AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
9,650 Commits 1 Branch 0 Tags 839 MiB
55e924c595
Commit Graph

1710 Commits

Author SHA1 Message Date
yangguo@chromium.org
ddfae013a6 Disable test that triggers known bug. 
BUG=v8:2261

Review URL: https://chromiumcodereview.appspot.com/10910029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12418 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-31 12:02:02 +00:00
yangguo@chromium.org
5dd51bafef Cache results in SearchRegExpMultiple. 
BUG=

Review URL: https://chromiumcodereview.appspot.com/10837290

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12416 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-31 09:28:01 +00:00
verwaest@chromium.org
90db487390 Elements load depends on the type of the receiver. 
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10918005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12413 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-30 17:31:32 +00:00
rossberg@chromium.org
b0067e9cd5 Disable test that triggers known bug. 
R=verwaest@chromium.org
BUG=v8:2261

Review URL: https://chromiumcodereview.appspot.com/10896005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12399 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-28 14:17:55 +00:00
rossberg@chromium.org
ccc827a6f8 Allocate block-scoped global bindings to global context. 
- The global object has a reference to the current global scope chain.
  Running a script adds to the chain if it contains global lexical declarations.
- Scripts are executed relative to a global, not a native context.
- Harmony let and const bindings are allocated to the innermost global context;
  var and function still live on the global object.
  (Lexical bindings are not reflected on the global object at all,
  but that will probably change later using accessors, as for modules.)
- Compilation of scripts now needs a (global) context (previously only eval did).
- The global scope chain represents one logical scope, so collision tests take
  the chain into account.

R=svenpanne@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/10872084

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12398 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-28 11:25:08 +00:00
yangguo@chromium.org
7cbca775ee Reland regexp global optimizations. 
BUG=

Review URL: https://chromiumcodereview.appspot.com/10872010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-28 09:37:41 +00:00
ulan@chromium.org
7b1d13affc Revert r12342 "Flush monomorphic ICs on context disposal instead of context exit." because of canary channel crashes. 
BUG=144230
R=verwaest@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10868068

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12388 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-27 16:08:27 +00:00
danno@chromium.org
3544e2e875 Disable speculative LICM when it may lead to unnecessary deopts 
BUG=v8:2250
R=vegorov@chromium.org
TEST=tests/mjsunit/regress/regress-2250.js

Review URL: https://chromiumcodereview.appspot.com/10867033

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-23 21:08:58 +00:00
vegorov@chromium.org
106a83252d Fix DoDeferredNumberTagU to keep the value in xmm1 instead of xmm0 on x64. 
xmm0 is not saved across runtime call on x64 because MacroAssembler::EnterExitFrameEpilogue preserves only allocatable XMM registers unlike on ia32 where it preserves all registers.

Cleanup handling of shifts: SHR can deoptimize only when its a shift by 0, all other shift never deoptimize.

Fix type inference for i-to-t change instruction. On X64 this ensures that write-barrier is generated correctly.

R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10868032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12373 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-23 16:14:01 +00:00
vegorov@chromium.org
f476d4d431 Allow uint32 value on optimized frames if they are consumed by safe operations. 
Safe operations are those that either do not observe unsignedness or have special support for uint32 values:

- all binary bitwise operations: they perform ToInt32 on inputs;
- >> and << shifts: they perform ToInt32 on left hand side and ToUint32 on right hand side;
- >>> shift: it performs ToUint32 on both inputs;
- stores to integer external arrays (not pixel, float or double ones): these stores are "bitwise";
- HChange: special support added for conversions of uint32 values to double and tagged values;
- HSimulate: special support added for deoptimization with uint32 values in registers and stack slots;
- HPhi: phis that have only safe uses and only uint32 operands are uint32 themselves.

BUG=v8:2097
TEST=test/mjsunit/compiler/uint32.js

Review URL: https://chromiumcodereview.appspot.com/10778029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-22 15:44:17 +00:00
ulan@chromium.org
efc26f9b2b Fix rounding in Uint8ClampedArray setter. 
According to Web IDL spec, we should round to
the nearest integer, choosing the even integer
if it lies halfway between two.

