2016-02-25 12:07:07 +00:00
|
|
|
#
|
|
|
|
# Autogenerated by generate-bytecode-expectations.
|
|
|
|
#
|
|
|
|
|
|
|
|
---
|
|
|
|
wrap: yes
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = 1; return ++a;
|
|
|
|
"
|
|
|
|
frame size: 1
|
|
|
|
parameter count: 1
|
2016-08-08 01:15:22 +00:00
|
|
|
bytecode array length: 10
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
2017-01-25 17:39:24 +00:00
|
|
|
/* 42 S> */ B(LdaSmi), I8(1),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2017-07-27 12:45:00 +00:00
|
|
|
/* 45 S> */ B(Inc), U8(0),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 56 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = 1; return a++;
|
|
|
|
"
|
|
|
|
frame size: 2
|
|
|
|
parameter count: 1
|
2017-09-11 16:57:39 +00:00
|
|
|
bytecode array length: 16
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
2017-01-25 17:39:24 +00:00
|
|
|
/* 42 S> */ B(LdaSmi), I8(1),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2017-10-12 00:50:06 +00:00
|
|
|
/* 45 S> */ B(ToNumeric), U8(0),
|
2017-09-11 16:57:39 +00:00
|
|
|
B(Star), R(1),
|
2017-07-27 12:45:00 +00:00
|
|
|
B(Inc), U8(0),
|
2016-06-09 13:32:33 +00:00
|
|
|
B(Star), R(0),
|
2016-05-11 12:21:56 +00:00
|
|
|
B(Ldar), R(1),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 56 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = 1; return --a;
|
|
|
|
"
|
|
|
|
frame size: 1
|
|
|
|
parameter count: 1
|
2016-08-08 01:15:22 +00:00
|
|
|
bytecode array length: 10
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
2017-01-25 17:39:24 +00:00
|
|
|
/* 42 S> */ B(LdaSmi), I8(1),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2017-07-27 12:45:00 +00:00
|
|
|
/* 45 S> */ B(Dec), U8(0),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 56 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = 1; return a--;
|
|
|
|
"
|
|
|
|
frame size: 2
|
|
|
|
parameter count: 1
|
2017-09-11 16:57:39 +00:00
|
|
|
bytecode array length: 16
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
2017-01-25 17:39:24 +00:00
|
|
|
/* 42 S> */ B(LdaSmi), I8(1),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2017-10-12 00:50:06 +00:00
|
|
|
/* 45 S> */ B(ToNumeric), U8(0),
|
2017-09-11 16:57:39 +00:00
|
|
|
B(Star), R(1),
|
2017-07-27 12:45:00 +00:00
|
|
|
B(Dec), U8(0),
|
2016-06-09 13:32:33 +00:00
|
|
|
B(Star), R(0),
|
2016-05-11 12:21:56 +00:00
|
|
|
B(Ldar), R(1),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 56 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = { val: 1 }; return a.val++;
|
|
|
|
"
|
2017-11-06 16:09:25 +00:00
|
|
|
frame size: 4
|
2016-02-25 12:07:07 +00:00
|
|
|
parameter count: 1
|
2018-11-08 08:55:43 +00:00
|
|
|
bytecode array length: 26
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 42 S> */ B(CreateObjectLiteral), U8(0), U8(0), U8(41),
|
|
|
|
B(Star), R(0),
|
|
|
|
/* 54 S> */ B(LdaNamedProperty), R(0), U8(1), U8(1),
|
2017-10-19 15:12:42 +00:00
|
|
|
B(ToNumeric), U8(3),
|
2017-09-11 16:57:39 +00:00
|
|
|
B(Star), R(2),
|
2017-10-19 15:12:42 +00:00
|
|
|
B(Inc), U8(3),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Star), R(3),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 66 E> */ B(StaNamedProperty), R(0), U8(1), U8(4),
|
2016-05-11 12:21:56 +00:00
|
|
|
B(Ldar), R(2),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 69 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
2018-07-05 18:34:09 +00:00
|
|
|
OBJECT_BOILERPLATE_DESCRIPTION_TYPE,
|
2016-09-06 16:10:19 +00:00
|
|
|
ONE_BYTE_INTERNALIZED_STRING_TYPE ["val"],
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = { val: 1 }; return --a.val;
|
|
|
|
"
|
2017-11-06 16:09:25 +00:00
|
|
|
frame size: 3
|
2016-02-25 12:07:07 +00:00
|
|
|
parameter count: 1
|
2018-11-08 08:55:43 +00:00
|
|
|
bytecode array length: 22
