Commit Graph

7366 Commits

Author SHA1 Message Date
ricow@chromium.org
1c21a9dc6a Don't allow large object space to grow over the max oldspace limit (fixes issue 1717)
Review URL: http://codereview.chromium.org/8345040

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9695 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 10:15:09 +00:00
svenpanne@chromium.org
d0fe04447e Fixed evaluation order issue in defineProperties.
This is not covered by test262 yet, but it really makes sense and matches Firefox's behaviour.

TEST=mjsunit/define-properties.js
Review URL: http://codereview.chromium.org/8349031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9694 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:52:08 +00:00
mstarzinger@chromium.org
b3eba9e764 Fix handling of non-object receivers for array builtins.
R=svenpanne@chromium.org
BUG=chromium:100702
TEST=mjsunit/regress/regress-100702

Review URL: http://codereview.chromium.org/8347034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:24:37 +00:00
ulan@chromium.org
80e3843dc3 Handlify upper layers of StoreIC based on 8337008.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8341008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:17:01 +00:00
mstarzinger@chromium.org
8b181d4de6 Fix updating of property attributes for elements.
This fixes updating of property attributes for data elements when
attributes are already present on a dictionary element but get removed
by a subsequent redefinition of that element.

R=rossberg@chromium.org
BUG=v8:1772
TEST=test262/15.2.3.6-4-82-18

Review URL: http://codereview.chromium.org/8337017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:06:15 +00:00
yangguo@chromium.org
8472de004b Porting r9605 to arm (elements kind conversion in generated code).
Review URL: http://codereview.chromium.org/8329022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9690 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:04:35 +00:00
erik.corry@gmail.com
aa91760570 Fix from Paul Lind that helps post-isolates V8 work with older
Android releases.  See http://code.google.com/p/v8/issues/detail?id=1780
Review URL: http://codereview.chromium.org/8347032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 07:49:47 +00:00
svenpanne@chromium.org
140ae348d2 Recognize special comparisons via pattern matching on the hydrogen graph, 2nd attempt.
This time, we initially leave the HTypeof instruction in the Hydrogen graph,
even for the special cases. We later try to remove this instruction (and any
HConstant) in the canonicalization pass, if possible. Always removing the
HTypeof during the initial graph construction is wrong if e.g. it is used in an
HSimulate.

The removals can be generalized a bit, but this will happen in a separate CL.

TEST=mjsunit/optimized-typeof.js
Review URL: http://codereview.chromium.org/8334021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 07:35:30 +00:00
fschneider@chromium.org
e8a26d1eb1 Add write barrier helper for code patching and refactor stack check patching.
The new helper avoids expensive FindCodeForInnerPointer invocation when we have
the host code object available. It is used when patching stack checks.

Also some comments on the ARM platform are corrected.
Review URL: http://codereview.chromium.org/8330021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 15:07:42 +00:00
vegorov@chromium.org
75dc771098 Increase ARM/MIPS simulators stack safety margin to 512 bytes
R=erik.corry@gmail.com
BUG=v8:1773

Review URL: http://codereview.chromium.org/8337014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 14:41:45 +00:00
mstarzinger@chromium.org
c4d25c8f37 Fix updating of property attributes for elements.
This fixes updating of property attributes for getters and setters on
dictionary elements while redefining. This just updates the property
details on the existing element.

R=rossberg@chromium.org
BUG=v8:1772
TEST=test262

Review URL: http://codereview.chromium.org/8337013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 13:49:19 +00:00
sgjesse@chromium.org
a58c963c67 Reapply "Support for precise stepping in functions compiled before debugging was started (step 2)"
This is reapplying r9501 with this single change which seemed to be causing most (all) of the failures for r9501.

--- a/src/debug.cc
+++ b/src/debug.cc
@@ -2230,6 +2230,7 @@ Debugger::Debugger(Isolate* isolate)
       compiling_natives_(false),
       is_loading_debugger_(false),
       never_unload_debugger_(false),
+      force_debugger_active_(true),
       message_handler_(NULL),
       debugger_unload_pending_(false),
       host_dispatch_handler_(NULL),

R=kmillikin@chromium.org

BUG=
TEST=

Review URL: http://codereview.chromium.org//8337009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 13:40:33 +00:00
lrn@chromium.org
cefbb1e7f8 Make bound functions have poisoned .caller and .arguments.
Also makes func.caller return null if the caller is a bound function,
matching JSC.
Fix bug preventing poisoned setters from triggering.

TEST=mjsunit/function-bind, mjsunit/strict-mode

Review URL: http://codereview.chromium.org/8333019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:26:53 +00:00
ulan@chromium.org
feeb0b0211 Handlify upper layers of LoadIC.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8337008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:19:18 +00:00
jkummerow@chromium.org
24bc70b2fb Silence GCC-4.5.3 warning about unused result in d8.cc
TEST=GCC 4.5.3 successfully compiles d8.cc even with -Werror enabled.

