- 07 Oct, 2015 1 commit
-
-
rmcilroy authored
Adds support for strict mode load / store ICs and cleans up BinaryOp and CompareOp to only trigger an UNIMPLEMENTED abort if called with STRONG mode (which is the only language mode which has different compare/binary ops. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1385623002 Cr-Commit-Position: refs/heads/master@{#31134}
-
- 06 Oct, 2015 16 commits
-
-
erikcorry authored
R=yangguo@chromium.org BUG= Review URL: https://codereview.chromium.org/1378693004 Cr-Commit-Position: refs/heads/master@{#31133}
-
caitpotter88 authored
As discussed, shipping early in the M48 branch will likely have greater exposure than staging, in order to find any remaining bugs with this feature, and provides plenty of time to unship if needed. BUG= LOG=N R=adamk@chromium.org, wingo@chromium.org, rossberg@chromium.org Review URL: https://codereview.chromium.org/1391643003 Cr-Commit-Position: refs/heads/master@{#31132}
-
caitpotter88 authored
Symbols marked as "well-known" now return an undefined value when loaded with a failed access check, instead of throwing. Currently, only @@isConcatSpreadable is marked as well-known, until the correct behaviour is properly specified. BUG=v8:4289, 507553 LOG=N R=adamk@chromium.org, jochen@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/1230793002 Cr-Commit-Position: refs/heads/master@{#31131}
-
machenbach authored
Revert of Changed scavenge GC to collect unmodified references (patchset #9 id:160001 of https://codereview.chromium.org/1358703003/ ) Reason for revert: [Sheriff] Speculative revert due to crbug.com/539814 Original issue's description: > Changed scavenge GC to collect unmodified references > > Added a scavenge GC pass that collects unmodified references instead of > processing object groups. This mode can be controlled by setting > FLAG_scavenge_remove_unmodified_objects. By default this is turned off. > Also, modified a test case to suit the handle the new GC pass. > > BUG=v8:4421 > LOG=N > > Committed: https://crrev.com/6254019238a853c9f3c09d615ba153043f6957c7 > Cr-Commit-Position: refs/heads/master@{#31102} TBR=jochen@chromium.org,rmcilroy@chromium.org,mythria@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4421,chromium:539814 Review URL: https://codereview.chromium.org/1388133002 Cr-Commit-Position: refs/heads/master@{#31130}
-
machenbach authored
Revert of [heap] Prepare code for smaller large object allocation limit than max allocatable memory. (patchset #10 id:180001 of https://codereview.chromium.org/1361853005/ ) Reason for revert: [Sheriff] Need to revert for reverting https://codereview.chromium.org/1358703003/ Original issue's description: > [heap] Prepare heap for smaller large object allocation limit than max allocatable memory. > > BUG=chromium:524425 > LOG=n > > Committed: https://crrev.com/c2bce747993c445daf78975392e587bff20c6677 > Cr-Commit-Position: refs/heads/master@{#31107} TBR=mlippautz@chromium.org,mstarzinger@chromium.org,hpayer@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=chromium:524425 Review URL: https://codereview.chromium.org/1376413005 Cr-Commit-Position: refs/heads/master@{#31129}
-
littledan authored
Previously, cases like var [foo] led to a parser crash because the parser tried to do something with the initializer, which was not syntactically present. This patch fixes the parser issue (implicitly creating an undefined initializer) and inserts a check for array destructuring that the right-hand side is coercible to an object, so it can have iterator methods called on it safely. BUG=v8:4462 LOG=Y R=adamk Review URL: https://codereview.chromium.org/1384413002 Cr-Commit-Position: refs/heads/master@{#31128}
-
jschuh authored
ASLR is much weaker in a 2GB address space. Plus the vast majority of 32-bit Windows hosts are XP, which don't have ASLR anyway. So, avoid the fragmentation and skip it in this case. BUG=chromium:394591 LOG=Y R=jochen@chromium.org Review URL: https://codereview.chromium.org/1385023002 Cr-Commit-Position: refs/heads/master@{#31127}
-
mbrandy authored
Port 9c8262f1 Original commit message: When calling into C++ builtins, we need to make sure that the argument count register contains the correct number of arguments, otherwise the CEntryStub will not be able to leave the stack in the correct state. R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com BUG=v8:4413 LOG=n Review URL: https://codereview.chromium.org/1388993002 Cr-Commit-Position: refs/heads/master@{#31126}
-
karl authored
Unwanted promotions resulted into check_eq errors from this CR: https://codereview.chromium.org/1384873002/ http://build.chromium.org/p/client.v8/builders/V8%20Arm/builds/3141/steps/Check/logs/4 Found via -Wdouble-promotion. Review URL: https://codereview.chromium.org/1372133006 Cr-Commit-Position: refs/heads/master@{#31125}
