Commit Graph

5585 Commits

Author SHA1 Message Date
adamk@chromium.org
1572115483 Fix breakage on V8 Linux - nosse2
This was introduced by https://code.google.com/p/v8/source/detail?r=20857

R=adamk@chromium.org
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/241433002

Patch from Erik Arvidsson <arv@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20858 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 19:39:48 +00:00
adamk@chromium.org
3308cb5857 ES6: Add support for Map/Set forEach
This implements MapIterator and SetIterator which matches
the same constructs in the ES6 spec. However, these 2
iterators are not exposed to user code yet. They are only
used internally to implement Map.prototype.forEach and
Set.prototype.forEach.

Each iterator has a reference to the OrderedHashTable where
it directly accesses the hash table's entries.

The OrderedHashTable has a reference to the newest iterator
and each iterator has a reference to the next and previous
iterator, effectively creating a double linked list.

When the OrderedHashTable is mutated (or replaced) all the
iterators are updated.

When the iterator iterates passed the end of the data table
it closes itself. Closed iterators no longer have a
reference to the OrderedHashTable and they are removed from
the double linked list. In the case of Map/Set forEach, we
manually call Close on the iterator in case an exception was
thrown so that the iterator never reached the end.

At this point the OrderedHashTable keeps all the non finished
iterators alive but since the only thing we currently expose
is forEach there are no unfinished iterators outside a forEach
call. Once we expose the iterators to user code we will need
to make the references from the OrderedHashTable to the
iterators weak and have some mechanism to close an iterator
when it is garbage collected.

BUG=1793, 2323
LOG=Y
R=adamk@chromium.org
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/238063009

Patch from Erik Arvidsson <arv@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20857 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 17:45:32 +00:00
mstarzinger@chromium.org
1213ecb50b Make Heap::AllocateRaw*String private.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/241023002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 14:58:03 +00:00
mvstanton@chromium.org
9ce1c5144a Serializer enable/disable flags need thread safety.
BUG=
R=hpayer@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/240193002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 14:45:06 +00:00
jarin@chromium.org
3277f2b90b Bump up the boot-up memory limit.
... to compansate for the extre memory consumed by r20840
("Select function map based on prototype and shared function info.")

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/239513015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20851 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 13:58:51 +00:00
mstarzinger@chromium.org
1def20d5ef Make Heap::AllocateRaw private.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/238443016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20849 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 13:53:06 +00:00
ishell@chromium.org
313844d842 Heap::AllocateStringFromOneByte() and major part of its callers handlified.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/239243018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20846 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 13:27:02 +00:00
mstarzinger@chromium.org
1c314382c0 Extend GCMole to also cover cctest files.
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/240933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20841 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 11:57:08 +00:00
danno@chromium.org
59b3dc5812 Remove hand-written assembly ArrayPush stubs
R=mstarzinger@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/233293005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20839 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 11:37:59 +00:00
hpayer@chromium.org
39b5090f8e Grow old generation slower on low-memory devices.
BUG=
R=mstarzinger@chromium.org, rmcilroy@chromium.org

Review URL: https://codereview.chromium.org/236063015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20837 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 11:27:45 +00:00
rossberg@chromium.org
6d475fb350 Fix handlification bug in test
R=bmeurer@chromium.org, mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/240603004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-17 09:30:41 +00:00
palfia@homejinni.com
ec73d3db09 Adjust memory limits.
- Introduce new constant: kBootCodeSizeMultiplier to handle the code size differences across the platforms.

- Increase memory limits due to larger code size on MIPS.

BUG=
R=danno@chromium.org, plind44@gmail.com

Review URL: https://codereview.chromium.org/234153002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20825 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 21:57:48 +00:00
adamk@chromium.org
91618cf1e9 Revert "ES6: Add support for Map/Set forEach"
This reverts https://code.google.com/p/v8/source/detail?r=20823

It broke Windows builds. Will need to find a Windows try bot to figure
out why.

TBR=mstarzinger@chromium.org,arv@chromium.org

Review URL: https://codereview.chromium.org/238973011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20824 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 21:19:25 +00:00
adamk@chromium.org
7c300d1f83 ES6: Add support for Map/Set forEach
This implements MapIterator and SetIterator which matches
the same constructs in the ES6 spec. However, these 2
iterators are not exposed to user code yet. They are only
used internally to implement Map.prototype.forEach and
Set.prototype.forEach.

Each iterator has a reference to the OrderedHashTable where
it directly accesses the hash table's entries.

The OrderedHashTable has a reference to the newest iterator
and each iterator has a reference to the next and previous
iterator, effectively creating a double linked list.

When the OrderedHashTable is mutated (or replaced) all the
iterators are updated.

When the iterator iterates passed the end of the data table
it closes itself. Closed iterators no longer have a
reference to the OrderedHashTable and they are removed from
the double linked list. In the case of Map/Set forEach, we
manually call Close on the iterator in case an exception was
thrown so that the iterator never reached the end.

At this point the OrderedHashTable keeps all the non finished
iterators alive but since the only thing we currently expose
is forEach there are no unfinished iterators outside a forEach
call. Once we expose the iterators to user code we will need
to make the references from the OrderedHashTable to the
iterators weak and have some mechanism to close an iterator
when it is garbage collected.

BUG=1793,2323
LOG=Y
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/240323003

Patch from Erik Arvidsson <arv@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 21:12:27 +00:00
rossberg@chromium.org
926ec656de Implement structural function and array types
Just wanted to add two constructors to a datatype, how ugly can it get?

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=20809

Committed: https://code.google.com/p/v8/source/detail?r=20815

Review URL: https://codereview.chromium.org/228263005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20817 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 16:16:37 +00:00
rossberg@chromium.org
e3e81d85bb Revert "Implement structural function and array types"
TBR=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/237963016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 15:59:39 +00:00
rossberg@chromium.org
6782d9cea3 Implement structural function and array types
Just wanted to add two constructors to a datatype, how ugly can it get?

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=20809

Review URL: https://codereview.chromium.org/228263005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20815 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 15:42:22 +00:00
rossberg@chromium.org
a947aeb315 Revert "Implement structural function and array types"
TBR=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/240143003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20810 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 13:57:25 +00:00
rossberg@chromium.org
7de4c1c63f Implement structural function and array types
Just wanted to add two constructors to a datatype, how ugly can it get?

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/228263005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20809 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 13:44:26 +00:00
yangguo@chromium.org
7af5597287 Reland "Move functions from handles.cc to where they belong."
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/239113009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20807 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 13:28:11 +00:00
yangguo@chromium.org
0cba01c420 Revert "Move functions from handles.cc to where they belong."
This reverts r20802 .

