Commit Graph

18 Commits

Author SHA1 Message Date
hpayer
a007dfc18e [heap] Move typed slot filtering logic into sweeper.
Additionally, remove all code related to the old-style slots filtering and black area end markers.

BUG=chromium:648568

Review-Url: https://chromiumcodereview.appspot.com/2440683002
Cr-Commit-Position: refs/heads/master@{#40494}
2016-10-21 09:05:00 +00:00
hpayer
60cb6013d4 [heap] Reland move slot filtering logic into sweeper.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2428493003
Cr-Commit-Position: refs/heads/master@{#40393}
2016-10-18 10:07:08 +00:00
machenbach
cdc3459a85 Revert of [heap] Move slot filtering logic into sweeper. (patchset #4 id:60001 of https://codereview.chromium.org/2418773002/ )
Reason for revert:
[Sheriff] Speculative revert for heap corruption on all platforms, e.g.:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/12377
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20-%20debug/builds/12379
https://build.chromium.org/p/client.v8/builders/V8%20Win32/builds/4819
https://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%20nosnap%20-%20shared/builds/16783
https://build.chromium.org/p/client.v8/builders/V8%20Mac64%20-%20debug/builds/10007

Original issue's description:
> [heap] Move slot filtering logic into sweeper.
>
> BUG=chromium:648568
>
> Committed: https://crrev.com/18db69c38c93450c1ae957999fc48c465f111f00
> Cr-Commit-Position: refs/heads/master@{#40267}

TBR=ulan@chromium.org,mlippautz@chromium.org,hpayer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2418053002
Cr-Commit-Position: refs/heads/master@{#40292}
2016-10-14 06:59:38 +00:00
hpayer
18db69c38c [heap] Move slot filtering logic into sweeper.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2418773002
Cr-Commit-Position: refs/heads/master@{#40267}
2016-10-13 13:43:18 +00:00
hpayer
e5b07adfb1 [heap] Use the thread-safe free modes also for RemoveRange in SlotSet.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2397373002
Cr-Commit-Position: refs/heads/master@{#40075}
2016-10-07 09:16:07 +00:00
hpayer
1cb133e312 [heap] Concurrently free empty slot set buckets.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2390743005
Cr-Commit-Position: refs/heads/master@{#39982}
2016-10-05 09:27:10 +00:00
hpayer
b1b47aaea7 [heap] Reland Concurrently free empty typed slot set chunks.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2366393002
Cr-Commit-Position: refs/heads/master@{#39735}
2016-09-26 15:54:18 +00:00
machenbach
20caa8770a Revert of [heap] Reland Concurrently free empty typed slot set chunks. (patchset #2 id:20001 of https://codereview.chromium.org/2365603002/ )
Reason for revert:
Leaks and TSAN:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN/builds/15441
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11867

Original issue's description:
> [heap] Reland Concurrently free empty typed slot set chunks.
>
> BUG=chromium:648568
>
> Committed: https://crrev.com/ec3835751d678c0b4a3fda47d11ffa107cd27e23
> Cr-Commit-Position: refs/heads/master@{#39630}

TBR=ulan@chromium.org,hpayer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2364603002
Cr-Commit-Position: refs/heads/master@{#39632}
2016-09-22 15:14:59 +00:00
hpayer
ec3835751d [heap] Reland Concurrently free empty typed slot set chunks.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2365603002
Cr-Commit-Position: refs/heads/master@{#39630}
2016-09-22 14:32:40 +00:00
adamk
c216b7fa83 Revert of [heap] Concurrently free empty typed slot set chunks. (patchset #3 id:40001 of https://codereview.chromium.org/2352423002/ )
Reason for revert:
TSAN failures on Linux64:

https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11850

Also saw various threading-related flakiness on multiple bots.