R=yangguo@chromium.org,kbr@chromium.org
BUG=v8:2294

Review URL: https://chromiumcodereview.appspot.com/10831409

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12364 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-22 14:27:11 +00:00
verwaest@chromium.org
5df5eea066 Check that index and length are Smi in bounds check. 
BUG=chromium:142218
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10829456

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-21 16:46:25 +00:00
yangguo@chromium.org
2b2f28cd2a Revert r12346 (Introduce InternalProperty type and expose internal properties for bound functions) 
Original CL: https://chromiumcodereview.appspot.com/10834376

BUG=

Review URL: https://chromiumcodereview.appspot.com/10834428

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12351 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-21 09:48:26 +00:00
peter.rybin@gmail.com
cfc4c37768 Introduce InternalProperty type and expose internal properties for bound functions 
Review URL: https://chromiumcodereview.appspot.com/10834376

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12346 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-20 21:49:19 +00:00
ulan@chromium.org
27fb8c2cf6 Flush monomorphic ICs on context disposal instead of context exit. 
R=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10836189

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-20 12:09:03 +00:00
yangguo@chromium.org
3a1c290b2c Add input check to %DebugSetScriptSource. 
R=verwaest@chromium.org
BUG=v8:2296

Review URL: https://chromiumcodereview.appspot.com/10837308

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-17 15:21:15 +00:00
svenpanne@chromium.org
b10d5d7f08 Deoptimization support for accessors. 
Highlights of this CL:

 * Introduced a new opcode in the deoptimizer for a setter stub frame.

 * Added a global setter stub for returning after deoptimizing a setter.

 * We do not need special deopt support for getters, although the getter stub creates an internal frame. The normal machinery works just right for this case, although we generate a stack that can never occur during normal fullcode execution. If this hurts us one day, we can parameterize and reuse the setter deopt machinery.

Review URL: https://chromiumcodereview.appspot.com/10855098

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12328 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-17 10:43:32 +00:00
svenpanne@chromium.org
f5f8ebd4ed Fix accessor lookup in crankshaft. 
Seeing monomorphic type feedback plus an AccessorPair does not necessarily imply
that the corresponding getter/setter is really there, so we have to check for
this explictly.

TEST=mjsunit/object-define-property

Review URL: https://chromiumcodereview.appspot.com/10825384

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12317 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-16 10:35:39 +00:00
mstarzinger@chromium.org
886c0fa4f7 Extend constructor inlining test case. 
This makes sure that deoptimization really happens in each hydrogen
context by not using binary operations but loads instead. This is
needed because we cannot clear BinaryOpICs explicitly.

R=svenpanne@chromium.org
TEST=mjsunit/compiler/inline-construct

Review URL: https://chromiumcodereview.appspot.com/10825382

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12315 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-16 09:13:25 +00:00
erik.corry@gmail.com
ee3a66b273 Fix bug in compare IC. BUG=2291 
Review URL: https://chromiumcodereview.appspot.com/10830334

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12313 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-15 15:08:42 +00:00
svenpanne@chromium.org
1ee6c0e30b Improved constructor inlining unit tests. 
Currently we inline functions with different contexts only on ia32, so we have
to move the helper functions for the various contexts to the top level. Further
more, "new Object()" seems to prevent inlining, too, so we us a simple object
literal.

Although things get consistently inlined now, something strange seems to happen
in test/effect contexts: The DEOPT output seems to contain too few frames, and
we don't get any DEOPT ouput after the first time for those contexts. This has
to be investigated...

TBR=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10836258

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-15 09:39:13 +00:00
yangguo@chromium.org
28c892938e Ensure capacity when adding parts in String.replace. 
R=ulan@chromium.org
BUG=v8:2289
TEST=regress-2289.js

Review URL: https://chromiumcodereview.appspot.com/10830304

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-14 11:33:12 +00:00
yangguo@chromium.org
d3733ce1e3 Prevent segfault on undefined inline runtime call. 
R=mstarzinger@chromium.org
BUG=v8:2286

Review URL: https://chromiumcodereview.appspot.com/10828282

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12306 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-14 10:06:34 +00:00
yangguo@chromium.org
3605fcbe63 Fix indexing bug in regexp, part 2. 
The previous fix initialized the start index incorrectly.