TBR=jarin@chromium.org

Review URL: https://codereview.chromium.org/239543010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20804 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 12:35:50 +00:00
yangguo@chromium.org
3b66957602 Move functions from handles.cc to where they belong.
R=mvstanton@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/237673014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20802 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 12:16:06 +00:00
bmeurer@chromium.org
e05b58f0b0 Improve execution time of cctest/test-types.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/239513009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20798 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 11:56:51 +00:00
yangguo@chromium.org
5e02daca21 Fix unused variable warnings.
TBR=jarin@chromium.org

Review URL: https://codereview.chromium.org/238543008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20797 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 11:50:24 +00:00
bmeurer@chromium.org
42c67d5fa2 Allow merging of monomorphic accesses to tracked fields.
Also add stability dependency only on maps that can transition,
and delay adding the dependencies until we are actually using
them, either in a HLoadNamedField or an HCheckMaps.

TEST=mjsunit/field-type-tracking
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/239923004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20796 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 11:41:09 +00:00
yangguo@chromium.org
17b33fa1da Handlify code allocation.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/235153003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20795 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 11:38:56 +00:00
verwaest@chromium.org
cf26c1421a Move property addition code from JSObject to Map
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/238543005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20791 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 10:45:57 +00:00
bmeurer@chromium.org
63a477b29b Clear invalid field maps in PropertyAccessInfo.
BUG=363956
TEST=mjsunit/regress/regress-363956
LOG=y
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/239623005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20788 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 09:48:32 +00:00
yangguo@chromium.org
139be49fcf Remove some uses of MaybeObject methods.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/236303015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20786 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 07:26:34 +00:00
yangguo@chromium.org
9a71bc722d Remove further unhandlified call sites of number allocations.
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/239143003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20785 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 06:18:37 +00:00
adamk@chromium.org
a44e10cad6 Revert "ES6: Add support for Map/Set forEach"
This reverts commit https://code.google.com/p/v8/source/detail?r=20781.

It broke the Win32 builders.

TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/239163012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 01:03:56 +00:00
adamk@chromium.org
a1af5a2a2f ES6: Add support for Map/Set forEach
This implements MapIterator and SetIterator which matches
the same constructs in the ES6 spec. However, these 2
iterators are not exposed to user code yet. They are only
used internally to implement Map.prototype.forEach and
Set.prototype.forEach.

Each iterator has a reference to the OrderedHashTable where
it directly accesses the hash table's entries.

The OrderedHashTable has a reference to the newest iterator
and each iterator has a reference to the next and previous
iterator, effectively creating a double linked list.

When the OrderedHashTable is mutated (or replaced) all the
iterators are updated.

When the iterator iterates passed the end of the data table
it closes itself. Closed iterators no longer have a
reference to the OrderedHashTable and they are removed from
the double linked list. In the case of Map/Set forEach, we
manually call Close on the iterator in case an exception was
thrown so that the iterator never reached the end.

At this point the OrderedHashTable keeps all the non finished
iterators alive but since the only thing we currently expose
is forEach there are no unfinished iterators outside a forEach
call. Once we expose the iterators to user code we will need
to make the references from the OrderedHashTable to the
iterators weak and have some mechanism to close an iterator
when it is garbage collected.

BUG=1793,2323
LOG=Y
R=adamk@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/236143002

Patch from Erik Arvidsson <arv@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20781 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 00:40:03 +00:00
plind44@gmail.com
5a016958c6 MIPS: Add big-endian support for MIPS.
Important notices:

- The snapshot cannot be created for big-endian target in cross-compilation
  environment on little-endian host using simulator.

- In order to have i18n support working on big-endian target, the icudt46b.dat and
  icudt46b_dat.S files should be generated and upstreamed to ICU repo.

- The mjsunit 'nans' test is endian dependent, it is skipped for mips target.

- The zlib and Mandreel from Octane 2.0 benchmark are endian dependent due to
  use of typed arrays.

TEST=
BUG=
R=jkummerow@chromium.org, plind44@gmail.com

Review URL: https://codereview.chromium.org/228943009

Patch from Dusan Milosavljevic <Dusan.Milosavljevic@rt-rk.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20778 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-15 16:39:21 +00:00
mstarzinger@chromium.org
e51d6462a7 Fix bogus call to Object.hasOwnProperty in Array builtin.
R=mvstanton@chromium.org
TEST=mjsunit/regress/regress-builtinbust-5

Review URL: https://codereview.chromium.org/239033002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20766 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-15 12:52:41 +00:00
ulan@chromium.org
a50aca97a2 Reland r20692 "Check stack limit in ArgumentAdaptorTrampoline."
BUG=353058
LOG=N
TEST=mjsunit/regress/regress-353058
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/236633006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-15 08:26:26 +00:00
mstarzinger@chromium.org
39137c81e6 Fix bogus Object.isSealed check in some Array builtins.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/237253002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20750 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-15 08:25:42 +00:00
bmeurer@chromium.org
6b4d4b7287 Reland "Track field types.".
This is an initial step towards tracking the exact types instead of just
the representations of fields. It adds support to track up to one map of
heap object field values, eliminating various map checks on values
loaded from such fields, at the cost of making stores to such fields
slightly more expensive.

Issues with transitioning stores and fast object literals in Crankshaft
fixed.

TEST=mjsunit/field-type-tracking
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/238773002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-15 07:36:47 +00:00
rossberg@chromium.org
7b7f787e3b Re-reland "More tests for Union & Intersect"
R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/237143002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20733 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 15:35:36 +00:00
yangguo@chromium.org
01fc2ab69b Allow allocation and GC in access check callbacks.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/234913003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20730 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 14:03:20 +00:00
hpayer@chromium.org
c1435b0832 Don't run tests that rely on compaction when compaction is turned off.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/236203010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20728 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 13:52:41 +00:00
ulan@chromium.org
8b445aaa5f Fix result of LCodeGen::DoWrapReceiver for strict functions and builtins.
BUG=362128
LOG=Y
TEST=mjsunit/regress/regress-362128
R=jacob.bramley@arm.com

Review URL: https://codereview.chromium.org/226363007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 11:58:18 +00:00
mstarzinger@chromium.org
b280ad6c44 Try to switch Array builtins into strict mode.
R=rossberg@chromium.org
TEST=mjsunit,test262,webkit

Review URL: https://codereview.chromium.org/233083003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20717 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 11:24:40 +00:00
verwaest@chromium.org
de50f63f16 Clean up the public interface of Map.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/234573005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 11:19:37 +00:00
rossberg@chromium.org
b73257b7a3 Revert "Reland "More tests for Union & Intersect""
Need to reproduce wrong result only occurring with ASAN.

