbe2c5d6e80864
      > Reviewed-on: https://chromium-review.googlesource.com/946011
      > Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Yang Guo <yangguo@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51759}
      
      TBR=yangguo@chromium.org
      
      Bug: v8:6666
      Change-Id: I741554cb080b6811dfbcb0913c6e1594e74c0432
      Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux64_fyi_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/955084Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51804}
      36b32aa2