Review URL: http://codereview.chromium.org/8296018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9679 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:10:13 +00:00
fschneider@chromium.org
456e5e00c3 Fix assert by reordering the initialization of the arguments boilerplate.
If a GC happened during initialization (when allocating the elements array)
of the non_strict_arguments_boilerplate, heap verification would fail with the following assert:

ASSERT_EQ((map()->has_fast_elements() || map()->has_fast_smi_only_elements()),
            (elements()->map() == GetHeap()->fixed_array_map() ||
             elements()->map() == GetHeap()->fixed_cow_array_map()));

This was not harmful since the boilerplate was setup 
correctly immediatly afterwards.


Simplified the setup code by removing a call to GetElementsTransitionMap. It always return the same map as 
the input object in this case and is therefore unnecessary.


Added more assertions to verify well-formed non-strict
arguments backing store.

BUG=v8:1520
TEST=no more flaky tests with failing this assert.
 
Review URL: http://codereview.chromium.org/8336021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9678 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:32:57 +00:00
lrn@chromium.org
b15cfedf38 Fix bug in instanceof of bound functions on ARM.
Implement same on Mips.

BUG=v8:1774
TEST=mjsunit/function-bind

Review URL: http://codereview.chromium.org/8337012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9677 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:30:29 +00:00
kmillikin@chromium.org
56c763f023 Make the GC aware of JSReceiver pointers in LookupResults.
The LookupResult utility class is used in handlified code, but it can
contain a raw pointer to the lookup's holder object.  Create a per-thread
stack of live LookupResults and iterate all the live ones on GC.

R=vegorov@chromium.org,erik.corry@gmail.com
BUG=
TEST=

Review URL: http://codereview.chromium.org/8341009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9676 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:18:55 +00:00
keuchel@chromium.org
96a2c24a16 Use int instead of size_t, StrLength instead of strlen.
Review URL: http://codereview.chromium.org/8339013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 10:08:33 +00:00
keuchel@chromium.org
69afd18e56 Use OS::SNPrintF instead of snprintf.
Review URL: http://codereview.chromium.org/8339011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9674 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 09:48:13 +00:00
keuchel@chromium.org
4e5643a648 Scope tree serialization and ScopeIterator cleanup.
The intention is to store enough scope information for the debugger to
handle stack allocation of block scoped variables introduced by
http://codereview.chromium.org/7860045/ .

This CL is based on
http://codereview.chromium.org/7904008/ .

Review URL: http://codereview.chromium.org/7979001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 08:46:46 +00:00
keuchel@chromium.org
7d89f0f3c8 Replace calls_eval() by calls_non_strict_eval() where possible.
Review URL: http://codereview.chromium.org/8321002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 15:19:34 +00:00
yangguo@chromium.org
d7f3985e33 Rolling back r9662.
Review URL: http://codereview.chromium.org/8321001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 13:39:56 +00:00
erik.corry@gmail.com
b90ec2f384 Change to disable stupid gcc warning.
Review URL: http://codereview.chromium.org/8318003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9664 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 13:27:57 +00:00
mstarzinger@chromium.org
18125191ce Mark Test262 test cases for known issue 893.
R=lrn@chromium.org
BUG=v8:893
TEST=test262

Review URL: http://codereview.chromium.org/8320001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9663 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:58:32 +00:00
yangguo@chromium.org
d2434953e2 Changes around ascii-check for strings wrt external strings.
Review URL: http://codereview.chromium.org/8312015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9662 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:49:34 +00:00
erikcorry
dac0b853e1 Improve speed of Utf8Write by always flattening the string first and
detecting the ASCII case.  Also rewrite Utf8Length to work on an
unflattened string.  Bug: http://code.google.com/p/v8/issues/detail?id=1665
Review URL: http://codereview.chromium.org/8304021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9661 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:48:31 +00:00
lrn@chromium.org
2bbf3bbee7 Make native syntax an early error in the preparser.
Previously the preparser always accepted natives syntax and let the
real parser throw the syntax error. In ES5, it should be an early error,
so the preparser must catch the error.
The perparser library does not expose parsing for natives syntax, it's
only used internally.

Review URL: http://codereview.chromium.org/8306024

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:45:52 +00:00
lrn@chromium.org
5152d2e0da Reimplement Function.prototype.bind.
Make instanceof work correctly.

BUG=v8:893

Review URL: http://codereview.chromium.org/8199004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:44:16 +00:00
keuchel@chromium.org
6f4e70a1dc Let bound iteration variables in for-loops
TEST=mjsunit/harmony/block-for.js

Review URL: http://codereview.chromium.org/7837028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9658 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:19:06 +00:00
keuchel@chromium.org
f93c69308f Disallow function declarations in statement positions in harmony mode.
Review URL: http://codereview.chromium.org/8306025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9657 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 11:59:08 +00:00
yangguo@chromium.org
bbe896a35c Fixing compile error on win64.
R=jkummerow@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8317001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9656 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 11:41:34 +00:00
yangguo@chromium.org
92fdeff125 Porting r9605 to x64 (elements kind conversion in generated code).
Review URL: http://codereview.chromium.org/8271007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 10:44:47 +00:00
keuchel@chromium.org
0706a98b2a Introduce with scope and rework variable resolution.
Review URL: http://codereview.chromium.org/7904008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 09:29:37 +00:00
lrn@chromium.org
50ef25e0f3 Remove redundant allow-natives flag from CompilationInfo.
Just use script being native and FLAG_allow_natives_syntax directly.

