- 20 Nov, 2020 1 commit
-
-
Leszek Swirski authored
Because of LocalHeap safepoints, our existing assert scopes don't necessarily maintain the same guarantees as desired. In particular, DisallowHeapAllocation no longer guarantees that objects don't move. This patch transitions DisallowHeapAllocation to DisallowGarbageCollection, to ensure that code using this scope is also protected against safepoints. Change-Id: I0411425884f6849982611205fb17bb072881c722 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2540547 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#71319}
-
- 16 Oct, 2020 1 commit
-
-
Igor Sheludko authored
... and add respective regression tests. This CL also adds similar regression tests for TransitionArray but it doesn't have the same issue as DescriptorArray. Bug: chromium:1133527 Change-Id: I668a90f126d76af0a39816ce8697cb29bc65d01b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2465833Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#70570}
-
- 28 Jul, 2020 1 commit
-
-
Santiago Aboy Solanes authored
Since we have an uninitialized TransitionArray that we want to insert an element (map1), we can't guarantee that said element would exist at the point of the search. Then, we search for an element guaranteed not to be (map2) and we check that we did not find it. If we have a data race, this would also trigger it. Bug: v8:7790 Change-Id: Ib90044d7c0901d599aed041f608f2c0bce506d67 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2319995 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#69099}
-
- 27 Jul, 2020 1 commit
-
-
Santiago Aboy Solanes authored
Bug: v8:7790 Change-Id: I9e62a60911d69aec20a59e92f989208f8eac6cb5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2243219Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#69065}
-
- 20 May, 2019 1 commit
-
-
Yang Guo authored
Code that is being moved primarily deal with layout of a JSObject, accessing properties and elements, and map transitions. NOTREECHECKS=true NOTRY=true Bug: v8:9247 Change-Id: Ibce5d5926ac4021c8d40c4dd109948775ce1da58 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1613994 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#61638}
-
- 13 Nov, 2018 1 commit
-
-
Jakob Kummerow authored
Bug: v8:3770 Change-Id: I52660eeda1bd299953793af9af1395f47e89072e Reviewed-on: https://chromium-review.googlesource.com/c/1331155 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#57454}
-
- 05 Jun, 2018 1 commit
-
-
Dan Elphick authored
Removes all explicit calls to GetIsolate() in transitions.cc by passing it through calling functions and implicit calls via the single argument Handle constructor and handle function. Unfortunately in the interests of making these changes vaguely manageable, I've also pushed some new GetIsolates down into objects-debug.cc, objects-printer.cc and objects.cc. Bug: v8:7786 Change-Id: I1f98530dec6c004e17dc3336f3cef09fbb446bae Reviewed-on: https://chromium-review.googlesource.com/1085451 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#53518}
-
- 05 Apr, 2018 1 commit
-
-
Marja Hölttä authored
Previous: https://chromium-review.googlesource.com/972962 BUG=v8:7308 Change-Id: I6882e36ad9f9360d006937a2f41b07839a73a768 Reviewed-on: https://chromium-review.googlesource.com/995014Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#52404}
-
- 28 Mar, 2018 2 commits
-
-
Marja Hölttä authored
This reverts commit 61195eb6. Reason for revert: breaks gc stress Original change's description: > [in-place weak refs] Replace the WeakCell potentially in Map::raw_transitions_. > > BUG=v8:7308 > > Change-Id: I3021df5f6dfd02d85ed9fe1903f9c0850f92168d > Reviewed-on: https://chromium-review.googlesource.com/972962 > Commit-Queue: Marja Hölttä <marja@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#52272} TBR=ulan@chromium.org,marja@chromium.org Change-Id: I218b4d767da5095e5c5fee650567eb41343b347e No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7308 Reviewed-on: https://chromium-review.googlesource.com/983812Reviewed-by: Marja Hölttä <marja@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#52275}
-
Marja Hölttä authored
BUG=v8:7308 Change-Id: I3021df5f6dfd02d85ed9fe1903f9c0850f92168d Reviewed-on: https://chromium-review.googlesource.com/972962 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#52272}
-
- 28 Jul, 2017 1 commit
-
-
Jakob Kummerow authored
in preparation for caching StoreIC-Transition handlers in there. This CL should not change behavior or performance. The TransitionArray class no longer serves a dual purpose; it is now simply the data structure serving that role. Further, it now supports storing transitioning handlers in its "target" slot, which in turn have a WeakCell pointing to the transition target (but this functionality is not being used yet). The interface for accessing a map's transitions, previously implemented as a set of static functions, is now handled by the TransitionsAccessor class. It distinguishes the following internal states: - kPrototypeInfo: map is a prototype map, will never cache any transitions. - kUninitialized: map can cache transitions, but doesn't have any. - kWeakCell: map caches a single transition, stored inline. Formerly known as "IsSimpleTransition". - kFullTransitionArray: map uses a TransitionArray to store transitions. - kTuple3Handler, kFixedArrayHandler: to be used in the future for caching transitioning handlers. Change-Id: If2aa68390981f96f317b958445a6e0b935c2a14e Reviewed-on: https://chromium-review.googlesource.com/550118Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#46981}
-