-
oth authored
Implementations and tests for typeof, void, and logical not. Add missing string type to Object::TypeOf. BUG=v8:4280 LOG=NO Review URL: https://codereview.chromium.org/1390483002 Cr-Commit-Position: refs/heads/master@{#31124}
-
rmcilroy authored
Adds an ignition variant to the test runner and adds support to test262 for filtering such that only test scripts (not the test harness) get run by the interpreter. BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1379093002 Cr-Commit-Position: refs/heads/master@{#31123}
-
machenbach authored
This adds the unittests to the "default" test set. Now that the "default" and the DEFAULT_TESTS (i.e. runner with no arguments) are the same, removed DEFAULT_TESTS and use TEST_MAP["default"] instead. On the bots, where unittests and default were run in separation before, the explicit unittests step should now be skipped. This is necessary for swarming, as the unittests step is too small to justify its own swarming job. BUG=chromium:535160 LOG=n Review URL: https://codereview.chromium.org/1374733006 Cr-Commit-Position: refs/heads/master@{#31122}
-
Benedikt Meurer authored
TBR=machenbach@chromium.org Review URL: https://codereview.chromium.org/1377643003 . Cr-Commit-Position: refs/heads/master@{#31121}
-
bmeurer authored
When calling into C++ builtins, we need to make sure that the argument count register contains the correct number of arguments, otherwise the CEntryStub will not be able to leave the stack in the correct state. R=ishell@chromium.org BUG=v8:4413 LOG=n Review URL: https://codereview.chromium.org/1391543002 Cr-Commit-Position: refs/heads/master@{#31120}
-
adamk authored
R=rossberg@chromium.org Review URL: https://codereview.chromium.org/1388813002 Cr-Commit-Position: refs/heads/master@{#31119}
-
v8-autoroll authored
Rolling v8/buildtools to 5fc8d3943e163ee627c8af50366c700c0325bba2 Rolling v8/tools/clang to 6ab82bf7484ae7c06316c095e93b8b0dc6ea806a TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org Review URL: https://codereview.chromium.org/1388043002 Cr-Commit-Position: refs/heads/master@{#31118}
-
- 05 Oct, 2015 23 commits
-
-
littledan authored
Previously, using legacy const in for-of/in loops led to a check-fail in the parser. This was due to the fact that the destructuring bind led to an undefined initialization to undefined in the parser, which caused the for loop code to go down a strange path. This patch eliminates the undefined initialization in variables declared in for-in/of loops, so that that path is not used and the error is fixed. BUG=v8:4461 LOG=Y R=adamk Review URL: https://codereview.chromium.org/1385913003 Cr-Commit-Position: refs/heads/master@{#31117}
-
stefan.penner authored
* Promise.resolve is now works with subclasses * Spec removed [[PromiseConstructor]] now can simply use constructor * Promise.resolve ignores species R=littledan@chromium.org,domenic@chromium.org BUG=v8:4161,v8:4341 LOG=Y Review URL: https://codereview.chromium.org/1362773002 Cr-Commit-Position: refs/heads/master@{#31116}
-
littledan authored
This patch prohibits lexical bindings from being called 'let', even in sloppy mode, following the ES2015 specification. The change affects multiple cases of lexical bindings, including simple let/const declarations and both kinds of for loops. var and legacy const bindings still permit the name to be let, including in destructuring cases. Tests are added to verify, though some cases are commented out since they led to (pre-existing) crashes. BUG=v8:4403 R=adamk LOG=Y Review URL: https://codereview.chromium.org/1371263003 Cr-Commit-Position: refs/heads/master@{#31115}
-
mbrandy authored
Port 5cf1c0bc Original commit message: Previous to this patch, both the lithium and TurboFan register allocators tracked allocated registers by "indices", rather than the register codes used elsewhere in the runtime. This patch ensures that codes are used everywhere, and in the process cleans up a bunch of redundant code and adds more structure to how the set of allocatable registers is defined. Some highlights of changes: * TurboFan's RegisterConfiguration class moved to V8's top level so that it can be shared with Crankshaft. * Various "ToAllocationIndex" and related methods removed. * Code that can be easily shared between Register classes on different platforms is now shared. * The list of allocatable registers on each platform is declared as a list rather than implicitly via the register index <-> code mapping. R=danno@chromium.org, bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com BUG= Review URL: https://codereview.chromium.org/1381383002 Cr-Commit-Position: refs/heads/master@{#31114}
-
