1. 22 Feb, 2019 1 commit
  2. 20 Feb, 2019 1 commit
    • Jaroslav Sevcik's avatar
      Reland "Fix accessor update of non-extensible maps." · 0a069d94
      Jaroslav Sevcik authored
      This is a reland of 1a3a2bc3,
      fixed an infinite loop in Map::TryUpdateSlow and added
      a relevant test.
      
      Original change's description:
      > Fix accessor update of non-extensible maps.
      >
      > When installing getter/setter of non-extensible map with existing
      > setter/getter of the same name, we introduce a new transition
      > (so we have two transitions with the same name!). This triggers
      > an assertion in map updater.
      >
      > This fix carefully checks that on the back-pointer path from
      > non-extensible map to the extensible map there are only
      > integrity level transitions. Otherwise, we just bail out.
      >
      > Bug: chromium:932953
      > Change-Id: I02e91c3b652428a84a9f5c58b6691ea9b1fc44d6
      > Reviewed-on: https://chromium-review.googlesource.com/c/1477067
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#59667}
      
      Bug: chromium:932953
      Change-Id: I015ee3795f816c8eabb5b5c5cb0ee30f365cc972
      Reviewed-on: https://chromium-review.googlesource.com/c/1477675Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59715}
      0a069d94
  3. 19 Feb, 2019 2 commits
    • Leszek Swirski's avatar
      Revert "Fix accessor update of non-extensible maps." · 4cbdf97d
      Leszek Swirski authored
      This reverts commit 1a3a2bc3.
      
      Reason for revert: Only CL in a reverted roll (https://chromium-review.googlesource.com/c/chromium/src/+/1477147)
      
      Original change's description:
      > Fix accessor update of non-extensible maps.
      > 
      > When installing getter/setter of non-extensible map with existing
      > setter/getter of the same name, we introduce a new transition
      > (so we have two transitions with the same name!). This triggers
      > an assertion in map updater.
      > 
      > This fix carefully checks that on the back-pointer path from
      > non-extensible map to the extensible map there are only
      > integrity level transitions. Otherwise, we just bail out.
      > 
      > Bug: chromium:932953
      > Change-Id: I02e91c3b652428a84a9f5c58b6691ea9b1fc44d6
      > Reviewed-on: https://chromium-review.googlesource.com/c/1477067
      > Reviewed-by: Igor Sheludko <ishell@chromium.org>
      > Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#59667}
      
      TBR=jarin@chromium.org,ishell@chromium.org
      
      Change-Id: I9264423c605cebef87beb6c0f066e90b59faae48
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: chromium:932953
      Reviewed-on: https://chromium-review.googlesource.com/c/1477219Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Commit-Queue: Leszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59680}
      4cbdf97d
    • Jaroslav Sevcik's avatar
      Fix accessor update of non-extensible maps. · 1a3a2bc3
      Jaroslav Sevcik authored
      When installing getter/setter of non-extensible map with existing
      setter/getter of the same name, we introduce a new transition
      (so we have two transitions with the same name!). This triggers
      an assertion in map updater.
      
      This fix carefully checks that on the back-pointer path from
      non-extensible map to the extensible map there are only
      integrity level transitions. Otherwise, we just bail out.
      
      Bug: chromium:932953
      Change-Id: I02e91c3b652428a84a9f5c58b6691ea9b1fc44d6
      Reviewed-on: https://chromium-review.googlesource.com/c/1477067Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59667}
      1a3a2bc3
  4. 11 Feb, 2019 2 commits
  5. 09 Feb, 2019 2 commits
  6. 06 Feb, 2019 1 commit
  7. 01 Feb, 2019 2 commits
    • Jaroslav Sevcik's avatar
      Map update for integrity level transitions. · 06ba822e
      Jaroslav Sevcik authored
      This adds support for integrity level transitions (preventExtensions,
      seal and freeze) to MapUpdater and Map::TryUpdate.
      
      In both cases, we first try to detect whether there were integrity
      level transitions in the transition tree to the old map and make note
      of the most restrictive integrity transition and the map just before
      the transition (integrity-source-map). Then we find an appropriate root
      (based on integrity-source-map's elements kind) and replay the
      transitions based on the integrity-source-map's descriptor
      array. Finally, if we saw an integrity level transition in
      the beginning, we will find-or-create that transition (on the
      updated version of integrity-source-map).
      
      For the following micro-benchmark, we get about 10x speedup.
      
      ```
      function C() {
        this.x = 1;
        Object.seal(this);
        this.x = 0.1;
      }
      
      const start = Date.now();
      for (let i = 0; i < 1e7; i++) {
        new C();
      }
      console.log("Reconfigure sealed: " + (Date.now() - start));
      ```
      
      Before:
      > Reconfigure sealed: 5202
      
      After:
      > Reconfigure sealed: 479
      
      Bug: v8:8538
      Change-Id: If695be7469d8b6ccd44ac4528be8aa34b65b3e4d
      Reviewed-on: https://chromium-review.googlesource.com/c/1442640
      Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59295}
      06ba822e
    • Takuto Ikuta's avatar
      Extract Map class from objects.cc · 238ccdef
      Takuto Ikuta authored
      I extracted following class member functions to map.cc
      * Map
      * NormalizedMapCache
      
      Declaration of all above class are in map.h.
      
      This patch makes compile time of objects.cc from 18.9s to 17.6s on Z840 Linux.
      And map.cc takes 6.14s for compile.
      
      Bug: v8:7629
      Change-Id: Id1e45dff243ab3f5449c0a7e2a861fba0bc7abf6
      Reviewed-on: https://chromium-review.googlesource.com/c/1447914
      Commit-Queue: Takuto Ikuta <tikuta@chromium.org>
      Reviewed-by: 's avatarMarja Hölttä <marja@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59270}
      238ccdef