AuroraMiddleware/v8

Author	SHA1	Message	Date
svenpanne@chromium.org	2931f09144	Fix unsigned comparisons. Instead of marking the comparison instruction itself as Uint32, we look at its arguments. This is more consistent what HChange does. BUG=v8:3380 TEST=mjsunit/regress/regress-3380 LOG=y R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/325133004 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-11 09:09:15 +00:00
bmeurer@chromium.org	0fcd89161b	Fix invalid attributes when generalizing because of incompatible map change. BUG=382143 LOG=y TEST=mjsunit/regress/regress-382143 R=verwaest@chromium.org Review URL: https://codereview.chromium.org/324933003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21743 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-10 12:24:54 +00:00
ishell@chromium.org	6dc967e2e0	Bugfix in inlined versions of Array.indexOf() and Array.lastIndexOf() with a regression test. BUG=chromium:381534 LOG=N R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/319343002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21733 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-10 09:01:45 +00:00
bmeurer@chromium.org	7eea77bc5c	Fix missing smi check in inlined indexOf/lastIndexOf. BUG=382513 LOG=y R=danno@chromium.org Review URL: https://codereview.chromium.org/313233005 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21727 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-10 04:26:15 +00:00
mvstanton@chromium.org	2714fd2399	Revert "Re-land Clusterfuzz identified overflow check needed in dehoisting." This reverts commit r21712 TBR=danno@chromium.org Review URL: https://codereview.chromium.org/315843005 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21715 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-06 13:16:24 +00:00
mvstanton@chromium.org	c0cb82274c	Re-land Clusterfuzz identified overflow check needed in dehoisting. Overflow check needs to be smarter. BUG=380092 R=danno@google.com, danno@chromium.org LOG=N Review URL: https://codereview.chromium.org/317963004 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-06 13:00:07 +00:00
mvstanton@chromium.org	35933119fe	Revert "Clusterfuzz identified overflow check needed in dehoisting." This reverts commit r21708, due to ASAN-reported issue. TBR=danno@chromium.org Review URL: https://codereview.chromium.org/318073002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-06 09:47:14 +00:00
mvstanton@chromium.org	7d2d0839ad	Clusterfuzz identified overflow check needed in dehoisting. BUG=380092 R=danno@chromium.org LOG=N Review URL: https://codereview.chromium.org/315593002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-06 09:12:16 +00:00
bmeurer@chromium.org	9244429707	Fix invalid loop condition for Array.lastIndexOf(). BUG=380512 LOG=y R=jarin@chromium.org Review URL: https://codereview.chromium.org/313073003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-04 08:21:39 +00:00
mvstanton@chromium.org	d19aaa2b1c	Revert "Reland "Make 'name' property on functions configurable."" This reverts commit r21609 due to browser test failures. TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/313583002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21632 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-03 11:52:07 +00:00
mvstanton@chromium.org	848a9af6b4	%ObjectFreeze needs to exclude non-fast-path objects. ClusterFuzz will call it with sloppy arguments and similar cases. BUG=380049 LOG=N R=yangguo@chromium.org Review URL: https://codereview.chromium.org/315533002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21624 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-03 07:59:36 +00:00
mvstanton@chromium.org	adeaedf547	When flag --nouse-osr is set, don't allow osr from hidden runtime calls. BUG=379770 R=yangguo@chromium.org LOG=N Review URL: https://codereview.chromium.org/310773003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21622 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-03 07:45:40 +00:00
adamk@chromium.org	509a1a405c	ES6: Add support for values/keys/entries for Map and Set This allows code like this: var map = new Map(); map.set(1, 'One'); ... var iter = map.values(); var res; while (!(res = iter.next()).done) { print(res.value); } BUG=v8:1793 LOG=Y R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/259883002 Patch from Erik Arvidsson <arv@chromium.org>. git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21615 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-03 00:34:01 +00:00
mstarzinger@chromium.org	d6500b6cf7	Reland "Make 'name' property on functions configurable." R=rossberg@chromium.org BUG=v8:3333 LOG=N Review URL: https://codereview.chromium.org/303463006 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21609 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-06-02 13:35:26 +00:00
bmeurer@chromium.org	5cd009a004	HRor and HSar can deoptimize. BUG=v8:3359 LOG=y R=ishell@chromium.org Review URL: https://codereview.chromium.org/309483002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21583 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-30 16:12:25 +00:00
mvstanton@chromium.org	8c54a373dd	Changing the attributes of a data property implemented with ExecutableAccessorInfo turns the property into a field. Better to keep it as a callback, and correctly deal with the changed property attributes. R=ulan@chromium.org Review URL: https://codereview.chromium.org/262053011 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21558 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-28 09:58:27 +00:00
mstarzinger@chromium.org	6b33e50701	Revert "Make 'name' property on functions configurable." R=danno@google.com, danno@chromium.org Review URL: https://codereview.chromium.org/297163009 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21534 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-27 15:00:26 +00:00
