Skip to content

V
V8
Switch branch/tag
  1. 29 Nov, 2017 2 commits
    • Michael Starzinger's avatar
      [debug] Fix debug-evaluate for de-materialized function. · 27fd921a
      Michael Starzinger authored 
      This fixes debug-evaluate in the presence of a de-materialized function
object. The creation of an arguments object is now requested based on a
given frame (potentially inlined) instead of a target function. It makes
sure that multiple calls to {StandardFrame::Summarize} don't cause any
confusion when they give back non-identical function objects.

R=jgruber@chromium.org
TEST=debugger/debug/debug-evaluate-arguments
BUG=chromium:788647

Change-Id: I575bb6cb20b4657dc09019e631b5d6e36c1b5189
Reviewed-on: https://chromium-review.googlesource.com/796474Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49721}
      27fd921a
    • Georg Neis's avatar
      No longer desugar the exponentiation (**) operator. · b97567a9
      Georg Neis authored 
      Prior to this change, the exponentiation operator was rewritten by the
parser to a call of the Math.pow builtin. However, Math.pow does not
accept BigInt arguments, while the exponentiation operator must accept
them.

This CL
- removes the parser's special treatment of ** and **=, treating them
  like any other binary op instead.
- adds a TFC builtin Exponentiate that does the right thing for
  all inputs.
- adds interpreter bytecodes Exp and ExpSmi whose handlers call the
  Exponentiate builtin. For simplicity, they currently always collect
  kAny feedback.
- adds a Turbofan operator JSExponentiate with a typed-lowering to
  the existing NumberPow and a generic-lowering to the Exponentiate
  builtin. There is currently no speculative lowering.

Note that exponentiation for BigInts is actually not implemented yet,
so we can't yet test it.

Bug: v8:6791
Change-Id: Id90914c9c3fce310ce01e715c09eaa9f294f4f8a
Reviewed-on: https://chromium-review.googlesource.com/785694Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Reviewed-by: 's avatarSathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarMythri Alle <mythria@chromium.org>
Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49696}
      b97567a9
  3. 22 Nov, 2017 3 commits
    • Alexey Kozyatinskiy's avatar
      Reland [inspector] introduced stackTraceId and externalAsyncTask API · 885a5669
      Alexey Kozyatinskiy authored 
      Sometimes we need to capture stack trace on one debugger and use it
later as a parent stack on another debugger (e.g. worker.postMessage).

This CL includes following addition to our protocol and v8-inspector.h:
  - added Runtime.StackTraceId, this id represents stack trace captured
    on debugger with given id,
  - protocol client can fetch Runtime.StackTrace by
    Runtime.StacKTraceId using Debugger.getStackTrace method,
  - externalParent field is added to Debugger.paused event, it may
    contain external parent stack trace,
  - V8Inspector::storeCurrentStackTrace captures current stack trace
    and returns V8StackTraceId for embedder this id can be used as
    argument for V8Inspector::externalAsyncTaskStarted and
    V8Inspector::externalAsyncTaskFinished method. Any async stack
    trace captured between these calls will get passed external stack
    trace as external parent. These methods are designed to be called
    on different debuggers. If async task is scheduled and started on
    one debugger user should continue to use asyncTask* API,
  - Debugger.enable methods returns unique debuggerId.

TBR=dgozman@chromium.org,jgruber@chromium.org

Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I2c1a2b2e30ed69ccb61d10f08686f4edb09f50e4
Reviewed-on: https://chromium-review.googlesource.com/786274
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: 's avatarAleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49591}
      885a5669
    • Clemens Hammacher's avatar
      Revert "[inspector] introduced stackTraceId and externalAsyncTask API" · 4379533c
      Clemens Hammacher authored 
      This reverts commit 3a41b697.