TBR=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/236873002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 09:46:56 +00:00
mvstanton@chromium.org
a9db3bc868 Some tests and simplified TransitionArray copying
Tests for verifying that we deal correctly with shrinking transition
arrays while allocating a copy of one.

Also, we can rely on a transition array only shrinking and not
disappearing during gc while copying one.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/232883003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 08:58:00 +00:00
rossberg@chromium.org
a3d743b470 Reland "More tests for Union & Intersect"
Fixes size approximation in Intersect. Also lowers the number of fuzzed types in test, to address time-outs.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/226523004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20706 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 08:46:39 +00:00
yangguo@chromium.org
7d987b3744 Allow GetScriptNameOrSourceURL to be called with exception pending.
R=jarin@chromium.org, ishell@chromium.org

Review URL: https://codereview.chromium.org/235943006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 08:27:00 +00:00
jarin@chromium.org
c1a3ab6b4f Revert "Track field types."
Revert r20701.

TBR=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/236843002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 08:24:15 +00:00
marja@chromium.org
d70f78827e Fail the compilation if the cached data is invalid.
R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/234953002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20703 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 07:35:46 +00:00
bmeurer@chromium.org
9cf3909975 Track field types.
This is an initial step towards tracking the exact types instead of just the representations of fields. It adds support to track up to one map of heap object field values, eliminating various map checks on values loaded from such fields, at the cost of making stores to such fields slightly more expensive.

TEST=mjsunit/field-type-tracking
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/167303005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20701 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 06:29:15 +00:00
ulan@chromium.org
68bbdaf28d Skip mjsunit/regress/regress-353058 for ASAN and ARM until r20692 is relanded.
TBR=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/232463005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 17:03:35 +00:00
ulan@chromium.org
4268ce0abd Check stack limit in ArgumentAdaptorTrampoline.
BUG=353058
LOG=N
TEST=mjsunit/regress/regress-353058
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/215853005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 13:39:19 +00:00
ulan@chromium.org
49d951d043 Do not call user defined getter of Error.stackTraceLimit.
Handlify GetNormalizedProperty.

BUG=360733
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/233243005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 13:16:36 +00:00
yangguo@chromium.org
80a974ba00 Reland "Handlify GetProperty."
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/235083002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 12:47:34 +00:00
dcarney@chromium.org
ee9f7f8942 Revert "More tests for Union & Intersect"
This reverts r20684.

TBR=rossberg@chromium.org

BUG=

Review URL: https://codereview.chromium.org/235133002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 12:33:20 +00:00
mvstanton@chromium.org
c5eaf80707 Handlify Map::CopyDropDescriptors().
* And contain knowledge better in TransitionArray and DescriptorArray (for example WhitenessWitness is now private to DescriptorArray).
* And remove some factory methods
* And handlify some other things.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/234783002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 12:13:53 +00:00
yangguo@chromium.org
93c9717473 Revert "Handlify GetProperty."
This reverts r20682.

TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/234893003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 11:56:54 +00:00
rossberg@chromium.org
80d8460a20 More tests for Union & Intersect
Some fixes of corner cases on the way

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/230923005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 11:53:35 +00:00
marja@chromium.org
069d783a91 Remove the PreCompile API and ScriptData.
The new compilation API (ScriptCompiler::Compile) can produce the same data, so
the separate precompilation phase is not needed. ScriptData is replaced by
ScriptCompiler::CachedData.

R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/225753004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 11:44:49 +00:00
yangguo@chromium.org
a3d68ca64d Handlify GetProperty.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/233233004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 11:26:22 +00:00
yangguo@chromium.org
380ae9810e Return MaybeHandle from Invoke.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/231883007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 10:41:09 +00:00
ulan@chromium.org
ff953ac055 Make maps in monomorphic IC stubs weak.
Maps in monomorphic Load, KeyedLoad, Store, KeyedStore, and CompareNil IC
stubs are treated as weak references by the marking visitor.

During generation of an IC stub with a weak map, the stub is appended to the
dependent code array of the map. When the map dies, all stubs in its dependent
code array are invalidated by setting embedded maps to undefined.

BUG=v8:2073
LOG=Y
TEST=cctest/test-heap/WeakMapInMonomorphic*IC
R=mstarzinger@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/188783003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20679 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 10:36:09 +00:00
yangguo@chromium.org
a640707213 Implement handlified String::Equals and Name::Equals.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/225823003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20669 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 07:27:25 +00:00
jarin@chromium.org
166ec11e43 Avoid type assertion on object comparison in Hydrogen - the comparison is unreachable because of previous checks.
BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/232053004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 06:45:24 +00:00
svenpanne@chromium.org
b460910644 x64: Make sure that the upper half of a 64bit register contains 0 for int32 values.
BUG=360611
LOG=y
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/225393005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20664 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 06:32:06 +00:00
jarin@chromium.org
fd988331ea There is no definition for HArgumentsObject, so LDummyUse confuses the register allocator. I have recently made similar fix for HCapturedObject (see https://codereview.chromium.org/222283002/).
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/226613007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20663 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 06:29:51 +00:00
danno@chromium.org
2e9902b22a Partially fix semantics of Array.push()
Semantics of elements accessors are now preserved in all optimized code paths
through Array.push(). Previously it was possible to have inconsistent behavior
between optimized and unoptimized code, and there were cases where element
accessors were completely ingored.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/232873002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 13:17:48 +00:00
bmeurer@chromium.org
990b57ba1d Treat uninitialized as internal type.
TEST=cctest/test-types
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/232913002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 11:51:03 +00:00
rossberg@chromium.org
cf4eddd3f8 Yet more type system tests
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/232843002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 11:49:18 +00:00
svenpanne@chromium.org
5bddec047d Do not use ranges after range analysis.
Due to the SSA vs. SSI difference, we are only allowed to use the
flags computed during range analysis, not the ranges themselves. For
the case at hand, there is no such flag, so the condition is simply
remvoed.

BUG=361608
LOG=y
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/232553004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20645 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 09:40:17 +00:00
ishell@chromium.org
32735ae3a9 Object::GetElements() and friends maybehandlification.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/231103002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20644 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 09:20:11 +00:00
bmeurer@chromium.org
c5b6e76ada Fix compiler warnings on Win64.
TEST=cctest/test-types
TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/232773002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 09:14:46 +00:00
bmeurer@chromium.org
4620ae5cf1 Fix symmetry of Maybe() predicate. Fix bug in NowContains() predicate.
Add tests for TypeImpl::Of(), TypeImpl::NowOf() and
TypeImpl::NowContains(). Improves the implementation of
TypeImpl::NowIs() to match that of TypeImpl::NowContains().

