This is a reland of f942f656dc
Changes: Change the order of initialization for wasm continuations to
ensure object integrity if a GC happens during allocation. Also add
missing handles.
Original change's description:
> Reland "[wasm] Resume suspender on resolved promise"
>
> This is a reland of a865d16bc2
>
> Changes:
> - Make the next ID atomic
> - Leave more space for runtime calls in debug mode
>
> Original change's description:
> > [wasm] Resume suspender on resolved promise
> >
> > Implement the WasmResume builtin, which resumes a wasm suspender
> > when the corresponding JS promise resolves.
> >
> > Drive-by 1: Fix detection of empty stacks in the stack frame iterator.
> > Drive-by 2: Add a stack ID for better tracing.
> >
> > R=ahaas@chromium.org
> > CC=fgm@chromium.org
> >
> > Bug: v8:12191
> > Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827
> > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> > Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#78842}
>
> Bug: v8:12191
> Change-Id: I3c231690b27be79a0c00e13043342bb4a3628886
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427203
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78890}
Bug: v8:12191
Change-Id: I0e1362d3a9da1fd8c0d600ad9776ce2fd26c6a52
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3434145
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78922}
Since the equality operator uses the whole encoded bitfield, also the
hash value should use that. Otherwise get get unnecessary hash
collisions, resulting in bad hash table performance (e.g. in the
signature map).
R=manoskouk@chromium.org
Bug: v8:12593
Change-Id: I6f9b8ed1789ee937c90ece15d78b2bf5a3c357a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3435189
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78921}
The methods in explicit_management.h should be called via the public
variants in the subtle namespace. Calling the variants in the internal
namespace directly skips asserts and required size coversions. Doing so
may cause misuse of the api that may break GC inernals
Change-Id: I58a0f324ca1ee0839bb85eb9b53ce57785dc7b91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3435187
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78920}
- Heap-stats was trying to load the map without explicitly passing in
the PtrComprBase causing failures with Code objects in external code
space
- Extend the debugPrint.js tests to run with some more debugging and
testing flags to prevent future regressions
Change-Id: I1f0d03cb31480f316fe533b507ff98fe3befbe8e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3432386
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78919}
This makes the bulk memory operations respect the memory type, i.e.
using i64 values for memory offsets if memory64 is enabled.
The called C functions now expect memory offsets to be passed as
{uintptr_t}, such that we can address any memory on all systems. For
64-bit memories on 32-bit systems, the upper half of the 64-bit value is
checked in compiled code before passing the lower half to the C
function.
Liftoff support turned out to be a bit harder than expected, because we
cannot hold three 64-bit values in registers on ia32 (not enough
registers...). Thus implement that in a follow-up CL.
R=thibaudm@chromium.org
Bug: v8:10949, chromium:1281995
Change-Id: Ie77636145f94cc579d479c4e7c346ba3c682679d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427206
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78918}
Each GC thread needs their own instance of ConcurrentAllocator for
allocation. The LAB is always considered thread-local.
Bug: v8:12582, v8:11708
Change-Id: I39200202ec9fd07fa33b3ababa88e84a1a270778
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429294
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78917}
The {WasmCodeManager::Decommit} method is called for ranges that do not
contain any live code any more. Instead of setting permissions to
{kNoAccess} and discarding the pages, do actually decommit them. The
difference is subtle, but decommitting tries harder to actually free the
underlying physical pages (whereas discarding is more a hint to the
operating system).
After both operations, the memory is not accessible afterwards, so any
further access results in a signal, and thus a crash of the process.
R=jkummerow@chromium.org, mlippautz@chromium.org
Change-Id: Iddeda5c4ed864682c4df589b6ea6e359bf03847a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427459
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78916}
* Map may be forwarded here, so use IsMapOrForwardedMap in DCHECK
* Code didn't expect a slot in the map word.
Bug: v8:12578
Change-Id: I8dd9cd57fb1336e0014812b7a2e35dc209f78a2c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429292
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78915}
Rolling v8/build: a0549e2..5ba6fa4
Rolling v8/buildtools/third_party/libunwind/trunk: d0ad43c..659c7d9
Rolling v8/third_party/depot_tools: 60206c4..fa5989b
Rolling v8/third_party/googletest/src: 4517697..25ad42a
Rolling v8/tools/clang: cb91247..853a56c
Rolling v8/tools/luci-go: git_revision:d46a9c7ad4e38935bbacb01602fc1d09a162884b..git_revision:462d0a9cdbe947cd652fcd0c54f64ebc712858a5
Rolling v8/tools/luci-go: git_revision:d46a9c7ad4e38935bbacb01602fc1d09a162884b..git_revision:462d0a9cdbe947cd652fcd0c54f64ebc712858a5
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I8442c5410c92fd1029cc13bc89dbd75b08fe4f43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3435325
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78913}
This CL adds invalidations for slots that reside in promptly freed or
shrunk storage.
