verwaest@chromium.org [Mon, 25 Nov 2013 14:06:06 +0000 (14:06 +0000)]
Minor cleanup in calling interceptors for loading properties.
R=mvstanton@chromium.org
Review URL: https://chromiumcodereview.appspot.com/
82743003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18054
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mvstanton@chromium.org [Mon, 25 Nov 2013 13:27:36 +0000 (13:27 +0000)]
Fix failing test test-api/CheckCOWArraysCreatedRuntimeCounter
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
85743002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18051
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Mon, 25 Nov 2013 12:55:02 +0000 (12:55 +0000)]
Add -R option to merge-to-branch script to revert from bleeding_edge.
Usage:
tools/merge-to-branch.sh -R 12345 12346
R=machenbach@chromium.org
Review URL: https://codereview.chromium.org/
85413004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18048
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Mon, 25 Nov 2013 12:50:52 +0000 (12:50 +0000)]
Force inline Math.random.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
85483002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18047
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mvstanton@chromium.org [Mon, 25 Nov 2013 12:41:27 +0000 (12:41 +0000)]
A performance regression in array literal creation was caused by refactoring that eliminated a special fast case for shallow arrays. At the same time the general case got a bit slower. This CL restores most of the performance without coding the special fast case. The virtual dispatching is unnecessary because we know what we want to do at compile time. A flag was added to Runtime::CreateArrayLiteral. The flags delivers information about shallowness but also whether or not allocation mementos should be created. This is useful for crankshafted code.
BUG=v8:3008
LOG=Y
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
77293003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18046
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
titzer@chromium.org [Mon, 25 Nov 2013 12:21:00 +0000 (12:21 +0000)]
Enable global load elimination.
BUG=
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
48583005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18045
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Mon, 25 Nov 2013 12:19:02 +0000 (12:19 +0000)]
Fixed printer for JSFunction.
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/
85613003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18044
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Mon, 25 Nov 2013 12:00:44 +0000 (12:00 +0000)]
Prepare push to trunk. Now working on version 3.23.12.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
85623002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18040
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Mon, 25 Nov 2013 08:36:46 +0000 (08:36 +0000)]
Unbreak console=readline.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
85343002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18037
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Mon, 25 Nov 2013 08:15:35 +0000 (08:15 +0000)]
freebsd: unbreak build after r16646
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
85313002
Patch from Ben Noordhuis <ben@strongloop.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18035
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jarin@chromium.org [Mon, 25 Nov 2013 06:44:23 +0000 (06:44 +0000)]
Support for the Linux 'perf report' and 'perf annotate' tools.
In this change, the support comes in two flavours:
--perf_jit_prof - outputs the files in a new perf format that only works with a
patched perf tool (patch obtained from Stephane Eranian). Both 'perf report' and
'perf annotate' are supported (the file format also contains the machine code).
--perf_basic_prof - outputs the files in a format that the existing perf tool
can consume. Only 'perf report' is supported.
In both cases, we have to disable code compaction because the perf tool does not
understand code relocation. (We are told that code relocation should be
supported soon.)
Usage:
perf record -g d8 --perf_jit_prof --no_compact_code_space my.js
perf report
The change itself is straightforward - we simply listen to code events and
write an entry to a log file for every new piece of code.
I am not yet sure whether we should keep both versions or just one (and which
one). My hope is the reviewers can help here.
R=danno@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
70013002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18034
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
dslomov@chromium.org [Fri, 22 Nov 2013 19:05:21 +0000 (19:05 +0000)]
Safe HGraphBuilder::Add<> and New<>
R=danno@chromium.org
Review URL: https://codereview.chromium.org/
82943005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18033
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
palfia@homejinni.com [Fri, 22 Nov 2013 18:55:13 +0000 (18:55 +0000)]
MIPS: Only use Type for compiling load handlers.
Port r18025 (
74fc739)
BUG=
Review URL: https://codereview.chromium.org/
83913002
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18032
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
palfia@homejinni.com [Fri, 22 Nov 2013 18:28:44 +0000 (18:28 +0000)]
MIPS: Use Type in CheckPrototypes.
