- 20 Nov, 2013 1 commit
-
-
mvstanton@chromium.org authored
it's failure is diagnosed. R=danno@chromium.org Review URL: https://codereview.chromium.org/77923002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17894 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 19 Nov, 2013 6 commits
-
-
danno@chromium.org authored
This fixes unused variable compile failures in release builds introduced in r17887. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/76413004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17888 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
mvstanton@chromium.org authored
Verify that code objects are treated weakly by the AllocationSite dependent_code field. R=ulan@chromium.org Review URL: https://codereview.chromium.org/61923006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17887 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
danno@chromium.org authored
The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set. R=yangguo@chromium.org TEST=test/mjsunit/regress/regress-320948.js BUG=chromium:320948 LOG=Y Review URL: https://codereview.chromium.org/72813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
jkummerow@chromium.org authored
This is currently not observable without --allow-natives-syntax because all internal usages are safe, but it deserves to be fixed nonetheless. BUG=chromium:320922 LOG=N R=yangguo@chromium.org Review URL: https://codereview.chromium.org/67103003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17873 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yangguo@chromium.org authored
R=svenpanne@chromium.org BUG=v8:2991 LOG=Y Review URL: https://codereview.chromium.org/68203029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
mvstanton@chromium.org authored
Bugfix: dependent code field in AllocationSite was keeping code objects alive even after context death. BUG=320532 LOG=Y R=ulan@chromium.org Review URL: https://codereview.chromium.org/62803008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 18 Nov, 2013 7 commits
-
-
svenpanne@chromium.org authored
BUG= R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/60093005 Patch from Weiliang Lin <weiliang.lin@intel.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17842 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
R=jkummerow@chromium.org BUG=v8:3013 LOG=Y Review URL: https://codereview.chromium.org/74583003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17840 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
This reverts commit r17838 for breaking arm build. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/75213005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17839 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
R=jkummerow@chromium.org BUG=v8:3013 LOG=Y Review URL: https://codereview.chromium.org/74583003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17838 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
R=jkummerow@chromium.org BUG=v8:3014 LOG=N Review URL: https://codereview.chromium.org/61623009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17837 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
R=bmeurer@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/66843011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
danno@chromium.org authored
BUG=v8:3010 R=verwaest@chromium.org LOG=N Review URL: https://codereview.chromium.org/72333004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 15 Nov, 2013 11 commits
-
-
mstarzinger@chromium.org authored
R=ishell@chromium.org TEST=mjsunit/allocation-folding Review URL: https://codereview.chromium.org/73563004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17805 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/59093007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17803 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
jkummerow@chromium.org authored
LOG=Y BUG=chromium:319835,chromium:319860 R=dslomov@chromium.org Review URL: https://codereview.chromium.org/74113002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17801 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
R=jkummerow@chromium.org LOG=Y BUG=319722 Review URL: https://codereview.chromium.org/73943004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
This reverts commit r17798 for allocating too much memroy in tests. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/74093002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dslomov@chromium.org authored
R=jkummerow@chromium.org LOG=Y BUG=319722 Review URL: https://codereview.chromium.org/73943004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17798 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yurys@chromium.org authored
Test that allocations which regularly happen inline in the generated code and create objects in bump pointer space will be recorded by the allocation tracker. BUG=chromium:277984 LOG=N R=loislo@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/73893005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17794 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
verwaest@chromium.org authored
BUG= R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/71783003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yurys@chromium.org authored
BUG=v8:3005 LOG=N TBR=machenbach@chromium.org Review URL: https://codereview.chromium.org/68173023 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17773 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
bmeurer@chromium.org authored
TEST=mjsunit/regress/regress-crbug-318671 BUG=318671 LOG=y R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/67473007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17772 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yurys@chromium.org authored
BUG=v8:3005 LOG=N R=machenbach@chromium.org Review URL: https://codereview.chromium.org/65833003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17771 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 14 Nov, 2013 10 commits
