Commit Graph

33537 Commits

Author SHA1 Message Date
jarin
26df3e230e Remove --ignition-staging to --ignition-osr implication.
Ignition OSR to turbofan seems to cause instruction selector crashes
(where instructions selector gets simplified operators, probably
because we break the effect chain somehow).

BUG=chromium:641893

Review-Url: https://codereview.chromium.org/2298613003
Cr-Commit-Position: refs/heads/master@{#39045}
2016-08-31 11:36:30 +00:00
mlippautz
91a4102a0d [heap] Incremental marking: Fix compile on MIPS
TBR=ulan@chromium.org
BUG=chromium:468240
NOTRY=true

Review-Url: https://codereview.chromium.org/2293903004
Cr-Commit-Position: refs/heads/master@{#39044}
2016-08-31 10:24:55 +00:00
oth
23e83d9fed [interpreter] Remove oth from OWNERS file.
TBR=rmcilroy@chromium.org
BUG=NONE

Review-Url: https://codereview.chromium.org/2298703002
Cr-Commit-Position: refs/heads/master@{#39043}
2016-08-31 10:14:18 +00:00
jochen
92679b023c Move pre-declaring the this variable to Scope::Analyze
The goal is to not have to look at the outer scope chain during parsing.

BUG=v8:5215
R=verwaest@chromium.org,marja@chromium.org

Review-Url: https://codereview.chromium.org/2298673002
Cr-Commit-Position: refs/heads/master@{#39042}
2016-08-31 10:12:52 +00:00
mlippautz
998c9285ea [heap] Integrate embedder heap tracer into incremental marking
- Respect a deadline when processing wrappers during incremental marking, i.e.,
  don't force completetion on each individual step
- Only finalize when both, the internal marking deque and wrappers, are
  processed

Some results (twitter using --enable-blink-features=TraceWrappables)

=== BEFORE ===
incremental_wrapper_tracing_longest_step
  len: 13
  min: 0.0
  ---> max: 6.6
  ---> avg: 3.83846153846
  [0,5[: 7
  [5,10[: 6
mark.wrapper_tracing
  len: 13
  min: 0.0
  max: 2.0 (non-incremental MC)
  avg: 0.153846153846
  [0,5[: 13

=== AFTER ===
incremental_wrapper_tracing_longest_step
  len: 8
  min: 0.0
  ---> max: 1.1
  ---> avg: 0.8875
  [0,5[: 8
mark.wrapper_tracing (not excluding non-incremental MC)
  len: 8
  min: 0.0
  max: 2.5 (non-incremental MC)
  avg: 0.3125
  [0,5[: 8

BUG=chromium:468240
R=ulan@chromium.org

Review-Url: https://codereview.chromium.org/2287343002
Cr-Commit-Position: refs/heads/master@{#39041}
2016-08-31 10:10:18 +00:00
bmeurer
7b79224b21 [crankshaft] Disable further folding already folded allocations.
When we try to further fold previously folded allocations in Crankshaft
GVN we don't properly transform the allocations involved, which causes
the mechanism to leave holes in the new/old space (and thereby violate
the iterability property of the new/old space).

BUG=chromium:621868
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2297983003
Cr-Commit-Position: refs/heads/master@{#39040}
2016-08-31 09:48:45 +00:00
verwaest
ce9e773828 Get rid of PropagateScopeInfo, update asm_function in set_asm_module instead.
The last user was propagating asm_module_ to inner function scopes as asm_function_. asm_function_ is already set upon scope creation when the outer scope IsAsmModule(). With default parameter it's possible that inner scopes are created before set_asm_module() is called. To keep current behavior we'll eagerly mark inner scopes as asm_function_ upon set_asm_module().

There's only one special case that used to be marked asm_function_ which is now no longer marked as such: asm functions in block scopes that are 'Finalized'. PropagateScopeInfo used to mark them as asm_function_ as well, whereas the new version would not mark them upon construction of the inner scope.