Port r18024 (
8956065)
BUG=
Review URL: https://codereview.chromium.org/
83483005
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18031
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
palfia@homejinni.com [Fri, 22 Nov 2013 18:13:52 +0000 (18:13 +0000)]
MIPS: Fix and simplify code aging.
This commit fixes a lot of test failures that we saw earlier in the buildbots (http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20mips%20-%20sim/builds/3034/steps/Check/logs/stdio).
In some very rare cases the code age stub address can be 0xXXXX0000 and in this case the li maco instruction emits only 1 instruction (instead of the expected 2). Thus the code age sequence will be 6 instructions long instead of 7, which breaks the code aging feature. This change makes sure that li always emits 2 instructions and it also simplifies the code aging sequence.
Also fixes a small mistake in the simulator at the jalr instruction.
BUG=
R=gergely@homejinni.com
Review URL: https://codereview.chromium.org/
83583003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18030
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mstarzinger@chromium.org [Fri, 22 Nov 2013 17:37:34 +0000 (17:37 +0000)]
Add counters for write barriers in generated code.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
78953003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18029
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
palfia@homejinni.com [Fri, 22 Nov 2013 16:05:48 +0000 (16:05 +0000)]
MIPS: Add function declarations missing from r18000.
BUG=
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/
83423002
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18027
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
verwaest@chromium.org [Fri, 22 Nov 2013 15:08:22 +0000 (15:08 +0000)]
Only use Type for compiling load handlers.
BUG=
R=ishell@chromium.org
Review URL: https://chromiumcodereview.appspot.com/
80693002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18025
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
verwaest@chromium.org [Fri, 22 Nov 2013 15:06:20 +0000 (15:06 +0000)]
Use Type in CheckPrototypes.
R=ishell@chromium.org
Review URL: https://chromiumcodereview.appspot.com/
78023002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18024
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Fri, 22 Nov 2013 14:23:32 +0000 (14:23 +0000)]
Deprecate old versions of Isolate::SetData and GetData
BUG=none
R=svenpanne@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/
83363003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18021
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Fri, 22 Nov 2013 13:50:39 +0000 (13:50 +0000)]
Make sure files end with exactly one new line and police this in presubmit.
The changes are (excluding presubmit.py) mechanical. I added the following
lines after the check and iterated the presubmit script until all errors
went away:
f = open(name, "w");
if contents.endswith('\n\n'):
f.write(contents[0:-1])
else:
f.write(contents + '\n')
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
82803005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18017
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Fri, 22 Nov 2013 13:39:55 +0000 (13:39 +0000)]
Repair ChangeLog.
BUG=
R=danno@chromium.org, jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
83533002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18016
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
rossberg@chromium.org [Fri, 22 Nov 2013 13:16:40 +0000 (13:16 +0000)]
Introduce Type::IsCurrently
R=verwaest@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
83003003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18015
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ulan@chromium.org [Fri, 22 Nov 2013 13:10:31 +0000 (13:10 +0000)]
Invalidate embedded objects in optimized code if it was marked for deoptimization.
It avoids having dead pointers in code from the time it was marked for deoptimization until it is deoptimized.
BUG=320532,v8:2996
TEST=mjsunit/regress/regress-320532.js
LOG=Y
R=danno@chromium.org
Review URL: https://chromiumcodereview.appspot.com/
61213012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18013
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Fri, 22 Nov 2013 12:43:17 +0000 (12:43 +0000)]
Remove usage of deprecated APIs from cctests
Also turn on deprecation warnings
BUG=v8:3023
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
83343002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18011
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
rossberg@chromium.org [Fri, 22 Nov 2013 12:38:49 +0000 (12:38 +0000)]
Minor clean-up of Type::Print
R=verwaest@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
75423002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18010
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Fri, 22 Nov 2013 12:35:39 +0000 (12:35 +0000)]
Remove usage of deprecated APIs from d8
Also turn on deprecation warnings
BUG=v8:3023
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
83333002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18009
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Fri, 22 Nov 2013 12:28:58 +0000 (12:28 +0000)]
Remove usage of deprecated APIs from v8 itself
Also turn on depreaction warnings
BUG=v8:3023
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
83323003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18008
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Fri, 22 Nov 2013 12:26:00 +0000 (12:26 +0000)]
Remove usage of deprecated APIs from samples
Also turn on deprecation warnings for samples
BUG=v8:3023
R=dcarney@chromium.org, svenpanne@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
83313002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18007
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Fri, 22 Nov 2013 12:21:43 +0000 (12:21 +0000)]
Exclude benchmark tests from presubmit check in a non-git checkout.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
83353002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18006
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Fri, 22 Nov 2013 12:03:01 +0000 (12:03 +0000)]
Fix combined string length computation.
