platform/upstream/v8.git
9 years agoCheck whether a typed array was neutered before writing to it
jochen [Mon, 3 Aug 2015 16:11:14 +0000 (09:11 -0700)]
Check whether a typed array was neutered before writing to it

As demanded by the spec.

BUG=chromium:516251
R=jkummerow@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1261453004

Cr-Commit-Position: refs/heads/master@{#29981}

9 years agoSIMD.js Fix x87 build.
bbudge [Mon, 3 Aug 2015 15:32:41 +0000 (08:32 -0700)]
SIMD.js Fix x87 build.
Rename method EmitIsSpecObject -> EmitIsSimdObject.

LOG=N
BUG=v8:4124

Review URL: https://codereview.chromium.org/1263473008

Cr-Commit-Position: refs/heads/master@{#29980}

9 years agoAdd support for large object IsSlotInBlackObject to filter out all dead slots correctly.
hpayer [Mon, 3 Aug 2015 15:23:52 +0000 (08:23 -0700)]
Add support for large object IsSlotInBlackObject to filter out all dead slots correctly.

BUG=chromium:454297
LOG=n

Review URL: https://codereview.chromium.org/1268663004

Cr-Commit-Position: refs/heads/master@{#29979}

9 years agoPPC: Clean up register save/restore logic.
mbrandy [Mon, 3 Aug 2015 14:36:43 +0000 (07:36 -0700)]
PPC: Clean up register save/restore logic.

NOPRESUBMIT=true
R=titzer@chromium.org, michael_dawson@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1271583002

Cr-Commit-Position: refs/heads/master@{#29978}

9 years agoFix presubmit errors in runtime-simd.cc.
titzer [Mon, 3 Aug 2015 14:27:52 +0000 (07:27 -0700)]
Fix presubmit errors in runtime-simd.cc.

R=mstarzinger@chromium.org
BUG=
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1263363002

Cr-Commit-Position: refs/heads/master@{#29977}

9 years agoReland of land concurrent sweeping of code space. (patchset #1 id:1 of https://codere...
hpayer [Mon, 3 Aug 2015 14:12:25 +0000 (07:12 -0700)]
Reland of land concurrent sweeping of code space. (patchset #1 id:1 of https://codereview.chromium.org/1263343002/)

Reason for revert:
Bogus revert.

Original issue's description:
> Revert of Reland concurrent sweeping of code space. (patchset #6 id:100001 of https://codereview.chromium.org/1242333002/)
>
> Reason for revert:
> Reverted because 507840 came back on recent Chromecrash. Should not have committed this Cl.
>
> Original issue's description:
> > Reland concurrent sweeping of code space.
> >
> > BUG=
> >
> > Committed: https://crrev.com/8516dccf6a561020441773c93c564dd4aa6ee59e
> > Cr-Commit-Position: refs/heads/master@{#29967}
>
> TBR=jochen@chromium.org
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=
>
> Committed: https://crrev.com/5c6e7d00438cc82a5584e3178d7dadf36e4a34f8
> Cr-Commit-Position: refs/heads/master@{#29975}

TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1271773002

Cr-Commit-Position: refs/heads/master@{#29976}

9 years agoRevert of Reland concurrent sweeping of code space. (patchset #6 id:100001 of https...
hpayer [Mon, 3 Aug 2015 13:06:42 +0000 (06:06 -0700)]
Revert of Reland concurrent sweeping of code space. (patchset #6 id:100001 of https://codereview.chromium.org/1242333002/)

Reason for revert:
Reverted because 507840 came back on recent Chromecrash. Should not have committed this Cl.

Original issue's description:
> Reland concurrent sweeping of code space.
>
> BUG=
>
> Committed: https://crrev.com/8516dccf6a561020441773c93c564dd4aa6ee59e
> Cr-Commit-Position: refs/heads/master@{#29967}

TBR=jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1263343002

Cr-Commit-Position: refs/heads/master@{#29975}

9 years agoSIMD.js Add the other SIMD Phase 1 types.
bbudge [Mon, 3 Aug 2015 13:02:39 +0000 (06:02 -0700)]
SIMD.js Add the other SIMD Phase 1 types.

Adds Int32x4, Bool32x4, Int16x8, Bool16x8, Int8x16, Bool8x16.
Adds Simd128Value base heap object class.
Changes heap/factory construction pattern to use arrays.
Adds replaceLane functions to facilitate testing.

NOPRESUBMIT=true
(presubmit checks erroneously interpret array declaration in macro definition as variable size array.)

LOG=Y
BUG=v8:4124

Review URL: https://codereview.chromium.org/1250733005

Cr-Commit-Position: refs/heads/master@{#29974}

9 years ago[deoptimizer] Fix the frame size calculation for debugger-inspectable frame construction.
jarin [Mon, 3 Aug 2015 12:59:41 +0000 (05:59 -0700)]
[deoptimizer] Fix the frame size calculation for debugger-inspectable frame construction.

The calculation now takes into account the size of the arguments object
if it is present in the optimized frame.

(Yang, many thanks for the awesome repro!)

BUG=chromium:514362
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1264483008

Cr-Commit-Position: refs/heads/master@{#29973}

9 years ago[Sheriff] Mark test as flaky.
machenbach [Mon, 3 Aug 2015 11:41:59 +0000 (04:41 -0700)]
[Sheriff] Mark test as flaky.

BUG=v8:4141
LOG=n
NOTRY=true
TBR=yangguo@chromium.org, vogelheim@chromium.org

Review URL: https://codereview.chromium.org/1263033005

Cr-Commit-Position: refs/heads/master@{#29972}

9 years ago[deoptimizer] Do not pass arguments markers to the debugger.
jarin [Mon, 3 Aug 2015 10:43:24 +0000 (03:43 -0700)]
[deoptimizer] Do not pass arguments markers to the debugger.

This fixes a bug introduced by r28826 (Unify decoding of deoptimization
translations, https://codereview.chromium.org/1136223004), where we
started leaking arguments marker sentinel to the debugger, which would
then cause crashes. This change replaces the sentinel with the undefined
value in the debugger-inspectable frame.

BUG=chromium:514362
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1263333002

Cr-Commit-Position: refs/heads/master@{#29971}

9 years ago[Intepreter] BytecodeArrayBuilder and accumulator based bytecodes.
oth [Mon, 3 Aug 2015 10:42:16 +0000 (03:42 -0700)]
[Intepreter] BytecodeArrayBuilder and accumulator based bytecodes.

