1. 05 Jun, 2020 1 commit
  2. 30 Apr, 2020 1 commit
  3. 20 Apr, 2020 1 commit
  4. 23 May, 2019 2 commits
  5. 22 May, 2019 1 commit
  6. 20 May, 2019 2 commits
  7. 17 May, 2019 3 commits
  8. 16 May, 2019 2 commits
  9. 04 Apr, 2019 1 commit
    • tzik's avatar
      Cancel EnqueueMicrotask on detached contexts · a487167c
      tzik authored
      Context::microtask_context can be null after v8::Context::DetachGlobal
      is called, and that should cancel microtasks that are associated to
      the detached context.
      However, there are several callers left without the null check to the
      microtask queue, and that causes crashes.
      
      This CL adds the null check and cancellation as the crash fix.
      
      Bug: chromium:937784
      Change-Id: Ie8d107f28f200cee6e75798e3f72c5ed7a2a461c
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1545139
      Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60623}
      a487167c
  10. 26 Feb, 2019 1 commit
  11. 25 Jan, 2019 1 commit
    • Mythri's avatar
      Defer inferring language mode as far as possible · 592aeefa
      Mythri authored
      Inferring the language mode involves iterating the stack to find the
      closure. This is an expensive operation and should be done only when
      required. This cl changes the implementation to infer the language
      mode only when we can't defer it any further. Currently, we infer the
      language mode when throwing an exception or when passing this
      information to PropertyCallbackArguments.
      
      This cl also changes the language mode parameter to SetProperty
      related methods to Maybe<ShouldThrow>. We only use the language mode to
      decide if we need to throw and using ShouldThrow instead of language
      mode simplifies the code by avoiding conversions from Maybe<ShouldThrow>
      to Maybe<LanguageMode> and vice-versa.
      
      Bug: v8:8580, chromium:923820, chromium:925289
      Change-Id: I72497497f62fe0d86fcecd57b06b3183b7531f7b
      Reviewed-on: https://chromium-review.googlesource.com/c/1425912
      Commit-Queue: Mythri Alle <mythria@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarAndreas Haas <ahaas@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59094}
      592aeefa
  12. 24 Jan, 2019 1 commit
    • Mythri's avatar
      Reland "Change SetProperty/SetSuperProperty to infer language mode when possible" · e2846ea6
      Mythri authored
      This is a reland of 0896599f with a fix for
      failing layout test.
      
      Original change's description:
      > Change SetProperty/SetSuperProperty to infer language mode when possible
      >
      > In most cases, the language mode can be inferred from the closure and
      > the context. Computing the language mode instead of passing it around
      > simplifies the ICs and will make it possible to go towards lazily
      > allocating feedback vectors. Currently ICs obtain the language mode from
      > the feedback vectors and with lazy feedback allocation we may not always
      > have feedback vectors. Since computing language mode is a bit expensive
      > we want to defer it as far as possible.
      >
      > In Array builtins and other builtins like Reflect.Set we need to force a
      > language mode when setting the properties. To support these cases the
      > SetProperty methods allow the language mode to be overridden when needed.
      >
      > This is a first cl in a series of cls, that will defer the language mode
      > computation further and remove language mode where it is not needed.
      >
      > BUG: v8:8580
      > Change-Id: I9c2396e3bcfe77c3c9d6760c46d86954d54744b9
      > Reviewed-on: https://chromium-review.googlesource.com/c/1409426
      > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Commit-Queue: Mythri Alle <mythria@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#58893}
      
      TBR: ahaas@chromium.org
      Change-Id: Id5d81eae91b55638dbc72168f0e5203e684869fb
      Reviewed-on: https://chromium-review.googlesource.com/c/1421077
      Commit-Queue: Mythri Alle <mythria@chromium.org>
      Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59075}
      e2846ea6
  13. 18 Jan, 2019 1 commit
    • Maya Lekova's avatar
      Revert "Change SetProperty/SetSuperProperty to infer language mode when possible" · 697885b9
      Maya Lekova authored
      This reverts commit 0896599f.
      