Mark test-types with NO_VARIANTS to speedup testing, since
the variants do not affect the type system at all.

Also improve test coverage for types.

TEST=cctest/test-types
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/230673002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 08:04:50 +00:00
bmeurer@chromium.org
5a564648dd Improve reproducibility of test runs.
Add random seed to run-tests.py, using either a user supplied
value or a random number generated by random.SystemRandom().
This same random seed is passed to all test cases, making sure
that we can easily reproduce test failures that depend on
random numbers (i.e. bugs related to our handwritten ASLR).

Also fix all uses of rand() to make use of our RNG class
instead.

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/231443002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20637 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 07:25:49 +00:00
mvstanton@chromium.org
41b6c8a0f1 Handlefy Descriptor and other code in objects.cc
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/228333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20628 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 14:26:32 +00:00
machenbach@chromium.org
1b841f369d Fix test expectations for nosnap windows.
BUG=v8:3216
LOG=n
TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/230913002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20627 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 14:01:03 +00:00
jarin@chromium.org
008a70c47b Revert "Make new space iterable when transitioning double array to objects"
This reverts r20603.

BUG=

Review URL: https://codereview.chromium.org/230863003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 13:39:03 +00:00
ishell@chromium.org
74e7a4ad07 ElementsAccessor::SetLength() maybehandlified.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/229943006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20621 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 13:16:19 +00:00
jarin@chromium.org
57d70c149c Avoid hydrogen compare-objects-equal assertions in dead code
ClusterFuzz test is triggering assertions for dead code. This fix issues
HDeoptimize instruction when it finds out that the compare instruction
is dead (because of previous checks).

R=yangguo@chromium.org
BUG=359491
LOG=N

Review URL: https://codereview.chromium.org/228883005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20620 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 13:08:28 +00:00
machenbach@chromium.org
3d427b5599 Skip tests in nosnap mode.
Depends on https://codereview.chromium.org/230743002/.

BUG=v8:3216
LOG=n
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/230583003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20618 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 13:01:54 +00:00
jochen@chromium.org
dc4ba08d17 Allow the embedder to pass the virtual memory limit to v8
The getrlimit() call might be sandboxed, so it's not safe to use it.

BUG=none
R=mstarzinger@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/228923002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20615 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 12:45:56 +00:00
yangguo@chromium.org
4df132a878 Fix argument expectation Runtime_StringParseInt.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/230693002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20614 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 12:33:51 +00:00
yangguo@chromium.org
aee76a059a Remove calls to non-handlified version of GetProperty(name).
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/229973004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20611 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 12:21:47 +00:00
bmeurer@chromium.org
a0ac88db82 Fix various bugs in the type systems, and improve test coverage.
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/230463003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20609 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 11:12:15 +00:00
jarin@chromium.org
69d5b3c155 Make new space iterable when transitioning double array to objects
R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/228643002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20603 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 09:50:08 +00:00
mstarzinger@chromium.org
e3aec7a587 Fix return value of push() and unshift() on Array.prototype.
R=ulan@chromium.org
TEST=mjsunit/regress/regress-builtinbust-3

Review URL: https://codereview.chromium.org/230453002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20602 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 09:14:56 +00:00
hpayer@chromium.org
c85cc472e7 Introduced Atomic8 and added no-barrier Atomic8 accessors.
BUG=
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/228613005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20598 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 08:20:10 +00:00
jarin@chromium.org
05670b63bf Add stack overflow check for inlined property getter
We should check for overflow for each inlined property getter;
otherwise, we can get an overflow from inlining property getter while
still having pending overflow exception from some previous inlined
getter (in the same polymorphic access).

R=verwaest@chromium.org
TEST=test/mjsunit/regress/regress-inline-getter-near-stack-limit.js

Review URL: https://codereview.chromium.org/220813003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20588 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-09 07:35:12 +00:00
adamk@chromium.org
902ad4a17a Use OrderedHashTables as the backing store of JSSet and JSMap
This also deletes ObjectHashSet as it's no longer used.

BUG=v8:1793
LOG=N
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/225183009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 20:06:35 +00:00
rossberg@chromium.org
91dec1adfe Shut up Windows and ASAN
TBR=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/226883003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20575 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 11:13:26 +00:00
rossberg@chromium.org
19f924a2ae Reland "Refactoring to allow adding new structured types"
Same as before, except that it's now using a void array instead of a struct, to shut up Clang warnings.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/224733023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20574 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 10:50:56 +00:00
yangguo@chromium.org
ed9f1af2fc Implement handlified String::Flatten.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/228093004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20572 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 09:49:49 +00:00
yangguo@chromium.org
3726ba90a7 Change exception type to Object.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/227163008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20571 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 09:44:24 +00:00
bmeurer@chromium.org
48e0d81205 Fix invalid local property lookup for transitions.
BUG=361025
LOG=y
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/224903023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20570 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 09:36:04 +00:00
yangguo@chromium.org
23dbc85bd7 Fix more MUST_USE_RESULT warnings.
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/228233002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20563 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 07:54:27 +00:00
dcarney@chromium.org
1d138ecdd5 Revert "Refactoring to allow adding new structured types"
This reverts commit r20538 for breaking gcmole.

TBR=rossberg@chromium.org

BUG=

Review URL: https://codereview.chromium.org/228223002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20562 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 07:48:47 +00:00
yangguo@chromium.org
9ed8c39cac Return MaybeHandle from SetElement and DeleteElement.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/227573002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20560 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 07:04:13 +00:00
hpayer@chromium.org
7f54e1999c Remove gc greedy mode.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/227553005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20550 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 14:22:32 +00:00
alexandre.rames@arm.com
622ddd3495 ARM64: Introduce a version of ADR handling distant targets.
This fixes an out-of-range label error for an ADR instruction in the
mozilla/data/js1_5/Regress/regress-280769-2.js test.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/222433002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 12:33:03 +00:00
rossberg@chromium.org
32f295314c Refactoring to allow adding new structured types
Also, simplfy representation of zone types, using a simple struct.

