Commit Graph

4958 Commits

Author SHA1 Message Date
verwaest@chromium.org
4615e9edac Reland v8:18458 "Load the global proxy from the context of the target function."
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/104013008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18462 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-07 10:46:39 +00:00
rossberg@chromium.org
2879f2104c Revert "Load the global proxy from the context of the target function."
This reverts commit https://code.google.com/p/v8/source/detail?r=18458, since it exhibits a bug that breaks some tests.

TBR=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/93863006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18461 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-07 09:55:25 +00:00
verwaest@chromium.org
5b40c38679 Load the global proxy from the context of the target function.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/111613003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18458 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-07 08:21:17 +00:00
ulan@chromium.org
343813c59e Revert r18451 "Revert r18449 "Reland r18383: More API cleanup." and r18450 "Unbreak build."" since necessary WebKit changes are rolled in Chromium.
TBR=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/119753008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18452 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-03 14:31:17 +00:00
ulan@chromium.org
163386c700 Revert r18449 "Reland r18383: More API cleanup." and r18450 "Unbreak build."
because of broken WebKit bots.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/119323006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18451 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-03 14:13:21 +00:00
svenpanne@chromium.org
08354f8f07 Unbreak build.
Test/update/commit race condition... >:-(

TBR=ulan@chromium.org

Review URL: https://codereview.chromium.org/123383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18450 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-03 12:21:48 +00:00
svenpanne@chromium.org
1143ab132e Reland r18383: More API cleanup.
* Removed String::Empty, Number::New, Integer::New, Integer::NewFromUnsigned, FunctionTemplate::New and Object::New without Isolate* parameter.

* Removed Integer::New and Integer::NewUnsigned with weird argument order.

Chrome CLs matching this change have been landed.

TBR=dcarney@chromium.org
LOG=y
BUG=324225

Review URL: https://codereview.chromium.org/108783007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18449 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-03 11:56:33 +00:00
jochen@chromium.org
e3fa6d67ca Avoid duplication of a hidden & inherited prototype's properties.
In Runtime_GetLocalPropertyNames(), the hidden prototypes of an object
are also consulted when deriving the property name set. However, if
given a function object and its template was inherited from the
template of one of its hidden prototypes, that hidden prototype's
property accessors will be present on the object already. Unwanted
duplicates will therefore appear.

Hence, go through the property names that the hidden prototypes
contribute and remove any already occurring ones.

Assumed to be a rare constellation, so the cost of this extra pass is
considered acceptable.

LOG=N
R=dcarney@chromium.org, jochen@chromium.org, rossberg@chromium.org
BUG=269562

Review URL: https://codereview.chromium.org/116533003

Patch from Sigbjorn Finne <sof@opera.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18448 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-03 11:19:13 +00:00
m.m.capewell@googlemail.com
d6aabbdcc7 ARM: Optimize truncating division and fix sim
Optimize code generated for DivI Lithium instruction when handling division
where the result is int32. Also, fix the ARM simulator to give the correct
answer for kMinInt / -1.

TEST=Division tests added to test-assembler-arm.cc
BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/102623003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18445 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-02 16:36:21 +00:00
bmeurer@chromium.org
0899da3697 Add support for the QNX operating system.
This patch contains contributions from the following members of the
BlackBerry Web Technologies team:

Eli Fidler <efidler@blackberry.com>
Konrad Piascik <kpiascik@blackberry.com>
Jeff Rogers <jrogers@blackberry.com>
Cosmin Truta <ctruta@blackberry.com>
Peter Wang <peter.wang@torchmobile.com.cn>
Xiaobo Wang <xiaobwang@blackberry.com>
Ming Xie <mxie@blackberry.com>
Leo Yang <leoyang@blackberry.com>

R=bmeurer@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/61153009

Patch from Cosmin Truta <ctruta@blackberry.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18430 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-02 07:04:05 +00:00
ulan@chromium.org
711bcbb0e3 ARM: fix loading of global object in LWrapReceiver.
Since r16993 the cp register is handled by registers allocator,
and we cannot assume that the cp always contains the context.

BUG=318420
LOG=Y
TEST=test/mjsunit/regress/regress-318420.js
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/121703002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18421 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-27 14:38:00 +00:00
ulan@chromium.org
7ac7a7ea99 Fix a race between concurrent recompilation and OSR.
If concurrent recompilation finishes before OSR, then OSR replaces
the old optimized code without evicting it from the optimized code map.

New functions can get the old optimized code from the optimized code map,
but the old code could be already deoptimized.

BUG=330046
TEST=test/mjsunit/regress-330046.js
LOG=Y
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/109033003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18420 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-27 09:22:56 +00:00
yangguo@chromium.org
2a4be7067c Refactor the compiling pipeline.
Goals:
 - easier to read, more suitable identifiers.
 - better distinction between compiling optimized/unoptimized code
 - compiler does not install code on the function.
 - easier to add features (e.g. caching optimized code for osr).
 - remove unnecessary code.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/110203002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18409 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 14:30:35 +00:00
yangguo@chromium.org
f7929d2a87 Reland "Handlify concat string and substring."
This relands commit r17490.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/114943004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18408 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 12:37:56 +00:00
yangguo@chromium.org
8c10fc6aee Harmony: implement math.hypot.
R=jarin@chromium.org
BUG=v8:2938
LOG=N

Review URL: https://codereview.chromium.org/118303002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18407 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 11:13:39 +00:00
yangguo@chromium.org
2e2676a843 Harmony: implement Math.log2 and Math.log10.
R=jarin@chromium.org
BUG=v8:2938
LOG=N

Review URL: https://codereview.chromium.org/119093006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18406 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 10:54:47 +00:00
yangguo@chromium.org
cd7d61cfc2 Fix small spec violation in String.prototype.split.
Also slightly extended the test coverage.

R=rossberg@chromium.org
BUG=v8:3026
LOG=Y

Review URL: https://codereview.chromium.org/119093002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18405 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 10:01:22 +00:00
yurys@chromium.org
18e865d4fa Delete v8::HeapGraphNode::GetHeapValue
BUG=chromium:324769
LOG=N
R=hpayer@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/98633009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18404 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 09:33:16 +00:00
yangguo@chromium.org
c61d07e03f Correctly resolve forcibly context allocated parameters in debug-evaluate.
R=ulan@chromium.org
BUG=325676
LOG=Y

Review URL: https://codereview.chromium.org/107243006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18402 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 08:37:03 +00:00
yurys@chromium.org
61c1692c9b This adds functionality for getting original functions from bound functions.
It's of much use when information about function calls is shown on the Events timeline in DevTools: instead of referencing to v8natives.js where bound functions are created, we'll be able to show real function data (name, resource, script line and column numbers) retrieved from original functions.

BUG=None
LOG=Y
R=yangguo@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/106763002

Patch from Alexandra Mikhaylova <amikhaylova@google.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18401 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 08:04:54 +00:00
machenbach@chromium.org
4692a3a7d5 Mark cpu profiler test as flaky on windows.
TBR=yurys@chromium.org
BUG=v8:2999
LOG=no

Review URL: https://codereview.chromium.org/120543002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18400 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-22 14:14:27 +00:00
vegorov@chromium.org
79ad8bf2e0 Fix sporadic crash in the RequestInterruptTestWithNativeAccessor.
The test was broken. V8 currently does not correctly lookup NativeDataProperty accessors attached to the PrototypeTemplate of FunctionTemplate (Issue 3066). As the result while(obj.shouldContinue) loop was immediately exiting and the test would terminate while RequestInterruptTestBase::InterruptThread would be still starting up. As the result later InterruptThread would try to access members of the test object which was destroyed.

The test was fixed:

- instead of attaching accessor to PrototypeTemplate we attach it to  InstanceTemplate;
- an assertion was added to verify that we completed the test successfully due to interruptor firing not due to sporadic loop termination due to some unrelated bug.

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/109653010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18391 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 14:07:19 +00:00
titzer@chromium.org
be32761a67 Improve load elimination handling of transitioning stores.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/106973005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18388 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 12:12:41 +00:00
rossberg@chromium.org
b882bddcfd Make a strict function's "name" property non-writable.
Set [[Writable]] to false for the "name" property of strict
functions as well, mirroring what non-strict functions have
it as.

LOG=N
R=rossberg@chromium.org
TEST=mjsunit/regress/regress-270142
BUG=270142

Review URL: https://codereview.chromium.org/99203006

Patch from Sigbjorn Finne <sigbjornf@opera.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18387 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 12:06:11 +00:00
hpayer@chromium.org
f583b73b70 Revert "Remove flag track-allocation-sites."
This reverts commit 6c430da40efe388035504d3603756aa8c46ed1dc.

BUG=

Review URL: https://codereview.chromium.org/109303006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18386 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 12:04:34 +00:00
mvstanton@chromium.org
e654c88fab Remove flag track-allocation-sites.
The flag has been on in the build for ~9 months, and we aren't likely to turn it off. The only customer of the flag is a set of tests that want to verify transitioning behavior in isolation. This CL removes the flag and updates those tests to get what they want without the flag.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/104923010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18385 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 11:46:31 +00:00
svenpanne@chromium.org
e595dc0368 Revert "More API cleanup."
This reverts r18383. The CL in itself is OK, we just have to wait until Chrome's commit queue lands the final corresponding change and re-land this CL. :-/

TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/119013004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18384 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 11:35:53 +00:00
svenpanne@chromium.org
d54a4e6d40 More API cleanup.
* Removed String::Empty, Number::New, Integer::New, Integer::NewFromUnsigned, FunctionTemplate::New and Object::New without Isolate* parameter.