Review URL: http://codereview.chromium.org/8314018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 09:02:26 +00:00
jkummerow@chromium.org
eb8f4c642d Speedup HInstruction::Verify() for pathological cases
BUG=v8:1767
TEST=mjsunit/numops-fuzz doesn't timeout in debug mode

Review URL: http://codereview.chromium.org/8302023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9642 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 07:52:20 +00:00
mstarzinger@chromium.org
ac712f13c3 Fix evaluation order of GT and LTE operators.
According to the ES5 spec all ">" and "<=" expressions should be be
evaluated left-to-right. This obsoletes old hacks for reversing the
order to be ES3 compliant.

R=lrn@chromium.org
BUG=v8:1752

Review URL: http://codereview.chromium.org/8275035

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9641 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 07:43:40 +00:00
svenpanne@chromium.org
a8bb36f87b Revert r9612, it hits an assertion under special circumstances.
Problematic code is e.g.:

   function typeofViaVariable() {
     var foo = typeof({})
     return foo === "undefined";
   }
Review URL: http://codereview.chromium.org/8283036

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9640 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 15:02:19 +00:00
svenpanne@chromium.org
8856b62331 Fixed printing of HTypeofIsAndBranch instruction for non-ASCII type literals.
Review URL: http://codereview.chromium.org/8291004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 13:16:23 +00:00
fschneider@chromium.org
948a323819 Revert r9619.
It causes an assertion with deoptimizing from inlined code.
Review URL: http://codereview.chromium.org/8277034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9636 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 12:26:29 +00:00
fschneider@chromium.org
c68fc4126f Revert last revert.
TBR=whesse@chromium.org
Review URL: http://codereview.chromium.org/8286023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 12:03:53 +00:00
fschneider@chromium.org
85ab75df50 Revert r9619.
TBR=whesse@chromium.org
Review URL: http://codereview.chromium.org/8286022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9633 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 11:56:07 +00:00
erik.corry@gmail.com
c808a6449e Avoid extra GCs when deserializing during incremental marking.
Review URL: http://codereview.chromium.org/8276030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 10:52:30 +00:00
ricow@chromium.org
2a4245e0c0 Fix available new space memory statistics reporting.
We currently report how much memory is available without changing page, i.e., the actual amount of available memory is not correctly stated for new space when doing --trace-gc.
Review URL: http://codereview.chromium.org/8275026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9624 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 09:25:10 +00:00
erik.corry@gmail.com
1959359ab2 Speed up cloning objects by avoiding a write barrier check.
Review URL: http://codereview.chromium.org/8274032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9622 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 09:20:19 +00:00
ricow@chromium.org
fe74726099 Remove timeout test expectation for OutOfMemoryNested
This has already been fixed, we not actually use the constraints.
Review URL: http://codereview.chromium.org/8276029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9620 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 09:10:29 +00:00
fschneider@chromium.org
34534588fb Fix a number of bugs with inlining calls as function.
1. Record AST id for CallFunctionStub.

2. Correctly extract cached target from CallFunctionStub inline cache.

3. Fix a bug when inling call as a function in effect or value context:
   Handle abnormal exits correcty.

4. Fix a bug when inlining call as a function in test context: drop function
   correctly from true and false block.

5. Avoid inlining mutually recursive functions by checking the stack of function
   states before inlining. This was not a bug, but is just a more general
   check to avoid recursive inlining.
Review URL: http://codereview.chromium.org/8258012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9619 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 08:43:27 +00:00
fschneider@chromium.org
212e4ae7d4 Eliminate write barrier for global stores at compile time if value stored is a smi.
Omit smi check inside write barriers if the value is known to be a heap object.

Refine inferred types of some instructions.
Review URL: http://codereview.chromium.org/8256016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9618 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 07:45:18 +00:00
ulan@chromium.org
168b13b6d9 Ignore flags with arguments in preparser-process.
Currently, preparser-process crashes when given flags with arguments (e.g. --gc_interval 10). It can be fixed by ignoring everything in the command line except the "throws" command and its immediate arguments. This assumes that no flags appear between "throws" and its arguments.

TEST=make ia32.release.check TESTFLAGS="preparser --special-command=\"@ --gc_interval 10\""

Review URL: http://codereview.chromium.org/8268004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9617 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 07:34:45 +00:00
danno@chromium.org
b86db3d73e MIPS: fix build breakage due to r9607, faster slow asserts.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8283025
Patch from Paul Lind <plind44@gmail.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9616 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 07:08:20 +00:00