I presume both above cornercases aren't actually intended valid asm.js use-cases anyway. The second we can now easily identify in the verifier and mark as invalid asm, since we'll have an asm module with non-asm-function inner functions. If we want to disallow the first, we can also not mark them as asm_functions_ (by removing the loop I added in set_asm_module), which will reveal this structure to the validator.

BUG=v8:5209

Review-Url: https://codereview.chromium.org/2270743003
Cr-Commit-Position: refs/heads/master@{#39039}
2016-08-31 09:36:20 +00:00
marja
0645135446 Separate CompilationInfo into its own file.
This way, many files which only need CompilationInfo but not compiler.h
and its dependencies can include just compilation-info.h.

BUG=

Review-Url: https://codereview.chromium.org/2284313003
Cr-Commit-Position: refs/heads/master@{#39038}
2016-08-31 08:49:59 +00:00
jochen
5b25cbb503 Unify DeclarationScope::Analyze
R=marja@chromium.org
TBR=verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2294193003
Cr-Commit-Position: refs/heads/master@{#39037}
2016-08-31 08:47:19 +00:00
marja
4999717e8c Move DeclarationDescriptor to ParserBase.
This is the first step towards unifying ParseVariableDeclarations.

BUG=

Review-Url: https://codereview.chromium.org/2297643002
Cr-Commit-Position: refs/heads/master@{#39036}
2016-08-31 08:32:07 +00:00
v8-autoroll
896323eb10 Update V8 DEPS.
Rolling v8/build to 679c9fd3fa7390897bcf6891f0dc57a5e5dced0d

Rolling v8/tools/mb to d939c7d364f0565ac2ddcae09aafe01c9bf8007d

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2293333002
Cr-Commit-Position: refs/heads/master@{#39035}
2016-08-31 07:13:36 +00:00
machenbach
d4ec5f1c25 [gn] Port linux_use_bundled_binutils_override GN variable
Ports https://codereview.chromium.org/2293853002 to unblock
deps roller.

BUG=474921
TBR=jochen@chromium.org, kjellander@chromium.org, vogelheim@chromium.org
NOTRY=true

Review-Url: https://codereview.chromium.org/2290233005
Cr-Commit-Position: refs/heads/master@{#39034}
2016-08-31 06:50:34 +00:00
bmeurer
a45da58b41 [turbofan] Don't eliminate FinishRegion nodes.
The way we use FinishRegion for transitioning stores makes them eligible
for elimination by TypedOptimization, which is unintended and removes
the atomicity of the transitioning stores. This is a quickfix to ensure
that we don't remove the FinishRegion nodes during TypedOptimization;
the real fix is probably to have separate region operators for value
(producing) regions (i.e. allocations) and for effect-only regions (i.e.
transitioning stores).

R=jarin@chromium.org
BUG=v8:5303

Review-Url: https://codereview.chromium.org/2293023003
Cr-Commit-Position: refs/heads/master@{#39033}
2016-08-31 05:49:54 +00:00
bmeurer
b98d64f909 [turbofan] Extend LoadElimination to introduce TypeGuards.
If the type of a tracked field or element value is less precise than the
advertised type of the field or element load, then we replace the load
operation with a TypeGuard that guards the advertised type.

R=jarin@chromium.org
BUG=v8:5267

Review-Url: https://codereview.chromium.org/2295643002
Cr-Commit-Position: refs/heads/master@{#39032}
2016-08-31 05:48:28 +00:00
bmeurer
2b93899057 [turbofan] Remove remaining uses of Class type from the compiler.
We (mis)used Type::Class to track stable field maps in the past. But
that always more or less unsupport and wrong for various reasons, mostly
because the class types do not really present static information and
thus it is possible to violate fundamental assumptions of the type
system (i.e. intersecting class types and other types produces
"interesting" results).

Now it is possible to finally nuke the class types completely and thus
simplify (and ideally correctify) the type system further.

