Commit Graph

13661 Commits

Author SHA1 Message Date
mvstanton@chromium.org
eaacd968f1 Fix for v8:3255 Grow KeyedStoreIC doesn't respect String value wrappers
BUG=v8:3255
LOG=N
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/226053002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20527 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 07:52:24 +00:00
marja@chromium.org
5a803ca2fb compiler.cc: Remove a comment which is no longer true.
We don't do any automatic PreParsing in Compiler::Compile any more (it was
removed by r10066, > 2 years ago).

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/225993002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20526 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 07:40:18 +00:00
dslomov@chromium.org
163ad9ff43 Make TypedArray::New fucntions crash on wrong lengths.
R=jkummerow@chromium.org
BUG=359802
LOG=N

Review URL: https://codereview.chromium.org/225983005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-07 05:54:32 +00:00
adamk@chromium.org
8e9eebeba1 OrderedHashTable implementation with Set and Map interfaces
OrderedHashTable is an insertion-ordered HashTable based on
Jason Orendorff's writeup of a data structure attributed to Tyler Close:
https://wiki.mozilla.org/User:Jorend/Deterministic_hash_tables

It is intended as the new backing store for JSSet/JSMap, as ES6 requires
insertion-order-based iteration. Note, however, that in the interest of
keeping the initial check-in small this patch does not yet include any
iteration support.

This change also doesn't yet touch any existing behavior, but in
a branch I've verified that these structures pass the existing
JSSet/JSMap mjsunit tests.

BUG=v8:1793
LOG=N
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/220293002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 20:41:57 +00:00
mvstanton@chromium.org
9e5757abee Revert "Reland of https://codereview.chromium.org/172523002/"
This reverts commit r20516 due to a Sunspider performance issue.

R=ishell@chromium.org

Review URL: https://codereview.chromium.org/226233002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 16:18:59 +00:00
jkummerow@chromium.org
1c31f5d99a Revert "Compare external pixel data length against Smi::kMaxValue"
This reverts r20519. Reason: wrong fix.

TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/226063003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20520 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 16:05:29 +00:00
jkummerow@chromium.org
cd81065745 Compare external pixel data length against Smi::kMaxValue
BUG=chromium:359802
LOG=n
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/226133002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 15:25:37 +00:00
palfia@homejinni.com
5b1636f23e MIPS: Reland "Fixed environment assignment for LCheckNonSmi."
Port r20495 (705b65bc)

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/225023007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20518 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 15:17:37 +00:00
rodolph.perfetta@arm.com
036b74719d ARM64: fix simulator constructor
BUG=
R=ulan@chromium.org, bmeurer@chromium.org

Review URL: https://codereview.chromium.org/226023002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20517 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 15:02:39 +00:00
mvstanton@chromium.org
f9a8425cd2 Reland of https://codereview.chromium.org/172523002/
Fixed
1) Missing line in x64 port.
2) GcStress found a logic error in the IC miss handler.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/224903005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20516 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 13:57:53 +00:00
alexandre.rames@arm.com
72288a68dd ARM64: Use direct deoptimization exits.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/225703002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20515 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 13:41:12 +00:00
ishell@chromium.org
1f9f8fe9eb ElementsAccessor's public interface handlification.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/225933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20514 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 13:20:24 +00:00
ishell@chromium.org
dd891816d4 Callers of ElementsAccessor::AddElementsToFixedArray(), ElementsAccessor::HasElement() and ElementsAccessor::GetKeyForIndex() handlified.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/225623004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 13:05:37 +00:00
rodolph.perfetta@arm.com
0c2c71c1a2 ARM64: fix constant pool size used by disassembler
BUG=
R=ulan@chromium.org, bmeurer@chromium.org

Review URL: https://codereview.chromium.org/225403005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20512 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 12:54:12 +00:00
marja@chromium.org
3d1a17c2ac Update tests to use the new compilation API + related fixes.
Esp. get rid of PreCompile in tests, as it's going to be removed.

