1. 12 Apr, 2016 1 commit
    • hlopko's avatar
      Use EmbedderHeapTracer instead of object grouping when embedder sets the heap tracer. · 6d1f7282
      hlopko authored
      When the embedder sets the heap tracer, V8, during marking, will collect all reachable wrappers, and then ask embedder to trace its heap. The embedder is expected to call PersistentBase::RegisterExternalReference with all wrappers reachable from the given ones. This fixed point iteration happens in MarkCompact::ProcessEphemeralMarking.
      
      For more efficient object visiting during marking, we need a special JS_API_OBJECT_TYPE (in tandem with already existing JS_SPECIAL_API_OBJECT_TYPE) and corresponding visitor (JSApiObjectVisitor).
      
      BUG=chromium:468240
      LOG=no
      
      Review URL: https://codereview.chromium.org/1844413002
      
      Cr-Commit-Position: refs/heads/master@{#35412}
      6d1f7282
  2. 04 Mar, 2016 1 commit
  3. 03 Mar, 2016 1 commit
  4. 02 Mar, 2016 1 commit
    • verwaest's avatar
      Speed up the LookupIterator · 2608ecc7
      verwaest authored
      This introduces a new instance type and reorders the JSObject types so any type requiring special LookupIterator support can be identified with a single range check.
      
      In addition, it restructures the Next for better performance, avoiding unnecessary calls.
      
      BUG=
      
      Review URL: https://codereview.chromium.org/1751043002
      
      Cr-Commit-Position: refs/heads/master@{#34429}
      2608ecc7
  5. 01 Mar, 2016 1 commit
  6. 26 Feb, 2016 3 commits
  7. 25 Feb, 2016 1 commit
  8. 09 Feb, 2016 1 commit
  9. 08 Feb, 2016 3 commits
  10. 06 Feb, 2016 1 commit
    • ishell's avatar
      [api] Make ObjectTemplate::SetNativeDataProperty() work even if the... · da213b6e
      ishell authored
      [api] Make ObjectTemplate::SetNativeDataProperty() work even if the ObjectTemplate does not have a constructor.
      
      Previously ObjectTemplate::New() logic relied on the fact that all the accessor properties are already installed in the initial map of the function object of the constructor FunctionTemplate.
      When the FunctionTemplate were instantiated the accessors of the instance templates from the whole inheritance chain were accumulated and added to the initial map.
      ObjectTemplate::SetSetAccessor() used to explicitly ensure that the ObjectTemplate has a constructor and therefore an initial map to add all accessors to.
      
      The new approach is to add all the accessors and data properties to the object exactly when the ObjectTemplate is instantiated. In order to keep it fast we now cache the object boilerplates in the Isolate::template_instantiations_cache (the former function_cache), so the object creation turns to be a deep copying of the boilerplate object.
      
      BUG=chromium:579009
      LOG=Y
      
      Committed: https://crrev.com/6a118774244d087b5979e9291d628a994f21d59d
      Cr-Commit-Position: refs/heads/master@{#33674}
      
      Review URL: https://codereview.chromium.org/1642223003
      
      Cr-Commit-Position: refs/heads/master@{#33798}
      da213b6e
  11. 03 Feb, 2016 1 commit
    • hablich's avatar
      Revert of [api] Make ObjectTemplate::SetNativeDataProperty() work even if the... · db47a31f
      hablich authored
      Revert of [api] Make ObjectTemplate::SetNativeDataProperty() work even if the ObjectTemplate does not have a … (patchset #3 id:80001 of https://codereview.chromium.org/1642223003/ )
      
      Reason for revert:
      Fails a lot of layout tests and blocks the roll. Can be easily reproduced with a local Chromium checkout.
      
