In ES6 function name and length are configurable. However, the length
and name properties of the poison pill function must not be
configurable.
BUG=v8:4011
LOG=N
R=adamk@chromium.org, rossberg@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1061393002
Cr-Commit-Position: refs/heads/master@{#27855}
enum defaults to signed on win, and kTagged has 1<<31 causing
warning.
Full errors:
d:\src\cr3\src\v8\src\types.cc(1259): error C2220: warning treated as error - no 'object' file generated
d:\src\cr3\src\v8\src\types.cc(1241): note: while compiling class template member function 'void v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::BitsetType::Print(std::ostream &,v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::bitset)'
d:\src\cr3\src\v8\src\types.cc(1283): note: see reference to function template instantiation 'void v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::BitsetType::Print(std::ostream &,v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::bitset)' being compiled
d:\src\cr3\src\v8\src\types.cc(1355): note: see reference to class template instantiation 'v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::BitsetType' being compiled
d:\src\cr3\src\v8\src\types.cc(1259): warning C4838: conversion from 'int' to 'const v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::bitset' requires a narrowing conversion
d:\src\cr3\src\v8\src\types.cc(1259): note: to simplify migration, consider the temporary use of /Wv:18 flag with the version of the compiler with which you used to build without warnings
d:\src\cr3\src\v8\src\types.cc(323): warning C4838: conversion from '' to 'v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::bitset' requires a narrowing conversion
d:\src\cr3\src\v8\src\types.cc(323): note: to simplify migration, consider the temporary use of /Wv:18 flag with the version of the compiler with which you used to build without warnings
d:\src\cr3\src\v8\src\types.cc(315): note: while compiling class template static data member 'const v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::BitsetType::Boundary v8::internal::TypeImpl<v8::internal::ZoneTypeConfig>::BitsetType::BoundariesArray[]'
d:\src\cr3\src\v8\src\types.cc(1259): warning C4838: conversion from 'int' to 'const v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::bitset' requires a narrowing conversion
d:\src\cr3\src\v8\src\types.cc(1259): note: to simplify migration, consider the temporary use of /Wv:18 flag with the version of the compiler with which you used to build without warnings
d:\src\cr3\src\v8\src\types.cc(1241): note: while compiling class template member function 'void v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::BitsetType::Print(std::ostream &,v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::bitset)'
d:\src\cr3\src\v8\src\types.cc(1283): note: see reference to function template instantiation 'void v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::BitsetType::Print(std::ostream &,v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::bitset)' being compiled
d:\src\cr3\src\v8\src\types.cc(1359): note: see reference to class template instantiation 'v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::BitsetType' being compiled
d:\src\cr3\src\v8\src\types.cc(323): warning C4838: conversion from '' to 'v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::bitset' requires a narrowing conversion
d:\src\cr3\src\v8\src\types.cc(323): note: to simplify migration, consider the temporary use of /Wv:18 flag with the version of the compiler with which you used to build without warnings
d:\src\cr3\src\v8\src\types.cc(315): note: while compiling class template static data member 'const v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::BitsetType::Boundary v8::internal::TypeImpl<v8::internal::HeapTypeConfig>::BitsetType::BoundariesArray[]'
LOG=N
R=jochen@chromium.org
BUG=440500
Review URL: https://codereview.chromium.org/1055933004
Cr-Commit-Position: refs/heads/master@{#27854}
Port 0179ec5797
Original commit message:
The cells are stored on prototypes (in their map's PrototypeInfo). When a prototype object changes its map, then both its own validity cell and those of all "downstream" prototypes are invalidated; handlers for a given receiver embed the currently valid cell for that receiver's prototype during their compilation and check it on execution.
R=michael_dawson@ca.ibm.com, dstence@us.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1091563002
Cr-Commit-Position: refs/heads/master@{#27849}
AFAICT none of these can actually be triggered currently; but it's still good to harden the code a little.
Review URL: https://codereview.chromium.org/1058533007
Cr-Commit-Position: refs/heads/master@{#27848}
DoParseProgram doesn't appear to need to receive toplevel scopes as
arguments; it can properly set the end_position of the scopes to the
scanner's position after parsing is complete.
