Commit Graph

15661 Commits

Author SHA1 Message Date
dslomov@chromium.org
b3148d921e Fix PrepareKeyedOperand on arm.
When additional_offset is specified, the 'key' operand can be negative
and still pass the bounds check. Therefore, when converting key from
Smi, arithmetic and not logical shift must be used.

R=verwaest@chromium.org
BUG=358057
LOG=Y

Review URL: https://codereview.chromium.org/219473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:14:28 +00:00
jarin@chromium.org
d02e1f2c25 Fix left trimming check for large objects
BUG=358090
TEST=test/mjsunit/regress/regress-358090.js
LOG=N
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/213833008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 15:01:46 +00:00
hpayer@chromium.org
702ba5a0e9 Make sure when we shrink an object that we store a filler first into the free memory before updating the map or size.
BUG=
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/219103002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20361 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:29:01 +00:00
verwaest@chromium.org
019e27d8db Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account.""
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/218663005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:21:04 +00:00
yangguo@chromium.org
c0fa861726 Do not check for interrupt when allocating stack locals.
R=dcarney@chromium.org
BUG=357137
LOG=N

Review URL: https://codereview.chromium.org/219373004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20357 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:14:54 +00:00
alexandre.rames@arm.com
989683d479 ARM64: Optimize AllocateHeapNumber to use STP.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/216933003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20356 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:06:42 +00:00
rossberg@chromium.org
d486f52cf4 Finalisation disclaimer
R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/219403002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20355 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 13:35:12 +00:00
jochen@chromium.org
163044e7ba Revert 20348 - "Fix LoadFieldByIndex to take mutable heap-numbers into account."
Reason for revert: crashes benchmarks/sunspider/string-fasta on ia32.debug

This also reverts r20350 and r20352

> Fix LoadFieldByIndex to take mutable heap-numbers into account.
>
> BUG=
> R=ishell@chromium.org
>
> Review URL: https://codereview.chromium.org/213213002

BUG=none
LOG=n
TBR=verwaest@chromium.org

Revert "Use sarq on x64"

This reverts commit e2a8ef9321345c6bc091054443bf2b9535ff6b1c.

Revert "Don't | int and bool"

This reverts commit c90d713d3a8ceba4fec41933a63beb6e50a3d7c0.

Review URL: https://codereview.chromium.org/219393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 13:23:32 +00:00
jochen@chromium.org
b7039334ae Revert 20313 - "Ship promises and weak collections"
> R=mstarzinger@chromium.org
> BUG=
>
> Committed: https://code.google.com/p/v8/source/detail?r=20211
>
> Review URL: https://codereview.chromium.org/206163004

R=rossberg@chromium.org
TBR=rossberg@chromium.org
LOG=y
BUG=n

Review URL: https://codereview.chromium.org/219303002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20353 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:40:32 +00:00
verwaest@chromium.org
b8fab1cf19 Don't | int and bool
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/219293002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20352 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:24:51 +00:00
jochen@chromium.org
617531da8f Skip cctest/test-mark-compact/NoPromotion on ARM64
BUG=v8:3247
TBR=machenbach@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/217423006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20351 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:09:59 +00:00
verwaest@chromium.org
d0a65ff717 Use sarq on x64
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/219043003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:07:41 +00:00
bmeurer@chromium.org
f1f6c3c9d4 Cleanup bootstrapper, execution and factory modules.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/219233002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20349 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:01:02 +00:00
verwaest@chromium.org
55a6318560 Fix LoadFieldByIndex to take mutable heap-numbers into account.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/213213002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:59:29 +00:00
jarin@chromium.org
d65fe51ca0 Add missing lazy deopt point for the TransitionElementsKind instruction.
R=mvstanton@chromium.org, yangguo@chromium.org
BUG=357105
TEST=test/mjsunit/regress/regress-357105.js
LOG=N

Review URL: https://codereview.chromium.org/216963002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:58:53 +00:00
bmeurer@chromium.org
7ed3b6e2cd Cleanup string-stream module.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/219173002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20344 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:13:39 +00:00
dcarney@chromium.org
8b304a6832 Implement PersistentValueVector, analogous to PersistentValueMap.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/216973002

