arv [Fri, 19 Jun 2015 18:58:05 +0000 (11:58 -0700)]
Test262 update 2015-06-11 (Take 3)
This reverts commit
72bb369d08e8d141f77c0c05f95cf8ed7ac5a9ec.
Always skip slow tests.
Also, some eval tests are failing in strict mode with nosnap
BUG=N
LOG=N
R=adamk@chromium.org, littledan@chromium.org, machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1190063002
Cr-Commit-Position: refs/heads/master@{#29164}
Djordje.Pesic [Fri, 19 Jun 2015 18:56:56 +0000 (11:56 -0700)]
MIPS: Added data tracing to simulator
Added memory and register data tracing to mips32 simulator
Review URL: https://codereview.chromium.org/
1195783002
Cr-Commit-Position: refs/heads/master@{#29163}
mstarzinger [Fri, 19 Jun 2015 18:55:47 +0000 (11:55 -0700)]
Remove deprecated SharedFunctionInfo::dont_cache predicate.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
1187563011
Cr-Commit-Position: refs/heads/master@{#29162}
binji [Fri, 19 Jun 2015 18:33:57 +0000 (11:33 -0700)]
Revert of Add d8 API for spawning function on a new thread (Second try) (patchset #3 id:60001 of https://codereview.chromium.org/
1195613003/)
Reason for revert:
Fails on V8 Linux - isolates (http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20isolates/builds/4128)
Original issue's description:
> Add d8 API for spawning function on a new thread (Second try)
>
> This API closely matches the Worker API. The differences:
>
> 1) The argument to the Worker constructor is a function to run, not a script.
> 2) Receiving a message from a worker is a synchronous API (as there is no event
> loop).
>
> The serialization done here is not robust as the real DOM implementation. For
> example, recursive data structures or otherwise duplicated objects are not
> allowed.
>
> BUG=chromium:497295
> R=jochen@chromium.org
> LOG=n
>
> Review URL: https://codereview.chromium.org/
1185643004
>
> Cr-Commit-Position: refs/heads/master@{#29126}
>
> Committed: https://crrev.com/
ec2eaf712ecee6b4891c0458f2397e04a1f9b339
> Cr-Commit-Position: refs/heads/master@{#29158}
TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:497295
Review URL: https://codereview.chromium.org/
1191373005
Cr-Commit-Position: refs/heads/master@{#29161}
arv [Fri, 19 Jun 2015 18:25:23 +0000 (11:25 -0700)]
Revert of Additional HandleScopes to limit Handle consumption. (patchset #4 id:50001 of https://codereview.chromium.org/
1185633002/)
Reason for revert:
Fails the following test
handle-count-ast
handle-count-runtime-...
on V8 Linux - nosnap - debug - 1
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug%20-%201/builds/851/steps/Check/logs/stdio
Original issue's description:
> Additional HandleScopes to limit Handle consumption.
>
> erikcorry@chromium.org suggested digging into v8 handle usage. Found potential scopes in ast.cc and runtime-literals.cc and added tests.
>
> The runtime-literals.cc change reduces peak handles in imaging-darkroom.js from 1,282,610 to 428,218. The ast.cc change reduces the peak handles in string-tagcloud.js from 80,738 to 8,176.
>
> No significant handle count issues found with major websites, but substantial savings on some benchmarks and demos:
>
> Kraken's imaging-darkroom.js down from 1,282,610 to 428,218 due to runtime-literals.cc scope.
> SunSpider's string-tagcloud.js down from 80,738 to 8.176 due to ast.cc
>
> http://www.flohofwoe.net/demos/dragons_asmjs.html (738,906 -> 478,296)
> http://www.flohofwoe.net/demos/instancing_asmjs.html (737,884 -> 477,274)
> https://dl.dropboxusercontent.com/u/
16662598/Ports/DOSBox-web/doom.html?engine=dosbox-growth.js (1,724,114 -> 1,087,408)
> https://kripken.github.io/ammo.js/examples/new/ammo.html (175,784 -> 142,058)
>
> BUG=
>
> Committed: https://crrev.com/
3a4c7538839186aa38910c66c986abb563f4ccd2
> Cr-Commit-Position: refs/heads/master@{#29155}
TBR=yangguo@chromium.org,erikcorry@chromium.org,oth@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/
1194873004
Cr-Commit-Position: refs/heads/master@{#29160}
binji [Fri, 19 Jun 2015 16:14:03 +0000 (09:14 -0700)]
Fix cluster-fuzz bug introduced in refs/heads/master@{#28796}
Don't DCHECK in the atomic runtime functions.
BUG=chromium:501809,chromium:497295
R=jarin@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1189223003
Cr-Commit-Position: refs/heads/master@{#29159}
binji [Fri, 19 Jun 2015 16:12:58 +0000 (09:12 -0700)]
Add d8 API for spawning function on a new thread (Second try)
This API closely matches the Worker API. The differences:
1) The argument to the Worker constructor is a function to run, not a script.
2) Receiving a message from a worker is a synchronous API (as there is no event
loop).
The serialization done here is not robust as the real DOM implementation. For
example, recursive data structures or otherwise duplicated objects are not
allowed.
BUG=chromium:497295
R=jochen@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1185643004
Cr-Commit-Position: refs/heads/master@{#29126}
Review URL: https://codereview.chromium.org/
1195613003
Cr-Commit-Position: refs/heads/master@{#29158}
dusan.milosavljevic [Fri, 19 Jun 2015 16:11:42 +0000 (09:11 -0700)]
MIPS64: Fix random failures of fannkuch.js.
TEST=mjsunit/asm/embenchen/fannkuch,
mjsunit/math-abs
BUG=
Review URL: https://codereview.chromium.org/
1192413002
Cr-Commit-Position: refs/heads/master@{#29157}
balazs.kilvady [Fri, 19 Jun 2015 16:10:32 +0000 (09:10 -0700)]
MIPS64: Fix 'Revert of Revert of [strong] Implement strong mode restrictions on property access'.
Port
41405c0470d5b30ec5d22665ed9430c46b33624f
TEST=mjsunit/strong/load-property-mutate-backing-store, mjsunit/call-stub
BUG=
Review URL: https://codereview.chromium.org/
1191333003
Cr-Commit-Position: refs/heads/master@{#29156}
oth [Fri, 19 Jun 2015 16:04:13 +0000 (09:04 -0700)]
Additional HandleScopes to limit Handle consumption.
erikcorry@chromium.org suggested digging into v8 handle usage. Found potential scopes in ast.cc and runtime-literals.cc and added tests.
The runtime-literals.cc change reduces peak handles in imaging-darkroom.js from 1,282,610 to 428,218. The ast.cc change reduces the peak handles in string-tagcloud.js from 80,738 to 8,176.