Notes:
- The new compilation API doesn't have a separate precompilation phase, so there
is no separate way to check for errors except checking the compilation
errors. Removed some tests which don't make sense any more.
- test-api/Regress31661 didn't make sense as a regression test even before the
compilation API changes, because Blink doesn't precompile this short scripts. So
detecting this kind of errors (see crbug.com/31661 for more information) cannot rely
on precompilation errors.
- test-parsing/PreParserStrictOctal has nothing to do with PreParser, and the comment
about "forcing preparsing" was just wrong.
- test-api/PreCompile was supposed to test that "pre-compilation (aka
preparsing) can be called without initializing the whole VM"; that's no longer
true, since there's no separate precompilation step in the new compile
API. There are other tests (test-parsing/DontRegressPreParserDataSizes) which
ensure that we produce cached data.
- Updated tests which test preparsing to use PreParser directly (not via the
 preparsing API).
- In the new compilation API, the user doesn't need to deal with ScriptData
ever. It's only used internally, and needed in tests that test internal aspects
(e.g., modify the cached data before passing it back).
- Some tests which used to test preparse + parse now test first time parse +
  second time parse, and had to be modified to ensure we don't hit the
  compilation cache.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/225743002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 12:36:23 +00:00
yangguo@chromium.org
b0def354bc Return MaybeHandle from GetProperty.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/225673003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20510 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 12:25:45 +00:00
yangguo@chromium.org
dd7bb01688 Return MaybeHandle from SetProperty.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/225283005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 12:06:11 +00:00
rmcilroy@chromium.org
3eb418df78 Fix fixed-point vcvt_f64_s32 immediate value encoding
The (32 - fraction_bits) value should be encoded so that the least
significant bit is set to bit 5 and the four next bits to bits 0-3. Fix
the previously incorrect encoding. This bug did not cause behavioral
issues before, since in existing uses of the function the order of the
bits in the immediate value does not matter, as they are all 1.

BUG=3256
LOG=N
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/223623003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20508 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 11:12:40 +00:00
hpayer@chromium.org
8072cd2935 Don't overwrite transition array map while iterating over the transition tree.
Instread of using the transition array map to store the iteration index, we are using the constructor field of the map. Moreover, I removed the unchecked transition array accessors.

BUG=
R=mstarzinger@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/223533002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20503 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 09:25:36 +00:00
bmeurer@chromium.org
0d1c01cb92 Properly pass dim to recursive calls in TypePrint().
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/224723007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20502 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 09:00:30 +00:00
hpayer@chromium.org
5230d8d330 Make sure value is a heap number when reusing the double box in BinaryOpICStub.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/216823005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20501 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 08:46:49 +00:00
ishell@chromium.org
7982072dd3 Maybehandlification of EnsureJSArrayWithWritableFastElements().
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/223743003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20498 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 08:17:23 +00:00
bmeurer@chromium.org
0968128371 TypePrint() does not depend on Object::Print().
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/225353004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20496 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 07:21:59 +00:00
svenpanne@chromium.org
f32ef903da Reland "Fixed environment assignment for LCheckNonSmi."
Now with (hopefully correct) ARM64 part... :-}

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/225313003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20495 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 07:07:34 +00:00
bmeurer@chromium.org
e26ff6c45f Get rid of the TRANSITION PropertyType and consistently use CanHoldValue().
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/223193005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20494 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 04:49:07 +00:00
palfia@homejinni.com
5ca16fb8c7 MIPS: Check in Lithium that allocation size in Smi range.
Port r20458 (984d99c9)

Oirginal commit message:
This is to avoid triggering an assertion from Smi::FromInt. The
generated code is unreachable, so it is not a real bug.

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/224583002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20491 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 23:34:28 +00:00
alph@chromium.org
4c124982b6 Do not mark prototype transitions link as weak in heap snapshot.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/223643004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20490 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 16:32:59 +00:00
dslomov@chromium.org
d66c832edc Harden IsMoreGeneralElementsKindTransition.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/213783004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20489 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 16:25:05 +00:00
ishell@chromium.org
69df3564a8 Further Kraken regression recover due to handlification.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/223873004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20488 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 14:42:56 +00:00
alexandre.rames@arm.com
1f38f42ef1 ARM64: Fixes and more support for FRINT<X> instructions.
Fix simulation and tests for the [-0.5, -0.0[ range for FRINTA and FRINTN, and
add support for FRINTM.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/223843002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20487 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 14:30:44 +00:00
alexandre.rames@arm.com
eb94807fa5 ARM64: Fix the atomic type width in the 64bit Acquire_Load().
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/220203012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20486 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 14:28:40 +00:00
yangguo@chromium.org
9cc90739c2 Return MaybeHandle from JsonParser.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223553003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20485 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 14:25:59 +00:00
jochen@chromium.org
5a57e644d7 Revert r20476.
Reason for revert: crashes arm64.debug cctest

Fatal error in ../src/hydrogen-instructions.h, line 2968
CHECK(value->IsCheckHeapObject()) failed

Fixed environment assignment for LCheckNonSmi.

TBR=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/223873003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20484 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 14:04:05 +00:00
yangguo@chromium.org
eedc4c01f5 Return MaybeHandle from NewExternalStringFrom*.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223653003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20481 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:41:37 +00:00
yangguo@chromium.org
164e5b580c Reland "Return MaybeHandle from NewConsString."
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223813002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20480 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:30:37 +00:00
yangguo@chromium.org
893f413434 Return MaybeHandle from NewRaw???String.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223573002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20479 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:30:08 +00:00
mvstanton@chromium.org
5c0d85163c Revert r20474
This reverts commit r20474 due to an x64 release issue.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/223823002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20478 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:27:24 +00:00
mstarzinger@chromium.org
775d9b022f Use premordial Object.isSealed/isFrozen in builtins.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/223473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:23:35 +00:00
svenpanne@chromium.org
48ccdd9f7e Fixed environment assignment for LCheckNonSmi.
This fixes browsing facebook.com with a debug version of Chrome.