The BytecodeArrayBuilder has responsibility for emitting the BytecodeArray. It will be used by the AST walker.

Bytecode now uses an accumulator plus registers rather being pure register based.

Update BytecodeArray::Disassemble to print operand information.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1266713004

Cr-Commit-Position: refs/heads/master@{#29970}

9 years agoDisable code recompile verification.
yangguo [Mon, 3 Aug 2015 10:26:01 +0000 (03:26 -0700)]
Disable code recompile verification.

No-snap builds are still failing.

NOTREECHECKS=true
NOTRY=true
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1260283006

Cr-Commit-Position: refs/heads/master@{#29969}

9 years agoPartially revert 5aacee to see its impact on memory histograms.
ulan [Mon, 3 Aug 2015 09:31:34 +0000 (02:31 -0700)]
Partially revert 5aacee to see its impact on memory histograms.

Original CL: https://crrev.com/5aaceefd9a84327ce6afeaea16557449bf83ce57

BUG=chromium:515721
LOG=NO

Review URL: https://codereview.chromium.org/1264063003

Cr-Commit-Position: refs/heads/master@{#29968}

9 years agoReland concurrent sweeping of code space.
hpayer [Mon, 3 Aug 2015 09:15:27 +0000 (02:15 -0700)]
Reland concurrent sweeping of code space.

BUG=

Review URL: https://codereview.chromium.org/1242333002

Cr-Commit-Position: refs/heads/master@{#29967}

9 years agoCreate function name const assignment after parsing language mode.
yangguo [Mon, 3 Aug 2015 09:14:19 +0000 (02:14 -0700)]
Create function name const assignment after parsing language mode.

Otherwise we may choose sloppy const or strict const depending on
whether the function is parsed the first time.

R=mvstanton@chromium.org
BUG=v8:4336
LOG=N

Review URL: https://codereview.chromium.org/1260053004

Cr-Commit-Position: refs/heads/master@{#29966}

9 years ago[compiler] Verify that type feedback vector structure is the same on recompile.
mvstanton [Mon, 3 Aug 2015 08:14:41 +0000 (01:14 -0700)]
[compiler] Verify that type feedback vector structure is the same on recompile.

Use a CHECK statement to find any violations of this rule.

Review URL: https://codereview.chromium.org/1255383004

Cr-Commit-Position: refs/heads/master@{#29965}

9 years agoX87: [turbofan] Fix kArchTailCallCodeObject on ia32/x64.
chunyang.dai [Mon, 3 Aug 2015 03:10:09 +0000 (20:10 -0700)]
X87: [turbofan] Fix kArchTailCallCodeObject on ia32/x64.

port ec9bc7947399e29429c3bdeaff070db2a4cc92f4 (r29949).

original commit message:

    Previously these instructions tried to jump to the value at the code entry's
    location, rather than jumping to this location. Also adds a test.

BUG=

Review URL: https://codereview.chromium.org/1256163003

Cr-Commit-Position: refs/heads/master@{#29964}

9 years agoX87: VectorICs: refactoring to eliminate "for queries only" vector ic mode.
chunyang.dai [Mon, 3 Aug 2015 03:09:01 +0000 (20:09 -0700)]
X87: VectorICs: refactoring to eliminate "for queries only" vector ic mode.

port 1a5751f9b3ca682fadb6fce8202dda2db5b017c6 (r29956)

original commit message:

    Since we need the notion of a dummy vector ic, we can use that to avoid
    a special case of the IC constructor. Also, consolidate the two dummy
    ICs into one.

BUG=

Review URL: https://codereview.chromium.org/1265113002

Cr-Commit-Position: refs/heads/master@{#29963}

9 years agoMIPS64: Fix hidden bug in relocations for j and jal.
dusan.milosavljevic [Sat, 1 Aug 2015 17:04:28 +0000 (10:04 -0700)]
MIPS64: Fix hidden bug in relocations for j and jal.

Introduce new mechanism for relocating j/jal.

Resolves flaky failures of mozilla regress tests.

Additionally:

- internal encoded references are not relocated during code generation phase.
- remove asserts from j and jal which are not
valid because addresses are not final and valid in code generation phase.

TEST=mozilla/js1_5/Regress/regress-280769-2, regress-367561-01,
     mozilla/ecma_3/Statements/regress-444979
BUG=
R=paul.lind@imgtec.com

Review URL: https://codereview.chromium.org/1216823003 .

Patch from dusan.milosavljevic <dusan.milosavljevic@imgtec.com>.

Cr-Commit-Position: refs/heads/master@{#29962}

9 years ago[Interpreter] Remove unnecessary const specifiers on scalar types.
oth [Sat, 1 Aug 2015 07:25:23 +0000 (00:25 -0700)]
[Interpreter] Remove unnecessary const specifiers on scalar types.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1269813006

Cr-Commit-Position: refs/heads/master@{#29961}

9 years agoUpdate V8 DEPS.
v8-autoroll [Sat, 1 Aug 2015 03:23:13 +0000 (20:23 -0700)]
Update V8 DEPS.

Rolling v8/testing/gmock to 0421b6f358139f02e102c9c332ce19a33faf75be

Rolling v8/testing/gtest to 9855a87157778d39b95eccfb201a9dc90f6d61c6

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1271653002

Cr-Commit-Position: refs/heads/master@{#29960}

9 years agoPPC: VectorICs: refactoring to eliminate "for queries only" vector ic mode.
mbrandy [Fri, 31 Jul 2015 19:26:38 +0000 (12:26 -0700)]
PPC: VectorICs: refactoring to eliminate "for queries only" vector ic mode.

Port 1a5751f9b3ca682fadb6fce8202dda2db5b017c6

Original commit message:
    Since we need the notion of a dummy vector ic, we can use that to avoid
    a special case of the IC constructor. Also, consolidate the two dummy
    ICs into one.

R=mvstanton@chromium.org, michael_dawson@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1261433007

Cr-Commit-Position: refs/heads/master@{#29959}

9 years agoArray Builtin Refactoring: Creating API methods on ElementsAccessor
cbruni [Fri, 31 Jul 2015 16:10:37 +0000 (09:10 -0700)]
Array Builtin Refactoring: Creating API methods on ElementsAccessor

BUG=

Review URL: https://codereview.chromium.org/1260283002

Cr-Commit-Position: refs/heads/master@{#29958}

9 years ago[turbofan] Simplifying handling of callee-cleanup stack area.
titzer [Fri, 31 Jul 2015 15:18:34 +0000 (08:18 -0700)]
[turbofan] Simplifying handling of callee-cleanup stack area.