      Reason for revert: Speculative revert, seems to cause a layout test failure blocking the LKGR - https://ci.chromium.org/p/v8/builders/luci.v8.ci/V8-Blink%20Linux%2064/29320
      
      Original change's description:
      > Change SetProperty/SetSuperProperty to infer language mode when possible
      > 
      > In most cases, the language mode can be inferred from the closure and
      > the context. Computing the language mode instead of passing it around
      > simplifies the ICs and will make it possible to go towards lazily
      > allocating feedback vectors. Currently ICs obtain the language mode from
      > the feedback vectors and with lazy feedback allocation we may not always
      > have feedback vectors. Since computing language mode is a bit expensive
      > we want to defer it as far as possible.
      > 
      > In Array builtins and other builtins like Reflect.Set we need to force a
      > language mode when setting the properties. To support these cases the
      > SetProperty methods allow the language mode to be overridden when needed.
      > 
      > This is a first cl in a series of cls, that will defer the language mode
      > computation further and remove language mode where it is not needed.
      > 
      > BUG: v8:8580
      > Change-Id: I9c2396e3bcfe77c3c9d6760c46d86954d54744b9
      > Reviewed-on: https://chromium-review.googlesource.com/c/1409426
      > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
      > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
      > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
      > Commit-Queue: Mythri Alle <mythria@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#58893}
      
      TBR=mlippautz@chromium.org,mythria@chromium.org,jgruber@chromium.org,verwaest@chromium.org
      
      Change-Id: I2e0f80a4577a8ca86c05a62205f9dfa488418a52
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Reviewed-on: https://chromium-review.googlesource.com/c/1420758Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Commit-Queue: Maya Lekova <mslekova@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58911}
      697885b9
  14. 17 Jan, 2019 1 commit
    • Mythri's avatar
      Change SetProperty/SetSuperProperty to infer language mode when possible · 0896599f
      Mythri authored
      In most cases, the language mode can be inferred from the closure and
      the context. Computing the language mode instead of passing it around
      simplifies the ICs and will make it possible to go towards lazily
      allocating feedback vectors. Currently ICs obtain the language mode from
      the feedback vectors and with lazy feedback allocation we may not always
      have feedback vectors. Since computing language mode is a bit expensive
      we want to defer it as far as possible.
      
      In Array builtins and other builtins like Reflect.Set we need to force a
      language mode when setting the properties. To support these cases the
      SetProperty methods allow the language mode to be overridden when needed.
      
      This is a first cl in a series of cls, that will defer the language mode
      computation further and remove language mode where it is not needed.
      
      BUG: v8:8580
      Change-Id: I9c2396e3bcfe77c3c9d6760c46d86954d54744b9
      Reviewed-on: https://chromium-review.googlesource.com/c/1409426Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
      Commit-Queue: Mythri Alle <mythria@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58893}
      0896599f
  15. 19 Dec, 2018 1 commit
  16. 18 Dec, 2018 1 commit
  17. 06 Dec, 2018 1 commit
    • tzik's avatar
      Replace %RunMicrotasks with %PerformMicrotaskCheckpoint · 07011cc4
      tzik authored
      This replaces Runtime_RunMicrotasks with Runtime_PerformMicrotaskCheckpoint.
      
      RunMicrotasks forcibly runs Microtasks even when the microtasks are suppressed,
      and may causes nested Microtasks in a problematic way. E.g. that confuses
      v8::MicrotasksScope::IsRunningMicrotasks() and GetEnteredOrMicrotaskContext().
      
      OTOH, PerformMicrotaskCheckpoint() doesn't run cause the failure as it
      respects the microtask suppressions.
      
      As all existing tests don't call RunMicrotasks() in the suppressed situation
      (like Promise.resolve().then(()=>{%RunMicrotasks();})), this change should
      not affect to these tests.
      