TBR=ulan@chromium.org

Review URL: https://codereview.chromium.org/223763003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20476 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:12:28 +00:00
yangguo@chromium.org
87dd16e3cd Revert "Return MaybeHandle from NewConsString."
This reverts r20473.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/223593004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20475 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 12:09:14 +00:00
mvstanton@chromium.org
c21cf2d334 Function calls are handled with a LoadIC and a FunctionCallStub. This works well, but we can create a platform to gather custom feedback by inventing a CallIC. CallIC takes a JSFunction as input, maintains UNINIT/MONO/MEGA state in a feedback slot, and engages in limited patching for the most efficient code.
The change creates a degrade in NBody tests, but a follow-on CL addresses it by using this custom feedback platform to give a 45% improvement.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/172523002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 11:41:03 +00:00
yangguo@chromium.org
be0d2f5d15 Return MaybeHandle from NewConsString.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/223383002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 11:38:01 +00:00
jarin@chromium.org
fe37026116 When freezing global object, go through the property cell
R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/223613002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20469 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 10:43:56 +00:00
svenpanne@chromium.org
d4ff61058a Fix approximation of CanDeoptimize() and other small store elimination fixes.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/222263002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20468 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 10:39:04 +00:00
ishell@chromium.org
f3daa2c149 Partial recover from performance degradation after handlification of ElementsAccessor::CopyElements (r20312).
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/223413002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20464 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 09:12:59 +00:00
jochen@chromium.org
82279ba022 Add API for adding and removing CallCompletedCallbacks to Isolate
The API currently just forwards to the global methods. A follow-up
change will move the callback handling to the Isolate and deprecate the
global versions.

BUG=
R=dcarney@chromium.org, svenpanne@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/215893005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20463 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 07:51:27 +00:00
jarin@chromium.org
42d2d3cb9d Do not generate LDummyUse instruction for HCapturedObject
LDummyUse confuses the register allocator (since there is no definition
for the use).

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/222283002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20461 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 07:35:13 +00:00
jarin@chromium.org
0b53ed2d2b Check in Lithium that allocation size in Smi range.
This is to avoid triggering an assertion from Smi::FromInt. The
generated code is unreachable, so it is not a real bug.

R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/221743005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20458 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 07:04:46 +00:00
yangguo@chromium.org
dc20bb49b0 Introduce MaybeHandle to police exception checking in handlified code.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/222163002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20457 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-03 05:57:43 +00:00
palfia@homejinni.com
36aa2c1797 MIPS: Check that environments assigned via AssignEnvironment are actually used.
Port r20430 (e9457854)

Original commit message:
Check that environments assigned via AssignEnvironment are actually used.

Removed some temporary marker comments on the way.

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/214703007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20452 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 22:18:22 +00:00
palfia@homejinni.com
60b589c530 MIPS: Make invalid LHSs that are calls late errors.
Port r20428 (7a071766)

Original commit message:
Necessary for web legacy compatibility.

Also fold in additional strict mode checks into LHS checks.
Minor constness clean-ups on the way.

BUG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/222893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20451 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 22:17:25 +00:00
alexandre.rames@arm.com
d21acd91e9 ARM64: Fix and improve atomic operations.
* The 'compare and swap' operations should enforce memory ordering even when
  the exchange does not occur.

* The exclusive monitor does not need to be cleared by CLREX if a LDRX was
  not followed by a matching STREX.

* Use LDAR and STLR where possible.

* Use the 'I' and 'J' constraints to hint for constants valid for immediate
  values.

R=jfb@chromium.org, rmcilroy@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/220793002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20446 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 16:37:33 +00:00
mstarzinger@chromium.org
0f52462e10 Remove dead Object::GetPropertyOrFail.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/215973004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20445 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 16:36:16 +00:00
alexandre.rames@arm.com
03a4e5fc78 ARM64: Avoid iterating through unresolved branches information when unnecessary.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/217343007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20444 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 16:31:58 +00:00
mstarzinger@chromium.org
56e8a26e09 Fix assert in Runtime_SetIsObserved.
R=rafaelw@chromium.org
BUG=chromium:352664
LOG=N

Review URL: https://codereview.chromium.org/204493002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20440 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 14:47:26 +00:00
verwaest@chromium.org
ca6b727665 Replace CopyMap(constructor->initial_map()) by Map::Create(constructor)
BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/218633014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20437 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 13:30:36 +00:00
rossberg@chromium.org
2fda95eb80 Make stray 'return' an early error
As required by the spec, and implemented by other browsers.

