ager@chromium.org
3cf9ce4736
Fix crash in string replace with regexp. If the suffix of the subject
...
string is larger than 2047 chars we will encode the slice as two Smis
instead of one. The calculation of the max size of the string builder
did not take this into account.
BUG=http://code.google.com/p/v8/issues/detail?id=515
Review URL: http://codereview.chromium.org/402056
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3334 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-18 18:48:04 +00:00
erik.corry@gmail.com
cc3896dfac
Fix bug 503: undefined <= undefined should return false on ARM.
...
Review URL: http://codereview.chromium.org/399001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3309 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-16 14:12:27 +00:00
fschneider@chromium.org
2e3e770ab9
Add a regression test that exposes a stack corruption problem.
...
See http://code.google.com/p/chromium/issues/detail?id=27227
Review URL: http://codereview.chromium.org/385092
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3303 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-13 13:58:48 +00:00
christian.plesner.hansen@gmail.com
5d4d5944dd
Remove special-case for arguments.toString to match ES5
...
Patch by Jan de Mooij <jandemooij@gmail.com>
Review: http://codereview.chromium.org/273073
Review URL: http://codereview.chromium.org/389008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3279 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-11 11:28:37 +00:00
ager@chromium.org
2252cc1bc9
Fix inline constructor code bailout.
...
Remove variable that is currently unused.
BUG=http://code.google.com/p/v8/issues/detail?id=502
Review URL: http://codereview.chromium.org/392001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3267 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-11 09:00:09 +00:00
erik.corry@gmail.com
57c919e414
Fix bug 486, Cyrillic character ranges in case independent regexps.
...
http://code.google.com/p/v8/issues/detail?id=486
Review URL: http://codereview.chromium.org/361033
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3236 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-06 11:15:20 +00:00
ager@chromium.org
f39fbb206e
Fix case where we treat an unaliased call to eval as an aliased call
...
to eval.
BUG=http://code.google.com/p/v8/issues/detail?id=496
Review URL: http://codereview.chromium.org/366027
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3225 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-05 11:19:37 +00:00
sgjesse@chromium.org
77a71c90c7
Fix issue 491: constantpool dump violates ARM debugger assertion for return point
...
The generation of the return sequence is now protected from having the constant pool emitted inside of it in both compilers.
BUG=http://code.google.com/p/v8/issues/detail?id=491
TEST=test/mjsunit/regress/regress-491.js
Review URL: http://codereview.chromium.org/362003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3215 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-04 14:45:50 +00:00
sgjesse@chromium.org
54ec6c031a
Fix xssue 492: ARM debug crash: mozilla/ecma/FunctionObjects/15.3.1.1-3
...
When the number of parameters times 4 (kPointerSize) to a function cannot be encoded in 12 bits the return sequence gets one more instruction. Changed the assertion to check for this case.
BUG=http://code.google.com/p/v8/issues/detail?id=492
TEST=test/mjsunit/regress/regress-492.js
Review URL: http://codereview.chromium.org/354028
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3211 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-04 10:04:22 +00:00
sgjesse@chromium.org
b4c11d0816
Don't use string slices when processing RexExp replace (re-apply r3153)
...
Re-apply r3153 with a fix for issue 490. Except for the change in line 1756 and the added test this change is identical to http://codereview.chromium.org/342015 .
BUG=490
TEST=test/mjsunit/regress/regress-490.js
Review URL: http://codereview.chromium.org/341064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3197 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-02 12:21:43 +00:00
lrn@chromium.org
0aecc29024
Issue 485: Fix leak of builtins object through call and apply functions.
...
Review URL: http://codereview.chromium.org/345007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3164 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-28 13:51:30 +00:00
sgjesse@chromium.org
7a509f2101
Fix issue with running some constructors having only this.x = ... assignments.
...
If we had compiled the comment instead of the code it would have worked.
BUG=483
TEST=mjsunit/regress/regress-483.js
Review URL: http://codereview.chromium.org/332007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3120 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-23 12:18:47 +00:00
sgjesse@chromium.org
a637f45385
Fix issue 475
...