* Removed Integer::New and Integer::NewUnsigned with weird argument order.

Chrome CLs matching this change are prepared, BTW.

LOG=y
BUG=324225
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/118523003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18383 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 10:49:27 +00:00
jochen@chromium.org
e6ef64c590 [platform] Implement a worker pool
We don't use the worker pool yet, however, there are tests. Yay. The
next step is to use the worker pool for parallel sweeping.

I've also started to move the platform related files into a sub
directory. The goal is to eventually build all the platform stuff as
a separate library which is used by d8 and cctest (and other embedders
that wish to use the default implementation) but not by chromium.

BUG=v8:3015
R=hpayer@chromium.org, svenpanne@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/104583003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18380 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-20 07:52:58 +00:00
titzer@chromium.org
1f679a58f7 Improve check elimination with branch sensitivity on HCompareObjectEqAndBranch.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/106733002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18377 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-19 17:42:21 +00:00
vegorov@chromium.org
bc77d4d60a Reland r18363.
Introduce API to temporarily interrupt long running JavaScript code.

It is different from termination API as interrupted JavaScript will continue to execute normally when registered InterruptCallback returns.

  /**
   * Request V8 to interrupt long running JavaScript code and invoke
   * the given |callback| passing the given |data| to it. After |callback|
   * returns control will be returned to the JavaScript code.
   * At any given moment V8 can remember only a single callback for the very
   * last interrupt request.
   * Can be called from another thread without acquiring a |Locker|.
   * Registered |callback| must not reenter interrupted Isolate.
   */
  void RequestInterrupt(InterruptCallback callback, void* data);

  /**
   * Clear interrupt request created by |RequestInterrupt|.
   * Can be called from another thread without acquiring a |Locker|.
   */
  void ClearInterrupt();

Fix Hydrogen SCE pass to avoid eliminating stack guards too aggressively. Only normal JavaScript functions are guaranteed to have stack guard in the prologue. If function is a builtin or has a custom call IC it will lack one.

Changes from r18363:

- includes r18364 to fix compilation errors: removes debugging only code;

- makes interrupiton related tests not threaded, because they rely on having exclusive access to the V8 instance and the fact that they can only interrupt themselves, if they are interrupted from the outside they break;

- changes HasStackCheck predicate used during SCE pass to avoid handles dereference to make SCE compatible with parallel recompilation.

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/104823008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-19 16:45:58 +00:00
jkummerow@chromium.org
3c76ecd732 Fix switch statements with non-Smi integer labels and no type feedback
BUG=chromium:329709
LOG=Y
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/98643010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18370 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-19 14:25:58 +00:00
vegorov@chromium.org
dd8a793962 Revert "Introduce API to temporarily interrupt long running JavaScript code."
This reverts commit r18363.

Revert "Fix compilation error introduced by r18363."

This reverts commit r18364.

Changes in SCE pass are incompatible with parallel compilation

TBR=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/101463003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18365 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 19:21:27 +00:00
vegorov@chromium.org
cd045f473e Fix compilation error introduced by r18363.
Remove debugging related code.

TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/104793005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18364 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 19:01:02 +00:00
vegorov@chromium.org
64d2dfa232 Introduce API to temporarily interrupt long running JavaScript code.
It is different from termination API as interrupted JavaScript will continue to execute normally when registered InterruptCallback returns.

  /**
   * Request V8 to interrupt long running JavaScript code and invoke
   * the given |callback| passing the given |data| to it. After |callback|
   * returns control will be returned to the JavaScript code.
   * At any given moment V8 can remember only a single callback for the very
   * last interrupt request.
   * Can be called from another thread without acquiring a |Locker|.
   * Registered |callback| must not reenter interrupted Isolate.
   */
  void RequestInterrupt(InterruptCallback callback, void* data);

  /**
   * Clear interrupt request created by |RequestInterrupt|.
   * Can be called from another thread without acquiring a |Locker|.
   */
  void ClearInterrupt();

Fix Hydrogen SCE pass to avoid eliminating stack guards too aggressively. Only normal JavaScript functions are guaranteed to have stack guard in the prologue. If function is a builtin or has a custom call IC it will lack one.

BUG=
R=danno@chromium.org, dcarney@chromium.org

Review URL: https://codereview.chromium.org/102063004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 18:38:35 +00:00
verwaest@chromium.org
fb7218dc3d Enable optimization of functions with generic switches.
R=jkummerow@chromium.org, titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/110123002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 11:44:38 +00:00
svenpanne@chromium.org
389ee8d59b Removed internal uses of (almost) deprecated FunctionTemplate::New version.
LOG=y
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/108063003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 10:31:42 +00:00
yurys@chromium.org
bdb77d24a1 Fix Linux shared compilation after r18337
BUG=chromium:327298
LOG=N
TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/118113002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18340 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 09:52:37 +00:00
yurys@chromium.org
19b6b7ada8 Delete several deprecated methods on v8::CpuProfiler
All methods for accessing collected profiles by index are deprecated. The indexed storage may well be implemented by the embedder should he need it. CpuProfiler's responsibility is just to create CpuProfile object that contains all collected data and whose lifetime can be managed by the embedder.

BUG=chromium:327298
LOG=Y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/117353002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18337 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 08:59:09 +00:00
yurys@chromium.org
8b542494c3 Add methods for finding object by its snapshot id and id for an object
Object<-->id mapping doesn't depend on a particular snapshot, actually same object may appear in several heap snapshots. The API for converting between id and heap object should be provided by HeapProfiler itself. There is already GetObjectId method which I extended with FindObjectById/ClearObjectIds. As the next step I'm going to deprecate and remove HeapGraphNode::GetHeapValue.

BUG=chromium:324769
LOG=N
R=alph@chromium.org, hpayer@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/93843004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18334 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 08:17:03 +00:00
svenpanne@chromium.org
402139f686 Remove all stuff marked as V8_DEPRECATED.
R=jochen@chromium.org, mstarzinger@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/99193002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18333 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 08:09:37 +00:00
yangguo@chromium.org
213b05b5b9 Fix off-by-one error in AstTyper, part 2.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/112933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18308 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-12 15:19:57 +00:00
jkummerow@chromium.org
48ff79a300 Fix polymorphic inlined calls with migrating prototypes
LOG=Y
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/104793003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-12 14:57:00 +00:00
yurys@chromium.org
19f29c380e Do not stop profiling if all finished profiles were deleted
Deleting finished profiles shouldn't interrupt profile recording.

BUG=chromium:327298
LOG=N
R=alph@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/103893003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18302 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-11 14:39:18 +00:00
verwaest@chromium.org
d5787278bc Fixed global object leak caused by overwriting the global receiver (the global proxy) in the global object with the global object itself.
This CL additionally removes the API function to reattach a global proxy to a
global object.

BUG=324812
LOG=y
R=dcarney@chromium.org, titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/101733002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-11 13:51:48 +00:00
ulan@chromium.org
cc401095fb Initialize Date parse cache with SMI instead of double to workaround sharing mutable heap numbers in snapshot.
This is the only field in the snapshot that was tracked as double.

R=verwaest@chromium.org
TEST=mjsunit/regress/regress-280531.js
BUG=280531
LOG=Y

Review URL: https://chromiumcodereview.appspot.com/112003005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18298 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-11 13:11:44 +00:00
yangguo@chromium.org
5bc64b9fa5 Fix off-by-one error in AstTyper.
This causes the first parameter to be confused with the first
stack local when we collect type information.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/105943007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18296 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-11 11:34:09 +00:00
hpayer@chromium.org
75a84eca0b Added regression test for escape analysis.
BUG=
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/99133011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18290 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-10 15:54:20 +00:00
titzer@chromium.org
3de79abd85 Add a regression test for boolean concatenation in strings.
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/106743010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18287 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-10 14:05:25 +00:00
yangguo@chromium.org
d9e0763532 Track *all* external strings in the external string table.
Up till now, external strings may be tracked in the string table
(for internalized strings) or the external string table, depending
on in which order internalize and externalize happened.

The internalized string table should not have to deal with external
strings, all of which should be tracked by the external string table.

R=svenpanne@chromium.org
BUG=326489
LOG=N

Review URL: https://codereview.chromium.org/103663006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18285 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-10 12:11:45 +00:00
svenpanne@chromium.org
e1db6d86a9 Avoid FP exceptions when doing integer division.
BUG=v8:3039
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/104003004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18277 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-09 10:15:19 +00:00
yurys@chromium.org
cd5ea74700 Replace 'operator*' with explicit 'get' method on SmartPointer
Made operator* return reference to the raw type, not pointer. New method 'get()' should be used when raw pointer is needed.

Also removed useless inline modifier from the SmaprtPointer methods and added const modifier to the methods that don't change smart pointer.

Made ~SmartPointerBase protected to avoid accidental calls of the non-virtual base class's destructor.

drive-by: fixed use after free in src/factory.cc

BUG=None
LOG=N
R=alph@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/101763003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18275 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-09 07:41:20 +00:00
jkummerow@chromium.org
64e9cbc305 Fix compilation with clang
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/106863002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18267 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-06 11:45:26 +00:00
mvstanton@chromium.org
b807f4f82f Bugfix: HCheckInstanceType::GetCheckMaskAndTag used an incorrect mask.
The mask to check for an internalized string was incorrectly formed. Hat
tip to Weiliang Lin for discovering the bug.

