Commit Graph

27547 Commits

Author SHA1 Message Date
bradnelson
153f2bd47c Remove wasm compile time option and enable wasm behind a runtime flag.
R=titzer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1516753007

Cr-Commit-Position: refs/heads/master@{#32955}
2015-12-17 16:04:57 +00:00
mtrofin
6e8065a506 [turbofan] More thorough validation of LiveRanges.
Added structural validation to live ranges, esp. for bugs that may
arise due to splintering / merging.

BUG=

Review URL: https://codereview.chromium.org/1533723002

Cr-Commit-Position: refs/heads/master@{#32954}
2015-12-17 15:29:37 +00:00
gib
8d00c2ca40 Stop profiler on isolate teardown if still running
If the profiler is started via the API and not stopped, V8 will
 intermittently crash during isolate teardown.

The fix is to run the DeleteAllProfiles function in Isolate::Deinit()
 if cpu_profiler_ still exists.

https://groups.google.com/forum/#!topic/v8-dev/WsIlpbaD4mo

TEST= Run in debug mode, if you start a profile and don't stop it,
 this assert should fail:

  Fatal error in ../src/profiler/cpu-profiler.cc, line 414
  Check failed: !is_profiling_.

Review URL: https://codereview.chromium.org/1526253005

Cr-Commit-Position: refs/heads/master@{#32953}
2015-12-17 15:09:14 +00:00
bradnelson
d9ffa30563 Fixing more wasm warnings.
R=ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1536663002

Cr-Commit-Position: refs/heads/master@{#32952}
2015-12-17 14:55:16 +00:00
bradnelson
7b775118b9 Turn on wasm flags all the time, add a reference from wasm functions to the module.
Add an internal field to each wasm function to keep a reference to the module. (So the GC can do the right thing when you only hold references to wasm functions but not the module).

Use Realloc carefully, to avoid copying from out of bounds.

Make snprintf use platform independent.

Don't disconnect external arraybuffers provided for the heap.

R=ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1531243003

Cr-Commit-Position: refs/heads/master@{#32951}
2015-12-17 14:52:46 +00:00
sigurds
a1e6bee6ec [turbofan ] Simplify reference equal if both inputs are constants
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1532063002

Cr-Commit-Position: refs/heads/master@{#32950}
2015-12-17 14:47:40 +00:00
verwaest
01b8e7c7f6 Throw TypeError when reading global references through a JSProxy
Allowing global references to be read through a proxy results in cross-origin information leaks. The ES6 spec currently does not mitigate this in any way. This CL adds a workaround that's easy for V8: throw whenever an unresolved reference would result in a proxy trap to be fired. I'm landing this so we can move forwards with staging proxies without putting users of --harmony at risk.

BUG=chromium:399951
LOG=n

Review URL: https://codereview.chromium.org/1529303003

Cr-Commit-Position: refs/heads/master@{#32949}
2015-12-17 14:37:41 +00:00
bradnelson
879b21a43a Have WasmModule free it's own memory.
Make WasmModule free it's own memory, avoid mixing stack and
heap allocations in tests. This fixes several memory leaks.

Fix several signed compare issues.
Fix several floating point warnings.

Don't setup heap as external, as then the GC can't collect it.

Disable some tests that fail under ASAN.

R=ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1538543002

Cr-Commit-Position: refs/heads/master@{#32948}
2015-12-17 13:27:34 +00:00
verwaest
d64dc800db Return CallSite numbers as Number rather than Smi
BUG=chromium:570651
LOG=n

Review URL: https://codereview.chromium.org/1532083002

Cr-Commit-Position: refs/heads/master@{#32947}
2015-12-17 13:17:42 +00:00
bradnelson
78030950fa Fix several wasm warnings an a use after free.
Fixing several signed/unsigned comparison warnings for wasm.
Fixing a use after free involving ostringsteam::str()

R=ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1533593004

Cr-Commit-Position: refs/heads/master@{#32946}
2015-12-17 12:35:03 +00:00
jkummerow
cfbd16172f [IC] Fix "compatible receiver" checks hidden behind interceptors
BUG=chromium:497632
LOG=y

Review URL: https://codereview.chromium.org/1531583005

Cr-Commit-Position: refs/heads/master@{#32945}
2015-12-17 12:29:11 +00:00
neis
641cdd3067 [proxies] Fix Object.prototype.hasOwnProperty
It must call the 'getOwnPropertyDescriptor' trap, not the 'has' trap.