Note to performance sheriff: We do expect to see some performance
regressions from this change. This is because we do not yet have a sane
replacement mechanism to track known field maps and utilize them during
LoadElimination. This will be accomplished in a follow up CL.

BUG=v8:5270,v8:5267
R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2293343002
Cr-Commit-Position: refs/heads/master@{#39031}
2016-08-31 05:44:35 +00:00
adamk
9c00c88902 Remove duplicated code from comma-separated Expression parsing
This removes two bits of duplication:
  - Parsing of each AssignmentExpression, which previously was called
    first outside the loop and then inside the loop.
  - Parsing of arrow rest parameters, which previously was handled
    separately for the one-arg and N-arg cases.

The only change in behavior is in a few error messages.

Review-Url: https://codereview.chromium.org/2279363002
Cr-Commit-Position: refs/heads/master@{#39030}
2016-08-31 01:24:19 +00:00
adamk
b9810ba063 Revert of Refactor object/class literal property name parsing (patchset #7 id:120001 of https://codereview.chromium.org/2278153004/ )
Reason for revert:
Fails to reject "{*foo: 1}" as an object literal, found
by the fuzzer:

https://build.chromium.org/p/client.v8/builders/V8%20Fuzzer/builds/12315/steps/Fuzz%20on%20Ubuntu-12.04/logs/stdio

Original issue's description:
> Refactor object/class literal property name parsing
>
> This patch arranges that property names are parsed in a single pass,
> reporting the name as well as the type of the property, instead of
> parsing qualifiers like 'static' or 'get' initially as names and then
> re-parsing. This change is easier to reason about, very slightly (4%)
> faster in some cases (although slower in other, less common ones, though
> this slowdown will be fixed in an upcoming patch), and is a prerequisite
> for separating the parsing of object and class literal properties, which
> will become increasingly important as ECMAScript adds more class features.
>
> Committed: https://crrev.com/6dd26c729584024e17a05a2a76b319d4aecdc138
> Cr-Commit-Position: refs/heads/master@{#39027}

TBR=littledan@chromium.org,marja@chromium.org,bakkot@google.com
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2295743003
Cr-Commit-Position: refs/heads/master@{#39029}
2016-08-31 00:39:06 +00:00
mtrofin
03f3da45e1 [wasm] mjsunit support for I32 globals and test
Test ensuring globals are isolated between instances. Also
added support for globals section to mjsunit's
WebModuleBuilder as a prerequisite.

BUG=

Review-Url: https://codereview.chromium.org/2296993002
Cr-Commit-Position: refs/heads/master@{#39028}
2016-08-31 00:36:18 +00:00
bakkot
6dd26c7295 Refactor object/class literal property name parsing
This patch arranges that property names are parsed in a single pass,
reporting the name as well as the type of the property, instead of
parsing qualifiers like 'static' or 'get' initially as names and then
re-parsing. This change is easier to reason about, very slightly (4%)
faster in some cases (although slower in other, less common ones, though
this slowdown will be fixed in an upcoming patch), and is a prerequisite
for separating the parsing of object and class literal properties, which
will become increasingly important as ECMAScript adds more class features.

Review-Url: https://codereview.chromium.org/2278153004
Cr-Commit-Position: refs/heads/master@{#39027}
2016-08-30 23:57:53 +00:00
mvstanton
f889230d59 [turbofan] Introduce MachineRepresentation to PropertyAccessInfo.
Increasingly, we avoid using the representation dimension of Type,
  and set it explicitly ourselves.

BUG=

Review-Url: https://codereview.chromium.org/2290233002
Cr-Commit-Position: refs/heads/master@{#39026}
2016-08-30 19:25:27 +00:00
bmeurer
a35934a673 [turbofan] Don't mark likely conversion as deferred.
When changing from Tagged to Float64 representation, it's not unlikely
to see a HeapNumber (or if feedback says so, an Oddball), so we
shouldn't penalize the code that deals with this case by marking it as
deferred.