hans authored
Clang builds on Windows were failing with: ..\..\v8\src\register-configuration.cc(85,17) : error: unqualified friend declaration referring to type outside of the nearest enclosing namespace is a Microsoft extension; add a nested name specifier [-Werror,-Wmicrosoft-unqualified-friend] friend struct Register; ^ ::v8::internal:: How did it work on non-Windows? The friend declarations were declaring new Register and DoubleRegister structs in the current namespace, instead of refering the existing classes in the outer namespce. The code isn't referencing any private members of these classes anyway, so let's drop the friend declarations. BUG=82385 LOG=n Review URL: https://codereview.chromium.org/1389723002 Cr-Commit-Position: refs/heads/master@{#31113}
-
machenbach authored
Revert of Reland: Introduce a V8_NORETURN macro and use it to make GCC 4.9.2 happy again. (patchset #3 id:40001 of https://codereview.chromium.org/1384873002/ ) Reason for revert: [Sheriff] Breaks the gcc 4.8 bot: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20gcc%204.8/builds/3274 Original issue's description: > Reland: Introduce a V8_NORETURN macro and use it to make GCC 4.9.2 happy again. > > Without that, it has a few false positives about out-of-bounds array accesses. > Also makes the clang static-analyzer happy. > > Original code review from Sven Panne: > https://codereview.chromium.org/790723002/ > > CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_arm_dbg,v8_linux_arm64_dbg,v8_mac64_dbg,v8_win_compile_dbg > > Committed: https://crrev.com/d068574e641e28f05dcde89ddc9a1d0ec6f6f308 > Cr-Commit-Position: refs/heads/master@{#31105} TBR=jochen@chromium.org,bmeurer@chromium.org,karl@skomski.com NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true Review URL: https://codereview.chromium.org/1376113005 Cr-Commit-Position: refs/heads/master@{#31112}
-
julien.gilli authored
The --abort-on-uncaught-exception command line switch makes Isolate::Throw abort if the error being thrown cannot be caught by a try/catch block. Embedders may want to use other mechanisms than try/catch blocks to handle uncaught exceptions. For instance, Node.js has "domain" objects that have error handlers that can handle uncaught exception like following: var d = domain.create(); d.on('error', function onError(err) { console.log('Handling error'); }); d.run(function() { throw new Error("boom"); }); These error handlers are called by isolates' message listeners. If --abort-on-uncaught-exception is *not* used, the isolate's message listener will be called, which will in turn call the domain's error handler. The process will output 'Handling error' and will exit successfully (not due to an uncaught exception). This is the behavior that Node.js users expect. However, if --abort-on-uncaught-exception is used and when throwing an error within a domain that has an error handler, the process will abort and the domain's error handler will not be called. This is not the behavior that Node.js users expect. Having a SetAbortOnUncaughtExceptionCallback API allows embedders to determine when it's not appropriate to abort and instead handle the exception via the isolate's message listener. In the example above, Node.js would set a custom callback with SetAbortOnUncaughtExceptionCallback that would be implemented as following (the sample code has been simplified to remove what's not relevant to this change): bool ShouldAbortOnUncaughtException(Isolate* isolate) { return !IsDomainActive(); } Now when --abort-on-uncaught-exception is used, Isolate::Throw would call that callback and determine that it should not abort if a domain with an error handler is active. Instead, the isolate's message listener would be called and the error would be handled by the domain's error handler. I believe this can also be useful for other embedders. BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1375933003 Cr-Commit-Position: refs/heads/master@{#31111}
-
dsinclair authored
The log-utils.h file uses va_list but doesn't require the header. This CL adds the needed header to remove a compiler error we've seen when doing some bisecting. Review URL: https://codereview.chromium.org/1383483004 Cr-Commit-Position: refs/heads/master@{#31110}
-
littledan authored
Clusterfuzz testing discovered that sloppy-mode block-scoped function declarations introduce lexically-scoped variables in scopes that were thrown away under the expectation that no lexically-scoped variables were introduced. These cases are: for (;;) function foo() {} for (x in y) function foo() {} This patch ensures that a block is created in those cases to hold the lexically scoped variable. Usually, scope analysis should discover that that block is not important, and it should not have a runtime representation. BUG=chromium:536750,chromium:536751 LOG=Y R=adamk Review URL: https://codereview.chromium.org/1382123002 Cr-Commit-Position: refs/heads/master@{#31109}