R=cbruni@chromium.org, jkummerow@chromium.org
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1532723005

Cr-Commit-Position: refs/heads/master@{#32944}
2015-12-17 12:12:10 +00:00
rossberg
7cf5f8c526 [es6] Mark tail Call nodes
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1530403004

Cr-Commit-Position: refs/heads/master@{#32943}
2015-12-17 12:00:38 +00:00
sigurds
07cc8d598b [turbofan] Fix ASAN bug in escape analysis
BUG=566253
LOG=n

Review URL: https://codereview.chromium.org/1530143002

Cr-Commit-Position: refs/heads/master@{#32942}
2015-12-17 11:47:15 +00:00
mvstanton
2fb30320ee Turn off reflexive optimized code map flushing.
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1533813002

Cr-Commit-Position: refs/heads/master@{#32941}
2015-12-17 11:40:39 +00:00
bradnelson
eccce9b755 Fix memory leaks and compiler incompatibilities in wasm unittests.
Fixing several memory leaks in wasm unittests.
Avoiding std::vector::data() as it isn't supported on all
compilers on the bots.
Use EXCEPT_TRUE / EXPECT_FALSE to avoid warnings on some compilers when testing boolean equality.

R=ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1536603003

Cr-Commit-Position: refs/heads/master@{#32940}
2015-12-17 11:38:56 +00:00
mvstanton
412d4f1a8c Remove bogus "public:" in SharedFunctionInfo.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1516003002

Cr-Commit-Position: refs/heads/master@{#32939}
2015-12-17 11:30:56 +00:00
bradnelson
98d4fbfb2d Add --enable-wasm to wasm tests.
In preparation for switching wasm from a compile to
a runtime option, add the runtime flag to all mjsunit tests.

R=ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1537643002

Cr-Commit-Position: refs/heads/master@{#32938}
2015-12-17 10:54:55 +00:00
zhengxing.li
e1b84ed223 X87: [runtime] Drop FIRST/LAST_NONCALLABLE_SPEC_OBJECT instance type range.
port aafc3e5484 (r32926)

  original commit message:
  The FIRST-LAST_NONCALLABLE_SPEC_OBJECT_TYPE range was accidentially used
  in field type tracking, where we should check for JSReceiver instead
  (there's no need to exclude JSProxy or JSFunction from tracking).

  And the use in %_ClassOf was actually wrong and didn't match the C++
  implementation in JSReceiver::class_name() anymore. Now it's consistent
  again.

BUG=

Review URL: https://codereview.chromium.org/1537613002

Cr-Commit-Position: refs/heads/master@{#32937}
2015-12-17 10:33:52 +00:00
ahaas
0794c3c9b9 [turbofan] Fixed the second return value of TryTruncateFloatXXToUint64.
As required by the spec, the second return value now returns success
also for the range between 0 and -1 where the conversion results in 0.

R=bradnelson@chromium.org, mstarzinger@chromium.org, v8-arm-ports@googlegroups.com, v8-mips-ports@googlegroups.com

Review URL: https://codereview.chromium.org/1533503002

Cr-Commit-Position: refs/heads/master@{#32936}
2015-12-17 10:24:54 +00:00
neis
fe484ff648 Rename IS_SPEC_OBJECT macro to IS_RECEIVER.
And remove confusing comment.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1531843003

Cr-Commit-Position: refs/heads/master@{#32935}
2015-12-17 09:44:02 +00:00
neis
0d83aad557 [proxies] Correctly handle proxies in Function.prototype.bind
- Before getting the length property, we must check for it
  using [[GetOwnProperty]].  Also, if the obtained length
  is a number, we must properly convert it to an integer.

