- 26 Feb, 2015 10 commits
-
-
ulan authored
When a field type is a map, it is wrapped in a weak cell upon storing to the descriptor array. Map::GetFieldType(i) does the unwrapping. BUG=v8:3877 LOG=N TEST=cctest/test-heap/Regress3877 Review URL: https://codereview.chromium.org/955063002 Cr-Commit-Position: refs/heads/master@{#26879}
-
verwaest authored
BUG= TBR=dcarney@chromium.org Review URL: https://codereview.chromium.org/956283003 Cr-Commit-Position: refs/heads/master@{#26878}
-
machenbach authored
BUG=chromium:403263 LOG=n Review URL: https://codereview.chromium.org/963433002 Cr-Commit-Position: refs/heads/master@{#26877}
-
ishell authored
Revert of Temporarily disable double fields unboxing. (patchset #1 id:1 of https://codereview.chromium.org/928733003/) Reason for revert: Preparing to land a fix. Original issue's description: > Temporarily disable double fields unboxing. > > Committed: https://crrev.com/209cf09ac9e36c1a24cdfa918bc579a4671c6842 > Cr-Commit-Position: refs/heads/master@{#26727} TBR=jkummerow@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/960173002 Cr-Commit-Position: refs/heads/master@{#26876}
-
verwaest authored
Only dynamically perform access checks on the receiver if it's a JSGlobalProxy. Proxies up the chain are guaranteed to provide access if we had access to the receiver, since otherwise we wouldn't have been able to compile the stub in the first place. If the security check would change, the window navigates, changing the map of the JSGlobalProxy. BUG= Review URL: https://codereview.chromium.org/958843002 Cr-Commit-Position: refs/heads/master@{#26875}
-
verwaest authored
BUG= Review URL: https://codereview.chromium.org/942963004 Cr-Commit-Position: refs/heads/master@{#26874}
-
machenbach authored
Side note: tools/v8-info.sh seems to have been broken ever since the move to git. At least it's not more broken now. BUG=v8:3075 LOG=y TEST=./script_test.py Review URL: https://codereview.chromium.org/959713003 Cr-Commit-Position: refs/heads/master@{#26873}
-
jarin authored
Bad scenario: - Enter a binop IC miss handler from optimized code object C from call site S, - From the binop IC, invoke arbitrary javascript that lazy deopts C, so all relocation info is nuked and replaced with lazy deopt entries' reloc info. In particular, there is no reloc info for S. - Still from the arbitrary JavaScript, make IC target's code object move. Note that the call site S is not updated. - Return to the miss handler and inspect the IC's target. This will try to get the target from S, but that is a potentially invalid pointer. It is quite possible that we will have to do a similar fix for other ICs, but we will have to find a reliable repro first. I am not submitting a repro here because it is quite long running and brittle (it relies on code compaction happening while in the binop IC). BUG=v8:3910 LOG=n R=ishell@chromium.org Review URL: https://codereview.chromium.org/958473004 Cr-Commit-Position: refs/heads/master@{#26872}
-
bmeurer authored
R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/962523002 Cr-Commit-Position: refs/heads/master@{#26871}
-
bmeurer authored
Review URL: https://codereview.chromium.org/960783002 Cr-Commit-Position: refs/heads/master@{#26870}
-
- 25 Feb, 2015 30 commits
-
-
arv authored
The test did not invoke the function BUG=v8:3921 LOG=N R=adamk Review URL: https://codereview.chromium.org/961463002 Cr-Commit-Position: refs/heads/master@{#26869}
-
adamk authored
TBR=rossberg@chromium.org Review URL: https://codereview.chromium.org/952343002 Cr-Commit-Position: refs/heads/master@{#26868}
-
verwaest authored
Remove NativeContext from Literal array, since we always create the literals in the native context of the current closure. BUG= Review URL: https://codereview.chromium.org/952303002 Cr-Commit-Position: refs/heads/master@{#26867}
-
dcarney authored
R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/948263004 Cr-Commit-Position: refs/heads/master@{#26866}
-
arv authored
It turned out that we didn't need to treat super in a special way in the pre parser expressions. BUG=None LOG=N R=dslomov@chromium.org Review URL: https://codereview.chromium.org/952283003 Cr-Commit-Position: refs/heads/master@{#26865}
-
arv authored
We don't need this since this case is now a SyntaxError. BUG=None LOG=N R=dslomov@chromium.org Review URL: https://codereview.chromium.org/957823002 Cr-Commit-Position: refs/heads/master@{#26864}
-
adamk authored
The new logic ensures that the error messages are the same in the "import { <reserved word> }" and "import { foo as <reserved ord> }" cases. Also prepares ParseImportNames for returning both the import and local names to ParseImportClause. BUG=v8:1569 LOG=n Review URL: https://codereview.chromium.org/952863006 Cr-Commit-Position: refs/heads/master@{#26863}