No significant handle count issues found with major websites, but substantial savings on some benchmarks and demos:
Kraken's imaging-darkroom.js down from 1,282,610 to 428,218 due to runtime-literals.cc scope.
SunSpider's string-tagcloud.js down from 80,738 to 8.176 due to ast.cc
http://www.flohofwoe.net/demos/dragons_asmjs.html (738,906 -> 478,296)
http://www.flohofwoe.net/demos/instancing_asmjs.html (737,884 -> 477,274)
https://dl.dropboxusercontent.com/u/
16662598/Ports/DOSBox-web/doom.html?engine=dosbox-growth.js (1,724,114 -> 1,087,408)
https://kripken.github.io/ammo.js/examples/new/ammo.html (175,784 -> 142,058)
BUG=
Review URL: https://codereview.chromium.org/
1185633002
Cr-Commit-Position: refs/heads/master@{#29155}
verwaest [Fri, 19 Jun 2015 15:27:40 +0000 (08:27 -0700)]
Add fast path for setting array.length
BUG=
Review URL: https://codereview.chromium.org/
1195823002
Cr-Commit-Position: refs/heads/master@{#29154}
wingo [Fri, 19 Jun 2015 15:10:01 +0000 (08:10 -0700)]
Better error reporting for "return();"
R=rossberg@chromium.org
BUG=v8:4194
LOG=N
Review URL: https://codereview.chromium.org/
1191303002
Cr-Commit-Position: refs/heads/master@{#29153}
verwaest [Fri, 19 Jun 2015 14:56:57 +0000 (07:56 -0700)]
More cleanup related to setting array.length
BUG=
Review URL: https://codereview.chromium.org/
1191313003
Cr-Commit-Position: refs/heads/master@{#29152}
yangguo [Fri, 19 Jun 2015 14:40:22 +0000 (07:40 -0700)]
Keep a canonical list of shared function infos.
Each Script object now keeps a WeakFixedArray of SharedFunctionInfo
objects created from this script.
This way, when compiling a function, we do not create duplicate shared
function info objects when recompiling with either compiler.
This fixes a class of issues in the debugger, where we set break points
on one shared function info, but functions from duplicate shared function
infos are not affected.
LOG=N
BUG=v8:4132
Review URL: https://codereview.chromium.org/
1183733006
Cr-Commit-Position: refs/heads/master@{#29151}
caitpotter88 [Fri, 19 Jun 2015 14:39:05 +0000 (07:39 -0700)]
[es6] ship Object.assign
BUG=v8:4007
LOG=N
R=rossberg@chromium.org, arv@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Committed: https://crrev.com/
12e194860a56d47a10d89ae34761a4af6b6166bb
Cr-Commit-Position: refs/heads/master@{#29118}
Review URL: https://codereview.chromium.org/
1191003003
Cr-Commit-Position: refs/heads/master@{#29150}
bmeurer [Fri, 19 Jun 2015 14:02:28 +0000 (07:02 -0700)]
[turbofan] Preserve Bounds when cloning nodes in the scheduler.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1196613003
Cr-Commit-Position: refs/heads/master@{#29149}
conradw [Fri, 19 Jun 2015 13:37:44 +0000 (06:37 -0700)]
Fix overlapping KeyedLoadIC bitfield.
BUG=
LOG=N
Review URL: https://codereview.chromium.org/
1192383003
Cr-Commit-Position: refs/heads/master@{#29148}
bmeurer [Fri, 19 Jun 2015 12:48:58 +0000 (05:48 -0700)]
[ubsan] Fix HeapObjectMatcher to avoid invalid casts.
BUG=v8:3809
LOG=n
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
1196623002
Cr-Commit-Position: refs/heads/master@{#29147}
bmeurer [Fri, 19 Jun 2015 12:07:17 +0000 (05:07 -0700)]
[turbofan] Proper dead code elimination as regular reducer.
The three different concerns that the ControlReducer used to deal with
are now properly separated into
a.) DeadCodeElimination, which is a regular AdvancedReducer, that
propagates Dead via control edges,
b.) CommonOperatorReducer, which does strength reduction on common
operators (i.e. Branch, Phi, and friends), and
c.) GraphTrimming, which removes dead->live edges from the graph.
This will make it possible to run the DeadCodeElimination together with
other passes that actually introduce Dead nodes, i.e. typed lowering;
and it opens the door for general inlining without two stage fix point
iteration.
To make the DeadCodeElimination easier and more uniform, we basically
reverted the introduction of DeadValue and DeadEffect, and changed the
Dead operator to produce control, value and effect. Note however that
this is not a requirement, but merely a way to make dead propagation
easier and more uniform. We could always go back and decide to have
different Dead operators if some other change requires that.
Note that there are several additional opportunities for cleanup now,
i.e. OSR deconstruction could be a regular reducer now, and we don't
need to use TheHole as dead value marker in the GraphReducer. And we can
actually run the dead code elimination together with the other passes
instead of using separate passes over the graph. We will do this in
follow up CLs.
R=jarin@chromium.org, mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1193833002
Cr-Commit-Position: refs/heads/master@{#29146}
mstarzinger [Fri, 19 Jun 2015 11:40:54 +0000 (04:40 -0700)]
[turbofan] Disable failing DeoptExceptionHandlerFinally test.
R=jarin@chromium.org
TEST=cctest/test-run-deopt/DeoptExceptionHandlerFinally
BUG=v8:4195
LOG=N
Review URL: https://codereview.chromium.org/
1189373003
Cr-Commit-Position: refs/heads/master@{#29145}
verwaest [Fri, 19 Jun 2015 11:21:26 +0000 (04:21 -0700)]
Split setting array length from handling new Array(non-number)
BUG=
Review URL: https://codereview.chromium.org/
1193673002
Cr-Commit-Position: refs/heads/master@{#29144}
Ilija.Pavlovic [Fri, 19 Jun 2015 11:05:59 +0000 (04:05 -0700)]
MIPS: Implemented PC-relative instructions for R6.
Added: JIC, BEQZC, JIALC, LDPC, LWPC, ALUIPC, ADDIUPC, ALIGN/DAILGN, LWUPC,
AUIPC, BC, BALC. Additional fixed compact branch offset.
TEST=test-assembler-mips[64]/r6_align, r6_dalign, r6_aluipc, r6_lwpc, r6_jic,
r6_beqzc, r6_jialc, r6_addiupc, r6_ldpc, r6_lwupc,
r6_auipc, r6_bc, r6_balc
BUG=
Review URL: https://codereview.chromium.org/
1195793002
Cr-Commit-Position: refs/heads/master@{#29143}
verwaest [Fri, 19 Jun 2015 10:41:52 +0000 (03:41 -0700)]
Don't roundtrip to JS to update the length. This is 1) faster (although we don't care) and 2) avoids stackchecks that otherwise make the .Assert fail on stack overflow.
