- 24 Apr, 2020 2 commits
-
-
Timothy Gu authored
This is a reland of 29c1eab9 Original change's description: > [builtins] Clean up the use of class_name / ES5 [[Class]] > > Before ES2015, the ES spec had a [[Class]] internal slot for all > objects, which Object.prototype.toString() would use to figure the > returned string. Post-ES2015, the [[Class]] slot was removed in spec for > all objects, with the @@toStringTag well-known symbol the proper way to > change Object.prototype.toString() output. > > At the time, spec-identical handling without the use of [[Class]] was > implemented in V8 for all objects other than API objects, where issues > with the Web IDL spec [1] prevented Blink, and hence V8, to totally > migrate to @@toStringTag. However, since 2016 [2] Blink has been setting > @@toStringTag on API class prototypes to manage the > Object.prototype.toString() output, so the legacy [[Class]] handling in > V8 has not been necessary for the past couple of years. > > This CL removes the remaining legacy [[Class]] handling in > Object.prototype.toString(), JSReceiver::class_name(), and > GetConstructorName(). However, it does not remove the class_name field > in FunctionTemplateInfo, as it is still used for the `name` property of > created functions. > > This CL also cleans up other places in the codebase that still reference > [[Class]]. > > This change should have minimal impact on web-compatibility. For the > change to be observable, a script must do one of the following: > > 1. delete APIConstructor.prototype[Symbol.toStringTag]; > 2. Object.setPrototypeOf(apiObject, somethingElse); > > Before this CL, these changes will not change the apiObject.toString() > output. But after this CL, they will make apiObject.toString() show > "[object Object]" (in the first case) or the @@toStringTag of the other > prototype (in the latter case). > > However, both are deemed unlikely. @@toStringTag is not well-known > feature of JavaScript, nor does it get tampered much on API > constructors. In the second case, setting the prototype of an API object > would effectly render the object useless, as all its methods (including > property getters/setters) would no longer be accessible. > > Currently, @@toStringTag-based API object branding is not yet > implemented by other browsers. This V8 bug in particular has been an > impediment to standardizing toString behavior. Fixing this bug will > unblock [3] and lead to a better Web IDL spec, and better toString() > compatibility for all. > > [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244 > [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4 > [3]: https://github.com/heycam/webidl/pull/357 > > Bug: chromium:793406 > Cq-Include-Trybots: luci.chromium.try:linux-rel > Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996 > Commit-Queue: Timothy Gu <timothygu@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#67327} Bug: chromium:793406 Change-Id: Ia5d97bd4e1c44cadc6f18a17ffc9d06b038cf8f1 Cq-Include-Trybots: luci.chromium.try:linux-rel Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163881 Auto-Submit: Timothy Gu <timothygu@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#67361}
-
Bill Budge authored
This reverts commit 29c1eab9. Reason for revert: Causes Blink test failures: https://ci.chromium.org/p/v8/builders/ci/V8%20Blink%20Linux/4222 Original change's description: > [builtins] Clean up the use of class_name / ES5 [[Class]] > > Before ES2015, the ES spec had a [[Class]] internal slot for all > objects, which Object.prototype.toString() would use to figure the > returned string. Post-ES2015, the [[Class]] slot was removed in spec for > all objects, with the @@toStringTag well-known symbol the proper way to > change Object.prototype.toString() output. > > At the time, spec-identical handling without the use of [[Class]] was > implemented in V8 for all objects other than API objects, where issues > with the Web IDL spec [1] prevented Blink, and hence V8, to totally > migrate to @@toStringTag. However, since 2016 [2] Blink has been setting > @@toStringTag on API class prototypes to manage the > Object.prototype.toString() output, so the legacy [[Class]] handling in > V8 has not been necessary for the past couple of years. > > This CL removes the remaining legacy [[Class]] handling