yangguo@chromium.org	94b4aef7d6	Fix arm64 gc stress issue. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/306483002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21506 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-27 06:35:45 +00:00
mvstanton@chromium.org	d755611e93	Reland "Customized support for feedback on calls to Array." and follow-up fixes. Comparing one CallIC::State to another was not done correctly, leading to a failure to patch a CallIC when transitioning from monomorphic Array to megamorphic. BUG=chromium:377198,chromium:377290 LOG=Y R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/305493003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21499 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-26 13:59:24 +00:00
mstarzinger@chromium.org	82b3b2a367	Make 'name' property on functions configurable. R=rossberg@chromium.org BUG=v8:3333 LOG=N Review URL: https://codereview.chromium.org/296413003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21492 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-26 11:42:56 +00:00
yangguo@chromium.org	32f433c12e	Fix leak in debug mirror cache. When fetching loaded scripts, mirror objects are created and cached. If the cache is not cleared, it holds script objects alive. This also fixes a minor issue with script unloading. R=ulan@chromium.org BUG=376534 LOG=N Review URL: https://codereview.chromium.org/296953005 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-26 07:05:56 +00:00
mstarzinger@chromium.org	cf448aa15f	Fix representation inference for mutable double boxes. R=jarin@chromium.org BUG=v8:3307 TEST=mjsunit/regress/regress-3307 LOG=N Review URL: https://codereview.chromium.org/298723014 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21467 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-23 14:02:08 +00:00
jarin@chromium.org	3d0bf69cd8	Attempt no. 3 to fix Heap::IsHeapIterable and HeapIterator. Now we remember new space's top pointer after the last GC to find out if there was a new space allocation since the last GC. Unfortunately, this not completely safe - the debugger has a callback hook (that can call to JS) at the end of the GC epilogue that can in theory allocate and possibly make the heap non-iterable. We can only hope this does not happen. BUG=373283 R=hpayer@chromium.org LOG=N Review URL: https://codereview.chromium.org/291193005 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-22 11:13:37 +00:00
jarin@chromium.org	02f1a1b987	Revert "Fix Heap::IsHeapIterable." (again) This reverts commit r21397. TBR=hpayer@chromium.org Review URL: https://codereview.chromium.org/299813002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21404 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-21 09:49:18 +00:00
jkummerow@chromium.org	58661c150f	Fix ArrayShift hydrogen support BUG=chromium:374838 LOG=y R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/299713003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21401 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-21 08:51:29 +00:00
jarin@chromium.org	58a130da6e	Reland "Fix Heap::IsHeapIterable." This relands r21388 (+ handlification of an offending function). BUG=373283 LOG=N R=hpayer@chromium.org Review URL: https://codereview.chromium.org/294903003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-21 06:44:38 +00:00
jarin@chromium.org	014bf8b407	Revert "Fix Heap::IsHeapIterable." This reverts commit r21387. TBR=hpayer@chromium.org Review URL: https://codereview.chromium.org/291193002 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21388 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-20 14:03:38 +00:00
jarin@chromium.org	dd4c82bbb3	Fix Heap::IsHeapIterable. We only consider heap iterable if the new space is empty (in addition to the exisiting old space check). The change also moves the iterability forcing + allocation prevention gadgets to HeapIterator so that it is impossible to miss them when iterating the heap. R=hpayer@chromium.org BUG=373283 LOG=N Review URL: https://codereview.chromium.org/285693006 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21387 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-20 13:19:21 +00:00
jarin@chromium.org	c3cd2f0301	Fix %SetFlags("--stress-compaction") BUG=369943 LOG=N R=hpayer@chromium.org Review URL: https://codereview.chromium.org/261253006 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21260 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-12 10:39:08 +00:00
jarin@chromium.org	cbf8c3f460	Make escape analysis preserve all representations required by HCompareNumericAndBranch. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/257803012 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21255 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-12 08:43:18 +00:00
adamk@chromium.org	fb70df076b	Object.observe: avoid accessing acceptList properties more than once BUG=v8:3315 LOG=Y R=rossberg@chromium.org Review URL: https://codereview.chromium.org/270763003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21244 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-09 18:22:28 +00:00
jarin@chromium.org	3976ebef93	Make new space iterable for --log-gc and --heap-stats options R=hpayer@chromium.org BUG=370827 TEST=test/mjsunit/regress/regress-370827.js LOG=N Review URL: https://codereview.chromium.org/272503005 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21209 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-09 09:23:10 +00:00
hpayer@chromium.org	de21c8a245	Simplify ConfigureHeap and change --max_new_space_size to --max_semi_space_size. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/271843005 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21204 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-09 08:38:27 +00:00