Original issue's description:
> [heap] Concurrently free empty typed slot set chunks.
>
> BUG=chromium:648568
>
> Committed: https://crrev.com/ff8101d8e8d5e14dfa89de1252c510e6a0775539
> Cr-Commit-Position: refs/heads/master@{#39605}

TBR=ulan@chromium.org,hpayer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2358333002
Cr-Commit-Position: refs/heads/master@{#39607}
2016-09-21 23:49:43 +00:00
hpayer
ff8101d8e8 [heap] Concurrently free empty typed slot set chunks.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2352423002
Cr-Commit-Position: refs/heads/master@{#39605}
2016-09-21 20:11:12 +00:00
hpayer
6f06c36c3e [heap] Make typed slot set state and operations atomic.
BUG=chromium:648568

Review-Url: https://codereview.chromium.org/2360513002
Cr-Commit-Position: refs/heads/master@{#39596}
2016-09-21 13:20:48 +00:00
ahaas
ae521505c4 [heap] Store the host address in the typed remembered set.
We need the host address in another CL to clear invalid slots.

R=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2025833002
Cr-Commit-Position: refs/heads/master@{#36696}
2016-06-03 08:31:09 +00:00
ulan
01b8fc894b Reland "Replace slots buffer with remembered set. (patchset #14 id:250001 of https://codereview.chromium.org/1703823002/ )"
This reverts commit 9146bc5e20.

This contains a fix for the following crash:
1. We record slots for a fixed array.
2. We trim the fixed array, so that some recorded slots are now in free space.
3. During mark-compact we sweep the page with the fixed array. Now free list items contain memory with recorded slots.
4. We evacuate a byte array using the new free list items.
5. We iterate slots that are now inside the byte array and crash.

BUG=chromium:589413,chromium:578883
LOG=NO

Review URL: https://codereview.chromium.org/1735523002

Cr-Commit-Position: refs/heads/master@{#34302}
2016-02-25 17:29:22 +00:00
ulan
9146bc5e20 Revert of Replace slots buffer with remembered set. (patchset #14 id:250001 of https://codereview.chromium.org/1703823002/ )
Reason for revert:
Revert because of canary crashes: crbug.com/589413

Original issue's description:
> Replace slots buffer with remembered set.
>
> Slots pointing to evacuation candidates are now recorded in the new RememberedSet<OLD_TO_OLD>.
>
> The remembered set is extended to support typed slots.
>
> During parallel evacuation all migration slots are recorded in local slots buffers.
> After evacuation all local slots are added to the remembered set.
>
> BUG=chromium:578883
> LOG=NO
>
> Committed: https://crrev.com/2285a99ef6f7d52f4f0c4d88a7db4224443ee152
> Cr-Commit-Position: refs/heads/master@{#34212}

TBR=jochen@chromium.org,hpayer@chromium.org,mlippautz@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:578883

Review URL: https://codereview.chromium.org/1725073003

Cr-Commit-Position: refs/heads/master@{#34238}
2016-02-24 09:48:21 +00:00
ulan
2285a99ef6 Replace slots buffer with remembered set.
Slots pointing to evacuation candidates are now recorded in the new RememberedSet<OLD_TO_OLD>.

The remembered set is extended to support typed slots.

During parallel evacuation all migration slots are recorded in local slots buffers.
After evacuation all local slots are added to the remembered set.

BUG=chromium:578883
LOG=NO

Review URL: https://codereview.chromium.org/1703823002

Cr-Commit-Position: refs/heads/master@{#34212}
2016-02-23 13:53:02 +00:00
ulan
017d128b6e Filter invalid slots after array trimming.
If sweeping is in progress then we need to filter out slots in free space after
array trimming, because the sweeper will add the free space into free list.

This CL also fixes a bug in SlotSet::RemoveRange.

BUG=chromium:587004
LOG=NO
TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1701963003

Cr-Commit-Position: refs/heads/master@{#34071}
2016-02-17 11:53:06 +00:00
ulan
bb883395a8 New page local store buffer.
This replaces the global remembered set with per-page remembered sets.

Each page in the old space, map space, and large object space keeps track of
the set of slots in the page pointing to the new space.

The data structure for storing slot sets is a two-level bitmap, which allows
us to remove the store buffer overflow and SCAN_ON_SCAVENGE logic.

Design doc: https://goo.gl/sMKCf7

BUG=chromium:578883
LOG=NO

Review URL: https://codereview.chromium.org/1608583002

Cr-Commit-Position: refs/heads/master@{#33806}
2016-02-08 08:51:38 +00:00