in > Object.prototype.toString(), JSReceiver::class_name(), and > GetConstructorName(). However, it does not remove the class_name field > in FunctionTemplateInfo, as it is still used for the `name` property of > created functions. > > This CL also cleans up other places in the codebase that still reference > [[Class]]. > > This change should have minimal impact on web-compatibility. For the > change to be observable, a script must do one of the following: > > 1. delete APIConstructor.prototype[Symbol.toStringTag]; > 2. Object.setPrototypeOf(apiObject, somethingElse); > > Before this CL, these changes will not change the apiObject.toString() > output. But after this CL, they will make apiObject.toString() show > "[object Object]" (in the first case) or the @@toStringTag of the other > prototype (in the latter case). > > However, both are deemed unlikely. @@toStringTag is not well-known > feature of JavaScript, nor does it get tampered much on API > constructors. In the second case, setting the prototype of an API object > would effectly render the object useless, as all its methods (including > property getters/setters) would no longer be accessible. > > Currently, @@toStringTag-based API object branding is not yet > implemented by other browsers. This V8 bug in particular has been an > impediment to standardizing toString behavior. Fixing this bug will > unblock [3] and lead to a better Web IDL spec, and better toString() > compatibility for all. > > [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244 > [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4 > [3]: https://github.com/heycam/webidl/pull/357 > > Bug: chromium:793406 > Cq-Include-Trybots: luci.chromium.try:linux-rel > Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996 > Commit-Queue: Timothy Gu <timothygu@chromium.org> > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Cr-Commit-Position: refs/heads/master@{#67327} TBR=verwaest@chromium.org,timothygu@chromium.org Change-Id: I678d2ffc1064b1d1ddb62024cc23c6c41b216ef4 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:793406 Cq-Include-Trybots: luci.chromium.try:linux-rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163956Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#67349}
-
- 23 Apr, 2020 1 commit
-
-
Timothy Gu authored
Before ES2015, the ES spec had a [[Class]] internal slot for all objects, which Object.prototype.toString() would use to figure the returned string. Post-ES2015, the [[Class]] slot was removed in spec for all objects, with the @@toStringTag well-known symbol the proper way to change Object.prototype.toString() output. At the time, spec-identical handling without the use of [[Class]] was implemented in V8 for all objects other than API objects, where issues with the Web IDL spec [1] prevented Blink, and hence V8, to totally migrate to @@toStringTag. However, since 2016 [2] Blink has been setting @@toStringTag on API class prototypes to manage the Object.prototype.toString() output, so the legacy [[Class]] handling in V8 has not been necessary for the past couple of years. This CL removes the remaining legacy [[Class]] handling in Object.prototype.toString(), JSReceiver::class_name(), and GetConstructorName(). However, it does not remove the class_name field in FunctionTemplateInfo, as it is still used for the `name` property of created functions. This CL also cleans up other places in the codebase that still reference [[Class]]. This change should have minimal impact on web-compatibility. For the change to be observable, a script must do one of the following: 1. delete APIConstructor.prototype[Symbol.toStringTag]; 2. Object.setPrototypeOf(apiObject, somethingElse); Before this CL, these changes will not change the apiObject.toString() output. But after this CL, they will make apiObject.toString() show "[object Object]" (in the first case) or the @@toStringTag of the other prototype (in the latter case). However, both are deemed unlikely. @@toStringTag is not well-known feature of JavaScript, nor does it get tampered much on API constructors. In the second case, setting the prototype of an API object would effectly render the object useless, as all its methods (including property getters/setters) would no longer be accessible. Currently, @@toStringTag-based API