R=danno@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1269913002

Cr-Commit-Position: refs/heads/master@{#29957}

9 years agoVectorICs: refactoring to eliminate "for queries only" vector ic mode.
mvstanton [Fri, 31 Jul 2015 14:03:55 +0000 (07:03 -0700)]
VectorICs: refactoring to eliminate "for queries only" vector ic mode.

Since we need the notion of a dummy vector ic, we can use that to avoid
a special case of the IC constructor. Also, consolidate the two dummy
ICs into one.

BUG=

Review URL: https://codereview.chromium.org/1268783004

Cr-Commit-Position: refs/heads/master@{#29956}

9 years ago[turbofan] Float32 LinkageLocations need double registers too.
titzer [Fri, 31 Jul 2015 12:53:21 +0000 (05:53 -0700)]
[turbofan] Float32 LinkageLocations need double registers too.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1268433003

Cr-Commit-Position: refs/heads/master@{#29955}

9 years ago[turbofan] Merge dependent Word32Equal on ARM64
martyn.capewell [Fri, 31 Jul 2015 12:46:01 +0000 (05:46 -0700)]
[turbofan] Merge dependent Word32Equal on ARM64

Improve code generated for flag materialization.

Review URL: https://codereview.chromium.org/1260733003

Cr-Commit-Position: refs/heads/master@{#29954}

9 years ago[stubs] Unify (and optimize) implementation of ToObject.
bmeurer [Fri, 31 Jul 2015 12:25:28 +0000 (05:25 -0700)]
[stubs] Unify (and optimize) implementation of ToObject.

This is the initial (big) step towards a more uniform implementation of
the ToObject abstract operation (ES6 7.1.13), where we have a fallback
implementation in JSReceiver::ToObject() and a fast (hydrogen) CodeStub
to deal with the fast case (we should be able to do more cleanup on this
in a followup CL).  For natives we expose the abstract operation via a
%_ToObject intrinsic, also exposed via a macro TO_OBJECT, that unifies
the previous confusion with TO_OBJECT_INLINE, ToObject, TO_OBJECT,
$toObject and %$toObject.  Now the whole implementation of the abstract
operation is context independent, meaning we don't need any magic in the
builtins object nor the native context.

R=mvstanton@chromium.org,yangguo@chromium.org

Review URL: https://codereview.chromium.org/1266013006

Cr-Commit-Position: refs/heads/master@{#29953}

9 years agoVectorICs: Crankshaft adaptations to deal with vector store ics.
mvstanton [Fri, 31 Jul 2015 11:56:02 +0000 (04:56 -0700)]
VectorICs: Crankshaft adaptations to deal with vector store ics.

Also, a one line fix in TurboFan to call the correct store ic.

BUG=

Review URL: https://codereview.chromium.org/1266983002

Cr-Commit-Position: refs/heads/master@{#29952}

9 years agoDebugger: move implementation to a separate folder.
yangguo [Fri, 31 Jul 2015 11:07:50 +0000 (04:07 -0700)]
Debugger: move implementation to a separate folder.

R=cbruni@chromium.org

Review URL: https://codereview.chromium.org/1265923002

Cr-Commit-Position: refs/heads/master@{#29951}

9 years agoEnsure the memory reduces makes progress.
ulan [Fri, 31 Jul 2015 10:27:58 +0000 (03:27 -0700)]
Ensure the memory reduces makes progress.

BUG=

Review URL: https://codereview.chromium.org/1262363002

Cr-Commit-Position: refs/heads/master@{#29950}

9 years ago[turbofan] Fix kArchTailCallCodeObject on ia32/x64.
rmcilroy [Fri, 31 Jul 2015 10:20:06 +0000 (03:20 -0700)]
[turbofan] Fix kArchTailCallCodeObject on ia32/x64.

Previously these instructions tried to jump to the value at the code entry's
location, rather than jumping to this location. Also adds a test.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1265723003

Cr-Commit-Position: refs/heads/master@{#29949}

9 years ago[turbofan] GraphBuilderTester uses --print-opt-code.
titzer [Fri, 31 Jul 2015 09:12:29 +0000 (02:12 -0700)]
[turbofan] GraphBuilderTester uses --print-opt-code.

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1256723003

Cr-Commit-Position: refs/heads/master@{#29948}

9 years agoTake into account freed global handles for heap growing.
ulan [Fri, 31 Jul 2015 08:59:58 +0000 (01:59 -0700)]
Take into account freed global handles for heap growing.

This partially brings back the heuristic from v8 4.44.

BUG=

Review URL: https://codereview.chromium.org/1269743002

Cr-Commit-Position: refs/heads/master@{#29947}

9 years agoAfter trying once to create a Realm in regress-crbug-501711.js give up
jochen [Fri, 31 Jul 2015 08:06:36 +0000 (01:06 -0700)]
After trying once to create a Realm in regress-crbug-501711.js give up

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1261123003

Cr-Commit-Position: refs/heads/master@{#29946}

9 years agoGC: Add tracing event for rescanning large objects on newspace evacuation
mlippautz [Fri, 31 Jul 2015 07:29:31 +0000 (00:29 -0700)]
GC: Add tracing event for rescanning large objects on newspace evacuation

BUG=

Review URL: https://codereview.chromium.org/1269753002

Cr-Commit-Position: refs/heads/master@{#29945}

9 years agoRevert of [cq] Increase commit burst delay. (patchset #1 id:1 of https://codereview...
machenbach [Fri, 31 Jul 2015 07:16:29 +0000 (00:16 -0700)]
Revert of [cq] Increase commit burst delay. (patchset #1 id:1 of https://codereview.chromium.org/1258193003/)

Reason for revert:
Committing more than one CL at a time led to some odd buildbot behavior on the console (probably an independent bug).

Original issue's description:
> [cq] Increase commit burst delay.
>
> TBR=jkummerow@chromium.org, hablich@chromium.org
> NOTRY=true
> NOTREECHECKS=true
>
> Committed: https://crrev.com/1f2e914d103532df410f118c81c60fba8b6a00e0
> Cr-Commit-Position: refs/heads/master@{#29914}

TBR=jkummerow@chromium.org,hablich@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1263183002

Cr-Commit-Position: refs/heads/master@{#29944}

9 years agoX87: [interpreter] Add Interpreter{Entry,Exit}Trampoline builtins.
chunyang.dai [Fri, 31 Jul 2015 05:22:21 +0000 (22:22 -0700)]
X87: [interpreter] Add Interpreter{Entry,Exit}Trampoline builtins.

port c5dd553cf3a44cd8c17958a595198b5ea9492cd0 (r29929).

original commit message:

    Adds interpreter entry and exit trampoline builtins. Also implements the
    Return bytecode handler and fixes a few bugs in InterpreterAssembler
    highlighted by running on other architectures.