R=bmeurer@chromium.org
BUG=
LOG=N

Review URL: https://codereview.chromium.org/225923002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20538 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 11:00:41 +00:00
dcarney@chromium.org
1b31d2b34a Skip a bunch of new failing nacl tests
R=machenbach@chromium.org

BUG=

Review URL: https://codereview.chromium.org/227133006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20535 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 10:44:48 +00:00
yangguo@chromium.org
e7f0beeaa6 Make String.prototype.contains throw when passing a regular expression
Contributed by Mathias Bynens <mathiasb@opera.com>.

TEST=mjsunit/harmony
BUG=v8:3261
LOG=Y
R=yangguo@chromium.org, arv@chromium.org, ishell@chromium.org

Review URL: https://codereview.chromium.org/227113005

Patch from Mathias Bynens <mathiasb@opera.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20534 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 10:24:01 +00:00
bmeurer@chromium.org
448486ed48 Use distinct maps for oddballs with special handling in the type system.
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/227473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20531 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 09:41:13 +00:00
jarin@chromium.org
c19764595f Dead code elimination of inlined arguments objects causes wrong deopt info to be generated - instead of materializing the arguments, we get 'undefined'.
Golem says the change is perf-neutral.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/208683006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20529 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 08:42:34 +00:00
svenpanne@chromium.org
814be9b1b6 Yet another regression test for range analysis.
BUG=v8:3204
LOG=y
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/224723016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20528 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 08:04:25 +00:00
mvstanton@chromium.org
eaacd968f1 Fix for v8:3255 Grow KeyedStoreIC doesn't respect String value wrappers
BUG=v8:3255
LOG=N
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/226053002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20527 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 07:52:24 +00:00
adamk@chromium.org
8e9eebeba1 OrderedHashTable implementation with Set and Map interfaces
OrderedHashTable is an insertion-ordered HashTable based on
Jason Orendorff's writeup of a data structure attributed to Tyler Close:
https://wiki.mozilla.org/User:Jorend/Deterministic_hash_tables

It is intended as the new backing store for JSSet/JSMap, as ES6 requires
insertion-order-based iteration. Note, however, that in the interest of
keeping the initial check-in small this patch does not yet include any
iteration support.

This change also doesn't yet touch any existing behavior, but in
a branch I've verified that these structures pass the existing
JSSet/JSMap mjsunit tests.

BUG=v8:1793
LOG=N
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/220293002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 20:41:57 +00:00
marja@chromium.org
3d1a17c2ac Update tests to use the new compilation API + related fixes.
Esp. get rid of PreCompile in tests, as it's going to be removed.

Notes:
- The new compilation API doesn't have a separate precompilation phase, so there
is no separate way to check for errors except checking the compilation
errors. Removed some tests which don't make sense any more.
- test-api/Regress31661 didn't make sense as a regression test even before the
compilation API changes, because Blink doesn't precompile this short scripts. So
detecting this kind of errors (see crbug.com/31661 for more information) cannot rely
on precompilation errors.
- test-parsing/PreParserStrictOctal has nothing to do with PreParser, and the comment
about "forcing preparsing" was just wrong.
- test-api/PreCompile was supposed to test that "pre-compilation (aka
preparsing) can be called without initializing the whole VM"; that's no longer
true, since there's no separate precompilation step in the new compile
API. There are other tests (test-parsing/DontRegressPreParserDataSizes) which
ensure that we produce cached data.
- Updated tests which test preparsing to use PreParser directly (not via the
 preparsing API).
- In the new compilation API, the user doesn't need to deal with ScriptData
ever. It's only used internally, and needed in tests that test internal aspects
(e.g., modify the cached data before passing it back).
- Some tests which used to test preparse + parse now test first time parse +
  second time parse, and had to be modified to ensure we don't hit the
  compilation cache.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/225743002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 12:36:23 +00:00
yangguo@chromium.org
dd7bb01688 Return MaybeHandle from SetProperty.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/225283005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 12:06:11 +00:00
rmcilroy@chromium.org
3eb418df78 Fix fixed-point vcvt_f64_s32 immediate value encoding
The (32 - fraction_bits) value should be encoded so that the least
significant bit is set to bit 5 and the four next bits to bits 0-3. Fix
the previously incorrect encoding. This bug did not cause behavioral
issues before, since in existing uses of the function the order of the
bits in the immediate value does not matter, as they are all 1.

BUG=3256
LOG=N
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/223623003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20508 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 11:12:40 +00:00
hpayer@chromium.org
5230d8d330 Make sure value is a heap number when reusing the double box in BinaryOpICStub.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/216823005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20501 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 08:46:49 +00:00
alexandre.rames@arm.com
1f38f42ef1 ARM64: Fixes and more support for FRINT<X> instructions.
Fix simulation and tests for the [-0.5, -0.0[ range for FRINTA and FRINTN, and
add support for FRINTM.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/223843002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20487 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 14:30:44 +00:00
yangguo@chromium.org
eedc4c01f5 Return MaybeHandle from NewExternalStringFrom*.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223653003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20481 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:41:37 +00:00
yangguo@chromium.org
164e5b580c Reland "Return MaybeHandle from NewConsString."
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223813002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20480 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:30:37 +00:00
yangguo@chromium.org
893f413434 Return MaybeHandle from NewRaw???String.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223573002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20479 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:30:08 +00:00
mstarzinger@chromium.org
775d9b022f Use premordial Object.isSealed/isFrozen in builtins.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/223473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:23:35 +00:00
yangguo@chromium.org
87dd16e3cd Revert "Return MaybeHandle from NewConsString."
This reverts r20473.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/223593004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20475 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:09:14 +00:00
yangguo@chromium.org
be0d2f5d15 Return MaybeHandle from NewConsString.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223383002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 11:38:01 +00:00
jarin@chromium.org
fe37026116 When freezing global object, go through the property cell
R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/223613002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20469 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 10:43:56 +00:00
jarin@chromium.org
42d2d3cb9d Do not generate LDummyUse instruction for HCapturedObject
LDummyUse confuses the register allocator (since there is no definition
for the use).

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/222283002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20461 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 07:35:13 +00:00
jarin@chromium.org
0b53ed2d2b Check in Lithium that allocation size in Smi range.
This is to avoid triggering an assertion from Smi::FromInt. The
generated code is unreachable, so it is not a real bug.

R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/221743005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20458 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 07:04:46 +00:00
alexandre.rames@arm.com
a6d6cd08a1 ARM64: Fix cctest/test-disasm-arm64/debug on real hardware.
Without the 'BREAK' parameter, no instruction is generated when we are not
running with the simulator.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/221903004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20443 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 15:45:13 +00:00
verwaest@chromium.org
ca6b727665 Replace CopyMap(constructor->initial_map()) by Map::Create(constructor)
BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/218633014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20437 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 13:30:36 +00:00
rossberg@chromium.org
2fda95eb80 Make stray 'return' an early error
As required by the spec, and implemented by other browsers.