object branding is not yet implemented by other browsers. This V8 bug in particular has been an impediment to standardizing toString behavior. Fixing this bug will unblock [3] and lead to a better Web IDL spec, and better toString() compatibility for all. [1]: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28244 [2]: https://crrev.com/909c0d7d5a53c8526ded351683c65ea7d17531d4 [3]: https://github.com/heycam/webidl/pull/357 Bug: chromium:793406 Cq-Include-Trybots: luci.chromium.try:linux-rel Change-Id: Iceded24e37afa2646ec385d5018909f55b177f93 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2146996 Commit-Queue: Timothy Gu <timothygu@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#67327}
-
- 09 Mar, 2020 1 commit
-
-
Dan Elphick authored
String::NewFromLiteral is a templated function that takes a char[N] argument that can be used as an alternative to String::NewFromUtf8 and returns a Local<String> rather than a MaybeLocal<String> reducing the number of ToLocalChecked() or other checks. Since the string length is known at compile time, it can statically assert that the length is less than String::kMaxLength, which means that it can never fail at runtime. This also converts all found uses of NewFromUtf8 taking a string literal or a variable initialized from a string literal to use the new API. In some cases the types of stored string literals are changed from const char* to const char[] to ensure the size is retained. This API does introduce a small difference compared to NewFromUtf8. For a case like "abc\0def", NewFromUtf8 (using length -1 to infer length) would treat this as a 3 character string, whereas the new API will treat it as a 7 character string. As a drive-by fix, this also fixes all redundant uses of v8::NewStringType::kNormal when passed to any of the String::New* functions. Change-Id: Id96a44bc068d9c4eaa634aea688e024675a0e5b3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2089935 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Mathias Bynens <mathias@chromium.org> Reviewed-by: Mythri Alle <mythria@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#66622}
-
- 06 Feb, 2020 1 commit
-
-
Ulan Degenbaev authored
A pointer-compressed heap has the same heap limit heuristics as a 32-bit heap. Specifically, the heap limit is restricted to 1GB due to scarce virtual addresses space on 32-bit platforms. That limitation does not apply for pointer-compressed heaps which can use 4GB. This CL changes the heap limit computation to use system the pointer size instead of the tagged pointer size. Note that the young generation limit continues to use the tagged pointer size. Bug: chromium:1045034 Change-Id: I9d5bb818c32a82322476e9c97feee331400ebe0f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2042102Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#66159}
-
- 10 Sep, 2019 1 commit
-
-
Clemens Hammacher authored
Since we switched to C++14 now, we can use {std::make_unique} instead of our own {base::make_unique} from {template-utils.h}. R=mstarzinger@chromium.org, yangguo@chromium.org Bug: v8:9687 No-Try: true Change-Id: I660eb30038bbb079cee93c7861cd87ccd134f01b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1789300 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#63642}
-
- 08 Aug, 2019 1 commit
-
-
Simon Zünd authored
This CL adds an access check for the arguments to all calls to {console} like {console.log}. This is needed since the DevTools protocol notificiation event does not contain the context in which the {console.log} call occurred. Only the context of the argument. When DevTools then reads properties for the preview of the argument, it uses arguments context, instead of the calling context, potentially leaking objects/exceptions into the calling context. Bug: chromium:987502, chromium:986393 Change-Id: I6f7682f7bee94a28ac61994bad259bd003511c39 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1741664 Commit-Queue: Simon Zünd <szuend@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#63122}
-
- 02 Aug, 2019 1 commit
-
-
Simon Zünd authored
