- 17 Apr, 2020 1 commit
-
-
Zhou, Zhiguo authored
Bug: v8:9909 Change-Id: I1ec888ce0b3389afcb0edd1033bef179327e140c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2148640Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhiguo Zhou <zhiguo.zhou@intel.com> Cr-Commit-Position: refs/heads/master@{#67189}
-
- 16 Apr, 2020 28 commits
-
-
Michael Lippautz authored
.type directive is required on arm to enable ARM/Thumb interworking. Bug: chromium:1071168 Change-Id: I2ff5046719b9c8f611e81970bfa61c68ed850362 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2153207Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#67188}
-
Michael Achenbach authored
A new realm doesn't contain the mocks and suppressions on the global object for correctness fuzzing. We replace Realm.eval with eval to keep exercising the code. Bug: chromium:1071133 Change-Id: Iffe82d37bf08829fc5937c17c2089277403e71dc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2153206Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#67187}
-
Ng Zhi An authored
SIMD opcodes consist of the prefix byte, then an LEB128 encoded int. We were decoding this incorrectly as a fixed uint8. This fixes the decoder to properly handle multi bytes. In some cases, the multi byte logic is applied to all prefixed opcodes. This is not a problem, since for values < 0x80, the LEB encoding is a single byte, and decodes to the same int. If the prefix opcode has instructions with index >= 0x80, it would be required to be LEB128 encoded anyway. There are a bunch of trivial changes to test-run-wasm-simd, to change the macro from BUILD to BUILD_V, the former only works for single byte opcodes, the latter is a new template-based macro that correct handles multi-byte opcodes. The only unchanged test is the shuffle fuzzer test, which builds its own sequence of bytes without using the BUILD macro. Bug: v8:10258 Change-Id: Ie7377e899a7eab97ecf28176fd908babc08d0f19 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2118476 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Cr-Commit-Position: refs/heads/master@{#67186}
-
Ng Zhi An authored
Bug: v8:9909 Change-Id: Ia5038fccb756d79b08b10a5fd0664b0da8b6a8ca Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151172Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#67185}
-
Yury Semikhatsky authored
This is a follow-up fix for https://crrev.com/c/v8/v8/+/1491608 Bug: chromium:1051186 Change-Id: Ia76ad0e7665fe17013b45816350238c35e7199f6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2049899Reviewed-by: Frank Tang <ftang@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Dan Elphick <delphick@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Auto-Submit: Yury Semikhatsky <yurys@chromium.org> Cr-Commit-Position: refs/heads/master@{#67184}
-
Bill Budge authored
- Adds kFPReturnRegister0 for all platforms. - Reworks linkage.cc to assign return registers to the proper register type, using the new FP return register. Bug: v8:10070 Change-Id: I5c876d248de9b825a1c80847ab134881dcda6f04 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2107510Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#67183}
-
Clemens Backes authored
These tests were skipped three years ago because of flakes. I cannot reproduce the flakes any more, so reenabling the tests. R=petermarshall@chromium.org Bug: chromium:772010 Change-Id: I4dc2d890b20e642f8d9351676aecab965d2b4b63 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151357 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#67182}
-
Ng Zhi An authored
Bug: v8:9909 Change-Id: Ib94db390f70ddaa7eafb5af77023b1024c2b96b9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151168Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#67181}
-
Mythri A authored
When we create a new elements array we should initialize it with holes. The capacity of the newly created elements array could be greater than the actual length of the array and we expect the unused slots to be filled with holes. Bug: chromium:1070560 Change-Id: Ia365eed59859e36a9c8b9e27be34f93ab88942bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150599 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#67180}
-
Liviu Rau authored
No-Try: true Bug: v8:10423 Change-Id: Ic75147496bb544871b8add5034409b8c7acfbcfc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151364 Commit-Queue: Liviu Rau <liviurau@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#67179}
-
Philip Pfaffe authored