The check for arguments in registers in one of the three versions of GenericBinaryOpStub::GenerateCall was plain wrong.
BUG=475
TEST=mjsunit/regress/regress-475.js
Review URL: http://codereview.chromium.org/307002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3092 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-20 12:13:31 +00:00
peter.rybin@gmail.com
3b955790a0
Redo "running" field in debug-delay.js and support "suspend" command
...
It also fixes "backtrace" command so that it didn't give away random stack if we are running
Review URL: http://codereview.chromium.org/242034
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3077 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-15 20:06:08 +00:00
lrn@chromium.org
aed6a37c10
X64: Convert smis to holding 32 bits of payload.
...
Review URL: http://codereview.chromium.org/196139
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3037 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-08 12:36:12 +00:00
ager@chromium.org
e9acdc7a00
Follow the spec in disallowing function declarations without a name. We
...
used to allow these for compatibility, but both Safari and Firefox now
disallow them.
Review URL: http://codereview.chromium.org/242124
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3009 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-02 12:47:15 +00:00
kasperl@chromium.org
6621a43833
Add regression test case for http://crbug.com/18639 which
...
was fixed in r2642.
Review URL: http://codereview.chromium.org/192037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2840 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-09-08 07:22:35 +00:00
whesse@chromium.org
3703231636
Add safe handling of NaN to Posix platform-dependent time functions.
...
Review URL: http://codereview.chromium.org/160580
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2615 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-08-04 09:41:18 +00:00
whesse@chromium.org
18c6337a2c
Fix an error in a keyed lookup stub - HeapNumbers treated as strings.
...
Review URL: http://codereview.chromium.org/155924
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2527 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-07-23 13:01:17 +00:00
kmillikin@chromium.org
1ca19c383d
Fix ARM compiler crash in short-circuited boolean expressions.
...
We did not handle the case where the left-hand-side expression was
fully compiled to control flow. There were also some assertions for
unary and binary expressions that crashed debug builds when the
expression was fully compiled to control flow.
Regression test added.
Review URL: http://codereview.chromium.org/160006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2524 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-07-23 11:40:14 +00:00
kmillikin@chromium.org
6443cb99f7
Fix issue 345 by avoiding duplicates in the list of escaping labels
...
from a try...catch...finally statement.
Review URL: http://codereview.chromium.org/149670
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2466 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-07-15 08:57:25 +00:00
lrn@chromium.org
e3bb851efb
X64: Fix bug in left-shift.
...
Also changed a few other places that looked suspicious in the same way.
Added more info to failing test case and rewrote incorrect uses of mjsunit "fail" function.
Review URL: http://codereview.chromium.org/155279
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2409 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-07-09 08:00:12 +00:00
kasperl@chromium.org
b0f411c298
Fix issue 397 and issue 399.
...
Review URL: http://codereview.chromium.org/149247
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2372 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-07-07 11:57:09 +00:00
kasperl@chromium.org
f0053e89aa
Add regression test case for issue 396.
...
Review URL: http://codereview.chromium.org/150215
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2333 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-07-02 09:08:15 +00:00
sgjesse@chromium.org
25405ddd9c
Handle JavaScript accessors on the global object.
...
With the new representation of the global object adding JavaScript accessors for a property after global inline caches was created for that property did not work property as the inline caches did not take the JavaScript accessor information (fixed array with two elements) that could be present in a global object property cell into account.
This is now fixed by changing the map for a global object when a JavaScript accessor is defined on it.
BUG=394
TEST=test\mjsunit\regress\regress-394.js
Review URL: http://codereview.chromium.org/150162
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2317 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-07-01 11:20:33 +00:00
kasperl@chromium.org
3ae01ab8ef
Fix issue 392 by disabling the TakeValue optimization for
...
access to the arguments object.