BUG=chromium:502147
LOG=n
Review URL: https://codereview.chromium.org/
1189423002
Cr-Commit-Position: refs/heads/master@{#29142}
rmcilroy [Fri, 19 Jun 2015 10:40:41 +0000 (03:40 -0700)]
[tools] Add gc-nvp-to-csv.py script.
Adds a script for converting gc nvp output into csv files. Factors out common
code in gc-nvp-trace-processor.py to gc_nvp_common.py to be shared by both
scripts. Fixes a couple of issues in nvp parsing code.
Review URL: https://codereview.chromium.org/
1175113008
Cr-Commit-Position: refs/heads/master@{#29141}
hablich [Fri, 19 Jun 2015 09:32:37 +0000 (02:32 -0700)]
Revert of [release-tools] Fix possible race condition in retrieval of latest rolled version (patchset #2 id:20001 of https://codereview.chromium.org/
1186393007/)
Reason for revert:
Build slave fetches git repo from cache not from real repo.
Original issue's description:
> [release-tools] Fix possible race condition in retrieval of latest rolled version
>
> R=machenbach@chromium.org
> BUG=
> NOTRY=true
>
> Committed: https://crrev.com/
5d2a85b2450f9f88a94949052c5b055c1304b9b8
> Cr-Commit-Position: refs/heads/master@{#29137}
TBR=machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/
1195693003
Cr-Commit-Position: refs/heads/master@{#29140}
verwaest [Fri, 19 Jun 2015 09:25:16 +0000 (02:25 -0700)]
Remove handles from ElementsAccessor::Set and friends
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1196543003
Cr-Commit-Position: refs/heads/master@{#29139}
machenbach [Fri, 19 Jun 2015 09:17:37 +0000 (02:17 -0700)]
[android] Bump up toolchain version.
BUG=chromium:502176
LOG=n
Review URL: https://codereview.chromium.org/
1193843002
Cr-Commit-Position: refs/heads/master@{#29138}
hablich [Fri, 19 Jun 2015 09:11:49 +0000 (02:11 -0700)]
[release-tools] Fix possible race condition in retrieval of latest rolled version
R=machenbach@chromium.org
BUG=
NOTRY=true
Review URL: https://codereview.chromium.org/
1186393007
Cr-Commit-Position: refs/heads/master@{#29137}
yangguo [Fri, 19 Jun 2015 09:07:23 +0000 (02:07 -0700)]
Serializer: do not miss outdated contexts if they are serialized deferred.
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/
1189183002
Cr-Commit-Position: refs/heads/master@{#29136}
yangguo [Fri, 19 Jun 2015 08:31:22 +0000 (01:31 -0700)]
Protect error message formatter against invalid string length.
R=mstarzinger@chromium.org
BUG=chromium:500980
LOG=N
Review URL: https://codereview.chromium.org/
1191263002
Cr-Commit-Position: refs/heads/master@{#29135}
yangguo [Fri, 19 Jun 2015 08:07:01 +0000 (01:07 -0700)]
Serialzier: expand string table as last step before deserializing.
Not doing so could result in this scenario:
- We ensure that the string table is large enough. It is.
- We compile code stubs, which triggers a GC.
- The GC clears string table entries.
- This increases the number of deleted entries in the table.
- When the deserializer hooks up internalized strings into the
table, we ensure that the table is large enough every time.
- Due to changed number of deleted entries, the heuristic
decides to expand the string table.
- Allocation during deserialization causes assertion to fail.
BUG=chromium:502085
LOG=N
Review URL: https://codereview.chromium.org/
1197633002
Cr-Commit-Position: refs/heads/master@{#29134}
chunyang.dai [Fri, 19 Jun 2015 07:20:28 +0000 (00:20 -0700)]
X87: Revert of Revert of [strong] Implement strong mode restrictions on property access.
port
41405c0470d5b30ec5d22665ed9430c46b33624f (r29122).
fix spelling error in r29122.
BUG=
Review URL: https://codereview.chromium.org/
1197593002
Cr-Commit-Position: refs/heads/master@{#29133}
ulan [Fri, 19 Jun 2015 04:54:43 +0000 (21:54 -0700)]
ARM: make predictable code size scope more precise in DoDeferredInstanceOfKnownGlobal.
We block constant pool up to the call stub instruction, but the check for code size
includes the next instruction after the call instruction. That instruction can
emit constant pool.
BUG=chromium:500831
LOG=NO
TEST=mjsunit/regress/regress-500831
Review URL: https://codereview.chromium.org/
1189123003
Cr-Commit-Position: refs/heads/master@{#29132}
v8-autoroll [Fri, 19 Jun 2015 03:27:35 +0000 (20:27 -0700)]
Update V8 DEPS.
Rolling v8/build/gyp to
5122240c5e5c4d8da12c543d82b03d6089eb77c5
Rolling v8/third_party/icu to
00af1a4e512477e48ba3d5efc97adbc95462685e
Rolling v8/tools/clang to
d2b4eddd701ff0265124147bcb0a65f32273f06b
TBR=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1192743002
Cr-Commit-Position: refs/heads/master@{#29131}
binji [Thu, 18 Jun 2015 20:50:22 +0000 (13:50 -0700)]
Revert of Add d8 API for spawning function on a new thread. (patchset #6 id:100001 of https://codereview.chromium.org/
1185643004/)
Reason for revert:
Fails on V8 Win32 - nosnap - shared (http://build.chromium.org/p/client.v8/builders/V8%20Win32%20-%20nosnap%20-%20shared/builds/7427)
Fails on V8 Arm - debug builder (http://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug%20builder/builds/4361)
Fails on V8 Linux - shared (http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20shared/builds/4430)
Original issue's description:
> Add d8 API for spawning function on a new thread.
>
> This API closely matches the Worker API. The differences:
>
> 1) The argument to the Worker constructor is a function to run, not a script.
> 2) Receiving a message from a worker is a synchronous API (as there is no event
> loop).
>
> The serialization done here is not robust as the real DOM implementation. For
> example, recursive data structures or otherwise duplicated objects are not
> allowed.
>
> BUG=none
> R=jochen@chromium.org
> LOG=n
>
> Committed: https://crrev.com/
3d98b956b56fa283b40913788ff760022d478812
> Cr-Commit-Position: refs/heads/master@{#29126}
TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=none
Review URL: https://codereview.chromium.org/
1192193002
Cr-Commit-Position: refs/heads/master@{#29130}
verwaest [Thu, 18 Jun 2015 19:49:31 +0000 (12:49 -0700)]
Cleanup typed array setters, the property is guaranteed to be there.