ulan@chromium.org	8999a006be	Fix index register assignment in LoadFieldByIndex for arm, arm64, and mips. This instruciton clobbers the index register. BUG=368243 LOG=N TEST=mjsunit/regress/regress-368243 R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/269273003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21196 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-08 08:51:51 +00:00
rossberg@chromium.org	ae0a36ee32	Re^3-land "Ship promises and weak collections" R=jochen@chromium.org BUG= Review URL: https://codereview.chromium.org/266243003 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21173 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-06 14:48:34 +00:00
ishell@chromium.org	9be0c4d378	Fixed jump in non-SSE4.1 implementation of LMathFloor instruction on x64. BUG=chromium:370384 LOG=N R=ulan@chromium.org Review URL: https://codereview.chromium.org/261853009 git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21171 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-06 14:20:46 +00:00
hpayer@chromium.org	dde49c9dc3	Set max new space size in tests to proper MB value. Revert "Limit old space size in test which require a large new space." This reverts commit r21103. Revert "Remove max space limits in tests." This reverts commit r21104. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/263103006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21149 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-05 16:48:33 +00:00
ishell@chromium.org	b4c1eda032	Checks for empty array case added before casting elements to FixedDoubleArray. BUG=chromium:369450 LOG=N R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/264973008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21118 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-02 11:30:24 +00:00
svenpanne@chromium.org	7bfc426fc9	Object.defineProperty shouldn't be a hint that we're constructing a dictionary. BUG=362870 LOG=y R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/261583004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21109 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-05-02 06:02:00 +00:00
hpayer@chromium.org	56d0b9757e	Remove max space limits in tests. BUG= Review URL: https://codereview.chromium.org/263703003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-30 19:32:47 +00:00
hpayer@chromium.org	3dd05f8fc7	Limit old space size in test which require a large new space. BUG= Review URL: https://codereview.chromium.org/265673003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21103 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-30 18:57:25 +00:00
mvstanton@chromium.org	5e2ee2bac2	A new test needs to exit early on non-internationalization builds. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/265513003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21078 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-30 09:04:17 +00:00
mstarzinger@chromium.org	129c58c47d	Fix some more missing ToObject on Array.prototype. R=mvstanton@chromium.org BUG= Review URL: https://codereview.chromium.org/254103002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21077 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-30 08:52:00 +00:00
mvstanton@chromium.org	0c3e70a3b6	Bugfix: internationalization routines fail on monkeypatching. Calls to Object.defineProperty() and Object.apply() are not safe. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/253903003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21071 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-30 07:36:12 +00:00
yangguo@chromium.org	1a9649ae13	Error stack getter should not overwrite itself with a data property. R=ulan@chromium.org BUG=v8:3294 LOG=Y Review URL: https://codereview.chromium.org/258933007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21016 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-28 12:14:36 +00:00
jarin@chromium.org	ff884e06ae	Fix materialization of accessor frames with captured receivers I have fixed skipping of the receiver object to materialize captured objects. This is done with a new DoTranslateSkip method. We should consider unifying DoTranslateSkip, DoTranslateObject and DoTranslateCommand as they do the almost the same thing - they only differ in where they store the result. The change also turns bunch of ASSERTs into CHECKs. R=mstarzinger@chromium.org BUG=359441 TEST=test/mjsunit/regress/regress-359441.js LOG=N Review URL: https://codereview.chromium.org/225283006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20978 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-25 12:58:15 +00:00
jarin@chromium.org	d557425a0c	Preserve Smi representation of non-escaping fields. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/251493004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20971 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-25 11:29:02 +00:00
verwaest@chromium.org	d2179f2062	Don't adopt the AST id from previous if id is none, since previous may have mismatching expected stack height. Additionally, harden merging of simulates after instructions with side effects and ensure there's a simulate before HEnterInlined. R=jarin@chromium.org Review URL: https://codereview.chromium.org/252583004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20967 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-25 09:52:11 +00:00
hpayer@chromium.org	20107bf2d8	Remove lazy sweeping. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/254603002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20966 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-25 09:50:42 +00:00
verwaest@chromium.org	a55821eef2	Mark the simulate before EnterInlined with BailoutId::None(), and set ReturnId on EnterInlined. When merging simulates into the simulate before enter-inlined, adopt the last AST id that gets merged into it. BUG=v8:3282 LOG=n R=titzer@chromium.org Review URL: https://codereview.chromium.org/257583004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20949 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-24 15:20:53 +00:00

1 2 3 4 5 ...

1053 Commits