- In order to get the prototype we must use [[GetPrototypeOf]],
  and do so before checking the length.

R=cbruni@chromium.org, jkummerow@chromium.org
BUG=v8:1543
LOG=n

Review URL: https://codereview.chromium.org/1530893002

Cr-Commit-Position: refs/heads/master@{#32934}
2015-12-17 09:07:57 +00:00
paul.lind
a0c7e25f99 Update MIPS owners.
Add Ivica B.

NOTRY=true

Review URL: https://codereview.chromium.org/1525413003

Cr-Commit-Position: refs/heads/master@{#32933}
2015-12-17 09:07:00 +00:00
hablich
f54ee7bd14 Revert of [es6] ship regexp sticky flag.
Reason for revert:
This causes compatibility issues, as documented in https://bugs.chromium.org/p/v8/issues/detail?id=4617#c9

Original issue's description:
> [es6] ship regexp sticky flag.
>
> R=littledan@chromium.org
> BUG=v8:4342
> LOG=Y
>
> Committed: https://crrev.com/86c2dd4042dc9ce293e004234eb094f2b51d9640
> Cr-Commit-Position: refs/heads/master@{#32826}

TBR=yangguo@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4342
LOG=Y

Review URL: https://codereview.chromium.org/1531243002

Cr-Commit-Position: refs/heads/master@{#32932}
2015-12-17 09:02:49 +00:00
mtrofin
ea9ecff0e3 [turbofan] removed some dead code.
In a previous incarnation of live range merging, we needed to cache the
last child in a chain of live ranges. We don't anymore, so removing
unused code.

BUG=

Review URL: https://codereview.chromium.org/1536523003

Cr-Commit-Position: refs/heads/master@{#32931}
2015-12-17 08:49:13 +00:00
mtrofin
fe7001ab48 [turbofan] Print APIs for live ranges.
Decoupled the Print APIs from RegisterAllocationData, and placed them
on the various APIs. Way easier to use these at debug time even outside
the register allocation pipeline.

BUG=

Review URL: https://codereview.chromium.org/1528983005

Cr-Commit-Position: refs/heads/master@{#32930}
2015-12-17 08:42:17 +00:00
Benedikt Meurer
5bd4832492 [es6] Correct Function.prototype.apply, Reflect.construct and Reflect.apply.
Introduce a new Apply builtin that forms a correct and optimizable
foundation for the Function.prototype.apply, Reflect.construct and
Reflect.apply builtins (which properly does the PrepareForTailCall
as required by the ES2015 spec).

The new Apply builtin avoids going to the runtime if it is safe to
just access the backing store elements of the argArray, i.e. if you
pass a JSArray with no holes, or an unmapped, unmodified sloppy or
strict arguments object.

mips/mips64 ports by Balazs Kilvady <balazs.kilvady@imgtec.com>

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux64_tsan_rel
BUG=v8:4413, v8:4430
LOG=n
R=yangguo@chromium.org

Committed: e4d2538911

Review URL: https://codereview.chromium.org/1523753002 .

Cr-Commit-Position: refs/heads/master@{#32929}
2015-12-17 08:41:19 +00:00
Benedikt Meurer
567c24d947 Revert of [es6] Correct Function.prototype.apply, Reflect.construct and Reflect.apply. (patchset #5 id:80001 of https://codereview.chromium.org/1523753002/ )
Reason for revert:
Breaks TSAN somewhow: http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20TSAN/builds/7000

Original issue's description:
> [es6] Correct Function.prototype.apply, Reflect.construct and Reflect.apply.
>
> Introduce a new Apply builtin that forms a correct and optimizable
> foundation for the Function.prototype.apply, Reflect.construct and
> Reflect.apply builtins (which properly does the PrepareForTailCall
> as required by the ES2015 spec).
>
> The new Apply builtin avoids going to the runtime if it is safe to
> just access the backing store elements of the argArray, i.e. if you
> pass a JSArray with no holes, or an unmapped, unmodified sloppy or
> strict arguments object.
>
> mips/mips64 ports by Balazs Kilvady <balazs.kilvady@imgtec.com>
>
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
> BUG=v8:4413, v8:4430
> LOG=n
> R=yangguo@chromium.org
>
> Committed: e4d2538911

TBR=yangguo@chromium.org,paul.lind@imgtec.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4413, v8:4430

Review URL: https://codereview.chromium.org/1533803002 .