(Plus minor clean-up for redeclaration TypeErrors.)

R=marja@chromium.org
BUG=
LOG=Y

Review URL: https://codereview.chromium.org/220473014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 12:38:01 +00:00
jkummerow@chromium.org
511edabed2 Fix HGraphBuilder::BuildAddStringLengths
length == String::kMaxLength is fine and should not bail out.

BUG=chromium:357052
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/222113002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20433 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 12:24:42 +00:00
svenpanne@chromium.org
4e40600485 Check that environments assigned via AssignEnvironment are actually used.
Removed some temporary marker comments on the way.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/218403006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20430 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 11:30:13 +00:00
alph@chromium.org
923fbafc15 Show references from weak containers as weak in heap snapshots.
BUG=356590
LOG=Y
R=ulan@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/213673006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20429 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 11:19:53 +00:00
rossberg@chromium.org
45118bfdfb Make invalid LHSs that are calls late errors
Necessary for web legacy compatibility.

Also fold in additional strict mode checks into LHS checks.
Minor constness clean-ups on the way.

R=marja@chromium.org
BUG=chromium:358346
LOG=Y

Review URL: https://codereview.chromium.org/217823003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20428 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 11:03:05 +00:00
yangguo@chromium.org
fec195573c Use the correct natives in messages.js
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/221903002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20427 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 08:21:37 +00:00
ulan@chromium.org
65bae6c652 Lazily initialize the target map list in IC.
This makes sure that we keep the target map list alive in the handle scope during IC computation.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/220923003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20426 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 07:59:54 +00:00
bmeurer@chromium.org
e054f08006 Add unhandlified versions of Of() and NowOf().
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/221813002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20423 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 07:01:43 +00:00
haitao.feng@intel.com
6a97085961 Introduce ReadPositionFromRegister in x64 Regexp Macro Assembler
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/220453008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20421 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 03:01:11 +00:00
haitao.feng@intel.com
f1b5a4ac6d Adjust various constants for x32 port
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/216513003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20420 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-02 02:34:50 +00:00
palfia@homejinni.com
bf1155e8a4 MIPS: Consistently use a separate Lithium instruction for flooring division.
Port r20395 (5b802048)

Original commit message:
Previously we tried to share some code on by a slightly confusing re-use
of LDivI for a (general) flooring division. Now we cleanly separate
concerns, just like for the rest of the division-like operations. Note
that ARM64 already did it this way.

If we really want to save some code, we can introduce some macro
assembler instructions and/or helper functions in the code generator in
a future CL, but we should really try to avoid being "clever" to save
just a few lines of trivial code. Effort != complexity. :-)

Renamed some related Lithium operands on the way for more consistency.

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/220403009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20417 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 23:43:47 +00:00
palfia@homejinni.com
97829f4749 MIPS: Only assign environments when they are actually needed.
Port r20376 (2c4baaf5)

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/213733003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20416 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 23:42:55 +00:00
verwaest@chromium.org
aaf18129da Remove Factory::CopyMap(map) in favor of Map::Copy(map)
BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/219963009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20411 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 17:43:20 +00:00
dslomov@chromium.org
19c354b7b0 Support typed arrays in IsMoreGeneralElementsKindTransition.
R=verwaest@chromium.org
BUG=357054
LOG=Y

Review URL: https://codereview.chromium.org/220403004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20410 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 16:41:35 +00:00
yangguo@chromium.org
64901004be Smi immediates are not supported on x64. Do not use it.
R=jkummerow@chromium.org
BUG=358059
LOG=N

Review URL: https://codereview.chromium.org/217083003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20409 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 15:32:06 +00:00
marja@chromium.org
eecaef41d9 PreParser fix: propagate reference erros properly.
For example, invalid left hand sides are reference errors. PreParser didn't use
to produce this error ever, so the code for propagating reference errors
properly was missing, and reference errors turned into syntax errors.

R=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/220233006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20408 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 14:17:43 +00:00
mvstanton@chromium.org
d93c906acc Monomorphic prototype failures should be reserved for already-seen keys.
We incorrectly mark a KeyedStoreIC miss as a monomorphic prototype
failure even though it's the first time a particular (string) key has
been seen.

BUG=358088
R=verwaest@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/219313002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20407 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 14:16:54 +00:00
rossberg@chromium.org
5d5adbc452 Provide Type::Contains methods.
Also, rename all *Currently methods to Now*.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/219523003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20405 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 13:11:12 +00:00
jkummerow@chromium.org
cbeef7147f MSan workaround in Simulator::VisitBitfield.
This change shuffles the code in Simulator::VisitBitfield a bit
to work around a MemorySanitizer bug. New code should not be any
slower or less readable than before.