This CL adds regression tests for two bugs where the wrong native context is used when lazy accessors are instantiated. The first bug injects an object created in context 1, into another context 2. The object has an accessor pair installed via FunctionTemplate. In context 2, the property descriptor of this accessor is retrieved, causing the JSFunction to be instantiated with the current context (context 2) instead of the creation context of the object (context 1). The second bug is similar. When breakpoints are set, the whole heap is walked and all lazy accessor pairs are instantiated. This again uses the current context instead of using the context from which a AccessorPair originates. Bug: chromium:986063, chromium:989909 Change-Id: Iaaea6e81f1b9f6b55fc7583b260aa9aea035a8d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1730999Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#63048}
-
- 18 Jun, 2019 1 commit
-
-
Mythri A authored
Bug: v8:8394, v8:8801, v8:9183 Change-Id: I29ff1a6dda97e89335b30fcc8c380bcb4055e1fb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1664690Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#62254}
-
- 06 Jun, 2019 1 commit
-
-
Ulan Degenbaev authored
The new API function is called ConfigureDefaultsFromHeapSize and accepts two parameters: the initial and the maximum heap size. Based on the given limits the function computes the default size for the young and the old generation. The patch also cleans up the existing functions to make them consistent in terms of units and heap structure. Bug: v8:9306 Change-Id: If2200a9cdb45b0b818a373207efe4e6426f7b688 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631593 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#62017}
-
- 27 May, 2019 1 commit
-
-
Clemens Hammacher authored
This replaces all typedefs that define types and not functions by the equivalent "using" declaration. This was done mostly automatically using this command: ag -l '\btypedef\b' src test | xargs -L1 \ perl -i -p0e 's/typedef ([^*;{}]+) (\w+);/using \2 = \1;/sg' Patchset 2 then adds some manual changes for typedefs for pointer types, where the regular expression did not match. R=mstarzinger@chromium.org TBR=yangguo@chromium.org, jarin@chromium.org Bug: v8:9183 Change-Id: I6f6ee28d1793b7ac34a58f980b94babc21874b78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1631409 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61849}
-
- 24 May, 2019 1 commit
-
-
Yang Guo authored
TBR=mvstanton@chromium.org,neis@chromium.org,ahaas@chromium.org Bug: v8:9247 Change-Id: I5433c863a54f3412d73df0d38aba3fdbcfac7ebe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627973 Commit-Queue: Yang Guo <yangguo@chromium.org> Auto-Submit: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#61830}
-
- 23 May, 2019 2 commits
-
-
Yang Guo authored
TBR=bmeurer@chromium.org,leszeks@chromium.org Bug: v8:9247 Change-Id: I8d14d0192ea8c705f8274e8e61a162531826edb6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624220Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#61769}
-
Yang Guo authored
Bug: v8:9247 Change-Id: I0023200c54fa6499ae4e2cf5e4c89407cc35f187 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1624218Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61762}
-
- 22 May, 2019 1 commit
-
-
Yang Guo authored
Bug: v8:9247 Change-Id: I79e0553e8a0d6dac2aa16b94a6c0e05b6ccde4a1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1621934 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#61725}
-
- 17 May, 2019 1 commit
-
-
Yang Guo authored
TBR=rmcilroy@chromium.org,mstarzinger@chromium.org,verwaest@chromium.org Bug: v8:9247 Change-Id: I7ffc2bd4a5fdf7c20cc3283bb5545cbf9ffd4e53 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1617254Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61609}
-
- 16 May, 2019 2 commits
-
-
Maya Lekova authored
This reverts commit 9ac8b200. Reason for revert: Breaks CFI bot https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20cfi/20442 Original change's description: > Move API-related files > > NOPRESUBMIT=true > TBR=verwaest@chromium.org > > Bug: v8:9247 > Change-Id: I45bfe0782ba92aa7ed27a9e308d0aab9ba1bac7f > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1613988 > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> > Commit-Queue: Yang Guo <yangguo@chromium.org> > Cr-Commit-Position: refs/heads/master@{#61579} TBR=rmcilroy@chromium.org,yangguo@chromium.org,mstarzinger@chromium.org,verwaest@chromium.org Change-Id: I28ee9174a1cbc1dae9711977bf9369253ef43058 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9247 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1615463Reviewed-by: Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#61583}