      Reference: https://codereview.chromium.org/1652413003/
      
      Original issue's description:
      > [api] Make ObjectTemplate::SetNativeDataProperty() work even if the ObjectTemplate does not have a constructor.
      >
      > Previously ObjectTemplate::New() logic relied on the fact that all the accessor properties are already installed in the initial map of the function object of the constructor FunctionTemplate.
      > When the FunctionTemplate were instantiated the accessors of the instance templates from the whole inheritance chain were accumulated and added to the initial map.
      > ObjectTemplate::SetSetAccessor() used to explicitly ensure that the ObjectTemplate has a constructor and therefore an initial map to add all accessors to.
      >
      > The new approach is to add all the accessors and data properties to the object exactly when the ObjectTemplate is instantiated. In order to keep it fast we now cache the object boilerplates in the Isolate::template_instantiations_cache (the former function_cache), so the object creation turns to be a deep copying of the boilerplate object.
      >
      > This CL also prohibits non-primitive properties in ObjectTemplate to avoid potential cross-context leaks.
      >
      > BUG=chromium:579009
      > LOG=Y
      >
      > Committed: https://crrev.com/6a118774244d087b5979e9291d628a994f21d59d
      > Cr-Commit-Position: refs/heads/master@{#33674}
      
      TBR=verwaest@chromium.org,ishell@chromium.org
      # Skipping CQ checks because original CL landed less than 1 days ago.
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG=chromium:579009
      
      Review URL: https://codereview.chromium.org/1660263003
      
      Cr-Commit-Position: refs/heads/master@{#33698}
      db47a31f
  12. 02 Feb, 2016 1 commit
    • ishell's avatar
      [api] Make ObjectTemplate::SetNativeDataProperty() work even if the... · 6a118774
      ishell authored
      [api] Make ObjectTemplate::SetNativeDataProperty() work even if the ObjectTemplate does not have a constructor.
      
      Previously ObjectTemplate::New() logic relied on the fact that all the accessor properties are already installed in the initial map of the function object of the constructor FunctionTemplate.
      When the FunctionTemplate were instantiated the accessors of the instance templates from the whole inheritance chain were accumulated and added to the initial map.
      ObjectTemplate::SetSetAccessor() used to explicitly ensure that the ObjectTemplate has a constructor and therefore an initial map to add all accessors to.
      
      The new approach is to add all the accessors and data properties to the object exactly when the ObjectTemplate is instantiated. In order to keep it fast we now cache the object boilerplates in the Isolate::template_instantiations_cache (the former function_cache), so the object creation turns to be a deep copying of the boilerplate object.
      
      This CL also prohibits non-primitive properties in ObjectTemplate to avoid potential cross-context leaks.
      
      BUG=chromium:579009
      LOG=Y
      
      Review URL: https://codereview.chromium.org/1642223003
      
      Cr-Commit-Position: refs/heads/master@{#33674}
      6a118774
  13. 27 Jan, 2016 1 commit
  14. 18 Jan, 2016 1 commit
  15. 27 Dec, 2015 2 commits
    • bmeurer's avatar
      [runtime] Introduce dedicated JSBoundFunction to represent bound functions. · 97def807
      bmeurer authored
      According to the ES2015 specification, bound functions are exotic
      objects, and thus don't need to be implemented as JSFunctions. So
      we introduce a new JSBoundFunction type to represent bound functions
      and make them optimizable. This already improves the performance of
      calling or constructing bound functions by 10-100x depending on the
      use case because we avoid the crazy dance between JavaScript and C++
      that was implemented in v8natives.js previously.
      
      There's still room for improvement in the performance of actually
      creating bound functions, which is also relevant in practice, but
      we already have a plan how to accomplish that later.
      
      The mips/mips64 ports were contributed by akos.palfi@imgtec.com.
      
      CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
      BUG=chromium:535408, chromium:571299, v8:4629
      LOG=n
      
      Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2
      Cr-Commit-Position: refs/heads/master@{#33042}
      
      Review URL: https://codereview.chromium.org/1542963002
      
      Cr-Commit-Position: refs/heads/master@{#33044}
      97def807
    • bmeurer's avatar
      Revert of [runtime] Introduce dedicated JSBoundFunction to represent bound... · 1cf8b105
      bmeurer authored
      Revert of [runtime] Introduce dedicated JSBoundFunction to represent bound functions. (patchset #14 id:260001 of https://codereview.chromium.org/1542963002/ )
      
      Reason for revert:
      Breaks arm64 sim nosnap: https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20nosnap%20-%20debug/builds/805/steps/Check/logs/function-bind
      