R=mvstanton@chromium.org
BUG=v8:5267

Review-Url: https://codereview.chromium.org/2295933003
Cr-Commit-Position: refs/heads/master@{#39025}
2016-08-30 18:36:03 +00:00
ulan
1b8fd0dd4b Fix step size computation in IncrementalMarking::AdvanceIncrementalMarking.
BUG=chromium:616434
LOG=NO

Review-Url: https://codereview.chromium.org/2294783002
Cr-Commit-Position: refs/heads/master@{#39024}
2016-08-30 17:59:10 +00:00
addaleax
8ed65b97a3 Make FieldType::None() non-nullptr value to avoid undefined behaviour
When FieldType::None() returns a cast Smi::FromInt(0), which translates
as nullptr, the FieldType::IsNone() check becomes equivalent to
`this == nullptr` which is not allowed by the standard and
therefore optimized away as a false constant by GCC 6.

This has lead to crashes when invoking methods on FieldType::None().

Using a different Smi constant for FieldType::None() makes the compiler
always include a comparison against that value. The choice of these
constants has no effect as they are effectively arbitrary.

BUG=https://github.com/nodejs/node/issues/8310

Review-Url: https://codereview.chromium.org/2292953002
Cr-Commit-Position: refs/heads/master@{#39023}
2016-08-30 17:56:05 +00:00
ahaas
9f747be5a7 [wasm] Check the input of grow-memory before calling the runtime.
If the input of grow-memory was not representable as a SMI, then the
input was not passed correctly to the runtime, which caused a crash.
With this CL the input of grow-memory is checked before the runtime is
called.

R=titzer@chromium.org, gdeepti@chromium.org
TEST=mjsunit/wasm/grow-memory.js:testGrowMemoryTrapsWithNonSmiInput()

Review-Url: https://codereview.chromium.org/2288773002
Cr-Commit-Position: refs/heads/master@{#39022}
2016-08-30 17:00:24 +00:00
ahaas
f2931d7da2 Add generated fuzzer files to .gitignore
Hi Brad,

am I right that the two files that I added to .gitignore are generated
by your fuzzer CL (https://codereview.chromium.org/2273303002/)?

Cheers, Andreas

R=bradnelson@chromium.org

Review-Url: https://codereview.chromium.org/2289163002
Cr-Commit-Position: refs/heads/master@{#39021}
2016-08-30 15:31:37 +00:00
mvstanton
cc9d44980b [TurboFan]: Rename "upper" types to just types.
BUG=

Review-Url: https://codereview.chromium.org/2291103002
Cr-Commit-Position: refs/heads/master@{#39020}
2016-08-30 14:27:50 +00:00
epertoso
bdf5566281 [turbofan] Treat the INT32 state of a truncating binary op IC as number or oddball on 32-bit machines.
This was causing a few unexpected deopt loops.

BUG=v8:5320

Review-Url: https://codereview.chromium.org/2292873002
Cr-Commit-Position: refs/heads/master@{#39019}
2016-08-30 14:13:34 +00:00
jochen
60c75fbe41 Reland of "Release streamed script resources after it was compiled"
Original issue's description:
> Release streamed script resources after it was compiled
>
> Otherwise, we'd hold on to the resources until the embedder frees them
> which might take a long time
>
> R=marja@chromium.org,verwaest@chromium.org
> BUG=
>
> Committed: https://crrev.com/877dac34465c018bb534b7781fbe242ae4e33c32
> Cr-Commit-Position: refs/heads/master@{#38999}

TBR=marja@chromium.org,verwaest@chromium.org
BUG=chromium:642347

Review-Url: https://codereview.chromium.org/2296733002
Cr-Commit-Position: refs/heads/master@{#39018}
2016-08-30 14:11:20 +00:00
jbroman
e2361954e5 Blink-compatible serialization of SharedArrayBuffer.
BUG=chromium:148757

Review-Url: https://codereview.chromium.org/2290753002
Cr-Commit-Position: refs/heads/master@{#39017}
2016-08-30 14:05:49 +00:00
ulan
bcf4c66b66 Make incremental marking tracing format consistent with GC tracing.
Now incremental marking tracing outputs isolate and timestamp:

[41894:0x21efec0]    17253 ms: [IncrementalMarking] Start (old space step)

This patch also adds walltime duration of incremental marking to GC trace output.