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1180753005
Cr-Commit-Position: refs/heads/master@{#29129}
balazs.kilvady [Thu, 18 Jun 2015 19:48:23 +0000 (12:48 -0700)]
MIPS: Fix unaligned double access in cctest/test-simplified-lowering/RunAccessTests_float64.
TEST=cctest/test-simplified-lowering/RunAccessTests_float64
BUG=
Review URL: https://codereview.chromium.org/
1182713004
Cr-Commit-Position: refs/heads/master@{#29128}
caitpotter88 [Thu, 18 Jun 2015 19:47:16 +0000 (12:47 -0700)]
[es6] fix IsConcatSpreadable() algorithm in runtime-array.cc
The ordering of the "IsArray()" check for IsConcatSpreadable() was incorrect previously --- IsArray() is only used if Get(O, @@isConcatSpreadable) is undefined. Without this fix, it's not possible for Array subclasses to opt out of spreading
22.1.3.1.1 http://www.ecma-international.org/ecma-262/6.0/#sec-isconcatspreadable
BUG=v8:3764
LOG=N
R=arv@chromium.org, dslomov@chromium.org, rossberg@chromium.org
Review URL: https://codereview.chromium.org/
1192153002
Cr-Commit-Position: refs/heads/master@{#29127}
binji [Thu, 18 Jun 2015 19:46:05 +0000 (12:46 -0700)]
Add d8 API for spawning function on a new thread.
This API closely matches the Worker API. The differences:
1) The argument to the Worker constructor is a function to run, not a script.
2) Receiving a message from a worker is a synchronous API (as there is no event
loop).
The serialization done here is not robust as the real DOM implementation. For
example, recursive data structures or otherwise duplicated objects are not
allowed.
BUG=none
R=jochen@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
1185643004
Cr-Commit-Position: refs/heads/master@{#29126}
machenbach [Thu, 18 Jun 2015 19:39:41 +0000 (12:39 -0700)]
Revert of Ship arrow functions (patchset #1 id:1 of https://codereview.chromium.org/
1187173004/)
Reason for revert:
[Sheriff] Breaks layout tests. Please submit a needsmanualrebaseline change on the blink side for the expectations if intended.
E.g.
http://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/545
Original issue's description:
> Ship arrow functions
>
> R=rossberg@chromium.org
> LOG=Y
> BUG=v8:2700
>
> Committed: https://crrev.com/
541b6c39e0ecae1c070f51fae8e9e3dab18d278c
> Cr-Commit-Position: refs/heads/master@{#29119}
TBR=rossberg@chromium.org,wingo@igalia.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:2700
Review URL: https://codereview.chromium.org/
1182053013
Cr-Commit-Position: refs/heads/master@{#29125}
caitpotter88 [Thu, 18 Jun 2015 19:15:20 +0000 (12:15 -0700)]
Revert of [es6] ship Object.assign (patchset #2 id:20001 of https://codereview.chromium.org/
1191003003/)
Reason for revert:
Seems to break asan somehow
Original issue's description:
> [es6] ship Object.assign
>
> BUG=v8:4007
> LOG=N
> R=rossberg@chromium.org, arv@chromium.org
> CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
>
> Committed: https://crrev.com/
12e194860a56d47a10d89ae34761a4af6b6166bb
> Cr-Commit-Position: refs/heads/master@{#29118}
TBR=arv@chromium.org,dslomov@chromium.org,rossberg@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4007
Review URL: https://codereview.chromium.org/
1191593005
Cr-Commit-Position: refs/heads/master@{#29124}
hpayer [Thu, 18 Jun 2015 18:04:46 +0000 (11:04 -0700)]
Revert of Re-land new insertion write barrier. (patchset #3 id:40001 of https://codereview.chromium.org/
1153233003/)
Reason for revert:
Deoptimizer crashes.
Original issue's description:
> Re-land new insertion write barrier.
>
> BUG=
>
> Committed: https://crrev.com/
72f850458cb530d871cf3fb6442660555dc51bc2
> Cr-Commit-Position: refs/heads/master@{#29052}
TBR=ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/
1176243015
Cr-Commit-Position: refs/heads/master@{#29123}
conradw [Thu, 18 Jun 2015 17:16:45 +0000 (10:16 -0700)]
Revert of Revert of [strong] Implement strong mode restrictions on property access (patchset #1 id:1 of https://codereview.chromium.org/
1189153002/)
Reason for revert:
Issue was ultimately caused/fixed by https://codereview.chromium.org/
1194673002/
Original issue's description:
> Revert of [strong] Implement strong mode restrictions on property access (patchset #23 id:460001 of https://codereview.chromium.org/
1168093002/)
>
> Reason for revert:
> Speculative revert, maybe breaks GC-stress
>
> http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/808
>
> Original issue's description:
> > [strong] Implement strong mode restrictions on property access
> >
> > Implements the strong mode proposal's restrictions on property access.
> >
> > To be fully explored in a followup: proxies, interceptors, access checks, load from super
> >
> > BUG=v8:3956
> > LOG=N
> >
> > Committed: https://crrev.com/
85dbfb9a389e7b21bd2a63862202ee97fc5d7982
> > Cr-Commit-Position: refs/heads/master@{#29109}
>
> TBR=rossberg@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org,verwaest@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:3956
>
> Committed: https://crrev.com/
407657b706711fd5f8d417841e24b284886f3776
> Cr-Commit-Position: refs/heads/master@{#29115}
TBR=rossberg@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org,verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/
1185343005
Cr-Commit-Position: refs/heads/master@{#29122}
ulan [Thu, 18 Jun 2015 15:51:53 +0000 (08:51 -0700)]
Revert of Replace ad-hoc weakness in transition array with WeakCell. (patchset #5 id:80001 of https://codereview.chromium.org/
1157943003/)
Reason for revert:
Breaks descriptor array clearing.
Original issue's description:
> Replace ad-hoc weakness in transition array with WeakCell.
>
> BUG=
>
> Committed: https://crrev.com/
885455e99de817f86a0b5df2dc0d932cfc179749
> Cr-Commit-Position: refs/heads/master@{#29083}
TBR=jkummerow@chromium.org,hpayer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/
1194673002
Cr-Commit-Position: refs/heads/master@{#29121}
ulan [Thu, 18 Jun 2015 15:45:17 +0000 (08:45 -0700)]
ARM64: remove stack pushes without frame in RegExpExecStub.
RegExpExecStub pushes callee-saved registers without setting up a frame. This confuses the stack iterator.
Other architectures do not save these registers.