-
-
rafaelw@chromium.org authored
Original Issue: https://codereview.chromium.org/29353003/ Note that this version of the patch includes logic for bailing out of compiled ArrayPush/ArrayPop calls if the array is observed (see stub-cache-*) R=danno@chromium.org BUG=v8:2946 LOG=N Review URL: https://codereview.chromium.org/68343016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17769 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
rafaelw@chromium.org authored
Because SetElement & co are interdependent, this patch handlfies all of JSObject:: -SetElement -SetFastElement -SetDictionaryElement -SetFastDoubleElement -SetElementWithInterceptor -SetElementWithoutInterceptor -SetElementWithCallbackSetterInPrototype R=mstarzinger@chromium.org LOG=N Review URL: https://codereview.chromium.org/66803002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17757 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
verwaest@chromium.org authored
R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/62953007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
ulan@chromium.org authored
BUG=v8:2333 LOG=N R=hpayer@chromium.org Review URL: https://chromiumcodereview.appspot.com/48443002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17753 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
mstarzinger@chromium.org authored
R=ulan@chromium.org, yurys@chromium.org TEST=cctest/test-heap/DisableInlineAllocation Review URL: https://codereview.chromium.org/69953023 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17752 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
This reverts commit r17746 for breaking layout tests. TBR=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/72753002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
verwaest@chromium.org authored
R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/23537067 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yurys@chromium.org authored
This is the exact copy of r17365 which was reverted in r17488 due to memory corruption. The root cause for the memory corruption - missing check for bump pointer limit before storing filler map must be addressed in r17626 where allocation hooks were removed from the generated code and left only in the runtime. This is initial implementation of allocation profiler. Whenever new object allocation is reported to the HeapProfiler and allocation tracking is on we will capture current stack trace, add it to the collection of the allocation traces (a tree) and attribute the allocated size to the top JS function on the stack. Format of serialized heap snapshot is extended to include information about recorded allocation stack traces. This patch is r17301 plus a fix for the test crash in debug mode. The test crashed because we were traversing stack trace when just allocated object wasn't completely configured, in particular the map pointer was incorrect. Invalid Map pointer broke heap iteration required to find Code object for a given pc during stack traversal. The solution is to insert free space filler in the newly allocated block just before collecting stack trace. BUG=chromium:277984,v8:2949 R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/61893031 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17742 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
mvstanton@chromium.org authored
patch from issue 54583003 (dependent code). Zero arguments - very easy 1 argument - three special cases: a) If length is a constant in valid array length range, no need to check it at runtime. b) respect DoNotInline feedback on the AllocationSite for cases that the argument is not a smi or is an integer with a length that should create a dictionary. c) if kind feedback is non-holey, and length is non-constant, we'd have to generate a lot of code to be correct. Don't inline this case. N arguments - one special case: a) If a deopt ever occurs because an input argument isn't compatible with the elements kind, then set the DoNotInline flag. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/55933002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
danno@chromium.org authored
BUG=chromium:319120 TEST=test/mjsunit/regress/regress-319120.js R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/61753013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17711 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 13 Nov, 2013 3 commits
-
-
machenbach@chromium.org authored
TBR=jkummerow@chromium.org BUG=v8:2989 Review URL: https://codereview.chromium.org/62283008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
TBR=jkummerow@chromium.org BUG=v8:2989 Review URL: https://codereview.chromium.org/68573003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
rossberg@chromium.org authored
Adds a notion of private symbols, mainly intended for internal use, especially, self-hosting of built-in types that would otherwise require new C++ classes. On the JS side (i.e., in built-ins), private properties can be created and accessed through a set of macros: NEW_PRIVATE(print_name) HAS_PRIVATE(obj, sym) GET_PRIVATE(obj, sym) SET_PRIVATE(obj, sym, val) DELETE_PRIVATE(obj, sym) In the V8 API, they are accessible via a new class Private, and respective HasPrivate/Get/Private/SetPrivate/DeletePrivate methods on calss Object. These APIs are designed and restricted such that their implementation can later be replaced by whatever ES7+ will officially provide. R=yangguo@chromium.org BUG= Review URL: https://codereview.chromium.org/48923002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 12 Nov, 2013 2 commits
-
-
yangguo@chromium.org authored
This relands r17594 with necessary fixes. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/70003004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
BUG=v8:2999 TBR=yangguo@chromium.org Review URL: https://codereview.chromium.org/68773007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-