Review URL: http://codereview.chromium.org/150016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2285 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-06-29 06:20:52 +00:00
lrn@chromium.org
2dd9717c4b
Fix bug in static type inference for loops.
...
Review URL: http://codereview.chromium.org/140058
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2236 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-06-22 12:36:01 +00:00
whesse@chromium.org
74ddab9d94
Fix issue 386, a bug in JSObject::ReplaceSlowProperty with constant transitions.
...
Review URL: http://codereview.chromium.org/141031
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-06-22 07:41:15 +00:00
erik.corry@gmail.com
e2a01ed4fb
Fix regexp bug reported by Ian where [6-9] would match any digit.
...
Review URL: http://codereview.chromium.org/140021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2226 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-06-20 17:57:09 +00:00
lrn@chromium.org
945245393c
Fix for issue 351 - lastIndexOf.
...
Review URL: http://codereview.chromium.org/113838
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2060 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-05-26 15:42:06 +00:00
lrn@chromium.org
2ff3901cf7
Fix for issue 349: Make initial boundary check for BM text search.
...
There was a case where the BMH algorithm bailed out exactly at the end of the string, and the BM algorithm that takes over wasn't expecting this.
Review URL: http://codereview.chromium.org/113575
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-05-19 09:01:03 +00:00
whesse@chromium.org
1ae8a7da3d
Fix bug 344: always keep attributes of existing properties.
...
Review URL: http://codereview.chromium.org/113197
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1931 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-05-13 10:46:28 +00:00
kmillikin@chromium.org
18f69a7171
Fix for issue 341. In the stub for instanceof, we could try to read
...
an object's map before we were sure it was a heap object.
Review URL: http://codereview.chromium.org/115236
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-05-12 11:40:14 +00:00
lrn@chromium.org
889eac7f13
Fix Issue 326. Handle sorting of non-array objects correctly.
...
Change handling of sorting to be the same for all JS-arrays.
Collect undefined values as well while removing holes.
Review URL: http://codereview.chromium.org/92123
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-04-27 11:16:59 +00:00
kmillikin@chromium.org
cb9d66638b
Fix regression test by wrapping expression in a thunk^H^H^H^H^Hstring.
...
Review URL: http://codereview.chromium.org/95001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1776 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-04-22 17:44:28 +00:00
kmillikin@chromium.org
b39f4383dc
When merging a frame to an expected on at block entry, the static type
...
of elements is set to a safe lower bound. Move the setting of the
static type out of VirtualFrame::MergeTo (which is not necessarily run
for all frames) and into VirtualFrame::PrepareMergeTo (which is).
Review URL: http://codereview.chromium.org/92009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1767 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-04-22 13:19:38 +00:00
lrn@chromium.org
bfb33b1e2f
Fix for Issue 317 - bug in string.replace(string, "$foo").
...
Fix for Issue 317. Replace string with something containing dollar now works.
Review URL: http://codereview.chromium.org/94002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1764 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-04-22 11:43:05 +00:00
kmillikin@chromium.org
22896c8304
Change the function name collector to tolerate expressions that contain
...
multiple anonymous function literals as subexpressions.
Choose the rightmost one the one to attach a name to.
Review URL: http://codereview.chromium.org/67165
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1715 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-04-15 13:14:23 +00:00
sgjesse@chromium.org
a74fcf458c
Fixed the step in handling for function.apply.
...
The generic step-in mechanism floods the function called with break points to ensure a break is hit when entering the function. This generic mechanism was also used for function.apply. The code for function.apply contains a keyed load IC which was patched when stepping into function.apply. However function.apply enteres an internal frame not a JavaScript frame. This caused the logic for returning from the break in function.apply to fail as it forced a jump to the IC on the top JavaScript frame. The top JavaScript frame was the frame for the function calling function.apply not the frame for the apply function. Now returning from the break point in the keyed load IC in the apply code caused a jump to the code for the call IC for the function calling function.apply in the first place. Not a pretty sight.
Step-in now handles function.apply as a separate case where the actual JavaScript function called through apply is flodded with breakpoints instead of the function.apply function.
