AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
9eb92da618
v8/test
History
Jaroslav Sevcik 9eb92da618 [deoptimizer] Make sure property arrays don't contain mutable heap numbers. 
Since the deoptimizer generalizes maps for all materialized objects, it
must make sure that none of the object's fields contain mutable heap numbers
(only double fields are allowed to point to mutable heap numbers). With this CL,
we simply change any mutable heap numbers in property arrays to immutable ones.

This could be dangerous if some non-materialized object could point to this
property array, but this cannot happen because interpreter registers cannot
refer to naked property arrays.

Bug: chromium:776309
Change-Id: I897b604fa804de673710cfa3ba0595dbd9f80eeb
Reviewed-on: https://chromium-review.googlesource.com/759781
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Jaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49263}
2017-11-09 12:02:47 +00:00
..
benchmarks [test] Let flags from test case have precedence 2017-10-27 13:22:39 +00:00
cctest Adapt heap profiler test to changed GC timing. 2017-11-09 10:55:05 +00:00
common [wasm] Support block parameters 2017-10-24 11:44:26 +00:00
debugger [test] Let flags from test case have precedence 2017-10-27 13:22:39 +00:00
fuzzer [wasm fuzzer] Require AST fuzzer modules to validate 2017-11-08 21:29:40 +00:00
inspector [map] Fix map constructor to correctly throw. 2017-11-08 19:54:20 +00:00
intl Reenable intl/number-format/format-currency test 2017-11-08 19:37:50 +00:00
js-perf-test [parser] Use n-ary addition for template strings 2017-10-31 16:02:53 +00:00
memory [snapshot] add tracking for builtin snapshot size. 2017-08-31 07:29:31 +00:00
message [test/message] Allow numbers to have more than one leading digit. 2017-11-03 15:25:25 +00:00
mjsunit [deoptimizer] Make sure property arrays don't contain mutable heap numbers. 2017-11-09 12:02:47 +00:00
mkgrokdump [test] Let flags from test case have precedence 2017-10-27 13:22:39 +00:00
mozilla [d8] Report errors in setTimeout 2017-11-03 12:21:53 +00:00
preparser [test] Let flags from test case have precedence 2017-10-27 13:22:39 +00:00
promises-aplus [test] Let flags from test case have precedence 2017-10-27 13:22:39 +00:00
test262 [regexp] Support Regional_Indicator property class 2017-11-09 07:52:35 +00:00
unittests Revert "Reland^5 "[turbofan] eagerly prune None types and deadness from the graph"" 2017-11-09 11:00:45 +00:00
wasm-spec-tests [test] Let flags from test case have precedence 2017-10-27 13:22:39 +00:00
webkit [test] Let flags from test case have precedence 2017-10-27 13:22:39 +00:00
bot_default.gyp [wasm] Add wasm spec tests to the v8 test runner 2017-04-27 13:00:13 +00:00
bot_default.isolate [wasm] Add wasm spec tests to the v8 test runner 2017-04-27 13:00:13 +00:00
BUILD.gn [wasm] Remove the wasm-asmjs fuzzer 2017-06-21 10:59:35 +00:00
default.gyp [wasm] Add wasm spec tests to the v8 test runner 2017-04-27 13:00:13 +00:00
default.isolate [wasm] Add wasm spec tests to the v8 test runner 2017-04-27 13:00:13 +00:00
optimize_for_size.gyp
optimize_for_size.isolate
perf.gyp
perf.isolate