AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
kmillikin@chromium.org	4487f8c050	Revert "Revert "Fix a bug in scope analysis."" Reapply r8783 with an additional fix. Because the preparser and parser do not use the same scope analysis to determine if a function can be lazily compiled, the parser can have false positives. Rather than treating this as a parse error, treat the preparser as authoritative and eagerly compile the function. R=lrn@chromium.org BUG= TEST= Review URL: http://codereview.chromium.org/7565003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8797 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-03 09:10:35 +00:00
kmillikin@chromium.org	a129c95a54	Revert "Fix a bug in scope analysis." This reverts r8783. R=vegorov@chromium.org BUG= TEST= Review URL: http://codereview.chromium.org/7550013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8794 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-02 17:02:24 +00:00
svenpanne@chromium.org	6f6c882e19	Fixed code generation for LBranch on ARM when the operand's representation is double. The condition code for branching on the result of vcmp was wrong, effectively swapping the true/false branches. TEST=regress-lbranch-double.js Review URL: http://codereview.chromium.org/7553010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8784 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-02 15:14:12 +00:00
kmillikin@chromium.org	f37f6e88ca	Fix a bug in scope analysis. Function declarations inside catch are hoisted to the nearest enclosing function scope, but we compiled their bodies as if occurring inside the catch scope. BUG=chrome:91120 TEST=regress/regress-91120 attached Review URL: http://codereview.chromium.org/7548011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8783 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-02 15:04:31 +00:00
danno@chromium.org	b333719607	Properly handle FixedDoubleArrays in sort() R=jkummerow@chromium.org BUG=91008 TEST=regress-91008.js Review URL: http://codereview.chromium.org/7542008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-02 14:05:11 +00:00
vegorov@chromium.org	9226cfe5b7	Ensure that GenerateStoreFastDoubleElement returns stored value on all paths. BUG=chromium:91013 TEST=test/mjsunit/regress/regress-91013.js Review URL: http://codereview.chromium.org/7551009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8781 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-02 13:36:38 +00:00
vegorov@chromium.org	a547d333f0	Check for phi-uses of arguments object before eliminating dead phi's. HGraphBuilder::TryArgumentsAccess does not emit any uses for receiver and will generate incorrect code when receiver for a property access is defined by a phi that returns either arguments object or something else. BUG=v8:1582 TEST=test/mjsunit/regress/regress-1582.js Review URL: http://codereview.chromium.org/7553006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8774 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-02 09:32:28 +00:00
danno@chromium.org	008f834117	Properly handle FastDoubleArrays in Runtime_MoveArrayContents BUG=91013 TEST=regress91013.js Review URL: http://codereview.chromium.org/7551004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8773 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-02 09:28:55 +00:00
jkummerow@chromium.org	15c979eeaa	Make window.{undefined,NaN,Infinity} read-only as per ES5. BUG=89490 TEST=es5conform 15.1., 15.2.3.; mjsunit/undeletable-functions Review URL: http://codereview.chromium.org/7538016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8766 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-08-01 12:18:03 +00:00
keuchel@chromium.org	dfb195550f	Fix calculation of 'scope_calls_eval' when 'eval' is within a nested catch. BUG= TEST=mjsunit/scope-calls-eval.js Review URL: http://codereview.chromium.org/7464030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-28 12:17:36 +00:00
ricow@chromium.org	950feb6940	Switch from sample shell to d8 for unit test Landing for yangguo to coordinate with buildbot update. Original codereview: http://codereview.chromium.org/7282008/ Review URL: http://codereview.chromium.org/7495033 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8739 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-26 05:56:45 +00:00
danno@chromium.org	1f9801bb9e	Fix bug in ARM pixel array clamping Properly handle undefined conversion to zero in Crankshaft. R=yangguo@chromium.org BUG=none TEST=regress-1563.js Review URL: http://codereview.chromium.org/7461028 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-22 16:01:53 +00:00
danno@chromium.org	3e7d642d0a	Remaining changes to fully support FastDoubleArray. R=ager@chromium.org BUG=none TEST=cctests, unboxed-double-array.js Review URL: http://codereview.chromium.org/7473031 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8718 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-22 09:04:16 +00:00