BUG=

Review-Url: https://codereview.chromium.org/2293883002
Cr-Commit-Position: refs/heads/master@{#39016}
2016-08-30 13:46:10 +00:00
jgruber
f7bc1fc733 Refactor call site handling for stack formatting
This commit introduces several new types:

* JSStackFrame and WasmStackFrame are wrapper classes around a single frame
  in a FrameArray.
* They both inherit from StackFrameBase, which uses virtual dispatch to call
  the correct implementation.
* FrameArrayIterator contains a static instance of JSStackFrame and
  WasmStackFrame and returns a pointer to the corresponding type for each
  frame.
* The JS callsite object now contains the frame array and frame index
  as internal fields.

Internal stack formatting now relies completely on FrameArrayIterator and the
{JS,Wasm}StackFrame types. JS callsite instances are allocated only for custom
user formatting through Error.prepareStackTrace.

BUG=

Review-Url: https://codereview.chromium.org/2275233002
Cr-Commit-Position: refs/heads/master@{#39015}
2016-08-30 13:29:10 +00:00
ahaas
510246f6e2 [wasm] Use the native_context for the TypeError in ToJS()
With this CL we use isolate->native_context() to provide a context for
the CEntryStub of the runtime call. The native_context() is sufficient
here because Runtime::kWasmThrowTypeError does not use the context.

R=titzer@chromium.org
TEST=mjsunit/wasm/ffi-error.js
BUG=chromium:639492

Review-Url: https://codereview.chromium.org/2291043002
Cr-Commit-Position: refs/heads/master@{#39014}
2016-08-30 12:46:02 +00:00
mlippautz
4099b1a3f5 [heap] GCTracer: Account for sweeping during incremental marking
R=ulan@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2292073002
Cr-Commit-Position: refs/heads/master@{#39013}
2016-08-30 12:45:13 +00:00
machenbach
08d1aa6364 Revert of Release streamed script resources after it was compiled (patchset #1 id:1 of https://codereview.chromium.org/2297523002/ )
Reason for revert:
Seems to break webkit unit tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/9360
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064%20%28dbg%29/builds/5503

Original issue's description:
> Release streamed script resources after it was compiled
>
> Otherwise, we'd hold on to the resources until the embedder frees them
> which might take a long time
>
> R=marja@chromium.org,verwaest@chromium.org
> BUG=
>
> Committed: https://crrev.com/877dac34465c018bb534b7781fbe242ae4e33c32
> Cr-Commit-Position: refs/heads/master@{#38999}

TBR=marja@chromium.org,verwaest@chromium.org,jochen@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review-Url: https://codereview.chromium.org/2290173003
Cr-Commit-Position: refs/heads/master@{#39012}
2016-08-30 12:38:13 +00:00
jochen
c3e1b5f87c Add an option --gn to run-tests.py that just runs the latest gn build
R=machenbach@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2295703002
Cr-Commit-Position: refs/heads/master@{#39011}
2016-08-30 12:21:27 +00:00
v8-autoroll
df80116116 Update V8 DEPS.
Rolling v8/build to 52f474cdb9e67007b938fd4a47220cb3c012e5e8

Rolling v8/third_party/WebKit/Source/platform/inspector_protocol to 84d90b2cc3f01a39bf73a8119a5cec0337d00c9f

