TBR=mstarzinger@chromium.org
BUG=3350
LOG=N

Review URL: https://codereview.chromium.org/305583002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21526 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Port r21509 (78a54b0)

Original commit message:
This way an HStoreNamedField instruction can never deoptimize
itself, which is another important step towards a working
store elimination.

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/297143007

Patch from Balazs Kilvady <kilvadyb@homejinni.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/301633005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21524 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

When tracing, we abuse the map for marking, thereby mutating it.
FixedTypedArrayBase::size() uses the object's map, which causes crash.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/300753002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21523 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/300003007

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

(This shouldn't happen in the first place, as by definition that callback would never be called. However, the referenced bug sorta looks like this happened. If so, the CHECK should help us pinpoint the culprit.)

R=jochen@chromium.org
BUG=368095
LOG=N

Review URL: https://codereview.chromium.org/265823006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/300773002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21520 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

MemCopy is only meant for variable size, large (>64bytes) copies,
otherwise, it's probably slower than memcpy due to the call
overhead and the compiler can't optimize it away.

BUG=none
R=jkummerow@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/306453005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=jochen@chromium.org

Review URL: https://codereview.chromium.org/301673002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21518 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=ulan@chromium.org, bmeurer@chromium.org

Review URL: https://codereview.chromium.org/302453008

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21517 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/293353004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21516 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/306513002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21515 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN

The bug:
The code assumed that a weak Persistent whose weak callback is being
called would still be weak. That isn't true since the persistent is
un-weakened by the garbage collector before calling the weak callback. [1]

Specifically, PersistentValueMap would funnel all 'remove' actions
through its Release method, which uses PersistentBase::ClearWeak to
obtain the callback data. [2] For 'removes' caused by the weak callback,
ClearWeak always returns a NULL-pointer since by that time the weak
persistent was already un-weakend. The result was a memory leak in
the test, since the code to delete the weak callback data would
delete NULL.

The fix:
I explicity call Traits::DisposeCallbackData from the weak callback
with the data obtained from the v8::WeakCallbackData. To avoid invalid
calls to DisposeCallbackData, I also check whether this instance is
(still) weak before calling it. (That check could easily be elided
if it's expensive, for the price of having two 'remove' code paths.)

Severety:
Probably low. At least in Chromium, noone uses the API in a way to
trigger this; only the test does.

[1] https://code.google.com/p/chromium/codesearch#chromium/src/v8/src/global-handles.cc&q=global-handles.cc&sq=package:chromium&type=cs&l=231
[2] https://code.google.com/p/chromium/codesearch#chromium/src/v8/include/v8-util.h&sq=package:chromium&l=332-345

R=dcarney@chromium.org, dcarney

BUG=

Review URL: https://codereview.chromium.org/297193004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21514 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/298183002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Verified that arm builds locally.

BUG=none
TBR=jkummerow@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/306473004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21512 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

BUG=
R=bmeurer@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/304493002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=danno@chromium.org

Review URL: https://codereview.chromium.org/305553002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21510 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

This way an HStoreNamedField instruction can never deoptimize
itself, which is another important step towards a working
store elimination.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/299373005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/306483002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21506 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/299423005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21505 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/297303004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21504 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

TBR=jkummerow@chromium.org
LOG=n
BUG=none

Review URL: https://codereview.chromium.org/299353006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21503 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Since both are jitted on some platforms and depend on codegen, they
don't belong to the platform abstraction. At the same time, I can't put
them to codegen.h, as this would introduce cyclic dependencies.

BUG=none
R=jkummerow@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/302563004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21502 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

It's really more an OS-level information, and this way the default
platform doesn't depend on CPU-level details

BUG=none
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/300713002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21501 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Port r21481 (5973b48)

Original commit message:
The FastNewContextStub always allocates in new space, so we don't
need to update the write barrier when copying the parameters to
the newly allocated context.

BUG=
R=plind44@gmail.com

Review URL: https://codereview.chromium.org/302633002

Patch from Balazs Kilvady <kilvadyb@homejinni.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21500 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Comparing one CallIC::State to another was not done correctly, leading to a failure to patch a CallIC when transitioning from monomorphic Array to megamorphic.

BUG=chromium:377198,chromium:377290
LOG=Y
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/305493003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21499 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/300003005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21498 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

TBR=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/297323004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21497 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

This, in combination with changes to the bot, should weed out false negatives.

R=marja@chromium.org

Review URL: https://codereview.chromium.org/293393003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21496 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

TBR=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/298073005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21495 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/296213005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21494 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/296413004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21493 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

R=rossberg@chromium.org
BUG=v8:3333
LOG=N

Review URL: https://codereview.chromium.org/296413003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21492 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

In the fuzz test the debugger is not actually loaded...

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/304453003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21491 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

> BUG=none
> R=mstarzinger@chromium.org
> LOG=n
>
> Review URL: https://codereview.chromium.org/293363006

BUG=none
TBR=mstarzinger@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/295373003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21490 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

%DebugPromiseHandlePrologue expects to be followed up by %..Epilogue,
otherwise we get a leak.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/301553002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21489 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

- Leak in test-parsing/DontRegressPreParserDataSizes
- Leak in test-api/EventLogging
- Leak in ScriptCompiler::CompileUnbound which won't happen during normal
operation, but exposed by test-apöi/CompiledWithInvalidCachedData.

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/302603002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21488 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Also, remove some unused methods.

BUG=none
R=dcarney@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/297223006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21487 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

This reverts r21429, r21434, r21435, r21440, r21445.

BUG=chromium:377198
LOG=y
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/300693002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21484 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Because of tree redness.

TBR=jochen@chromium.org

Review URL: https://codereview.chromium.org/306443002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21483 ce2b1a6d-e550-0410-aec6-3dcde31c8c00