-
Yang Guo authored
NOPRESUBMIT=true TBR=verwaest@chromium.org Bug: v8:9247 Change-Id: I45bfe0782ba92aa7ed27a9e308d0aab9ba1bac7f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1613988Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#61579}
-
- 30 Apr, 2019 1 commit
-
-
Mythri A authored
With bytecode flushing and lazy feedback allocation, we need to call %PrepareForOptimization before we call %OptimizeFunctionOnNextCall Bug: v8:8801, v8:8394 Change-Id: I81918f174b2f97cbaa8b8ef2e459080c2581f535 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1588415 Commit-Queue: Mythri Alle <mythria@chromium.org> Commit-Queue: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Cr-Commit-Position: refs/heads/master@{#61122}
-
- 21 Nov, 2018 1 commit
-
-
Yuki Shiino authored
When ASAN is enabled, the previous implementation of Isolate::GetIncumbentContext didn't work well due to mixture of fake and real stack frames. This patch converts an address in the fake stack frame to an address in the real stack frame so that we can compare two addresses. Bug: chromium:888867, chromium:866610 Change-Id: Iccf570b8555f2fbdc737b12894a2784ffdb31602 Reviewed-on: https://chromium-review.googlesource.com/c/1343709Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Yuki Shiino <yukishiino@chromium.org> Cr-Commit-Position: refs/heads/master@{#57662}
-
- 14 Sep, 2018 1 commit
-
-
Florian Sattler authored
Fixing clang-tidy warning. Bug: v8:8015 Change-Id: I4236a2cf85a414f9d7d1fbdaaaaf1c72a84f02e3 Reviewed-on: https://chromium-review.googlesource.com/1224093Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Florian Sattler <sattlerf@google.com> Cr-Commit-Position: refs/heads/master@{#55912}
-
- 13 Sep, 2018 1 commit
-
-
Yuki Shiino authored
It turned out that the original implementation was broken from the beginning. This patch fixes the API to return the correct one. GetIncumbentContext was implemented at https://chromium-review.googlesource.com/c/v8/v8/+/536728 Change-Id: Iba29171bac10ed82575a8079396768a9d5af3b13 Bug: chromium:883036 Reviewed-on: https://chromium-review.googlesource.com/1219368 Commit-Queue: Yuki Shiino <yukishiino@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#55874}
-
- 15 Aug, 2018 1 commit
-
-
Camillo Bruni authored
- Explicitly allows construction of {Named,Indexed}PropertyHandlerConfiguration with all the members filled. Bug: v8:7612 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I426ea33846b5dbf2b3482c722c963a6e4b0abded Reviewed-on: https://chromium-review.googlesource.com/1163882Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#55142}
-
- 23 Jul, 2018 1 commit
-
-
Stephan Herhut authored
api.h had an implicit dependency on objects-inl.h. Bug: v8:7490 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I56ef7abefed7205bdbff2aa5f451f1a843bef9f9 Reviewed-on: https://chromium-review.googlesource.com/1145191Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Stephan Herhut <herhut@chromium.org> Cr-Commit-Position: refs/heads/master@{#54616}
-
- 26 Mar, 2018 1 commit
-
-
Gabriel Charette authored
This is done now while embedders have yet to adapt to the new API before it becomes hard to migrate. Also renamed variable/methods to use "worker threads" rather than "background" nomenclature. Extracted from https://chromium-review.googlesource.com/c/v8/v8/+/978443/7 while resolving the more contentious bits around using task runners. TBR=rmcilroy@chromium.org Bug: chromium:817421 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: Ie3ddf15a708e829c0f718d89bebf3e96d1990c16 Reviewed-on: https://chromium-review.googlesource.com/980953 Commit-Queue: Gabriel Charette <gab@chromium.org> Reviewed-by: Gabriel Charette <gab@chromium.org> Cr-Commit-Position: refs/heads/master@{#52231}
-
- 01 Mar, 2018 1 commit
-
-
Gabriel Charette authored