      Change-Id: Ib043a0cc8e482e022d375084d65ea98a6f54ef3d
      Reviewed-on: https://chromium-review.googlesource.com/c/1360095Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58068}
      07011cc4
  18. 12 Nov, 2018 1 commit
  19. 07 Nov, 2018 1 commit
  20. 15 Oct, 2018 1 commit
    • Maya Lekova's avatar
      [async-await] Fix INIT hook with --harmony-await-optimization · 860ddfc0
      Maya Lekova authored
      Split the runtime function for initializing a promise into AwaitPromisesInit
      and AwaitPromisesInitOld, the former not firing the INIT hook and being used
      by the AwaitOptimized builtin. In addition to this the AsyncHooks now caches
      all the previously inited promises and checks that the init hook is not fired
      twice for the same promise.
      
      Modified test expectations for the new async ids in the async hooks tests.
      
      Bug: v8:8300
      Change-Id: If4a17e501b2a233578fa70b6442f219473f001d9
      Reviewed-on: https://chromium-review.googlesource.com/c/1280442
      Commit-Queue: Maya Lekova <mslekova@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#56642}
      860ddfc0
  21. 10 Oct, 2018 1 commit
  22. 03 Aug, 2018 1 commit
  23. 23 Jul, 2018 1 commit
  24. 09 Jul, 2018 1 commit
  25. 03 Jul, 2018 1 commit
  26. 30 May, 2018 1 commit
    • Alexey Kozyatinskiy's avatar
      [inspector] reworked async stack instrumentation for async functions · b6c9086c
      Alexey Kozyatinskiy authored
      New intstrumentation consists of:
      - kAsyncFunctionSuspended when async function is suspended on await
        (called on each await),
      - kAsyncFunctionFinished when async function is finished.
      
      Old instrumentation was based on reusing async function promise.
      Using this promise produces couple side effects:
      - for any promise instrumentation we first need to check if it is
        special case for async function promise or not - it requires
        expensive reading from promise object.
      - we capture stack for async functions even if it does not contain
        awaits.
      - we do not properly cancel async task created for async function.
      
      New intsrumntation resolved all these problems as well as provide
      clear mapping between async task and generator which we can use later
      to fetch scope information for async functions on pause.
      
      R=dgozman@chromium.org,yangguo@chromium.org
      
      Bug: v8:7078
      Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
      Change-Id: Ifdcec947d91e6e3d4d5f9029bc080a19b8e23d41
      Reviewed-on: https://chromium-review.googlesource.com/1043096Reviewed-by: 's avatarSathya Gunasekaran <gsathya@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarDmitry Gozman <dgozman@chromium.org>
      Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#53445}
      b6c9086c
  27. 25 May, 2018 1 commit
  28. 24 May, 2018 1 commit
  29. 14 May, 2018 1 commit
  30. 19 Mar, 2018 1 commit
  31. 16 Feb, 2018 1 commit
    • Benedikt Meurer's avatar
      [async-await] Eliminate throwaway promise in async functions. · a840f1f8
      Benedikt Meurer authored
      The ES2017 specification contains a so-called "throwaway" promise that
      is used to specify the behavior of await in terms of PerformPromiseThen,
      but it's actually not necessary and never exposed to user code. In
      addition to that, hooking up the promise in await required a context (to
      refer to the generator object) and two closures for the reject/fulfill
      handling, which would resume the generator corresponding to the async
      function. That meant, we had to allocate 4 additional objects for every
      await.
      
      Instead of using a JSPromise plus the callbacks, this CL adds logic to
      allow PromiseReaction and PromiseReactionJobTask to carry arbitrary
      payloads and Code handlers. We use this for await to avoid the
      additional 4 objects mentioned above, and instead just have simple Code
      handlers that resume the generator (for the async function), either by
      throwing (in case of a rejection) or by resuming normally (in case of
      fulfillment).
      