BUG=269
BUG=8210@chromium.org
Review URL: http://codereview.chromium.org/63055
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-04-07 09:54:53 +00:00
kmillikin@chromium.org
c80b013999
Fix issue 294 by ensuring that we don't lose the copy flag on memory
...
frame elements when allocating them to a register as a result of
popping one of their copies.
Review URL: http://codereview.chromium.org/57053
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-31 14:01:25 +00:00
kmillikin@chromium.org
1ba34bf86b
Fix issue 286. Ensure frame elements are invalidated by
...
InvalidateFrameSlotAt.
Review URL: http://codereview.chromium.org/53008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-24 12:42:28 +00:00
kmillikin@chromium.org
5e2f3adfd0
Fix issue 284.
...
The problem was continuing out of the body of a for/in (where we do
register allocation) to the loop update (where we do not). Variables
allocated to registers where not preserved.
Review URL: http://codereview.chromium.org/53002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-24 08:29:24 +00:00
olehougaard
a8c50151fc
Reapply revisions 1432, 1433, 1469 and 1472 while fixing issue 279.
...
Review URL: http://codereview.chromium.org/48006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1571 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-23 07:27:47 +00:00
ager@chromium.org
2fcad0aec1
Revert change 1509 that flush ICs when adding setters on an object or
...
when setting a __proto__ to an object that holds a setter.
This seems to cause a major page load regression, so we need to tune
the clearing.
Review URL: http://codereview.chromium.org/50011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1548 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-19 15:06:00 +00:00
kasperl@chromium.org
0a09a08ec8
Add copyright notice to new test case.
...
Review URL: http://codereview.chromium.org/42216
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1514 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-15 22:44:23 +00:00
erik.corry@gmail.com
99063fe0f8
Fix GC related crash bug in search-replace.
...
Review URL: http://codereview.chromium.org/42214
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-15 22:28:26 +00:00
erik.corry@gmail.com
3aa57f7f65
Revert 1432, 1433, 1469 and 1472 due to a bug with literal objects.
...
Review URL: http://codereview.chromium.org/46088
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-15 16:18:20 +00:00
christian.plesner.hansen@gmail.com
8dffcb9efa
Flush ICs when adding setters to an object or setting a __proto__ to
...
an object that holds a setter. If there are no store ics then no
flushing is done. The implementation has been tweaked so that no ICs
are cleared during normal context creation.
This may cost us some performance but I'm submitting it as it is and
if there are problems we can either decide to be smarter about when,
what and/or how we clear, or back this change out altogether.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-13 13:43:07 +00:00
kmillikin@chromium.org
0e60cf38dc
Fix issue 265 by handling extra statement state on the frame based on
...
the expectation at the break, continue, and return labels (including
shadowed ones) instead of based on the AST nodes.
See http://code.google.com/p/v8/issues/detail?id=265
Review URL: http://codereview.chromium.org/42017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1482 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-11 06:17:19 +00:00
lrn@chromium.org
34db0ff86c
Issue 267: Calls to arguments in eval-tainted function scope uses global object as receiver.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1476 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-10 12:28:34 +00:00
christian.plesner.hansen@gmail.com
782b53799d
Implemented invalid UTF8 detection in decodeURI. That is, detection
...
of invalid utf8 not invalid utf8-detection.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1471 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-10 09:08:05 +00:00
ager@chromium.org
bab4b3b2e0
Simplify the map collection regression test. This test is the minimal
...
example that would trigger the bug.
Review URL: http://codereview.chromium.org/43004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1467 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-10 07:23:22 +00:00
ager@chromium.org
38548e3da6
Make map collection test run faster in an attempt to make it pass on
...
buildbot (not timeout).
This consistently fails with the old build.
TBR=whesse
Review URL: http://codereview.chromium.org/40302
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1462 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-09 18:00:39 +00:00
whesse@chromium.org
7977c6c680
Fix garbage collection of unused maps. Null descriptors, created
...
by map collection, are now handled correctly everywhere. The
map-collect flag is now true by default.