Bug: chromium:1029379
Change-Id: I05e0ede55c202c952b26f452053b8777d1a2ffae
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3431488
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Anton Bikineev <bikineev@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78912}
Conceptually, a full GC cycle completes when the sweeping phase is
finished. As sweeping is performed concurrently, this happens after
Heap::CollectGarbage has returned and, at the latest, before the next
full GC cycle begins. However, an arbitrary number of young GC cycles
may happen in the meantime. Tracing information for the sweeping phase
must be added to the corresponding full GC cycle event. Until now, this
was not done correctly: this information was added to the GCTracer's
current event and could thus be attributed to a subsequent young or full
GC cycle.
This CL introduces methods GCTracer::(Start|Stop)Cycle to delimit a
cycle (still allowing for full GC cycles to be interrupted by young GC
cycles). These methods are different from (Start|Stop)ObservablePause,
which delimit the observable pause of each GC. The events of "pending"
full GC cycles are kept until they are properly amended and reported,
when the sweeping phase is finished.
This is a reland of 4ad20bff97
which was reviewed here: https://crrev.com/3404733
Bug: v8:12503
Bug: chromium:1154636
Change-Id: Icc315b53cff1f3b19b8efe49db34340a5608bcd2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3432211
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78911}
This reverts commit 4ad20bff97.
Reason for revert: New test seems to be failing on TSAN/incremental marking stress (https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20TSAN%20-%20stress-incremental-marking/6346/overview)
Original change's description:
> heap: Fix the tracing of GC cycles
>
> Conceptually, a full GC cycle completes when the sweeping phase is
> finished. As sweeping is performed concurrently, this happens after
> Heap::CollectGarbage has returned and, at the latest, before the next
> full GC cycle begins. However, an arbitrary number of young GC cycles
> may happen in the meantime. Tracing information for the sweeping phase
> must be added to the corresponding full GC cycle event. Until now, this
> was not done correctly: this information was added to the GCTracer's
> current event and could thus be attributed to a subsequent young or full
> GC cycle.
>
> This CL introduces methods GCTracer::(Start|Stop)Cycle to delimit a
> cycle (still allowing for full GC cycles to be interrupted by young GC
> cycles). These methods are different from (Start|Stop)ObservablePause,
> which delimit the observable pause of each GC. The events of "pending"
> full GC cycles are kept until they are properly amended and reported,
> when the sweeping phase is finished.
>
> Bug: chromium:1154636
> Change-Id: I2fbc65d4807c78656d4abc8c451043f6f86211b1
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3404733
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Omer Katz <omerkatz@chromium.org>
> Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78905}
Bug: chromium:1154636
Change-Id: Id6688cfe982f9d8159c66d715b7079782a371bed
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3431489
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78908}
This is the second step towards moving away from sending `url` with
every call frame when emitting the `Debugger.paused` event.
Bug: chromium:1270316, chromium:1271078
Change-Id: Ib4f996024b5200cded155bd8a564d01d36856400
Doc: https://bit.ly/devtools-debugger-callframe-url
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3431485
Auto-Submit: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78906}
Conceptually, a full GC cycle completes when the sweeping phase is
finished. As sweeping is performed concurrently, this happens after
Heap::CollectGarbage has returned and, at the latest, before the next
full GC cycle begins. However, an arbitrary number of young GC cycles
may happen in the meantime. Tracing information for the sweeping phase
must be added to the corresponding full GC cycle event. Until now, this
was not done correctly: this information was added to the GCTracer's
current event and could thus be attributed to a subsequent young or full
GC cycle.
This CL introduces methods GCTracer::(Start|Stop)Cycle to delimit a
cycle (still allowing for full GC cycles to be interrupted by young GC
cycles). These methods are different from (Start|Stop)ObservablePause,
which delimit the observable pause of each GC. The events of "pending"
full GC cycles are kept until they are properly amended and reported,
when the sweeping phase is finished.
Bug: chromium:1154636
Change-Id: I2fbc65d4807c78656d4abc8c451043f6f86211b1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3404733
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78905}
UpdateDispatchTables is the hottest function during Wasm instantiation,
thus dehandlify it, as it does not allocate on the JS heap anyway. This
saves ~20% of instantiation time locally.
