Skip to content

V
V8
Switch branch/tag
  1. 25 Jan, 2017 8 commits
    • jgruber's avatar
      [heap] Handle edge case in NewSpaceAllocationCounter test · 4ec37280
      jgruber authored 
      This test checks that counters accurately reflect the allocated size.
There's an edge case that can occur when, previously to the allocation,
the page does not have enough space left to allocate the requested
object - then we move on to a fresh page, fill the remaining space of
the old page with a filler object, and allocate the requested object on
the new page.

The counters will show the size of the filler object plus the requested
object size, while the test expects only the requested size.

This CL fixes that case by performing two GCs to clear out new space.

BUG=

Review-Url: https://codereview.chromium.org/2652933002
Cr-Commit-Position: refs/heads/master@{#42646}
      4ec37280
    • jgruber's avatar
      [cleanup] Refactor builtins-generator.cc to use TF_BUILTIN macro · 39b85875
      jgruber authored 
      BUG=

Review-Url: https://codereview.chromium.org/2653693003
Cr-Commit-Position: refs/heads/master@{#42645}
      39b85875
    • kozyatinskiy's avatar
      [inspector] change target promise for kDebugWillHandle & kDebugDidHandle · cb545a8c
      kozyatinskiy authored 
      - kDebugPromiseCreated(task, parent_task)
This event occurs when promise is created (PromiseHookType::Init). V8Debugger uses this event to maintain task -> parent task map.

- kDebugEnqueueAsyncFunction(task)
This event occurs when first internal promise for async function is created. V8Debugger collects stack trace at this point.

- kDebugEnqueuePromiseResolve(task),
This event occurs when Promise fulfills with resolved status. V8Debugger collects stack trace at this point.

- kDebugEnqueuePromiseReject(task),
This event occurs when Promise fulfills with rejected status. V8Debugger collects stack trace at this point.

- kDebugPromiseCollected,
This event occurs when Promise is collected and no other chained callbacks can be added. V8Debugger removes information about async task for this promise.

- kDebugWillHandle,
This event occurs when chained promise function (either resolve or reject handler) is called. V8Debugger installs parent promise's stack (based on task -> parent_task map) as current if available or current promise's scheduled stack otherwise.

- kDebugDidHandle,
This event occurs after chained promise function has finished. V8Debugger restores asynchronous call chain to previous one.

With this change all instrumentation calls are related to current promise (before WillHandle and DidHandle were related to next async task).

Before V8Debugger supported only the following:
- asyncTaskScheduled(task1)
- asyncTaskStarted(task1)
- asyncTaskFinished(task1)

Now V8Debugger supports the following:
- asyncTaskScheduled(parent_task)
..
- asyncTaskCreated(task, parent_task),
- asyncTaskStarted(task), uses parent_task scheduled stack
- asyncTaskScheduled(task)
- asyncTaskFinished(task)

Additionally: WillHandle and DidHandle were migrated to PromiseHook API.

More details: https://docs.google.com/document/d/1u19N45f1gSF7M39mGsycJEK3IPyJgIXCBnWyiPeuJFE

BUG=v8:5738
R=dgozman@chromium.org,gsathya@chromium.org,yangguo@chromium.org

Review-Url: https://codereview.chromium.org/2650803003
Cr-Commit-Position: refs/heads/master@{#42644}
      cb545a8c
    • bmeurer's avatar
      [turbofan] Maintain the invariant to never inline cross native context. · 9a8e269a
      bmeurer authored 
      In the JSCallReducer we'd inline certain builtins like the Array
constructor or Function builtins across native contexts, which at
this point should be mostly safe, but might lead to cross context
leaks in the future (as it's not obvious that the JSCallReducer)
doesn't maintain this invariant. So better safe than sorry.

R=yangguo@chromium.org
BUG=v8:5267

Review-Url: https://codereview.chromium.org/2651133002
Cr-Commit-Position: refs/heads/master@{#42643}
      9a8e269a
    • zhengxing.li's avatar
      X87: [Turbofan] Implement call with spread bytecode in assembly code. · bc1117ac
      zhengxing.li authored 
        port f9367847 (r42632)

  original commit message:
  We can share almost all of the architecture-specific builtin code with super-call-with-spread.

  Info to port-writers: The code in CheckSpreadAndPushToStack has changed slightly from what was in Generate_ConstructWithSpread,
  in that we take the length of the spreaded parameters from the JSArray rather than the FixedArray backing store.

BUG=

Review-Url: https://codereview.chromium.org/2652153002
Cr-Commit-Position: refs/heads/master@{#42642}
      bc1117ac
    • zhengxing.li's avatar
      X87: [TypeFeedbackVector] DeclareGlobals needs a literals array. · f223d4f5
      zhengxing.li authored 
        port d287c819 (r42620)

  original commit message:
  [RELAND with one change: until literal arrays are rooted in the outer
  feedback vector (coming in the next days), the runtime-scope.cc change
  is held off.]

  When a function is declared in global scope, the closure is created
  by the DeclareGlobals runtime service. It needs a pointer to the
  literals array, already allocated in the feedback vector. This
  fixes a bug where it's behavior wasn't in sync with CreateClosure,
  which accepts the literals from the vector.

  This enables a follow-on performance improvement in the CompileLazy
  builtin.

BUG=

Review-Url: https://codereview.chromium.org/2653893002
Cr-Commit-Position: refs/heads/master@{#42641}
      f223d4f5
    • cbruni's avatar
      [runtime] Fix Array.prototype.concat with complex @@species · e5608155
      cbruni authored 
      Array.prototype.concat does not properly handle JSProxy species that will
modify the currently visited array.

BUG=682194

Review-Url: https://codereview.chromium.org/2655623004
Cr-Commit-Position: refs/heads/master@{#42640}
      e5608155
    • brettw's avatar
      Conditionally convert V8 build overrides to declare_args. · 98dbcfde
      brettw authored 
      We're converting the build_overrides system to the new default_args list of
overrides that can be listed in the toplevel .gn file. This will allow args to
be set on a per-repo basis.

This change conditionally adds the variables currently defined in
build_overrides/v8.gni to build args. This allows V8's build to be used in both
the new and old systems. Once all Chrome and pdfium have been updated, v8's
build overrides and the conditional checks around the new args can be removed.

BUG=684096

Review-Url: https://codereview.chromium.org/2654663003
Cr-Commit-Position: refs/heads/master@{#42639}
      98dbcfde
  3. 24 Jan, 2017 26 commits
  5. 23 Jan, 2017 6 commits