Patch from Daniel Vogelheim <vogelheim@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20341 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 10:03:20 +00:00
jochen@chromium.org
a2f82479c4 Skip crashing harmony mjsunit tests on NaCL
BUG=none
TBR=machenbach@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/219043002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20340 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 07:54:22 +00:00
bmeurer@chromium.org
49961d11a6 Handlify DescriptorArray::Merge().
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/169363002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20339 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 07:48:13 +00:00
dslomov@chromium.org
bd353dc3a0 Inline internal getters for typed arrays & friends.
R=hpayer@chromium.org, yangguo@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=20330

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 15:25:24 +00:00
jochen@chromium.org
feeccf0d10 Revert r20335 - "Raise StackOverflow during bootstrapping"
Reason for revert: New test crashes on nosnap bots

> See https://github.com/joyent/node/issues/7120
>
> R=jarin@chromium.org
> BUG=
>
> Review URL: https://codereview.chromium.org/178073002
>
> Patch from Alexis Campailla <alexis@janeasystems.com>.

TBR=jarin@chromium.org
BUG=none
LOG=n

Review URL: https://codereview.chromium.org/217013002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20337 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 14:16:11 +00:00
dslomov@chromium.org
c873e813c5 Revert "Inline internal getters for typed arrays & friends."
This reverts commit r20330 for breaking arm64 nosnap tests.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/216993002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:33:50 +00:00
jarin@chromium.org
ee173152ef Raise StackOverflow during bootstrapping
See https://github.com/joyent/node/issues/7120

R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/178073002

Patch from Alexis Campailla <alexis@janeasystems.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:26:20 +00:00
marja@chromium.org
f8738e6d74 Cleanup scanner character streams.
- GenericStringUtf16CharacterStream::start_position_ was unused.
- GenericStringUtf16CharacterStream inherits from BufferedUtf16CharacterStream,
so no need to initialize buffer_cursor_ and buffer_end_ twice (this makes it
clearer which class in the inheritance chain takes care of which variables).

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/216523004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20334 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:11:12 +00:00
hpayer@chromium.org
a2212066da Move FillWithHoles FixedArray and FixedDoubleArray functions to the given classes.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/216873004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20333 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 13:05:23 +00:00
marja@chromium.org
6608110e87 Make it clearer that PreParser doesn't depend on Isolate.
The Isolate* member of ParserBase::FunctionState was only used by
Parser. Removing it makes it clear that there are no isolates in
PreParser. (There's also no Zone, since PreParserTraits::Type::Zone is void.)

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/216883003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20331 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 12:49:34 +00:00
dslomov@chromium.org
6d91c1e77f Inline internal getters for typed arrays & friends.
R=hpayer@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20330 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 12:02:52 +00:00
haitao.feng@intel.com
a72e3525fc Refactor the arithmetic instructions for x64
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/214753002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20329 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 11:13:14 +00:00
yangguo@chromium.org
dae7ecbfdf Reland "Clean up runtime functions for Maths."
BUG=
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/216643002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20328 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 10:07:23 +00:00
yangguo@chromium.org
1037a883de Clean up some "GetProperty" methods/functions.
Runtime::GetObjectProperty:
  - handled string.charAt, element access and property access
  - now handlified
GetProperty in handles.cc:
  - called to Runtime::GetObjectProperty
  - now removed
Object::GetProperty (handlified version):
  - handled element access and property access
  - now changed to only do property access
New: Object::GetPropertyOrElement:
  - handles element access and property access

R=ishell@chromium.org

Review URL: https://codereview.chromium.org/210953005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20327 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 09:49:27 +00:00
marja@chromium.org
6730ec8433 Amend PersistentValueMap:
- Use the surrounding map (instead of Traits::Impl) for weak callback.
- Provide for a fast reference to a mapped value.
- Restructure Traits to accomondate for the first point above.

[Why?] As discussed, I proceeded to replace Impl with the map.
The problem I encountered with that version is that now the
Traits class depends on itself: The weak-related methods require the
map type in their signature. But the map type includes the Traits class
and hence the Traits class method signatures depend on the specific Traits class. That
makes them practically un-derivable: While you can derive a Traits class
from another one, since the compiler now expects methods with a different
signature. To accommodate, I pulled the dispose traits into the weak traits
class. I also removed the Impl*/MapType* parameter from the Dispose call,
since no implementation seems to need it.