BUG=v8:3038
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/108033002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18265 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-06 09:43:07 +00:00
verwaest@chromium.org
8a4df124a4 Fix loop side-effects of deoptimizing loops with a nested live OSR loop.
R=titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/106723002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18263 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-05 18:31:06 +00:00
machenbach@chromium.org
d8a757c669 Add tests and extension verifying CHECK and ASSERT.
The new native functions can also be used in blink tests to ensure that V8 asserts are turned on where they should be.

BUG=
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/105953005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18262 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-05 17:26:22 +00:00
dcarney@chromium.org
69314e1f47 Fix parameter passing in callback store ics on arm
R=svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/93873007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18260 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-05 12:38:50 +00:00
yangguo@chromium.org
34f0b745b8 Reland "Implement hyperbolic math functions for ES6."
BUG=v8:2938
LOG=N
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/104173002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18258 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-05 12:36:42 +00:00
svenpanne@chromium.org
d6b75581f3 Remove internal uses of HandleScope::Close().
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/104183002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18254 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-04 10:09:08 +00:00
yangguo@chromium.org
3e689544af Revert "Implement hyperbolic math functions for ES6."
BUG=

Review URL: https://codereview.chromium.org/104003002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18248 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-04 08:53:17 +00:00
yangguo@chromium.org
d1e0c338f3 Implement hyperbolic math functions for ES6.
R=jarin@chromium.org
BUG=v8:2938
LOG=Y

Review URL: https://codereview.chromium.org/102023003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18245 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-04 08:32:18 +00:00
titzer@chromium.org
1d6710c933 Add some test cases with dead loops.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/98323004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18242 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-03 18:04:45 +00:00
verwaest@chromium.org
d4eaae37d1 Check whether the receiver to a keyed-call is actually a heapobject.
BUG=325225
LOG=n
R=dslomov@chromium.org

Review URL: https://chromiumcodereview.appspot.com/101863004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18241 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-03 17:59:31 +00:00
jochen@chromium.org
9d2344d1f4 Tests that make a stack allocated persistent weak and rely on gc need to force gc
Otherwise, if during a fuzzer test incremental marking is running, we'll
crash in the weak callback

BUG=none
TBR=verwaest@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/101843002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18233 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-03 13:12:52 +00:00
jochen@chromium.org
8565d3e966 Remove deprecated Persistent::MakeWeak usage from V8
BUG=none
LOG=n
R=dcarney@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/101523002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18227 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-03 10:40:13 +00:00
yurys@chromium.org
054bdf7fc0 Remove HeapSnapshotsCollection class
The class added unecessary level of indirection to the heap profiler implementation. I merged some of its implementation into HeapProfiler and deleted the rest. This refactoring is also a prerequisite for keeping HeapObjectsMap alive even when all snapshots are deleted.

BUG=None
LOG=N
R=alph@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/101393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18221 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-03 09:48:30 +00:00
titzer@chromium.org
16c4c14fac Check elimination: Learn from if(CompareMap(x)) on true branch.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/99043002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18210 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 18:34:33 +00:00
jochen@chromium.org
5d4c7562a1 Remove remaining HandleScope::Close usage
For some reason, this is only caught when compiling with chromium on
Mac.

BUG=none
R=verwaest@chromium.org, dslomov@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/99263002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18209 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 18:12:01 +00:00
marja@chromium.org
54dfe36519 Fix: test-debug.cc: don't misuse C++.
The test in question (test-debug/LiveEditEnabled) is expected to fail, and it
failed, but because of the wrong reason (the test asserts that the default
isolate is not initialized, SetLiveEditEnabled initialized the default
isolate because it doesn't get one as param). Now it fails because of the right
reason.

R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/99043004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18203 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 15:41:57 +00:00
yurys@chromium.org
e87fe7b71f Simplify allocation tracker API
Deprecated separate methods for starting/stopping allocation tracking in favor of a bool param to Start/StopTrackingHeapObjects.

BUG=None
LOG=N
R=loislo@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/96933003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18197 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 14:27:24 +00:00
bmeurer@chromium.org
aa83f2900a Fix invalid assertion with OSR in BuildBinaryOperation.
BUG=v8:3032
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/98623004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18190 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 13:12:07 +00:00
yangguo@chromium.org
3d062847a4 Make sin-cos test case compatible with --always-osr.
R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/98893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18188 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 12:56:54 +00:00
mstarzinger@chromium.org
db915fe97e Handle captured objects in OptimizedFrame::Summarize.
R=yangguo@chromium.org
BUG=v8:3029
TEST=mjsunit/regress/regress-3029
LOG=N

Review URL: https://codereview.chromium.org/96773002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18187 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 12:11:02 +00:00
bmeurer@chromium.org
6e373493aa Drop IsPregenerated() and allow_stub_calls flag.
This also removes the fixed register hack that was required to support RecordWriteStub in the snapshot.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/96853003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18167 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-29 20:49:15 +00:00
mvstanton@chromium.org
5ba1304d60 Array builtins need to be prevented from changing frozen objects, and changing structure on sealed objects.
BUG=299979
LOG=Y
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/80623002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18164 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-29 15:22:16 +00:00
yurys@chromium.org
5567426483 Do not put allocated block into HeapObjectsMap
Heap allocation reported to AllocationTracker may be later divided into several objects so it is incorrect to put the block as a new HeapObject into the map. We will match allocated block with actual HeapObjects later when iterating Heap (will be addressed in another patch). Since the objects are not assigned an id immediately after creation we need to call FindOrAddEntry when finding id for SharedFunctionInfo during stack crawling.

Removed hooks for tracking creation of AllocationMemento. AllocationMemento is not a HeapObject and should be considered as implementation overhead.

Renamed NewObjectEvent to AllocationEvent which is more precise in case of folded allocations and when a part of the new block becomes AllocationMemento.

BUG=None
LOG=N
R=loislo@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/95283003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18151 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-29 09:54:38 +00:00
yangguo@chromium.org
f235194518 Fix bug in inlining Function.apply.
R=jkummerow@chromium.org
BUG=323942
LOG=Y

Review URL: https://codereview.chromium.org/95123003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18135 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 15:30:17 +00:00
titzer@chromium.org
bbdd21ebb0 Fix load elimination: can only .Equals() GVN-able instructions.
BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/95193002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18133 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 15:27:42 +00:00
dslomov@chromium.org
7372596615 Ensure that length is Smi in TypedArrayFromArrayLike constructor.
R=jkummerow@chromium.org
BUG=324028
LOG=Y

Review URL: https://codereview.chromium.org/94473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18129 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 15:22:36 +00:00
mstarzinger@chromium.org
d53e38777f Fix missing bounds check in n-arguments Array constructor.
LOG=N
R=mvstanton@chromium.org
BUG=v8:3027
TEST=mjsunit/regress/regress-3027

Review URL: https://codereview.chromium.org/92103003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18116 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 09:29:57 +00:00
yangguo@chromium.org
ea43173cf4 Shorten autogenerated error message.
R=rossberg@chromium.org
BUG=v8:3019
LOG=Y

Review URL: https://codereview.chromium.org/88393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18115 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 08:59:45 +00:00
jochen@chromium.org
c1da40c08d Mark deprecated APIs with relatively little use as deprecated
BUG=none
R=svenpanne@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/91503002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18114 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 08:21:26 +00:00
rossberg@chromium.org
e943623b12 Harmony promises
Based on prototype at

  https://github.com/rossberg-chromium/js-promise

which informed the latest spec draft version at

  https://github.com/domenic/promises-unwrapping/blob/master/README.md

Activated by --harmony-promises.

Feature complete with respect to the draft spec, plus the addition of .when and .deferred methods. Final naming and other possible deviations from the current draft will hopefully be resolved soon after the next TC39 meeting.

This CL also generalises the Object.observe delivery loop into a simplistic microtask loop. Currently, all observer events are delivered before invoking any promise handler in a single fixpoint iteration. It's not clear yet what the final semantics is supposed to be (should there be a global event ordering?), but it will probably require a more thorough event loop abstraction inside V8 once we get there.

R=dslomov@chromium.org, yhirano@chromium.org
BUG=

Review URL: https://codereview.chromium.org/64223010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18113 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-27 17:21:40 +00:00
mvstanton@chromium.org
f3a22f965e The goal is to discover the appropriate heap space for objects created in full
code. By the time we optimize the code, we'll be able to decide on new or old
space based on the number of surviving objects after one or more gcs.

The mechanism is a "memento" placed behind objects in the heap. It's currently
done for array and object literals, with plans to use mementos for constructed
objects as well (in a later CL).

The feature is behind the flag allocation_site_pretenuring, currently off.

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/40063002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-27 14:03:40 +00:00
dcarney@chromium.org
89fb55c463 Split Persistent into Persistent and UniquePersistent
R=svenpanne@chromium.org

BUG=

Review URL: https://codereview.chromium.org/88013002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18093 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-27 09:30:49 +00:00
machenbach@chromium.org
c95173b2eb Increase test runner speed.
Let the test runner preserve the order of test suites to let suites with long running tests run first.

Mark some tests as slow that can now be skipped via --slow-tests=skip.

BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/88343002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18086 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-26 16:53:04 +00:00
yangguo@chromium.org
ab96631177 Increase precision for base conversion for large integers.
R=jkummerow@chromium.org
BUG=v8:3025
LOG=Y

Review URL: https://codereview.chromium.org/88583002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18082 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-26 15:48:13 +00:00
yangguo@chromium.org
afd8e5a305 Speed up long-running test cases.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/85163003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18070 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-26 11:32:39 +00:00
yangguo@chromium.org
4716b292db Make some ARM test cases faster.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/85473004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18069 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-26 10:43:44 +00:00
machenbach@chromium.org
e6e8acd446 Make test runner more flexible for running fast tests.
Transformed variant flags into named variants. Now, all combinations of variants can be specified on the command line. The old command-line flags are kept for backwards compatibility on the bots.

Added two new test groups: slow and pass|fail. Both are implemented similar to the flaky test feature and allow to either skip or run tests marked as slow or as pass|fail.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/85733003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18062 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-25 17:34:52 +00:00
dslomov@chromium.org
c3a4d718ce Generate TypedArrayInitialize builtin in hydrogen.
R=danno@chromium.org

Review URL: https://codereview.chromium.org/59023003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18059 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-25 14:41:46 +00:00
jochen@chromium.org
5e177bd658 Add versions with an Isolate parameter for inlined API methods that need one
We shouldn't have APIs that call Isolate::GetCurrent() internally. This
change removes all remaining occurrences of inlined methods in v8.h

BUG=none
R=svenpanne@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/85693002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18058 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-25 14:30:59 +00:00
mvstanton@chromium.org
81b22bbf96 A performance regression in array literal creation was caused by refactoring that eliminated a special fast case for shallow arrays. At the same time the general case got a bit slower. This CL restores most of the performance without coding the special fast case. The virtual dispatching is unnecessary because we know what we want to do at compile time. A flag was added to Runtime::CreateArrayLiteral. The flags delivers information about shallowness but also whether or not allocation mementos should be created. This is useful for crankshafted code.
BUG=v8:3008
LOG=Y
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/77293003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-25 12:41:27 +00:00
yangguo@chromium.org
aa3518a0f3 Make sure files end with exactly one new line and police this in presubmit.
The changes are (excluding presubmit.py) mechanical. I added the following
lines after the check and iterated the presubmit script until all errors
went away:

f = open(name, "w");
if contents.endswith('\n\n'):
  f.write(contents[0:-1])
else:
  f.write(contents + '\n')

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/82803005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 13:50:39 +00:00
jochen@chromium.org
c0c5efb9e7 Remove usage of deprecated APIs from cctests
Also turn on deprecation warnings

BUG=v8:3023
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/83343002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18011 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 12:43:17 +00:00
jochen@chromium.org
4452341b55 Clean up incorrect V8_DEPRECATION macro usage and enable deprecatitions
We turn the default for standalone builds on, however, I added overrides
to all targets to turn it locally off again. In follow up CLs, I'll
clean up one target at a time.

BUG=v8:3023
R=dcarney@chromium.org, machenbach@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/82763004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18002 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 10:57:55 +00:00
yangguo@chromium.org
3acd5dcdce Dispose external string resource on heap teardown.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/83253002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 10:52:15 +00:00
ulan@chromium.org
21fb1401bd Restore saved caller FP registers on stub failure
and preserve FP registers on NotifyStubFailure.

In debug mode, clobber FP registers on each runtime call to increase
chances of catching such bugs.

R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/78283002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18000 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 10:21:47 +00:00
yangguo@chromium.org
565c839f2c Correctly change test expectations.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/82913003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17989 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 08:40:38 +00:00
yangguo@chromium.org
a7d38f7a41 Reland: Embed trigonometric lookup table.
R=danno@chromium.org

Review URL: https://codereview.chromium.org/78263005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17988 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 08:25:50 +00:00
danno@chromium.org
8e266c2244 Revert 17963, 17962 and 17955: Random number generator in JS changes
Revert 17966, 17965 also as collateral damage: Embed trigonometric lookup table.

Due to Heapcheck and valgrind failures that are not yet fixed.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/80513004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17981 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-21 17:21:00 +00:00
jochen@chromium.org
662dd44875 Remove preemption thread and API
BUG=v8:3004
R=svenpanne@chromium.org, yangguo@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/62283010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17967 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-21 13:47:37 +00:00
svenpanne@chromium.org
2b1da67263 Implement Math.random() purely in JavaScript.
This removes tons of architecture-specific code and makes it easy to
experiment with other pseudo-RNG algorithms. The crankshafted code is
extremely good, keeping all things unboxed and doing only minimal
checks, so it is basically equivalent to the handwritten code.

When benchmarks are run without parallel recompilation, we get a few
percent regression on SunSpider's string-validate-input and
string-base64, but these benchmarks run so fast that the overall
SunSpider score is hardly affected and within the usual jitter. Note
that these benchmarks actually run even faster when we don't
crankshaft at all on the main thread (the regression is not caused by
bad code, it is caused by Crankshaft needing a few hundred microsecond
for compilation of a trivial function). Luckily, when parallel
recompilation is enabled, i.e. in the browser, we see no regression at
all!

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/68723002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-21 09:55:15 +00:00
jkummerow@chromium.org
96c9095f3b Fix Windows build for real
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/80513002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17948 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-21 08:59:15 +00:00
yangguo@chromium.org
e5f187995d Mark flaky debug test as failing.
The issues are known. For the time being, we mark it as failing.

R=machenbach@chromium.org
BUG=v8:2921, v8:3005
LOG=N

Review URL: https://codereview.chromium.org/77723008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17938 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 17:09:17 +00:00
jochen@chromium.org
840bc42de0 Reland r17907 - Make it possible to add more than one piece of embedder data to isolates"
This will allow for using gin and blink bindings in the same
process.

Over r17907, I changed the order of fields in Isolate to be stable across different platforms, since the ABI defined packing is not the same on
all targets, and I initialize the embedder data field in Isolate.

BUG=317398
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/78453002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17935 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 15:16:18 +00:00
yangguo@chromium.org
42f920cfea Update benchmark test suite.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/67763007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17934 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 15:05:52 +00:00
yangguo@chromium.org
2c7ebfa7f0 Increase precision when finding the remainder after division by pi/2.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/66703005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17933 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 15:04:37 +00:00
mvstanton@chromium.org
1e8c7c56d2 Re-enable EnsureAllocationSiteDependentCodesProcessed.
The problem was that we don't use crankshaft on non-sse2 builds.
(on ARM non-vfp3).

R=danno@chromium.org

Review URL: https://codereview.chromium.org/77963002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17930 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 14:20:07 +00:00
svenpanne@chromium.org
8f88467bf6 Removed unused --preallocate-message-memory flag.
It results in a lot of dead code, and Isolate::PrintStack itself
crashes most of the time when something went wrong earlier.
Furthermore, we have plans do get better information into the
minidump, anyway.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/78003002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17918 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 12:35:58 +00:00
jochen@chromium.org
bd09937300 Revert r17907 - Make it possible to add more than one piece of embedder data to isolates
> This will allow for using gin and blink bindings in the same process
>
> BUG=317398
> R=svenpanne@chromium.org, dcarney@chromium.org
> LOG=y
>
> Review URL: https://codereview.chromium.org/77913003

BUG=none
R=svenpanne@chromium.org
TBR=svenpanne@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/78093005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17915 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 12:05:44 +00:00
rmcilroy@chromium.org
782040d275 Remove deprecated v8::SetResourceConstraints without Isolate parameter
LOG=Y
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/62193003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17910 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 11:21:51 +00:00
jochen@chromium.org
4515fb5c4f Make it possible to add more than one piece of embedder data to isolates
This will allow for using gin and blink bindings in the same process

BUG=317398
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/77913003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17907 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 10:59:13 +00:00
mvstanton@chromium.org
daf4e6580d Quit running EnsureAllocationSiteDependentCodesProcessed test until
it's failure is diagnosed.

R=danno@chromium.org

Review URL: https://codereview.chromium.org/77923002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17894 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 08:55:20 +00:00
danno@chromium.org
a5f910eb2b Turn ASSERTs to CHECKs in test-heap.cc
This fixes unused variable compile failures in release builds introduced in r17887.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/76413004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17888 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 17:29:43 +00:00
mvstanton@chromium.org
25fdcf27f2 Test that AllocationSite::dependent_code doesn't leak code objects.
Verify that code objects are treated weakly by the AllocationSite
dependent_code field.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/61923006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17887 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 16:57:49 +00:00
danno@chromium.org
06c7620302 Fixed crashes exposed though fuzzing.
The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set.

R=yangguo@chromium.org
TEST=test/mjsunit/regress/regress-320948.js
BUG=chromium:320948
LOG=Y

Review URL: https://codereview.chromium.org/72813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 16:41:07 +00:00
jkummerow@chromium.org
37443768bf Fix register trashing in Emit*ByteSeqStringSetChar
This is currently not observable without --allow-natives-syntax because all internal usages are safe, but it deserves to be fixed nonetheless.

BUG=chromium:320922
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/67103003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17873 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 12:59:09 +00:00
yangguo@chromium.org
e2563d7a8e Make number of available threads isolate-dependent and expose it to ResourceConstraints.
R=svenpanne@chromium.org
BUG=v8:2991
LOG=Y

Review URL: https://codereview.chromium.org/68203029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 11:52:47 +00:00
mvstanton@chromium.org
bff41483dc Bugfix: dependent code field in AllocationSite was keeping code objects alive even after context death.
BUG=320532
LOG=Y
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/62803008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 10:17:33 +00:00
svenpanne@chromium.org
c524efd759 Introduce addps/subps/mulps/divps for IA32/X64
BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/60093005

Patch from Weiliang Lin <weiliang.lin@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17842 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 15:24:41 +00:00
dslomov@chromium.org
6749e57f47 Fix data view accessors to throw execptions on offsets bigger than size_t.
R=jkummerow@chromium.org
BUG=v8:3013
LOG=Y

Review URL: https://codereview.chromium.org/74583003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17840 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 15:16:22 +00:00
dslomov@chromium.org
cb6e8b334d Revert "Fix data view accessors to throw execptions on offsets bigger than size_t."
This reverts commit r17838 for breaking arm build.

