- 31 Oct, 2014 9 commits
-
-
ulan@chromium.org authored
Not clearing can lead to a crash under following conditions: 1. Backing store of a weak map is allocated in large object space. 2. The backing store is marked incrementaly via the weak map. 3. The weak map is updated and gets a new backing store. 4. The store buffer overflows and marks the chunk of the old backing store as "scan on scavenge." 5. Mark-compact collection kills some elements of the weak map. Note that the old backing store survives because it was marked incrementally, but its dead elements are not cleared. 6. Scavenger iterates over the old backing store, tries to move a dead object and crashes. BUG=v8:3631 LOG=N TEST=cctest/test-heap/Regress3631 R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/686783003 Cr-Commit-Position: refs/heads/master@{#25032} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25032 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
marja@chromium.org authored
This simplifies escape handling and makes it easier to extend escapes for ES6. PushBack just before detecting ILLEGAL is unnecessary, since we will abort the scanning / parsing anyway at that point, and it doesn't matter where the cursor exactly is. The error messages w/ PushBack are not any better or more correct than without. In addition: remove a comment about handling invalid escapes gracefully when we no longer do. (*) This CL includes a behavioral change: For input "var r = /foobar/g\urrrr;" we used to report "unexpected_token: ILLEGAL" for "\u", but now we report malformed_regexp_flags which is a more correct error message. (Note that the code for reporting invalid_regexp_flags was dead, and invalid_regexp_flags is not the right error message.) Note that the V8 is more relaxed about unicode escapes in regexp flags than ES6 (see http://people.mozilla.org/~jorendorff/es6-draft.html#sec-regular-expressions ) and this CL doesn't change it. (V8 accepts any \uxxxx, ES6 spec says only a certain value range is acceptable.) (*) Code archaeology: Originally, doing PushBack in ScanHexEscape made sense (see e.g., here https://codereview.chromium.org/5063003/diff/6001/src/prescanner.h ), since we wouldn't return ILLEGAL but treat an invalid escape sequence "\uxxxx" as "uxxxx". (The repo at that point contains another instance of the same function, from the initial commit. The logic is the same.) This behavior was changed in a "renaming" commit https://codereview.chromium.org/7739020. BUG= R=rossberg@chromium.org Review URL: https://codereview.chromium.org/684873002 Cr-Commit-Position: refs/heads/master@{#25031} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25031 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dcarney@chromium.org authored
additionally rename data-flow.* to bit-vector.* as at some point these file became very inaccurately named BUG= R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/683243005 Cr-Commit-Position: refs/heads/master@{#25030} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25030 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yangguo@chromium.org authored
R=verwaest@chromium.org Review URL: https://codereview.chromium.org/690713003 Cr-Commit-Position: refs/heads/master@{#25029} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25029 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
verwaest@chromium.org authored
BUG=chromium:419220 LOG=y R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/697643002 Cr-Commit-Position: refs/heads/master@{#25028} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25028 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
bmeurer@chromium.org authored
Since the input float64 is in the range of [0, 2^32-1], the upper 32 bits of output register should be zero. BUG= R=bmeurer@chromium.org, titzer@chromium.org Review URL: https://codereview.chromium.org/644993002 Patch from Weiliang Lin <weiliang.lin@intel.com>. Cr-Commit-Position: refs/heads/master@{#25027} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25027 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
bmeurer@chromium.org authored
The turbocheck target is similar to quickcheck, but runs only the turbofan variant. R=machenbach@chromium.org Review URL: https://codereview.chromium.org/697573002 Cr-Commit-Position: refs/heads/master@{#25026} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25026 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
bmeurer@chromium.org authored
TEST=cctest/test-simplified-lowering R=dcarney@chromium.org Review URL: https://codereview.chromium.org/685993003 Cr-Commit-Position: refs/heads/master@{#25025} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
bmeurer@chromium.org authored
Also remove the LEA matching from x64, since it was never really effective. We'll optimize that once we're correct. TEST=cctest,unittests R=dcarney@chromium.org Review URL: https://codereview.chromium.org/652363006 Cr-Commit-Position: refs/heads/master@{#25024} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 30 Oct, 2014 21 commits
-
-
titzer@chromium.org authored