Cr-Commit-Position: refs/heads/master@{#32928}
2015-12-17 08:06:37 +00:00
Benedikt Meurer
e4d2538911 [es6] Correct Function.prototype.apply, Reflect.construct and Reflect.apply.
Introduce a new Apply builtin that forms a correct and optimizable
foundation for the Function.prototype.apply, Reflect.construct and
Reflect.apply builtins (which properly does the PrepareForTailCall
as required by the ES2015 spec).

The new Apply builtin avoids going to the runtime if it is safe to
just access the backing store elements of the argArray, i.e. if you
pass a JSArray with no holes, or an unmapped, unmodified sloppy or
strict arguments object.

mips/mips64 ports by Balazs Kilvady <balazs.kilvady@imgtec.com>

CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
BUG=v8:4413, v8:4430
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1523753002 .

Cr-Commit-Position: refs/heads/master@{#32927}
2015-12-17 07:47:40 +00:00
Benedikt Meurer
aafc3e5484 [runtime] Drop FIRST/LAST_NONCALLABLE_SPEC_OBJECT instance type range.
The FIRST-LAST_NONCALLABLE_SPEC_OBJECT_TYPE range was accidentially used
in field type tracking, where we should check for JSReceiver instead
(there's no need to exclude JSProxy or JSFunction from tracking).

And the use in %_ClassOf was actually wrong and didn't match the C++
implementation in JSReceiver::class_name() anymore. Now it's consistent
again.

R=yangguo@chromium.org
BUG=chromium:535408
LOG=n

Review URL: https://codereview.chromium.org/1535523003 .

Cr-Commit-Position: refs/heads/master@{#32926}
2015-12-17 06:20:01 +00:00
Benedikt Meurer
d0cfc9bfb8 [turbofan] Support inline receiver allocation for class constructors.
There's actually no need to restrict the inline allocation of
receivers for class constructors anymore; the relevant issues
were addressed in the compiler and runtime several weeks ago.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1532453004 .

Cr-Commit-Position: refs/heads/master@{#32925}
2015-12-17 05:46:37 +00:00
zhengxing.li
e0a3ff0f5c X87: [proxies] fix access issue when having proxies on the prototype-chain of global objects.
port 2c75e3d2ab (r32903)

  original commit message:
  We can no longer just walk the prototype chain without doing proper access-checks. When installing a proxy as the __proto__ of the global object we might accidentally end up invoking cross-realm code
  without access-checks (see proxies-cross-realm-ecxeption.js).

BUG=

Review URL: https://codereview.chromium.org/1534663002

Cr-Commit-Position: refs/heads/master@{#32924}
2015-12-17 04:48:27 +00:00
v8-autoroll
23384259d5 Update V8 DEPS.
Rolling v8/third_party/android_tools to f4c36ad89b2696b37d9cd7ca7d984b691888b188

Rolling v8/tools/clang to 67c5521f1878f7929f8f0afc74b31627b3bbffb3

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review URL: https://codereview.chromium.org/1530413002

Cr-Commit-Position: refs/heads/master@{#32923}
2015-12-17 04:47:26 +00:00
zhengxing.li
da4a7325c0 X87: [Interpreter] Save bytecode offset in interpreter stack frames.
port 025d476cf5 (r32906)

  original commit message:
  Adds a slot for the bytecode offset to interpreter stack frames and
  saves it on calls, and restores after calls.

  Also fixes RawMachineAssembler::Return() to call MergeControlToEnd.