Review URL: http://codereview.chromium.org/40218
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1459 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-09 16:24:46 +00:00
kmillikin@chromium.org
34af9f2ecf
Work around issue 260 for now by disabling duplication of the loop
...
condition for while and for loops.
http://code.google.com/p/v8/issues/detail?id=260
Review URL: http://codereview.chromium.org/40294
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1453 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-09 14:12:20 +00:00
kmillikin@chromium.org
ece2c03160
Fix issue 263:
...
http://code.google.com/p/v8/issues/detail?id=263
Sharing the code to unlink the exception handler for a try/finally
causes us to try to merge virtual frames with different heights (due
to statements that keep state on the stack) at the entry to the unlink
code.
Avoid this by unlinking the handler separately for each exit from the
try block.
Review URL: http://codereview.chromium.org/39331
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1449 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-09 10:51:57 +00:00
kmillikin@chromium.org
182c3ebb2d
Reapply r1434 and port to ARM.
...
Review URL: http://codereview.chromium.org/40220
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1441 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-06 14:18:03 +00:00
christian.plesner.hansen@gmail.com
2a2c9381ea
Reverted r1434
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1437 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-06 11:59:53 +00:00
kmillikin@chromium.org
b638d5c613
Fix issue 259.
...
http://code.google.com/p/v8/issues/detail?id=259
Due to constant folding of loop conditions, it is possible to have a
try/finally with no exits from the try block (eg, an infinite loop in
the try block). In that case the code to unlink the try handler is
dead and should not be emitted.
Review URL: http://codereview.chromium.org/39251
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-06 10:18:33 +00:00
lrn@chromium.org
21fb24e0b2
Issue 254 - now correctly updates lastIndexof when using the test method.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1418 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-04 12:29:37 +00:00
olehougaard
7bd50d046d
Fixed issue 253. No longer assuming that the target of a property lookup is a JSObject.
...
Review URL: http://codereview.chromium.org/39126
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1416 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-04 11:57:24 +00:00
lrn@chromium.org
4852bef23d
Issue 246 - wait until regexp is parsed to detect whether it's simple.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1412 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-03-04 09:52:01 +00:00
lrn@chromium.org
80bb2cc546
Missing handle check. Triggers bug if the runtime stack overflows and it is detected by a global regexp.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1263 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-13 09:40:15 +00:00
lrn@chromium.org
0b1f3f2134
Issue 231 - Irregexp backtracking stack pointer could become corrupted.
...
http://code.google.com/p/v8/issues/detail?id=231
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1257 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-12 13:07:58 +00:00
lrn@chromium.org
396fa22799
Regular Expression literal flags may contain unicode escapes. If these escape any of the
...
valid flags, "gim", they should work.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1253 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-12 09:09:28 +00:00
lrn@chromium.org
c621bbbe45
Issue 227 Fixed. Properly handles non-ASCII characters in quick-check on ASCII strings.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1248 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-11 11:54:30 +00:00
lrn@chromium.org
b0e3ee6274
Fix bug 225 in regexp replace with function.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1232 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-05 13:24:13 +00:00
sgjesse@chromium.org
d131ecf3dd
Changed the debugger API to allow only one debug event listener to be registered. The public API now only has SetDebugEventListener instead of AddDebugEventListener and RemoveDebugEventListener.
...
Moved the registrered debug event listener from the context to a global handle in the Debugger class. Storing it in the context did not make much sense.
Changed a lot of tests to handle the API change.
BUG=1242707
Review URL: http://codereview.chromium.org/19753
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1212 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-03 07:59:12 +00:00
ager@chromium.org
c33e51681f
Fix issue 221:
...
http://code.google.com/p/v8/issues/detail?id=221
The attempt to resolve 'eval' went into an infinite loop. Also, we
need to throw a reference error in case 'eval' cannot be resolved.