Rolling v8/tools/clang to 3e1948978834c16073c1b076410df1a80adda1f5

Rolling v8/tools/mb to ac239cc82ef08858d6f2b75216dd13afcdbc6ac3

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Committed: https://crrev.com/3b8a2e5129fec64674bb0191cba5aa4592d08d5f
Review-Url: https://codereview.chromium.org/2289063002
Cr-Original-Commit-Position: refs/heads/master@{#38995}
Cr-Commit-Position: refs/heads/master@{#39010}
2016-08-30 12:20:37 +00:00
machenbach
6b6d4c12f4 [gn] Allow overriding sanitizer suppression files
Port https://codereview.chromium.org/2267753002/

BUG=474921
TBR=jochen@chromium.org, kjellander@chromium.org, vogelheim@chromium.org

Review-Url: https://codereview.chromium.org/2290213002
Cr-Commit-Position: refs/heads/master@{#39009}
2016-08-30 12:15:53 +00:00
jochen
1992d72bbe Don't reuse the name scope for multiple variables in DoParseLazy
R=marja@chromium.org,verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2293803002
Cr-Commit-Position: refs/heads/master@{#39008}
2016-08-30 11:53:33 +00:00
Miran.Karic
1ceb9aeca6 MIPS: Fix Neg_s and Neg_d for loongson and r1
For arch variants loongson and r1 neg instruction does not change the
sign for NaN-like operands, the same as r2 neg. This fix adjusts macro
assembler Neg_s and Neg_d arch variant logic so the correct code would
be generated for loongson and r1.

BUG=

Review-Url: https://codereview.chromium.org/2287333002
Cr-Commit-Position: refs/heads/master@{#39007}
2016-08-30 11:44:34 +00:00
epertoso
708f80d243 [interpreter] Make the comparison bytecode handlers collect type feedback.
BUG=v8:5273

Review-Url: https://codereview.chromium.org/2286273002
Cr-Commit-Position: refs/heads/master@{#39006}
2016-08-30 10:21:39 +00:00
bmeurer
9bdce030df [turbofan] Sanitize typing of Date builtins.
Put the types for the Date builtins into the TypeCache, and add
support for Date.prototype.getDay and Date.prototype.getMinutes.

R=epertoso@chromium.org
BUG=v8:5267

Review-Url: https://codereview.chromium.org/2296593002
Cr-Commit-Position: refs/heads/master@{#39005}
2016-08-30 10:06:13 +00:00
jacob.bramley
76ea8f2f95 [arm] Simplify run-time CPU selection.
This replaces the target-selection options (such as "--enable-vfp3")
with a simpler, absolute "--arm-arch" option. This eliminates inferences
and avoids surprising behaviour in impossible situations (such as
"--enable-vfp3 --no-enable-armv7").

The available options are:
    --arm-arch=armv6          ARMv6 + VFPv2
    --arm-arch=armv7          ARMv7 + VFPv3-D32 + NEON
    --arm-arch=armv7+sudiv    ARMv7 + VFPv4-D32 + NEON + SUDIV
    --arm-arch=armv8          ARMv8 (+ all of the above)

For now, the default setting is "armv8", which results in behaviour very
similar to the existing defaults.

BUG=v8:5077

Review-Url: https://codereview.chromium.org/2223433002
Cr-Commit-Position: refs/heads/master@{#39004}
2016-08-30 10:02:23 +00:00
jochen
0c3789fb6a Create ScopeInfos while analyzing the Scope chain
Instead of creating them on demand all over the place.

I plan to link ScopeInfos together, and having one place where all
ScopeInfos are created will make this easier.

R=verwaest@chromium.org,adamk@chromium.org
TBR=mstarzinger@chromium.org
BUG=v8:5215

Review-Url: https://codereview.chromium.org/2281073002
Cr-Commit-Position: refs/heads/master@{#39003}
2016-08-30 09:48:56 +00:00
daniel.bevenius
47bcea99fb Updating comment for Proxy::New function
The comment for the Proxy::New functions seems inaccurate and is
currently identical to Map::New:

3090   /**
3091    * Creates a new empty Map.
3092    */
3093   static Local<Map> New(Isolate* isolate);

This commit updates the comment to describe that it creates a Proxy and
not a Map.

