yangguo@chromium.org
675d9b8a04
Add missing string length check in regexp engine.
...
R=erik.corry@gmail.com
BUG=v8:2172
TEST=regress-2172.js
Review URL: https://chromiumcodereview.appspot.com/10536170
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-14 13:59:48 +00:00
mstarzinger@chromium.org
90c2448be6
Fix assertion for map code cache of shared maps.
...
R=danno@chromium.org
TEST=mjsunit/compare-known-objects-slow
Review URL: https://chromiumcodereview.appspot.com/10548046
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11815 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-14 13:54:23 +00:00
danno@chromium.org
3515559a38
Increase old space in cctest/test-api/HugeConsStringOutOfMemory test.
...
This test is failing on MIPS since r11715 (a7d6f92c),
it seems that after the modifications in bootstrapper.cc,
this test runs out of old generation space on MIPS.
TEST=cctest/test-api/HugeConsStringOutOfMemory
BUG=
Review URL: https://chromiumcodereview.appspot.com/10533148
Patch from Akos Palfi <palfia@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11814 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-14 13:52:58 +00:00
yangguo@chromium.org
fb81da2e5f
ARM: Fix literal pool handling for breakpoints in debugger.
...
BUG=2177
TEST=none
Review URL: https://chromiumcodereview.appspot.com/10449047
Patch from Martyn Capewell <m.m.capewell@googlemail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11812 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-14 11:16:47 +00:00
yangguo@chromium.org
9978fae61d
Ensure removing processed command line arguments.
...
BUG="d8 --crankshaft --expose-debug-as" crashes
TEST=test-flags/FlagsRemoveIncomplete
Review URL: https://chromiumcodereview.appspot.com/10534137
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11803 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-13 15:02:05 +00:00
mstarzinger@chromium.org
74ab92e0ac
Fix performance regression caused by r11202.
...
R=erik.corry@gmail.com
BUG=v8:2156,v8:2034
TEST=mjsunit/regress/regress-2156,mjsunit/regress/regress-2034
Review URL: https://chromiumcodereview.appspot.com/10539131
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-13 11:58:18 +00:00
mstarzinger@chromium.org
9edaa1536b
Revert r11782, r11783 and r11790 due to Webkit failures.
...
R=danno@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10536142
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11796 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-13 11:26:34 +00:00
erikcorry
5eb4baed65
Fix r11780 to avoid bugs where near branches are used to labels that are out of range.
...
Review URL: http://codereview.chromium.org/10542137
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11792 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-13 09:54:34 +00:00
ulan@chromium.org
f8b4574250
Return an error when parsing invalid dates where a number immediately follows a word.
...
BUG=53209,126448
TEST=mjsunit/date-parse.js
R=rossberg@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10541138
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11791 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-13 09:10:37 +00:00
yangguo@chromium.org
9a80637be7
Fix GCC 4.6 build.
...
R=jkummerow@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10541137
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11788 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-13 07:17:37 +00:00
svenpanne@chromium.org
1ea5db0ed3
Martyn Capewell <m.m.capewell@googlemail.com>
...
Review URL: https://chromiumcodereview.appspot.com/10451037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11784 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-12 17:26:28 +00:00
mstarzinger@chromium.org
19ece2bec8
Enable lazy compilation for non-trivial outer contexts.
...
This changes the compiler to be more aggressive about lazy compilation
of closures with non-trivial outer context. Compilation can only be
triggered with a valid outer context now. One exception is the debugger,
which can request compilation of arbitrary shared code, but it ensures
to trigger compilation only at points where no context is needed.
R=ulan@chromium.org
TEST=mjsunit/debug-script-breakpoints-nested
Review URL: https://chromiumcodereview.appspot.com/10538102
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-12 15:57:50 +00:00
erikcorry
0418b67142
Add negative lookups to polymorphic loads in Crankshaft.
...
