- 12 Oct, 2016 28 commits
-
-
hpayer authored
The race can happen if: 1) Fixed array A is right before object B in new space 2) A slot in object C located in old space points to object B (old to new remembered set entry is created) 3) Object C becomes unreachable which held the only reference to object B which also becomes unreachable 4) Fixed array A gets right trimmed 5) The sweeper will sweep the last word of object A and object B. It will write the free space map into the last word of object A and a size field in the first word of object B. 6) Pointer updating may observe the size field now because the recored slot points to the start of object B and will confuse it with a forwarding pointer. Note a similar race may happen with left trimming. Array A points to its backing store, the backing store gets left trimmed by 1 element, and array A dies. BUG= Review-Url: https://codereview.chromium.org/2416563002 Cr-Commit-Position: refs/heads/master@{#40218}
-
verwaest authored
This should restore the codeload regression when FLAG_lazy_inner_functions is turned off BUG=v8:5501 Review-Url: https://codereview.chromium.org/2412483005 Cr-Commit-Position: refs/heads/master@{#40217}
-
ishell authored
[stubs] Drop StoreICStub and StoreICTrampolineStub (the non-TurboFan implementations of StoreIC dispatchers). Because of the planned improvements of IC system it does not make sense to keep the old platform version of the stub around. Review-Url: https://codereview.chromium.org/2413653003 Cr-Commit-Position: refs/heads/master@{#40216}
-
verwaest authored
If we're parsing a script or based on a SharedFunctionInfo marked as toplevel, we can implicitly set it. Only manually set in the background parsing task where we manually set up ParseInfo. BUG=v8:5501 Review-Url: https://codereview.chromium.org/2405263003 Cr-Commit-Position: refs/heads/master@{#40215}
-
verwaest authored
This is allocating registers in the function for all inner contexts that can be active in that function, so that nested blocks always have O(1) access to all outer contexts. However, currently it's always walking into nested functions, overallocating the number of registers, causing additional register pressure. BUG=v8:5484 Review-Url: https://codereview.chromium.org/2408303003 Cr-Commit-Position: refs/heads/master@{#40214}
-
hpayer authored
This CL also introduces a NoBarrierAtomicValue with NoBarrier accessors. BUG=chromium:648568 Review-Url: https://codereview.chromium.org/2408233004 Cr-Commit-Position: refs/heads/master@{#40213}
-
ishell authored
Review-Url: https://codereview.chromium.org/2412493006 Cr-Commit-Position: refs/heads/master@{#40212}
-
ishell authored
[stubs] Drop LoadICStub and LoadICTrampolineStub (the non-TurboFan implementations of LoadIC dispatchers). Because of the planned improvements of IC system it does not make sense to keep the old platform version of the stub around. Review-Url: https://codereview.chromium.org/2418513002 Cr-Commit-Position: refs/heads/master@{#40211}
-
bmeurer authored
We want to extend the use of this code dependency, so the name does no longer reflect the purpose. R=ishell@chromium.org Review-Url: https://codereview.chromium.org/2410293003 Cr-Commit-Position: refs/heads/master@{#40210}
-
epertoso authored
WordIsSmi, by itself, is not that descriptive, as it just ands a word with the heap object tag. With this change, the MachineGraphVerifier can check that the input to TaggedIsSmi actually has a tagged representation. This CL also introduces a few bitcast operators in the Smi* macros in the CodeStubAssembler. R=bmeurer@chromium.org BUG= Review-Url: https://codereview.chromium.org/2407303002 Cr-Commit-Position: refs/heads/master@{#40209}
-
machenbach authored
BUG=v8:5412 Review-Url: https://codereview.chromium.org/2409133002 Cr-Commit-Position: refs/heads/master@{#40208}
-
georgia.kouveli authored
The only way to get a minus zero result from subtraction is (-0) - (+0) = -0, hence checking for minus zero on the RHS is redundant. This is causing some unnecessary deoptimisations in Box2D from Octane on 32-bit platforms. BUG= Review-Url: https://codereview.chromium.org/2410883003 Cr-Commit-Position: refs/heads/master@{#40207}
-
bmeurer authored
This is the next step to unify the Call/Construct feedback collection and prepare it to be able to collect SharedFunctionInfo feedback. This also reduces the CallICStub overhead quite a bit since we only need one stub per mode (and tail call mode), not also one per call arity. R=mvstanton@chromium.org BUG=v8:2206 NOTRY=true Review-Url: https://codereview.chromium.org/2412453005 Cr-Commit-Position: refs/heads/master@{#40206}
-
clemensh authored
