AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
22,956 Commits 1 Branch 0 Tags 839 MiB
81c080ef8e
Commit Graph

1322 Commits

Author SHA1 Message Date
jkummerow
f8175201da Fix harmless HGraph verification failure after hoisting inlined bounds checks 
BUG=chromium:487608
LOG=y
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1133343003

Cr-Commit-Position: refs/heads/master@{#28463}
 2015-05-19 07:32:48 +00:00
yangguo
19312c1631 Do not clear stepping after DebugEvaluate. 
Clearing stepping was originally introduced in http://codereview.chromium.org/7889039
But DebugEvaluate now also uses a DisableBreak scope, which makes sure we don't step
inside the evaluated code.

R=yurys@chromium.org
BUG=chromium:467180
LOG=N

Review URL: https://codereview.chromium.org/1129363003

Cr-Commit-Position: refs/heads/master@{#28461}
 2015-05-19 04:56:08 +00:00
verwaest
4268141ca6 Reland "Mark internal AccessorInfo properties as 'special data properties'" 
This reverts commit ac5336baca.

BUG=

Review URL: https://codereview.chromium.org/1138483005

Cr-Commit-Position: refs/heads/master@{#28442}
 2015-05-18 12:36:40 +00:00
machenbach
f453416b7f Revert of Debugger: preserve stepping state after evaluating breakpoint condition. (patchset #1 id:1 of https://codereview.chromium.org/1132643004/) 
Reason for revert:
[Sheriff] This breaks TSAN (makes some tests marked as flaky permanently fail):
http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/3882

Original issue's description:
> Debugger: preserve stepping state after evaluating breakpoint condition.
>
> R=ulan@chromium.org, yurys@chromium.org
> BUG=chromium:467180
> LOG=N

TBR=ulan@chromium.org,yurys@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:467180

Review URL: https://codereview.chromium.org/1130123007

Cr-Commit-Position: refs/heads/master@{#28436}
 2015-05-17 06:21:39 +00:00
yangguo
ee6666a55a Debugger: preserve stepping state after evaluating breakpoint condition. 
R=ulan@chromium.org, yurys@chromium.org
BUG=chromium:467180
LOG=N

Review URL: https://codereview.chromium.org/1132643004

Cr-Commit-Position: refs/heads/master@{#28432}
 2015-05-15 22:50:55 +00:00
yangguo
d8e9f3a484 Add regression test for resolving "this" in debug evaluate. 
R=hablich@chromium.org
BUG=chromium:487289
LOG=N

Review URL: https://codereview.chromium.org/1137293002

Cr-Commit-Position: refs/heads/master@{#28424}
 2015-05-15 13:57:31 +00:00
mvstanton
de3a1ca02e Bug: Runtime_GrowArrayElements provoked unnecessary lazy deopt. 
Unnecessary, and unhandled as well.

BUG=488398
R=jarin@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1141163004

Cr-Commit-Position: refs/heads/master@{#28421}
 2015-05-15 13:05:00 +00:00
ishell
3c1487db60 Map::ReconfigureProperty() should mark map as unstable when there is an element kind transition somewhere in the middle of the transition tree. 
BUG=chromium:485548
LOG=N

Review URL: https://codereview.chromium.org/1128043005

Cr-Commit-Position: refs/heads/master@{#28418}
 2015-05-15 10:39:51 +00:00
wingo
e73594c7fb Use ExpressionClassifier to identify valid arrow function formals 
R=dslomov@chromium.org
LOG=N
BUG=

Review URL: https://codereview.chromium.org/1138153003

Cr-Commit-Position: refs/heads/master@{#28391}
 2015-05-13 11:45:02 +00:00
yangguo
46f992ddd0 Reland "Use function wrapper argument to expose internal arrays to native scripts." 
Review URL: https://codereview.chromium.org/1138173002

Cr-Commit-Position: refs/heads/master@{#28367}
 2015-05-12 14:00:45 +00:00
yurys
cf07add227 Don't create debug context if debug listener is not set 
If there had been no debug listener v8::Debug::GetDebugContext would have created new context and wouln't have kept reference to it. This way we may well end up with several debug contexts and disabled debugger.