      For this to work properly the JSGeneratorObject has to have a link to
      the outer promise returned by the async function, so that the catch
      prediction can still figure out what to do in case of promise rejection.
      This is done by adding a new generator_outer_promise_symbol when the
      debugger is active, which refers from the generator to the outer
      promise.
      
      With this change the doxbee-async-es2017-native test goes from around
      100.54ms to around 82.45ms, which corresponds to a ~18% reduction in
      execution time.
      
      Bug: v8:7253
      Change-Id: Iae25b3300bac351c3417be5ae687eff469b0e61f
      Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/924069Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
      Reviewed-by: 's avatarSathya Gunasekaran <gsathya@chromium.org>
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51334}
      a840f1f8
  32. 13 Feb, 2018 1 commit
    • Benedikt Meurer's avatar
      [builtins] Refactor the promise resolution and rejection logic. · c0412961
      Benedikt Meurer authored
      This introduces dedicated builtins
      
        - FulfillPromise,
        - RejectPromise, and
        - ResolvePromise,
      
      which perform the corresponding operations from the language
      specification, and removes the redundant entry points and the
      excessive inlining of these operations into other builtins. We
      also add the same logic on the C++ side, so that we don't need
      to go into JavaScript land when resolving/rejecting from the
      API.
      
      The C++ side has a complete implementation, including full support
      for the debugger and the current PromiseHook machinery. This is to
      avoid constantly crossing the boundary for those cases, and to also
      simplify the CSA side (and soon the TurboFan side), where we only
      do the fast-path and bail out to the runtime for the general handling.
      
      On top of this we introduce %_RejectPromise and %_ResolvePromise,
      which are entry points used by the bytecode and parser desugarings
      for async functions, and also used by the V8 Extras API. Thanks to
      this we can uniformly optimize these in TurboFan, where we have
      corresponding operators JSRejectPromise and JSResolvePromise, which
      currently just call into the builtins, but middle-term can be further
      optimized, i.e. to skip the "then" lookup for JSResolvePromise when
      we know something about the resolution.
      
      In TurboFan we can also already inline the default PromiseCapability
      [[Reject]] and [[Resolve]] functions, although this is not as effective
      as it can be right now, until we have inlining support for the Promise
      constructor (being worked on by petermarshall@ right now) and/or SFI
      based CALL_IC feedback.
      
      Overall this change is meant as a refactoring without significant
      performance impact anywhere; it seems to improve performance of
      simple async functions a bit, but otherwise is neutral.
      
      Bug: v8:7253
      Change-Id: Id0b979f9b2843560e38cd8df4b02627dad4b6d8c
      Reviewed-on: https://chromium-review.googlesource.com/911632Reviewed-by: 's avatarSathya Gunasekaran <gsathya@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
      Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51260}
      c0412961
  33. 08 Feb, 2018 2 commits
    • Sathya Gunasekaran's avatar
      [promisehook] Check for JSReceiver in runtime function · 46488f71
      Sathya Gunasekaran authored
      PromiseHooks can be called with a proxy which fails the cast and
      crashes. This patch changes the runtime functions to
      explicitly check for a JSPromise.
      
      This has the side effect of removing the existing broken support for
      catch prediction for non native promises.
      
      Bug: v8:7398, v8:7190
      Change-Id: I66dbe5f9935943a91afb7ee14919bd9248f9f7e4
      Reviewed-on: https://chromium-review.googlesource.com/907677Reviewed-by: 's avatarAleksey Kozyatinskiy <kozyatinskiy@chromium.org>
      Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
      Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51182}
      46488f71
    • Adam Klein's avatar
      Revert "[builtins] Mega-revert to address the Dev blocker in crbug.com/808911." · 3916401e
      Adam Klein authored
      This reverts commit 14108f4c.
      
