AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
yangguo@chromium.org	d9659da6f4	Fix bug in regexp result object construction. R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/23548018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-05 14:32:49 +00:00
verwaest@chromium.org	b41a7b9cea	Properly close the CountOperation value/effect context after leaving the store effect context. R=jkummerow@chromium.org Review URL: https://chromiumcodereview.appspot.com/23897003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16554 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-05 12:33:14 +00:00
verwaest@chromium.org	6f358946ac	Disable map-check relying on cache behavior sensitive to GC-timing R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23892005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16544 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-05 08:36:10 +00:00
yangguo@chromium.org	070e3b0af4	Introduce concurrent on-stack replacement. Currently disabled behind --concurrent-osr. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/23710014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16527 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 12:55:59 +00:00
mstarzinger@chromium.org	fa8a182208	Fix OSR to ignore phis without merge index in loop entry. This fixes a corner case introduced by escape analysis where phis are introduced in OSR loop entry blocks that don't have a merge index and hence cannot contain OSR values. R=titzer@chromium.org TEST=mjsunit/compiler/escape-analysis Review URL: https://codereview.chromium.org/23503025 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16484 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 16:51:44 +00:00
verwaest@chromium.org	3f70c3b07b	Allow uncacheable identifiers to go generic. BUG=v8:2867 R=jkummerow@chromium.org Review URL: https://chromiumcodereview.appspot.com/23453019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16481 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 16:32:11 +00:00
prybin@chromium.org	1e44c36cdc	In reporting step-in positions be more accurate with a position the debugger paused at R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23264015 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16472 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 12:24:41 +00:00
olivf@chromium.org	78df13d0d5	Move ToI conversions to the MacroAssembler + Replace DeferredTaggedToINoSSE2 by DoubleToIStub and a fpu version. + Prevent truncating TaggedToI from bailing out. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/22290005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16464 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 09:30:54 +00:00
jkummerow@chromium.org	9efb5cd23b	Make VisitStatements() consistent among all AstVisitor implementations R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23441018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16443 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-30 10:51:37 +00:00
jkummerow@chromium.org	2c9ac9c7e1	Always visit branches during HGraph building even if constant values indicate that they are unreachable. BUG=chromium:280333 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23623009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-29 14:55:45 +00:00
hpayer@chromium.org	95c7ae8149	Simplified BuildFastLiteral by eliminating manual allocation folding. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23030002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16422 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-29 12:06:45 +00:00
jkummerow@chromium.org	3747b5bc6d	Delete HAbnormalExit. It does more harm than good. BUG=v8:2843 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23462007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16406 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 15:00:30 +00:00
mstarzinger@chromium.org	57ac971a78	Implement proper map checks of captured objects. R=verwaest@chromium.org TEST=mjsunit/compiler/escape-analysis Review URL: https://codereview.chromium.org/23697002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16403 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 14:16:57 +00:00
verwaest@chromium.org	652b174cfc	Merge verbatim descriptors from other (the descriptor of the map being updated) rather than this (descriptors of the most updated map found in the transition tree). BUG=v8:2863 R=svenpanne@chromium.org Review URL: https://chromiumcodereview.appspot.com/23676003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 12:37:14 +00:00
hpayer@chromium.org	4d7375ca98	Clear next map word when folding allocations into js arrays. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/22915007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16381 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 08:39:43 +00:00
plind44@gmail.com	b45fa06231	MIPS: Fix return-value from Array.push stub when pushing non-SMI value Load and update the arrays length in v0 to make sure the length gets returned correctly when leaving the function. Add new testcase. TEST=mjsunit/array-push-non-smi-value BUG=130022 R=jkummerow@chromium.org, plind44@gmail.com Review URL: https://codereview.chromium.org/23589002 Patch from fs <fs@opera.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16377 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 05:23:51 +00:00