For 31-bit smis, we don't need to explicitly check whether the
combined string length exceeds the max supported string length,
since the value must be converted to a smi at some point (i.e.
when it is stored into the string length field of the resulting
string), which will emit an overflow check.
For 32-bit smis, we insert an explicit check that the combined
string length does not exceed String::kMaxLength.
This also enables to get rid of the JoinContinuation() usage in
BuildUncheckedStringAdd().
BUG=v8:2990
LOG=n
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/
82733003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18005
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Fri, 22 Nov 2013 11:49:04 +0000 (11:49 +0000)]
Get rid of the binop_stub parameter to BuildBinaryOperation().
Just ask the graph builder whether we are compiling a stub.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
83073003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18004
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Fri, 22 Nov 2013 11:35:39 +0000 (11:35 +0000)]
Reland "Implement Math.random() purely in JavaScript" plus fixes.
The main change is that a bit has been added to array buffers to
signal that the backing store has to be freed when the buffer dies.
BUG=316359
LOG=Y
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/
82763005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18003
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Fri, 22 Nov 2013 10:57:55 +0000 (10:57 +0000)]
Clean up incorrect V8_DEPRECATION macro usage and enable deprecatitions
We turn the default for standalone builds on, however, I added overrides
to all targets to turn it locally off again. In follow up CLs, I'll
clean up one target at a time.
BUG=v8:3023
R=dcarney@chromium.org, machenbach@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
82763004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18002
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Fri, 22 Nov 2013 10:52:15 +0000 (10:52 +0000)]
Dispose external string resource on heap teardown.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
83253002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18001
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ulan@chromium.org [Fri, 22 Nov 2013 10:21:47 +0000 (10:21 +0000)]
Restore saved caller FP registers on stub failure
and preserve FP registers on NotifyStubFailure.
In debug mode, clobber FP registers on each runtime call to increase
chances of catching such bugs.
R=danno@chromium.org
Review URL: https://chromiumcodereview.appspot.com/
78283002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18000
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Fri, 22 Nov 2013 10:04:04 +0000 (10:04 +0000)]
Prepare push to trunk. Now working on version 3.23.11.
R=danno@chromium.org
Review URL: https://codereview.chromium.org/
83173002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17997
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jkummerow@chromium.org [Fri, 22 Nov 2013 09:56:59 +0000 (09:56 +0000)]
Sync svn:ignore with .gitignore on trunk/test/* and bleeding_edge/test/*
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17996
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Fri, 22 Nov 2013 09:48:43 +0000 (09:48 +0000)]
Pythonification and refactoring of push-to-trunk.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
81193002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17995
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Fri, 22 Nov 2013 08:40:38 +0000 (08:40 +0000)]
Correctly change test expectations.
R=jkummerow@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
82913003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17989
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Fri, 22 Nov 2013 08:25:50 +0000 (08:25 +0000)]
Reland: Embed trigonometric lookup table.
R=danno@chromium.org
Review URL: https://codereview.chromium.org/
78263005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17988
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Fri, 22 Nov 2013 07:56:00 +0000 (07:56 +0000)]
Make auto-roll testable.
Refactor the mock code for easier reuse. Mock out web requests.
TEST=python -m unittest test_scripts
BUG=
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/
77453009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17987
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mvstanton@chromium.org [Fri, 22 Nov 2013 07:34:21 +0000 (07:34 +0000)]
Pretenuring calculation fields in AllocationSite.