This CL relands the implementation of the __getLocal and __sbrk APIs of the evaluator interface reverted in efea7407. Update the original commit to account for a changes to the import function name tracking and defaulting to debugging with liftoff. Change-Id: I9674aad419fb1dab0a9ecbb5d3fd4c33186b127a Bug: chromium:1020120 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151353 Commit-Queue: Philip Pfaffe <pfaffe@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#67178}
-
Richard Townsend authored
Adds an pure (not inline) assembly version of PushAllRegistersAndIterateStack for the Microsoft Arm Assembler, which uses slightly different syntax. Bug: v8:10407 Change-Id: I539e2021bd86e17a2d023c061c9753b4bd96ce2c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150600 Commit-Queue: Richard Townsend <richard.townsend@arm.com> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#67177}
-
Clemens Backes authored
The failure was probably the same as in https://crbug.com/v8/10410. Thus reenable the test also in the stress_incremental_marking variant on windows. R=thibaudm@chromium.org Bug: chromium:772010, v8:10410 Change-Id: Iad0b9b60408e08c5f2202462f6eeba3067525ae5 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151356Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#67176}
-
Clemens Backes authored
This cleans up several parts of the tiering logic. 1) Instead of using the {ExecutionTier} to specify whether we do tier up or down, we introduce a new {TieringState} enum and use that consistently (also where a {bool} was used before). 2) When tiering up or tiering down, always recompile all functions. It's very unlikely that we can reuse previous code anyway (tiering down is cheap enough to just always do it, and when tiering up we need to recompile everything anyway). 3) Remove the {WasmEngine::RecompileAllFunctions} method and inline the implementation into callers. 4) Drive-by: Remove some obsolete comments and fix or extend others. R=thibaudm@chromium.org Bug: v8:10410 Change-Id: Ic765c6760dd97473ccfd469f22a2514695075587 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151355Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#67175}
-
Ulan Degenbaev authored
On-heap TypedArrays have empty ArrayBuffers that are not supposed to be accessed directly. Such ArrayBuffers materialize properly when accessed via their TypedArrays. The queryObjects() sidesteps the bottleneck and finds empty ArrayBuffers by iterating the heap. When preview TypedArrays are constructed for the found ArrayBuffers, they get nullptr data pointers. This CL converts all on-heap TypedArrays into off-heap TypedArrays in queryObjects to make sure that all found ArrayBuffers are valid. Bug: chromium:992442 Change-Id: Ie77d1e75aa2007b4a976c72206b9a4e215c9ef53 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150601 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#67174}
-
Andreas Haas authored
The existing interface assumed that for atomic binop instructions, the value register and the result register are the same. However, for x64, this assumption is not always useful, and for platforms like arm, this assumption is even negative. The existing interface was originally introduced because ia32 lacks registers, and we wanted to avoid platform-specific code in liftoff-compiler.cc. However, by now the lack of registers on ia32 required us to use platform-specific code also in other places, so we can also use it for atomic binops and thereby enable a better code generation. R=clemensb@chromium.org Bug: v8:10108 Change-Id: If39cc5f49934422b632bb2a5793c7f5d5d2b65c0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150585Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#67173}
-
Georg Neis authored
Change-Id: Ic5dbf4c3330c71cbae73aa07b2adb1c8ac087182 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151348 Auto-Submit: Georg Neis <neis@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#67172}
-
Yuki Shiino authored
JSObject::SetImmutableProto is called from InstantiateObject in api/api-natives.cc: https://source.chromium.org/chromium/chromium/src/+/master:v8/src/api/api-natives.cc;drc=98497572964c764de5dc32a54a62c66943ed8499;l=369 https://source.chromium.org/chromium/chromium/src/+/master:v8/src/api/api-natives.cc;drc=98497572964c764de5dc32a54a62c66943ed8499;l=423 So, non JS code will hit the DCHECK being removed in this patch. Actually, Blink hits this DCHECK when implementing Location object's [[SetPrototypeOf]] as SetImmutablePrototype. c.f. https://crrev.com/c/2145516 Change-Id: I88b2715d645f5ea792ef33cb67a6990c762ad338 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143982Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Yuki Shiino <yukishiino@chromium.org> Cr-Commit-Position: refs/heads/master@{#67171}
-
Jakob Gruber authored