R=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/212893007

Patch from Daniel Vogelheim <vogelheim@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20326 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 09:35:50 +00:00
yurys@chromium.org
f7b437d086 Deprecate Start/StopCpuProfiling methods
BUG=v8:3213
LOG=Y
R=alph@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/197513005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20325 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 09:24:49 +00:00
dslomov@chromium.org
0d1b90f8aa Fix deopts causing uninitialized fixed typed arrays.
The deopt will not happen in production code, since we check that
lengths of fixed typed arrays are smis before calling
TypedArrayInitialze, but that makes deopt bot happy.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/212643016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20324 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 08:59:46 +00:00
jochen@chromium.org
6781deae0a Don't crash if we get a timezone change notification on an uninitialized isolate
Also make the date cache's timestamp more robust.

BUG=357362
R=svenpanne@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/216613003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 08:59:25 +00:00
yangguo@chromium.org
3579968e86 Fix TSAN issue wrt assertions in the optimizing compiler thread.
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/212603013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20322 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 08:49:58 +00:00
jarin@chromium.org
9e655afdb4 Reland "Fix property enum cache creation to include only own properties"
Reland r20308 (reverted by r20310).

TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/216383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 06:59:20 +00:00
haitao.feng@intel.com
329b0449d5 Introduce rolp, rorp, rclp, rcrp, shlp, shrp and sarp for x64 port
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/214493002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20320 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 04:55:00 +00:00
haitao.feng@intel.com
9ff02c5d42 Use RegisterSize to count the pushq size and the argument slot size from JS to C++
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/213413010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20317 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 00:35:23 +00:00
adamk@chromium.org
c2bbd9f9e2 Don't pass the hole to SetElement when creating Array.observe change records
Also added comments to remind us why we were using the hole here in the first
place (it's used for the case where Object.observe, rather than Array.observe,
has been called on Array that's undergoing truncation).

BUG=356589
LOG=N
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/213823002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20316 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 18:29:07 +00:00
dslomov@chromium.org
9776ae1610 Add Bogus initialization for external_elements_kind and fixed_elements_kind
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/212553008

Patch from Haitao Feng <haitao.feng@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20315 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 17:40:52 +00:00
marja@chromium.org
17a0655431 Fix some missing includes and forward declarations.
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/214903002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20314 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:43:44 +00:00
rossberg@chromium.org
826cf64fd3 Ship promises and weak collections
R=mstarzinger@chromium.org
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=20211

Review URL: https://codereview.chromium.org/206163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20313 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:42:34 +00:00
ishell@chromium.org
a887597e20 ElementsAccessor::CopyElements() and its callers handlified.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/212573007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:41:09 +00:00
yangguo@chromium.org
e8d5e6377e Revert "Clean up runtime functions for Maths."
This reverts r20307.

TBR=jarin@chromium.org

Review URL: https://codereview.chromium.org/214593005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:30:03 +00:00
jarin@chromium.org
af74f1206e Revert "Fix property enum cache creation to include only own properties"
This reverts commit 4cf47a20b4846cf050ea4844433e9c57654da34e.

BUG=

Review URL: https://codereview.chromium.org/214893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20310 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:18:42 +00:00
rossberg@chromium.org
ddedf5c309 Harden internal uses of .chain
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/212553009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20309 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:11:23 +00:00
jarin@chromium.org
4608bdeccc With this fix, we only create the enum cache for own property descriptors (originally we cached all descriptors in the map). The problem was that the size of all descriptors could be trimmed during GC triggered by allocating the storage for the cache, so we could have ended up with a wrong storage size.
This is really Toon's fix, I have only created a small repro case.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/212673011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20308 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 15:33:06 +00:00
yangguo@chromium.org
1110f4fcbb Clean up runtime functions for Maths.
R=dslomov@google.com, dslomov@chromium.org

Review URL: https://codereview.chromium.org/212763008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 14:45:56 +00:00
haitao.feng@intel.com
e38ceab62a Update mozilla.status for a timezone without daylight saving time.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/198633002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20305 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 14:25:22 +00:00
yurys@chromium.org
279e86d6ea NativeContext::map_cache reference should be strong in heap snapshots
This change makes the reference itself a strong one. We will also need a special handling to make references from MapCache object to Map weak in the heap snapshots. The latter will be addressed separately.

BUG=chromium:357060
LOG=Y
R=alph@chromium.org, hpayer@chromium.org

Review URL: https://codereview.chromium.org/214683002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20304 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 14:19:51 +00:00