AllocationSite-based pretenuring needs additional fields to carry out
calculations.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/
43603002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17986
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Fri, 22 Nov 2013 07:27:26 +0000 (07:27 +0000)]
Rework BuildCheckString() to be compatible with the other BuildCheck*() methods.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
79343009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17985
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Thu, 21 Nov 2013 18:47:51 +0000 (18:47 +0000)]
Revert "Use %_IsSmi instead of %MaxSmi."
This reverts r17983.
TBR=danno@chromium.org
Review URL: https://codereview.chromium.org/
79263005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17984
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Thu, 21 Nov 2013 17:55:03 +0000 (17:55 +0000)]
Use %_IsSmi instead of %MaxSmi.
ToPositiveInteger already makes sure that if l can be represented as a
smi, it will be represented as a smi. This way we can avoid doing a
runtime call to retrieve a constant.
R=dslomov@chromium.org
Review URL: https://codereview.chromium.org/
81063002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17983
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Thu, 21 Nov 2013 17:21:00 +0000 (17:21 +0000)]
Revert 17963, 17962 and 17955: Random number generator in JS changes
Revert 17966, 17965 also as collateral damage: Embed trigonometric lookup table.
Due to Heapcheck and valgrind failures that are not yet fixed.
TBR=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
80513004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17981
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ishell@chromium.org [Thu, 21 Nov 2013 16:55:16 +0000 (16:55 +0000)]
Code object now prints its major_key when applicable.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
81043002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17980
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Thu, 21 Nov 2013 16:02:31 +0000 (16:02 +0000)]
Add clang-format configuration file and set coding style to "Google"
c.f. https://code.google.com/p/v8/wiki/Contributing
BUG=none
R=jkummerow@chromium.org, machenbach@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
80783004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17979
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
plind44@gmail.com [Thu, 21 Nov 2013 15:15:50 +0000 (15:15 +0000)]
MIPS: Optimize AccessArgumentsAt.
Port r17923 (
837f909)
Original commit message:
Optimize register constraints and code generated for AccessArgumentsAt Lithium instruction.
BUG=
R=plind44@gmail.com
Review URL: https://codereview.chromium.org/
79143007
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17977
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Thu, 21 Nov 2013 14:07:06 +0000 (14:07 +0000)]
Reland r17877 - Introduce a v8::Platform class that bundles embedder callbacks
Over the initial commit, this CL moves the lifetime management of the default
platform to v8.cc from api.cc
R=bmeurer@chromium.org, svenpanne@chromium.org
BUG=v8:3015
LOG=n
Review URL: https://codereview.chromium.org/
78453003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17970
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Thu, 21 Nov 2013 13:47:37 +0000 (13:47 +0000)]
Remove preemption thread and API
BUG=v8:3004
R=svenpanne@chromium.org, yangguo@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/
62283010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17967
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Thu, 21 Nov 2013 13:30:14 +0000 (13:30 +0000)]
Fix build.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
80903002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17966
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Thu, 21 Nov 2013 12:57:23 +0000 (12:57 +0000)]
Embed trigonometric lookup table.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
78873006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17965
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Thu, 21 Nov 2013 12:34:34 +0000 (12:34 +0000)]
Use Marsaglia's original random number generator.
BUG=316359
LOG=Y
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
80743002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17963
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Thu, 21 Nov 2013 12:07:17 +0000 (12:07 +0000)]
Build fix.
We should better initialize the random state even for non-snapshot
builds...
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
77773004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17962
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Thu, 21 Nov 2013 09:55:15 +0000 (09:55 +0000)]
Implement Math.random() purely in JavaScript.
This removes tons of architecture-specific code and makes it easy to
experiment with other pseudo-RNG algorithms. The crankshafted code is
extremely good, keeping all things unboxed and doing only minimal
checks, so it is basically equivalent to the handwritten code.
When benchmarks are run without parallel recompilation, we get a few
percent regression on SunSpider's string-validate-input and
string-base64, but these benchmarks run so fast that the overall
SunSpider score is hardly affected and within the usual jitter. Note
that these benchmarks actually run even faster when we don't
crankshaft at all on the main thread (the regression is not caused by
bad code, it is caused by Crankshaft needing a few hundred microsecond
for compilation of a trivial function). Luckily, when parallel
recompilation is enabled, i.e. in the browser, we see no regression at
all!