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 42 S> */ B(CreateObjectLiteral), U8(0), U8(0), U8(41),
|
|
|
|
B(Star), R(0),
|
|
|
|
/* 54 S> */ B(LdaNamedProperty), R(0), U8(1), U8(1),
|
2017-10-19 15:12:42 +00:00
|
|
|
B(Dec), U8(3),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Star), R(2),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 65 E> */ B(StaNamedProperty), R(0), U8(1), U8(4),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Ldar), R(2),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 69 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
2018-07-05 18:34:09 +00:00
|
|
|
OBJECT_BOILERPLATE_DESCRIPTION_TYPE,
|
2016-09-06 16:10:19 +00:00
|
|
|
ONE_BYTE_INTERNALIZED_STRING_TYPE ["val"],
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var name = 'var'; var a = { val: 1 }; return a[name]--;
|
|
|
|
"
|
2017-11-06 16:09:25 +00:00
|
|
|
frame size: 6
|
2016-02-25 12:07:07 +00:00
|
|
|
parameter count: 1
|
2018-11-08 08:55:43 +00:00
|
|
|
bytecode array length: 31
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
|
|
|
/* 45 S> */ B(LdaConstant), U8(0),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 60 S> */ B(CreateObjectLiteral), U8(1), U8(0), U8(41),
|
|
|
|
B(Star), R(1),
|
2016-06-09 13:32:33 +00:00
|
|
|
/* 72 S> */ B(Ldar), R(0),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 81 E> */ B(LdaKeyedProperty), R(1), U8(1),
|
2017-10-19 15:12:42 +00:00
|
|
|
B(ToNumeric), U8(3),
|
2017-09-11 16:57:39 +00:00
|
|
|
B(Star), R(4),
|
2017-10-19 15:12:42 +00:00
|
|
|
B(Dec), U8(3),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Star), R(5),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 86 E> */ B(StaKeyedProperty), R(1), R(0), U8(4),
|
2016-05-11 12:21:56 +00:00
|
|
|
B(Ldar), R(4),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 89 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
2016-09-06 16:10:19 +00:00
|
|
|
ONE_BYTE_INTERNALIZED_STRING_TYPE ["var"],
|
2018-07-05 18:34:09 +00:00
|
|
|
OBJECT_BOILERPLATE_DESCRIPTION_TYPE,
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var name = 'var'; var a = { val: 1 }; return ++a[name];
|
|
|
|
"
|
2017-11-06 16:09:25 +00:00
|
|
|
frame size: 5
|
2016-02-25 12:07:07 +00:00
|
|
|
parameter count: 1
|
2018-11-08 08:55:43 +00:00
|
|
|
bytecode array length: 27
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
|
|
|
/* 45 S> */ B(LdaConstant), U8(0),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 60 S> */ B(CreateObjectLiteral), U8(1), U8(0), U8(41),
|
|
|
|
B(Star), R(1),
|
2016-06-09 13:32:33 +00:00
|
|
|
/* 72 S> */ B(Ldar), R(0),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 83 E> */ B(LdaKeyedProperty), R(1), U8(1),
|
2017-10-19 15:12:42 +00:00
|
|
|
B(Inc), U8(3),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Star), R(4),
|
2018-11-08 08:55:43 +00:00
|
|
|
/* 87 E> */ B(StaKeyedProperty), R(1), R(0), U8(4),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Ldar), R(4),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 89 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
2016-09-06 16:10:19 +00:00
|
|
|
ONE_BYTE_INTERNALIZED_STRING_TYPE ["var"],
|
2018-07-05 18:34:09 +00:00
|
|
|
OBJECT_BOILERPLATE_DESCRIPTION_TYPE,
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = 1; var b = function() { return a }; return ++a;
|
|
|
|
"
|
|
|
|
frame size: 2
|
|
|
|
parameter count: 1
|
2018-05-02 13:57:26 +00:00
|
|
|
bytecode array length: 23
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2018-05-02 13:57:26 +00:00
|
|
|
B(CreateFunctionContext), U8(0), U8(1),
|
2016-05-11 12:21:56 +00:00
|
|
|
B(PushContext), R(1),
|
|
|
|
/* 30 E> */ B(StackCheck),
|
2017-01-25 17:39:24 +00:00
|
|
|
/* 42 S> */ B(LdaSmi), I8(1),
|
Revert "Reland "[runtime] Move Context::native_context to the map""
This reverts commit c7c47c68f2c0eb1155cfacab785aba54f61d9218.