Reason for revert: Break msvc: https://build.chromium.org/p/client.v8/builders/V8%20Win64%20-%20msvc/builds/250

Original change's description:
> [inspector] introduced stackTraceId and externalAsyncTask API
> 
> Sometimes we need to capture stack trace on one debugger and use it
> later as a parent stack on another debugger (e.g. worker.postMessage).
> 
> This CL includes following addition to our protocol and v8-inspector.h:
>   - added Runtime.StackTraceId, this id represents stack trace captured
>     on debugger with given id,
>   - protocol client can fetch Runtime.StackTrace by
>     Runtime.StacKTraceId using Debugger.getStackTrace method,
>   - externalParent field is added to Debugger.paused event, it may
>     contain external parent stack trace,
>   - V8Inspector::storeCurrentStackTrace captures current stack trace
>     and returns V8StackTraceId for embedder this id can be used as
>     argument for V8Inspector::externalAsyncTaskStarted and
>     V8Inspector::externalAsyncTaskFinished method. Any async stack
>     trace captured between these calls will get passed external stack
>     trace as external parent. These methods are designed to be called
>     on different debuggers. If async task is scheduled and started on
>     one debugger user should continue to use asyncTask* API,
>   - Debugger.enable methods returns unique debuggerId.
> 
> Bug: chromium:778796
> Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
> Change-Id: I16aba0d04bfcea90f3e187e635a0588c92354539
> Reviewed-on: https://chromium-review.googlesource.com/754183
> Reviewed-by: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49582}

TBR=dgozman@chromium.org,pfeldman@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org,jgruber@chromium.org

Change-Id: I9b52354fa0841e5148596cf594317f2e5fe508ea
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/786152Reviewed-by: 's avatarClemens Hammacher <clemensh@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49584}
      4379533c
    • Alexey Kozyatinskiy's avatar
      [inspector] introduced stackTraceId and externalAsyncTask API · 3a41b697
      Alexey Kozyatinskiy authored 
      Sometimes we need to capture stack trace on one debugger and use it
later as a parent stack on another debugger (e.g. worker.postMessage).

This CL includes following addition to our protocol and v8-inspector.h:
  - added Runtime.StackTraceId, this id represents stack trace captured
    on debugger with given id,
  - protocol client can fetch Runtime.StackTrace by
    Runtime.StacKTraceId using Debugger.getStackTrace method,
  - externalParent field is added to Debugger.paused event, it may
    contain external parent stack trace,
  - V8Inspector::storeCurrentStackTrace captures current stack trace
    and returns V8StackTraceId for embedder this id can be used as
    argument for V8Inspector::externalAsyncTaskStarted and
    V8Inspector::externalAsyncTaskFinished method. Any async stack
    trace captured between these calls will get passed external stack
    trace as external parent. These methods are designed to be called
    on different debuggers. If async task is scheduled and started on
    one debugger user should continue to use asyncTask* API,
  - Debugger.enable methods returns unique debuggerId.

Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I16aba0d04bfcea90f3e187e635a0588c92354539
Reviewed-on: https://chromium-review.googlesource.com/754183Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarDmitry Gozman <dgozman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49582}
      3a41b697
  5. 21 Nov, 2017 2 commits
    • Alexey Kozyatinskiy's avatar
      [inspector] reworked async instrumentation for promises · ed9b2072
      Alexey Kozyatinskiy authored 
      Old instrumentation was designed to collect promise creation stack and
promise scheduled stack together. In DevTools for last 6 months we
show only creation stack for promises. We got strong support from users
for new model. Now we can drop support for scheduled stacks and
simplify implementation.

New promise instrumentation is straightforward:
- we send kDebugPromiseThen when promise is created by .then call,
- we send kDebugPromiseCatch when promise is created by .catch call,
- we send kDebugWillHandle before chained callback and kDebugDidHandle
  after chained callback,
- and we send separate kDebugAsyncFunctionPromiseCreated for internal
  promise inside async await function.

Advantages:
- we reduce amount of captured stacks (we do not capture stack for
  promise that constructed not by .then or .catch),
- we can consider async task related to .then and .catch as one shot
  since chained callback is executed once,
- on V8 side we can implement required instrumentation using only
  promise hooks,

Disadvantage:
- see await-promise test, sometimes scheduled stack was useful since we
  add catch handler in native code,

Implementation details:
- on kInit promise hook we need to figure out why promise was created.
  We analyze builtin functions until first user defined function on
  current stack. If there is kAsyncFunctionPromiseCreate function then
  we send kDebugAsyncFunctionPromiseCreated event. If there is
  kPromiseThen or kPromiseCatch then only if this function is bottom
  builtin function we send corresponded event to inspector. We need it
  because Promise.all internally calls .then and in this case we have
  Promise.all and Promise.then on stack at the same time and we do not
  need to report this internally created promise to inspector.

Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I53f47ce8c5c4a9897655c3396c249ea59529ae47
Reviewed-on: https://chromium-review.googlesource.com/765208
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: 's avatarSathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Reviewed-by: 's avatarDmitry Gozman <dgozman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49553}
      ed9b2072
    • Clemens Hammacher's avatar
      Decouple SourcePositionTableBuilder from Zone · d43c6e59
      Clemens Hammacher authored 
      Currently the SourcePositionTableBuilder requires a Zone because it
holds a ZoneVector<byte> of the encoded entries. Since ZoneVector is a
suboptimal data structure anyway, and for Liftoff we don't even have a
Zone allocated currently, this CL replaces the ZoneVector by
std::vector.

R=mstarzinger@chromium.org

Bug: v8:6600
Change-Id: I8010143e917e2351664e2b53746753b597f4407a
Reviewed-on: https://chromium-review.googlesource.com/779181Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Commit-Queue: Clemens Hammacher <clemensh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49534}
      d43c6e59
  7. 20 Nov, 2017 1 commit
  9. 17 Nov, 2017 1 commit
  11. 15 Nov, 2017 1 commit
  13. 13 Nov, 2017 1 commit
  15. 10 Nov, 2017 1 commit
  17. 09 Nov, 2017 1 commit
  19. 07 Nov, 2017 1 commit
  21. 06 Nov, 2017 2 commits
    • Alexey Kozyatinskiy's avatar
      [inspector] do not call native accessor in Rumtime.getProperties · ea04c667
      Alexey Kozyatinskiy authored 
      In current implementation Object.getOwnPropertyDescriptor calls native
getter. It can produce side effects. We can avoid calling it.
DevTools frontend will show clickable dots and on click returns value.
This CL does not affect Blink and only affect several Node.js
properties, e.g. process.title.

R=yangguo@chromium.org

Bug: v8:6945
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_chromium_rel_ng
Change-Id: I5764c779ceed4d50832edf68b2b4c6ee2c2dd65c
Reviewed-on: https://chromium-review.googlesource.com/754223
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: 's avatarYang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49152}
      ea04c667
    • Alexey Kozyatinskiy's avatar
      [inspector] added new way to step into async task · 079c0fd8
      Alexey Kozyatinskiy authored 
      It is preparation step for step-into-worker. There are few changes:
- added breakOnAsyncCall flag for Debugger.stepInto. When flag is set
  and async task is scheduled before step-into finished, we pause
  execution with additional Debugger.paused event. This event contains
  additional scheduledAsyncTaskId field.
- added Debugger.pauseOnAsyncTask. This method will pause execution as
  soon as given async task is started.

This mechanism is replacement for Debugger.scheduleStepIntoAsync which
can not be used between multiple targets.

As result we can split async task scheduling in one target and
requesting break for this async task running in another target.

R=pfeldman@chromium.org

Bug: chromium:778796
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I77be0c880d91253d333c54a23a4c084e7b8549e9
Reviewed-on: https://chromium-review.googlesource.com/750071Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarPavel Feldman <pfeldman@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49127}
      079c0fd8
  23. 04 Nov, 2017 1 commit
  25. 31 Oct, 2017 1 commit
    • Mythri's avatar
      [TurboFan] Remove a check on nesting levels inlining heuristics · 5b38c7fc
      Mythri authored 
      We have a check on maximum number of levels that can be inlined. This
in some cases causes performance cliffs, when we cannot inline a small
function because it has exceeded the number of levels. This cl removes
that check. The intuition is that, having gone down several levels in
a particular line stopping inlining that chain and exploring a new
call site may not be beneficial. This cl also introduces a absolute
limit on the number of nodes that can be inlined (including the small
functions).