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
68723002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17955
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Thu, 21 Nov 2013 09:47:23 +0000 (09:47 +0000)]
Prepare push to trunk. Now working on version 3.23.10.
R=jkummerow@chromium.org, danno@chromium.org
Review URL: https://codereview.chromium.org/
77243006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17952
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Thu, 21 Nov 2013 09:35:25 +0000 (09:35 +0000)]
Let ChangeLog get auto-generated in push-to-trunk script.
BUG=
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
78683002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17951
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
hpayer@chromium.org [Thu, 21 Nov 2013 09:16:34 +0000 (09:16 +0000)]
Do deferred migration of maps after deoptimizing once.
BUG=
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/
50213003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17949
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jkummerow@chromium.org [Thu, 21 Nov 2013 08:59:15 +0000 (08:59 +0000)]
Fix Windows build for real
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
80513002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17948
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jkummerow@chromium.org [Thu, 21 Nov 2013 08:38:51 +0000 (08:38 +0000)]
Fix Windows build
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
79963003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17946
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jkummerow@chromium.org [Thu, 21 Nov 2013 08:06:02 +0000 (08:06 +0000)]
API: Change AdjustAmountOfExternalAllocatedMemory calls to use int64_t instead
of intptr_t
This prevents an overflow in FreeArrayBuffer, which in turn caused needless GCs
as well as crashes on isolate teardown.
LOG=Y
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/
70233010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17944
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Thu, 21 Nov 2013 07:08:24 +0000 (07:08 +0000)]
Removed dead stack printing code.
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/
77723007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17943
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
plind44@gmail.com [Wed, 20 Nov 2013 19:33:50 +0000 (19:33 +0000)]
MIPS: Improvement of “MIPS: Fixed crashes exposed though fuzzing.” (r17886).
BUG=
R=plind44@gmail.com
Review URL: https://codereview.chromium.org/
78423002
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17942
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
plind44@gmail.com [Wed, 20 Nov 2013 19:01:33 +0000 (19:01 +0000)]
MIPS: Use SmiTst and TrySmiTag MacroAssembler instructions.
BUG=
R=plind44@gmail.com
Review URL: https://codereview.chromium.org/
78403002
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17941
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
plind44@gmail.com [Wed, 20 Nov 2013 18:22:18 +0000 (18:22 +0000)]
MIPS: Replace hard-coded stack frame size literals with StandardFrameConstants::kFixedFrameSizeFromFp.
Port r17925 (
0b95731)
BUG=
R=plind44@gmail.com
Review URL: https://codereview.chromium.org/
77763006
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17940
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Wed, 20 Nov 2013 17:09:17 +0000 (17:09 +0000)]
Mark flaky debug test as failing.
The issues are known. For the time being, we mark it as failing.
R=machenbach@chromium.org
BUG=v8:2921, v8:3005
LOG=N
Review URL: https://codereview.chromium.org/
77723008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17938
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
plind44@gmail.com [Wed, 20 Nov 2013 17:02:12 +0000 (17:02 +0000)]
MIPS: Remove the first_right_arg hack for HMod.
Port r17919 (
23e9644)
Original commit message:
Generate a proper subgraph in BuildBinaryOperation instead.
BUG=
R=plind44@gmail.com
Review URL: https://codereview.chromium.org/
78663002
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17937
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Wed, 20 Nov 2013 15:16:18 +0000 (15:16 +0000)]
Reland r17907 - Make it possible to add more than one piece of embedder data to isolates"
This will allow for using gin and blink bindings in the same
process.
Over r17907, I changed the order of fields in Isolate to be stable across different platforms, since the ABI defined packing is not the same on
all targets, and I initialize the embedder data field in Isolate.
BUG=317398
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
78453002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17935
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Wed, 20 Nov 2013 15:05:52 +0000 (15:05 +0000)]
Update benchmark test suite.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
67763007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17934
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yangguo@chromium.org [Wed, 20 Nov 2013 15:04:37 +0000 (15:04 +0000)]
Increase precision when finding the remainder after division by pi/2.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
66703005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17933
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
yurys@chromium.org [Wed, 20 Nov 2013 14:57:39 +0000 (14:57 +0000)]
Do not recompile existing functions when enabling allocation tracking
Now that we don't have special hooks for the allocations in the generated code there is no need to recompile existing functions when enabling allocation tracking.