BUG=

Review URL: https://codereview.chromium.org/1535613003

Cr-Commit-Position: refs/heads/master@{#32922}
2015-12-17 04:46:26 +00:00
balazs.kilvady
bc55af3c97 MIPS: Fix [proxies] fix access issue when having proxies on the prototype-chain of global objects.
Port 2c75e3d2ab

Original commit message:
We can no longer just walk the prototype chain without doing proper access-checks. When installing a proxy as the __proto__ of the global object we might accidentally end up invoking cross-realm code without access-checks (see proxies-cross-realm-ecxeption.js).

BUG=

Review URL: https://codereview.chromium.org/1526253006

Cr-Commit-Position: refs/heads/master@{#32921}
2015-12-16 20:49:07 +00:00
mbrandy
c36a1b978c PPC: [Interpreter] Save bytecode offset in interpreter stack frames.
Port 025d476cf5

Original commit message:
    Adds a slot for the bytecode offset to interpreter stack frames and
    saves it on calls, and restores after calls.

    Also fixes RawMachineAssembler::Return() to call MergeControlToEnd.

R=rmcilroy@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1531873002

Cr-Commit-Position: refs/heads/master@{#32920}
2015-12-16 20:45:01 +00:00
mbrandy
9418a710c1 PPC: [turbofan] Change TruncateFloat32ToUint64 to TryTruncateFloat32ToUint64.
Port 97161a29ed

Original commit message:
    TryTruncateFloat32ToUint64 converts a float32 to a uint64. Additionally it
    provides an optional second return value which indicates whether the conversion
    succeeded (i.e. float32 value was within uint64 range) or not.

    Additionally I fixed a bug on x64 and mips64 in the implementation of
    TryTruncateFloat64ToUint64. Cases where the input value was between -1 and 0
    were handled incorrectly.

R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1533613002

Cr-Commit-Position: refs/heads/master@{#32919}
2015-12-16 20:18:33 +00:00
mbrandy
fab09bbbc5 PPC: Reland "[turbofan] Instruction scheduler for Turbofan."
Port 89bb66de85

Original commit message:
    Original CL: https://codereview.chromium.org/1375253002/

    Implement machine instruction scheduling after instruction selection.

R=baptiste.afsa@arm.com, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1534433004

Cr-Commit-Position: refs/heads/master@{#32918}
2015-12-16 20:12:44 +00:00
mbrandy
9fc48575a3 PPC: Fix "[fullcodegen] Add support for %_GetSuperConstructor."
Use appropriate load instruction for 32-bit mode.

R=bmeurer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=v8:3330
LOG=n

Review URL: https://codereview.chromium.org/1532673002

Cr-Commit-Position: refs/heads/master@{#32917}
2015-12-16 20:11:49 +00:00
mbrandy
4903f82c6a PPC: [turbofan] Make MachineType a pair of enums.
Port bb2a830deb
Port 56673804e0

Original commit messages:
    MachineType is now a class with two enum fields:
    - MachineRepresentation
    - MachineSemantic

    Both enums are usable on their own, and this change switches some places
    from using MachineType to use just MachineRepresentation. Most notably:
    - register allocator now uses just the representation.
    - Phi and Select nodes only refer to representations.

   Store nodes use only MachineRepresentation, not MachineType.

R=jarin@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1523373003

Cr-Commit-Position: refs/heads/master@{#32916}
2015-12-16 20:03:39 +00:00
mbrandy
7c06eaf492 PPC: Fix "[proxies] fix access issue when having proxies on the prototype-chain of global objects."
Port 2c75e3d2ab

R=cbruni@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1530233003

Cr-Commit-Position: refs/heads/master@{#32915}
2015-12-16 19:57:14 +00:00
mbrandy
99b8e7c88d PPC: [turbofan] Change TruncateFloat32ToInt64 to TryTruncateFloat32ToInt64.
Port 28261daa47

Original commit message:
    This operator now provides a second output which indicates whether the
    conversion from float32 to int64 was successful or not. The second output
    returns 0 if the conversion fails, or something else if the conversion succeeds.