(Plus minor clean-up for redeclaration TypeErrors.)

R=marja@chromium.org
BUG=
LOG=Y

Review URL: https://codereview.chromium.org/220473014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 12:38:01 +00:00
jkummerow@chromium.org
511edabed2 Fix HGraphBuilder::BuildAddStringLengths
length == String::kMaxLength is fine and should not bail out.

BUG=chromium:357052
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/222113002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20433 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 12:24:42 +00:00
alph@chromium.org
923fbafc15 Show references from weak containers as weak in heap snapshots.
BUG=356590
LOG=Y
R=ulan@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/213673006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20429 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 11:19:53 +00:00
rossberg@chromium.org
45118bfdfb Make invalid LHSs that are calls late errors
Necessary for web legacy compatibility.

Also fold in additional strict mode checks into LHS checks.
Minor constness clean-ups on the way.

R=marja@chromium.org
BUG=chromium:358346
LOG=Y

Review URL: https://codereview.chromium.org/217823003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20428 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 11:03:05 +00:00
jochen@chromium.org
b4c3d2f9ba Skip cctest/test-lockers/MultithreadedParallelIsolates on windows
It's already marked as FAIL, PASS everywhere anyways.

BUG=v8:3215
LOG=n
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/221173003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20415 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 19:20:31 +00:00
dslomov@chromium.org
19c354b7b0 Support typed arrays in IsMoreGeneralElementsKindTransition.
R=verwaest@chromium.org
BUG=357054
LOG=Y

Review URL: https://codereview.chromium.org/220403004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20410 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 16:41:35 +00:00
yangguo@chromium.org
64901004be Smi immediates are not supported on x64. Do not use it.
R=jkummerow@chromium.org
BUG=358059
LOG=N

Review URL: https://codereview.chromium.org/217083003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20409 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 15:32:06 +00:00
mvstanton@chromium.org
d93c906acc Monomorphic prototype failures should be reserved for already-seen keys.
We incorrectly mark a KeyedStoreIC miss as a monomorphic prototype
failure even though it's the first time a particular (string) key has
been seen.

BUG=358088
R=verwaest@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/219313002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20407 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 14:16:54 +00:00
yangguo@chromium.org
10abff3498 Remove internalized cons string types.
Currently, internalizing a cons string could result in either an
in-place converted internalized cons string or a newly created
internalized sequential string, depending on allocation success.

The former could end up being embedded into an IC, which is not
supported.

R=mstarzinger@chromium.org
BUG=357103
LOG=N

Review URL: https://codereview.chromium.org/218993011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20394 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:30:31 +00:00
yurys@chromium.org
681c15eb4e Remove debugger_auto_break flag
The flag was introduced to support console debugger in Chrome. That debugger was replaced by DevTools long time ago and the flag is always true now.

BUG=None
LOG=Y
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/220743003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20393 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:23:23 +00:00
jochen@chromium.org
f30452ba40 Store i18n meta data in hidden symbols instead of js accessible properties
There were some tests that are supposed to protect against js messing
with the meta data, however, they just didn't try hard enough.

BUG=354967
R=dcarney@chromium.org
LOG=y

Committed: https://code.google.com/p/v8/source/detail?r=20375

Review URL: https://codereview.chromium.org/215293005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20388 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:56:16 +00:00
machenbach@chromium.org
8806f2d815 Revert r20375.
Store i18n meta data in hidden symbols instead of js accessible properties

BUG=354967
LOG=N
TBR=jochen@chromium.org

Review URL: https://codereview.chromium.org/220673002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20377 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 08:05:45 +00:00
jochen@chromium.org
0d04cba759 Store i18n meta data in hidden symbols instead of js accessible properties
There were some tests that are supposed to protect against js messing
with the meta data, however, they just didn't try hard enough.

BUG=354967
R=dcarney@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/215293005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 07:21:05 +00:00
jarin@chromium.org
5607582f3b We should perform the illegal redeclaration check earlier so that we do not confuse the AST typer with missing type feedback nodes.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/218493007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20368 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 16:45:46 +00:00
rossberg@chromium.org
282a7ca14e Fix Type::Intersect to skip uninhabited bitsets
R=verwaest@chromium.org, bmeurer@chromium.org
BUG=chromium:357330
LOG=Y

Review URL: https://codereview.chromium.org/219333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20366 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:53:21 +00:00
dslomov@chromium.org
b3148d921e Fix PrepareKeyedOperand on arm.
When additional_offset is specified, the 'key' operand can be negative
and still pass the bounds check. Therefore, when converting key from
Smi, arithmetic and not logical shift must be used.

R=verwaest@chromium.org
BUG=358057
LOG=Y

Review URL: https://codereview.chromium.org/219473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:14:28 +00:00
jarin@chromium.org
d02e1f2c25 Fix left trimming check for large objects
BUG=358090
TEST=test/mjsunit/regress/regress-358090.js
LOG=N
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/213833008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:01:46 +00:00
verwaest@chromium.org
019e27d8db Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account.""
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/218663005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:21:04 +00:00
yangguo@chromium.org
c0fa861726 Do not check for interrupt when allocating stack locals.
R=dcarney@chromium.org
BUG=357137
LOG=N

Review URL: https://codereview.chromium.org/219373004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20357 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:14:54 +00:00
jochen@chromium.org
163044e7ba Revert 20348 - "Fix LoadFieldByIndex to take mutable heap-numbers into account."
Reason for revert: crashes benchmarks/sunspider/string-fasta on ia32.debug

This also reverts r20350 and r20352

> Fix LoadFieldByIndex to take mutable heap-numbers into account.
>
> BUG=
> R=ishell@chromium.org
>
> Review URL: https://codereview.chromium.org/213213002

BUG=none
LOG=n
TBR=verwaest@chromium.org

Revert "Use sarq on x64"

This reverts commit e2a8ef9321345c6bc091054443bf2b9535ff6b1c.

Revert "Don't | int and bool"

This reverts commit c90d713d3a8ceba4fec41933a63beb6e50a3d7c0.