R=manoskouk@chromium.org
Bug: v8:12593
Cq-Include-Trybots: luci.v8.try:v8_linux_gc_stress_dbg_ng
Cq-Include-Trybots: luci.v8.try:v8_mac64_gc_stress_dbg_ng
Change-Id: Ifdd3f8fcd2e31950b591b179a62a0d397c41c339
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429205
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78904}
Some of the numeric opcodes have a variadic signature, e.g. table.grow
or table.fill, and soon also the bulk memory opcodes because their
consumed types depend on the memory type.
For those opcodes, remove the signature definition from the opcode macro
lists, because using it might result in bugs.
R=thibaudm@chromium.org
Bug: v8:10949, chromium:1281995
Change-Id: I350e75db7197d97a561f8219cedba5fe85b5c9c9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424494
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78903}
This is a reland of 7ddacd681b
- Allocate JSObject only after the properties are fully deserialized
Original change's description:
> [web snapshot] Dehandlify more parts of the deserializer
>
> - Use Heap::AddGCEpilogueCallback to update often accessed FixedArrays
> in the WebSnapshotDeserializer.
> - ReadValue returns now a raw value to avoid handle creation in more
> cases
> - Drop representation support for now in ReadValue
> - Avoid a few more handles when setting up objects
>
> Bug v8:11525
>
> Change-Id: I6955b56887834bc655bdaa9c390016d9a17db82d
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3416242
> Reviewed-by: Marja Hölttä <marja@chromium.org>
> Commit-Queue: Camillo Bruni <cbruni@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78862}
Change-Id: I2b64e59df02d4d723f76e157aad045f94a22d2b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427202
Auto-Submit: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78902}
The CL does following:
1) Makes sure young generation works and tests pass;
2) Provides CollectGarbageInYoungGenerationForTesting() that is needed
to support remaining tests in Blink;
3) Moved cppgc_enable_young_generation GN flag to v8.gni to refer to it
from Blink;
4) Bails out from marking TracedReferences in UnifiedHeapMarkingState;
5) Disables (temporarily) prompt freeing for young generation;
6) Fixes remembered set visitation for nullptr|kSentinel slots.
Bug: chromium:1029379
Change-Id: I5165fa22c8a0eaa708ef7a35a9978cb12e1cb13e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429202
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Anton Bikineev <bikineev@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78901}
RecordWrite uses callee saved registers, so only the clobbered registers
need to be saved by the caller.
This change gives us a 1% reduction in embedded blob size for arm64.
No change is seen for arm as the STM instruction can store and load
multiple registers.
Change-Id: I8e41da43851e96d3454a01c7093d76f2e0378214
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3406744
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Martyn Capewell <martyn.capewell@arm.com>
Cr-Commit-Position: refs/heads/main@{#78900}
... instead of obj.IsCode() because it's not safe to use the latter
during GC which might have already moved the object.
Bug: v8:11880, chromium:1292688
Change-Id: Idbe973c0b1919a79c6aa66a8f490d952266aa66d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429209
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78898}
Rolling v8/build: 6b20164..a0549e2
Rolling v8/buildtools/third_party/libc++abi/trunk: df43e1b..5b0a8cf
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/1c33cd6..1e084a5
Rolling v8/third_party/depot_tools: 9c2e78d..60206c4
Rolling v8/third_party/googletest/src: 28e1da2..4517697
Rolling v8/tools/clang: b9ea102..cb91247
Rolling v8/tools/luci-go: git_revision:ce8e2e60bf68fb270355d04aaa7ce5e644a049b6..git_revision:d46a9c7ad4e38935bbacb01602fc1d09a162884b
Rolling v8/tools/luci-go: git_revision:ce8e2e60bf68fb270355d04aaa7ce5e644a049b6..git_revision:d46a9c7ad4e38935bbacb01602fc1d09a162884b
R=v8-waterfall-sheriff@grotations.appspotmail.com,mtv-sf-v8-sheriff@grotations.appspotmail.com
Change-Id: I15d6d2055909af6e855251d4624a229451e79e8b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427830
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#78896}
This is a reland of a865d16bc2
Changes:
- Make the next ID atomic
- Leave more space for runtime calls in debug mode
Original change's description:
> [wasm] Resume suspender on resolved promise
>
> Implement the WasmResume builtin, which resumes a wasm suspender
> when the corresponding JS promise resolves.
>
> Drive-by 1: Fix detection of empty stacks in the stack frame iterator.
> Drive-by 2: Add a stack ID for better tracing.
>
> R=ahaas@chromium.org
> CC=fgm@chromium.org
>
> Bug: v8:12191
> Change-Id: Ifa3f00c4259f802292b04d426c739e9b551f87b9
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420827
> Reviewed-by: Andreas Haas <ahaas@chromium.org>
> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
> Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#78842}
Bug: v8:12191
Change-Id: I3c231690b27be79a0c00e13043342bb4a3628886
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427203
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78890}
Port 276355cb9d
Original Commit Message:
The 32-bit value is zero-extended to pointer size, which is a no-op on
32-bit systems. The operation changes nothing about the signedness of
the value, so the old name was a bit misleading.