rossberg@chromium.org	3f5bc11c55	Implement Object.prototype.{hasOwnProperty, propertyIsEnumerable} for proxies. Refactor trap invocation. Test other Object.prototype functionality for proxies. R=ager@chromium.org BUG=v8:1543 TEST= Review URL: http://codereview.chromium.org/7436004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8707 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-21 11:20:27 +00:00
danno@chromium.org	92fc85b480	Implement support for getters/setter on FixedDoubleArrays. R=ager@chromium.org BUG=none TEST=none Review URL: http://codereview.chromium.org/7459009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-20 13:41:50 +00:00
danno@chromium.org	8bc3254e4b	Implement for..in for FastDoubleArrays Also add tests for apply on FastDoubleArrays. R=ager@chromium.org BUG=none TEST=unboxed-double-array.js Review URL: http://codereview.chromium.org/7461018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-20 10:54:58 +00:00
jkummerow@chromium.org	9de5255b60	Revert "Make window.undefined, window.NaN, window.Infinitiy read-only (ES5 section 15.1.1)" This reverts r8691. Review URL: http://codereview.chromium.org/7457020 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-20 10:51:11 +00:00
jkummerow@chromium.org	6768c5e24e	Make window.undefined, window.NaN, window.Infinitiy read-only (ES5 section 15.1.1) BUG=89490 TEST=manual: "Infinity = 42;" doesn't change the value of "Infinity" Review URL: http://codereview.chromium.org/7457019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-20 10:06:53 +00:00
danno@chromium.org	a85a493f70	Reland 8636: Implement setting the length property for FixedDoubleArrays. R=ager@chromium.org BUG=none TEST=unboxed-double-arrays.js Review URL: http://codereview.chromium.org/7460008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8690 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-20 09:11:38 +00:00
danno@chromium.org	a1e851e916	Rollback 8683: Implement setting the length property for FixedDoubleArrays R=ager@chromium.org BUG=none TEST=none Review URL: http://codereview.chromium.org/7448002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-19 16:34:17 +00:00
danno@chromium.org	837d83ebf3	Implement setting the length property for FixedDoubleArrays. R=ager@chromium.org BUG=none TEST=none Review URL: http://codereview.chromium.org/7400020 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-19 16:06:17 +00:00
danno@chromium.org	11c7b47430	Crankshaft support for FixedDoubleArrays BUG=none TEST=unboxed-double-arrays.js Review URL: http://codereview.chromium.org/7350021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-19 13:04:00 +00:00
rossberg@chromium.org	f7ff89ea02	Implement `in' for proxies. R=ager@chromium.org BUG=v8:1543 TEST= Review URL: http://codereview.chromium.org/7390028 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-19 09:38:59 +00:00
ager@chromium.org	85f5afb717	Correctly mark functions from our natives files during compilation. When creating a CompilationInfo we always have the script and can determine if it is a natives script. Now that all natives functions are recognized as such, many of them are called with undefined as the receiver. We have to use different filtering for builtins functions when printing stack traces. Also, fixed one call of CALL_NON_FUNCTION to be correctly marked as a method call (with fixed receiver). Now that CALL_NON_FUNCTION is marked as a native function this caused the receiver to be undefined. R=svenpanne@chromium.org BUG= TEST= Review URL: http://codereview.chromium.org/7395030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-19 08:19:31 +00:00
ager@chromium.org	6098abf46e	Fix the debugger for strict-mode functions. undefined is passed unchanged as the receiver for strict-mode functions through call and apply. Also, if a strict-mode function is called without an explicit receiver, undefined is passed as the receiver (not the global object as for other functions). R=vegorov@chromium.org BUG=89236 TEST=mjsunit/debug-scopes.js Review URL: http://codereview.chromium.org/7388011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-18 14:29:50 +00:00
rossberg@chromium.org	5e62e325ac	Implement sealing, freezing, and related functions for proxies. R=ager@chromium.org BUG=v8:1543 TEST= Review URL: http://codereview.chromium.org/7391001 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-18 13:04:52 +00:00
rossberg@chromium.org	75a2c49c1d	Implement delete trap for proxies. R=ager@chromium.org BUG=1543 TEST= Review URL: http://codereview.chromium.org/7369001 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-15 09:10:20 +00:00