With a temporary intermediate step to allow adapting embedders before getting rid of the ExpectedRuntime method altogether. The method is being renamed to CallOnWorkerThread() as an effort to go away from "background" nomenclature for worker threads ("background" usually refers to a priority but worker threads are commonly used for high priority tasks in v8). Other CLs will follow to rename other "background" APIs. Bug: v8:7310 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng;master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I2fd4eac7458708d4eacb0f4871c982a567a3865e Reviewed-on: https://chromium-review.googlesource.com/941442 Commit-Queue: Gabriel Charette <gab@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#51645}
-
- 04 Dec, 2017 1 commit
-
-
Georg Neis authored
The motivation is to avoid bugs such as the one fixed in https://chromium-review.googlesource.com/c/v8/v8/+/800270. Bug: v8:7109 Change-Id: I82a55f4a78d289d00ae7bafe78b45d92bab07a6b Reviewed-on: https://chromium-review.googlesource.com/800291Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#49829}
-
- 27 Oct, 2017 1 commit
-
-
Toon Verwaest authored
(This is a reland of cb84b6f6) This works in the ICs since compiled handlers are not shared anymore. Bug: chromium:759734 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Change-Id: I3b7d6ae34bb4cfa213f679354fac56fb51bfd5ed Reviewed-on: https://chromium-review.googlesource.com/739822Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#48999}
-
- 26 Oct, 2017 2 commits
-
-
Toon Verwaest authored
This reverts commit cb84b6f6. Reason for revert: <INSERT REASONING HERE> Original change's description: > [lazy-accessor-pairs] Don't take the fast paths if the context needs to be switched > > This works in the ICs since compiled handlers are not shared anymore. > > As drive-by cleanup I also removed custom code to deal with compiled handler sharing for primitive and access-checked objects. > > Bug: chromium:759734 > Change-Id: Ifb394221c2398f42ea9305acc02845db6004c680 > Reviewed-on: https://chromium-review.googlesource.com/738381 > Commit-Queue: Toon Verwaest <verwaest@chromium.org> > Reviewed-by: Igor Sheludko <ishell@chromium.org> > Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> > Cr-Commit-Position: refs/heads/master@{#48979} TBR=jarin@chromium.org,ishell@chromium.org,verwaest@chromium.org Change-Id: I9b7424252cbc3f18efd6b6b5b3818651c2863f5c No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:759734 Reviewed-on: https://chromium-review.googlesource.com/739487Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#48980}
-
Toon Verwaest authored
This works in the ICs since compiled handlers are not shared anymore. As drive-by cleanup I also removed custom code to deal with compiled handler sharing for primitive and access-checked objects. Bug: chromium:759734 Change-Id: Ifb394221c2398f42ea9305acc02845db6004c680 Reviewed-on: https://chromium-review.googlesource.com/738381 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#48979}
-
- 28 Sep, 2017 1 commit
-
-
Mostyn Bramley-Moore authored
TBR=jkummerow@chromium.org Bug: chromium:746958 Change-Id: I7500b6206c4ceb087672de5b61b7e7ad234bb425 Reviewed-on: https://chromium-review.googlesource.com/690397 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#48213}
-
- 28 Aug, 2017 1 commit
-
-
Mateusz Czeladka authored
As part of J2V8 development (https://github.com/eclipsesource/J2V8), we realized that we had a subtle bug in how Isolate scope was created and it's lifetime managed, see: https://github.com/eclipsesource/J2V8/issues/313. Mentioned above bug was fixed, however, what we also noticed is that V8 API has been constantly and slowly moving to such an API, in which one has to pass Isolate explicitly to methods and/or constructors. We found two more places that might have been overlooked. This contribution adds passing of Isolate pointer explicitly to constructors of String::Utf8Value and String::Value classes. Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng;master.tryserver.v8:v8_linux_noi18n_rel_ng Change-Id: I61984285f152aba5ca922100cf3df913a9cb2cea Reviewed-on: https://chromium-review.googlesource.com/593309 Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#47656}
-
- 24 Aug, 2017 1 commit
-
-
Yuki Shiino authored