R=jarin@chromium.org BUG= Review URL: https://codereview.chromium.org/689883003 Cr-Commit-Position: refs/heads/master@{#25023} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25023 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
BUG=410721 LOG=n TEST=script_test.py TBR=tandrii@chromium.org Review URL: https://codereview.chromium.org/682863006 Cr-Commit-Position: refs/heads/master@{#25022} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25022 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
aandrey@chromium.org authored
API=v8::Exception::GetMessage BUG=chromium:427954 R=yangguo@chromium.org LOG=Y Committed: https://code.google.com/p/v8/source/detail?r=25015 Review URL: https://codereview.chromium.org/687253002 Cr-Commit-Position: refs/heads/master@{#25021} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25021 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yangguo@chromium.org authored
R=jarin@chromium.org BUG=v8:3660 LOG=N Review URL: https://codereview.chromium.org/677843005 Cr-Commit-Position: refs/heads/master@{#25020} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25020 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yangguo@chromium.org authored
R=verwaest@chromium.org Review URL: https://codereview.chromium.org/685393002 Cr-Commit-Position: refs/heads/master@{#25019} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25019 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
sigurds@chromium.org authored
add floor, ceil, round (truncate and away from zero) for arm64. R=bmeurer@chromium.org, dcarney@chromium.org, mstarzinger@chromium.org, rodolph.perfetta@arm.com TEST=test/mjsunit/asm/math-floor.js,test/mjsunit/asm/math-ceil.js,test/unittest/compiler/js-builtin-reducer-unittest.cc Review URL: https://codereview.chromium.org/677433002 Cr-Commit-Position: refs/heads/master@{#25018} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25018 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
TBR=yangguo@chromium.org, machenbach@chromium.org LOG=N Review URL: https://codereview.chromium.org/688813002 Cr-Commit-Position: refs/heads/master@{#25017} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
aandrey@chromium.org authored
TBR=yangguo@chromium.org, machenbach@chromium.org LOG=N Review URL: https://codereview.chromium.org/688803003 Cr-Commit-Position: refs/heads/master@{#25016} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25016 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
aandrey@chromium.org authored
API=v8::Exception::GetMessage BUG=chromium:427954 R=yangguo@chromium.org LOG=Y Review URL: https://codereview.chromium.org/687253002 Cr-Commit-Position: refs/heads/master@{#25015} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25015 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
TBR=mstarzinger@chromium.org,bmeurer@chromium.org Review URL: https://codereview.chromium.org/691623004 Cr-Commit-Position: refs/heads/master@{#25014} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25014 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
sigurds@chromium.org authored
R=rodolph.perfetta@gmail.com, ulan@chromium.org, bmeurer@chromium.org, rodolph.perfetta@arm.com Review URL: https://codereview.chromium.org/682643002 Cr-Commit-Position: refs/heads/master@{#25013} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25013 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dcarney@chromium.org authored
R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/686053003 Cr-Commit-Position: refs/heads/master@{#25011} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25011 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dcarney@chromium.org authored
BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/683933004 Cr-Commit-Position: refs/heads/master@{#25010} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25010 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
TBR=bmeurer@chromium.org,mstarzinger@chromium.org Review URL: https://codereview.chromium.org/692823002 Cr-Commit-Position: refs/heads/master@{#25009} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25009 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
dcarney@chromium.org authored
T=jarin@chromium.org BUG= R=jarin@chromium.org Review URL: https://codereview.chromium.org/688633002 Cr-Commit-Position: refs/heads/master@{#25008} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25008 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
machenbach@chromium.org authored
TBR=bmeurer@chromium.org BUG=chromium:428315 LOG=n Review URL: https://codereview.chromium.org/693473002 Cr-Commit-Position: refs/heads/master@{#25007} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25007 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yangguo@chromium.org authored
This bug (mismatch between new[] and free) was found by running VC++'s /analyze on all of Chrome. BUG=chromium:427616 LOG=N R=yangguo@chromium.org Review URL: https://codereview.chromium.org/686193004 Patch from Bruce Dawson <brucedawson@chromium.org>. Cr-Commit-Position: refs/heads/master@{#25003} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25003 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yangguo@chromium.org authored