More info:
https://code.google.com/p/memory-sanitizer/issues/detail?id=50

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/212863002

Patch from Evgeniy Stepanov <eugenis@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20401 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:51:15 +00:00
jkummerow@chromium.org
725ce114aa MSan does not understand inline asm. This change preinitializes cpuid
results, and disables the use of stos.

Random mmap() addresses conflict with sanitizer memory layout.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/212723003

Patch from Evgeniy Stepanov <eugenis@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20400 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:48:35 +00:00
jkummerow@chromium.org
4fe93b2d22 [msan] Do not unpoison heap if running on simulator.
With the simulator, MSan detects all memory accesses from JIT code
without the need for annotations.

We'd like to keep the annotation in the native (w/o simulator) mode
until we can move all MSan+V8 users to simulator mode.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/212833002

Patch from Evgeniy Stepanov <eugenis@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20399 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:45:00 +00:00
yangguo@chromium.org
997ce1cac7 Remove remnants of internalized cons strings.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/216603005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 12:34:08 +00:00
svenpanne@chromium.org
e853c8a996 Fixed build (unused vars in release mode).
TBR=bmeuerer@chromium.org

Review URL: https://codereview.chromium.org/218623017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:59:24 +00:00
svenpanne@chromium.org
497487beec Consistently use a separate Lithium instruction for flooring division.
Previously we tried to share some code on by a slightly confusing re-use
of LDivI for a (general) flooring division. Now we cleanly separate
concerns, just like for the rest of the division-like operations. Note
that ARM64 already did it this way.

If we really want to save some code, we can introduce some macro
assembler instructions and/or helper functions in the code generator in
a future CL, but we should really try to avoid being "clever" to save
just a few lines of trivial code. Effort != complexity. :-)

Renamed some related Lithium operands on the way for more consistency.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/212703002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20395 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:42:42 +00:00
yangguo@chromium.org
10abff3498 Remove internalized cons string types.
Currently, internalizing a cons string could result in either an
in-place converted internalized cons string or a newly created
internalized sequential string, depending on allocation success.

The former could end up being embedded into an IC, which is not
supported.

R=mstarzinger@chromium.org
BUG=357103
LOG=N

Review URL: https://codereview.chromium.org/218993011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20394 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:30:31 +00:00
yurys@chromium.org
681c15eb4e Remove debugger_auto_break flag
The flag was introduced to support console debugger in Chrome. That debugger was replaced by DevTools long time ago and the flag is always true now.

BUG=None
LOG=Y
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/220743003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20393 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:23:23 +00:00
dcarney@chromium.org
8f0d170c37 always lookup api holder from receiver
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/219723002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20392 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:21:20 +00:00
bmeurer@chromium.org
660bfe1795 Cleanup property module.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/218683008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20391 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:16:13 +00:00
bmeurer@chromium.org
7c38cdb2bc Make it possible to use HeapType inside objects-inl.h.
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/220193007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20390 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:07:09 +00:00
verwaest@chromium.org
3cbb49f23f Replace uses of set_map by MigrateToMap.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/218783003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20389 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 11:04:37 +00:00
jochen@chromium.org
f30452ba40 Store i18n meta data in hidden symbols instead of js accessible properties
There were some tests that are supposed to protect against js messing
with the meta data, however, they just didn't try hard enough.

BUG=354967
R=dcarney@chromium.org
LOG=y

Committed: https://code.google.com/p/v8/source/detail?r=20375

Review URL: https://codereview.chromium.org/215293005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20388 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:56:16 +00:00
rmcilroy@chromium.org
69f8179c23 Only allow automatic FrameScope types for FrameAndConstantPoolScope
In certain situations the PP register would be invalid in a FrameScope::Manual FrameAndConstantPoolScope

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/214623002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20387 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:49:44 +00:00
svenpanne@chromium.org
ad3db5d346 Fixed assertions on ARM64.
TBR=ulan@chromium.org

Review URL: https://codereview.chromium.org/220763003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20386 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:39:09 +00:00
verwaest@chromium.org
a99050d40e Set kTruncatingToSmi for HChange only when To rep is Smi
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/218613002

Patch from Weiliang Lin <weiliang.lin@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20385 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 10:32:25 +00:00
svenpanne@chromium.org
4da732e321 Fixed power-of-2 predicates, excluding 0.
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/219213003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20383 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 09:20:28 +00:00
yangguo@chromium.org
4a5bccfc61 Tighten object verification.
Often, when we call MaybeObject::Verify, what we want is Object::ObjectVerify.