Review URL: http://codereview.chromium.org/19536
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1206 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-02 13:18:20 +00:00
kmillikin@chromium.org
46023fb742
Fix for off-by-one when initializing a constant or function
...
declaration that was not a slot.
Review URL: http://codereview.chromium.org/19745
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1203 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-02 12:05:13 +00:00
lrn@chromium.org
0730ada63e
Allow duplicate flags in regexps to match other browsers.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1193 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-30 12:36:40 +00:00
lrn@chromium.org
2de5de495f
Irregexp: Backtrack past look-aheads works correctly.
...
Allows backtracking to clear registers instead of pushing and popping
them to restore state.
Redo of 1135 with bug fixed.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1156 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-26 14:38:17 +00:00
ager@chromium.org
524e34b8f8
Fix issue 192 by propagating out exceptions from object literal
...
boilerplate creation.
Removed declaration of unused and unimplemented function.
Review URL: http://codereview.chromium.org/18749
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1151 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-26 13:10:26 +00:00
erik.corry@gmail.com
108fe9dbcc
complete revert by removing empty files
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1139 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-23 15:50:33 +00:00
erik.corry@gmail.com
f6c3ef2d2a
Reverting r1136 due to crashes
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1138 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-23 14:33:19 +00:00
lrn@chromium.org
18c2d3ef4e
Clears captures of look-aheads on backtrack.
...
Reduces number of pushes when flushing a trace. Some are converted to clears
in the undo-code instead, and some just ignored if they have no value worth restoring.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1136 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-23 13:34:51 +00:00
ager@chromium.org
39842baecf
Do not violate the assumption that fast-case arrays have Smi length
...
when transforming from slow to fast-case array elements.
This fixes issue 201:
http://code.google.com/p/v8/issues/detail?id=201
Review URL: http://codereview.chromium.org/18711
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1135 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-23 13:08:29 +00:00
ager@chromium.org
8a731355be
Make sure that eval and try-catch introduced context extension objects
...
act as if they have no properties in their prototype chains.
This fixes V8 issue 193:
http://code.google.com/p/v8/issues/detail?id=193 .
Review URL: http://codereview.chromium.org/18709
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1132 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-23 12:16:03 +00:00
ager@chromium.org
c23dbc1928
Fix handling of const initialization. We did not handle the fact that
...
a const variable can be deleted between its declaration and its
initialization.
This fixes issue 189:
http://code.google.com/p/v8/issues/detail?id=189
Review URL: http://codereview.chromium.org/18660
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1127 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-22 13:53:06 +00:00
sgjesse@chromium.org
c2c780bfc4
Added handles to the mirror objects. When a mirror for an object is created
...
it is assigned a numeric handle. Handles are used to make a 1:1
correspondence between objects and mirrors. Currently the mirrors are
cached in a JavaScript array and when creating a mirror this cache is
checked to see if a mirror already exists for the object. This cache is
cleared when leaving the debugger.
Changed the serialization format to take advantage of these handles. When
an object is serialized referenced objects are represented just by their
handle id serialized as '{ref:<handle>}'. During serialization the
referenced handles are collected and the serializer can provide a
serialization of all the referenced objects.
Removed the special handling of array properties. Indexed properties and
the length property are now rendered as named properties in the
serialization.
Removed the special serialization handling of RegExp properties. The
properties 'source', 'global', 'ignoreCase' and 'multiline' are serialized
with the rest of the properties.
Changed a lot of tests to handle the changed format.
Review URL: http://codereview.chromium.org/18092
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1093 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-16 09:54:46 +00:00
ager@chromium.org
47d1298236
Change the handling of catch blocks to use context extension objects
...
instead of normal JSObjects.
This ensures that __proto__ and accessors on the Object prototype do
not interfere with catch scopes. Also, it fixes the bug that catch
variables were not DontDelete (issue 74).
Next step is to create special lookup routines for context extension
objects and remove the special handling of context extension objects
from the general javascript object lookup routines.