BUG=

Review URL: https://chromiumcodereview.appspot.com/10834291

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12302 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-13 15:53:40 +00:00
mstarzinger@chromium.org
e77f24f44e Remove prototype of global builtins object. 
R=yangguo@chromium.org
BUG=v8:2284
TEST=mjsunit/regress/regress-2284

Review URL: https://chromiumcodereview.appspot.com/10854116

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12301 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-13 15:34:49 +00:00
yangguo@chromium.org
960b1af12f Fix wrong indexing in global regexp. 
R=ulan@chromium.org
BUG=142087

Review URL: https://chromiumcodereview.appspot.com/10824278

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12300 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-13 15:26:46 +00:00
yangguo@chromium.org
f30099dacf Check for function in %_CallFunction. 
R=mstarzinger@chromium.org
BUG=v8:2285

Review URL: https://chromiumcodereview.appspot.com/10854115

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-13 12:11:26 +00:00
yangguo@chromium.org
bc9df090c7 Fix array-iteration test case. 
R=verwaest@chromium.org
BUG=v8:2282

Review URL: https://chromiumcodereview.appspot.com/10827295

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12297 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-13 08:32:17 +00:00
yangguo@chromium.org
cd5ee62692 Allow multiple lines of custom flags in javascript tests. 
R=ulan@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/10855099

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12289 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-10 12:26:33 +00:00
svenpanne@chromium.org
f9aea9fcef Inline simple setter calls. 
Currently only simple setter calls are handled (i.e. no calls in count
operations or compound assignments), and deoptimization in the setter is not
handled at all. Because of the latter, we temporarily hide this feature behind
the --inline-accessors flag, just like inlining getters.

We now use an enum everywhere we depend on the handling of a return value,
passing around several boolean would be more confusing.

Made VisitReturnStatement and the final parts of TryInline more similar, so
matching them visually is a bit easier now.

Simplified the signature of AddLeaveInlined, the target of the HGoto can simply
be retrieved from the function state.

Review URL: https://chromiumcodereview.appspot.com/10836133

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12286 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-10 09:05:42 +00:00
yangguo@chromium.org
5d35b1851b Fix parseInt's octal parsing behavior (ECMA-262 Annex E 15.1.2.2). 
R=svenpanne@chromium.org
BUG=v8:1645
TEST=test262, parse-int-float.js

Review URL: https://chromiumcodereview.appspot.com/10836151

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12273 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-08 07:44:17 +00:00
yangguo@chromium.org
e0954ca592 Take advantage of batched results when matching global regexp. 
BUG=
TEST=regexp-global.js

Review URL: https://chromiumcodereview.appspot.com/10831126

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12258 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-06 09:06:27 +00:00
svenpanne@chromium.org
83fc4205f6 Fixed compound/count operations with getter-only accessor properties. 
The underlying problem is that for compound/count operations we use the *load*
type feedback for storing, too. For normal properties this doesn't matter, but
for accessor properties we should better use the *store* type feedback, which
would be available, too. This consistent feedback usage could be guaranteed if
we removed the heavy copy-n-paste in the crankshaft code generation for
compound/count operations and assignments/property loads.

To be on the safe side, we postpone this refactoring and do a quick and easily
mergeable fix.

BUG=140083
TEST=mjsunit/regress/regress-crbug-140083.js

Review URL: https://chromiumcodereview.appspot.com/10828146

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12252 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-03 09:45:08 +00:00
ulan@chromium.org
c6d4094e44 Android: increase default test timeout and skip time sensitive mjsunit/regress/regress-1969. 
R=yangguo@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10836049

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12249 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-08-01 13:06:08 +00:00
erik.corry@gmail.com
b3e2440580 Speed up quicksort test to avoid timeouts on simulators. 
Review URL: https://chromiumcodereview.appspot.com/10830093

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12237 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-31 13:36:24 +00:00
jkummerow@chromium.org
80c35c6522 Always set the callee's context when calling a function from optimized code. 
This is necessary even for recursive calls because we're sharing optimized code among closures, which could call each other and have distinct contexts.