BUG=

Review URL: https://codereview.chromium.org/1271433002

Cr-Commit-Position: refs/heads/master@{#29943}

9 years agoX87: [interpreter] Change interpreter to use an BytecodeArray pointer and and offset.
chunyang.dai [Fri, 31 Jul 2015 05:22:11 +0000 (22:22 -0700)]
X87: [interpreter] Change interpreter to use an BytecodeArray pointer and and offset.

port 597da503220ab2a632453d2e3a915e9824d6d592 (r29910).

original commit message:

    Changes the interpreter to use a BytecodeArray pointer and an offset to avoid
    having an inner pointer to a BytecodeArray object in registers during dispatch.

BUG=

Review URL: https://codereview.chromium.org/1267783002

Cr-Commit-Position: refs/heads/master@{#29942}

9 years agoUpdate V8 DEPS.
v8-autoroll [Fri, 31 Jul 2015 03:27:13 +0000 (20:27 -0700)]
Update V8 DEPS.

Rolling v8/third_party/android_tools to 2bb73b7af7da7116aa54c1474121c28a85d28e6b

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1263453003

Cr-Commit-Position: refs/heads/master@{#29941}

9 years agoPPC: Speed up cctest/test-debug/DebugBreakLoop.
mbrandy [Thu, 30 Jul 2015 18:44:40 +0000 (11:44 -0700)]
PPC: Speed up cctest/test-debug/DebugBreakLoop.

Port a67f31c48c7bb7a3f653e32e0a48143099d27b68

R=yangguo@chromium.org, michael_dawson@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1263863003

Cr-Commit-Position: refs/heads/master@{#29940}

9 years agoPPC: [interpreter] Add Interpreter{Entry,Exit}Trampoline builtins.
mbrandy [Thu, 30 Jul 2015 18:43:33 +0000 (11:43 -0700)]
PPC: [interpreter] Add Interpreter{Entry,Exit}Trampoline builtins.

Port c5dd553cf3a44cd8c17958a595198b5ea9492cd0

Original commit message:
    Adds interpreter entry and exit trampoline builtins. Also implements the
    Return bytecode handler and fixes a few bugs in InterpreterAssembler
    highlighted by running on other architectures.

R=rmcilroy@chromium.org, michael_dawson@ca.ibm.com, jyan@ca.ibm.com, joransiu@ca.ibm.com
BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1266053002

Cr-Commit-Position: refs/heads/master@{#29939}

9 years ago[turbofan]: Add better encapsulation to LinkageLocation
danno [Thu, 30 Jul 2015 14:52:13 +0000 (07:52 -0700)]
[turbofan]: Add better encapsulation to LinkageLocation

Add factory methods for different types of LinkageLocations, and ensure that
accesses to the underlying data in the location are classified by type and
funneled through explicit accessors.

Also change the representation of LinkageLocation to use a BitField rather
than using a reserved section of the integer range.

Review URL: https://codereview.chromium.org/1262343002

Cr-Commit-Position: refs/heads/master@{#29938}

9 years agoFix the failure when enabling v8 profiler or vtune profiler in chromium.
chunyang.dai [Thu, 30 Jul 2015 14:29:48 +0000 (07:29 -0700)]
Fix the failure when enabling v8 profiler or vtune profiler in chromium.

   When enabling the v8 profiler (Using the following command parameters: --js-flags=--prof)
   or vtune profiling in chromium. it will break. This failure is introduced by this CL:
   https://codereview.chromium.org/1218863002.

   The reason is that V8 will enable the JITted code logging if --prof is set for V8. And under
   this condition, the function Logger::LogCodeObjects() will be invoked and it will trigger a
   mark-compact GC when deserializing the snapshot. This GC will use MemoryReducer to post a
   delay task by invoking V8Platform::CallDelayedOnForegroundThread() function. But at this point
   V8 isolation is still under initialization and the PerIsolationData of this isolation has not
   been created. (isolation_holder.cc:39~40 line). This leads to V8Platform::CallDelayedOnForegroundThread()
   failure because of segment fault.

   According to my understanding, I proposed the following fix. If the heap deserialization has not
   be completed, it does not post the delay task for next GC.

BUG=

Review URL: https://codereview.chromium.org/1270493002

Cr-Commit-Position: refs/heads/master@{#29937}

9 years agoDebugger: correctly redirect code with no stack check.
yangguo [Thu, 30 Jul 2015 14:22:39 +0000 (07:22 -0700)]
Debugger: correctly redirect code with no stack check.

This fix makes the redirect mechanism a bit more stable.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1269733002

Cr-Commit-Position: refs/heads/master@{#29936}

9 years agoAdd CancelableIdleTask.
ulan [Thu, 30 Jul 2015 14:09:01 +0000 (07:09 -0700)]
Add CancelableIdleTask.

BUG=chromium:490559
LOG=NO

Review URL: https://codereview.chromium.org/1258923010

Cr-Commit-Position: refs/heads/master@{#29935}

9 years ago[Interpreter] Add more bytecode definitions and add operand types.
oth [Thu, 30 Jul 2015 13:56:47 +0000 (06:56 -0700)]
[Interpreter] Add more bytecode definitions and add operand types.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1257543003

Cr-Commit-Position: refs/heads/master@{#29934}

9 years agoPass the kGCCallbackFlagForced flag when invoking Heap::CollectAllGarbage from Adjust...
epertoso [Thu, 30 Jul 2015 13:41:25 +0000 (06:41 -0700)]
Pass the kGCCallbackFlagForced flag when invoking Heap::CollectAllGarbage from AdjustAmountOfExternalAllocatedMemory.

This forces the second pass of the pending phantom callbacks to run immediately after the first.

BUG=chromium:511294
LOG=Y

Review URL: https://codereview.chromium.org/1252993004

Cr-Commit-Position: refs/heads/master@{#29933}

9 years agoFix BUILD.gn.
Ben L. Titzer [Thu, 30 Jul 2015 12:42:00 +0000 (14:42 +0200)]
Fix BUILD.gn.

TBR=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1263633003

Cr-Commit-Position: refs/heads/master@{#29932}

9 years ago[turbofan] Factor C call descriptor building into compiler/c-linkage.cc.
titzer [Thu, 30 Jul 2015 12:36:15 +0000 (05:36 -0700)]
[turbofan] Factor C call descriptor building into compiler/c-linkage.cc.