As a side effect this change allows to efficiently distinguish debug context from blink contexts by simply comparing handles.

BUG=chromium:482290
LOG=Y

Review URL: https://codereview.chromium.org/1136733002

Cr-Commit-Position: refs/heads/master@{#28356}
 2015-05-12 07:33:18 +00:00
yangguo
c39a0a75ad Revert of Use function wrapper argument to expose internal arrays to native scripts. (patchset #2 id:20001 of https://codereview.chromium.org/1127983003/) 
Reason for revert:
custom snapshot builder failing.

Original issue's description:
> Use function wrapper argument to expose internal arrays to native scripts.
>
> R=jkummerow@chromium.org
>
> Committed: https://crrev.com/a9b5a1795449d94387218d25baed2c2b3c4fbadc
> Cr-Commit-Position: refs/heads/master@{#28354}

TBR=jkummerow@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1123353008

Cr-Commit-Position: refs/heads/master@{#28355}
 2015-05-12 07:26:01 +00:00
yangguo
a9b5a17954 Use function wrapper argument to expose internal arrays to native scripts. 
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1127983003

Cr-Commit-Position: refs/heads/master@{#28354}
 2015-05-12 06:14:18 +00:00
jkummerow
f10b992dab Let Runtime_GrowArrayElements accept non-Smi numbers as |key|. 
BUG=chromium:485410
LOG=y
R=mvstanton@chromium.org,danno@chromium.org

Review URL: https://codereview.chromium.org/1132113004

Cr-Commit-Position: refs/heads/master@{#28327}
 2015-05-09 10:30:49 +00:00
titzer
318c1f770c [turbofan] Fix handling of OsrLoopEntry in ControlReducer::ConnectNTL() 
R=jarin@chromium.org
LOG=Y
BUG=chromium:485908

Review URL: https://codereview.chromium.org/1138463004

Cr-Commit-Position: refs/heads/master@{#28323}
 2015-05-08 15:44:27 +00:00
hpayer
c80d730c71 Initialize sub-array literals first before pointing to it. 
BUG=484544
LOG=n

Review URL: https://codereview.chromium.org/1132763002

Cr-Commit-Position: refs/heads/master@{#28313}
 2015-05-08 09:24:31 +00:00
verwaest
f21ea065b3 Fix smi scanning 
BUG=chromium:483176
LOG=n

Review URL: https://codereview.chromium.org/1114073003

Cr-Commit-Position: refs/heads/master@{#28202}
 2015-05-04 15:02:30 +00:00
yangguo
f42544b768 Set inferred name of bound function to empty string. 
Otherwise it's whatever the js minifier assigns it to.

R=jkummerow@chromium.org
BUG=chromium:484077
LOG=N

Review URL: https://codereview.chromium.org/1122733002

Cr-Commit-Position: refs/heads/master@{#28190}
 2015-05-04 09:55:43 +00:00
yangguo
7681432dbf JSON serializer should fail gracefully for special value wrappers. 
R=mstarzinger@chromium.org
BUG=chromium:471702
LOG=N

Review URL: https://codereview.chromium.org/1120573002

Cr-Commit-Position: refs/heads/master@{#28154}
 2015-04-30 10:02:21 +00:00
mstarzinger
6b60f19168 [turbofan] Fix frame state for class literal definition. 
This introduces a bailout point for class literals right after the
%DefineClass function has been called. Otherwise the FrameState after
class literal evaluation might contain the literal itself.

R=jarin@chromium.org
TEST=mjsunit/regress/regress-crbug-480819
BUG=chromium:480819
LOG=N

Review URL: https://codereview.chromium.org/1104673004

Cr-Commit-Position: refs/heads/master@{#28043}
 2015-04-24 11:12:57 +00:00
bmeurer
4f9bc2d1c3 [turbofan] Ignore dead cached nodes in the JSGraph. 
BUG=chromium:480807
LOG=n
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1101273002

Cr-Commit-Position: refs/heads/master@{#28041}
 2015-04-24 10:51:32 +00:00
yangguo
8cf289ca4f Throw when attaching a stack trace to an object fails. 
R=jarin@chromium.org
BUG=chromium:478011
LOG=N