For the asm.js to WASM pipeline, the current stack traces only show low-level WASM information. This CL maps this back to asm.js source positions. It does so by attaching the asm.js source Script to the compiled WASM module, and emitting a delta-encoded table which maps from WASM byte offsets to positions within that Script. As asm.js code does not throw exceptions, we only store a mapping for call instructions. The new AsmJsWasmStackFrame implementation inherits from WasmStackFrame, but contains the logic to provide the source script and the position inside of it. What is still missing is the JSFunction object returned by CallSite.getFunction(). We currently return null. R=jgruber@chromium.org, titzer@chromium.org BUG=v8:4203 Review-Url: https://codereview.chromium.org/2404253002 Cr-Commit-Position: refs/heads/master@{#40205}
-
clemensh authored
If passing <nullptr, 0> to the decoder and trying to decode something, it correctly detects the error and sets an error message, but still returns true on ok(), and returns a valid result. I triggered this error by passing a null Vector, returned by FindSection(), to the decoder. R=titzer@chromium.org Review-Url: https://codereview.chromium.org/2410913002 Cr-Commit-Position: refs/heads/master@{#40204}
-
machenbach authored
Revert of [CQ] Remove experimental bot temporarily. (patchset #1 id:1 of https://codereview.chromium.org/2411283002/ ) Reason for revert: Root cause fixed. Original issue's description: > [CQ] Remove experimental bot temporarily. > > BUG=chromium:655033,v8:5502 > NOTRY=true > NOPRESUBMIT=true > TBR=tandrii@chromium.org > > Committed: https://crrev.com/f994fcb10ed9ebc09a3544221db8d2fc121c6e98 > Cr-Commit-Position: refs/heads/master@{#40193} TBR=tandrii@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:655033,v8:5502 Review-Url: https://codereview.chromium.org/2412073002 Cr-Commit-Position: refs/heads/master@{#40203}
-
ishell authored
BUG=chromium:645438 Review-Url: https://codereview.chromium.org/2412853002 Cr-Commit-Position: refs/heads/master@{#40202}
-
bmeurer authored
We accidently dropped the effect on the floor that we have for the polymorphic map check in case of array elements access. BUG=chromium:655004 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2411273002 Cr-Commit-Position: refs/heads/master@{#40201}
-
machenbach authored
Revert of [inspector] fix timestamp formatting with non C locales (patchset #7 id:120001 of https://codereview.chromium.org/2410933002/ ) Reason for revert: Breaks layout tests: https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/10548 See also: https://github.com/v8/v8/wiki/Blink-layout-tests Original issue's description: > [inspector] fix timestamp formatting with non C locales > > If current locale has "," as decimal separator then message for consoleAPICalled will be corrupted. > > BUG=chromium:653424 > R=dgozman@chromium.org > > Committed: https://crrev.com/dde5ef75cbac1eb7e2dae59b246e4a0d0ba6a0f4 > Cr-Commit-Position: refs/heads/master@{#40190} TBR=dgozman@chromium.org,kozyatinskiy@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:653424 Review-Url: https://codereview.chromium.org/2419453002 Cr-Commit-Position: refs/heads/master@{#40200}
-
zhengxing.li authored
port 001926cd (r40163) original commit message: In fullcodegen we used to count CallICs as patching ICs, and thus the heuristics are currently off by the number of calls in a code object. BUG= Review-Url: https://codereview.chromium.org/2406373004 Cr-Commit-Position: refs/heads/master@{#40199}
-
jgruber authored
Our minifier (tools/jsmin.py) shortens variable names it comes across. It generally tries to avoid name conflicts caused by renamed variables, but cannot handle lambda function syntax. This is what happens here. Both lambda function parameters 'x' and 'y' are not recognized as identifiers by the minifier and it thus potentially causes naming conflicts. BUG=v8:5505 Review-Url: https://codereview.chromium.org/2412533002 Cr-Commit-Position: refs/heads/master@{#40198}
-
zhengxing.li authored
port 9192db20 (r40162) original commit message: Remove the special side channel from the CallICStub to the ArrayConstructorStub and make the CallICStub always use the general entry point. BUG= Review-Url: https://codereview.chromium.org/2410083004 Cr-Commit-Position: refs/heads/master@{#40197}
-
v8-autoroll authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/83eadac..dd41141 Rolling v8/third_party/catapult: https://chromium.googlesource.com/external/github.com/catapult-project/catapul/+log/f1eba76..daccdeb Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clan/+log/36879c7..3d97083 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review-Url: https://codereview.chromium.org/2414603002 Cr-Commit-Position: refs/heads/master@{#40196}