Reason for revert: breaks TSAN
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738
Original change's description:
> Reland "[runtime] Move Context::native_context to the map"
>
> This is a reland of f05bae1e0df48aa6a32d958fb4339a85fefb5179
>
> Previously I presumed that the context read from a frame in the profiler was
> a valid context. Turns out that on non-intel we're not guaranteed that the
> frame is properly set up. In the case we looked at, the profiler took a
> sample right before writing the frame marker indicating a builtin frame,
> causing the "context" pointer from that frame to be a bytecode array. Since
> we'll read random garbage on the stack as a possible context pointer, I made
> the code reading the native context from it a little more defensive.
>
> Bug: v8:9860
>
> Original change's description:
> > [runtime] Move Context::native_context to the map
> >
> > Remove the native context slot from contexts by making context maps
> > native-context-specific. Now we require 2 loads to go from a context to the
> > native context, but we have 1 field fewer to store when creating contexts.
> >
> > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> > Reviewed-by: Maya Lekova <mslekova@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#64296}
>
> Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64314}
TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com
Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9860
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64316}
2019-10-16 13:10:30 +00:00
|
|
|
/* 42 E> */ B(StaCurrentContextSlot), U8(4),
|
2018-05-02 13:57:26 +00:00
|
|
|
/* 53 S> */ B(CreateClosure), U8(1), U8(0), U8(2),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
Revert "Reland "[runtime] Move Context::native_context to the map""
This reverts commit c7c47c68f2c0eb1155cfacab785aba54f61d9218.
Reason for revert: breaks TSAN
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738
Original change's description:
> Reland "[runtime] Move Context::native_context to the map"
>
> This is a reland of f05bae1e0df48aa6a32d958fb4339a85fefb5179
>
> Previously I presumed that the context read from a frame in the profiler was
> a valid context. Turns out that on non-intel we're not guaranteed that the
> frame is properly set up. In the case we looked at, the profiler took a
> sample right before writing the frame marker indicating a builtin frame,
> causing the "context" pointer from that frame to be a bytecode array. Since
> we'll read random garbage on the stack as a possible context pointer, I made
> the code reading the native context from it a little more defensive.
>
> Bug: v8:9860
>
> Original change's description:
> > [runtime] Move Context::native_context to the map
> >
> > Remove the native context slot from contexts by making context maps
> > native-context-specific. Now we require 2 loads to go from a context to the
> > native context, but we have 1 field fewer to store when creating contexts.
> >
> > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> > Reviewed-by: Maya Lekova <mslekova@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#64296}
>
> Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64314}
TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com
Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9860
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64316}
2019-10-16 13:10:30 +00:00
|
|
|
/* 78 S> */ B(LdaCurrentContextSlot), U8(4),
|
2019-03-08 14:57:54 +00:00
|
|
|
B(Inc), U8(0),
|
Revert "Reland "[runtime] Move Context::native_context to the map""
This reverts commit c7c47c68f2c0eb1155cfacab785aba54f61d9218.
Reason for revert: breaks TSAN
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738
Original change's description:
> Reland "[runtime] Move Context::native_context to the map"
>
> This is a reland of f05bae1e0df48aa6a32d958fb4339a85fefb5179
>
> Previously I presumed that the context read from a frame in the profiler was
> a valid context. Turns out that on non-intel we're not guaranteed that the
> frame is properly set up. In the case we looked at, the profiler took a
> sample right before writing the frame marker indicating a builtin frame,
> causing the "context" pointer from that frame to be a bytecode array. Since
> we'll read random garbage on the stack as a possible context pointer, I made
> the code reading the native context from it a little more defensive.
>
> Bug: v8:9860
>
> Original change's description:
> > [runtime] Move Context::native_context to the map
> >
> > Remove the native context slot from contexts by making context maps
> > native-context-specific. Now we require 2 loads to go from a context to the
> > native context, but we have 1 field fewer to store when creating contexts.