Review URL: https://codereview.chromium.org/1077153003

Cr-Commit-Position: refs/heads/master@{#27941}
 2015-04-20 14:40:45 +00:00
jkummerow
4204c72739 Don't use normalized map cache for prototype maps 
BUG=chromium:477924
LOG=n
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/1090193002

Cr-Commit-Position: refs/heads/master@{#27916}
 2015-04-17 12:16:07 +00:00
erikcorry
e0be05036f Reduce regexp compiler stack size when not optimizing regexps 
R=jkummerow@chromium.org
BUG=chromium:475705
LOG=y

Review URL: https://codereview.chromium.org/1082763002

Cr-Commit-Position: refs/heads/master@{#27851}
 2015-04-15 15:15:52 +00:00
ulan
68a7773e0f Correctly handle clearing of deprecated field types. 
BUG=v8:4027
LOG=NO

Review URL: https://codereview.chromium.org/1086063003

Cr-Commit-Position: refs/heads/master@{#27837}
 2015-04-15 09:55:33 +00:00
jkummerow
2ff768b206 Put --noalways-opt flag back into regress-crbug-245480 
This is a partial revert of 3eb277f270.

R=machenbach@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1087183002

Cr-Commit-Position: refs/heads/master@{#27835}
 2015-04-15 09:31:39 +00:00
jkummerow
3eb277f270 %GetOptimizationStatus(): Unconditionally return a sentinel when --always-opt is present 
Review URL: https://codereview.chromium.org/1086923002

Cr-Commit-Position: refs/heads/master@{#27822}
 2015-04-14 14:57:48 +00:00
mvstanton
2ebb794b4f VectorICs: recreate feedback vector if scoping changes on recompile. 
BUG=476488
LOG=N
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1080253003

Cr-Commit-Position: refs/heads/master@{#27817}
 2015-04-14 12:31:31 +00:00
verwaest
434b456b51 Fix indirect push 
BUG=chromium:388665
LOG=n

Review URL: https://codereview.chromium.org/1087463003

Cr-Commit-Position: refs/heads/master@{#27795}
 2015-04-13 16:25:33 +00:00
ulan
2f327a5cb4 Do not inline store if field map was cleared. 
BUG=v8:4023
LOG=NO

Review URL: https://codereview.chromium.org/1081033004

Cr-Commit-Position: refs/heads/master@{#27779}
 2015-04-13 09:43:52 +00:00
mstarzinger
96ef78aa0b [turbofan] Fix FrameInspector when deoptimizer is disabled. 
This is a workaround to make the debugger happy about TurboFan frames
when the debugger causes frame inspection. Note that this can happen
because the debugger can be activated while there still are optimized
TurboFan activations on the stack.

R=ishell@chromium.org
BUG=chromium:465298
TEST=mjsunit/regress/regress-crbug-465298
LOG=N

Review URL: https://codereview.chromium.org/1074793003

Cr-Commit-Position: refs/heads/master@{#27717}
 2015-04-09 19:40:49 +00:00
yangguo
3a4d073f1d Create result array of %DebugGetLoadedScripts outside the debug context. 
R=jarin@chromium.org
BUG=chromium:474297
LOG=N

Review URL: https://codereview.chromium.org/1062143002

Cr-Commit-Position: refs/heads/master@{#27659}
 2015-04-08 11:15:02 +00:00
jkummerow
90cbede588 Move prototype metadata from internal properties to prototype maps 
The motivation is that we prefer to avoid creating internal properties, and we have a usable field on maps ("transitions", which is not used for prototype maps).
This CL also ensures the invariant that prototype maps are never shared, even if they are in dictionary mode.

Review URL: https://codereview.chromium.org/1033653002

Cr-Commit-Position: refs/heads/master@{#27617}
 2015-04-07 10:42:57 +00:00
yangguo
c67cb287a9 Always update raw pointers when handling interrupts inside RegExp code. 
R=mstarzinger@chromium.org
BUG=chromium:469480
LOG=N

Review URL: https://codereview.chromium.org/1034173002

Cr-Commit-Position: refs/heads/master@{#27615}
 2015-04-07 09:44:57 +00:00
jkummerow
146598f44a JSEntryTrampoline: check for stack space before pushing arguments 
Optimistically pushing a lot of arguments can run into the stack limit of the process, at least on operating systems where this limit is close to the limit that V8 sets for itself.