Review URL: https://codereview.chromium.org/219393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 13:23:32 +00:00
jochen@chromium.org
b7039334ae Revert 20313 - "Ship promises and weak collections"
> R=mstarzinger@chromium.org
> BUG=
>
> Committed: https://code.google.com/p/v8/source/detail?r=20211
>
> Review URL: https://codereview.chromium.org/206163004

R=rossberg@chromium.org
TBR=rossberg@chromium.org
LOG=y
BUG=n

Review URL: https://codereview.chromium.org/219303002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20353 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:40:32 +00:00
jochen@chromium.org
617531da8f Skip cctest/test-mark-compact/NoPromotion on ARM64
BUG=v8:3247
TBR=machenbach@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/217423006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20351 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:09:59 +00:00
verwaest@chromium.org
55a6318560 Fix LoadFieldByIndex to take mutable heap-numbers into account.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/213213002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:59:29 +00:00
jarin@chromium.org
d65fe51ca0 Add missing lazy deopt point for the TransitionElementsKind instruction.
R=mvstanton@chromium.org, yangguo@chromium.org
BUG=357105
TEST=test/mjsunit/regress/regress-357105.js
LOG=N

Review URL: https://codereview.chromium.org/216963002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:58:53 +00:00
dcarney@chromium.org
8b304a6832 Implement PersistentValueVector, analogous to PersistentValueMap.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/216973002

Patch from Daniel Vogelheim <vogelheim@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20341 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 10:03:20 +00:00
jochen@chromium.org
a2f82479c4 Skip crashing harmony mjsunit tests on NaCL
BUG=none
TBR=machenbach@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/219043002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20340 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 07:54:22 +00:00
dslomov@chromium.org
bd353dc3a0 Inline internal getters for typed arrays & friends.
R=hpayer@chromium.org, yangguo@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=20330

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 15:25:24 +00:00
jochen@chromium.org
feeccf0d10 Revert r20335 - "Raise StackOverflow during bootstrapping"
Reason for revert: New test crashes on nosnap bots

> See https://github.com/joyent/node/issues/7120
>
> R=jarin@chromium.org
> BUG=
>
> Review URL: https://codereview.chromium.org/178073002
>
> Patch from Alexis Campailla <alexis@janeasystems.com>.

TBR=jarin@chromium.org
BUG=none
LOG=n

Review URL: https://codereview.chromium.org/217013002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20337 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 14:16:11 +00:00
dslomov@chromium.org
c873e813c5 Revert "Inline internal getters for typed arrays & friends."
This reverts commit r20330 for breaking arm64 nosnap tests.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/216993002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:33:50 +00:00
jarin@chromium.org
ee173152ef Raise StackOverflow during bootstrapping
See https://github.com/joyent/node/issues/7120

R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/178073002

Patch from Alexis Campailla <alexis@janeasystems.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:26:20 +00:00
dslomov@chromium.org
6d91c1e77f Inline internal getters for typed arrays & friends.
R=hpayer@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20330 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 12:02:52 +00:00
haitao.feng@intel.com
a72e3525fc Refactor the arithmetic instructions for x64
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/214753002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20329 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 11:13:14 +00:00
marja@chromium.org
6730ec8433 Amend PersistentValueMap:
- Use the surrounding map (instead of Traits::Impl) for weak callback.
- Provide for a fast reference to a mapped value.
- Restructure Traits to accomondate for the first point above.

[Why?] As discussed, I proceeded to replace Impl with the map.
The problem I encountered with that version is that now the
Traits class depends on itself: The weak-related methods require the
map type in their signature. But the map type includes the Traits class
and hence the Traits class method signatures depend on the specific Traits class. That
makes them practically un-derivable: While you can derive a Traits class
from another one, since the compiler now expects methods with a different
signature. To accommodate, I pulled the dispose traits into the weak traits
class. I also removed the Impl*/MapType* parameter from the Dispose call,
since no implementation seems to need it.

R=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/212893007

Patch from Daniel Vogelheim <vogelheim@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20326 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 09:35:50 +00:00
yurys@chromium.org
f7b437d086 Deprecate Start/StopCpuProfiling methods
BUG=v8:3213
LOG=Y
R=alph@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/197513005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20325 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 09:24:49 +00:00
jarin@chromium.org
9e655afdb4 Reland "Fix property enum cache creation to include only own properties"
Reland r20308 (reverted by r20310).

TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/216383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 06:59:20 +00:00
haitao.feng@intel.com
329b0449d5 Introduce rolp, rorp, rclp, rcrp, shlp, shrp and sarp for x64 port
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/214493002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20320 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 04:55:00 +00:00
adamk@chromium.org
c2bbd9f9e2 Don't pass the hole to SetElement when creating Array.observe change records
Also added comments to remind us why we were using the hole here in the first
place (it's used for the case where Object.observe, rather than Array.observe,
has been called on Array that's undergoing truncation).

BUG=356589
LOG=N
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/213823002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20316 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 18:29:07 +00:00
rossberg@chromium.org
826cf64fd3 Ship promises and weak collections
R=mstarzinger@chromium.org
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=20211

Review URL: https://codereview.chromium.org/206163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20313 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:42:34 +00:00
jarin@chromium.org
af74f1206e Revert "Fix property enum cache creation to include only own properties"
This reverts commit 4cf47a20b4846cf050ea4844433e9c57654da34e.

BUG=

Review URL: https://codereview.chromium.org/214893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20310 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:18:42 +00:00
rossberg@chromium.org
ddedf5c309 Harden internal uses of .chain
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/212553009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20309 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:11:23 +00:00
jarin@chromium.org
4608bdeccc With this fix, we only create the enum cache for own property descriptors (originally we cached all descriptors in the map). The problem was that the size of all descriptors could be trimmed during GC triggered by allocating the storage for the cache, so we could have ended up with a wrong storage size.
This is really Toon's fix, I have only created a small repro case.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/212673011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20308 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 15:33:06 +00:00
haitao.feng@intel.com
e38ceab62a Update mozilla.status for a timezone without daylight saving time.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/198633002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20305 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 14:25:22 +00:00
dslomov@chromium.org
4cdfb46a6d Fix JSObject::SetElement for fixed typed array elements.
R=ulan@chromium.org
BUG=357108
LOG=N

Review URL: https://codereview.chromium.org/214543003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20300 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 12:54:26 +00:00
svenpanne@chromium.org
fe58e3d7b8 Removed 'executable' bits from mjsunit tests.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/214413006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 12:32:27 +00:00
yangguo@chromium.org
8847b52097 Reland "Correctly OOM in the CEntryStub after retries."
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/214473003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20297 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 10:41:45 +00:00
ulan@chromium.org
5eabc4b802 Run tests on android_arm64.
R=rmcilroy@chromium.org

Review URL: https://codereview.chromium.org/210773003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20295 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 10:06:53 +00:00
yangguo@chromium.org
caad1de770 Revert "Correctly OOM in the CEntryStub after retries."
This reverts r20292 due to no-snapshot failures.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/214413005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20293 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 09:59:07 +00:00
yangguo@chromium.org
3ee0783686 Correctly OOM in the CEntryStub after retries.
This fixes a bug introduced in r20179.