R=jarin@chromium.org BUG=v8:3660 LOG=N Review URL: https://codereview.chromium.org/665833003 Cr-Commit-Position: refs/heads/master@{#25002} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25002 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
yangguo@chromium.org authored
The HeapIterator implies DisallowHeapAllocation, but Script::GetWrapper may allocate. LOG=N R=jkummerow@chromium.org BUG=chromium:410033 Review URL: https://codereview.chromium.org/680283002 Cr-Commit-Position: refs/heads/master@{#25001} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
weiliang.lin@intel.com authored
port r24987 original commit message: EmitCreateIteratorResult loads map from function's context Caching or serialization can cause full-codegen output to be shared between contexts. CreateIteratorResult, however, was doing the wrong thing by creating results with the map that was current when the code was generated. Instead, we should chase pointers to load the right map from the function's context. BUG= R=weiliang.lin@intel.com Review URL: https://codereview.chromium.org/674073004 Patch from Chunyang Dai <chunyang.dai@intel.com>. Cr-Commit-Position: refs/heads/master@{#25000} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25000 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
weiliang.lin@intel.com authored
port r24976. original commit message: Classes: Add super support in methods and accessors This is done by installing the [[HomeObject]] on the method and the accessor functions. BUG= R=weiliang.lin@intel.com Review URL: https://codereview.chromium.org/687273005 Patch from Chunyang Dai <chunyang.dai@intel.com>. Cr-Commit-Position: refs/heads/master@{#24999} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24999 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
- 29 Oct, 2014 10 commits
-
-
rmcilroy@chromium.org authored
R=rmcilroy@chromium.org Review URL: https://codereview.chromium.org/684263002 Patch from André Baixo <baixo@google.com>. Cr-Commit-Position: refs/heads/master@{#24998} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24998 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
jarin@chromium.org authored
BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/684193002 Cr-Commit-Position: refs/heads/master@{#24997} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24997 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
mstarzinger@chromium.org authored
R=titzer@chromium.org Review URL: https://codereview.chromium.org/687103004 Cr-Commit-Position: refs/heads/master@{#24996} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24996 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
titzer@chromium.org authored
R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/686213002 Cr-Commit-Position: refs/heads/master@{#24995} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
jkummerow@chromium.org authored
Namely, -Winconsistent-missing-override. No behavior change. BUG=v8:3658 LOG=N R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/688533002 Cr-Commit-Position: refs/heads/master@{#24994} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24994 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
balazs.kilvady@imgtec.com authored
Port r24987 (cfc4713) Original commit message: Caching or serialization can cause full-codegen output to be shared between contexts. CreateIteratorResult, however, was doing the wrong thing by creating results with the map that was current when the code was generated. Instead, we should chase pointers to load the right map from the function's context. BUG=v8:3656 LOG=N R=paul.lind@imgtec.com Review URL: https://codereview.chromium.org/691563002 Cr-Commit-Position: refs/heads/master@{#24993} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24993 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
jarin@chromium.org authored
R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/639763004 Cr-Commit-Position: refs/heads/master@{#24992} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24992 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
mstarzinger@chromium.org authored
R=titzer@chromium.org, jarin@chromium.org Review URL: https://codereview.chromium.org/687133003 Cr-Commit-Position: refs/heads/master@{#24991} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24991 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
adamk@chromium.org authored
The biggest change is the removal of the map wrapper objects: we now operate directly on the observation weak map, since there are already Get/GetOrCreate/Set functions for each info map. Various other small cleanups as well, including the deletion of unnecessary forwarding functions and making use of standard macros. This is a reland of r24972, retaining GetObservationStateJS() to keep snapshotting working properly. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/663253006 Cr-Commit-Position: refs/heads/master@{#24990} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-
baptiste.afsa@arm.com authored
R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/687193002 Cr-Commit-Position: refs/heads/master@{#24989} git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24989 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
-