jkummerow@chromium.org
cbeef7147f
MSan workaround in Simulator::VisitBitfield.
...
This change shuffles the code in Simulator::VisitBitfield a bit
to work around a MemorySanitizer bug. New code should not be any
slower or less readable than before.
More info:
https://code.google.com/p/memory-sanitizer/issues/detail?id=50
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/212863002
Patch from Evgeniy Stepanov <eugenis@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20401 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:51:15 +00:00
jkummerow@chromium.org
725ce114aa
MSan does not understand inline asm. This change preinitializes cpuid
...
results, and disables the use of stos.
Random mmap() addresses conflict with sanitizer memory layout.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/212723003
Patch from Evgeniy Stepanov <eugenis@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20400 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:48:35 +00:00
jkummerow@chromium.org
4fe93b2d22
[msan] Do not unpoison heap if running on simulator.
...
With the simulator, MSan detects all memory accesses from JIT code
without the need for annotations.
We'd like to keep the annotation in the native (w/o simulator) mode
until we can move all MSan+V8 users to simulator mode.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/212833002
Patch from Evgeniy Stepanov <eugenis@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20399 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:45:00 +00:00
jkummerow@chromium.org
1d19dc9e45
Add msan.h to v8.gyp.
...
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/212483004
Patch from Evgeniy Stepanov <eugenis@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20398 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:40:58 +00:00
yangguo@chromium.org
997ce1cac7
Remove remnants of internalized cons strings.
...
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/216603005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:34:08 +00:00
svenpanne@chromium.org
e853c8a996
Fixed build (unused vars in release mode).
...
TBR=bmeuerer@chromium.org
Review URL: https://codereview.chromium.org/218623017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:59:24 +00:00
svenpanne@chromium.org
497487beec
Consistently use a separate Lithium instruction for flooring division.
...
Previously we tried to share some code on by a slightly confusing re-use
of LDivI for a (general) flooring division. Now we cleanly separate
concerns, just like for the rest of the division-like operations. Note
that ARM64 already did it this way.
If we really want to save some code, we can introduce some macro
assembler instructions and/or helper functions in the code generator in
a future CL, but we should really try to avoid being "clever" to save
just a few lines of trivial code. Effort != complexity. :-)
Renamed some related Lithium operands on the way for more consistency.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/212703002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20395 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:42:42 +00:00
yangguo@chromium.org
10abff3498
Remove internalized cons string types.
...
Currently, internalizing a cons string could result in either an
in-place converted internalized cons string or a newly created
internalized sequential string, depending on allocation success.
The former could end up being embedded into an IC, which is not
supported.
R=mstarzinger@chromium.org
BUG=357103
LOG=N
Review URL: https://codereview.chromium.org/218993011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20394 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:30:31 +00:00
yurys@chromium.org
681c15eb4e
Remove debugger_auto_break flag
...
The flag was introduced to support console debugger in Chrome. That debugger was replaced by DevTools long time ago and the flag is always true now.
BUG=None
LOG=Y
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/220743003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20393 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:23:23 +00:00
dcarney@chromium.org
8f0d170c37
always lookup api holder from receiver
...
R=verwaest@chromium.org
BUG=
Review URL: https://codereview.chromium.org/219723002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20392 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:21:20 +00:00
bmeurer@chromium.org
660bfe1795
Cleanup property module.
...
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/218683008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20391 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:16:13 +00:00
bmeurer@chromium.org
7c38cdb2bc
Make it possible to use HeapType inside objects-inl.h.
...
R=rossberg@chromium.org
Review URL: https://codereview.chromium.org/220193007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20390 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:07:09 +00:00
verwaest@chromium.org
3cbb49f23f
Replace uses of set_map by MigrateToMap.
...
BUG=
R=ishell@chromium.org
Review URL: https://codereview.chromium.org/218783003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20389 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:04:37 +00:00
jochen@chromium.org
f30452ba40
Store i18n meta data in hidden symbols instead of js accessible properties
...
There were some tests that are supposed to protect against js messing
with the meta data, however, they just didn't try hard enough.
BUG=354967
R=dcarney@chromium.org
LOG=y
Committed: https://code.google.com/p/v8/source/detail?r=20375
Review URL: https://codereview.chromium.org/215293005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20388 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:56:16 +00:00
rmcilroy@chromium.org
69f8179c23
Only allow automatic FrameScope types for FrameAndConstantPoolScope
...
In certain situations the PP register would be invalid in a FrameScope::Manual FrameAndConstantPoolScope
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/214623002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20387 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:49:44 +00:00
svenpanne@chromium.org
ad3db5d346
Fixed assertions on ARM64.
...
TBR=ulan@chromium.org
Review URL: https://codereview.chromium.org/220763003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20386 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:39:09 +00:00
verwaest@chromium.org
a99050d40e
Set kTruncatingToSmi for HChange only when To rep is Smi
...