    The second output can be ignored, which means that the operator can be used the
    same as the original operator.

R=ahaas@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1530273002

Cr-Commit-Position: refs/heads/master@{#32914}
2015-12-16 19:56:00 +00:00
mythria
a4162898d8 [Interpreter] Add support for Load / Store to Lookup slots.
Adds support for loading and storing lookup variables.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1524803003

Cr-Commit-Position: refs/heads/master@{#32913}
2015-12-16 17:25:00 +00:00
oth
d0304f91ee [Interpreter] Add support for break statements in labelled blocks.
BUG=V8:4280
LOG=N

Review URL: https://codereview.chromium.org/1524893003

Cr-Commit-Position: refs/heads/master@{#32912}
2015-12-16 17:06:30 +00:00
oth
d3168202f5 [Interpreter] Local flow control in the bytecode graph builder.
This change adds support for local control flow when building graphs
from bytecode. The change ensures loop emitted from the bytecode
generator are in natural order so the only back branches are for loops.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1502243002

Cr-Commit-Position: refs/heads/master@{#32911}
2015-12-16 16:29:45 +00:00
mvstanton
6540e736f3 Bugfix: Make sure not to overwrite the empty optimized code map root.
BUG=chromium:568765
LOG=N
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1534453002

Cr-Commit-Position: refs/heads/master@{#32910}
2015-12-16 16:28:02 +00:00
akodat
aeb8073c4a Add Isolate::DiscardThreadSpecificMetadata method to embedder API.
If many threads use the same Isolate (or many Isolates) and then
terminate, their PerIsolateThreadData objects are never cleaned
up, resulting in a slow memory leak and, worse, the
PerIsolateThreadData chain getting larger and larger, adversely
affecting performance.

In this situation, embedders will now be encouraged to apply
DiscardThreadSpecificMetadata against any Isolate a thread is
done with, especially if the thread is about to terminate.

Note that it is harmless to run DiscardThreadSpecificMetadata
against an Isolate for which a thread has no thread data and
per-Isolate thread data can be reestablished if a thread starts
using an Isolate again after running DiscardThreadSpecificMetadata
against it.

It is, however, an embedder error to run
DiscardThreadSpecificMetadata against an Isolate in thread with a
Locker for the Isolate in the stack or against an Entered Isolate.

This change cannot cause any change in behavior in existing apps
as the only added coded can only be reached via the new
DiscardThreadSpecificMetadata method.

R=Jakob, jochen
BUG=

Review URL: https://codereview.chromium.org/1522703002

Cr-Commit-Position: refs/heads/master@{#32909}
2015-12-16 15:49:49 +00:00
ahaas
2358a5be4c [turbofan] Fixed a bug in TryTruncateFloatXXToInt64 with INT64_MIN.
On x64 and arm64 TryTruncateFloatXXToInt64 incorrectly failed when the
input was INT64_MIN.

R=bradnelson@chromium.org, mstarzinger@chromium.org, v8-arm-ports@googlegroups.com

Review URL: https://codereview.chromium.org/1526293002

Cr-Commit-Position: refs/heads/master@{#32908}
2015-12-16 15:34:34 +00:00
agrieve
ba1d9af8bf Map arm64 and mips64el -> x64 for mksnapshot
BUG=chromium:568883
LOG=n

Review URL: https://codereview.chromium.org/1517983002

Cr-Commit-Position: refs/heads/master@{#32907}
2015-12-16 15:17:37 +00:00
rmcilroy
025d476cf5 [Interpreter] Save bytecode offset in interpreter stack frames.
Adds a slot for the bytecode offset to interpreter stack frames and
saves it on calls, and restores after calls.

Also fixes RawMachineAssembler::Return() to call MergeControlToEnd.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1512543002

Cr-Commit-Position: refs/heads/master@{#32906}
2015-12-16 15:14:21 +00:00