BUG=chromium:27798
LOG=N
R=loislo@chromium.org, mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/
67743006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17932
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mvstanton@chromium.org [Wed, 20 Nov 2013 14:20:07 +0000 (14:20 +0000)]
Re-enable EnsureAllocationSiteDependentCodesProcessed.
The problem was that we don't use crankshaft on non-sse2 builds.
(on ARM non-vfp3).
R=danno@chromium.org
Review URL: https://codereview.chromium.org/
77963002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17930
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mvstanton@chromium.org [Wed, 20 Nov 2013 14:17:47 +0000 (14:17 +0000)]
MaterializedLiteral expressions need to cache expression depth.
A problem arises in recursive literal expressions due to recent
changes that defer allocation of constant literal properties
from parse time. We were calculating expression depth as a
side-effect of a lazy constant property build, but subsequent
calls for the depth always returned 1. Cache the correct depth
in the MaterializedLiteral instead.
(Related-to/very-partial-revert-of
https://codereview.chromium.org/
61873003)
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/
78493002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17929
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Wed, 20 Nov 2013 13:53:11 +0000 (13:53 +0000)]
Force 'git cl upload' in push-to-trunk forced mode.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
77853003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17926
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
rmcilroy@chromium.org [Wed, 20 Nov 2013 13:44:24 +0000 (13:44 +0000)]
Replace hard-coded stack frame size literals with StandardFrameConstants::kFixedFrameSizeFromFp
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/
60763006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17925
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
m.m.capewell@googlemail.com [Wed, 20 Nov 2013 13:28:19 +0000 (13:28 +0000)]
ARM: Optimize AccessArgumentsAt
Optimize register constraints and code generated for AccessArgumentsAt
Lithium instruction.
TEST=none
BUG=
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/
78093004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17923
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
verwaest@chromium.org [Wed, 20 Nov 2013 13:25:40 +0000 (13:25 +0000)]
Use SimpleLoadField for JSObjectFieldAccessors, rather than compiling a new stub.
R=dslomov@chromium.org
Review URL: https://chromiumcodereview.appspot.com/
76403002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17922
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Wed, 20 Nov 2013 12:58:10 +0000 (12:58 +0000)]
Activate Hydrogen-generated KeyedLoadDictionary ICs
R=ulan@chromium.org
Review URL: https://chromiumcodereview.appspot.com/
59813011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17921
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Wed, 20 Nov 2013 12:43:33 +0000 (12:43 +0000)]
Remove the first_right_arg hack for HMod.
Generate a proper subgraph in BuildBinaryOperation instead.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
77053003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17919
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
svenpanne@chromium.org [Wed, 20 Nov 2013 12:35:58 +0000 (12:35 +0000)]
Removed unused --preallocate-message-memory flag.
It results in a lot of dead code, and Isolate::PrintStack itself
crashes most of the time when something went wrong earlier.
Furthermore, we have plans do get better information into the
minidump, anyway.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
78003002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17918
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Wed, 20 Nov 2013 12:35:21 +0000 (12:35 +0000)]
Convert constant numbers at compile time.
TEST=mjsunit/number-tostring
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/
77553005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17917
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Wed, 20 Nov 2013 12:05:44 +0000 (12:05 +0000)]
Revert r17907 - Make it possible to add more than one piece of embedder data to isolates
> This will allow for using gin and blink bindings in the same process
>
> BUG=317398
> R=svenpanne@chromium.org, dcarney@chromium.org
> LOG=y
>
> Review URL: https://codereview.chromium.org/
77913003
BUG=none
R=svenpanne@chromium.org
TBR=svenpanne@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/
78093005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17915
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Wed, 20 Nov 2013 12:00:57 +0000 (12:00 +0000)]
Make BuildBinaryOperation use ReturnValue instead of ReturnInstruction.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
78183002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17914
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Wed, 20 Nov 2013 11:57:49 +0000 (11:57 +0000)]
Replace unsafe uses of Add<> with AddUncasted<>.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
78213002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17913
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Wed, 20 Nov 2013 11:53:09 +0000 (11:53 +0000)]
Don't generate useless string checks for string adds.
