summaryrefslogtreecommitdiffstats
path: root/js
Commit message (Collapse)AuthorAgeLines
* Restrict ExtractLinearSum to monotonous operation in infinite math space.Nicolas B. Pierron2019-03-23-4/+17
| | | | | Thanks to Bruno Keith & Niklas Baumstark from the phoenhex team for finding this issue and reporting it with a proper analysis.
* Check for dead wrappers in CallerGetterImpl/CallerSetterImpl.wolfbeast2019-03-23-46/+12
| | | | | This also removes code duplication by making CallerSetterImpl call CallerGetterImpl.
* Force expected crashes on unexpected magic values.Nicolas B. Pierron2019-03-23-2/+5
|
* Pref the use of unboxed plain objects in JS and disable by default.wolfbeast2019-03-23-13/+21
| | | | | This should be all that's needed for #1017, but verification of impact is definitely desired.
* Use C++11 thread-safe statics with MSVC. (js)wolfbeast2019-02-14-4/+0
|
* Fix possible data race while updating scope object during compacting GC.wolfbeast2019-02-07-3/+8
|
* Align `instanceof` with the final ES6 spec.wolfbeast2019-02-07-18/+79
|
* Merge branch 'cycle_collector-work'wolfbeast2019-02-03-3/+0
|\
| * Merge branch 'master' into cycle_collector-workwolfbeast2019-01-29-6/+21
| |\
| * | Remove NS_IMPL_CYCLE_COLLECTION_TRAVERSE_SCRIPT_OBJECTSwolfbeast2019-01-18-3/+0
| | |
* | | Fix build error with JS_HAS_TOSOURCE undefined.wolfbeast2019-02-02-1/+4
| | |
* | | Remove telemetry leftovers from JS engine.adeshkp2019-01-30-461/+63
| |/ |/|
* | Reduce number of allocations in AutoStopwatchDavid Teller2019-01-29-6/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes two related issues. 1. The AutoStopwatch uses a stack-allocated `mozilla::Vector` to communicate with its callback during each compartment switch. This vector was designed to allow its contents to be stack-allocated but they turned out to be accidentally heap-allocated. 2. During each tick, the stopwatch fills a vector `recentGroups_`. This vector always started with minimal capacity and had to grow repeatedly as groups were added, causing repeated reallocations. This patch preallocates `recentGroups_` to have the same capacity as the previous tick. We expect that this should eventually reach a stable size that closely matches the actual needs of the process.
* | Revert "Reduce number of allocations in AutoStopwatch"wolfbeast2019-01-29-18/+8
| | | | | | | | This reverts commit 3476c1d60ec29c5497123194acd7a9310b1023d2.
* | Reduce number of allocations in AutoStopwatchDavid Teller2019-01-28-8/+18
|/ | | | | | | | | | | | | | | This patch fixes two related issues. 1. The AutoStopwatch uses a stack-allocated `mozilla::Vector` to communicate with its callback during each compartment switch. This vector was designed to allow its contents to be stack-allocated but they turned out to be accidentally heap-allocated. 2. During each tick, the stopwatch fills a vector `recentGroups_`. This vector always started with minimal capacity and had to grow repeatedly as groups were added, causing repeated reallocations. This patch preallocates `recentGroups_` to have the same capacity as the previous tick. We expect that this should eventually reach a stable size that closely matches the actual needs of the process.
* Telemetry: Remove stubs and related codeadeshkp2019-01-12-49/+0
|
* Restrict ExtractLinearSum to find non-wrapping results.wolfbeast2018-12-13-1/+1
|
* Use canonical function in TypeNewScript::rollbackPartiallyInitializedObjects.wolfbeast2018-12-13-7/+26
|
* Fix mistakingly flagged instructions.wolfbeast2018-12-12-1/+1
| | | | This enables optimizations which were wrongly inhibited before by this typo.
* Fix a longstanding IndexedDB correctness issue.wolfbeast2018-11-02-4/+20
| | | | Standards Compliance fix, port of Bug 1492737
* Simplify SIMD conversion from Uint64 to Double.wolfbeast2018-11-01-31/+21
|
* Don't mark MGetFirstDollarIndex as movable.wolfbeast2018-10-31-1/+4
|
* Code style improvements (no bug).wolfbeast2018-10-23-9/+18
|
* Improve graph edge resolution code.wolfbeast2018-10-23-17/+48
| | | | This is a follow-up to ca7ecd37c94e268972697a37eec4e46771c6e6f2 further improving the DiD resolution for CVE-2018-12386.
* Bug 1493900.wolfbeast2018-10-04-3/+12
| | | | DiD fix.
* Rename TypeSet::clone to TypeSet::cloneIntoUninitialized to indicate that it ↵trav902018-09-19-9/+11
| | | | | | freshly initializes the TemporaryTypeSet* provided to it. Also removes existing code that, quite unnecessarily, partly initialized that argument.