-
adamk authored
Instead of allocating an ArrayBuffer in the test, use a different example from the original bug. R=bmeurer@chromium.org BUG=chromium:644631, v8:5504 Review-Url: https://codereview.chromium.org/2408403002 Cr-Commit-Position: refs/heads/master@{#40195}
-
machenbach authored
BUG=chromium:635948 Review-Url: https://codereview.chromium.org/2393863002 Cr-Commit-Position: refs/heads/master@{#40194}
-
machenbach authored
BUG=chromium:655033,v8:5502 NOTRY=true NOPRESUBMIT=true TBR=tandrii@chromium.org Review-Url: https://codereview.chromium.org/2411283002 Cr-Commit-Position: refs/heads/master@{#40193}
-
bmeurer authored
For ConsString, the left hand side must be either sequential or external if the right hand side is empty. R=jarin@chromium.org BUG=chromium:654723 NOTRY=true Review-Url: https://codereview.chromium.org/2410893003 Cr-Commit-Position: refs/heads/master@{#40192}
-
machenbach authored
The bot currently doesn't work with shared libraries. This temporarily works around the problem to get the bot green. BUG=v8:5412 NOTRY=true TBR=jochen, zhengxing.li, jgruber Review-Url: https://codereview.chromium.org/2405243002 Cr-Commit-Position: refs/heads/master@{#40191}
-
- 11 Oct, 2016 12 commits
-
-
kozyatinskiy authored
If current locale has "," as decimal separator then message for consoleAPICalled will be corrupted. BUG=chromium:653424 R=dgozman@chromium.org Review-Url: https://codereview.chromium.org/2410933002 Cr-Commit-Position: refs/heads/master@{#40190}
-
adamk authored
The ES spec has been updated to include this legacy syntax in Annex B: https://tc39.github.io/ecma262/#sec-initializers-in-forin-statement-heads R=neis@chromium.org BUG=v8:4942 Review-Url: https://codereview.chromium.org/2407863003 Cr-Commit-Position: refs/heads/master@{#40189}
-
adamk authored
R=gsathya@chromium.org Review-Url: https://codereview.chromium.org/2410333002 Cr-Commit-Position: refs/heads/master@{#40188}
-
adamk authored
R=gsathya@chromium.org Review-Url: https://codereview.chromium.org/2407313003 Cr-Commit-Position: refs/heads/master@{#40187}
-
adamk authored
This is a re-land of https://codereview.chromium.org/2393303002/ with an additional call to DisposeModuleEmbedderData() added to fix lsan failures. Unifies the approaches used for storing the specifier -> module mapping and the module -> directory mapping, using std::unordered_maps for both and storing them per-Context. This requires adding a method to the v8::Module API to get a hash code for a Module, but allows slimming down the API in return: gone are SetEmbedderData/GetEmbedderData, along with the fourth argument to ResolveModuleCallback. Besides a simpler API, this allows d8 to get closer to the HTML loader, which requires each Realm to have a persistent module map (though this capability is not yet exercised by any tests). BUG=v8:1569 TBR=neis@chromium.org,jochen@chromium.org Review-Url: https://codereview.chromium.org/2405313002 Cr-Commit-Position: refs/heads/master@{#40186}
-
neis authored
Forgot to do that in 4ff5c2a7. TBR=adamk@chromium.org BUG=v8:1569 NOTRY=true Review-Url: https://codereview.chromium.org/2411013002 Cr-Commit-Position: refs/heads/master@{#40185}
-
neis authored
R=adamk@chromium.org BUG=v8:1569 Review-Url: https://codereview.chromium.org/2404243002 Cr-Commit-Position: refs/heads/master@{#40184}
-
bjaideep authored
Port 9192db20 Original commit message: Remove the special side channel from the CallICStub to the ArrayConstructorStub and make the CallICStub always use the general entry point. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com BUG= LOG=N Review-Url: https://codereview.chromium.org/2410183002 Cr-Commit-Position: refs/heads/master@{#40183}
-
bjaideep authored
Port 001926cd Original commit message: In fullcodegen we used to count CallICs as patching ICs, and thus the heuristics are currently off by the number of calls in a code object. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, mbrandy@us.ibm.com BUG= LOG=N Review-Url: https://codereview.chromium.org/2410203002 Cr-Commit-Position: refs/heads/master@{#40182}
-
neis authored
R=adamk@chromium.org BUG=v8:1569 Review-Url: https://codereview.chromium.org/2410003002 Cr-Commit-Position: refs/heads/master@{#40181}
-
neis authored
Install it as DataConstantDescriptor, not AccessorConstantDescriptor. R=adamk@chromium.org BUG=v8:1569 Review-Url: https://codereview.chromium.org/2410823002 Cr-Commit-Position: refs/heads/master@{#40180}
-
ulan authored
BUG=chromium:652721 Review-Url: https://codereview.chromium.org/2408093003 Cr-Commit-Position: refs/heads/master@{#40179}
-