BUG=

Review-Url: https://codereview.chromium.org/2176063002
Cr-Commit-Position: refs/heads/master@{#39002}
2016-08-30 09:43:53 +00:00
titzer
b5cbcb357f [asm.js] (Re)use temporaries in asm->wasm conversion.
This CL is a prequisite for the stack machine changes, which will need
to use temporaries in various places due to the stack height requirements
on blocks.

R=ahaas@chromium.org,bradnelson@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2280063002
Cr-Commit-Position: refs/heads/master@{#39001}
2016-08-30 09:43:07 +00:00
jbroman
88d603bb55 Convince gcc that local variables in i::ValueDeserializer::ReadJSArrayBufferView are initialized.
It emits spurious -Wmaybe-uninitialized warnings. Initializing these variables
shouldn't do any harm (with an optimizing compiler), so this seems the quickest
way to mollify gcc.

BUG=chromium:148757

Review-Url: https://codereview.chromium.org/2290653003
Cr-Commit-Position: refs/heads/master@{#39000}
2016-08-30 09:41:42 +00:00
jochen
877dac3446 Release streamed script resources after it was compiled
Otherwise, we'd hold on to the resources until the embedder frees them
which might take a long time

R=marja@chromium.org,verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2297523002
Cr-Commit-Position: refs/heads/master@{#38999}
2016-08-30 09:40:52 +00:00
machenbach
afbc4578af Revert of Update V8 DEPS. (patchset #1 id:1 of https://codereview.chromium.org/2289063002/ )
Reason for revert:
Breaks tsan build generation:
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/11441

Original issue's description:
> Update V8 DEPS.
>
> Rolling v8/build to 52f474cdb9e67007b938fd4a47220cb3c012e5e8
>
> Rolling v8/third_party/WebKit/Source/platform/inspector_protocol to 84d90b2cc3f01a39bf73a8119a5cec0337d00c9f
>
> Rolling v8/tools/clang to 3e1948978834c16073c1b076410df1a80adda1f5
>
> Rolling v8/tools/mb to ac239cc82ef08858d6f2b75216dd13afcdbc6ac3
>
> TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
>
> Committed: https://crrev.com/3b8a2e5129fec64674bb0191cba5aa4592d08d5f
> Cr-Commit-Position: refs/heads/master@{#38995}

TBR=hablich@chromium.org,vogelheim@chromium.org,v8-autoroll@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2290163002
Cr-Commit-Position: refs/heads/master@{#38998}
2016-08-30 09:36:57 +00:00
oth
fc6a0c940c Remove oth from v8 WATCHLISTS file.
TBR=rmcilroy@chromium.org
BUG=NONE

Review-Url: https://codereview.chromium.org/2290633004
Cr-Commit-Position: refs/heads/master@{#38997}
2016-08-30 08:32:33 +00:00
jgruber
4f781d7249 Fix LookupCode for the DatePrototype_GetField builtin
This was exposed on win64 and manifested as a negative offset during
stack frame collection, i.e. pc < Code::instruction_start() for a
BUILTIN frame.

This happened because StackFrame::LookupCode returns the wrong code
object when call is the last instruction in a code object:
* pc is actually the return address for all but the topmost frame.
* pc points at the next instruction after the call.
* This is beyond the current code object if call is the last
  instruction.
* Lookup itself is naive in that it just returns the first code object
  for which (next_code_obj_addr > pc). It does not check that pc is
  actually within [instruction_start, instruction_end[.
* In this specific case, the pc (== return address) actually pointed
  at the beginning of the header of the next code object.
* We finally calculated offset as (code->instruction_start() - pc),
  but with the wrong code object.

This should be followed up by a proper fix at some point. For instance,
this could be setting pc to (return address - 1) for all but the topmost
frame.

BUG=v8:5311

Review-Url: https://codereview.chromium.org/2284673002
Cr-Commit-Position: refs/heads/master@{#38996}
2016-08-30 08:28:14 +00:00