Revision: 15886
Author: [email protected]
Date: Thu Jul 25 08:32:13 2013
Log: Merged r15868, r15871, r15880, r15884 into trunk branch.
Setting the thread name may fail, so don't assert that the result is 0.
Removed pointer space to pointer space compaction check when migrating
objects.
Ignore external strings in old pointer space migration invariant check.
Fix JSArray-specific length lookup in polymorphic array handling
BUG=chromium:263276
[email protected]
Review URL: https://codereview.chromium.org/20329002
http://code.google.com/p/v8/source/detail?r=15886
Added:
/trunk/test/mjsunit/regress/regress-crbug-263276.js
Modified:
/trunk/src/hydrogen.cc
/trunk/src/mark-compact.cc
/trunk/src/platform-posix.cc
/trunk/src/version.cc
=======================================
--- /dev/null
+++ /trunk/test/mjsunit/regress/regress-crbug-263276.js Thu Jul 25 08:32:13
2013
@@ -0,0 +1,46 @@
+// Copyright 2013 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Flags: --allow-natives-syntax
+
+var array1 = [];
+array1.foo = true;
+
+var array2 = [];
+array2.bar = true;
+
+function bad(array) {
+ array[array.length] = 1;
+}
+
+bad(array1);
+bad(array1);
+bad(array2); // Length is now 1.
+bad(array2); // Length is now 2.
+%OptimizeFunctionOnNextCall(bad);
+bad(array2); // Length is now 3.
+assertEquals(3, array2.length);
=======================================
--- /trunk/src/hydrogen.cc Wed Jul 24 01:18:28 2013
+++ /trunk/src/hydrogen.cc Thu Jul 25 08:32:13 2013
@@ -5697,7 +5697,7 @@
elements, isolate()->factory()->fixed_array_map(),
zone(), top_info(), mapcompare));
}
- if (map->IsJSArray()) {
+ if (map->instance_type() == JS_ARRAY_TYPE) {
HInstruction* length = AddLoad(object,
HObjectAccess::ForArrayLength(),
mapcompare, Representation::Smi());
length->set_type(HType::Smi());
=======================================
--- /trunk/src/mark-compact.cc Wed Jul 24 02:36:58 2013
+++ /trunk/src/mark-compact.cc Thu Jul 25 08:32:13 2013
@@ -2724,21 +2724,11 @@
HEAP_PROFILE(heap(), ObjectMoveEvent(src, dst));
// TODO(hpayer): Replace that check with an assert.
CHECK(dest != LO_SPACE && size <= Page::kMaxNonCodeHeapObjectSize);
- // Objects in old pointer space and old data space can just be moved by
- // compaction to a different page in the same space.
- // TODO(hpayer): Replace that following checks with asserts.
- CHECK(!heap_->old_pointer_space()->Contains(src) ||
- (heap_->old_pointer_space()->Contains(dst) &&
- heap_->TargetSpace(HeapObject::FromAddress(src)) ==
- heap_->old_pointer_space()));
- CHECK(!heap_->old_data_space()->Contains(src) ||
- (heap_->old_data_space()->Contains(dst) &&
- heap_->TargetSpace(HeapObject::FromAddress(src)) ==
- heap_->old_data_space()));
if (dest == OLD_POINTER_SPACE) {
// TODO(hpayer): Replace this check with an assert.
- CHECK(heap_->TargetSpace(HeapObject::FromAddress(src)) ==
- heap_->old_pointer_space());
+ HeapObject* heap_object = HeapObject::FromAddress(src);
+ CHECK(heap_object->IsExternalString() ||
+ heap_->TargetSpace(heap_object) == heap_->old_pointer_space());
Address src_slot = src;
Address dst_slot = dst;
ASSERT(IsAligned(size, kPointerSize));
@@ -2784,6 +2774,13 @@
Code::cast(HeapObject::FromAddress(dst))->Relocate(dst - src);
} else {
ASSERT(dest == OLD_DATA_SPACE || dest == NEW_SPACE);
+ // Objects in old data space can just be moved by compaction to a
different
+ // page in old data space.
+ // TODO(hpayer): Replace the following check with an assert.
+ CHECK(!heap_->old_data_space()->Contains(src) ||
+ (heap_->old_data_space()->Contains(dst) &&
+ heap_->TargetSpace(HeapObject::FromAddress(src)) ==
+ heap_->old_data_space()));
heap()->MoveBlock(dst, src, size);
}
Memory::Address_at(src) = dst;
=======================================
--- /trunk/src/platform-posix.cc Wed Jul 24 01:18:28 2013
+++ /trunk/src/platform-posix.cc Thu Jul 25 08:32:13 2013
@@ -502,12 +502,11 @@
static void SetThreadName(const char* name) {
- int result = 0;
#if defined(__DragonFly__) || defined(__FreeBSD__) || defined(__OpenBSD__)
- result = pthread_set_name_np(pthread_self(), name);
+ pthread_set_name_np(pthread_self(), name);
#elif defined(__NetBSD__)
STATIC_ASSERT(Thread::kMaxThreadNameLength <= PTHREAD_MAX_NAMELEN_NP);
- result = pthread_setname_np(pthread_self(), "%s", name);
+ pthread_setname_np(pthread_self(), "%s", name);
#elif defined(__APPLE__)
// pthread_setname_np is only available in 10.6 or later, so test
// for it at runtime.
@@ -520,14 +519,12 @@
// Mac OS X does not expose the length limit of the name, so hardcode it.
static const int kMaxNameLength = 63;
STATIC_ASSERT(Thread::kMaxThreadNameLength <= kMaxNameLength);
- result = dynamic_pthread_setname_np(name);
+ dynamic_pthread_setname_np(name);
#elif defined(PR_SET_NAME)
- result = prctl(PR_SET_NAME,
- reinterpret_cast<unsigned long>(name), // NOLINT
- 0, 0, 0);
+ prctl(PR_SET_NAME,
+ reinterpret_cast<unsigned long>(name), // NOLINT
+ 0, 0, 0);
#endif
- ASSERT_EQ(0, result);
- USE(result);
}
=======================================
--- /trunk/src/version.cc Wed Jul 24 02:36:58 2013
+++ /trunk/src/version.cc Thu Jul 25 08:32:13 2013
@@ -35,7 +35,7 @@
#define MAJOR_VERSION 3
#define MINOR_VERSION 20
#define BUILD_NUMBER 8
-#define PATCH_LEVEL 1
+#define PATCH_LEVEL 2
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
#define IS_CANDIDATE_VERSION 0
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