This is the first step in cutting the Gordian linkage/linkage-impl knot.

This basically changes the axis along which we organize call descriptor
building logic from having platform-specific files dedicated to all call
descriptor types to having call-descriptor-type-specific files that have

The next step is to factor the JS, code stub, and runtime call descriptors
similarly, dumping them into:
  compiler/js-linkage.cc
  compiler/runtime-linkage.cc
  compiler/code-stub-linkage.cc

 or, alternatively, all of them just into compiler/js-linkage.cc.

This also anticipates a wasm-linkage.cc file in the future.

R=bmeurer@chromium.org,danno@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1266603002

Cr-Commit-Position: refs/heads/master@{#29931}

9 years agoUse proper verify method when checking slots buffer entries.
hpayer [Thu, 30 Jul 2015 12:22:21 +0000 (05:22 -0700)]
Use proper verify method when checking slots buffer entries.

BUG=chromium:454297
LOG=n

Review URL: https://codereview.chromium.org/1265943002

Cr-Commit-Position: refs/heads/master@{#29930}

9 years ago[interpreter] Add Interpreter{Entry,Exit}Trampoline builtins.
rmcilroy [Thu, 30 Jul 2015 11:36:26 +0000 (04:36 -0700)]
[interpreter] Add Interpreter{Entry,Exit}Trampoline builtins.

Adds interpreter entry and exit trampoline builtins. Also implements the
Return bytecode handler and fixes a few bugs in InterpreterAssembler
highlighted by running on other architectures.

MIPS and MIPS64 port contributed by Paul Lind (paul.lind@imgtec.com)

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1245133002

Cr-Commit-Position: refs/heads/master@{#29929}

9 years agoVectorICs: --print-ast now prints allocated vector slots
mvstanton [Thu, 30 Jul 2015 11:09:42 +0000 (04:09 -0700)]
VectorICs: --print-ast now prints allocated vector slots

Looks like this:
--- AST ---
FUNC
. NAME "foo"
. INFERRED NAME ""
. RETURN
. . PROPERTY ICSlot(0, LOAD_IC)
. . . VAR PROXY ICSlot(1, LOAD_IC) (mode = DYNAMIC_GLOBAL) "a"
. . . NAME x

BUG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1264823003

Cr-Commit-Position: refs/heads/master@{#29928}

9 years agoBugfix: CCTest test-func-name-inference/InConstructor is broken
mvstanton [Thu, 30 Jul 2015 10:43:05 +0000 (03:43 -0700)]
Bugfix: CCTest test-func-name-inference/InConstructor is broken

BUG=v8:4331
LOG=N

Review URL: https://codereview.chromium.org/1263763002

Cr-Commit-Position: refs/heads/master@{#29927}

9 years agoFix idle notification for background tab.
ulan [Thu, 30 Jul 2015 10:38:13 +0000 (03:38 -0700)]
Fix idle notification for background tab.

The idle time handler should never return DONE or DO_SCAVENGE for
background tabs. Upon receiving DONE chrome will stop sending idle notifications.

BUG=chromium:515174
LOG=NO

Review URL: https://codereview.chromium.org/1269583002

Cr-Commit-Position: refs/heads/master@{#29926}

9 years agoMove final parts of class literal setup into a single runtime call
conradw [Thu, 30 Jul 2015 10:38:07 +0000 (03:38 -0700)]
Move final parts of class literal setup into a single runtime call

This avoids multiple ToFastProperties runtime calls and additional stack
pushes in strong mode.

BUG=

Review URL: https://codereview.chromium.org/1266573003

Cr-Commit-Position: refs/heads/master@{#29925}

9 years agoStop overallocating feedback vector slots.
mvstanton [Thu, 30 Jul 2015 10:37:58 +0000 (03:37 -0700)]
Stop overallocating feedback vector slots.

When a Property or a VariableProxy is used as the left hand side of an
assignment statement, there is no need to allocate a LOAD_IC feedback
vector slot for it. Alter the numbering phase to support this.

BUG=

Review URL: https://codereview.chromium.org/1262803002

Cr-Commit-Position: refs/heads/master@{#29924}

9 years ago[runtime] DeclareGlobals and DeclareLookupSlot don't need context parameters.
bmeurer [Thu, 30 Jul 2015 09:29:41 +0000 (02:29 -0700)]
[runtime] DeclareGlobals and DeclareLookupSlot don't need context parameters.

All runtime function get a context anyway, which is the same as the
explicit one in case of DeclareGlobals and DeclareLookupSlot. So
we can remove the additional parameter there.

As an additional bonus, improve the runtime interface to DeclareLookupSlot.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1261863002

Cr-Commit-Position: refs/heads/master@{#29923}

9 years agoAdd test for referring function name for classes.
yangguo [Thu, 30 Jul 2015 09:21:16 +0000 (02:21 -0700)]
Add test for referring function name for classes.

R=mvstanton@chromium.org
BUG=v8:4333
LOG=N

Review URL: https://codereview.chromium.org/1264603002

Cr-Commit-Position: refs/heads/master@{#29922}

9 years agoMIPS: Fix disassembler for J and JAL instructions.
Ilija.Pavlovic [Thu, 30 Jul 2015 09:16:35 +0000 (02:16 -0700)]
MIPS: Fix disassembler for J and JAL instructions.

Adapted disassembler for J and JAL instructions.

TEST=cctest/test-disasm-mips/Type0,
     cctest/test-disasm-mips64/Type3
BUG=

Review URL: https://codereview.chromium.org/1258743004

Cr-Commit-Position: refs/heads/master@{#29921}

9 years agoMIPS64: Fix the integer division in crankshaft.
akos.palfi [Thu, 30 Jul 2015 09:16:18 +0000 (02:16 -0700)]
MIPS64: Fix the integer division in crankshaft.

Replaces the 64-bit div instruction with 32-bit division in DivI.
Also fixes the Ddiv implementation in the simulator.

TEST=mjsunit/asm/int32div
BUG=

Review URL: https://codereview.chromium.org/1265603002

Cr-Commit-Position: refs/heads/master@{#29920}

9 years ago[turbofan] Fix invalid access to Parameter index.
bmeurer [Thu, 30 Jul 2015 09:16:12 +0000 (02:16 -0700)]
[turbofan] Fix invalid access to Parameter index.

A Parameter operator contains a ParameterInfo payload, not an int
payload, so the OpParameter<int> cast is invalid (and only worked by
coincidence currently).