Review URL: http://codereview.chromium.org/10539110
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11780 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-12 15:44:12 +00:00
mstarzinger@chromium.org
a41d79a16d
Temporarily disable debugger test on ARM.
...
R=yangguo@chromium.org
BUG=v8:2177
TEST=mjsunit/debug-liveedit-breakpoints
Review URL: https://chromiumcodereview.appspot.com/10543112
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11776 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-12 15:23:36 +00:00
danno@chromium.org
43a1f5e25d
Eliminate redundant smi checks
...
R=mstarzinger@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10543094
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11774 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-12 12:16:19 +00:00
yangguo@chromium.org
09179b314a
Reland r11753: Fix try..finally.
...
R=ulan@chromium.org
BUG=129171
TEST=test-api/TryFinallyMessage, mjsunit/try-finally-continue.js
Review URL: https://chromiumcodereview.appspot.com/10540095
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-11 13:18:05 +00:00
sanjoy@chromium.org
6125718f37
Remove TLS access for current Zone.
...
By passing around a Zone object explicitly we no longer need to do a
TLS access at the sites that allocate memory from the current Zone.
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10534006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11761 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-11 12:42:31 +00:00
jkummerow@chromium.org
5e60931332
Clean up some minor stuff in test expectation files
...
Review URL: https://chromiumcodereview.appspot.com/10545082
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11757 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-11 12:24:00 +00:00
yangguo@chromium.org
e98fb1028b
Revert r11753.
...
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10546092
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-11 11:21:21 +00:00
erikcorry
afc9b8e9a9
Fix optimization of Unicode regexp with ASCII subject to respect repeat counts.
...
bug=131923
Review URL: http://codereview.chromium.org/10544093
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11754 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-11 11:18:04 +00:00
yangguo@chromium.org
1b25fb8fa9
Preserve error message during finally block in try..finally.
...
R=ulan@chromium.org
BUG=129171
TEST=test-api/TryFinallyMessage
Review URL: https://chromiumcodereview.appspot.com/10537078
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11753 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-11 10:51:09 +00:00
danno@chromium.org
a1d9aca22f
Fix EnsureCanContainElements to properly handle double values.
...
R=jkummerow@chromium.org
BUG=v8:2170
TEST=test/mjsunit/regress/regress-2170.js
Review URL: https://chromiumcodereview.appspot.com/10542084
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-11 08:41:48 +00:00
jkummerow@chromium.org
a1c4fe13ee
Remove --crankshaft flag from the test infrastructure.
...
It has outlived its usefulness as Crankshaft is on by default anyway.
Review URL: https://chromiumcodereview.appspot.com/10539062
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11749 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-08 14:47:12 +00:00
danno@chromium.org
4e525b85fc
Optimistically assume that elements IC only transition once.
...
Thanks to Zheng Liu for identifying this issue.
R=jkummerow@chromium.org
BUG=v8:2141
TEST=test/mjsunit/elements-kind.js
Review URL: https://chromiumcodereview.appspot.com/10532063
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11739 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-08 13:06:24 +00:00
mstarzinger@chromium.org
81e8aa0016
Implement implicit instance checks for API accessors.
...
This allows to specify a constructor against which an implicit instance
check is performed for API accessors. If the receiver is incompatible,
an implicit TypeError is thrown and no callback is invoked.
R=svenpanne@chromium.org
BUG=v8:2075
TEST=cctest/test-api/InstanceCheckOn[*]
Review URL: https://chromiumcodereview.appspot.com/10442129
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11734 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-08 07:45:11 +00:00
erik.corry@gmail.com
15ecbe0f93
More tests for r11732 syntax based fast-mode heuristics.
...
Review URL: https://chromiumcodereview.appspot.com/10539046
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11733 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-07 20:12:50 +00:00
erik.corry@gmail.com
657422c29a
Use the syntax of a property addition as a hint for controlling the fast-mode vs. dictionary mode heursitics on objects.
...