BUG=
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/218613002
Patch from Weiliang Lin <weiliang.lin@intel.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20385 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:32:25 +00:00
svenpanne@chromium.org
4da732e321
Fixed power-of-2 predicates, excluding 0.
...
R=dslomov@chromium.org
Review URL: https://codereview.chromium.org/219213003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20383 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 09:20:28 +00:00
yangguo@chromium.org
4a5bccfc61
Tighten object verification.
...
Often, when we call MaybeObject::Verify, what we want is Object::ObjectVerify.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/218993005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20382 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 08:57:48 +00:00
machenbach@chromium.org
8806f2d815
Revert r20375.
...
Store i18n meta data in hidden symbols instead of js accessible properties
BUG=354967
LOG=N
TBR=jochen@chromium.org
Review URL: https://codereview.chromium.org/220673002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20377 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 08:05:45 +00:00
svenpanne@chromium.org
51c209c609
Only assign environments when they are actually needed. (ARM and ARM64 only)
...
Twin of https://codereview.chromium.org/210783003/ and https://codereview.chromium.org/211153003/ .
Cleaned up DoChange a bit on the way, making things more uniform across platforms, removed useless comments etc.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/214613004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20376 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 07:21:31 +00:00
jochen@chromium.org
0d04cba759
Store i18n meta data in hidden symbols instead of js accessible properties
...
There were some tests that are supposed to protect against js messing
with the meta data, however, they just didn't try hard enough.
BUG=354967
R=dcarney@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/215293005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 07:21:05 +00:00
palfia@homejinni.com
a403144159
MIPS: Fix PrepareKeyedOperand on MIPS.
...
Port r20363 (235f866c)
Original commit message:
When additional_offset is specified, the 'key' operand can be negative
and still pass the bounds check. Therefore, when converting key from
Smi, arithmetic and not logical shift must be used.
BUG=
R=plind44@gmail.com
Review URL: https://codereview.chromium.org/219923005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20370 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 22:50:53 +00:00
palfia@homejinni.com
9a4eaa72dc
MIPS: Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account."
...
Port r20358 (5e9b653d)
BUG=
R=plind44@gmail.com
Review URL: https://codereview.chromium.org/219163010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20369 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 22:48:54 +00:00
jarin@chromium.org
5607582f3b
We should perform the illegal redeclaration check earlier so that we do not confuse the AST typer with missing type feedback nodes.
...
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/218493007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20368 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 16:45:46 +00:00
verwaest@chromium.org
38e82b8712
Use JSObject::SetMapAndElements rather than set_map + set_elements.
...
BUG=
R=ishell@chromium.org
Review URL: https://codereview.chromium.org/218583008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 16:21:20 +00:00
rossberg@chromium.org
282a7ca14e
Fix Type::Intersect to skip uninhabited bitsets
...
R=verwaest@chromium.org , bmeurer@chromium.org
BUG=chromium:357330
LOG=Y
Review URL: https://codereview.chromium.org/219333003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20366 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:53:21 +00:00
machenbach@chromium.org
6a5004b6a9
Update list of V8 try bots.
...
R=jarin@chromium.org
TBR=jarin@chromium.org
BUG=353487
LOG=n
Review URL: https://codereview.chromium.org/219493002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20365 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:47:18 +00:00
verwaest@chromium.org
47e660a2e1
Replace set_map_and_elements by MigrateToMap-based SetMapAndElements
...
BUG=
R=ishell@chromium.org
Review URL: https://codereview.chromium.org/218753005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20364 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:30:13 +00:00
dslomov@chromium.org
b3148d921e
Fix PrepareKeyedOperand on arm.
...
When additional_offset is specified, the 'key' operand can be negative
and still pass the bounds check. Therefore, when converting key from
Smi, arithmetic and not logical shift must be used.
R=verwaest@chromium.org
BUG=358057
LOG=Y
Review URL: https://codereview.chromium.org/219473002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:14:28 +00:00
jarin@chromium.org
d02e1f2c25
Fix left trimming check for large objects
...
BUG=358090
TEST=test/mjsunit/regress/regress-358090.js
LOG=N
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/213833008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:01:46 +00:00
hpayer@chromium.org
702ba5a0e9
Make sure when we shrink an object that we store a filler first into the free memory before updating the map or size.
...
BUG=
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/219103002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20361 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:29:01 +00:00
verwaest@chromium.org
019e27d8db
Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account.""
...
BUG=
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/218663005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:21:04 +00:00
yangguo@chromium.org
c0fa861726
Do not check for interrupt when allocating stack locals.
...
R=dcarney@chromium.org
BUG=357137
LOG=N
Review URL: https://codereview.chromium.org/219373004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20357 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:14:54 +00:00
alexandre.rames@arm.com
989683d479
ARM64: Optimize AllocateHeapNumber to use STP.