BUG=138887
TEST=mjsunit/regress/regress-crbug-138887

Review URL: https://chromiumcodereview.appspot.com/10834031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12201 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-26 12:49:08 +00:00
mstarzinger@chromium.org
806fb8be96 Fix bootstrapping without snapshot and low GC interval. 
R=yangguo@chromium.org
BUG=v8:2249
TEST=mjsunit/regress/regress-2249 (snapshot=off)

Review URL: https://chromiumcodereview.appspot.com/10818005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12177 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-23 16:18:25 +00:00
danno@chromium.org
3667f92cbb Add dependency to HLoadKeyed* instructions to prevent invalid hoisting 
BUG=chromium:137768
TEST=test/mjsunit/regress/regress-137768.js

Review URL: https://chromiumcodereview.appspot.com/10802038

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12173 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-23 13:59:24 +00:00
yangguo@chromium.org
0c23596d7d Interpret negative hexadecimal literals as NaN. 
R=rossberg@chromium.org
BUG=v8:2240
TEST=str-to-num.js

Review URL: https://chromiumcodereview.appspot.com/10818003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12169 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-23 10:33:41 +00:00
yangguo@chromium.org
50bf19a975 Fix corner case when transforming dictionary to fast elements. 
R=verwaest@chromium.org
BUG=v8:2249
TEST=regress-2249.js

Review URL: https://chromiumcodereview.appspot.com/10802051

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12167 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-23 08:41:53 +00:00
danno@chromium.org
8c89cc4cab Optimize Smi keys for KeyedLoads 
Allows KeyeLoad/KeyedStore operations where the key is a Smi to fold the untagging of the key into the element offset calculation.

Review URL: https://chromiumcodereview.appspot.com/10735020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12156 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-20 11:00:33 +00:00
jkummerow@chromium.org
c09a137013 Android test runner: Update mjsunit status 
Review URL: https://chromiumcodereview.appspot.com/10810012
Patch from Haitao Feng <haitao.feng@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12155 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-20 10:03:39 +00:00
sanjoy@chromium.org
693c7643d2 Optimize functions on a second thread. 
BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10807024

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12148 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-19 18:58:23 +00:00
jkummerow@chromium.org
6a60899022 Build V8 for Android IA 
Review URL: https://chromiumcodereview.appspot.com/10778033
Patch from Haitao Feng <haitao.feng@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12122 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-18 11:43:44 +00:00
verwaest@chromium.org
90c7cb1397 When following an accessor transition for an already existing accessor, don't load the last added descriptor but the same descriptor as we already found previously. 
BUG=137689
TEST=test/mjsunit/regress/regress-crbug-137689.js

Review URL: https://chromiumcodereview.appspot.com/10808005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12115 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-18 09:20:57 +00:00
yangguo@chromium.org
022ba0588a Fix transcendental cache on ARM in optimized code. 
R=jkummerow@chromium.org
BUG=v8:2234
TEST=regress-2234.js

Review URL: https://chromiumcodereview.appspot.com/10695205

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12086 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-16 09:44:59 +00:00
svenpanne@chromium.org
43e87a65e1 Added Crankshaft support for setters. 
Refactored ComputeLoadStoreField a bit on the way to clarify a bit what it
actually does.

Review URL: https://chromiumcodereview.appspot.com/10692187

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12072 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-13 07:14:28 +00:00
svenpanne@chromium.org
b8a7abd1fc Perform HasFastProperties check on prototypes when computing call targets in Crankshaft, part 2. 
The previous fix was for "real" calls, this one is for getters. It is a bit
unfortunate that this has to be fixed twice: We should really break up
Call::ComputeTarget into a predicate and 1 or 2 getters, so code can be reused.

The regression test has been modified a bit to make things more uniform.

Review URL: https://chromiumcodereview.appspot.com/10702164

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12053 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-12 09:32:26 +00:00
jkummerow@chromium.org
2f43f5e9d7 MIPS: Rename "mips" arch to "mipsel" in the GYP build. 
In the traditional MIPS naming scheme, "mips" is used for
big-endian mips and "mipsel" is used for little-endian mips.
In V8 the "mips" build is little-endian, so the "mips" target is
renamed to "mipsel" to be compliant with the traditional MIPS
naming scheme.