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/218993005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20382 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 08:57:48 +00:00
machenbach@chromium.org
8806f2d815 Revert r20375.
Store i18n meta data in hidden symbols instead of js accessible properties

BUG=354967
LOG=N
TBR=jochen@chromium.org

Review URL: https://codereview.chromium.org/220673002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20377 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 08:05:45 +00:00
svenpanne@chromium.org
51c209c609 Only assign environments when they are actually needed. (ARM and ARM64 only)
Twin of https://codereview.chromium.org/210783003/ and https://codereview.chromium.org/211153003/.

Cleaned up DoChange a bit on the way, making things more uniform across platforms, removed useless comments etc.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/214613004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20376 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 07:21:31 +00:00
jochen@chromium.org
0d04cba759 Store i18n meta data in hidden symbols instead of js accessible properties
There were some tests that are supposed to protect against js messing
with the meta data, however, they just didn't try hard enough.

BUG=354967
R=dcarney@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/215293005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-01 07:21:05 +00:00
palfia@homejinni.com
a403144159 MIPS: Fix PrepareKeyedOperand on MIPS.
Port r20363 (235f866c)

Original commit message:
When additional_offset is specified, the 'key' operand can be negative
and still pass the bounds check. Therefore, when converting key from
Smi, arithmetic and not logical shift must be used.

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/219923005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20370 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 22:50:53 +00:00
palfia@homejinni.com
9a4eaa72dc MIPS: Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account."
Port r20358 (5e9b653d)

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/219163010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20369 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 22:48:54 +00:00
jarin@chromium.org
5607582f3b We should perform the illegal redeclaration check earlier so that we do not confuse the AST typer with missing type feedback nodes.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/218493007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20368 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 16:45:46 +00:00
verwaest@chromium.org
38e82b8712 Use JSObject::SetMapAndElements rather than set_map + set_elements.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/218583008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 16:21:20 +00:00
rossberg@chromium.org
282a7ca14e Fix Type::Intersect to skip uninhabited bitsets
R=verwaest@chromium.org, bmeurer@chromium.org
BUG=chromium:357330
LOG=Y

Review URL: https://codereview.chromium.org/219333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20366 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:53:21 +00:00
verwaest@chromium.org
47e660a2e1 Replace set_map_and_elements by MigrateToMap-based SetMapAndElements
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/218753005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20364 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:30:13 +00:00
dslomov@chromium.org
b3148d921e Fix PrepareKeyedOperand on arm.
When additional_offset is specified, the 'key' operand can be negative
and still pass the bounds check. Therefore, when converting key from
Smi, arithmetic and not logical shift must be used.

R=verwaest@chromium.org
BUG=358057
LOG=Y

Review URL: https://codereview.chromium.org/219473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:14:28 +00:00
jarin@chromium.org
d02e1f2c25 Fix left trimming check for large objects
BUG=358090
TEST=test/mjsunit/regress/regress-358090.js
LOG=N
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/213833008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:01:46 +00:00
hpayer@chromium.org
702ba5a0e9 Make sure when we shrink an object that we store a filler first into the free memory before updating the map or size.
BUG=
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/219103002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20361 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:29:01 +00:00
verwaest@chromium.org
019e27d8db Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account.""
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/218663005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:21:04 +00:00
yangguo@chromium.org
c0fa861726 Do not check for interrupt when allocating stack locals.
R=dcarney@chromium.org
BUG=357137
LOG=N

Review URL: https://codereview.chromium.org/219373004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20357 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:14:54 +00:00
alexandre.rames@arm.com
989683d479 ARM64: Optimize AllocateHeapNumber to use STP.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/216933003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20356 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:06:42 +00:00
jochen@chromium.org
163044e7ba Revert 20348 - "Fix LoadFieldByIndex to take mutable heap-numbers into account."
Reason for revert: crashes benchmarks/sunspider/string-fasta on ia32.debug

This also reverts r20350 and r20352

> Fix LoadFieldByIndex to take mutable heap-numbers into account.
>
> BUG=
> R=ishell@chromium.org
>
> Review URL: https://codereview.chromium.org/213213002

BUG=none
LOG=n
TBR=verwaest@chromium.org

Revert "Use sarq on x64"

This reverts commit e2a8ef9321345c6bc091054443bf2b9535ff6b1c.

Revert "Don't | int and bool"

This reverts commit c90d713d3a8ceba4fec41933a63beb6e50a3d7c0.