R=marja@chromium.org
BUG=
LOG=N
Review URL: https://codereview.chromium.org/1058363003
Cr-Commit-Position: refs/heads/master@{#27847}
This adds a missing bailout id to a ForInStatement for when retrieving
and filtering a property name deoptimizes. This can happen with proxies
that have a getPropertyDescriptor trap.
R=jarin@chromium.org
TEST=mjsunit/for-in-opt
Review URL: https://codereview.chromium.org/1086083002
Cr-Commit-Position: refs/heads/master@{#27846}
The cells are stored on prototypes (in their map's PrototypeInfo). When a prototype object changes its map, then both its own validity cell and those of all "downstream" prototypes are invalidated; handlers for a given receiver embed the currently valid cell for that receiver's prototype during their compilation and check it on execution.
Review URL: https://codereview.chromium.org/908213002
Cr-Commit-Position: refs/heads/master@{#27845}
- make ParallelMove into a ZoneVector, removing an annoying level of indirection
- make MoveOperands hold InstructionOperands instead of pointers, so there's no more operand aliasing for moves
- opens up possibility of storing MachineType in allocated operands
R=bmeurer@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1081373002
Cr-Commit-Position: refs/heads/master@{#27842}
This fixes TSAN failure caused by race between:
- optimizing compiler thread setting climit
- and json parser reading climit in the main thread.
BUG=
Review URL: https://codereview.chromium.org/1031223004
Cr-Commit-Position: refs/heads/master@{#27840}
The embedder can control how many threads it wants to use via the
v8::Platform implementation. V8 internally doesn't spin up threads
anymore. If the embedder doesn't want to use any threads at all, it's
v8::Platform implementation must either run the background jobs on
the foreground thread, or the embedder should specify --predictable
BUG=none
R=yangguo@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/1064723005
Cr-Commit-Position: refs/heads/master@{#27833}
Add a finalize incremental marking mode for CollectAllGarbage to finalize incremental marking when incremental marking is in progress, but we want a full gc at a given CollectAllGarbage call site.
Default mode for CollectAllGarbage is finalize incremental marking and perform a full GC.
BUG=
Review URL: https://codereview.chromium.org/1082973003
Cr-Commit-Position: refs/heads/master@{#27831}
Port 5d2de78a77
Original commit message:
It's cheaper to materialize heap constants by loading from the roots
array instead of embedding the constant into the instruction stream, at
least on x64, arm and arm64.
Drive-by-fix: Also cleanup the materialize constant from frame
optimization.
R=michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1075303003
Cr-Commit-Position: refs/heads/master@{#27823}
It's cheaper to materialize heap constants by loading from the roots
array instead of embedding the constant into the instruction stream, at
least on x64, arm and arm64.
Drive-by-fix: Also cleanup the materialize constant from frame
optimization.
R=dcarney@chromium.org
Review URL: https://codereview.chromium.org/1088913002
Cr-Commit-Position: refs/heads/master@{#27818}
If a major gc happens between allocation and initialization of the
buffer, it might be already in old space. Since we need the list of
buffers to be sorted from new to old, we keep track of the last buffer
and put old buffers to the end
BUG=chromium:476032
R=hpayer@chromium.org,dslomov@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1079923003
Cr-Commit-Position: refs/heads/master@{#27811}
Instead of modifying a context chain and then modifying it back, causing
potential mismatches, we clone the inner context chain and evaluate
the expression in this cloned context. We then copy all local variable
values back if needed.
R=yangguo@chromium.org,yurys@chromium.org
Review URL: https://codereview.chromium.org/1088503003
Cr-Commit-Position: refs/heads/master@{#27809}
The overwrite-builtins test cases will throw one expected exception
and the exception message should include the source position in the JS
file. But crankshaft compiler does not generate the source position for
it when creating the flow graph by default. The source position information
is always zero. So it failed when comparing with the reference file.
If we use crankshaft compiler on IA32 platform to run this test case, it
has the same failure.
BUG=
Review URL: https://codereview.chromium.org/1086503002
Cr-Commit-Position: refs/heads/master@{#27807}