jkummerow@chromium.org	d4779286b6	Add map check for COW elements to crankshaft array handling code. BUG=1560 TEST=mjsunit/regress/regress-1560.js Review URL: http://codereview.chromium.org/7366008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8656 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-14 14:45:20 +00:00
danno@chromium.org	391ef3be33	Implement ICs for FastDoubleArray loads and stores Implemented on ia32, x64, ARM. Stubbed out with UNIMPLEMENTED on MIPS. BUG=none TEST=unbox-double-arrays.js Review URL: http://codereview.chromium.org/7307030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8637 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-13 13:50:27 +00:00
sgjesse@chromium.org	be1eee7063	Support scope information and evaluation in optimized frames R=svenpanne@chromium.org BUG=v8:1140 TEST=test/mjsunit/debug-evaluate-locals-optimized.js,test/mjsunit/debug-evaluate-locals-optimized-double.js Review URL: http://codereview.chromium.org//7343005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8633 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-13 12:49:27 +00:00
rossberg@chromium.org	ddb782dcb8	Implement Object.getOwnPropertyDescriptor for proxies. Fix bug in compilation of calls with proxy receivers. R=kmillikin@chromium.org,ager@chromium.org BUG= TEST= Review URL: http://codereview.chromium.org/7237050 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8630 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-13 11:57:15 +00:00
mikhail.naganov@gmail.com	5c57d0d643	Remove support for logging into a memory buffer. The only usage of it was in logging tests, I've switched them for using a file. I've left out support for "--logfile=" for now, as Chromium uses it. Will be removed after the next V8 roll. R=sgjesse@chromium.org BUG=859 TEST=mjsunit/log- Review URL: http://codereview.chromium.org/7310025 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8629 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-13 11:31:22 +00:00
rossberg@chromium.org	6e2da733da	Implement Object.keys for proxies. R=kmillikin@chromium.org,ager@chromium.org BUG= TEST= Review URL: http://codereview.chromium.org/7321004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-13 11:01:17 +00:00
sgjesse@chromium.org	54e81c351f	Add source position recording for variable loads This provides more precise source to generated code mapping as variable loads can be handled using IC calls. R=kmillikin@chromium.org BUG=v8:1527 TEST=test/message/regress/regress-1527 Review URL: http://codereview.chromium.org//7327038 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8610 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-11 15:20:17 +00:00
kmillikin@chromium.org	890bc1607a	Fix a potential crash in const declaration. Declaration of const lookup slots would trigger an assertion if there was a setter somewhere in the prototype chain, and that setter was shadowed by a non-readonly data property also in the prototype chain. R=ager@chromium.org BUG= TEST= Review URL: http://codereview.chromium.org/7324048 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8602 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-11 14:07:12 +00:00
kmillikin@chromium.org	cbaf1bc98b	Allow JSObject::PreventExtensions to work for arguments objects. R=karlklose@chromium.org Review URL: http://codereview.chromium.org/7335002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8587 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-11 06:48:19 +00:00
danno@chromium.org	f894b7a3b3	Fix polymorphic array test R=jkummerow@chromium.org BUG=none TEST=none Review URL: http://codereview.chromium.org/7326009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8580 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-08 10:59:20 +00:00
danno@chromium.org	07def3cb1e	Unify handling of element IC stubs. In the process, add shared stubs for DictionaryValue lookups that are handled in the same way as fast elements and external array elements. Includes code for MIPS, which compiles and run polymorph-arrays.js successfully. R=jkummerow@chromium.org BUG=none TEST=test/mjsunit/polymorph-arrays.js Review URL: http://codereview.chromium.org/7227010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8579 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-08 10:46:10 +00:00
sgjesse@chromium.org	7cbf0a4d48	Add inspection of whether frame is a construct frame to optimized frames Also avoid that calling Debug::IsBreakAtReturn causes a full doptimization when there are no break points set. The full deoptimization is caused by Debug::IsBreakAtReturn calling Debug::EnsureDebugInfo which will assume that a break point is now set. R=svenpanne@chromium.org BUG=v8:1140 TEST=test/mjsunit/debug-evaluate-locals-optimized.js,test/mjsunit/debug- evaluate-locals-optimized-doubles.js Review URL: http://codereview.chromium.org//7307035 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8573 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-08 08:55:26 +00:00