Review URL: https://codereview.chromium.org/219393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 13:23:32 +00:00
jochen@chromium.org
b7039334ae Revert 20313 - "Ship promises and weak collections"
> R=mstarzinger@chromium.org
> BUG=
>
> Committed: https://code.google.com/p/v8/source/detail?r=20211
>
> Review URL: https://codereview.chromium.org/206163004

R=rossberg@chromium.org
TBR=rossberg@chromium.org
LOG=y
BUG=n

Review URL: https://codereview.chromium.org/219303002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20353 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:40:32 +00:00
verwaest@chromium.org
b8fab1cf19 Don't | int and bool
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/219293002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20352 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:24:51 +00:00
verwaest@chromium.org
d0a65ff717 Use sarq on x64
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/219043003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:07:41 +00:00
bmeurer@chromium.org
f1f6c3c9d4 Cleanup bootstrapper, execution and factory modules.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/219233002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20349 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:01:02 +00:00
verwaest@chromium.org
55a6318560 Fix LoadFieldByIndex to take mutable heap-numbers into account.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/213213002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:59:29 +00:00
jarin@chromium.org
d65fe51ca0 Add missing lazy deopt point for the TransitionElementsKind instruction.
R=mvstanton@chromium.org, yangguo@chromium.org
BUG=357105
TEST=test/mjsunit/regress/regress-357105.js
LOG=N

Review URL: https://codereview.chromium.org/216963002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:58:53 +00:00
bmeurer@chromium.org
7ed3b6e2cd Cleanup string-stream module.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/219173002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20344 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:13:39 +00:00
bmeurer@chromium.org
49961d11a6 Handlify DescriptorArray::Merge().
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/169363002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20339 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 07:48:13 +00:00
dslomov@chromium.org
bd353dc3a0 Inline internal getters for typed arrays & friends.
R=hpayer@chromium.org, yangguo@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=20330

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 15:25:24 +00:00
jochen@chromium.org
feeccf0d10 Revert r20335 - "Raise StackOverflow during bootstrapping"
Reason for revert: New test crashes on nosnap bots

> See https://github.com/joyent/node/issues/7120
>
> R=jarin@chromium.org
> BUG=
>
> Review URL: https://codereview.chromium.org/178073002
>
> Patch from Alexis Campailla <alexis@janeasystems.com>.

TBR=jarin@chromium.org
BUG=none
LOG=n

Review URL: https://codereview.chromium.org/217013002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20337 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 14:16:11 +00:00
dslomov@chromium.org
c873e813c5 Revert "Inline internal getters for typed arrays & friends."
This reverts commit r20330 for breaking arm64 nosnap tests.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/216993002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:33:50 +00:00
jarin@chromium.org
ee173152ef Raise StackOverflow during bootstrapping
See https://github.com/joyent/node/issues/7120

R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/178073002

Patch from Alexis Campailla <alexis@janeasystems.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:26:20 +00:00
marja@chromium.org
f8738e6d74 Cleanup scanner character streams.
- GenericStringUtf16CharacterStream::start_position_ was unused.
- GenericStringUtf16CharacterStream inherits from BufferedUtf16CharacterStream,
so no need to initialize buffer_cursor_ and buffer_end_ twice (this makes it
clearer which class in the inheritance chain takes care of which variables).

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/216523004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20334 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:11:12 +00:00
hpayer@chromium.org
a2212066da Move FillWithHoles FixedArray and FixedDoubleArray functions to the given classes.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/216873004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20333 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:05:23 +00:00
marja@chromium.org
6608110e87 Make it clearer that PreParser doesn't depend on Isolate.
The Isolate* member of ParserBase::FunctionState was only used by
Parser. Removing it makes it clear that there are no isolates in
PreParser. (There's also no Zone, since PreParserTraits::Type::Zone is void.)

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/216883003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20331 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 12:49:34 +00:00
dslomov@chromium.org
6d91c1e77f Inline internal getters for typed arrays & friends.
R=hpayer@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20330 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 12:02:52 +00:00
haitao.feng@intel.com
a72e3525fc Refactor the arithmetic instructions for x64
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/214753002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20329 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 11:13:14 +00:00
yangguo@chromium.org
dae7ecbfdf Reland "Clean up runtime functions for Maths."
BUG=
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/216643002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20328 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 10:07:23 +00:00
yangguo@chromium.org
1037a883de Clean up some "GetProperty" methods/functions.
Runtime::GetObjectProperty:
  - handled string.charAt, element access and property access
  - now handlified
GetProperty in handles.cc:
  - called to Runtime::GetObjectProperty
  - now removed
Object::GetProperty (handlified version):
  - handled element access and property access
  - now changed to only do property access
New: Object::GetPropertyOrElement:
  - handles element access and property access

R=ishell@chromium.org

Review URL: https://codereview.chromium.org/210953005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20327 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 09:49:27 +00:00
dslomov@chromium.org
0d1b90f8aa Fix deopts causing uninitialized fixed typed arrays.
The deopt will not happen in production code, since we check that
lengths of fixed typed arrays are smis before calling
TypedArrayInitialze, but that makes deopt bot happy.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/212643016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20324 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 08:59:46 +00:00
jochen@chromium.org
6781deae0a Don't crash if we get a timezone change notification on an uninitialized isolate
Also make the date cache's timestamp more robust.