> >
> > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> > Reviewed-by: Maya Lekova <mslekova@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#64296}
>
> Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64314}
TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com
Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9860
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64316}
2019-10-16 13:10:30 +00:00
|
|
|
/* 87 E> */ B(StaCurrentContextSlot), U8(4),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 89 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
2018-05-02 13:57:26 +00:00
|
|
|
SCOPE_INFO_TYPE,
|
2016-09-06 16:10:19 +00:00
|
|
|
SHARED_FUNCTION_INFO_TYPE,
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var a = 1; var b = function() { return a }; return a--;
|
|
|
|
"
|
|
|
|
frame size: 3
|
|
|
|
parameter count: 1
|
2018-05-02 13:57:26 +00:00
|
|
|
bytecode array length: 29
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2018-05-02 13:57:26 +00:00
|
|
|
B(CreateFunctionContext), U8(0), U8(1),
|
2016-05-11 12:21:56 +00:00
|
|
|
B(PushContext), R(1),
|
|
|
|
/* 30 E> */ B(StackCheck),
|
2017-01-25 17:39:24 +00:00
|
|
|
/* 42 S> */ B(LdaSmi), I8(1),
|
Revert "Reland "[runtime] Move Context::native_context to the map""
This reverts commit c7c47c68f2c0eb1155cfacab785aba54f61d9218.
Reason for revert: breaks TSAN
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738
Original change's description:
> Reland "[runtime] Move Context::native_context to the map"
>
> This is a reland of f05bae1e0df48aa6a32d958fb4339a85fefb5179
>
> Previously I presumed that the context read from a frame in the profiler was
> a valid context. Turns out that on non-intel we're not guaranteed that the
> frame is properly set up. In the case we looked at, the profiler took a
> sample right before writing the frame marker indicating a builtin frame,
> causing the "context" pointer from that frame to be a bytecode array. Since
> we'll read random garbage on the stack as a possible context pointer, I made
> the code reading the native context from it a little more defensive.
>
> Bug: v8:9860
>
> Original change's description:
> > [runtime] Move Context::native_context to the map
> >
> > Remove the native context slot from contexts by making context maps
> > native-context-specific. Now we require 2 loads to go from a context to the
> > native context, but we have 1 field fewer to store when creating contexts.
> >
> > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> > Reviewed-by: Maya Lekova <mslekova@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#64296}
>
> Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64314}
TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com
Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9860
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64316}
2019-10-16 13:10:30 +00:00
|
|
|
/* 42 E> */ B(StaCurrentContextSlot), U8(4),
|
2018-05-02 13:57:26 +00:00
|
|
|
/* 53 S> */ B(CreateClosure), U8(1), U8(0), U8(2),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
Revert "Reland "[runtime] Move Context::native_context to the map""
This reverts commit c7c47c68f2c0eb1155cfacab785aba54f61d9218.
Reason for revert: breaks TSAN
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738
Original change's description:
> Reland "[runtime] Move Context::native_context to the map"
>
> This is a reland of f05bae1e0df48aa6a32d958fb4339a85fefb5179
>
> Previously I presumed that the context read from a frame in the profiler was
> a valid context. Turns out that on non-intel we're not guaranteed that the
> frame is properly set up. In the case we looked at, the profiler took a
> sample right before writing the frame marker indicating a builtin frame,
> causing the "context" pointer from that frame to be a bytecode array. Since
> we'll read random garbage on the stack as a possible context pointer, I made
> the code reading the native context from it a little more defensive.
>
> Bug: v8:9860
>
> Original change's description:
> > [runtime] Move Context::native_context to the map
> >
> > Remove the native context slot from contexts by making context maps
> > native-context-specific. Now we require 2 loads to go from a context to the
> > native context, but we have 1 field fewer to store when creating contexts.
> >
> > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> > Reviewed-by: Maya Lekova <mslekova@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#64296}
>
> Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64314}
TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com
Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9860
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64316}
2019-10-16 13:10:30 +00:00
|
|
|
/* 78 S> */ B(LdaCurrentContextSlot), U8(4),
|
2019-03-08 14:57:54 +00:00
|
|
|
B(ToNumeric), U8(0),
|
2017-09-11 16:57:39 +00:00
|
|
|
B(Star), R(2),
|
2019-03-08 14:57:54 +00:00
|
|
|
B(Dec), U8(0),
|
Revert "Reland "[runtime] Move Context::native_context to the map""
This reverts commit c7c47c68f2c0eb1155cfacab785aba54f61d9218.
Reason for revert: breaks TSAN
https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20TSAN/28738
Original change's description:
> Reland "[runtime] Move Context::native_context to the map"
>
> This is a reland of f05bae1e0df48aa6a32d958fb4339a85fefb5179
>
> Previously I presumed that the context read from a frame in the profiler was
> a valid context. Turns out that on non-intel we're not guaranteed that the
> frame is properly set up. In the case we looked at, the profiler took a
> sample right before writing the frame marker indicating a builtin frame,
> causing the "context" pointer from that frame to be a bytecode array. Since
> we'll read random garbage on the stack as a possible context pointer, I made
> the code reading the native context from it a little more defensive.