BUG=chromium:487981
LOG=NO
TEST=mjsunit/regress/regress-487981
Review URL: https://codereview.chromium.org/
1183593005
Cr-Commit-Position: refs/heads/master@{#29120}
wingo [Thu, 18 Jun 2015 15:13:42 +0000 (08:13 -0700)]
Ship arrow functions
R=rossberg@chromium.org
LOG=Y
BUG=v8:2700
Review URL: https://codereview.chromium.org/
1187173004
Cr-Commit-Position: refs/heads/master@{#29119}
caitpotter88 [Thu, 18 Jun 2015 14:56:07 +0000 (07:56 -0700)]
[es6] ship Object.assign
BUG=v8:4007
LOG=N
R=rossberg@chromium.org, arv@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/
1191003003
Cr-Commit-Position: refs/heads/master@{#29118}
bmeurer [Thu, 18 Jun 2015 14:51:36 +0000 (07:51 -0700)]
[turbofan] Deslowify the GraphTrimmer in debug mode.
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1189943005
Cr-Commit-Position: refs/heads/master@{#29117}
verwaest [Thu, 18 Jun 2015 14:39:02 +0000 (07:39 -0700)]
Cleanup INTEGER_INDEXED_EXOTIC handling a bit
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1191813003
Cr-Commit-Position: refs/heads/master@{#29116}
conradw [Thu, 18 Jun 2015 13:40:06 +0000 (06:40 -0700)]
Revert of [strong] Implement strong mode restrictions on property access (patchset #23 id:460001 of https://codereview.chromium.org/
1168093002/)
Reason for revert:
Speculative revert, maybe breaks GC-stress
http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/808
Original issue's description:
> [strong] Implement strong mode restrictions on property access
>
> Implements the strong mode proposal's restrictions on property access.
>
> To be fully explored in a followup: proxies, interceptors, access checks, load from super
>
> BUG=v8:3956
> LOG=N
>
> Committed: https://crrev.com/
85dbfb9a389e7b21bd2a63862202ee97fc5d7982
> Cr-Commit-Position: refs/heads/master@{#29109}
TBR=rossberg@chromium.org,mvstanton@chromium.org,mstarzinger@chromium.org,verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3956
Review URL: https://codereview.chromium.org/
1189153002
Cr-Commit-Position: refs/heads/master@{#29115}
verwaest [Thu, 18 Jun 2015 12:56:48 +0000 (05:56 -0700)]
Minor cleanup in element handling
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1190143002
Cr-Commit-Position: refs/heads/master@{#29114}
verwaest [Thu, 18 Jun 2015 12:51:49 +0000 (05:51 -0700)]
Return void from array setters since the return value needs to be ignored
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1188073003
Cr-Commit-Position: refs/heads/master@{#29113}
machenbach [Thu, 18 Jun 2015 12:43:34 +0000 (05:43 -0700)]
[test] Extend clusterfuzz check with more jobs.
BUG=chromium:493043
LOG=n
NOTRY=true
Review URL: https://codereview.chromium.org/
1196453002
Cr-Commit-Position: refs/heads/master@{#29112}
verwaest [Thu, 18 Jun 2015 12:20:54 +0000 (05:20 -0700)]
More cleanly separate adding from setting elements
This is a first step towards disentangling the backend code. In the future we should just use ElementsAccessors.
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1177043012
Cr-Commit-Position: refs/heads/master@{#29111}
jochen [Thu, 18 Jun 2015 11:56:50 +0000 (04:56 -0700)]
Extend find-anywhere so it also works while debugging a live process
R=yangguo@chromium.org
BUG=none
LOG=n
Review URL: https://codereview.chromium.org/
1179413006
Cr-Commit-Position: refs/heads/master@{#29110}
conradw [Thu, 18 Jun 2015 11:55:38 +0000 (04:55 -0700)]
[strong] Implement strong mode restrictions on property access
Implements the strong mode proposal's restrictions on property access.
To be fully explored in a followup: proxies, interceptors, access checks, load from super
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/
1168093002
Cr-Commit-Position: refs/heads/master@{#29109}
conradw [Thu, 18 Jun 2015 11:54:03 +0000 (04:54 -0700)]
[es6] Fix completion values of for loops with lexical variables
Currently, the desugaring of for loops of the form for
(let/const ...; bla; bla) causes them to always have a
completion value of 1, regardless of whether the loop body
is executed or not. This CL fixes this, realigning
initializer blocks as a more general purpose way to avoid
the completion value rewriter (since that's all they really
do anyway).
BUG=
Review URL: https://codereview.chromium.org/
1177053006
Cr-Commit-Position: refs/heads/master@{#29108}
machenbach [Thu, 18 Jun 2015 10:42:58 +0000 (03:42 -0700)]
Reland [turbofan] Disable select matching due to bug manifesting on arm. (patchset #2 id:40001 of https://codereview.chromium.org/
1176403005/)
Reason for revert:
This causes timeouts in Massive on chromebooks.
Original issue's description:
> Revert of [turbofan] Disable select matching due to bug manifesting on arm. (patchset #1 id:1 of https://codereview.chromium.org/
1077613002/)
>
> Reason for revert:
> [Sheriff] Checking if this still fails and if yes persists info about failures.
>
> Original issue's description:
> > [turbofan] Disable select matching due to bug manifesting on arm.
> >
> > R=machenbach@chromium.org
> > BUG=
> >
> > Committed: https://crrev.com/
6e5d805718195c4b5ac64cd540379cecf10b8f5c
> > Cr-Commit-Position: refs/heads/master@{#27702}
>
> TBR=bmeurer@chromium.org
>
> Committed: https://crrev.com/
7c36a7d91d8706b29df07013085fbe3c8e93b0ed
> Cr-Commit-Position: refs/heads/master@{#29103}
TBR=titzer@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/
1195563003
Cr-Commit-Position: refs/heads/master@{#29107}
ulan [Thu, 18 Jun 2015 10:00:12 +0000 (03:00 -0700)]
Dampen the old generation allocation limit only after the initial old generation size was configured.
Otherwise, dampening interferes with initial size configuration and causes GC too early.
BUG=501703
LOG=NO
Review URL: https://codereview.chromium.org/
1183633005
Cr-Commit-Position: refs/heads/master@{#29106}
bmeurer [Thu, 18 Jun 2015 09:15:32 +0000 (02:15 -0700)]
[turbofan] Improve interplay of ControlReducer and CommonOperatorReducer.
This turns the CommonOperatorReducer into an AdvancedReducer and makes
it independent of JSGraph (which was used only because it was convienent),
and let's the CommonOperatorReducer run together with the ControlReducer.