Review URL: https://chromiumcodereview.appspot.com/10537050
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11732 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-07 12:08:07 +00:00
alexeif@chromium.org
31a0d0257c
Serialize edge counts instead of indexes in heap snapshot.
...
The serialized node structure currently holds an index
of its first containment edge in the edges array.
The index can be quite big (up to 7 digits for large snapshots).
The patch changes the serialization format to pass
node containment edge count instead. For most nodes the count
is just a single digit number.
This reduces serialized snapshot size and therefore its transfer time.
Review URL: https://chromiumcodereview.appspot.com/10534008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11728 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-06 10:57:20 +00:00
erik.corry@gmail.com
911d447b96
Keep track of which maps are associated with prototype objects so we can tune the fast-case vs. hash map heuristics accordingly.
...
This is a reland of r11681 https://chromiumcodereview.appspot.com/10448011 , which was reverted because of layout test failures that were actually caused by the long-standing issue fixed in https://chromiumcodereview.appspot.com/10515006 (r11706).
Review URL: https://chromiumcodereview.appspot.com/10532021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11727 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-06 10:17:26 +00:00
yangguo@chromium.org
76f4f9efa8
Correctly check length when allocating string.
...
R=jkummerow@chromium.org
BUG=
TEST=regress-regexp-overflow.js
Review URL: https://chromiumcodereview.appspot.com/10538012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11720 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-05 17:41:59 +00:00
rossberg@chromium.org
4ea1fc0d27
Remove one more case behind --es5_readonly flag.
...
Plus add a couple of assertions.
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10535011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-05 16:56:53 +00:00
rossberg@chromium.org
c54adffc2d
Temporarily hack test frameworks to use the temporary flag. :(
...
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10541004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-05 13:38:32 +00:00
rossberg@chromium.org
c13dd2ece6
Put inherited readonliness behind a flag,
...
since it currently breaks WebKit bindings massively.
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10535007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11714 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-05 12:39:07 +00:00
verwaest@chromium.org
a85f4e4226
ClearNonLiveTransitions has to hold on to non-map values.
...
This ensures that we don't accidentally throw away getters and/or setters that are still needed. To make sure the bug gets triggered, we have to construct a situation where the map is on the live side of a live->non-live transition. This ensures that the map is passed to ClearNonLiveTransitions.
BUG=v8:2163
TEST=test/mjsunit/regress/regress-2163.js
Review URL: https://chromiumcodereview.appspot.com/10535004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11713 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-05 11:36:57 +00:00
sanjoy@chromium.org
98db16d94f
Progress towards making Zones independent of Isolates and Threads.
...
This CL changes some parts of the code to explicitly pass around a
Zone. Not passing in a zone is okay too (in fact most of v8 still
doesn't), but that may incur a TLS lookup.
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10443114
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-04 14:42:58 +00:00
erik.corry@gmail.com
0a856e0bd7
Fix bug in __proto__ assignment transition cache where we forget the next enumeration index resulting in wrong iteration order.
...
Review URL: https://chromiumcodereview.appspot.com/10515006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11706 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-04 12:07:46 +00:00
yangguo@chromium.org
85e3fba8a3
Remove unnecessary code for non-zero-length global regexps.
...
Also fixing a bug in the arm implementation.
BUG=
TEST=regexp-global.js
Review URL: https://chromiumcodereview.appspot.com/10383280
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-04 08:49:17 +00:00
loislo@chromium.org
463a6ffdd4
Expose last seen heap object id via v8 public api.
...
BUG=none
TEST=none
Review URL: https://chromiumcodereview.appspot.com/10444137
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11702 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-01 16:10:52 +00:00
rossberg@chromium.org
f6017d36f2
Clean up d8 ArrayBuffer implementation and fix bug in readbuffer:
...
- Separate CreateExternalArrayBuffer function.
- Properly create buffers for arrays constructed with size argument only.
- Finalization of data array is tied to buffer object exclusively.
- Get rid of hidden buffer reference in array objects and size header in data.