We also provide one unified no-op implementation for all 32-bit systems.
R=clemensb@chromium.org, joransiu@ca.ibm.com, junyan@redhat.com, midawson@redhat.com
BUG=
LOG=N
Change-Id: Ica443175725f12e44e69ad22e5fe347c56ea6c13
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429208
Reviewed-by: Junliang Yan <junyan@redhat.com>
Commit-Queue: Milad Farazmand <mfarazma@redhat.com>
Cr-Commit-Position: refs/heads/main@{#78889}
We often allocate many of them (six digit numbers), and allocating them
in new space causes a lot of GCs.
This CL makes table initialization more than 30% faster for Photoshop,
which again makes each Wasm instantiation ~20% faster.
R=manoskouk@chromium.org
Bug: v8:12593
Change-Id: Ia913079b6412fa718b55c62681ba23751f3934e3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429204
Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78888}
Previously, when accessing SandboxedPointer fields with the sandbox
disabled, we would always do a ReadUnalignedValue/WriteUnalignedValue.
However, that is only necessary when pointer compression is enabled.
Otherwise, the field will be properly aligned.
This CL also factors out the logic to determine when to use an unaligned
or aligned read/write for a field into two new helper functions.
Bug: chromium:1292669
Change-Id: I2c1af187c5b2699101c3fee9cc551be788d3a845
Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429200
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Samuel Groß <saelo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78887}
- Adds a GN flag to enable the feature
- Adds facets to manifest used by d8/unittests
- Adds some DCHECKS
- Uses zx_handle_t type to avoid global initialization/destructor
Bug: v8:11232
Change-Id: Ibd7766abefbf8c213393cf6365c34f9ff4e6ed7d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3420828
Reviewed-by: Wez <wez@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78886}
This explicitly passes along the break reason when requesting a pause
that is handled via an interrupt. Pushing the break reason is not
enough (as done before), as the reason may be used and consumed on
another pause call that triggers a setPauseOnNextCall.
Fixed: chromium:1292519
Change-Id: If8635c9397a7b9a1e6757be8048c9edc613c27f8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427208
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Kim-Anh Tran <kimanh@chromium.org>
Auto-Submit: Kim-Anh Tran <kimanh@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78885}
The ctors dispatch between atomic and non-atomic writes; there's no
need for a default initializer.
Bug: chromium:1292728
Change-Id: I2b4c3341ee2d2682ba0113c8366456147ebc717e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3429201
Reviewed-by: Anton Bikineev <bikineev@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Auto-Submit: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78884}
This is the 2. CL in a series of CollectGarbage refactoring CLs.
It moves two kinds of callbacks to the epilogue of CollectGarbage:
- Weak second pass phantom callbacks
- GCEpilogueCallbacks
As the prologue callbacks have also been moved outside the GC cycle,
with this CL the need for nesting tracers is eliminated. DCHECKs are
put in place to ensure this.
Bug: v8:12503
Change-Id: I0bc2c0fa0de1b0ffc32b5c648a612c0b3e0e1f3e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3427199
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Nikolaos Papaspyrou <nikolaos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78883}
The 32-bit value is zero-extended to pointer size, which is a no-op on
32-bit systems. The operation changes nothing about the signedness of
the value, so the old name was a bit misleading.
We also provide one unified no-op implementation for all 32-bit systems.
R=thibaudm@chromium.org
Bug: v8:10949, chromium:1281995
Change-Id: Id04641fe793155ea98bf878b6789e4afce3da7df
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424493
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78881}
- This enables a hash table for local names in ScopeInfo.
- Drive by fix iterating local names in FinalizeReparsedClassScope
Bug: v8:12315
Change-Id: I02c22bfdc4f1d91f19f368885fca24b2a577d26e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3422632
Auto-Submit: Victor Gomes <victorgomes@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78876}
If PKU is used, we just called {pkey_mprotect} and called it a day,
whereas {PageAllocator::SetPermissions} also discards the system pages
when switching to {kNoAccess} (both in {OS::SetPermissions}, which is
used by the default platform, as well as the GIN platform used in
Chrome).
In order to avoid memory regressions when using PKU, this CL changes the
PKU implementation to behave like the POSIX {OS::SetPermissions}
function and also discard system pages when removing all access.
R=jkummerow@chromium.org
Bug: v8:11974
Change-Id: I35f9c436925c1500e5884db1caf620c975586f7e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3424496
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#78874}