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/75213005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17839 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 15:05:05 +00:00
dslomov@chromium.org
dd5c7ec89e Fix data view accessors to throw execptions on offsets bigger than size_t.
R=jkummerow@chromium.org
BUG=v8:3013
LOG=Y

Review URL: https://codereview.chromium.org/74583003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17838 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 14:58:16 +00:00
dslomov@chromium.org
4228132e74 Use mock ArrayBuffer allocator to avoid really allocating 1Gb.
R=jkummerow@chromium.org
BUG=v8:3014
LOG=N

Review URL: https://codereview.chromium.org/61623009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17837 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 14:50:45 +00:00
dslomov@chromium.org
99133912bd Generate DataViewInitialize built-in in hydrogen.
R=bmeurer@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/66843011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 13:57:49 +00:00
danno@chromium.org
f27f2fa420 Match max property descriptor length to corresponding bit fields
BUG=v8:3010
R=verwaest@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/72333004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 11:44:06 +00:00
mstarzinger@chromium.org
ed034b39e5 Fix bogus allocation limit in allocation folding.
R=ishell@chromium.org
TEST=mjsunit/allocation-folding

Review URL: https://codereview.chromium.org/73563004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17805 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 18:44:59 +00:00
dslomov@chromium.org
7832aab75c Add suppressions for regress-319722-ArrayBuffer.
TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/59093007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17803 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 17:40:21 +00:00
jkummerow@chromium.org
c9b41c6995 Limit size of dehoistable array indices
LOG=Y
BUG=chromium:319835,chromium:319860
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/74113002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17801 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 17:24:10 +00:00
dslomov@chromium.org
7936ca39be Limit the size for typed arrays to MaxSmi.
R=jkummerow@chromium.org
LOG=Y
BUG=319722

Review URL: https://codereview.chromium.org/73943004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 16:37:15 +00:00
dslomov@chromium.org
c01aa1fc1f Revert "Limit the size for typed arrays to MaxSmi."
This reverts commit r17798 for allocating too much memroy in tests.

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/74093002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 16:25:51 +00:00
dslomov@chromium.org
09ca1318ab Limit the size for typed arrays to MaxSmi.
R=jkummerow@chromium.org
LOG=Y
BUG=319722

Review URL: https://codereview.chromium.org/73943004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17798 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 16:09:56 +00:00
yurys@chromium.org
88e7d631b9 Add allocation tracker test for bumb pointer allocations
Test that allocations which regularly happen inline in the generated code and create objects in bump pointer space will be recorded by the allocation tracker.

BUG=chromium:277984
LOG=N
R=loislo@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/73893005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17794 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 14:47:11 +00:00
verwaest@chromium.org
341d405301 Reland and fix "Add support for keyed-call on arrays of fast elements"
BUG=
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/71783003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 10:52:05 +00:00
yurys@chromium.org
14a25f1ede Use path relatinve to cctest folder in cctest.status
BUG=v8:3005
LOG=N
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/68173023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17773 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 09:28:40 +00:00
bmeurer@chromium.org
2ee5aa951c Fix missing type feedback check for Generic*String addition.
TEST=mjsunit/regress/regress-crbug-318671
BUG=318671
LOG=y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/67473007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17772 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 09:13:36 +00:00
yurys@chromium.org
1c24c44e22 Mark cctest/test-alloc/CodeRange as flaky on Windows
BUG=v8:3005
LOG=N
R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/65833003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17771 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 09:10:44 +00:00
rafaelw@chromium.org
bdf78a7ad3 Reland [Object.observe] Don't force normalization of elements for observed objects
Original Issue: https://codereview.chromium.org/29353003/

Note that this version of the patch includes logic for bailing out of compiled ArrayPush/ArrayPop calls if the array is observed (see stub-cache-*)

R=danno@chromium.org
BUG=v8:2946
LOG=N

Review URL: https://codereview.chromium.org/68343016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17769 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 21:47:39 +00:00
rafaelw@chromium.org
161cc3cd2a Handlify JSObject::SetElement & brethren
Because SetElement & co are interdependent, this patch handlfies all of JSObject::
-SetElement
-SetFastElement
-SetDictionaryElement
-SetFastDoubleElement
-SetElementWithInterceptor
-SetElementWithoutInterceptor
-SetElementWithCallbackSetterInPrototype

R=mstarzinger@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/66803002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17757 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 17:30:48 +00:00
verwaest@chromium.org
93f2ed48d9 Handle all object types (minus smi) in load/store ICs
R=ulan@chromium.org

Review URL: https://chromiumcodereview.appspot.com/62953007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 16:25:31 +00:00
ulan@chromium.org
31493412c4 Do not update survival rate if the new space size is zero.
BUG=v8:2333
LOG=N
R=hpayer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/48443002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17753 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 15:25:21 +00:00
mstarzinger@chromium.org
9f4591c368 Add ability to disable inline bump-pointer allocation.
R=ulan@chromium.org, yurys@chromium.org
TEST=cctest/test-heap/DisableInlineAllocation

Review URL: https://codereview.chromium.org/69953023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17752 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 15:14:37 +00:00
machenbach@chromium.org
eef8694a7e [Sheriff] Revert "Add support for keyed-call on arrays of fast elements"
This reverts commit r17746 for breaking layout tests.

TBR=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/72753002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 15:00:13 +00:00
verwaest@chromium.org
607a175cbc Add support for keyed-call on arrays of fast elements
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23537067

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 13:46:18 +00:00
yurys@chromium.org
c7b1b79e4d This is the exact copy of r17365 which was reverted in r17488 due to memory corruption. The root cause for the memory corruption - missing check for bump pointer limit before storing filler map must be addressed in r17626 where allocation hooks were removed from the generated code and left only in the runtime.
This is initial implementation of allocation profiler.

Whenever new object allocation is reported to the HeapProfiler and allocation tracking is on we will capture current stack trace, add it to the collection of the allocation traces (a tree) and attribute the allocated size to the top JS function on the stack.

Format of serialized heap snapshot is extended to include information about recorded allocation stack traces.

This patch is r17301 plus a fix for the test crash in debug mode. The test crashed because we were traversing stack trace when just allocated object wasn't completely configured, in particular the map pointer was incorrect. Invalid Map pointer broke heap iteration required to find Code object for a given pc during stack traversal. The solution is to insert free space filler in the newly allocated block just before collecting stack trace.

BUG=chromium:277984,v8:2949
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/61893031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17742 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 12:13:26 +00:00
mvstanton@chromium.org
3cf157b43b Inline zero argument array constructor.
patch from issue 54583003 (dependent code).

Zero arguments - very easy

1 argument - three special cases:
  a) If length is a constant in valid array length range,
     no need to check it at runtime.
  b) respect DoNotInline feedback on the AllocationSite for
     cases that the argument is not a smi or is an integer
     with a length that should create a dictionary.
  c) if kind feedback is non-holey, and length is non-constant,
     we'd have to generate a lot of code to be correct.
     Don't inline this case.

N arguments - one special case:
  a) If a deopt ever occurs because an input argument isn't
     compatible with the elements kind, then set the
     DoNotInline flag.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/55933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 12:05:09 +00:00
danno@chromium.org
28ed69b8fb Fix overflow in TypedArray initialization function
BUG=chromium:319120
TEST=test/mjsunit/regress/regress-319120.js
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/61753013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17711 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 06:20:48 +00:00
machenbach@chromium.org
cbe604f4df [Sheriff] Mark flaky webkit test.
TBR=jkummerow@chromium.org
BUG=v8:2989

Review URL: https://codereview.chromium.org/62283008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-13 11:09:47 +00:00
machenbach@chromium.org
6822e027b3 [Sheriff] Mark flaky webkit test.
TBR=jkummerow@chromium.org
BUG=v8:2989

Review URL: https://codereview.chromium.org/68573003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-13 10:43:43 +00:00
rossberg@chromium.org
cec8383cff Provide private symbols through internal APIs
Adds a notion of private symbols, mainly intended for internal use, especially, self-hosting of built-in types that would otherwise require new C++ classes.

On the JS side (i.e., in built-ins), private properties can be created and accessed through a set of macros:

  NEW_PRIVATE(print_name)
  HAS_PRIVATE(obj, sym)
  GET_PRIVATE(obj, sym)
  SET_PRIVATE(obj, sym, val)
  DELETE_PRIVATE(obj, sym)

In the V8 API, they are accessible via a new class Private, and respective HasPrivate/Get/Private/SetPrivate/DeletePrivate methods on calss Object.

These APIs are designed and restricted such that their implementation can later be replaced by whatever ES7+ will officially provide.

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/48923002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-13 10:34:06 +00:00
yangguo@chromium.org
e83fd01ce6 Reland "Implement Math.sin, cos and tan using table lookup and spline interpolation."
This relands r17594 with necessary fixes.