The ControlReducer is still not able to run together with other reducers,
but we're getting closer. The plan is to split the ControlReducer into
two parts: The dead code elimination part and the common operator
reduction part. This separation will help to avoid tricky bugs in the
future and should make testing a *lot* easier.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1192063002
Cr-Commit-Position: refs/heads/master@{#29105}
mstarzinger [Thu, 18 Jun 2015 08:17:09 +0000 (01:17 -0700)]
[turbofan] Introduce DeadValue and DeadEffect operators.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1186033006
Cr-Commit-Position: refs/heads/master@{#29104}
machenbach [Thu, 18 Jun 2015 07:57:13 +0000 (00:57 -0700)]
Revert of [turbofan] Disable select matching due to bug manifesting on arm. (patchset #1 id:1 of https://codereview.chromium.org/
1077613002/)
Reason for revert:
[Sheriff] Checking if this still fails and if yes persists info about failures.
Original issue's description:
> [turbofan] Disable select matching due to bug manifesting on arm.
>
> R=machenbach@chromium.org
> BUG=
>
> Committed: https://crrev.com/
6e5d805718195c4b5ac64cd540379cecf10b8f5c
> Cr-Commit-Position: refs/heads/master@{#27702}
TBR=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1176403005
Cr-Commit-Position: refs/heads/master@{#29103}
bmeurer [Thu, 18 Jun 2015 07:13:35 +0000 (00:13 -0700)]
[turbofan] Remove another premature optimization from ControlReducer.
We never hit the phi case for DecideCondition in practice, since a more
general optimization is already performed by typing and constant
propagation.
R=jarin@chromium.org,mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1186973005
Cr-Commit-Position: refs/heads/master@{#29102}
machenbach [Thu, 18 Jun 2015 07:10:31 +0000 (00:10 -0700)]
[test] Unskip layout tests after fixing bot.
BUG=chromium:498689
LOG=n
NOTRY=true
TBR=sergiyb@chromium.org
Review URL: https://codereview.chromium.org/
1185623003
Cr-Commit-Position: refs/heads/master@{#29101}
balazs.kilvady [Thu, 18 Jun 2015 07:01:24 +0000 (00:01 -0700)]
MIPS: Fix unaligned memory access.
On MIPS32 we can't read a 8 bytes long data from a not 8 bytes aligned memory address.
BUG=
TEST=mjsunit/debug-backtrace
Review URL: https://codereview.chromium.org/
1193433002
Cr-Commit-Position: refs/heads/master@{#29100}
machenbach [Thu, 18 Jun 2015 06:24:30 +0000 (23:24 -0700)]
Revert of Update V8 DEPS. (patchset #1 id:1 of https://codereview.chromium.org/
1192033002/)
Reason for revert:
[Sheriff] gyp still contains an offending patch
Original issue's description:
> Update V8 DEPS.
>
> Rolling v8/build/gyp to
fdcd8bc10c935eff13b391644b01460593c46861
>
> Rolling v8/tools/clang to
d2b4eddd701ff0265124147bcb0a65f32273f06b
>
> TBR=machenbach@chromium.org
>
> Committed: https://crrev.com/
a940eb8a7cba6596ea25819c0112c3ca053074ed
> Cr-Commit-Position: refs/heads/master@{#29097}
TBR=v8-autoroll@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/
1185453011
Cr-Commit-Position: refs/heads/master@{#29099}
mstarzinger [Thu, 18 Jun 2015 04:52:36 +0000 (21:52 -0700)]
[turbofan] Add test to keep generic pipeline on life support.
R=bmeurer@chromium.org
TEST=cctest/test-pipeline
Review URL: https://codereview.chromium.org/
1193543002
Cr-Commit-Position: refs/heads/master@{#29098}
v8-autoroll [Thu, 18 Jun 2015 03:29:06 +0000 (20:29 -0700)]
Update V8 DEPS.
Rolling v8/build/gyp to
fdcd8bc10c935eff13b391644b01460593c46861
Rolling v8/tools/clang to
d2b4eddd701ff0265124147bcb0a65f32273f06b
TBR=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
1192033002
Cr-Commit-Position: refs/heads/master@{#29097}
sheyang [Wed, 17 Jun 2015 16:36:40 +0000 (09:36 -0700)]
Add signcla verifier for v8.
Currently this verifier will post an informative error if the author has not signed CLA, instead of rejecting the CL.
LOG=N
BUG=457428
Review URL: https://codereview.chromium.org/
1185193009
Cr-Commit-Position: refs/heads/master@{#29096}
verwaest [Wed, 17 Jun 2015 16:05:22 +0000 (09:05 -0700)]
Make sure to flatten names before lookup. Lookup using cons strings is really slow.
Restores SortNumbers perf degrade
BUG=chromium:495949, v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1177043009
Cr-Commit-Position: refs/heads/master@{#29095}
ulan [Wed, 17 Jun 2015 16:03:06 +0000 (09:03 -0700)]
Add option to compute average scavenge speed w.r.t survived objects.
Use it in detection of low young generation allocation rate.
BUG=501314
LOG=NO
TBR=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
1186903005
Cr-Commit-Position: refs/heads/master@{#29094}
yangguo [Wed, 17 Jun 2015 15:21:22 +0000 (08:21 -0700)]
--print-scopes should ignore native code, even ones parsed lazily.
R=adamk@chromium.org
Review URL: https://codereview.chromium.org/
1185313002
Cr-Commit-Position: refs/heads/master@{#29093}
mstarzinger [Wed, 17 Jun 2015 14:55:54 +0000 (07:55 -0700)]
Reenable some cctest tests that no longer fail.
R=jochen@chromium.org,jarin@chromium.org
TEST=cctest
Review URL: https://codereview.chromium.org/
1176423007
Cr-Commit-Position: refs/heads/master@{#29092}
jkummerow [Wed, 17 Jun 2015 14:24:29 +0000 (07:24 -0700)]
[test] Fix gc-stress failures of regress-crbug-500497.js
R=machenbach@chromium.org
NOTRY=y
Review URL: https://codereview.chromium.org/
1175123003
Cr-Commit-Position: refs/heads/master@{#29091}
verwaest [Wed, 17 Jun 2015 14:06:29 +0000 (07:06 -0700)]
Use output parameter to distinguish error from absent result
Otherwise we'd have to probe for pending exceptions.
I'll do the same to other interceptors in follow-up CLs
BUG=chromium:495949,v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1190023002
Cr-Commit-Position: refs/heads/master@{#29090}
bmeurer [Wed, 17 Jun 2015 12:50:33 +0000 (05:50 -0700)]
[turbofan] Remove another ineffective optimization from the ControlReducer.
The condition of a Branch or Select can never be a NumberConstant,
because the resulting graph would be invalid, so we don't need to
optimize this case. It can only ever be a tagged boolean or an untagged
bit.
Drive-by-fix: Test the interesting cases in the unit tests instead.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1195443004
Cr-Commit-Position: refs/heads/master@{#29089}
mstarzinger [Wed, 17 Jun 2015 12:34:40 +0000 (05:34 -0700)]
[turbofan] Remove obsolete 'incomplete' flag from GraphDecorator.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1187263003
Cr-Commit-Position: refs/heads/master@{#29088}
ulan [Wed, 17 Jun 2015 12:31:38 +0000 (05:31 -0700)]
Fix --trace-gc output after 084d1f.