Review URL: http://codereview.chromium.org/18143
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1091 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-16 09:42:08 +00:00
sgjesse@chromium.org
dc2a0ec3e9
Reverted r1078 as it was committed by accident without review.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1079 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-15 12:29:05 +00:00
sgjesse@chromium.org
6bc1d40a57
Added handles to the mirror objects. When a mirror for an object is created it is assigned a numeric handle. Handles are used to make a 1:1 correspondence between objects and mirrors. Currently the mirrors are cached in a JavaScript array and when creating a mirror this cache is checked to see if a mirror already exists for the object. This cache is cleared when leaving the debugger.
...
Changed the serialization format to take advantage of these handles. When an object is serialized referenced objects are represented just by their handle id serialized as '{ref:<handle>}'. During serialization the referenced handles are collected and the serializer can provide a serialization of all the referenced objects.
Removed the special handling of array properties. Indexed properties and the length property are now rendered as named properties in the serialization.
Removed the special serialization handling of RegExp properties. The properties 'source', 'global', 'ignoreCase' and 'multiline' are serialized with the rest of the properties.
Changed a lot of tests to handle the changed format.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1078 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-15 12:10:34 +00:00
ager@chromium.org
384b0a5408
Fix issue 191:
...
http://code.google.com/p/v8/issues/detail?id=191
Accessor setters should not be called for eval-introduced context
extension objects.
This change fixes the issue, but I think it is time to separate out
the lookup routines for eval-introduced context extension objects.
There is no reason to use the general lookup routines for this. I'll
do that in a separate changelist.
Review URL: http://codereview.chromium.org/18090
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1076 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-15 11:31:08 +00:00
ager@chromium.org
d4dae20a12
Fix issue 186:
...
http://code.google.com/p/v8/issues/detail?id=186
Create a new instance type for context extension objects. Use it to
not use the __proto__ accessor for context extension objects.
Review URL: http://codereview.chromium.org/18044
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1072 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-14 12:13:26 +00:00
christian.plesner.hansen@gmail.com
d6e6508bd7
Added clearing of captures before entering the body of a loop. This
...
also revealed a bug or two that had to be fixed.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1070 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-14 11:32:23 +00:00
iposva@chromium.org
f3da5ff626
Fix for issue 171:
...
- Make sure to not destroy the instance type by slightly rearranging the code.
- Added regression test.
Review URL: http://codereview.chromium.org/16594
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1042 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-07 23:26:31 +00:00
olehougaard
726aa859c6
Fix for issue 91 ( http://code.google.com/p/v8/issues/detail?id=91 )
...
Review URL: http://codereview.chromium.org/17232
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1036 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-07 09:58:58 +00:00
christian.plesner.hansen@gmail.com
b57b4a15cd
Merge regexp2000 back into bleeding_edge
...
Review URL: http://codereview.chromium.org/12427
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@832 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-11-25 11:07:48 +00:00
lrn@chromium.org
4e3bbd8247
If a HeapNumber is the incoming value, it must be converted to Smi before
...
checking. This is not done in a fast way.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@679 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-11-03 13:33:13 +00:00
kasperl@chromium.org
c128b8d9de
Improve code for looking up in context slots in runtime.cc and
...
use safe casting operations to slot access on contexts when
possible.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@588 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-24 10:59:40 +00:00
kasperl@chromium.org
b727198587
Fix issue 124 by computing the receiver correctly when
...
the property is found in a context slot.
Review URL: http://codereview.chromium.org/8097
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@566 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-23 08:42:22 +00:00
erik.corry@gmail.com
99f5ae88a3
Fix bug 1439135 (slicedstring on constring not flat)
...
Review URL: http://codereview.chromium.org/7809
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@530 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 08:08:17 +00:00
kasperl@chromium.org
c63477df3d
Fix issue 116 by returning the value from SetFastElement.
...