R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/70003004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 14:43:18 +00:00
machenbach@chromium.org
fadaa0f6a3 [Sheriff] Mark flaky test on windows.
BUG=v8:2999
TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/68773007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 12:28:48 +00:00
jkummerow@chromium.org
6aad7fb992 Fix compilation with GCC 4.8
BUG=v8:2767,v8:2149
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/69413002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17641 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 12:09:38 +00:00
yangguo@chromium.org
df9665032e Introduce %_IsMinusZero.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/63423004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 11:53:13 +00:00
jochen@chromium.org
7df10557a5 Add explicit Isolate parameter to External::New
We can't deprecate the non-Isolate version yet but soon will.

R=svenpanne@chromium.org, svenpanne@google.com
BUG=266838

Review URL: https://codereview.chromium.org/70163002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17638 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 11:44:58 +00:00
machenbach@chromium.org
fc9d804d27 [Sheriff] Skip failing test on nacl.
TBR=danno@chromium.org
BUG=v8:2998

Review URL: https://codereview.chromium.org/68163012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17637 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 11:36:20 +00:00
bmeurer@chromium.org
6f75e92902 Add initial hydrogenized NewStringAddStub.
The new stub is enabled via the --new-string-add flag, which is
disabled by default. For now, it's only a stripped down version
of the native StringAddStub, it's still work-in-progress.

BUG=v8:2990
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/61893009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 10:21:08 +00:00
mstarzinger@chromium.org
d5cb83f4aa Fix invalid reuse of weak global handle in GetScriptWrapper.
This fixes a direct usage of a weak global handle in GetScriptWrapper
that just casted it to a strong local handle, while a subsequent GC
might clear it. Handlepocalypse anyone?

R=machenbach@chromium.org
BUG=v8:2988
TEST=mjsunit/regress/regress-2988

Review URL: https://codereview.chromium.org/67273004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17622 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-11 16:27:36 +00:00
mstarzinger@chromium.org
c6841f1180 Tame mjsunit/fast-literal after fixing allocations.
Not that allocations go through Heap::AllocateRaw and actually respect
the allocation timeout, the runtime of this test spiked. This adjusts
the limit to sane values now that the values are actually respected.

R=mvstanton@chromium.org
TEST=mjsunit/fast-literal

Review URL: https://codereview.chromium.org/63603009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17615 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-11 10:22:46 +00:00
danno@chromium.org
6fdec542bb Reland 17588: Add signed/unsigned 8-bit and 16-bit Representations to Crankshaft
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/66193004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17606 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 17:35:58 +00:00
machenbach@chromium.org
20e99185cb [Sheriff] Mark flaky webkit tests.
BUG=v8:2989
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/66163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17604 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 17:14:54 +00:00
ulan@chromium.org
bc4ad49b25 Do not add values to HGraph in Lithium.
Lithium uses indexes after the maximium value ID in the HGraph as indexes
of virtual registers and assumes that the maximum value ID does not change.

The IsStandardConstant and GetConstantXX functions could add constants to
HGraph, which aliased virtual registers with real values. This could confuse
the register allocator to think that a value in a virtual register is tagged
and to incorrectly set it in the pointer map.

BUG=298269
TEST=mjsunit/regress/regress-298269.js
R=verwaest@chromium.org

Review URL: https://chromiumcodereview.appspot.com/66693002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17599 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 14:16:34 +00:00
verwaest@chromium.org
af66a0b300 Revert "Add signed/unsigned 8-bit and 16-bit Representations to Crankshaft"
Revert "Fix ARM build"
Revert "Fix ARM build (again)"

TBR=danno@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/66553004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 13:54:34 +00:00
yangguo@chromium.org
9f104a1a3e Revert "Implement Math.sin, cos and tan using table lookup and spline interpolation."
This reverts commit r17594.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/59153007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 13:44:27 +00:00
yangguo@chromium.org
063b7c4ebb Implement Math.sin, cos and tan using table lookup and spline interpolation.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/50563003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 13:10:39 +00:00
danno@chromium.org
412af94bbb Fix ARM build (again)
R=yangguo@chromium.org
TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/66673002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17592 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 12:41:02 +00:00
danno@chromium.org
7fbd65a7f7 Fix ARM build
TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/62203010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17590 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 12:23:48 +00:00
danno@chromium.org
1222255b9c Add signed/unsigned 8-bit and 16-bit Representations to Crankshaft
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/61623004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17588 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 11:50:23 +00:00
yangguo@chromium.org
94eb5904a6 Fix error message wording when instanceof throws.
R=bmeurer@chromium.org
BUG=82797, v8:1593

Review URL: https://codereview.chromium.org/66463002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17587 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 11:45:56 +00:00
svenpanne@chromium.org
e0388823c5 Fixed build.
TBR=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/66523002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17586 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 11:20:18 +00:00
yangguo@chromium.org
fc1dadce9b Use register allocator for context on x64.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/50863002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 10:58:51 +00:00
svenpanne@chromium.org
ba24c3a79f Removed dead function V8::FillHeapNumberWithRandom.
Removed a useless test case along the way.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/65143007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 10:55:01 +00:00
mstarzinger@chromium.org
59536de77d Make HCapturedObjects non-deletable for DCE.
R=jkummerow@chromium.org
BUG=v8:2987
TEST=mjsunit/regress/regress-2987

Review URL: https://codereview.chromium.org/64433002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17569 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-07 16:07:19 +00:00
rafaelw@chromium.org
ef0c647c49 Handlify Runtime::SetObjectProperty
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/62333002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17560 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-07 12:35:57 +00:00
verwaest@chromium.org
dccc06e132 Disable stress-gc for memento-related test.
R=mvstanton@chromium.org

Review URL: https://chromiumcodereview.appspot.com/64003004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17559 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-07 12:20:45 +00:00
haitao.feng@intel.com
e7ef18110d Refine CountOperation of FullCodeGen
R=danno@chromium.org

Review URL: https://codereview.chromium.org/42973002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17547 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-07 09:34:52 +00:00
yangguo@chromium.org
eb550c6da4 Fix y-umlaut to uppercase.
R=dcarney@chromium.org
BUG=v8:2984

Review URL: https://codereview.chromium.org/59853006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-07 09:08:34 +00:00
haitao.feng@intel.com
6e0ccacc7a Refactor loading a pointer and loading an integer64 into a register instructions for X64
R=danno@chromium.org

Review URL: https://codereview.chromium.org/39543003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-07 08:14:27 +00:00
verwaest@chromium.org
c809433941 Revert "Landing https://codereview.chromium.org/40133004 for mnita@google.com." due to test failures.
R=ulan@chromium.org

Review URL: https://chromiumcodereview.appspot.com/62563002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17533 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-06 18:19:26 +00:00
cira@chromium.org
ef05eef033 Landing https://codereview.chromium.org/40133004 for mnita@google.com.
Implements ES6 String.prototype.normalize method.

BUG=v8:2943
TEST=Unit tests for "real life" use cases, edge cases, various types of normalization.
TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/60013010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17532 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-06 17:27:31 +00:00
mvstanton@chromium.org
1d835561ac Change test expectations for webkit/fast/js/object-slow-put and friends.
R=verwaest@chromium.org
TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/62213002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17530 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-06 16:38:40 +00:00
mvstanton@chromium.org
cec8548d0e Correct handling of arrays with callbacks in the prototype chain.
Our generic KeyedStoreIC doesn't handle the case when a callback is
set on array elements in the prototype chain of the object, nor do
we recognize that we need to avoid the monomorphic case if these
callbacks exist.

This CL addresses the issue by looking for dictionary elements in
the prototype chain on IC misses and crankshaft element store
instructions. When found, the generic IC is used. The generic IC is
changed to go to the runtime in this case too.

In general, keyed loads are immune from this problem because they
won't return the hole: discovery of the hole goes to the runtime where
the callback will be found in the prototype chain. Double array loads
in crankshaft can return the hole but only if the prototype chain is
unaltered (we will catch such alterations).

Includes the following patch as well (already reviewed by bmeurer):
Performance regression found in test regress-2185-2.js. The problem was
that the bailout method for TransitionAndStoreStub was not performing
the appropriate transition.

(Review URL for the ElementsTransitionAndStoreIC_Miss change:
https://codereview.chromium.org/26911007)

R=danno@chromium.org

Review URL: https://codereview.chromium.org/35413006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-06 15:45:43 +00:00
bmeurer@chromium.org
980739a29c Improve implementation of HSeqStringSetChar.
This improves the generated code for HSeqStringSetChar across
all platforms, taking advantage of constant operands whenever
possible. It also drops the unused DefineSameAsFirst constraint
for the register allocator on x64 and ia32, where it caused
unnecessary spills when the string operand was live across the
HSeqStringSetChar instruction.

A new GVN flag StringChars is introduced to express dependencies
between HSeqStringSetChar, HStringCharCodeAt and the upcoming
HSeqStringGetChar (the GVNFlags type is now 64bit in size).

Also improves the test case.

TEST=mjsunit/string-natives
R=mstarzinger@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/57383004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-06 13:09:22 +00:00
rafaelw@chromium.org
13f722cae4 [Object.observe] rename intrinsic change record types for consitency.
Note the spec now reflects the updated naming:

http://wiki.ecmascript.org/doku.php?id=harmony:observe_spec_changes

R=rossberg@chromium.org, rossberg
BUG=v8:2940

Review URL: https://codereview.chromium.org/46043020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17520 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-06 12:14:24 +00:00
machenbach@chromium.org
4539c6ba5f [Sheriff] Mark flaky test on windows.
It was marked as flaky on linux nosnap, arm and nacl before. Now it's marked universally flaky since windows joined the list.