verwaest@chromium.org	788811244e	Eliminate intentional conversion from Smi to Int32 in HMul If not all uses of arithmetic binary operation can be truncated to Smi, check if they can be truncated to Int32 which could avoid minus zero check Fixed DoMulI on X64 to adopt correct operand size when the representation is Smi Fixed DoMulI on ARM. Constant right operand optimization is based on Integer 32 instead of its representation. BUG= R=verwaest@chromium.org Review URL: https://chromiumcodereview.appspot.com/22600005 Patch from Weiliang Lin <weiliang.lin2@gmail.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16361 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-27 13:55:00 +00:00
jkummerow@chromium.org	da037f9872	H-BuildIncrement should make use of available type feedback R=verwaest@chromium.org Review URL: https://codereview.chromium.org/22611009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16353 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-27 11:44:45 +00:00
jkummerow@chromium.org	caba24c813	Revert "Snapshot i18n Javascript code" and "Fix mjsunit/debug-script after r16298". This reverts r16298 and r16303 due to ChromeOS browser_tests failures ("Uncaught ReferenceError: Boolean is not defined" in --gtest_filter="FileDisplay/FileManagerBrowserTest.Test/0" and others) R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23414008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 17:00:58 +00:00
mstarzinger@chromium.org	e146b6e148	Fix replaying of captured objects during chunk building. R=titzer@chromium.org Review URL: https://codereview.chromium.org/22819011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16334 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 16:43:19 +00:00
jkummerow@chromium.org	11fd577261	Lower kInitialMaxFastElementArray constant to 95K to work around erroneous "illegal access" error on x64. BUG=v8:2790 R=hpayer@chromium.org Review URL: https://codereview.chromium.org/22877039 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16324 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 13:04:05 +00:00
mvstanton@chromium.org	c9591f005e	Store mode for keyed stores should be passed in from type feedback regardless of the map used in polymorphic stores. BUG= R=jkummerow@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/21058003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 12:28:08 +00:00
dcarney@chromium.org	ad9cc8e716	js accessor creation on Template R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/22903012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 11:59:14 +00:00
jochen@chromium.org	885c88e4d5	Fix mjsunit/debug-script after r16298 TBR=machenbach@chromium.org Review URL: https://codereview.chromium.org/23102015 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16303 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-23 13:45:24 +00:00
jochen@chromium.org	064c91be57	Snapshot i18n Javascript code BUG=v8:2745 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23304005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16298 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-23 13:24:48 +00:00
jochen@chromium.org	de7352db92	Temporarily disable optimization for StringWrappers to use native valueOf V8 stores this information directly in the map of the wrapper, however, it is not invalidated when the prototype of the wrapper is changed, so once the bit is set, it is no longer possible to override valueOf. This bug is currently hidden in Chrome since the i18n extension always modifies the String.prototype, and so the optimization never kicks in. Disabling the optimization temporarily allows for snapshotting i18n now. BUG=v8:2855 R=yangguo@chromium.org TEST=mjsunit/regress/regress-2855.js Review URL: https://codereview.chromium.org/23060030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16292 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-23 11:31:18 +00:00
rossberg@chromium.org	971df386b3	Fix scoping of function declarations in eval inside non-trivial local scope R=mstarzinger@chromium.org BUG=v8:2594 Review URL: https://codereview.chromium.org/22901010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16286 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-23 09:25:37 +00:00
yangguo@chromium.org	be48c5ae26	Rename "parallel recompilation" to "concurrent recompilation". Also introduced macros for flag aliases for temporary backwards compatibility. R=hpayer@chromium.org BUG= Review URL: https://codereview.chromium.org/23014007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16280 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 16:14:37 +00:00
mstarzinger@chromium.org	0ecd03ab4c	Fix hidden properties on object with frozen prototype. This fixes a corner-case where a frozen prototype with existing hidden properties might prevent setting hidden properties on another object. R=rossberg@chromium.org BUG=v8:2829 Review URL: https://codereview.chromium.org/22799021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16276 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 13:51:32 +00:00
titzer@chromium.org	6f3169e571	Fix deoptimization bug, where recursive call can frighten and confuse the unwitting, simple, poor caveman that is Runtime_NotifyDeoptimized. BUG=274164 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23201016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16273 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 13:03:40 +00:00
verwaest@chromium.org	eb6cbe1486	Never clear debug-stub call ICs. Make a clear distinction between is_debug_stub used everywhere but the debugger, and IsDebugBreak, used by the debugger. R=yangguo@chromium.org Review URL: https://chromiumcodereview.appspot.com/23361014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16269 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 12:16:00 +00:00