Review URL: http://codereview.chromium.org/7615
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@514 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-17 06:36:35 +00:00
christian.plesner.hansen@gmail.com
a601594796
Fixed bug 114
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@493 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-14 09:13:23 +00:00
ager@chromium.org
70dcba4024
Exclude the bit-field bits from string hash codes. String hash codes
...
are always odd if the bit-field bits are included.
Modified a couple of debugger tests that relied on the ordering of
elements in descriptor arrays. Descriptor arrays are sorted by
hash-code values, so the order changes if we change the hash code.
Review URL: http://codereview.chromium.org/6489
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@440 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-06 09:35:52 +00:00
whessev8
d2a8454d2f
This change removes the %AddProperty native JavaScript function from V8.
...
All uses of %AddProperty are replaced by %SetProperty. A few uses of
IgnoreAttributesAndSetLocalProperty are added, and the runtime version
of it adds a PropertyAttributes argument. Only the JSObject class
in objects.cc now uses AddProperty, and it can become private.
Review URL: http://codereview.chromium.org/6445
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@426 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-03 12:14:29 +00:00
kasperl@chromium.org
016fcd4aff
Fix issue 86 by keeping track of the fact that finally blocks
...
are evaluated with an extra element on the stack, which needs
to be taken into account when breaking and continuing.
I'll clean up the code and add an abstraction for manipulating
the break stack height in a future CL -- I want to try to get
rid of the separate local variable we keep around for the "state"
when running in a finally block.
Review URL: http://codereview.chromium.org/5625
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@400 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-01 07:43:00 +00:00
iposva@chromium.org
88192fc01c
Fix http://code.google.com/p/v8/issues/detail?id=69 :
...
- Simplify the switch statement code generation.
- Ensure that the switch value is always popped from the stack.
Credit goes to Feng for isolating the issue and proposing a fix.
Review URL: http://codereview.chromium.org/2888
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@315 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-16 11:23:02 +00:00
christian.plesner.hansen@gmail.com
f5b571e873
Quick fix: copyright header
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@255 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-10 13:05:26 +00:00
christian.plesner.hansen@gmail.com
6974e4b2c7
Fixed bug #57 . Introduced String::Utf8Value and replaced a bunch of
...
uses of String::AsciiValue with String::Utf8Value. Fixed shell sample
'load' so it doesn't print error messages.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@254 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-10 11:41:48 +00:00
christian.plesner.hansen@gmail.com
9bed566bdb
Changed copyright header from google inc. to v8 project authors.
...
Added presubmit step to check copyright.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@242 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-09 20:08:45 +00:00
christian.plesner.hansen@gmail.com
3351499cb5
Fixed problem where asian characters were not categorized as letters
...
because they were defined using different syntax in the unicode
database.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@200 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-08 10:45:01 +00:00
kasperl@chromium.org
2f0c910731
Fix issue 35 by applying patch by Daniel James.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@195 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-08 07:58:54 +00:00
christian.plesner.hansen@gmail.com
472ae34f9d
- Added some "special" tests that were left out before.
...
- Added option to test runner that allows us to run the tests under
valgrind.
- Added test status for the failing arm simulator tests.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@116 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-03 07:31:19 +00:00
christian.plesner.hansen
05bbf90b3a
Changed shell sample to take flags directly from the command-line. Added api call that implements this.
...
Added better test support.
Added load, quit and version functions to the shell sample so it's easier to run benchmarks and tests.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-08-27 10:11:39 +00:00
christian.plesner.hansen
c42f5829a1
Included mjsunit JavaScript test suite and C++ unit tests.
...
In the shell sample don't print the result of executing a script, only
evaluating expressions.
Fixed issue when building samples on Windows using a shared V8
library. Added visibility option on Linux build which makes the
generated library 18% smaller.
Changed build system to accept multiple build modes in one build and
generate seperate objects, libraries and executables for each mode.
Removed deferred negation optimization (a * -b => -(a * b)) since this
visibly changes operand conversion order.
Improved parsing performance by introducing stack guard in preparsing.
Without a stack guard preparsing always bails out with stack overflow.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-08-22 13:33:59 +00:00