Use macros for factory functions, and in hydrogen code stubs.
LOG=N
BUG=v8:4124
Review URL: https://codereview.chromium.org/1293533003
Cr-Commit-Position: refs/heads/master@{#30206}
The following situation may happen which reproduces this bug:
(1) We allocate JSObject A on an evacuation candidate.
(2) We allocate JSObject B on a non-evacuation candidate.
(3) Incremental marking starts and marks object A and B.
(4) We create a reference from B.field = A; which records the slot B.field since A is on an evacuation candidate.
(5) After that we write a SMI into B.field.
(6) After that B goes into dictionary mode and shrinks its original size. B.field is now outside of the JSObject, i.e B.field is in memory that will be freed by the sweeper threads.
(7) GC is triggered.
(8) BUG: Slots buffer filtering walks over the slots buffer, SMIs are not filtered out because we assumed that SMIs are just ignored when the slots get updated later. However, recorded SMI slots of dead objects may be overwritten by double values at evacuation time.
(9) During evacuation, a heap number that looks like a valid pointer is moved over B.field.
(10) The slots buffer is scanned for updates, follows B.field since it looks like a pointer (the double value looks like a pointer), and crashes.
BUG=chromium:519577,chromium:454297
LOG=y
Review URL: https://codereview.chromium.org/1286343004
Cr-Commit-Position: refs/heads/master@{#30200}
Always unlink optimized code on deopt, even when FLAG_always_opt is present, because assumptions that the code made could have become invalid.
BUG=v8:4375
LOG=n
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1284103006
Cr-Commit-Position: refs/heads/master@{#30196}
This removes the dependency of the MarkingDeque on the underlying
collector by moving out the live bytes accounting and object color
mutations into a wrapper. The MarkingDeque can now be split into a
separate file.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1293773002
Cr-Commit-Position: refs/heads/master@{#30194}
Previously, UsePositions for Phis that are constant LiveRanges which are also used
as hints for other USePositions would always force-allocate the first register in
the allocatable register file to that range.
Review URL: https://codereview.chromium.org/1289313003
Cr-Commit-Position: refs/heads/master@{#30193}
The interpreter needs to be initialized after the snapshot has been deserialized.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1290883004
Cr-Commit-Position: refs/heads/master@{#30190}
This is to prevent unnecessary script contexts to be created for
native scripts, which could end up with a script context table
containing twenty script contexts for a newly created native context.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/1301533002
Cr-Commit-Position: refs/heads/master@{#30188}
Add Object::StrictEquals to unify the implementation of strict equality
comparison in the runtime and the api (the api was already missing a
case for SIMD). Now we (almost) have a single bottleneck for strict
equality, we just need to reduce the amount of unnecessary complexity
for the code stub.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1298603002
Cr-Commit-Position: refs/heads/master@{#30186}
Second item in section 13.7.5.1 states that the error should be a
SyntaxError, when previously CheckAndRewriteReferenceExpression
would always emit a ReferenceError.
BUG=v8:4373
R=adamk, rossberg
LOG=N
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1292393002
Cr-Commit-Position: refs/heads/master@{#30184}
Restricts linux perf-event code range reporting to functions only (i.e. on
stubs.) While this makes the gathered ticks less accurate, it reduces the
growth of the /tmp/perf-${pid}.map file.
BUG=v8:3453
R=hablich@chromium.org,danno@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/1292743002
Cr-Commit-Position: refs/heads/master@{#30179}
- Make the API look like v8::V8::InitializeICU.
(That is: A static method call, not an object to be created on the stack.)
- Fix path separator on Windows, by calling base::OS::isPathSeparator.
- Move into API, so that it can be called by hello-world & friends.
- Actually call it from hello-world and friends.
R=jochen@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1292053002
Cr-Commit-Position: refs/heads/master@{#30174}
This CL is a pure refactoring that makes an empty compilation unit
including just "foo.h" but not "foo-inl.h" compile without warnings or
errors. This is needed to further reduce the header dependency tangle.
This realizes above state for "spaces.h" and "mark-compact.h".
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/1288413002
Cr-Commit-Position: refs/heads/master@{#30171}
In doing so, fix calls CheckAndRewriteReferenceExpression to take proper
start and end positions (instead of just pointing at the first token in
the LHS expression).
BUG=v8:4370
LOG=n
Review URL: https://codereview.chromium.org/1290013002
Cr-Commit-Position: refs/heads/master@{#30166}
Improves on aec8987b5e by not forcing external GCs
(blink) through the GC epilogue callback.
BUG=chromium:515795
LOG=N
Review URL: https://codereview.chromium.org/1287323002
Cr-Commit-Position: refs/heads/master@{#30164}