...
R=jochen@chromium.org
Review URL: https://codereview.chromium.org/216933003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20356 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:06:42 +00:00
rossberg@chromium.org
d486f52cf4
Finalisation disclaimer
...
R=svenpanne@chromium.org
BUG=
Review URL: https://codereview.chromium.org/219403002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20355 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 13:35:12 +00:00
jochen@chromium.org
163044e7ba
Revert 20348 - "Fix LoadFieldByIndex to take mutable heap-numbers into account."
...
Reason for revert: crashes benchmarks/sunspider/string-fasta on ia32.debug
This also reverts r20350 and r20352
> Fix LoadFieldByIndex to take mutable heap-numbers into account.
>
> BUG=
> R=ishell@chromium.org
>
> Review URL: https://codereview.chromium.org/213213002
BUG=none
LOG=n
TBR=verwaest@chromium.org
Revert "Use sarq on x64"
This reverts commit e2a8ef9321345c6bc091054443bf2b9535ff6b1c.
Revert "Don't | int and bool"
This reverts commit c90d713d3a8ceba4fec41933a63beb6e50a3d7c0.
Review URL: https://codereview.chromium.org/219393002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 13:23:32 +00:00
jochen@chromium.org
b7039334ae
Revert 20313 - "Ship promises and weak collections"
...
> R=mstarzinger@chromium.org
> BUG=
>
> Committed: https://code.google.com/p/v8/source/detail?r=20211
>
> Review URL: https://codereview.chromium.org/206163004
R=rossberg@chromium.org
TBR=rossberg@chromium.org
LOG=y
BUG=n
Review URL: https://codereview.chromium.org/219303002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20353 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:40:32 +00:00
verwaest@chromium.org
b8fab1cf19
Don't | int and bool
...
BUG=
R=ishell@chromium.org
Review URL: https://codereview.chromium.org/219293002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20352 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:24:51 +00:00
jochen@chromium.org
617531da8f
Skip cctest/test-mark-compact/NoPromotion on ARM64
...
BUG=v8:3247
TBR=machenbach@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/217423006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20351 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:09:59 +00:00
verwaest@chromium.org
d0a65ff717
Use sarq on x64
...
BUG=
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/219043003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:07:41 +00:00
bmeurer@chromium.org
f1f6c3c9d4
Cleanup bootstrapper, execution and factory modules.
...
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/219233002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20349 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:01:02 +00:00
verwaest@chromium.org
55a6318560
Fix LoadFieldByIndex to take mutable heap-numbers into account.
...
BUG=
R=ishell@chromium.org
Review URL: https://codereview.chromium.org/213213002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:59:29 +00:00
jarin@chromium.org
d65fe51ca0
Add missing lazy deopt point for the TransitionElementsKind instruction.
...
R=mvstanton@chromium.org , yangguo@chromium.org
BUG=357105
TEST=test/mjsunit/regress/regress-357105.js
LOG=N
Review URL: https://codereview.chromium.org/216963002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:58:53 +00:00
bmeurer@chromium.org
7ed3b6e2cd
Cleanup string-stream module.
...
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/219173002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20344 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:13:39 +00:00
dcarney@chromium.org
8b304a6832
Implement PersistentValueVector, analogous to PersistentValueMap.
...
BUG=
R=dcarney@chromium.org
Review URL: https://codereview.chromium.org/216973002
Patch from Daniel Vogelheim <vogelheim@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20341 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 10:03:20 +00:00
jochen@chromium.org
a2f82479c4
Skip crashing harmony mjsunit tests on NaCL
...
BUG=none
TBR=machenbach@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/219043002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20340 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 07:54:22 +00:00
bmeurer@chromium.org
49961d11a6
Handlify DescriptorArray::Merge().
...
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/169363002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20339 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 07:48:13 +00:00
dslomov@chromium.org
bd353dc3a0
Inline internal getters for typed arrays & friends.
...
R=hpayer@chromium.org , yangguo@chromium.org
Committed: https://code.google.com/p/v8/source/detail?r=20330
Review URL: https://codereview.chromium.org/212603014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 15:25:24 +00:00
jochen@chromium.org
feeccf0d10
Revert r20335 - "Raise StackOverflow during bootstrapping"
...
Reason for revert: New test crashes on nosnap bots
> See https://github.com/joyent/node/issues/7120
>
> R=jarin@chromium.org
> BUG=
>
> Review URL: https://codereview.chromium.org/178073002
>
> Patch from Alexis Campailla <alexis@janeasystems.com>.
TBR=jarin@chromium.org
BUG=none
LOG=n
Review URL: https://codereview.chromium.org/217013002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20337 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 14:16:11 +00:00