-
dusan.m.milosavljevic authored
TEST= BUG= Review URL: https://codereview.chromium.org/1389653002 Cr-Commit-Position: refs/heads/master@{#31108}
-
hpayer authored
BUG=chromium:524425 LOG=n Review URL: https://codereview.chromium.org/1361853005 Cr-Commit-Position: refs/heads/master@{#31107}
-
dusan.m.milosavljevic authored
TEST=cctest/test-interpreter/InterpreterCall, cctest/test-bytecode-generator/CallRuntime BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1390533002 Cr-Commit-Position: refs/heads/master@{#31106}
-
karl authored
Without that, it has a few false positives about out-of-bounds array accesses. Also makes the clang static-analyzer happy. Original code review from Sven Panne: https://codereview.chromium.org/790723002/ CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_arm_dbg,v8_linux_arm64_dbg,v8_mac64_dbg,v8_win_compile_dbg Review URL: https://codereview.chromium.org/1384873002 Cr-Commit-Position: refs/heads/master@{#31105}
-
mstarzinger authored
This removes the lookup-inl.h header file, which actually would break compilation if included more than once in the codebase. It only holds methods used solely in the lookup.cc compilation unit. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/1375843004 Cr-Commit-Position: refs/heads/master@{#31104}
-
hpayer authored
BUG= Review URL: https://codereview.chromium.org/1375963003 Cr-Commit-Position: refs/heads/master@{#31103}
-
mythria authored
Added a scavenge GC pass that collects unmodified references instead of processing object groups. This mode can be controlled by setting FLAG_scavenge_remove_unmodified_objects. By default this is turned off. Also, modified a test case to suit the handle the new GC pass. BUG=v8:4421 LOG=N Review URL: https://codereview.chromium.org/1358703003 Cr-Commit-Position: refs/heads/master@{#31102}
-
hablich authored
LOG=N R=machenbach@chromium.org Review URL: https://codereview.chromium.org/1385873002 Cr-Commit-Position: refs/heads/master@{#31101}
-
ulan authored
when the application is not idle. BUG= Review URL: https://codereview.chromium.org/1369333005 Cr-Commit-Position: refs/heads/master@{#31100}
-
cbruni authored
BUG=v8:2764 LOG=N R=verwaest@chromium.org Review URL: https://codereview.chromium.org/1378323003 Cr-Commit-Position: refs/heads/master@{#31099}
-
mbrandy authored
Port 75f6ad74 Original commit message: Adds support for calling runtime functions from the interpreter. Adds the CallRuntime bytecode which takes a Runtime::FunctionId of the function to call and the arguments in sequential registers. Adds a InterpreterCEntry builtin to enable the interpreter to enter C++ code based on the functionId. Also renames Builtin::PushArgsAndCall to Builtin::InterpreterPushArgsAndCall and groups all the interpreter builtins together. R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com, dstence@us.ibm.com BUG=v8:4280 LOG=N Review URL: https://codereview.chromium.org/1384483004 Cr-Commit-Position: refs/heads/master@{#31098}
-
mstarzinger authored
The change in question caused regressions on GC-heavy benchmarks, presumably due to the added indirection that is taken within hot code like the marking visitor. This is a manual revert due to conflicts. This reverts commit 4f55b830. R=hpayer@chromium.org BUG=chromium:539273 LOG=n Review URL: https://codereview.chromium.org/1386863002 Cr-Commit-Position: refs/heads/master@{#31097}
-
neis authored
Now there are two functions, one corresponding to the spec's [[PreventExtensions]] and one corresponding to Object.preventExtensions. They differ in what they return. This CL is in preparation of implementing Reflect.preventExtensions. R=rossberg BUG= Review URL: https://codereview.chromium.org/1377103005 Cr-Commit-Position: refs/heads/master@{#31096}
-
karl authored
Fixes: ../../test/cctest/compiler/test-js-typed-lowering.cc:224:14: error: ‘kJSTypes’ defined but not used [-Werror=unused-variable] static Type* kJSTypes[] = {Type::Undefined(), Type::Null(), Type::Boolean(), ../../src/bignum.cc: In member function ‘void v8::internal::Bignum::AssignDecimalString(Vector<const char>)’: ../../src/bignum.cc:80:6: error: assuming signed overflow does not occur when assuming that (X + c) < X is always false [-Werror=strict-overflow] ../../src/compiler/ia32/code-generator-ia32.cc:1366:3: required from here ../../src/base/logging.h:123:26: error: comparison between signed and unsigned integer expressions [-Werror=sign-compare] DEFINE_CHECK_OP_IMPL(EQ, ==) BUG= Review URL: https://codereview.chromium.org/1371823002 Cr-Commit-Position: refs/heads/master@{#31095}
-