This reverts commit 52412058. Reason for revert: Use counters are not the right approach, we need histograms instead. Original change's description: > [protectors] Add use counters to track invalidations > > ... to make real world protector invalidations measurable. > > Chromium CL: https://crrev.com/c/2149324 > > Drive-by: Add missing newline in protector tracing. > Drive-by: Consistent naming for the regexp species protector. > > Bug: v8:9496 > Change-Id: I3c7238aa8024e03ea9e89daf83345b8ec4f0d768 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149428 > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#67149} TBR=ulan@chromium.org,jgruber@chromium.org Change-Id: Ia36b598844fbad2166772298c2e2ec8f6b4f92b1 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:9496 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151358Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#67170}
-
Yang Guo authored
R=verwaest@chromium.org Fixed: v8:7463 Change-Id: I3d0127865ad0430d38124c3ad8ed3bc63ba4e6d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149421 Auto-Submit: Yang Guo <yangguo@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#67169}
-
Philip Pfaffe authored
Trying to write an empty byte array currently invokes undefined behavior if the byte array is null. That's the case when trying to write an empty vector for example. Copying zero bytes from nullptr is defined as UB for memcpy. Change-Id: I6f7e920c1e19e8b2e3779bbc1c0ad79fc8bd6e98 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2148789 Commit-Queue: Philip Pfaffe <pfaffe@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#67168}
-
Michael Lippautz authored
This adds support for custom weak callbacks through static callbacks and instance methods. Bug: chromium:1056170 Change-Id: Ie4bd32539e0d933b192f07edb2d45e0070c2128d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2148784 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#67167}
-
Clemens Backes authored
This reverts commit https://crrev.com/c/2144966, which was merged to v8.1 in https://crrev.com/c/2151345. R=thibaudm@chromium.org Bug: chromium:1070199 Change-Id: Idb25cfaa52f7f7aa07353cf0372e6758adb58d78 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2151346Reviewed-by: Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#67166}
-
Zhao Jiazhong authored
Port ad55fa63 https://crrev.com/c/2147148 Change-Id: I5375ae4bddb2221c6f7860e55111c95beeed757d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2152069Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Cr-Commit-Position: refs/heads/master@{#67165}
-
Marja Hölttä authored
They were installed as builtins for historical reasons (see https://codereview.chromium.org/2222893002 ). But they're pretty much unnecessary, as they were mostly dead code, except MakeTypeError - but that work can be delegated to Runtime_NewTypeError. Change-Id: I0c3b361accf9a96da5cd00cc62b7f018186dad17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150597Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#67164}
-
Ye Kuang authored
https://chromium.googlesource.com/infra/infra/+/56ae79476e3caf14da59d75118408aa778637936 Bug: chromium:1070487 Change-Id: I11e824f5983ebb94cdabc1c9e52baddf3e3311cd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2152067 Auto-Submit: Ye Kuang <yekuang@google.com> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#67163}
-
Zhao Jiazhong authored
Port 1a7f5689 https://crrev.com/c/2129635 Change-Id: Iee46bdb05f1c412dcdb7299a8b74f9c8ce2e7d4d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143985 Commit-Queue: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#67162}
-
Shu-yu Guo authored
To avoid shrinking the unregister token map on each pop of the cleared cell list, the Torque implementation of the cleanup loop avoids shrinking the map until the end of the loop. To support that, PopClearedCellHoldings is refactored to the Torque PopClearedCell which calls the JSFinalization::RemoveCellFromUnregisterTokenMap and the runtime ShrinkFinalizationRegistryUnregisterTokenMap. The former cannot GC is and is implemented in CSA as a fast C call. The latter can GC and is a runtime call. This also incidentally makes uses of FinalizationRegistry without unregister token a fast path that doesn't have to leave Torque. Bug: v8:8179 Change-Id: Ia0c3c5800d26e31319a818f164f6bd3267355aa6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137950 Commit-Queue: Shu-yu Guo <syg@chromium.org> Reviewed-by: Marja Hölttä <marja@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#67161}
-
- 15 Apr, 2020 11 commits
-
-
Ng Zhi An authored