      Original issue's description:
      > [runtime] Introduce dedicated JSBoundFunction to represent bound functions.
      >
      > According to the ES2015 specification, bound functions are exotic
      > objects, and thus don't need to be implemented as JSFunctions. So
      > we introduce a new JSBoundFunction type to represent bound functions
      > and make them optimizable. This already improves the performance of
      > calling or constructing bound functions by 10-100x depending on the
      > use case because we avoid the crazy dance between JavaScript and C++
      > that was implemented in v8natives.js previously.
      >
      > There's still room for improvement in the performance of actually
      > creating bound functions, which is also relevant in practice, but
      > we already have a plan how to accomplish that later.
      >
      > The mips/mips64 ports were contributed by akos.palfi@imgtec.com.
      >
      > CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
      > BUG=chromium:535408, chromium:571299, v8:4629
      > LOG=n
      >
      > Committed: https://crrev.com/ca8623eaa468cba65a5adafcdfb4615966f43ce2
      > Cr-Commit-Position: refs/heads/master@{#33042}
      
      TBR=cbruni@chromium.org,hpayer@chromium.org,yangguo@chromium.org,akos.palfi@imgtec.com
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG=chromium:535408, chromium:571299, v8:4629
      
      Review URL: https://codereview.chromium.org/1552473002
      
      Cr-Commit-Position: refs/heads/master@{#33043}
      1cf8b105
  16. 26 Dec, 2015 1 commit
    • bmeurer's avatar
      [runtime] Introduce dedicated JSBoundFunction to represent bound functions. · ca8623ea
      bmeurer authored
      According to the ES2015 specification, bound functions are exotic
      objects, and thus don't need to be implemented as JSFunctions. So
      we introduce a new JSBoundFunction type to represent bound functions
      and make them optimizable. This already improves the performance of
      calling or constructing bound functions by 10-100x depending on the
      use case because we avoid the crazy dance between JavaScript and C++
      that was implemented in v8natives.js previously.
      
      There's still room for improvement in the performance of actually
      creating bound functions, which is also relevant in practice, but
      we already have a plan how to accomplish that later.
      
      The mips/mips64 ports were contributed by akos.palfi@imgtec.com.
      
      CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
      BUG=chromium:535408, chromium:571299, v8:4629
      LOG=n
      
      Review URL: https://codereview.chromium.org/1542963002
      
      Cr-Commit-Position: refs/heads/master@{#33042}
      ca8623ea
  17. 24 Nov, 2015 2 commits
  18. 10 Nov, 2015 1 commit
  19. 30 Oct, 2015 1 commit
    • neis's avatar
      Refactor Object::SetSuperProperty and others. · 12736611
      neis authored
      This is in preparation of implementing Reflect.set.
      
      Besides making SetSuperProperty and others return Maybe<bool>, this CL
      also fixes some parts of my previous refactoring of SetProperty and
      others: It doesn't make sense to take both a language_mode and a
      should_throw argument.  A strict language_mode should imply
      THROW_ON_ERROR.
      
      R=rossberg, verwaest@chromium.org
      BUG=
      
      Review URL: https://codereview.chromium.org/1431443003
      
      Cr-Commit-Position: refs/heads/master@{#31678}
      12736611
  20. 23 Oct, 2015 1 commit
  21. 22 Oct, 2015 1 commit
  22. 21 Oct, 2015 1 commit
  23. 29 Sep, 2015 1 commit
  24. 24 Sep, 2015 3 commits
    • bmeurer's avatar
      [es6] Introduce spec compliant IsConstructor. · 8fe3ac07
      bmeurer authored
      There was already a bit on the Map named "function with prototype",
      which basically meant that the Map was a map for a JSFunction that could
      be used as a constructor. Now this CL generalizes that bit to
      IsConstructor, which says that whatever (Heap)Object you are looking at
      can be used as a constructor (i.e. the bit is also set for bound
      functions that can be used as constructors and proxies that have a
      [[Construct]] internal method).
      
      This way we have a single chokepoint for IsConstructor checking, which
      allows us to get rid of the various ways in which we tried to guess
      whether something could be used as a constructor or not.
      
      Drive-by-fix: Renamed IsConstructor on FunctionKind to
      IsClassConstructor to resolve the weird name clash, and the
      IsClassConstructor name also matches the spec.
      
      CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg,v8_linux_nosnap_dbg
      R=jarin@chromium.org, rossberg@chromium.org
      BUG=v8:4413, v8:4430
      LOG=n
      
      Committed: https://crrev.com/8de4d9351df4cf66c8a128d561a6e331d196be54
      Cr-Commit-Position: refs/heads/master@{#30900}
      
      Review URL: https://codereview.chromium.org/1358423002
      
      Cr-Commit-Position: refs/heads/master@{#30902}
      8fe3ac07
    • bmeurer's avatar
      Revert of [es6] Introduce spec compliant IsConstructor. (patchset #2 id:20001... · 656ebdce
      bmeurer authored
      Revert of [es6] Introduce spec compliant IsConstructor. (patchset #2 id:20001 of https://codereview.chromium.org/1358423002/ )
      
      Reason for revert:
      Failed on Fuzzer and MIPS bot.
      
      Original issue's description:
      > [es6] Introduce spec compliant IsConstructor.
      >
      > There was already a bit on the Map named "function with prototype",
      > which basically meant that the Map was a map for a JSFunction that could
      > be used as a constructor. Now this CL generalizes that bit to
      > IsConstructor, which says that whatever (Heap)Object you are looking at
      > can be used as a constructor (i.e. the bit is also set for bound
      > functions that can be used as constructors and proxies that have a
      > [[Construct]] internal method).
      >
      > This way we have a single chokepoint for IsConstructor checking, which
      > allows us to get rid of the various ways in which we tried to guess
      > whether something could be used as a constructor or not.
      >
      > Drive-by-fix: Renamed IsConstructor on FunctionKind to
      > IsClassConstructor to resolve the weird name clash, and the
      > IsClassConstructor name also matches the spec.
      >
      > R=jarin@chromium.org, rossberg@chromium.org
      > BUG=v8:4430
      > LOG=n
      >
      > Committed: https://crrev.com/8de4d9351df4cf66c8a128d561a6e331d196be54
      > Cr-Commit-Position: refs/heads/master@{#30900}
      
      TBR=jarin@chromium.org,rossberg@chromium.org
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG=v8:4430
      
      Review URL: https://codereview.chromium.org/1360403002
      
      Cr-Commit-Position: refs/heads/master@{#30901}
      656ebdce
    • bmeurer's avatar
      [es6] Introduce spec compliant IsConstructor. · 8de4d935
      bmeurer authored
      There was already a bit on the Map named "function with prototype",
      which basically meant that the Map was a map for a JSFunction that could
      be used as a constructor. Now this CL generalizes that bit to
      IsConstructor, which says that whatever (Heap)Object you are looking at
      can be used as a constructor (i.e. the bit is also set for bound
      functions that can be used as constructors and proxies that have a
      [[Construct]] internal method).
      
      This way we have a single chokepoint for IsConstructor checking, which
      allows us to get rid of the various ways in which we tried to guess
      whether something could be used as a constructor or not.
      
      Drive-by-fix: Renamed IsConstructor on FunctionKind to
      IsClassConstructor to resolve the weird name clash, and the
      IsClassConstructor name also matches the spec.
      
      R=jarin@chromium.org, rossberg@chromium.org
      BUG=v8:4430
      LOG=n
      
      Review URL: https://codereview.chromium.org/1358423002
      
      Cr-Commit-Position: refs/heads/master@{#30900}
      8de4d935
  25. 03 Sep, 2015 1 commit
    • bmeurer's avatar
      [es6] Initial steps towards a correct implementation of IsCallable. · 8a378f46
      bmeurer authored
      This turns the has_instance_call_handler bit on Map into an is_callable
      bit, that matches the spec definition of IsCallable (i.e. instances have
      [[Call]] internal methods).
      
      Also fix the typeof operator to properly say "function" for everything
      that is callable.
      
      Also remove the (unused) premature %_GetPrototype optimization from
      Crankshaft, which just complicated the Map bit swap.
      
      R=mstarzinger@chromium.org, rossberg@chromium.org, yangguo@chromium.org
      CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
      
      Review URL: https://codereview.chromium.org/1316933002
      
      Cr-Commit-Position: refs/heads/master@{#30552}
      8a378f46
  26. 01 Sep, 2015 1 commit
  27. 10 Jul, 2015 1 commit
  28. 03 Jul, 2015 1 commit
  29. 17 Jun, 2015 2 commits
  30. 12 Jun, 2015 2 commits