- 01 Mar, 2016 32 commits
-
-
oth authored
Fixes a bug in the constant pool padding calculation. BUG=v8:4680 LOG=N Review URL: https://codereview.chromium.org/1749853002 Cr-Commit-Position: refs/heads/master@{#34403}
-
jochen authored
This means we can't cache templates that have object properties. Disable caching for those. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/1753643002 Cr-Commit-Position: refs/heads/master@{#34402}
-
littledan authored
Runtime asserts are were previously a bit annoying to debug, due to the lack of a useful error message, even in debug mode. This patch prints out some more information in debug mode for runtime assert failures while preserving their exception-throwing semantics. While we're at it, it requires a semicolon after RUNTIME_ASSERT macro invocations. ``` $ rlwrap out/Debug/d8 --allow-natives-syntax V8 version 5.1.0 (candidate) d8> %ArrayBufferNeuter(1) # # Runtime error in ../../src/runtime/runtime-typedarray.cc, line 52 # # args[0]->IsJSArrayBuffer() ==== C stack trace =============================== 1: 0xf70ab5 2: 0xadeebf 3: 0xadedd4 4: 0x2ef17630693b (d8):1: illegal access %ArrayBufferNeuter(1) ^ d8> ``` Also give the other 'illegal access' case (a special SyntaxError type) a more descriptive error message for its sole usage. R=adamk Review URL: https://codereview.chromium.org/1748183002 Cr-Commit-Position: refs/heads/master@{#34401}
-
joransiu authored
Initial implementation of S390 specific debug and IC functions. R=danno@chromium.org,jkummerow@chromium.org,jochen@chromium.org,jyan@ca.ibm.com,michael_dawson@ca.ibm.com,mbrandy@us.ibm.com BUG= Review URL: https://codereview.chromium.org/1743263003 Cr-Commit-Position: refs/heads/master@{#34400}
-
caitpotter88 authored
BUG=v8:4663, v8:4725 LOG=N R=littledan@chromium.org, adamk@chromium.org Review URL: https://codereview.chromium.org/1744193002 Cr-Commit-Position: refs/heads/master@{#34399}
-
mstarzinger authored
R=bmeurer@chromium.org BUG=v8:3956 LOG=n Review URL: https://codereview.chromium.org/1731063007 Cr-Commit-Position: refs/heads/master@{#34398}
-
mythria authored
In ia32 PushArgsAndConstruct builtin, we run out of registers and need to temporarily store the data in the stack. In the earlier implementation, a location outside the esp was used. This causes a problem if there is a interrupt/signals which would use the same stack and corrupt the data that is above the esp. This cl fixes it by pushing it onto the stack so that the stack pointer is updated and hence the corruption will not happen. We reuse the slot meant for receiver as a temporary store. TBR=rmcilroy@chromium.org BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1750373002 Cr-Commit-Position: refs/heads/master@{#34397}
-
jkummerow authored
When we try to optimize a function with Crankshaft, but compilation bails out, don't disable optimization for that function entirely, just disable Crankshaft, so TurboFan will be used for the next attempt. Thereby this widens the TurboFan intake valve. Review URL: https://codereview.chromium.org/1751873002 Cr-Commit-Position: refs/heads/master@{#34396}
-
yangguo authored
R=rossberg@chromium.org, ulan@chromium.org, vogelheim@chromium.org Review URL: https://codereview.chromium.org/1751863002 Cr-Commit-Position: refs/heads/master@{#34395}
-
yangguo authored
R=mstarzinger@chromium.org, vogelheim@chromium.org BUG=v8:4690 LOG=N Review URL: https://codereview.chromium.org/1748343003 Cr-Commit-Position: refs/heads/master@{#34394}
-
mythria authored
Adds the translation from optimized frame to bytecode offset in FrameSummary. For interpreter, the bailout id represents the bytecode array offset. So we can directly use the bailout id as the code offset in the FrameSummary. Also updates mjsunit.status with more information about failing tests. BUG=v8:4280, v8:4689 LOG=N Review URL: https://codereview.chromium.org/1740753002 Cr-Commit-Position: refs/heads/master@{#34393}
-
nikolaos authored
The preparser should ignore "use strong" if the --strong_mode flag is not turned on, but this should not stop processing subsequent directives. R=rossberg@chromium.org BUG= LOG=N Review URL: https://codereview.chromium.org/1752753002 Cr-Commit-Position: refs/heads/master@{#34392}
-
bmeurer authored
Similar to fullcodegen, Ignition now also marks a for-in statement as slow (via the TypeFeedbackVector) when we have to call %ForInFilter, i.e. we either have no enumeration cache or the receiver map changes during an iteration of the for-in map. R=mstarzinger@chromium.org BUG=v8:3650 LOG=n Review URL: https://codereview.chromium.org/1755563002 Cr-Commit-Position: refs/heads/master@{#34391}