In case of LAP(lazy accessor pair), the function's creation context must be equal to the accessor holder's creation context, so this CL changes the current context to the accessor holder's creation context. Note that this is the second attempt after https://crrev.com/2770003002 The change from the previous attempt is to skip looking for the object's constructor if the object itself is a function. Also some of Blink's LAP-context-sensitive tests got updated at https://crrev.com/c/597990 and the rest of the tests will get temporarily disabled at https://crrev.com/c/605408 . TBR=verwaest@chromium.org Bug: v8:6156 Change-Id: I09709a90995d82a03996d0347e5a1d8425b5db9c Reviewed-on: https://chromium-review.googlesource.com/563152 Commit-Queue: Yuki Shiino <yukishiino@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#47572}
-
- 05 Jul, 2017 2 commits
-
-
machenbach authored
Revert of Set the current context to the function's context when entering to LAP. (patchset #14 id:540001 of https://codereview.chromium.org/2770003002/ ) Reason for revert: Speculative: Seems to break webkit_unit_tests: https://build.chromium.org/p/tryserver.v8/builders/v8_linux_blink_rel/builds/23247 https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Mac/builds/11038 Original issue's description: > Set the current context to the function's context when entering to LAP. > > In case of LAP(lazy accessor pair), the function's creation context > must be equal to the accessor holder's creation context, so this CL > changes the current context to the accessor holder's creation context. > > BUG=v8:6156 > > Review-Url: https://codereview.chromium.org/2770003002 > Cr-Commit-Position: refs/heads/master@{#46406} > Committed: https://chromium.googlesource.com/v8/v8/+/18e73287dc65452bc2f952fc005b2251fc32c15a TBR=jochen@chromium.org,verwaest@chromium.org,mstarzinger@chromium.org,tebbi@google.com,yukishiino@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:6156 Review-Url: https://codereview.chromium.org/2973593002 Cr-Commit-Position: refs/heads/master@{#46408}
-
yukishiino authored
In case of LAP(lazy accessor pair), the function's creation context must be equal to the accessor holder's creation context, so this CL changes the current context to the accessor holder's creation context. BUG=v8:6156 Review-Url: https://codereview.chromium.org/2770003002 Cr-Commit-Position: refs/heads/master@{#46406}
-
- 29 Mar, 2017 1 commit
-
-
Jochen Eisinger authored
BUG=v8:6163 R=verwaest@chromium.org Change-Id: Ieaec78c806cc3d459488a8491e77b7b5a8047079 Reviewed-on: https://chromium-review.googlesource.com/461903 Commit-Queue: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#44228}
-
- 15 Mar, 2017 1 commit
-
-
Jochen Eisinger authored
That way, we don't need to create a context-less constructor function. Instead, we use the constructor_or_backpointer (or null) field, and rename it to constructor_or_fti_or_backpointer so nobody is confused. Note that technically, we still have JSFunctions without contexts, as they're temporarily created in the deoptimizer. BUG=v8:6084 R=dcheng@chromium.org,bmeurer@chromium.org,verwaest@chromium.org Change-Id: I084f052533c317f2cbfb9c35e1acf40263c6257b Reviewed-on: https://chromium-review.googlesource.com/454636 Commit-Queue: Jochen Eisinger <jochen@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#43834}
-
- 24 Feb, 2017 1 commit
-
-
dcheng authored
Marking it as callable makes typeof return 'function' instead of 'object' when invoked on a remote context or object. BUG=chromium:527190 Review-Url: https://codereview.chromium.org/2715593002 Cr-Commit-Position: refs/heads/master@{#43416}
-
- 22 Feb, 2017 1 commit
-
-
dcheng authored
v8 allows the embedder to specify a global template to use when creating a new context. However, v8 does not use the supplied template directly when creating the global proxy: it creates a unique template for each global proxy. However, this is problematic for remote contexts: functions cannot use strict receiver checks with the remote context, as the global template will never match the global proxy. To fix this, remote contexts now also include a remote global object in the prototype chain that is instantiated with the global template. This mirrors the way the global proxy is configured for a full v8 context, and allows strict receiver checks to work. BUG=527190 Review-Url: https://codereview.chromium.org/2677653002 Cr-Commit-Position: refs/heads/master@{#43361}
-
- 20 Feb, 2017 1 commit
-
-
dcheng authored
BUG=693695 Review-Url: https://codereview.chromium.org/2702123002 Cr-Commit-Position: refs/heads/master@{#43309}
-