      Reason for revert: Not the culprit for Canary microtask crashes
      
      Original change's description:
      > [builtins] Mega-revert to address the Dev blocker in crbug.com/808911.
      > 
      > - Revert "[builtins] Save one word in contexts for Promise.all."
      >   This reverts commit 7632da06.
      > - Revert "[builtins] Also use the Promise#then protector for Promise#finally()."
      >   This reverts commit d4f072ce.
      > - Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks."
      >   This reverts commit 6703dacd.
      > - Revert "[debugger] Properly deal with settled promises in catch prediction."
      >   This reverts commit 40dd0658.
      > - Revert "[builtins] Widen the fast-path for Promise builtins."
      >   This reverts commit db0556b7.
      > - Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan."
      >   This reverts commit a582199c.
      > - Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback."
      >   This reverts commit 6bf88852.
      > - Revert "[builtins] Turn NewPromiseCapability into a proper builtin."
      >   This reverts commit 313b490d.
      > - Revert "[builtins] Inline InternalPromiseThen into it's only caller"
      >   This reverts commit f7bd6a2f.
      > - Revert "[builtins] Implement Promise#catch by really calling into Promise#then."
      >   This reverts commit b23b098f.
      > - Revert "[promise] Remove incorrect fast path"
      >   This reverts commit 0f6eafe8.
      > - Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field."
      >   This reverts commit 8a677a28.
      > - Revert "[builtins] Refactor promises to reduce GC overhead."
      >   This reverts commit 8e7737cb.
      > 
      > Tbr: hpayer@chromium.org
      > Bug: chromium:800651, chromium:808911, v8:5691, v8:7253
      > Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1
      > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
      > Reviewed-on: https://chromium-review.googlesource.com/906991
      > Commit-Queue: Yang Guo <yangguo@chromium.org>
      > Commit-Queue: Adam Klein <adamk@chromium.org>
      > Reviewed-by: Adam Klein <adamk@chromium.org>
      > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#51158}
      
      Change-Id: I09d958cbebd635a325809072a290f2f53df8c5d4
      Tbr: adamk@chromium.org,yangguo@chromium.org,bmeurer@chromium.org
      Bug: chromium:800651, chromium:808911, v8:5691, v8:7253
      Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/908988Reviewed-by: 's avatarAdam Klein <adamk@chromium.org>
      Commit-Queue: Adam Klein <adamk@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51181}
      3916401e
  34. 07 Feb, 2018 1 commit
    • Benedikt Meurer's avatar
      [builtins] Mega-revert to address the Dev blocker in crbug.com/808911. · 14108f4c
      Benedikt Meurer authored
      - Revert "[builtins] Save one word in contexts for Promise.all."
        This reverts commit 7632da06.
      - Revert "[builtins] Also use the Promise#then protector for Promise#finally()."
        This reverts commit d4f072ce.
      - Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks."
        This reverts commit 6703dacd.
      - Revert "[debugger] Properly deal with settled promises in catch prediction."
        This reverts commit 40dd0658.
      - Revert "[builtins] Widen the fast-path for Promise builtins."
        This reverts commit db0556b7.
      - Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan."
        This reverts commit a582199c.
      - Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback."
        This reverts commit 6bf88852.
      - Revert "[builtins] Turn NewPromiseCapability into a proper builtin."
        This reverts commit 313b490d.
      - Revert "[builtins] Inline InternalPromiseThen into it's only caller"
        This reverts commit f7bd6a2f.
      - Revert "[builtins] Implement Promise#catch by really calling into Promise#then."
        This reverts commit b23b098f.
      - Revert "[promise] Remove incorrect fast path"
        This reverts commit 0f6eafe8.
      - Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field."
        This reverts commit 8a677a28.
      - Revert "[builtins] Refactor promises to reduce GC overhead."
        This reverts commit 8e7737cb.
      
      Tbr: hpayer@chromium.org
      Bug: chromium:800651, chromium:808911, v8:5691, v8:7253
      Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1
      Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng
      Reviewed-on: https://chromium-review.googlesource.com/906991
      Commit-Queue: Yang Guo <yangguo@chromium.org>
      Commit-Queue: Adam Klein <adamk@chromium.org>
      Reviewed-by: 's avatarAdam Klein <adamk@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#51158}
      14108f4c