-
Jochen Eisinger authored
BUG= R=yangguo@chromium.org, machenbach@chromium.org Review URL: https://codereview.chromium.org/1748393002 . Cr-Commit-Position: refs/heads/master@{#34390}
-
yangguo authored
R=rmcilroy@chromium.org BUG=v8:4680 LOG=N Review URL: https://codereview.chromium.org/1750573002 Cr-Commit-Position: refs/heads/master@{#34389}
-
yangguo authored
We used to emit debug break location on block entry. This cannot be ported to the interpreted as we do not emit bytecode for block entry. This made no sense to begin with though, but accidentally added break locations for var declarations. With this change, the debugger no longer breaks at var declarations without initialization. This is in accordance with the fact that the interpreter does not emit bytecode for uninitialized var declarations. Also fix the bytecode to match full-codegen's behavior wrt return positions: - there is a break location before the return statement, with the source position of the return statement. - right before the actual return, there is another break location. The source position points to the end of the function. R=rmcilroy@chromium.org, vogelheim@chromium.org TBR=rossberg@chromium.org BUG=v8:4690 LOG=N Review URL: https://codereview.chromium.org/1744123003 Cr-Commit-Position: refs/heads/master@{#34388}
-
neis authored
We must not use for-of since that could be observed. R=yangguo@chromium.org BUG=v8:4769 LOG=n Review URL: https://codereview.chromium.org/1748633002 Cr-Commit-Position: refs/heads/master@{#34387}
-
neis authored
ArrayIteratorPrototype must not provide Symbol.iterator. R=rossberg BUG= Review URL: https://codereview.chromium.org/1749093002 Cr-Commit-Position: refs/heads/master@{#34386}
-
ssanfilippo authored
Runtime errors will be suppressed in --rebaseline mode, unless the --verbose flag is passed. The reasoning behind (rebaseline && !verbose) and not just (verbose) is to suppress harmless noise while updating the expectation for existing, known good snippets, without hiding actually relevant errors when the tool is used to write new expectation files. In fact, some tests are supposed to produce a runtime error, which might nevertheless alarm a developer who is just --rebaseline'ing. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1742723003 Cr-Commit-Position: refs/heads/master@{#34385}
-
neis authored
The for-of-finalization CL incorrectly removed the input argument from BuildIteratorClose. I'm reverting this, adding a regression test, and fixing an existing test that was wrong. BUG= R=rossberg Review URL: https://codereview.chromium.org/1750543002 Cr-Commit-Position: refs/heads/master@{#34384}
-
neis authored
The code used to [[Get]] the first element twice instead of once, which can be observed (one of the kangax tests does so). R=rossberg BUG= Review URL: https://codereview.chromium.org/1747933002 Cr-Commit-Position: refs/heads/master@{#34383}
-
nikolaos authored
R=rossberg@chromium.org BUG=v8:4783 LOG=N Review URL: https://codereview.chromium.org/1747853002 Cr-Commit-Position: refs/heads/master@{#34382}
-
jochen authored
BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/1748343002 Cr-Commit-Position: refs/heads/master@{#34381}
-
verwaest authored
Revert of [crankshaft] Inline hasOwnProperty when used in fast-case for-in (patchset #1 id:40001 of https://codereview.chromium.org/1742253002/ ) Reason for revert: ARM64 GCStress failure Original issue's description: > [crankshaft] Inline hasOwnProperty when used in fast-case for-in > > e.g., > > for (var k in o) { > if (!o.hasOwnProperty(k)) continue; > ... > } > > without enumerable properties on the prototype chain of o. > > BUG= > > Committed: https://crrev.com/dec80752eb344dfeb85588e61ac0afd22b11aadb > Cr-Commit-Position: refs/heads/master@{#34379} TBR=bmeurer@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/1748143004 Cr-Commit-Position: refs/heads/master@{#34380}
-
verwaest authored
e.g., for (var k in o) { if (!o.hasOwnProperty(k)) continue; ... } without enumerable properties on the prototype chain of o. BUG= Review URL: https://codereview.chromium.org/1742253002 Cr-Commit-Position: refs/heads/master@{#34379}
-
bmeurer authored
Operations on word size data must be word sized, and not word32. Currently this only generates worse code, but in the future, it might even generate wrong code, so we should better get this right from the beginning. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/1748953004 Cr-Commit-Position: refs/heads/master@{#34378}
-
bmeurer authored