BUG=chromium:515215
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1266743002

Cr-Commit-Position: refs/heads/master@{#29919}

9 years agoSpeed up cctest/test-debug/DebugBreakLoop.
yangguo [Thu, 30 Jul 2015 09:11:24 +0000 (02:11 -0700)]
Speed up cctest/test-debug/DebugBreakLoop.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1262613002

Cr-Commit-Position: refs/heads/master@{#29918}

9 years ago[arm] Fix --enable-vldr-imm.
jacob.bramley [Thu, 30 Jul 2015 09:11:12 +0000 (02:11 -0700)]
[arm] Fix --enable-vldr-imm.

This fixes several bugs related to float64 pool constants.

Note that float64 pool constants are still disabled by default, and are
only used if --enable-vldr-imm is provided.

BUG=

Review URL: https://codereview.chromium.org/1260953002

Cr-Commit-Position: refs/heads/master@{#29917}

9 years agoReduce allowance in the first code page at start up.
yangguo [Thu, 30 Jul 2015 09:11:06 +0000 (02:11 -0700)]
Reduce allowance in the first code page at start up.

This has become possible since we moved a few experimental
Javascript features to default.

R=hpayer@chromium.org
BUG=chromium:506044
LOG=N

Review URL: https://codereview.chromium.org/1262833002

Cr-Commit-Position: refs/heads/master@{#29916}

9 years agoReland^3 "Enable loads and stores to global vars through property cell shortcuts...
Benedikt Meurer [Thu, 30 Jul 2015 08:58:38 +0000 (10:58 +0200)]
Reland^3 "Enable loads and stores to global vars through property cell shortcuts installed into par… (patchset #1 id:1 of https://codereview.chromium.org/1254723004/)"

This reverts commit 2c16d81b256ed664c376342313558a37bbce0131.

R=hablich@chromium.org

Review URL: https://codereview.chromium.org/1261533004 .

Cr-Commit-Position: refs/heads/master@{#29915}

9 years ago[cq] Increase commit burst delay.
machenbach [Thu, 30 Jul 2015 08:38:20 +0000 (01:38 -0700)]
[cq] Increase commit burst delay.

TBR=jkummerow@chromium.org, hablich@chromium.org
NOTRY=true
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1258193003

Cr-Commit-Position: refs/heads/master@{#29914}

9 years agoOptimize ToString and NonStringToString.
bbudge [Thu, 30 Jul 2015 08:21:43 +0000 (01:21 -0700)]
Optimize ToString and NonStringToString.

Moves some uncommon type checking from ToString and
NonStringToString into DefaultString. This should
speed up string operations.

LOG=N
BUG=none

Review URL: https://codereview.chromium.org/1256323004

Cr-Commit-Position: refs/heads/master@{#29913}

9 years ago[d8] Fix tsan bugs
binji [Thu, 30 Jul 2015 08:20:35 +0000 (01:20 -0700)]
[d8] Fix tsan bugs

script_executed and last_run are read/written by multiple threads. Also
externalized_shared_contents_ is modified by multiple threads.

BUG=4306
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1252623003

Cr-Commit-Position: refs/heads/master@{#29912}

9 years ago[d8 Workers] Fix bug creating Worker during main thread termination
binji [Thu, 30 Jul 2015 08:19:29 +0000 (01:19 -0700)]
[d8 Workers] Fix bug creating Worker during main thread termination

When the main thread terminates, it forcibly terminates all Worker threads.
When this happens, the threads objects were only half-created; they had a
JavaScript Worker object, but not a C++ worker object.

This CL fixes that bug, as well as some other fixes:
* Signatures on Worker methods
* Use SetAlignedPointerFromInternalField instead of using an External.
* Remove state_ from Worker. Simplify to atomic bool running_.

BUG=chromium:511880
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1255563002

Cr-Commit-Position: refs/heads/master@{#29911}

9 years ago[interpreter] Change interpreter to use an BytecodeArray pointer and and offset.
rmcilroy [Thu, 30 Jul 2015 08:18:23 +0000 (01:18 -0700)]
[interpreter] Change interpreter to use an BytecodeArray pointer and and offset.

Changes the interpreter to use a BytecodeArray pointer and an offset to avoid
having an inner pointer to a BytecodeArray object in registers during dispatch.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1254293006

Cr-Commit-Position: refs/heads/master@{#29910}

9 years agoAssign more bits to safepoint table offset.
yangguo [Thu, 30 Jul 2015 08:17:15 +0000 (01:17 -0700)]
Assign more bits to safepoint table offset.

1 << 24 is apparently not large enough for some optimized code.

R=jkummerow@chromium.org
BUG=v8:4272
LOG=N

Review URL: https://codereview.chromium.org/1265663002

Cr-Commit-Position: refs/heads/master@{#29909}

9 years agoOptimize ToNumber and NonNumberToNumber.
bbudge [Thu, 30 Jul 2015 08:16:08 +0000 (01:16 -0700)]
Optimize ToNumber and NonNumberToNumber.

Moves some uncommon type checking from ToNumber and
NonNumberToNumber into DefaultNumber. This should
speed up numeric operations especially as more "value types
are added.

LOG=N
BUG=513196, v8:4124

Review URL: https://codereview.chromium.org/1260273002

Cr-Commit-Position: refs/heads/master@{#29908}

9 years agoPPC: Support for conditional return instruction.
mbrandy [Thu, 30 Jul 2015 07:30:27 +0000 (00:30 -0700)]
PPC: Support for conditional return instruction.

R=dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1259723002

Cr-Commit-Position: refs/heads/master@{#29907}

9 years agoPPC: [stubs] Don't pass name to Load/StoreGlobalViaContext stubs.
mbrandy [Thu, 30 Jul 2015 07:28:37 +0000 (00:28 -0700)]
PPC: [stubs] Don't pass name to Load/StoreGlobalViaContext stubs.

Port 5dff4bdff06c0463db1e876af7541af2b715392c

Original commit message:
    No need to pass the name explicitly to the stubs; the runtime can
    extract the name from the ScopeInfo (the extension of the
    ScriptContext) on-demand easily without any performance impact.