BUG=
TBR=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
1188093003
Cr-Commit-Position: refs/heads/master@{#29087}
bmeurer [Wed, 17 Jun 2015 12:25:02 +0000 (05:25 -0700)]
[turbofan] Fix life time and use of the Typer.
Currently the Typer is installed on the Graph, no matter if we actually
use the types or not (read: even in the generic pipeline). Also the
Typer tries hard to eagerly type nodes during graph building, which
takes time, just to remove those types later again, and retype
everything from scratch. Plus this is inconsistent, since it only
applies to the outermost graph, not the inlined graphs (which are
eagerly typed once the nodes are copied). So in summary, what's
currently implemented is neither useful nor well defined, so for now we
stick to the full typing approach until a proper design for eager typing
is available that will actually benefit us.
R=rossberg@chromium.org,mstarzinger@chromium.org,jarin@chromium.org
Review URL: https://codereview.chromium.org/
1192553002
Cr-Commit-Position: refs/heads/master@{#29086}
machenbach [Wed, 17 Jun 2015 12:20:48 +0000 (05:20 -0700)]
Revert of Added constructor call on object in InstantiateObject method (patchset #5 id:80001 of https://codereview.chromium.org/
1137693003/)
Reason for revert:
[Sheriff] This breaks layout test expectations:
http://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2032/builds/437
See:
https://storage.googleapis.com/chromium-layout-test-archives/V8-Blink_Linux_32/437/layout-test-results/fast/dom/create-element-after-stack-overflow-pretty-diff.html
Please land a needsmanualrebaseline change on the blink-side before relanding this, if the change was intended.
Please include a blink trybot on relanding this.
Original issue's description:
> Added constructor call on object in InstantiateObject method
>
> I found after upgrading from 4.2.2 where apinatives.js still
> existed to 4.4.56 where everything had been converted to C++ in
> api-natives.cc, my constructors for ObjectTemplate instantiated objects
> were no longer being called. After investigation, I noticed in
> apinatives.js that a new call would handle that, but there was no
> corresponding constructor call in api-natives.cc (or anywhere else
> along the chain of InstantiateObject), so I added a call to
> Execution::Call to actually construct the object. Forgive me if that
> isn't the right place to add it (InitializeBody in objects-inl.h also
> looked like a good place), or if there's a reason constructors are
> not being called.
>
> I also added myself to the AUTHORS file in this CL.
>
> Committed: https://crrev.com/
e61a957b2a9726294cdd2802a6a2b6e3a9ef657d
> Cr-Commit-Position: refs/heads/master@{#29076}
TBR=verwaest@chromium.org,svenpanne@chromium.org,dtalley@gmail.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/
1188233002
Cr-Commit-Position: refs/heads/master@{#29085}
ulan [Wed, 17 Jun 2015 12:09:34 +0000 (05:09 -0700)]
Add V8 platform API to call delayed task.
Delayed tasks can be used to perform non-urgent clean up work.
BUG=chromium:490559
LOG=NO
Review URL: https://codereview.chromium.org/
1179153002
Cr-Commit-Position: refs/heads/master@{#29084}
ulan [Wed, 17 Jun 2015 12:07:41 +0000 (05:07 -0700)]
Replace ad-hoc weakness in transition array with WeakCell.
BUG=
Review URL: https://codereview.chromium.org/
1157943003
Cr-Commit-Position: refs/heads/master@{#29083}
jkummerow [Wed, 17 Jun 2015 11:58:17 +0000 (04:58 -0700)]
Clean up JSConstructStub
- fix truthfulness of comments
- use InitializeFieldsWithFiller more consistently
- use unsigned comparisons for pointers
No change in functionality intended.
Bonus: improve JavaScriptFrame::Print() for an enhanced debugging experience:
- print PC of each frame
- print the function's source also for optimized frames
Review URL: https://codereview.chromium.org/
1186823003
Cr-Commit-Position: refs/heads/master@{#29082}
mstarzinger [Wed, 17 Jun 2015 11:29:53 +0000 (04:29 -0700)]
[turbofan] Remove hack for dead nodes from JSGenericLowering.
Now that the graph is being trimmed after generic lowering, we can drop
this workaround. The diamond will no longer confuse the scheduler.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
1191913002
Cr-Commit-Position: refs/heads/master@{#29081}
verwaest [Wed, 17 Jun 2015 11:25:22 +0000 (04:25 -0700)]
Support CreateDataProperty on JSObject in the runtime
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/
1181013011
Cr-Commit-Position: refs/heads/master@{#29080}
jkummerow [Wed, 17 Jun 2015 11:24:15 +0000 (04:24 -0700)]
Hydrogen object literals: always initialize in-object properties
This fixes a bug where new-space GC could be triggered by non-folded allocations for some of the in-object properties, while the object was only partially initialized.
BUG=chromium:500497
LOG=y
R=ishell@chromium.org
Review URL: https://codereview.chromium.org/
1182113007
Cr-Commit-Position: refs/heads/master@{#29079}
dusan.milosavljevic [Wed, 17 Jun 2015 10:58:48 +0000 (03:58 -0700)]
Reland "MIPS64: Fix lithium arithmetic operations for integers to sign-extend result."
TEST==mjsunit/asm/double-lo
BUG=
Review URL: https://codereview.chromium.org/
1170923004
Cr-Commit-Position: refs/heads/master@{#29078}
bmeurer [Wed, 17 Jun 2015 10:56:27 +0000 (03:56 -0700)]
[turbofan] Move graph trimming functionality to dedicated GraphTrimmer.
Up until now that was still mixed with control reduction in the
ControlReducer. This separation allows us to remove the horrible
Reducer::Finish hack and also do graph trimming at more appropriate
places in the pipeline (i.e. trim dead nodes after generic lowering,
which can also make nodes dead).
R=jarin@chromium.org,mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
1188433010
Cr-Commit-Position: refs/heads/master@{#29077}
dtalley [Wed, 17 Jun 2015 10:24:05 +0000 (03:24 -0700)]
Added constructor call on object in InstantiateObject method
I found after upgrading from 4.2.2 where apinatives.js still
existed to 4.4.56 where everything had been converted to C++ in
api-natives.cc, my constructors for ObjectTemplate instantiated objects
were no longer being called. After investigation, I noticed in
apinatives.js that a new call would handle that, but there was no
corresponding constructor call in api-natives.cc (or anywhere else
along the chain of InstantiateObject), so I added a call to
Execution::Call to actually construct the object. Forgive me if that
isn't the right place to add it (InitializeBody in objects-inl.h also
looked like a good place), or if there's a reason constructors are
not being called.