- Use 'new' instead of 'malloc' in readbuffer.
- Test cases for additional array and buffer properties.
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10459047
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11698 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-01 11:46:05 +00:00
rossberg@chromium.org
5c51a36838
Adapt test expectations (fewer tests failing).
...
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10451108
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11697 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-01 11:31:54 +00:00
erik.corry@gmail.com
ae4fcd9702
Limit work done analyzing regexps with very large fanout.
...
BUG=128821
Review URL: https://chromiumcodereview.appspot.com/10448117
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-01 11:28:52 +00:00
rossberg@chromium.org
e4c472a7af
Implement correct checking for inherited readonliness on assignment.
...
Removes 6 out of 8 of our remaining unintentional failures on test262.
Also fixes treatment of inherited setters added after the fact.
Specifically:
- In the runtime, when looking for setter callbacks in the prototype chain,
also look for read-only properties. If one is found, reject (exception in
strict mode). If a proxy is found, invoke proper trap.
Note: this folds in the CanPut function from the spec and avoids an extra
lookup over the prototype chain.
- In generated code for stores, insert a test for the maps from the prototype
chain, but only up to the object where the property already exists (which
may be the object itself).
In Hydrogen, if the found property is read-only or not cacheable (e.g. a
proxy), bail out; in a stub, generate an unconditional miss (to get an
exception in strict mode).
- Add test cases and adapt existing test expectations.
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10388047
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11694 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-06-01 10:51:36 +00:00
erik.corry@gmail.com
047a7cfee0
Avoid overdeep recursion in regexp where a guarded expression with a
...
minimum repetition count is inside another quantifier.
Bug=129926
Review URL: https://chromiumcodereview.appspot.com/10451092
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-31 11:59:04 +00:00
erik.corry@gmail.com
b7b43e9af9
Revert r11681 https://chromiumcodereview.appspot.com/10448011
...
(Keep track of which maps are associated with prototype objects so we can tune the fast-case vs. hash map heuristics accordingly.).
Reverting because the dict-mode to fast case transformation loses the iteration order information.
Review URL: https://chromiumcodereview.appspot.com/10448097
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-31 09:27:39 +00:00
erik.corry@gmail.com
8cf2af4392
Keep track of which maps are associated with prototype objects
...
so we can tune the fast-case vs. hash map heuristics accordingly.
Review URL: https://chromiumcodereview.appspot.com/10448011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-30 14:40:57 +00:00
mstarzinger@chromium.org
ebe9a0e0b2
Fix missing write barrier in store field stub.
...
R=vegorov@chromium.org
BUG=v8:2143,v8:1465,chromium:129355
TEST=cctest/test-heap/Regress2143
Review URL: https://chromiumcodereview.appspot.com/10443052
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11678 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-29 16:39:26 +00:00
rossberg@chromium.org
50fdcca1da
Proxies: Fix receiver for setters inherited from proxies.
...
R=mstarzinger@chromium.org
BUG=v8:1543
TEST=
Review URL: https://chromiumcodereview.appspot.com/10451064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11677 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-29 14:00:56 +00:00
rossberg@chromium.org
7a7ea0b547
Proxies: Fix ToStringArray function so that it does not reject some keys.
...
R=mstarzinger@chromium.org
BUG=v8:1543
TEST=
Review URL: https://chromiumcodereview.appspot.com/10453053
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11676 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-29 13:57:55 +00:00
svenpanne@chromium.org
39f88f1b26
Fixed JSObject::SetPropertyForResult (issue 2153)
...
AccessorPairs containing only holes are maps were handled incorrectly.
BUG=v8:2153
TEST=mjsunit/regress/regress-2153.js
Review URL: https://chromiumcodereview.appspot.com/10453054
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11672 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-29 12:42:22 +00:00
yangguo@chromium.org
e885a82c29
Fix test.
...
R=mstarzinger@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10442030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11662 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-05-25 11:03:28 +00:00