R=bmeurer@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1258273002

Cr-Commit-Position: refs/heads/master@{#29906}

9 years agoRevert^3 "Enable loads and stores to global vars through property cell shortcuts...
jkummerow [Wed, 29 Jul 2015 11:48:44 +0000 (04:48 -0700)]
Revert^3 "Enable loads and stores to global vars through property cell shortcuts installed into par… (patchset #1 id:1 of https://codereview.chromium.org/1254723004/)

Reason for revert:
Suspected to cause Canary crashes

Original issue's description:
> Reland^2 "Enable loads and stores to global vars through property cell shortcuts installed into parent script context".
>
> This reverts commit 362b378501ac2220655e16f49c6d1aa734e657f4.
>
> R=ishell@chromium.org
>
> Committed: https://crrev.com/440ae014e56924b52337c3747221b79283f07b81
> Cr-Commit-Position: refs/heads/master@{#29849}

TBR=ishell@chromium.org,v8-mips-ports@googlegroups.com,plind44@gmail.com,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1260423002

Cr-Commit-Position: refs/heads/master@{#29905}

9 years agoDebugger: skip function prologue when computing redirect PC.
yangguo [Wed, 29 Jul 2015 11:19:10 +0000 (04:19 -0700)]
Debugger: skip function prologue when computing redirect PC.

R=jkummerow@chromium.org
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1268463002

Cr-Commit-Position: refs/heads/master@{#29904}

9 years agoPretenuring decision of outermost literal is propagated to inner literals.
Hannes Payer [Wed, 29 Jul 2015 09:56:21 +0000 (11:56 +0200)]
Pretenuring decision of outermost literal is propagated to inner literals.

Literals should stay together to simplify allocation folding. This CL takes the pretenuring information from the outermost literal and applies it to the inner liberals.

BUG=chromium:514721
LOG=n
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1263773002 .

Cr-Commit-Position: refs/heads/master@{#29903}

9 years agoUpdate V8 DEPS.
v8-autoroll [Wed, 29 Jul 2015 08:13:05 +0000 (01:13 -0700)]
Update V8 DEPS.

Rolling v8/buildtools to f0b8022601cf9c3c1a2f7efcea48e2fe81d3b143

TBR=machenbach@chromium.org
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1262733002

Cr-Commit-Position: refs/heads/master@{#29902}

9 years agoAdd per-file OWNERS for PPC-specific cctests
mbrandy [Wed, 29 Jul 2015 08:11:57 +0000 (01:11 -0700)]
Add per-file OWNERS for PPC-specific cctests

BUG=
R=jkummerow@chromium.org
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1259013002

Cr-Commit-Position: refs/heads/master@{#29901}

9 years ago[test] Fix for keying variants.
machenbach [Wed, 29 Jul 2015 07:40:50 +0000 (00:40 -0700)]
[test] Fix for keying variants.

BUG=chromium:511215
NOTREECHECKS=true
NOTRY=true
LOG=n
TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1262113002

Cr-Commit-Position: refs/heads/master@{#29900}

9 years ago[test] Key variant flags by variant name everywhere.
machenbach [Wed, 29 Jul 2015 07:14:15 +0000 (00:14 -0700)]
[test] Key variant flags by variant name everywhere.

This allows variants to be named on test failures (follow
up) and then to be used in the test runner for a repro.

This also speeds up variant iteration for test262 and fixes
a bug with variants for benchmarks.

BUG=chromium:511215
NOTREECHECKS=true
LOG=n

Review URL: https://codereview.chromium.org/1245623005

Cr-Commit-Position: refs/heads/master@{#29899}

9 years agoFix prototype registration upon SlowToFast migration
jkummerow [Tue, 28 Jul 2015 15:41:20 +0000 (08:41 -0700)]
Fix prototype registration upon SlowToFast migration

When a prototype object migrates from a slow to a fast map, where the slow map
was registered as a user of its own prototype, then the registration must be
transferred to the new map (just like MigrateToMap does for all other cases).

BUG=chromium:513602
LOG=y
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1263543004

Cr-Commit-Position: refs/heads/master@{#29898}

9 years agoMoved project configs to infra/config branch
nodir [Tue, 28 Jul 2015 15:08:05 +0000 (08:08 -0700)]
Moved project configs to infra/config branch

luci-config has been switched to read from
https://chromium.googlesource.com/v8/v8/+/infra/config

R=machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=513460

Review URL: https://codereview.chromium.org/1258763004

Cr-Commit-Position: refs/heads/master@{#29897}

9 years agoBugfix: Incorrect type feedback vector structure on recompile.
mvstanton [Tue, 28 Jul 2015 14:02:49 +0000 (07:02 -0700)]
Bugfix: Incorrect type feedback vector structure on recompile.

Scoping rules are different on recompile vis-a-vis global loads.

BUG=chromium:514526
LOG=y
NOTREECHECKS=true

Review URL: https://codereview.chromium.org/1256413005

Cr-Commit-Position: refs/heads/master@{#29896}

9 years ago[test] Shorten excessive webkit test.
machenbach [Tue, 28 Jul 2015 10:17:18 +0000 (03:17 -0700)]
[test] Shorten excessive webkit test.

BUG=

Review URL: https://codereview.chromium.org/1257583005

Cr-Commit-Position: refs/heads/master@{#29895}

9 years ago[test] Skip slow test in novfp3 mode.
machenbach [Tue, 28 Jul 2015 09:54:04 +0000 (02:54 -0700)]
[test] Skip slow test in novfp3 mode.

TBR=yangguo@chromium.org
NOTRY=true

Review URL: https://codereview.chromium.org/1264443002

Cr-Commit-Position: refs/heads/master@{#29894}

9 years agoReland of "Remove ExternalArray, derived types, and element kinds"
jochen [Tue, 28 Jul 2015 09:29:34 +0000 (02:29 -0700)]
Reland of "Remove ExternalArray, derived types, and element kinds"

Original issue's description:
> Remove ExternalArray, derived types, and element kinds
>
> BUG=v8:3996
> R=jarin@chromium.org, mvstanton@chromium.org, bmeurer@chromium.org
> LOG=y
>
> Committed: https://crrev.com/607ef7c6009a24ebf195b4cab7b0b436c5afd21c
> Cr-Commit-Position: refs/heads/master@{#29872}

BUG=v8:3996
R=bmeurer@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/1262583002

Cr-Commit-Position: refs/heads/master@{#29893}

9 years agoX87: [stubs] Don't pass name to Load/StoreGlobalViaContext stubs.
chunyang.dai [Tue, 28 Jul 2015 08:37:21 +0000 (01:37 -0700)]
X87: [stubs] Don't pass name to Load/StoreGlobalViaContext stubs.

port 5dff4bdff06c0463db1e876af7541af2b715392c (r29886).

original commit message:

    No need to pass the name explicitly to the stubs; the runtime can
    extract the name from the ScopeInfo (the extension of the
    ScriptContext) on-demand easily without any performance impact.