BUG=v8:2921
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/54713002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17506 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 19:29:58 +00:00
yangguo@chromium.org
371265eec4 Revert "Handlify concat string and substring."
This reverts r17490.

R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/59973004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17497 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 15:36:15 +00:00
yangguo@chromium.org
23d085c691 Handlify concat string and substring.
R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/50073005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17490 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 14:07:07 +00:00
bmeurer@chromium.org
b8660f2091 Revert "Record allocation stack traces".
This reverts commit r17365 for memory corruption. The issues
are most probably related to storing a filler map without
checking the bump pointer first, and traversing the stack
when called from within a stub (or builtin), while the code
assumes that it's called from a JS function.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/59583003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17488 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 13:46:11 +00:00
loislo@chromium.org
a4b4cfdc58 HeapProfiler: provide human readable names for code objects.
It is very hard to understand the structure of the heap even for about:blank page
because code objects in the heap have no names. This patch propagates the names
for Code::STUB and Code::BUILTIN code objects.
Also it assign function names from SharedFunctionInfo to the code objects.

BUG=
R=alph@chromium.org, svenpanne@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/52643002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17486 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 13:23:03 +00:00
yangguo@chromium.org
a5ed9a71c8 Correctly load message from an Error object.
R=mstarzinger@chromium.org
BUG=306220

Review URL: https://codereview.chromium.org/46593010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17484 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 13:04:51 +00:00
rafaelw@chromium.org
e78081ca1c Make Object.freeze/seal/preventExtensions observable
Note: spec has been updated here: http://wiki.ecmascript.org/doku.php?id=harmony:observe_spec_changes.

R=rossberg@chromium.org, rossberg
BUG=v8:2975,v8:2941

Review URL: https://codereview.chromium.org/47703003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17481 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 12:25:32 +00:00
svenpanne@chromium.org
74ad230a8e Introduce orps for IA32/X64
BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/53573004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17479 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 12:04:46 +00:00
rafaelw@chromium.org
ada13dfc3f Remove calls to JSObject::SetLocalPropertyIgnoreAttributesTrampoline within objects.cc
This includes handlifing:
-SetHiddenPropertiesHashTable
-ObjectHashSet::Add/Remove
-ObjectHashTable::Put

And splitting the following methods which previously took "allow creation" enum arguments to into side-effect-free getters and GetOrCreate*-handlfied getters.

-GetHash (now GetHash & handlified GetOrCreateHash)
-GetIdentityHash (now GetIdentityHash & handlified GetOrCreateIdentityHash)
-GetHiddenPropertiesHashTable (now GetHiddenPropertiesHashTable & handlified GetOrCreateaHiddenPropertiesHashTable)

BUG=v8:2877
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/48913008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 11:47:11 +00:00
rafaelw@chromium.org
4a8319c7c6 [Object.observe] Implement implicit notification from performChange
R=arv@chromium.org, rossberg@chromium.org, rossberg
BUG=v8:2942

Review URL: https://codereview.chromium.org/36313002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17476 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 11:23:08 +00:00
mvstanton@chromium.org
ee6e52f292 Remove CreateArrayLiteralShallow, as it's fundamentally the same now as
CreateArrayLiteral.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/54333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17470 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 09:54:59 +00:00
jkummerow@chromium.org
2ebfd6e90e Add missing negative dictionary lookup to NonexistentHandlerFrontend
BUG=v8:2980
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/57433003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17459 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-04 14:14:09 +00:00
machenbach@chromium.org
3e6044d3f3 [Sheriff] Mark failing test for nacl port.
BUG=v8:2978
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/50333005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17445 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-31 11:51:59 +00:00
machenbach@chromium.org
230b47a63b [Sheriff] Mark flaky test.
BUG=v8:2921
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/54423002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17444 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-31 11:48:31 +00:00
jkummerow@chromium.org
316271fc35 Fix uint32-to-smi conversion in Lithium
BUG=chromium:309623
R=vegorov@google.com, yangguo@chromium.org

Review URL: https://codereview.chromium.org/54393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17441 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-31 10:18:51 +00:00
yangguo@chromium.org
3f1a833524 Do not remove HAdd with zero if the other operand is a double.
The other operand might be minus zero, and -0 + 0 = +0

R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/52173003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17432 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-30 10:22:52 +00:00
jkummerow@chromium.org
9e88c23cbf ia32: Fix comparisons of two constant double operands when exactly one of them is in new space.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/46883008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17428 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-29 14:34:07 +00:00
svenpanne@chromium.org
19a2e803bb Introduce andps for IA32/X64
replace andpd and pand in Math.abs

BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/44153002

Patch from Weiliang Lin <weiliang.lin@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17413 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-28 10:38:40 +00:00
bmeurer@chromium.org
38e198109f Remove unused function MoveBytes().
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/24584004

Patch from Bangfu Tao <bangfu.tao@samsung.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17411 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-28 09:59:15 +00:00
svenpanne@chromium.org
acb06df0e9 Tune mjsunit/compiler/expression-trees.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/43703002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17404 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-28 07:24:19 +00:00
svenpanne@chromium.org
ee87c867e9 Tune mjsunit/array-functions-prototype-misc
Again, this brings testing times down quite a bit without losing test
coverage.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/44143003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17403 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-28 07:23:27 +00:00
mstarzinger@chromium.org
e7226e3f8a Simplify test-mark-compact/NoPromotion test.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/42543008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17398 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-25 13:10:25 +00:00
mvstanton@chromium.org
a85c825bb9 The Elements pointer in a JSObject can have a filler map instead of a
valid fixed array, iff a gc occurred while allocating a fixed array as
part of array construction. Heap verification needs protection against
examining the elements object in this case.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/43383004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-25 12:26:47 +00:00
yangguo@chromium.org
7dd2d6c590 Reland "Make Array.prototype.pop throw if the last element is not configurable."
This relands r17346.

R=machenbach@chromium.org
BUG=311164

Review URL: https://codereview.chromium.org/43923002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17394 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-25 11:55:56 +00:00
svenpanne@chromium.org
2e2579da1b Tune mjsunit/regexp-global.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/42993004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17387 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-25 08:57:50 +00:00
svenpanne@chromium.org
5074ecf13b Tune cctest/test-parsing/ParserSync.
This test suffers heavily from combinatorial explosion. To redemedy
this situation a bit, two independent parsing flags are tested
separately, reducing the runtime by a factor of 4. Furthermore, the
code has been cleaned up a bit.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/40113002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17385 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-25 07:24:08 +00:00
mstarzinger@chromium.org
f3aa0b315a Make the message test suite run without slow asserts.
R=danno@chromium.org

Review URL: https://codereview.chromium.org/39303004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17381 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 17:27:58 +00:00
svenpanne@chromium.org
c2596a257c Temporarily disable mjsunit/regress/regress-2612 to make our tree green again.
TBR=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/40203002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17379 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 13:30:40 +00:00
svenpanne@chromium.org
7fb61a78d4 Tune mjsunit/regress/regress-2612.
Lower the bounds to something bearable which would still timeout if we
used a quadratic algorithm.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/39863003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17377 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 13:07:16 +00:00
bmeurer@chromium.org
56a46e591b Add performance.now() to the d8 shell.
TEST=mjsunit/d8-performance-now
R=hpayer@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=17366

Committed: https://code.google.com/p/v8/source/detail?r=17368

Review URL: https://codereview.chromium.org/32433010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 12:25:40 +00:00
bmeurer@chromium.org
bef9819190 Revert "Fix shared library build after r17368." and "Add performance.now() to the d8 shell.".
This reverts commit r17372 and r17368 for breaking the shared
library build.

TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/40043002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17374 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 12:16:00 +00:00
bmeurer@chromium.org
0a90cab56a Add performance.now() to the d8 shell.
TEST=mjsunit/d8-performance-now
R=hpayer@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=17366

Review URL: https://codereview.chromium.org/32433010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17368 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 10:48:18 +00:00
bmeurer@chromium.org
67b4eb9ac1 Revert "Add window.performance.now() to the d8 shell."
This reverts commit r17366 for breaking the mozilla tests.

TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/38753006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 10:42:02 +00:00
bmeurer@chromium.org
d07231021e Add window.performance.now() to the d8 shell.
TEST=mjsunit/d8-performance-now
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/32433010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17366 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 09:27:17 +00:00
yurys@chromium.org
a083601e73 Record allocation stack traces
This is initial implementation of allocation profiler.

Whenever new object allocation is reported to the HeapProfiler and allocation tracking is on we will capture current stack trace, add it to the collection of the allocation traces (a tree) and attribute the allocated size to the top JS function on the stack.

Format of serialized heap snapshot is extended to include information about recorded allocation stack traces.

This patch is r17301 plus a fix for the test crash in debug mode. The test crashed because we were traversing stack trace when just allocated object wasn't completely configured, in particular the map pointer was incorrect. Invalid Map pointer broke heap iteration required to find Code object for a given pc during stack traversal. The solution is to insert free space filler in the newly allocated block just before collecting stack trace.

BUG=chromium:277984,v8:2949
R=hpayer@chromium.org, loislo@chromium.org

Review URL: https://codereview.chromium.org/34733004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17365 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 09:26:55 +00:00
svenpanne@chromium.org
f2122438e0 Removed long-running obselete test case.
The test was the 2nd longest-running test case in debug mode, and the
stuff it tests has already been moved long ago to some other place,
which is in turn heavily tested by far simpler and faster things
(%TruncateString etc.).