* Don't use PodCopy/PodMove to implement typed-array element-to-element copyingtrav902018-09-19-4/+17
| | | | Standard std::copy and std::copy_n are readily optimized to the same thing, and they don't have a non-obvious requirement that the type being copied be trivial.
* Give uint8_clamped a defaulted (and also trivial) default constructor, copy ↵trav902018-09-19-6/+3
| | | | | | constructor, and copy-assignment operator. This also allows uint8_clamped to be permissibly memmove'd and memcpy'd.
* Don't memset-zero the BacktrackingAllocator::vregs array of non-trivial ↵trav902018-09-12-15/+11
| | | | VirtualRegister instances
* Call memset on a void*, not a T*, in js_delete_poison to avoid ↵trav902018-09-12-1/+1
| | | | memset-on-nontrivial warnings with gcc that don't matter for an object whose lifetime is about to end
* Initialize some asm.js structures using in-class initializers instead of PodZerotrav902018-09-12-9/+9
|
* Stop using PodZero in several places to initialize values of non-trivial typetrav902018-09-12-73/+56
|
* Merge pull request #754 from trav90/class-memaccess-errorsMoonchild2018-09-10-95/+180
|\ | | | | Fix more -Wclass-memaccess warnings (GCC8)
| * Fix build bustagetrav902018-09-02-1/+1
| |
| * Call the relevant scope-data constructor when allocating it, and poison/mark ↵trav902018-09-02-31/+72
| | | | | | | | as undefined the memory for the trailing array of BindingNames, ratther than impermissibly PodZero-ing non-trivial classes.
| * Convert the trailing array of BindingNames at the end of the various kinds ↵trav902018-09-02-64/+108
| | | | | | | | of scope data into raw unsigned chars into which those BindingNames are placement-new'd, rather than memcpy-ing non-trivial classes around and failing to comply with the C++ object model
* | Merge branch 'master' of https://github.com/MoonchildProductions/UXPwolfbeast2018-09-04-101/+1
|\ \
| * | Remove all C++ Telemetry Accumulation calls.wolfbeast2018-09-03-101/+1
| |/ | | | | | | | | This creates a number of stubs and leaves some surrounding code that may be irrelevant (eg. recorded time stamps, status variables). Stub resolution/removal should be a follow-up to this.
* / Add extra check for assembler buffer space.wolfbeast2018-09-04-1/+2
|/
* Revert "Bug 1444668 - Avoid allocating large AssemblerBuffers. r=luke, ↵wolfbeast2018-08-30-49/+9
| | | | | | r=bbouvier, a=RyanVM" This reverts commit 9472136272f01b858412f2d9d7854d2daa82496f.
* Avoid using memset on a not-trivial type like ServoSizestrav902018-08-18-1/+9
|
* Avoid using memset on a not-trivial type like TabSizestrav902018-08-18-1/+7
|
* Avoid doing a memset on a non-POD structuretrav902018-08-18-13/+33
| | | | | | |entryCount| tracks -- in fast-to-check manner -- the number of entries in the hashtable. But to actually enumerate entries, we have to loop through all of |table|, checking for entries that are actually live. A live entry is indicated by a zero |hash| in the entry. The |memset| would properly zero that; removing the memset will not. It's not entirely clear whether a memset that overwrites a lot of stuff but is maybe simpler, is faster than compiler-generated likely-SIMD code that zeroes out *just* |hash| fields in all the entries. But I am going to guess that SIMD is good enough. For now, we should just do the simple and thing: don't distinguish POD and non-POD, and know that the compiler is going to recognize that |mem.addr()->~T()| is a no-op when T is trivial. So with POD, the loop should degenerate to just zeroing |hash| at consistent offset, and SIMD will eat that up, and it can't be *that* different from the memset in performance (if it is at all).
* Merge pull request #707 from trav90/class-memaccess-errorsMoonchild2018-08-13-28/+10
|\ | | | | Simplify HeapSlot to make it trivially copyable
| * Simplify HeapSlot to make it trivially copyabletrav902018-08-12-29/+8
| | | | | | | | This removes the constructors, which were never called since we allocate arrays of HeapSlot with pod_malloc. The destructor is only ever called explicitly since we free this memory with js_free so it has been renamed to destroy(). Also removed is an unused manual barrier.
| * Avoid using memcpy on HeapSlot that is not trivially copyable.trav902018-08-12-4/+7
| |
* | js::atomics_wait: Remove unnecessary parentheses in declaration of 'addr'trav902018-08-10-1/+1
|/ | | | Silences a warning with GCC 8.
* Merge pull request #628 from janekptacijarabaci/build_bustage_debug_1Moonchild2018-07-13-0/+3
|\ | | | | Fix Build Bustage - with "--enable-debug"
| * Fix Build Bustage - with "--enable-debug"janekptacijarabaci2018-07-12-0/+3
| |
* | Remove recover instruction results after bailouts.wolfbeast2018-07-13-38/+20
|/