BUG=chromium:469768
LOG=y

Review URL: https://codereview.chromium.org/1056913003

Cr-Commit-Position: refs/heads/master@{#27614}
 2015-04-07 09:13:44 +00:00
erikcorry
5a93a3304c Reland: Fix JSON parser Handle leak (previous CL 1041483004) 
R=mstarzinger@chromium.org
BUG=v8:3976
BUG=472504
LOG=y

Review URL: https://codereview.chromium.org/1051833002

Cr-Commit-Position: refs/heads/master@{#27571}
 2015-04-01 16:58:47 +00:00
kozyatinskiy
66d5519f7e Revert of Correctly compute line numbers in functions from the function constructor. (patchset #5 id:80001 of https://codereview.chromium.org/701093003/) 
Reason for revert:
Locations from New Function are broken in DevTools.

Original issue's description:
> Correctly compute line numbers in functions from the function constructor.
>
> R=aandrey@chromium.org
> BUG=chromium:109362
> LOG=Y
>
> Committed: https://code.google.com/p/v8/source/detail?r=25289

TBR=aandrey@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:109362
LOG=Y

Review URL: https://codereview.chromium.org/1053563002

Cr-Commit-Position: refs/heads/master@{#27564}
 2015-04-01 10:11:26 +00:00
erikcorry
77dd1f347d Revert of Fix JSON parser Handle leak (patchset #3 id:40001 of https://codereview.chromium.org/1041483004/) 
Reason for revert:
Reverting due to JSOn parser failures

Original issue's description:
> Fix JSON parser Handle leak
>
> R=verwaest@chromium.org
> BUG=v8:3976
> LOG=y
>
> Committed: https://crrev.com/1ec850383bb82f6d8bebc7416e5f50b649d1eeaa
> Cr-Commit-Position: refs/heads/master@{#27512}

TBR=verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3976

Review URL: https://codereview.chromium.org/1052593002

Cr-Commit-Position: refs/heads/master@{#27562}
 2015-04-01 09:23:02 +00:00
ishell
3cb9f132ba Layout descriptor must be trimmed when corresponding descriptors array is trimmed to stay in sync. 
BUG=chromium:470804
LOG=Y

Review URL: https://codereview.chromium.org/1033273005

Cr-Commit-Position: refs/heads/master@{#27528}
 2015-03-30 17:03:50 +00:00
verwaest
87eef73234 Fix speedup of typedarray-length loading in the ICs as well as Crankshaft 
BUG=

Review URL: https://codereview.chromium.org/1034393002

Cr-Commit-Position: refs/heads/master@{#27519}
 2015-03-30 11:50:23 +00:00
erikcorry
1ec850383b Fix JSON parser Handle leak 
R=verwaest@chromium.org
BUG=v8:3976
LOG=y

Review URL: https://codereview.chromium.org/1041483004

Cr-Commit-Position: refs/heads/master@{#27512}
 2015-03-30 09:55:30 +00:00
mvstanton
7c347c545e Ensure object literal element boilerplates aren't modified. 
A bug allows JSObject literals with elements to have the elements in the
boilerplate modified.

BUG=466993
LOG=N

Review URL: https://codereview.chromium.org/1037273002

Cr-Commit-Position: refs/heads/master@{#27511}
 2015-03-30 09:20:09 +00:00
yangguo
69383d6366 Revert of Revert of Debugger: deduplicate shared function info when setting script break points. (patchset #1 id:1 of https://codereview.chromium.org/999273003/) 
Reason for revert:
Reland since the failure has been fixed in https://codereview.chromium.org/1035523005/