If we know that one side of a string add is definitely a string
(i.e. if it's a string constant), then we don't need to emit a
string check for the argument.
This adds a new BuildCheckString() method to the graph builder,
which does "the right thing".
TEST=mjsunit/string-add
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/
78063002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17912
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
rmcilroy@chromium.org [Wed, 20 Nov 2013 11:21:51 +0000 (11:21 +0000)]
Remove deprecated v8::SetResourceConstraints without Isolate parameter
LOG=Y
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/
62193003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17910
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
rmcilroy@chromium.org [Wed, 20 Nov 2013 11:20:01 +0000 (11:20 +0000)]
Remove deprecated v8-defaults.h and defaults.cc.
BUG=312241
LOG=Y
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
59823008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17909
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
jochen@chromium.org [Wed, 20 Nov 2013 10:59:13 +0000 (10:59 +0000)]
Make it possible to add more than one piece of embedder data to isolates
This will allow for using gin and blink bindings in the same process
BUG=317398
R=svenpanne@chromium.org, dcarney@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/
77913003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17907
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
dcarney@chromium.org [Wed, 20 Nov 2013 10:11:56 +0000 (10:11 +0000)]
faster stack frame generation for accessor property ics
this is implemented for intel platforms only, as they are the only ones which show speed up with this change
R=svenpanne@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
48303002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17903
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
bmeurer@chromium.org [Wed, 20 Nov 2013 09:30:46 +0000 (09:30 +0000)]
Reset overwrite mode for BinaryOpStub unless we can actually make use of it.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/
77943002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17899
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Wed, 20 Nov 2013 09:25:38 +0000 (09:25 +0000)]
Prepare push to trunk. Now working on version 3.23.9.
R=danno@chromium.org
BUG=
Review URL: https://codereview.chromium.org/
77673004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17896
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mvstanton@chromium.org [Wed, 20 Nov 2013 08:55:20 +0000 (08:55 +0000)]
Quit running EnsureAllocationSiteDependentCodesProcessed test until
it's failure is diagnosed.
R=danno@chromium.org
Review URL: https://codereview.chromium.org/
77923002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17894
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Wed, 20 Nov 2013 08:49:42 +0000 (08:49 +0000)]
Add forced mode to push-to-trunk script.
This CL depends on https://codereview.chromium.org/
65933003/.
BUG=
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
67763005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17893
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
machenbach@chromium.org [Wed, 20 Nov 2013 08:25:17 +0000 (08:25 +0000)]
Refactor and improve bug line generation for push-to-trunk.
BUG=
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
65933003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17892
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
plind44@gmail.com [Tue, 19 Nov 2013 22:23:41 +0000 (22:23 +0000)]
MIPS: Fixed crashes exposed though fuzzing.
Port r17886 (
e2fb3ed)
Original commit message:
The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set.
R=plind44@gmail.com, yangguo@chromium.org
TEST=test/mjsunit/regress/regress-320948.js
BUG=chromium:320948
LOG=Y
Review URL: https://codereview.chromium.org/
68793008
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17891
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Tue, 19 Nov 2013 17:29:43 +0000 (17:29 +0000)]
Turn ASSERTs to CHECKs in test-heap.cc
This fixes unused variable compile failures in release builds introduced in r17887.
R=jkummerow@chromium.org
Review URL: https://codereview.chromium.org/
76413004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17888
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mvstanton@chromium.org [Tue, 19 Nov 2013 16:57:49 +0000 (16:57 +0000)]
Test that AllocationSite::dependent_code doesn't leak code objects.
Verify that code objects are treated weakly by the AllocationSite
dependent_code field.
R=ulan@chromium.org
Review URL: https://codereview.chromium.org/
61923006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17887
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Tue, 19 Nov 2013 16:41:07 +0000 (16:41 +0000)]
Fixed crashes exposed though fuzzing.
The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set.
R=yangguo@chromium.org
TEST=test/mjsunit/regress/regress-320948.js
BUG=chromium:320948
LOG=Y
Review URL: https://codereview.chromium.org/
72813004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17886
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00