BUG=357362
R=svenpanne@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/216613003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 08:59:25 +00:00
yangguo@chromium.org
3579968e86 Fix TSAN issue wrt assertions in the optimizing compiler thread.
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/212603013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20322 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 08:49:58 +00:00
jarin@chromium.org
9e655afdb4 Reland "Fix property enum cache creation to include only own properties"
Reland r20308 (reverted by r20310).

TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/216383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 06:59:20 +00:00
haitao.feng@intel.com
329b0449d5 Introduce rolp, rorp, rclp, rcrp, shlp, shrp and sarp for x64 port
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/214493002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20320 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 04:55:00 +00:00
haitao.feng@intel.com
9ff02c5d42 Use RegisterSize to count the pushq size and the argument slot size from JS to C++
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/213413010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20317 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 00:35:23 +00:00
adamk@chromium.org
c2bbd9f9e2 Don't pass the hole to SetElement when creating Array.observe change records
Also added comments to remind us why we were using the hole here in the first
place (it's used for the case where Object.observe, rather than Array.observe,
has been called on Array that's undergoing truncation).

BUG=356589
LOG=N
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/213823002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20316 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 18:29:07 +00:00
dslomov@chromium.org
9776ae1610 Add Bogus initialization for external_elements_kind and fixed_elements_kind
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/212553008

Patch from Haitao Feng <haitao.feng@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20315 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 17:40:52 +00:00
marja@chromium.org
17a0655431 Fix some missing includes and forward declarations.
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/214903002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20314 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:43:44 +00:00
rossberg@chromium.org
826cf64fd3 Ship promises and weak collections
R=mstarzinger@chromium.org
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=20211

Review URL: https://codereview.chromium.org/206163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20313 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:42:34 +00:00
ishell@chromium.org
a887597e20 ElementsAccessor::CopyElements() and its callers handlified.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/212573007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:41:09 +00:00
yangguo@chromium.org
e8d5e6377e Revert "Clean up runtime functions for Maths."
This reverts r20307.

TBR=jarin@chromium.org

Review URL: https://codereview.chromium.org/214593005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:30:03 +00:00
jarin@chromium.org
af74f1206e Revert "Fix property enum cache creation to include only own properties"
This reverts commit 4cf47a20b4846cf050ea4844433e9c57654da34e.

BUG=

Review URL: https://codereview.chromium.org/214893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20310 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:18:42 +00:00
rossberg@chromium.org
ddedf5c309 Harden internal uses of .chain
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/212553009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20309 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:11:23 +00:00
jarin@chromium.org
4608bdeccc With this fix, we only create the enum cache for own property descriptors (originally we cached all descriptors in the map). The problem was that the size of all descriptors could be trimmed during GC triggered by allocating the storage for the cache, so we could have ended up with a wrong storage size.
This is really Toon's fix, I have only created a small repro case.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/212673011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20308 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 15:33:06 +00:00
yangguo@chromium.org
1110f4fcbb Clean up runtime functions for Maths.
R=dslomov@google.com, dslomov@chromium.org

Review URL: https://codereview.chromium.org/212763008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 14:45:56 +00:00
yurys@chromium.org
279e86d6ea NativeContext::map_cache reference should be strong in heap snapshots
This change makes the reference itself a strong one. We will also need a special handling to make references from MapCache object to Map weak in the heap snapshots. The latter will be addressed separately.

BUG=chromium:357060
LOG=Y
R=alph@chromium.org, hpayer@chromium.org

Review URL: https://codereview.chromium.org/214683002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20304 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 14:19:51 +00:00
hpayer@chromium.org
155225c69c Use acquire/release stores and loads when reading and writing the parallel sweeping state of a page.
BUG=
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/214543008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20301 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 13:26:25 +00:00
dslomov@chromium.org
4cdfb46a6d Fix JSObject::SetElement for fixed typed array elements.
R=ulan@chromium.org
BUG=357108
LOG=N

Review URL: https://codereview.chromium.org/214543003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20300 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 12:54:26 +00:00
yangguo@chromium.org
8847b52097 Reland "Correctly OOM in the CEntryStub after retries."
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/214473003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20297 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 10:41:45 +00:00
ulan@chromium.org
e510131d26 Fix assert in BoundsCheckBbData.
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/201303007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20296 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 10:10:51 +00:00
ulan@chromium.org
179b4b0c9f Unify monomorphic and polymorphic cases in IC::PatchCache.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/171683007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20294 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 09:59:43 +00:00
yangguo@chromium.org
caad1de770 Revert "Correctly OOM in the CEntryStub after retries."
This reverts r20292 due to no-snapshot failures.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/214413005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20293 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 09:59:07 +00:00