This change is also required for supporting the Chromium project on MIPS.

BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10695114

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12047 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-11 15:15:04 +00:00
jkummerow@chromium.org
0c4cc038e6 Add missing --allow-natives-syntax flag to test case 
R=rossberg@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10698152

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-11 14:45:47 +00:00
jkummerow@chromium.org
432576b7c8 Perform HasFastProperties check on prototypes when computing call targets in Crankshaft. 
BUG=125148
TEST=mjsunit/regress/regress-crbug-125148

Review URL: https://chromiumcodereview.appspot.com/10735054

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12043 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-11 14:27:53 +00:00
yangguo@chromium.org
2a819667c1 Do not use user-defined __lookupGetter__ when generating stack trace. 
BUG=v8:1591
TEST=regress-1591.js

Review URL: https://chromiumcodereview.appspot.com/10736030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12040 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-11 11:35:19 +00:00
mstarzinger@chromium.org
09bfdabd2a Fix inline constructors for Harmony Proxy prototypes. 
R=rossberg@chromium.org
BUG=v8:2225
TEST=mjsunit/regress/regress-2225

Review URL: https://chromiumcodereview.appspot.com/10736009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12028 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-10 11:28:33 +00:00
mmassi@chromium.org
c74871f37b Fixed array bounds check elimination (Chromium issue 132114). 
BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10698125

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-10 11:01:29 +00:00
verwaest@chromium.org
1007696cdb After transitioning to constant function, return the constant function as result of the assignment. 
BUG=v8:2226
TEST=test/mjsunit/regress/regress-2226.js

Review URL: https://chromiumcodereview.appspot.com/10700137

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-10 09:31:30 +00:00
rossberg@chromium.org
98db1a369d Implement proper module linking. 
Specifically:

- In parser, check that all exports are defined.
- Move JSModule allocation from parser to scope resolution.
- Move JSModule linking from full codegen to scope resolution.
- Implement module accessors for exported value members.
- Allocate module contexts statically along with JSModules
  (to allow static linking), but chain them when module literal is evaluated.
- Make module contexts' extension slot refer to resp. JSModule
  (makes modules' ScopeInfo accessible from context).
- Some other tweaks to context handling in general.
- Make any code containing module literals (and thus embedding
  static references to JSModules) non-cacheable.

This enables accessing module instance objects as expected.
Import declarations are a separate feature and do not work yet.

R=mstarzinger@chromium.org
BUG=v8:1569
TEST=

Review URL: https://chromiumcodereview.appspot.com/10690043

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12010 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-09 08:59:03 +00:00
yangguo@chromium.org
3e3160b08c Correctly advance the scanner when scanning unicode regexp flag. 
R=rossberg@chromium.org
BUG=136084
TEST=regress-136084.js

Review URL: https://chromiumcodereview.appspot.com/10703106

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12002 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-06 14:04:15 +00:00
mstarzinger@chromium.org
026f179b34 Fix unhandlified code calling Harmony Proxy traps. 
R=rossberg@chromium.org
BUG=v8:2219
TEST=mjsunit/regress/regress-2219

Review URL: https://chromiumcodereview.appspot.com/10703103

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-06 11:34:22 +00:00
danno@chromium.org
f97df41fcf Fix timout of packed-elements.js on ARM 
R=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10703093

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11993 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-05 13:40:51 +00:00
svenpanne@chromium.org
ebff0eb7b3 Handle accessors on the prototype chain in StoreICs. 
Made stub compiler function signatures a bit more consistent on the way.

Review URL: https://chromiumcodereview.appspot.com/10735003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11984 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-04 11:40:51 +00:00
rossberg@chromium.org
cc5a88812d Implement typedarray.set and arraybuffer.slice for d8. 
R=yangguo@chromium.org
BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10694051

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11983 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-03 13:44:36 +00:00
mstarzinger@chromium.org
7da6d2b023 Fix lazy compilation for strict eval scopes. 
This prevents lazy compilation of functions that have an outer context
containing a strict eval scope. Such a scope potentially contains
context allocated variables in an artificial function scope that is not
deserialized correctly.