The only place in fullcodegen, where we know for sure that a for-in loop entered the slow-path is right before the potential call to %ForInFilter. So there's no point in also updating the mode eagerly during ForInPrepare. R=yangguo@chromium.org BUG=v8:3650 LOG=n Review URL: https://codereview.chromium.org/1749033002 Cr-Commit-Position: refs/heads/master@{#34377}
-
alph authored
BUG=575466 LOG=N Review URL: https://codereview.chromium.org/1740073002 Cr-Commit-Position: refs/heads/master@{#34376}
-
aseemgarg authored
BUG= https://code.google.com/p/v8/issues/detail?id=4203 TEST=mjsunit/asm-wasm R=titzer@chromium.org,bradnelson@chromium.org LOG=N Review URL: https://codereview.chromium.org/1750153002 Cr-Commit-Position: refs/heads/master@{#34375}
-
v8-autoroll authored
Rolling v8/base/trace_event/common to e40c41030f44cbd5b6f54081436620f43c3bb08a Rolling v8/tools/clang to d53e60b4f31f03a6f719b13ed2de7389a4d89be4 TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review URL: https://codereview.chromium.org/1748313002 Cr-Commit-Position: refs/heads/master@{#34374}
-
littledan authored
This patch fixes %TypedArray%.from to follow the ES2016 draft spec more precisely. Specifically, the input is first converted to an ArrayLike, and then afterwards, the mapping function is run and the results written into the TypedArray. This fixes a test262 test. R=adamk LOG=Y BUG=v8:4782 Review URL: https://codereview.chromium.org/1743463004 Cr-Commit-Position: refs/heads/master@{#34373}
-
zhengxing.li authored
port d00da47b(r34335) original commit message: The CompareICStub produces an untagged raw word value, which has to be translated to true or false manually in the TurboFan code. But for lazy bailout after the CompareIC, we immediately go back to fullcodegen or Ignition with the raw value, to a location where both fullcodegen and Ignition expect a boolean value, which might crash or in the worst case (depending on the exact computation inside the CompareIC) could lead to arbitrary memory access. Short-term fix is to use the proper runtime functions (unified with the interpreter now) for comparisons. Next task is to provide optimized versions of these based on the CodeStubAssembler, which can then be used via code stubs in TurboFan or directly in handlers in the interpreter. BUG= Review URL: https://codereview.chromium.org/1744923002 Cr-Commit-Position: refs/heads/master@{#34372}
-
- 29 Feb, 2016 8 commits
-
-
mbrandy authored
Port fb59ea33 Original commit message: Since both null and undefined are also marked as undetectable now, we can just test that bit instead of having the CompareNilIC try to collect feedback to speed up the general case (without the undetectable bit being used). Drive-by-fix: Update the type system to match the new handling of undetectable in the runtime. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= Review URL: https://codereview.chromium.org/1742333002 Cr-Commit-Position: refs/heads/master@{#34371}
-
cbruni authored
specified. BUG=chromium:590668 LOG=N Review URL: https://codereview.chromium.org/1746833002 Cr-Commit-Position: refs/heads/master@{#34370}
-
adamk authored
The "each" slot is only actually used by ForIn, so this simply cleans up a TODO of mine and removes an IsForOfStatement() call. Review URL: https://codereview.chromium.org/1742013002 Cr-Commit-Position: refs/heads/master@{#34369}
-
titzer authored
R=bradnelson@chromium.org,ahaas@chromium.org BUG= Review URL: https://codereview.chromium.org/1746653002 Cr-Commit-Position: refs/heads/master@{#34368}
-
shenhan authored
This caused a runtime crash for Chrome built with clang on all ChromeOs arm32 platforms - ChromeOs chrome is using hardfp while this routine returns false. The fix is straightforward. BUG=chromium:586219 TEST=built arm32 hardfp using clang and passed all tests. LOG=N Review URL: https://codereview.chromium.org/1733863002 Cr-Commit-Position: refs/heads/master@{#34367}
-
neis authored
R=littledan@chromium.org BUG= Review URL: https://codereview.chromium.org/1746713002 Cr-Commit-Position: refs/heads/master@{#34366}
-
danno authored
This is done by ensuring that the Arm64ClaimCSP instruction calls AlignAndSetCSPForFrame when it's generated when the StackPointer() is set to jssp. LOG=N Review URL: https://codereview.chromium.org/1746053002 Cr-Commit-Position: refs/heads/master@{#34365}
-
cbruni authored
In order to track certain critical code-patters we will start adding micro-benchmarks that reflect common requests on http://jsperf.com. In this first CL a number of property enumeration methods are added, in the hope to get a clearer picture on future regressions. BUG= Review URL: https://codereview.chromium.org/1702613002 Cr-Commit-Position: refs/heads/master@{#34364}
-