BUG=

Review URL: https://codereview.chromium.org/1259063004

Cr-Commit-Position: refs/heads/master@{#29892}

9 years agoX87: [stubs] Properly handle read-only properties in StoreGlobalViaContextStub.
chunyang.dai [Tue, 28 Jul 2015 08:34:33 +0000 (01:34 -0700)]
X87: [stubs] Properly handle read-only properties in StoreGlobalViaContextStub.

port cac64b9f634743f7f5311d4dca8d50157b10fab5 (r29881)

original commit message:

    We don't need the hole check and slow runtime mode for read-only
    properties this way.

BUG=

Review URL: https://codereview.chromium.org/1263473002

Cr-Commit-Position: refs/heads/master@{#29891}

9 years agoX87: VectorICs: vector [keyed]store ic MISS handling infrastructure.
chunyang.dai [Tue, 28 Jul 2015 08:32:46 +0000 (01:32 -0700)]
X87: VectorICs: vector [keyed]store ic MISS handling infrastructure.

port a913f4bf5c40ef88c52e7cf821540f0faf5524f9 (r29870).

original commit message:

BUG=

Review URL: https://codereview.chromium.org/1257883003

Cr-Commit-Position: refs/heads/master@{#29890}

9 years ago[stubs] Use a single slot for context globals.
bmeurer [Tue, 28 Jul 2015 08:18:17 +0000 (01:18 -0700)]
[stubs] Use a single slot for context globals.

Don't use different read/write slots for context globals, but
let them share the same slot, which reduces the number of
initial misses, and also saves some memory for large scripts.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1258213002

Cr-Commit-Position: refs/heads/master@{#29889}

9 years agoRevert of Activate preserving of optimized code map accross GCs. (patchset #1 id...
hpayer [Tue, 28 Jul 2015 07:28:03 +0000 (00:28 -0700)]
Revert of Activate preserving of optimized code map accross GCs. (patchset #1 id:1 of https://codereview.chromium.org/1217863006/)

Reason for revert:
This CL may be the reason for the spike on memory corruption. Tentatively reverting this CL.

BUG=chromium:512780
LOG=n

Original issue's description:
> Activate preserving of optimized code map accross GCs.
>
> This enables --noflush-optimized-code-cache which allows preserving
> entries in the optimized code map accross GCs. This only applies to
> values being reachable through other paths.
>
> R=hpayer@chromium.org,hablich@chromium.org
>
> Committed: https://crrev.com/1a8776db25b63c4ce718423772d1fd13f58eeab5
> Cr-Commit-Position: refs/heads/master@{#29755}

TBR=hablich@chromium.org,mstarzinger@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1255043003

Cr-Commit-Position: refs/heads/master@{#29888}

9 years ago[stubs] Also handle properties of the JSBuiltinsObject in the fast case.
bmeurer [Tue, 28 Jul 2015 06:48:08 +0000 (23:48 -0700)]
[stubs] Also handle properties of the JSBuiltinsObject in the fast case.

We can apply the shortcut used for data properties of the JSGlobalObject
to builtin properties as well. This mostly affects the custom properties
we use for the Math functions (i.e. rngstate for Math.random() and kMath
for sin, cos and friends).

Drive-by-fix: Also mark the internal builtin typed arrays properties
(rngstate, kMath and rempio2result) as READ_ONLY, as they should not be
touched after genesis.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1254143003

Cr-Commit-Position: refs/heads/master@{#29887}

9 years ago[stubs] Don't pass name to Load/StoreGlobalViaContext stubs.
bmeurer [Tue, 28 Jul 2015 06:04:04 +0000 (23:04 -0700)]
[stubs] Don't pass name to Load/StoreGlobalViaContext stubs.

No need to pass the name explicitly to the stubs; the runtime can
extract the name from the ScopeInfo (the extension of the
ScriptContext) on-demand easily without any performance impact.

Review URL: https://codereview.chromium.org/1259963002

Cr-Commit-Position: refs/heads/master@{#29886}

9 years agoUpdate V8 DEPS.
v8-autoroll [Tue, 28 Jul 2015 03:25:45 +0000 (20:25 -0700)]
Update V8 DEPS.

Rolling v8/third_party/android_tools to e17c167589c7cff61a00c4d3674765536ee8d46c

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/1255393002

Cr-Commit-Position: refs/heads/master@{#29885}

9 years agoUpdate PPC OWNERS
mbrandy [Mon, 27 Jul 2015 21:37:48 +0000 (14:37 -0700)]
Update PPC OWNERS

R=michael_dawson@ca.ibm.com, danno@chromium.org, yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1255953003

Cr-Commit-Position: refs/heads/master@{#29884}

9 years agoRevert of Remove ExternalArray, derived types, and element kinds (patchset #5 id...
machenbach [Mon, 27 Jul 2015 20:32:00 +0000 (13:32 -0700)]
Revert of Remove ExternalArray, derived types, and element kinds (patchset #5 id:80001 of https://codereview.chromium.org/1254623002/)

Reason for revert:
[Sheriff] Breaks several layout tests, e.g.:
http://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2032/builds/1067

Several output lines change from PASS to FAIL. If the changes are intended, please land a needsmanualrebaseline change in blink first.

Original issue's description:
> Remove ExternalArray, derived types, and element kinds
>
> BUG=v8:3996
> R=jarin@chromium.org, mvstanton@chromium.org, bmeurer@chromium.org
> LOG=y
>
> Committed: https://crrev.com/607ef7c6009a24ebf195b4cab7b0b436c5afd21c
> Cr-Commit-Position: refs/heads/master@{#29872}

TBR=bmeurer@chromium.org,hpayer@chromium.org,jarin@chromium.org,mvstanton@chromium.org,jochen@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:3996

Review URL: https://codereview.chromium.org/1257223002

Cr-Commit-Position: refs/heads/master@{#29883}

9 years agoPPC: [stubs] Properly handle read-only properties in StoreGlobalViaContextStub.
mbrandy [Mon, 27 Jul 2015 20:12:10 +0000 (13:12 -0700)]
PPC: [stubs] Properly handle read-only properties in StoreGlobalViaContextStub.

Port cac64b9f634743f7f5311d4dca8d50157b10fab5

Original commit message:
    We don't need the hole check and slow runtime mode for read-only
    properties this way.

R=bmeurer@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1257183003

Cr-Commit-Position: refs/heads/master@{#29882}