R=ulan@chromium.org
BUG=chromium:135066
TEST=mjsunit/regress/regress-crbug-135066

Review URL: https://chromiumcodereview.appspot.com/10704058

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11976 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-03 08:41:13 +00:00
ulan@chromium.org
c22c7054f2 Add Makefile targets for running tests on Android. 
This allows to run tests on the attached Android device using
> make android.check
> make android.debug.check
> make android.release.check
> ANDROID_V8=/data/local/v8 TESTJOBS=-j4 make android.release.check -j10

Tests and binaries are copied to device location specified by the ANDROID_V8
variable and then tests are executed using the 'adb shell' program.

R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10696048

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11975 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-03 07:45:58 +00:00
rossberg@chromium.org
1590a5d6b4 Added tests for calling typed array constructors as functions. 
R=danno@chromium.org
BUG=v8:1497
TEST=

Review URL: https://chromiumcodereview.appspot.com/10701055

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11968 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-02 13:09:47 +00:00
danno@chromium.org
34d79888fb Add test case for typed arrays slicing 
R=rossberg@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10698069

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11962 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-07-02 10:45:00 +00:00
yangguo@chromium.org
f6230ab420 Extend test for external arrays. 
R=rossberg@chromium.org
BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10697033

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11953 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-29 15:06:36 +00:00
rossberg@chromium.org
680797234c Further extend TypedArray support in d8: 
- Add copy constructors.
- Add subarray methods.
- Make instanceof and constructor property work.
- Rename PixelArray to Uint8ClampedArray.

Also fix broken definition of assertInstanceof in MJSUnit test harness.

R=mstarzinger@chromium.org
BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10558005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11949 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-28 16:29:53 +00:00
mstarzinger@chromium.org
a691c693fb Fix lazy parsing heuristics to respect outer scope. 
This makes sure that a function literal is only parsed lazily when the
outer scope actually allows lazy compilation. Otherwise compilation will
crash due to a missing function body.

R=ulan@chromium.org
BUG=chromium:135008
TEST=mjsunit/regress/regress-crbug-135008

Review URL: https://chromiumcodereview.appspot.com/10698032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11945 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-28 14:56:28 +00:00
mstarzinger@chromium.org
a90c023d5e Allow inlining of functions containing array literals. 
R=yangguo@chromium.org
BUG=v8:1322
TEST=mjsunit/compiler/inline-literals

Review URL: https://chromiumcodereview.appspot.com/10689005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11942 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-27 14:46:01 +00:00
mstarzinger@chromium.org
df35732ab2 Allow inlining of functions containing RegExp literals. 
R=yangguo@chromium.org
BUG=v8:1322
TEST=mjsunit/compiler/inline-literals

Review URL: https://chromiumcodereview.appspot.com/10703005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11940 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-27 11:49:37 +00:00
yangguo@chromium.org
8a61d3f2fd Port r11517 (not deopt Math.floor on negative input) to x64, sse2. 
BUG=v8:873
TEST=math-floor-negative.js

Review URL: https://chromiumcodereview.appspot.com/10636057

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11935 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-27 07:27:28 +00:00
yangguo@chromium.org
3a74218589 MIPS: Skip LiveEdit test on ARM. 
Port r11915 (4c749256)

BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10661049
Patch from Akos Palfi <palfia@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11929 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-26 07:48:04 +00:00
mstarzinger@chromium.org
362381c68d Fix Harmony Maps and WeakMaps for undefined values. 
R=rossberg@chromium.org
BUG=chromium:132744
TEST=mjsunit/harmony/collections

Review URL: https://chromiumcodereview.appspot.com/10658014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11924 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-25 13:33:48 +00:00
yangguo@chromium.org
99a58e36ad Correctly throw reference error in strict mode with ICs disabled. 
R=jkummerow@chromium.org
BUG=v8:2119
TEST=regress/regress-2119.js