Bug: v8:6871, chromium:779509
Change-Id: Id29639ff2fd85b84d8746da3fb78a82d4e9852e8
Reviewed-on: https://chromium-review.googlesource.com/743727Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49050}
      5b38c7fc
  27. 30 Oct, 2017 1 commit
    • Michael Stanton's avatar
      Revert "[TurboFan] Remove maximum inlining levels check from inlining heuristics" · f585415a
      Michael Stanton authored 
      This reverts commit ecd3a2ea.

Reason for revert: Bug 779509, a crash with chrome.

Original change's description:
> [TurboFan] Remove maximum inlining levels check from inlining heuristics
> 
> We have a check on maximum number of levels that can be inlined. This
> in some cases causes performance cliffs, when we cannot inline a small
> function because it has exceeded the number of levels. This cl removes
> that check. The intuition is that, having gone down several levels in
> a particular line stopping inlining that chain and exploring a new
> call site may not be beneficial.
> 
> Bug: v8:6871
> Change-Id: I120056db38e78ce48dff010b6cf994259238582a
> Reviewed-on: https://chromium-review.googlesource.com/741705
> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49009}

TBR=mythria@chromium.org,bmeurer@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: v8:6871
Change-Id: I4766f911cb326c224af110be5c0dd7a44362a880
Reviewed-on: https://chromium-review.googlesource.com/743785Reviewed-by: 's avatarMichael Stanton <mvstanton@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49037}
      f585415a
  29. 28 Oct, 2017 1 commit
  31. 27 Oct, 2017 1 commit
  33. 25 Oct, 2017 1 commit
  35. 24 Oct, 2017 1 commit
    • Daniel Clifford's avatar
      Reimplement Array.prototype.slice in CSA and C++ · 6452b26a
      Daniel Clifford authored 
      Previously, V8's slice was implemented in a combination of C++ and a 
Javascript fallback. The disadvantage of this approach was that the
fast-path required a call through the CEntryStub, which introduced
considerable overhead for small arrays with fast elements kinds.

Now the implementation primarily uses the CSA to generate both the
full spec-complaint implementation as well as fast paths for argument
objects and arrays with fast elements kinds. The CSA implementation
uses a C++ implementation fallback in select situations where the the
complexity of a CSA implementation would be too great and the
CEntryStub overhead is not decisive (e.g. slices of dictionary
elements arrays).

Performance results on semi-random arrays with small number of
elements (old vs. new):

smi copy: 48.7 ms vs. 12 ms
smi slice: 43.5 ms 14.8 ms
object copy: 35.5 ms 7.7 ms
object slice: 38.7 ms 8.8 ms
dictionary slice: 2398.3 ms vs. 5.4 ms
fast sloppy arguments slice: 9.6 ms vs. 7.2 ms
slow sloppy arguments slice: 28.9 ms vs. 8.5 ms

As a bonus, the new implementation is fully spec-compliant and fixes
at least one existing bug.

The design document for Array.prototype builtin rework can be found
at https://goo.gl/wFHe2n

Bug: v8:1956,v8:6601,v8:6710,v8:6978
Change-Id: Ia0155bedcf39b4577605ff754f416c2af938efb7
Reviewed-on: https://chromium-review.googlesource.com/574710
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48853}
      6452b26a
  37. 23 Oct, 2017 1 commit
    • Alexey Kozyatinskiy's avatar
      [inspector] improve this value for arrow function in scopes · a11b0d96
      Alexey Kozyatinskiy authored 
      Currently we incorrectly show global object as arrow function receiver.
With this CL:
- if this is used inside of function we show correct this value,
- if this is unused and V8 optimizes it out - we show undefined.

Second is known issue which we should address separately.

R=dgozman@chromium.org,yangguo@chromium.org

Bug: chromium:552753
Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Iac88a07fe622eb9b2f8af7ecbc4a32a56c8cdfaa
Reviewed-on: https://chromium-review.googlesource.com/723840
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48839}
      a11b0d96
  39. 22 Oct, 2017 1 commit
  41. 21 Oct, 2017 1 commit
  43. 20 Oct, 2017 2 commits
  45. 19 Oct, 2017 1 commit
  47. 18 Oct, 2017 1 commit
  49. 17 Oct, 2017 3 commits
  51. 16 Oct, 2017 3 commits
  53. 14 Oct, 2017 1 commit
  55. 13 Oct, 2017 3 commits