>
> Bug: v8:9860
>
> Original change's description:
> > [runtime] Move Context::native_context to the map
> >
> > Remove the native context slot from contexts by making context maps
> > native-context-specific. Now we require 2 loads to go from a context to the
> > native context, but we have 1 field fewer to store when creating contexts.
> >
> > Change-Id: I3c0d7c50c94060c4129db684f46a567de6f30e8d
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1859629
> > Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> > Reviewed-by: Igor Sheludko <ishell@chromium.org>
> > Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> > Reviewed-by: Maya Lekova <mslekova@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#64296}
>
> Change-Id: If9461e9b21d35a260d71c79d7f95e518cc429e09
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864930
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Peter Marshall <petermarshall@chromium.org>
> Reviewed-by: Igor Sheludko <ishell@chromium.org>
> Reviewed-by: Georg Neis <neis@chromium.org>
> Commit-Queue: Toon Verwaest <verwaest@chromium.org>
> Auto-Submit: Toon Verwaest <verwaest@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#64314}
TBR=ulan@chromium.org,neis@chromium.org,petermarshall@chromium.org,ishell@chromium.org,verwaest@chromium.org,mslekova@chromium.org,victorgomes@google.com
Change-Id: I4f9edc62ea6f9f5857619ff0ad1a63cab4b33cc3
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:9860
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1864937
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64316}
2019-10-16 13:10:30 +00:00
|
|
|
/* 86 E> */ B(StaCurrentContextSlot), U8(4),
|
2016-05-11 12:21:56 +00:00
|
|
|
B(Ldar), R(2),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 89 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
2018-05-02 13:57:26 +00:00
|
|
|
SCOPE_INFO_TYPE,
|
2016-09-06 16:10:19 +00:00
|
|
|
SHARED_FUNCTION_INFO_TYPE,
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|
|
|
|
---
|
|
|
|
snippet: "
|
|
|
|
var idx = 1; var a = [1, 2]; return a[idx++] = 2;
|
|
|
|
"
|
2017-11-06 16:09:25 +00:00
|
|
|
frame size: 5
|
2016-02-25 12:07:07 +00:00
|
|
|
parameter count: 1
|
2017-11-06 16:09:25 +00:00
|
|
|
bytecode array length: 32
|
2016-02-25 12:07:07 +00:00
|
|
|
bytecodes: [
|
2016-05-11 12:21:56 +00:00
|
|
|
/* 30 E> */ B(StackCheck),
|
2017-01-25 17:39:24 +00:00
|
|
|
/* 44 S> */ B(LdaSmi), I8(1),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(0),
|
2017-07-27 12:45:00 +00:00
|
|
|
/* 55 S> */ B(CreateArrayLiteral), U8(0), U8(0), U8(37),
|
2016-05-23 13:31:53 +00:00
|
|
|
B(Star), R(1),
|
2016-05-27 15:57:35 +00:00
|
|
|
/* 63 S> */ B(Ldar), R(0),
|
2018-03-05 10:22:47 +00:00
|
|
|
B(ToNumeric), U8(1),
|
2017-09-11 16:57:39 +00:00
|
|
|
B(Star), R(3),
|
2018-03-05 10:22:47 +00:00
|
|
|
B(Inc), U8(1),
|
2016-06-09 13:32:33 +00:00
|
|
|
B(Star), R(0),
|
2017-01-25 17:39:24 +00:00
|
|
|
B(LdaSmi), I8(2),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Star), R(4),
|
2018-03-05 10:22:47 +00:00
|
|
|
/* 79 E> */ B(StaKeyedProperty), R(1), R(3), U8(2),
|
2017-11-06 16:09:25 +00:00
|
|
|
B(Ldar), R(4),
|
2017-07-14 17:50:09 +00:00
|
|
|
/* 83 S> */ B(Return),
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
constant pool: [
|
2018-07-05 18:34:09 +00:00
|
|
|
ARRAY_BOILERPLATE_DESCRIPTION_TYPE,
|
2016-02-25 12:07:07 +00:00
|
|
|
]
|
|
|
|
handlers: [
|
|
|
|
]
|
|
|
|
|