Review URL: https://chromiumcodereview.appspot.com/10659011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11923 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-25 13:28:11 +00:00
yangguo@chromium.org
32a6a29cc8 Skip LiveEdit test on ARM. 
R=mstarzinger@chromium.org
BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/10665021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11915 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-25 08:18:09 +00:00
peter.rybin@gmail.com
83973a0a2e Correctly support several consecutive stack modifications. 
Review URL: https://chromiumcodereview.appspot.com/10637003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-22 20:50:03 +00:00
mstarzinger@chromium.org
84b866b2d9 Fix sharing of literal boilerplates for optimized code. 
This makes sure the literal boilerplates array is correctly shared
together with optimized code when caching of optimized code is enabled.
It also enabled said caching by default again.

R=ulan@chromium.org
BUG=v8:2193
TEST=mjsunit/regress/regress-2193

Review URL: https://chromiumcodereview.appspot.com/10649008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-22 13:55:15 +00:00
jkummerow@chromium.org
9ce4133017 Make near-jump check more strict in LoadNamedFieldPolymorphic on ia32/x64 
BUG=134055

TEST=mjsunit/regress/regress-crbug-134055

Review URL: https://chromiumcodereview.appspot.com/10630027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11907 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-22 13:38:39 +00:00
yangguo@chromium.org
e4f4aad2d1 x86/x64 port of Math.floor(x/y) to use integer division for specific divisor. 
Only handles when x is int32 and y is int32 constant.

BUG=v8:2038

Currently implemented by imul (not fpmul).
x86 and x64 algorithm differs a bit.
x86 implementation is kind of cumbersome, but I couldn't think of better ways.

Review URL: https://chromiumcodereview.appspot.com/10382033
Patch from Zheng Liu <zheng.z.liu@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11887 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-20 14:08:03 +00:00
erik.corry@gmail.com
423e5b8906 Make a test run faster that is timing out on the ARM simulator. 
Review URL: https://chromiumcodereview.appspot.com/10577032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-20 13:31:07 +00:00
erikcorry
f4f9e2c1e0 Quicksort: Choose pivot with recursive sort of pivot candidates on large arrays to avoid patholgical cases. 
Review URL: http://codereview.chromium.org/10532193

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11873 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-20 07:52:47 +00:00
mstarzinger@chromium.org
edc231e2a9 Fix return values for Harmony map and set operations. 
R=rossberg@chromium.org
BUG=chromium:132741,chromium:132742
TEST=mjsunit/harmony/collections

Review URL: https://chromiumcodereview.appspot.com/10573011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11869 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-19 15:23:03 +00:00
mstarzinger@chromium.org
a760b82cab Enable lazy compilation for non-trivial outer contexts. 
This changes the compiler to be more aggressive about lazy compilation
of closures with non-trivial outer context. Compilation can only be
triggered with a valid outer context now. One exception is the debugger,
which can request compilation of arbitrary shared code, but it ensures
to trigger compilation only at points where no context is needed.

This relands r11782, r11783, r11790 and a minor fix.

R=ulan@chromium.org
TEST=mjsunit/debug-script-breakpoints-nested

Review URL: https://chromiumcodereview.appspot.com/10543141

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-19 14:29:48 +00:00
rossberg@chromium.org
3e6b01df18 Fix crash bug in Hydrogen occurring with empty prototype chain. 
(Thanks for diagnosing this.)

R=vegorov@chromium.org
BUG=115100
TEST=

Review URL: https://chromiumcodereview.appspot.com/10576013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11861 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-19 13:44:07 +00:00
verwaest@chromium.org
30b335157f Fixing ClearNonLiveTransition bug in combination with AccessorPairs. 
BUG=133211
TEST=test/mjsunit/regress/regress-133211b.js

Review URL: https://chromiumcodereview.appspot.com/10575018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11860 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-19 13:16:39 +00:00
yangguo@chromium.org
0a60da717b Correctly resolve local var shadowing a context-allocated var in debugger. 
R=ulan@chromium.org
BUG=131994
TEST=regress/regress-131994.js

Review URL: https://chromiumcodereview.appspot.com/10585002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-19 11:25:49 +00:00
verwaest@chromium.org
8b7b7f466f Make sure we don't leak map transitions from AccessorPairs to the Javascript world. 
BUG=133211
TEST=test/mjsunit/regress/regress-133211.js