This debug::WasmValue is a wrapper around internal::WasmValue. It is exposed to the inspector, and contains helper methods to get the type and underlying bytes of the Wasm value. This will later be used by the inspector, in value-mirror, to expose the WasmValue to DevTools via CDP. Bug: v8:10347 Change-Id: I1ee20c0be3a20dad2cfe3994a166e9a284af5d4f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2137864Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#67160}
-
Kim-Anh Tran authored
Bug: chromium:1043034 Change-Id: I18b1c307ab198e7fbd4d5bc7df399c310f317c4b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149419Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/master@{#67159}
-
Frank Tang authored
Bug: chromium:364374 Change-Id: I361403b26529860c4240d06766a82937ee8ca115 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150070 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#67158}
-
Ng Zhi An authored
Bug: v8:9909 Change-Id: I8beaa9a430c86c00311e5cc713c2870d2a588ab8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2149712Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#67157}
-
Ng Zhi An authored
Bug: v8:9909 Change-Id: I6e367b98c0f85c740947d72e9b0a29870e9e03e2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2147602Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#67156}
-
Milad Farazmand authored
Port 325e3290 R=jing.bao@intel.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I743d710a501e1f01cbe4c4052fb26423e8a3990e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150303Reviewed-by: Joran Siu <joransiu@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#67155}
-
Clemens Backes authored
Sometimes we were triggering a wasm code GC at a time where all native modules just died. Thus, no isolates took part in that GC, and it never finished (because no isolate would ever call {ReportLiveCodeForGC}). This never-ending GC would then block all other GCs for the rest of the life of this wasm engine. This CL fixes this by just finishing the GC immediately if no isolates are outstanding. R=ahaas@chromium.org Change-Id: I4c25dd6ba4132cf9f72de39c30da5d5cba0526ad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150588 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#67154}
-
Anton Bikineev authored
CrossThreadPersistent and friends are the followup. Bug: chromium:1056170 Change-Id: Ide910062d80952da73b922398c281162b1861f47 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144957 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#67153}
-
Leszek Swirski authored
Soft-deopt for mono/polymorphic property accesses that don't have any maps, and only allow zero-map feedback to be monomorphic. This makes sure we only emit a megamorphic LoadIC builtin call if the IC was actually megamorphic. JSGenericLowering assumed that zero maps meant that a load site is megamorphic. However, it can be the case that the call-site is monomorphic or polymorphic, and the maps had died. In this case we don't want to call the megamorphic IC builtin, as on a stub cache miss we fallback to a normal LoadIC miss, which can record mono/polymorphic feedback in the IC. After this, we'll enter a miss loop in the megamorphic load builtin, and worse the LoadIC assumes that there's something "wrong" with the feedback, so it'll keep trying to reconfigure the handler (possibly allocating new load handlers if this is a prototype field access). As a drive-by, rewrite GetRelevantReceiverMaps to be an in-place filtering of the maps rather than copying them. Change-Id: I0c25bfa606367fa81c43223bbd56cdadb5e789ef Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150586Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Auto-Submit: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#67152}
-
Mythri A authored
In strict mode stores to non-existent properties throw. We should not install a handler with the property cell for such stores. These handlers would expect that the value exists when they see a property cell. If this property cell gets invalidated later, it appears as if it is a valid property cell with undefined value. This leads to an incorrect behaviour. This cl checks if we are in strict mode and uses a slow stub in such cases. Bug: chromium:1067757 Change-Id: I543c6a6931530bfb13cc9a33d1dabaa756489fd1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2142255 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#67151}
-
Dominik Inführ authored
Add ConcurrentAllocator which can be used for concurrent allocation from a background thread in the old space. ConcurrentAllocator doesn't request a GC yet when an allocation fails. This will be implemented in later CLs. Bug: v8:10315 Change-Id: I81260ebbd8863c143e93aedb93c66d0e7c28bddb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144066 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#67150}
-