kmillikin@chromium.org	fe23339bdd	Fix a bug in for/in iteration of arguments objects. We did not properly combine the property names from the parameter map and the arguments backing store. They could overwrite each other and be unsorted. Also fix an unrelated bug: deleting from a dictionary-mode arguments backing store could corrupt the parameter map. R=rossberg@chromium.org BUG=1531 TEST=mjsunit/regress/regress-1531.js Review URL: http://codereview.chromium.org/7278033 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8571 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-08 07:31:48 +00:00
sgjesse@chromium.org	8ccb47f57e	Add inspection of arguments for optimized frames R=svenpanne@chromium.org BUG=v8:1140 TEST=test/mjsunit/debug-evaluate-locals-optimized.js,test/mjsunit/debug- evaluate-locals-optimized-doubles.js Review URL: http://codereview.chromium.org//7310027 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8566 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-07 14:29:16 +00:00
rossberg@chromium.org	58b913f9f0	Implement Object.defineProperty for proxies. R=kmillikin@chromium.org BUG= TEST= Review URL: http://codereview.chromium.org/7314003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8564 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-07 12:41:20 +00:00
ricow@chromium.org	82e53270dc	Ensure that regexps always have code object, even if GC happened while running multiple times in runtime. Review URL: http://codereview.chromium.org/7316018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8560 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-07 10:04:56 +00:00
sgjesse@chromium.org	53a5b07992	Add inspection of function for optimized frames R=svenpanne@chromium.org BUG=none TEST=test/mjsunit/debug-evaluate-locals-optimized.js,test/mjsunit/debug-evaluate-locals-optimized-doubles.js Review URL: http://codereview.chromium.org//7227006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-06 13:02:17 +00:00
sgjesse@chromium.org	ca3787f395	Fix debug break on binary boolean operators The syntax checker finding breakable statements did not take into account that the right hand side of a boolean binary opration might never get evaluated. R=svenpanne@chromium.org BUG=v8:1523 TEST=test/mjsunit/regress/regress-1523.js Review URL: http://codereview.chromium.org//7212027 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8544 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-06 10:16:57 +00:00
ricow@chromium.org	1fff78036e	In preperation of using d8 for running tests: Don't run d8-os when running with --isolates. When used with d8 this can potentially interfer with the writing, reading and deletion of files is the isolates flags makes the same test run concurrently. Review URL: http://codereview.chromium.org/7308006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-06 08:20:30 +00:00
vitalyr@chromium.org	8f60208324	Fix bug 1529: check for NULL handle in v8::TryCatch::StackTrace. Internal HandleScope::CloseAndEscape crashes on NULL handles. R=kmillikin@chromium.org BUG=v8:1529 TEST=mjsunit/regress/regress-1529 Review URL: http://codereview.chromium.org/7309004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8527 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-04 13:29:56 +00:00
kmillikin@chromium.org	57c29c1f29	Fix a bug in with and catch context allocation. We were only looking one level up the scope chain to decide which closure to use in the fresh context. Instead, we should look to the first non-catch scope. R=vegorov@chromium.org BUG=1528 TEST=regress-1528 Review URL: http://codereview.chromium.org/7309002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8523 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-04 09:34:47 +00:00
kmillikin@chromium.org	a48c03bb2a	Fix an issue with optimization of functions inside catch. When optimizing a function defined inside a catch, we did not count the catch context as part of the context chain. R=vegorov@chromium.org BUG=1521 TEST=regress-1521 Review URL: http://codereview.chromium.org/7285032 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8518 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-01 14:05:46 +00:00
yangguo@chromium.org	77a3c7226b	exposing a few boolean queries from objects.h TEST=start with ./d8 --allow-natives-syntax and try %ObjectHasFastElements({}) Review URL: http://codereview.chromium.org/7289010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8514 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2011-07-01 11:47:55 +00:00

1 2 3 4 5 ...

1129 Commits