I also added myself to the AUTHORS file in this CL.
Review URL: https://codereview.chromium.org/
1137693003
Cr-Commit-Position: refs/heads/master@{#29076}
verwaest [Wed, 17 Jun 2015 10:20:41 +0000 (03:20 -0700)]
Only walk the hidden prototype chain for private nonexistent symbols
BUG=chromium:479528
LOG=n
Review URL: https://codereview.chromium.org/
1185373004
Cr-Commit-Position: refs/heads/master@{#29075}
verwaest [Wed, 17 Jun 2015 10:13:48 +0000 (03:13 -0700)]
Rely on the map being a dictionary map rather than not having a backpointer
BUG=chromium:500173
LOG=n
Review URL: https://codereview.chromium.org/
1194513003
Cr-Commit-Position: refs/heads/master@{#29074}
Michael Achenbach [Wed, 17 Jun 2015 09:59:56 +0000 (11:59 +0200)]
Whitespace change to test infra.
Cr-Commit-Position: refs/heads/master@{#29073}
ulan [Wed, 17 Jun 2015 09:15:37 +0000 (02:15 -0700)]
Dampen old generation allocation limit after scavenge if allocation rate is low.
BUG=chromium:491907,chromium:499815
LOG=NO
Review URL: https://codereview.chromium.org/
1180203003
Cr-Commit-Position: refs/heads/master@{#29072}
svenpanne [Wed, 17 Jun 2015 09:06:44 +0000 (02:06 -0700)]
Replace OFFSET_OF with offsetof as far as possible.
The remaining uses need some non-mechanical work:
* non-standard-layout type, probably due to mixed access control
* extended field designators
Review URL: https://codereview.chromium.org/
1173343006
Cr-Commit-Position: refs/heads/master@{#29071}
machenbach [Wed, 17 Jun 2015 09:05:34 +0000 (02:05 -0700)]
Revert of Add %TypedArray% to proto chain (patchset #6 id:100001 of https://codereview.chromium.org/
1186733002/)
Reason for revert:
[Sheriff] Changes layout tests:
http://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2032/builds/429
See e.g.:
https://storage.googleapis.com/chromium-layout-test-archives/V8-Blink_Linux_32/429/layout-test-results/inspector/console/console-big-array-pretty-diff.html
Please upload a blink side needsmanualrebaseline change first for these tests if the change is intended. Please also add a blink trybot on a reland of this CL.
Original issue's description:
> Add %TypedArray% to proto chain
>
> According to the ES6 spec, the main methods and getters shouldn't
> be properties of the individual TypedArray objects and prototypes
> but instead on %TypedArray% and %TypedArray%.prototype. This
> difference is observable through introspection. This patch moves
> some methods and getters to the proper place, with the exception
> of %TypedArray%.prototype.subarray and harmony methods. These will
> be moved in follow-on patches.
>
> BUG=v8:4085
> LOG=Y
> R=adamk
>
> Committed: https://crrev.com/
a10590158260737b256fac3254b4939f48f90095
> Cr-Commit-Position: refs/heads/master@{#29057}
TBR=adamk@chromium.org,arv@chromium.org,littledan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4085
Review URL: https://codereview.chromium.org/
1192433003
Cr-Commit-Position: refs/heads/master@{#29070}
mstarzinger [Wed, 17 Jun 2015 07:43:36 +0000 (00:43 -0700)]
[turbofan] Fix overzealous reserving of lazy deopt space.
This fixes CodeGenerator::EnsureSpaceForLazyDeopt to no longer be
treated as a lazy deopt site in itself. Calls mark themselves as lazy
bailout sites in CodeGenerator::RecordCallPosition, which suffices.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/
1186353003
Cr-Commit-Position: refs/heads/master@{#29069}
erikcorry [Wed, 17 Jun 2015 07:22:56 +0000 (00:22 -0700)]
RegExp: Remove bogus assumptions about case independence and Latin1
Tests are already there in mjsuint/regress/regress-latin-1.js
R=yangguo@chromium.org
BUG=v8:3550
LOG=n
Review URL: https://codereview.chromium.org/
1188793004
Cr-Commit-Position: refs/heads/master@{#29068}
machenbach [Wed, 17 Jun 2015 06:52:55 +0000 (23:52 -0700)]
Revert of Update test262-es6 to 6/11 (patchset #2 id:40001 of https://codereview.chromium.org/
1175313003/)
Reason for revert:
[Sheriff] Please fix test expectations for nosnap before reland. There are 54 tests failing:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/3422
Original issue's description:
> Update test262-es6 to 6/11
>
> This reverts commit
67b169199e06a486e7b663c7758f81995ddc6593 and picks
> up the fixes to the yaml parser upstream.
>
> BUG=N
> LOG=N
> R=adamk@chromium.org, machenbach@chromium.org
>
> Committed: https://crrev.com/
bc847230610d0518a700a69546d23784e6ce3479
> Cr-Commit-Position: refs/heads/master@{#29056}
TBR=adamk@chromium.org,arv@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=N
Review URL: https://codereview.chromium.org/
1186093005
Cr-Commit-Position: refs/heads/master@{#29067}
machenbach [Wed, 17 Jun 2015 06:51:42 +0000 (23:51 -0700)]
Revert of Skip slow tests in non debug too (patchset #1 id:1 of https://codereview.chromium.org/
1184923003/)
Reason for revert:
[Sheriff] Needed for reverting:
https://codereview.chromium.org/
1175313003
Original issue's description:
> Skip slow tests in non debug too
>
> BUG=N
> LOG=N
> TBR=adamk
>
> Committed: https://crrev.com/
17b0f16c760e5b0d51ae87742a864de93b6f4c0b
> Cr-Commit-Position: refs/heads/master@{#29058}
TBR=adamk@chromium.org,arv@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=N
Review URL: https://codereview.chromium.org/
1177223004
Cr-Commit-Position: refs/heads/master@{#29066}
yangguo [Wed, 17 Jun 2015 06:45:25 +0000 (23:45 -0700)]
Revert of Serializer: clear string hash for code serializer. (patchset #1 id:1 of https://codereview.chromium.org/
1183483006/)
Reason for revert:
This led to the roll being stuck: https://codereview.chromium.org/
1189863003/
Original issue's description:
> Serializer: clear string hash for code serializer.
>
> R=jochen@chromium.org
> BUG=v8:4179
> LOG=N
>
> Committed: https://crrev.com/
a0342678e865337215f9195f983c6013b60e7641
> Cr-Commit-Position: refs/heads/master@{#29016}
TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4179
Review URL: https://codereview.chromium.org/
1186173004
Cr-Commit-Position: refs/heads/master@{#29065}
projects / platform / upstream / v8.git / log