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/39233003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17361 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 08:09:32 +00:00
yangguo@chromium.org
0f564cb1b0 Revert "Make Array.prototype.pop throw if the last element is not configurable."
This reverts commit r17346.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/39593002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17360 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 07:48:23 +00:00
haitao.feng@intel.com
29bb076770 Introduce xchgl, orl, roll, subl, testl and xorl into X64 assembler
R=danno@chromium.org

Review URL: https://codereview.chromium.org/26780004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17352 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 02:12:51 +00:00
yangguo@chromium.org
e25920da19 Make Array.prototype.pop throw if the last element is not configurable.
Popping an element from an array should call [[Delete]] internal method
and pass true as the second argument (ECMA-262/5.1/#sec-15.4.4.6).
When the last element can't be deleted, throw a Type Error.
Not throwing the error would result in endless loop in the following test.

TEST=var a=[];Object.defineProperty(a,0,{});while(a.length)a.pop();

By the way fix another bug, or else i can't post any issues.
"presubmit.py" throw a "missing a correct copyright header" on windows.
Both the slash and the backslash are valid path separator on windows.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/29513004

Patch from Yanagi <admin@web-tinker.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17346 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 16:19:24 +00:00
jkummerow@chromium.org
8259439ae8 Fix HObjectAccess for loads from migrating prototypes
BUG=chromium:305309
R=danno@chromium.org

Review URL: https://codereview.chromium.org/35173005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17345 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 15:15:15 +00:00
danno@chromium.org
bdeaf7514a Enable preaging of code objects when --optimize-for-size.
This change means that code which is never executed is garbage collected immediately, and code which is only executed once is collected more quickly (limiting heap growth), however, code which is re-executed is  reset to the young age, thus being kept around for the same number of GC generations as currently.

BUG=280984
R=danno@chromium.org, hpayer@chromium.org

Review URL: https://codereview.chromium.org/23480031

Patch from Ross McIlroy <rmcilroy@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17343 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 13:48:04 +00:00
yurys@chromium.org
8385804c55 Expose v8::Function::GetDisplayName to public API.
BUG=chromium:17356
R=mstarzinger@chromium.org, yurys@chromium.org, yangguo@chromium.org, yurys

Committed: https://code.google.com/p/v8/source/detail?r=17324

Review URL: https://codereview.chromium.org/26709011

Patch from Andrey Adaikin <aandrey@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17340 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 12:38:06 +00:00
yurys@chromium.org
d37c1cfc2f Revert "Disable allocation folding when allocations tracking is on"
This reverts r17337. The new test fails on V8 linux - shared: http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20shared/builds/4726/steps/Check/logs/stdio

TBR=mvstanton@chromium.org
BUG=None

Review URL: https://codereview.chromium.org/37073003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 12:30:38 +00:00
yurys@chromium.org
66bfe59307 Disable allocation folding when allocations tracking is on
BUG=chromium:277984
R=hpayer@chromium.org, loislo@chromium.org, mvstanton@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/32583002

Patch from Alexandra Mikhaylova <amikhaylova@google.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17337 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 12:19:12 +00:00
hpayer@chromium.org
fbaf016b6d Add a soft-deopt in keyed element access when current IC is pre-monomorphic and no type feedback was collected.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/32643004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 10:41:21 +00:00
dslomov@chromium.org
42f85b538e Crankshaft builtins.
Enable optimizing compiler for V8 built-ins. Also fixes an issue uncovered in
x64 codegen.

R=danno@chromium.org, mstarzinger@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/34503003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17334 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 08:57:54 +00:00
yurys@chromium.org
87b37f81c1 Revert "Expose v8::Function::GetDisplayName to public API."
This reverts commit 54c7b9af65dd349405944bd9ae2f064202dc6e1d.

The new test fails in debug mode.

BUG=chromium:17356
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/30443006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17325 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 15:46:15 +00:00
yurys@chromium.org
5177d5b5cd Expose v8::Function::GetDisplayName to public API.
BUG=chromium:17356
R=mstarzinger@chromium.org, yurys@chromium.org, yangguo@chromium.org, yurys

Review URL: https://codereview.chromium.org/26709011

Patch from Andrey Adaikin <aandrey@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17324 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 14:57:19 +00:00
yurys@chromium.org
c71eccf95f Expose v8::Function::IsBuiltin to public API.
This will be used by DevTools so that we could generate a better preview in console. Namely, we could assume that a preview of an object is lossless if all its member functions are builtin.

We also may want to expose this to DevTools users via remote debugging protocol in Debugger.FunctionDetails struct.

BUG=chromium:261470
R=mstarzinger@chromium.org, yurys@chromium.org, dcarney@chromium.org, yurys

Review URL: https://codereview.chromium.org/27701002

Patch from Andrey Adaikin <aandrey@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 14:50:20 +00:00
mstarzinger@chromium.org
be3ed75ff3 Fix materialization of captured objects with field tracking.
R=titzer@chromium.org
BUG=chromium:298990
TEST=mjsunit/compiler/escape-analysis-representation

Review URL: https://codereview.chromium.org/35133003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 13:48:54 +00:00
svenpanne@chromium.org
d65cc1e21b Temporarily deactive regress-2185-2 until our array handling is in good shape again.
BUG=v8:2950
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/30443005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17320 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 13:02:04 +00:00
svenpanne@chromium.org
dd74f5aa08 Removed obsolete unit tests.
As discussed offline, these tests don't test what they were supposed to
test anymore and were the longest running ones.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/32433009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17317 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 11:26:07 +00:00
svenpanne@chromium.org
7ea4b9204c Do not run useless test variants for test-parsing/ParserSync.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/34733002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17314 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 09:13:33 +00:00
bmeurer@chromium.org
9c26c6a3f2 [Sheriff] Revert "Record allocation stack traces" and "Temporarily disable test-heap-profiler/TrackHeapAllocations".
This reverts commit r17301 and r17303 for breaking the nosnap builds.

TBR=yurys@chromium.org

Review URL: https://codereview.chromium.org/34523002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 06:56:19 +00:00
yurys@chromium.org
6b840f563e Temporarily disable test-heap-profiler/TrackHeapAllocations
The test started failing on  V8 Linux - nosnap - debug after r17301 which added stack traversal to the allocation tracker. I'm disabling it for now until the problem is fixed.

BUG=v8:2949
TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/30633005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17303 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 16:21:16 +00:00
yurys@chromium.org
66bb9d1563 Record allocation stack traces
This is initial implementation of allocation profiler.

Whenever new object allocation is reported to the HeapProfiler and allocation tracking is on we will capture current stack trace, add it to the collection of the allocation traces (a tree) and attribute the allocated size to the top JS function on the stack.

Format of serialized heap snapshot is extended to include information about recorded allocation stack traces.

BUG=chromium:277984
R=hpayer@chromium.org, loislo@chromium.org

Review URL: https://codereview.chromium.org/27227005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17301 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 15:22:11 +00:00
titzer@chromium.org
a255312491 Handle misaligned loads and stores in load elimination. Do not track misaligned loads and be conservative about invalidating misaligned stores. Add more tests for number conversion to string (NumberToStringStub exhibits misaligned loads)
BUG=v8:2934
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/28383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17294 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 13:33:03 +00:00
yangguo@chromium.org
2d6dab1f2e Harmony: implement Math.trunc.
BUG=v8:2938
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/28793002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17286 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 11:15:11 +00:00
yangguo@chromium.org
575438518c Harmony: implement Math.sign.
R=dslomov@chromium.org
BUG=v8:2938

Review URL: https://codereview.chromium.org/28723002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17279 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 09:16:31 +00:00
titzer@chromium.org
4d0f2cdd3b Implement global load elimination based on flow engine.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/27148004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17273 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-18 14:28:24 +00:00
loislo@chromium.org
b50be9ff12 HeapProfiler: integrate FindUntrackedObjects into js code.
In some cases we would like to check untracked objects right from the js code.
Otherwise the objects might be collected rigth before check.

BUG=none
R=hpayer@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/27717003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17270 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-18 11:25:43 +00:00
jkummerow@chromium.org
4e96d4dee6 Tweak Math.log on ia32/x64
ia32 and x64 more consistent now
1. use non-transcendental cache version of log for x64
2. use negative infinity constant instead of pushing to stack and loading to XMM register
3. remove movdbl, use movsd directly. movdbl seems confusing

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/27197013

Patch from Weiliang Lin <weiliang.lin2@gmail.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17268 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-18 10:54:45 +00:00
rafaelw@chromium.org
ce2c9b1db1 Prevent changes to hidden properties from being observable via Object.observe
This addresses the leak that mstarzinger points out (https://codereview.chromium.org/26390003/) and includes the test.

Note that this adds a test that observing changes to the empty-string property remains possible.

BUG=
R=mstarzinger@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/26592012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17257 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-17 20:49:45 +00:00
svenpanne@chromium.org
882778bf09 Make it possible to run a test only in the standard variant.
Use this for mjsunit/unicode-case-overoptimization, which is not
related to Crankshaft at all and takes ages.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/27704002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17255 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-17 13:09:28 +00:00
mstarzinger@chromium.org
0a2b4ecdcc Add regression test for optimized count operation.
This is a regression test for a bug with handling of count operations
that target a JavaScript accessor on the prototype chain in Crankshaft.

R=jkummerow@chromium.org
BUG=chromium:306851
TEST=mjsunit/regress/regress-crbug-306851

Review URL: https://codereview.chromium.org/27702002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17254 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-17 12:48:28 +00:00