Review URL: https://chromiumcodereview.appspot.com/10559062

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11854 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-19 10:58:15 +00:00
mstarzinger@chromium.org
928a1bff32 Fix handling of numbers in SameValue method. 
R=vegorov@chromium.org
BUG=v8:2186
TEST=mjsunit/regress/regress-2186

Review URL: https://chromiumcodereview.appspot.com/10532198

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11853 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-18 14:21:29 +00:00
yangguo@chromium.org
fa48ccde25 Print correct line number for Error thrown inside eval. 
R=rossberg@chromium.org
BUG=v8:1914
TEST=eval-stack-trace.js

Review URL: https://chromiumcodereview.appspot.com/10565002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11851 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-18 13:39:24 +00:00
erikcorry
45c4cd26be Avoid arbitrarily deep recursion in Array.sort. 
BUG=v8:2185
Review URL: http://codereview.chromium.org/10561017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11839 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-18 09:23:05 +00:00
peter.rybin@gmail.com
a2e9f7c46b Fix for Issue 915 
Review URL: https://chromiumcodereview.appspot.com/10332101

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11837 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-16 21:40:35 +00:00
peter.rybin@gmail.com
bdfc48a3fd Support 'restart call frame' debug command 
Review URL: https://chromiumcodereview.appspot.com/10544151

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11836 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-15 16:52:03 +00:00
erik.corry@gmail.com
045b2fbf20 Revert part of 11727 as it sometimes tanked V8 benchmark (raytrace) performance 
for reasons that are not obvious.  Now we make objects into fast-case objects
when they are made prototypes for other objects, but we do not mark objects
that are already fast case with a bit that helps keep them in fast case.
Review URL: https://chromiumcodereview.appspot.com/10556004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-15 11:53:09 +00:00
fschneider@chromium.org
bb0a2ea766 Share optimized code for closures. 
Each SharedFunctionInfo gets an optimized code map to store
one optimized code object per context. When allocating a new
closure we consult this map and check if there is optimized code
that can be shared.

This patch is based on an original patch
by Anton Muhin (http://codereview.chromium.org/6793013/).

BUG=v8:2087, v8:2094
TEST=test/mjsunit/compiler/optimized-closures.js
Review URL: https://chromiumcodereview.appspot.com/10103035

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11817 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-14 14:06:22 +00:00
yangguo@chromium.org
675d9b8a04 Add missing string length check in regexp engine. 
R=erik.corry@gmail.com
BUG=v8:2172
TEST=regress-2172.js

Review URL: https://chromiumcodereview.appspot.com/10536170

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-14 13:59:48 +00:00
mstarzinger@chromium.org
90c2448be6 Fix assertion for map code cache of shared maps. 
R=danno@chromium.org
TEST=mjsunit/compare-known-objects-slow

Review URL: https://chromiumcodereview.appspot.com/10548046

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11815 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-14 13:54:23 +00:00
yangguo@chromium.org
fb81da2e5f ARM: Fix literal pool handling for breakpoints in debugger. 
BUG=2177
TEST=none

Review URL: https://chromiumcodereview.appspot.com/10449047
Patch from Martyn Capewell <m.m.capewell@googlemail.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11812 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-14 11:16:47 +00:00
mstarzinger@chromium.org
74ab92e0ac Fix performance regression caused by r11202. 
R=erik.corry@gmail.com
BUG=v8:2156,v8:2034
TEST=mjsunit/regress/regress-2156,mjsunit/regress/regress-2034

Review URL: https://chromiumcodereview.appspot.com/10539131

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-13 11:58:18 +00:00
mstarzinger@chromium.org
9edaa1536b Revert r11782, r11783 and r11790 due to Webkit failures. 
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/10536142

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11796 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-13 11:26:34 +00:00
erikcorry
5eb4baed65 Fix r11780 to avoid bugs where near branches are used to labels that are out of range. 
Review URL: http://codereview.chromium.org/10542137

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11792 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2012-06-13 09:54:34 +00:00