R=jkummerow@chromium.org
BUG=356211
LOG=N

Review URL: https://codereview.chromium.org/213193011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20292 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 09:26:47 +00:00
yangguo@chromium.org
9be61ddb8a Hide some runtime functions.
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/212163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20285 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 15:51:48 +00:00
danno@chromium.org
0a0f12b841 [x64] Improve key value sign-extension of dehoisted LoadKeyed/StoreKeyed
Instead of sign-extending at key use, definitions that can be used as keys are sign extended immediately after the definition.

R=danno@chromium.org

Review URL: https://codereview.chromium.org/179773002

Patch from Weiliang Lin <weiliang.lin@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20284 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 15:51:08 +00:00
ulan@chromium.org
a7d1b658fc Reland r19897 "Fix memory leak caused by treating Code::next_code_link as strong in marker.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/212553003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20282 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 15:14:51 +00:00
jarin@chromium.org
10606aa756 Fix missing representation for the result of HIsSmiAndBranch.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/211273010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20280 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 13:14:08 +00:00
dslomov@chromium.org
76b8f25edb This implements allocating small typed arrays in heap.
R=mvstanton@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/150813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20279 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 12:50:13 +00:00
haitao.feng@intel.com
6130206c2f Introduce andp, notp, orp and xorp for x64 port
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/205343013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20276 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 12:15:35 +00:00
haitao.feng@intel.com
687e524983 Introduce leap, movzxbp, movzxwp, repmovsp and xchgp for x64 port
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/211413008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20273 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 11:17:53 +00:00
svenpanne@chromium.org
58c45cdd03 Mark debug-stepout-scope-part8 as flaky for ARM gc-stress.
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/212253005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20264 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 08:57:21 +00:00
machenbach@chromium.org
2ed676246b Fix test serialization path for windows.
This work-around takes into account that MSVS doesn't build to "out".

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/202923003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20261 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 07:40:32 +00:00
haitao.feng@intel.com
479248f3d8 Introduce cmpp, decp, incp, negp, sbbp and testp for x64 port
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/207833002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20260 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-26 01:13:09 +00:00
ishell@chromium.org
f306341b46 TransitionElementsKind() and its recursive call chain handlified.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/207553005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20253 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 15:33:22 +00:00
dslomov@chromium.org
f66af4feb4 Refactor optimized in hydrogen only runtime functions.
This splits all runtime function into 3 categories:
1) RUNTIME: implemented in runtime and called from both full and optimized code.
2) RUNTIME_HIDDEN: implemented in runtime, never called directly from JS builtins.
3) INLINE: inlined in both full and optimized code
4) INLINE_OPTIMIZED: inlined in optimized code, implemented in runtime for full code.

R=yangguo@chromium.org, yannguo@chromium.org

Review URL: https://codereview.chromium.org/209353006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20252 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 14:26:55 +00:00
verwaest@chromium.org
c432f7166c Don't convert dictionary sloppy arguments to fast double mode.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/207683006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20251 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 14:14:58 +00:00
dslomov@chromium.org
cdc9812756 Revert "This implements allocating small typed arrays in heap."
This reverts commit r20244 for breaking Win64 build and webkit tests.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/208503007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20250 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 14:12:58 +00:00
ulan@chromium.org
cb0f49c18a Add index check in DoAccessArgumentsAt.
BUG=355523
LOG=N
TEST=mjsunit/regress/regress-355523
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/210053003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20245 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 13:26:41 +00:00
dslomov@chromium.org
654b6a27d1 This implements allocating small typed arrays in heap.
R=mvstanton@chromium.org, verwaest@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=20240

Review URL: https://codereview.chromium.org/150813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20244 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 13:21:58 +00:00
dslomov@chromium.org
727bc2153e Revert "This implements allocating small typed arrays in heap."
This reverts commit r20240 for breaking Windows build.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/211003003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20242 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 12:58:22 +00:00
dslomov@chromium.org
de690b656f Allow to neuter array buffer twice in tests.
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/209083005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20241 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 12:55:10 +00:00
dslomov@chromium.org
322a474bf2 This implements allocating small typed arrays in heap.
R=mvstanton@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/150813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20240 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 12:51:49 +00:00
rossberg@chromium.org
2e1b16de2a Revert "Ship promises and weak collections"
Reason: breaks Blink layout tests.

R=machenbach@chromium.org
BUG=

Review URL: https://codereview.chromium.org/210853003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20233 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 10:57:52 +00:00
yangguo@chromium.org
793d4cb0b6 Fix issues when changing FLAG_concurrent_recompilation after init.
R=jarin@chromium.org
BUG=356053
LOG=N

Review URL: https://codereview.chromium.org/210363005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 09:38:48 +00:00
yangguo@chromium.org
82f630a9f7 Reland "No longer OOM on invalid string length."
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/210683003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20225 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 09:09:24 +00:00
titzer@chromium.org
3c31102025 First implementation of store elimination.
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/100253004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20224 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-25 09:06:16 +00:00
jarin@chromium.org
b765d3cdb9 Revert the (wrong) fix of the argument index check asserion.
R=ishell@chromium.org
BUG=

Review URL: https://codereview.chromium.org/208423017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-24 21:32:19 +00:00
jarin@chromium.org
56f2006605 Fix to get around an assertion that triggers when generating code that happens to be dead because the assertion is checked a bit earlier at runtime.
R=ishell@chromium.org
BUG=355486
LOG=N

Review URL: https://codereview.chromium.org/201573011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20218 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-24 20:51:36 +00:00
baptiste.afsa@arm.com
688d07d11b ARM64: Prevent compilers to optimize away NaN negation in tests.
BUG=v8:3226
R=ulan@chromium.org, jochen@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/196173021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20213 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-24 17:43:56 +00:00
rossberg@chromium.org
33be68c2fa Ship promises and weak collections
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/206163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20211 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-24 16:59:04 +00:00
rossberg@chromium.org
ff1186c834 Add support for per-isolate private symbols
R=mstarzinger@chromium.org
BUG=
LOG=Y

Review URL: https://codereview.chromium.org/196103004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20209 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-24 16:34:06 +00:00
verwaest@chromium.org
e18e650582 Ensure the constant operand for heap-object store-named-field is not a smi.
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/210193002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20208 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-24 16:25:48 +00:00