-
dcarney authored
R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/945313003 Cr-Commit-Position: refs/heads/master@{#26862}
-
dusan.milosavljevic authored
TEST=kraken-1.1 benchmark BUG= Review URL: https://codereview.chromium.org/952233002 Cr-Commit-Position: refs/heads/master@{#26861}
-
balazs.kilvady authored
BUG= Review URL: https://codereview.chromium.org/950523003 Cr-Commit-Position: refs/heads/master@{#26860}
-
dcarney authored
BUG= Review URL: https://codereview.chromium.org/951553005 Cr-Commit-Position: refs/heads/master@{#26859}
-
wingo authored
R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/958623002 Cr-Commit-Position: refs/heads/master@{#26858}
-
rossberg authored
R=mstarzinger@chromium.org BUG=461520 LOG=N Review URL: https://codereview.chromium.org/955973003 Cr-Commit-Position: refs/heads/master@{#26857}
-
jkummerow authored
by checking instance type rather than constructor. BUG=chromium:461734 LOG=n R=verwaest@chromium.org Review URL: https://codereview.chromium.org/953283004 Cr-Commit-Position: refs/heads/master@{#26856}
-
ben authored
Add v8::Object::GetRealNamedPropertyAttributes() and v8::Object::GetRealNamedPropertyAttributesInPrototypeChain(). See https://github.com/iojs/io.js/issues/864 for background. Review URL: https://codereview.chromium.org/942003003 Cr-Commit-Position: refs/heads/master@{#26855}
-
rossberg authored
R=dslomov@chromium.org BUG= Review URL: https://codereview.chromium.org/954693003 Cr-Commit-Position: refs/heads/master@{#26854}
-
marja authored
In addition to Parser, other phases (such as scope analysis) need to handle compilation errors in the future. PendingCompilationErrorHandled takes care of error handling in a unified way. Split from https://codereview.chromium.org/943543002/ . R=rossberg@chromium.org BUG= Review URL: https://codereview.chromium.org/960543002 Cr-Commit-Position: refs/heads/master@{#26853}
-
machenbach authored
Xcode uses a different naming scheme for directories within the xcodebuild directory. But it is safe to just delete everything withing xcodebuild or out. Keep the soft clobber for windows' build directory only, where subdirectories follow the *release* and *debug* naming scheme. BUG=chromium:403263 LOG=n TBR=jochen@chromium.org Review URL: https://codereview.chromium.org/955953002 Cr-Commit-Position: refs/heads/master@{#26852}
-
yangguo authored
R=hpayer@chromium.org Review URL: https://codereview.chromium.org/944923005 Cr-Commit-Position: refs/heads/master@{#26851}
-
yangguo authored
R=vogelheim@chromium.org Review URL: https://codereview.chromium.org/960513002 Cr-Commit-Position: refs/heads/master@{#26850}
-
bmeurer authored
R=dcarney@chromium.org Review URL: https://codereview.chromium.org/958583003 Cr-Commit-Position: refs/heads/master@{#26849}
-
bmeurer authored
Revert of Rebase GDBJIT interface solely on JITCodeEvent (patchset #2 id:20001 of https://codereview.chromium.org/957673004/) Reason for revert: Doesn't compile Original issue's description: > Rebase GDBJIT interface solely on JITCodeEvent > > R=mstarzinger@chromium.org > BUG= > > Committed: https://chromium.googlesource.com/v8/v8/+/8989d828e86bc7edae5e25687bcb60c0e301dffb TBR=mstarzinger@chromium.org,wingo@igalia.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/954833004 Cr-Commit-Position: refs/heads/master@{#26848}
-
Andy Wingo authored
R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/957673004 Cr-Commit-Position: refs/heads/master@{#26847}
-
bmeurer authored
R=dcarney@chromium.org Review URL: https://codereview.chromium.org/946423003 Cr-Commit-Position: refs/heads/master@{#26846}
-
yangguo authored
R=vogelheim@chromium.org BUG=chromium:461259 LOG=N Review URL: https://codereview.chromium.org/949623006 Cr-Commit-Position: refs/heads/master@{#26845}
-
hpayer authored
BUG= Review URL: https://codereview.chromium.org/946973008 Cr-Commit-Position: refs/heads/master@{#26844}
-
bmeurer authored
Optimize for the common case and get rid of the unreadable Diamond helper code there. R=dcarney@chromium.org Review URL: https://codereview.chromium.org/954173002 Cr-Commit-Position: refs/heads/master@{#26843}
-
machenbach authored
Without this change, it is non-trivial to know during runhooks, if a landmine was just triggered in a checkout that doesn't have the initial landmines script CL yet, i.e. that didn't create a .landmines file yet. BUG=chromium:403263 LOG=n Review URL: https://codereview.chromium.org/954153002 Cr-Commit-Position: refs/heads/master@{#26842}
-
bmeurer authored
Review URL: https://codereview.chromium.org/958533002 Cr-Commit-Position: refs/heads/master@{#26841}
-
bmeurer authored
R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/929403004 Cr-Commit-Position: refs/heads/master@{#26840}
-