Original issue's description:
> Revert of Debugger: deduplicate shared function info when setting script break points. (patchset #4 id:60001 of https://codereview.chromium.org/998253005/)
>
> Reason for revert:
> Code caching failures.
>
> Original issue's description:
> > Debugger: deduplicate shared function info when setting script break points.
> >
> > Also fix Debug.showBreakPoints for multiple break points at the same location.
> >
> > BUG=v8:3960
> > LOG=N
> >
> > Committed: https://crrev.com/73b17a71a22564c0b66d9aa7c00948c748f5b290
> > Cr-Commit-Position: refs/heads/master@{#27444}
>
> TBR=mstarzinger@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:3960
>
> Committed: https://crrev.com/9b29d008dfcc00bf56be8040add1d2c5e404673b
> Cr-Commit-Position: refs/heads/master@{#27448}

TBR=mstarzinger@chromium.org
BUG=v8:3960
LOG=N

Review URL: https://codereview.chromium.org/1037013002

Cr-Commit-Position: refs/heads/master@{#27472}
 2015-03-26 10:43:51 +00:00
yangguo
46cc8740a9 Debugger: remove unused JS Debugger API. 
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/1005053004

Cr-Commit-Position: refs/heads/master@{#27464}
 2015-03-26 08:15:45 +00:00
yangguo
9b29d008df Revert of Debugger: deduplicate shared function info when setting script break points. (patchset #4 id:60001 of https://codereview.chromium.org/998253005/) 
Reason for revert:
Code caching failures.

Original issue's description:
> Debugger: deduplicate shared function info when setting script break points.
>
> Also fix Debug.showBreakPoints for multiple break points at the same location.
>
> BUG=v8:3960
> LOG=N
>
> Committed: https://crrev.com/73b17a71a22564c0b66d9aa7c00948c748f5b290
> Cr-Commit-Position: refs/heads/master@{#27444}

TBR=mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3960

Review URL: https://codereview.chromium.org/999273003

Cr-Commit-Position: refs/heads/master@{#27448}
 2015-03-25 15:19:20 +00:00
yangguo
73b17a71a2 Debugger: deduplicate shared function info when setting script break points. 
Also fix Debug.showBreakPoints for multiple break points at the same location.

BUG=v8:3960
LOG=N

Review URL: https://codereview.chromium.org/998253005

Cr-Commit-Position: refs/heads/master@{#27444}
 2015-03-25 14:53:49 +00:00
mstarzinger
38a719f965 Switch full-codegen from StackHandlers to handler table. 
This switches full-codegen to no longer push and pop StackHandler
markers onto the operand stack, but relies on a range-based handler
table instead. We only use StackHandlers in JSEntryStubs to mark the
transition from C to JS code.

Note that this makes deoptimization and OSR from within any try-block
work out of the box, makes the non-exception paths faster and should
overall be neutral on the memory footprint (pros).

On the other hand it makes the exception paths slower and actually
throwing and exception more expensive (cons).

R=yangguo@chromium.org
TEST=cctest/test-run-jsexceptions/DeoptTry

Review URL: https://codereview.chromium.org/1010883002

Cr-Commit-Position: refs/heads/master@{#27440}
 2015-03-25 13:14:02 +00:00
titzer
006ae96dab Set test expectations prior to enabling --turbo-osr. 
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1018513003

Cr-Commit-Position: refs/heads/master@{#27425}
 2015-03-24 19:02:55 +00:00
erikcorry
4c806802b5 Fix OOM bug 3976. 
Also introduce --trace-fragmentation-verbose, and fix --always-compact.

R=ulan@chromium.org
BUG=v8:3976
LOG=y

Review URL: https://codereview.chromium.org/1024823002

Cr-Commit-Position: refs/heads/master@{#27414}
 2015-03-24 15:02:28 +00:00
jarin
0f94c96cbc Test for wrong arguments object materialization. 
The test demonstrates a bad interaction between arguments object
materialization, escape analysis and exception handling.

We can return a wrong arguments object if we materialize arguments
object (using f.arguments) and then throw around f's frame so that f
does not clean up the materialized frame information (see the
MaterializedObjectStore in deoptimizer.h/.cc). If we enter another
function that has the same frame pointer and request an arguments object
of (or lazily deoptimize) that function, we can get the materialized
object of the original function.

We should clean up the materialized object store when we unwind the
stack.

BUG=v8:3985
LOG=n

Review URL: https://codereview.chromium.org/1032623003

Cr-Commit-Position: refs/heads/master@{#27406}
 2015-03-24 13:20:21 +00:00