jkummerow@chromium.org	e814a9b96b	Fix "Hole" leak in TryBuildConsolidatedElementLoad R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23361007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16262 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-21 15:31:03 +00:00
jkummerow@chromium.org	dea98eee53	Fix a bug in Div when all uses are truncating Refine the related test cases to cover truncating cases BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/22964004 Patch from Weiliang Lin <weiliang.lin2@gmail.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16249 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-20 13:57:01 +00:00
olivf@chromium.org	383a167279	Add X87 implementations for Integer32ToDouble, DoubleToI, DoubleToSmi Additionally refactor the X87Stack tracking BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/20781007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16246 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-20 13:01:54 +00:00
verwaest@chromium.org	d81af53131	Store copied value rather than the original double. R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/23262002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16208 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-16 15:43:42 +00:00
mstarzinger@chromium.org	3e4fbd0e85	Mark HStringCompareAndBranch as potentially causing GCs. This also adds a %SetAllocationTimout runtime function which helps to write regression tests that need to trigger a GC at a certain point in program execution. R=hpayer@chromium.org BUG=chromium:274438 TEST=mjsunit/regress/regress-crbug-274438 Review URL: https://codereview.chromium.org/22933006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16205 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-16 15:10:07 +00:00
danno@chromium.org	7aa3fedaab	Fix Crankshafted CompareNil of constant values R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/23198002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16193 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-14 16:13:58 +00:00
jkummerow@chromium.org	e71a91ca08	Fix Math.round/floor that had bogus Smi representation BUG=chromium:272564 R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23022005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16185 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-14 12:14:08 +00:00
verwaest@chromium.org	169f5a9d7b	Never hchange nan-hole to hole or hole to nan-hole. Only allow changing hole to nan if all uses allow undefined as nan. R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/22152003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16183 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-14 08:54:27 +00:00
jkummerow@chromium.org	6f800f90ee	Fix overflow check computation for Smi Phis BUG=v8:2836 R=verwaest@chromium.org Review URL: https://codereview.chromium.org/22629011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16180 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-13 18:18:24 +00:00
jkummerow@chromium.org	b3b99969b0	Fix overwriting order of object literal properties for MATERIALIZED_LITERALs R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/22982005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16179 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-13 17:27:58 +00:00
yangguo@chromium.org	415b61e12e	Fix bug in HPhi::SimplifyConstantInput R=jkummerow@chromium.org BUG=269679 Review URL: https://codereview.chromium.org/23075003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16174 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-13 16:47:27 +00:00
verwaest@chromium.org	145f240060	Store doubles before calling into the elements transition stub on ARM BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/22854011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16172 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-13 15:06:17 +00:00
yangguo@chromium.org	c52b7bba05	Fix regressions triggered by map invalidation during graph creation. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/22807003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16150 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-12 14:10:25 +00:00
yangguo@chromium.org	c0d1ba2ede	Do not materialize uninitialized const for debug evaluate. R=prybin@chromium.org BUG= Review URL: https://codereview.chromium.org/22822002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16148 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-12 13:35:46 +00:00
machenbach@chromium.org	cfb7ef44ca	Ignore an unsuitable test under deopt fuzz. That test relies on certain optimization/deoptimization points and is therefore not useful for the deopt fuzzer. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/22475011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16145 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-12 08:59:42 +00:00
verwaest@chromium.org	ee53b0a5ed	Make all load-named-fields depend on their map-check, unless explicitly ignored. BUG= R=titzer@chromium.org Review URL: https://chromiumcodereview.appspot.com/22555004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16139 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-09 18:40:10 +00:00
verwaest@chromium.org	3715358145	Replace LoadNamedFieldPolymorphic with explicit branches. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/22213002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16133 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-09 14:04:47 +00:00
verwaest@chromium.org	19659646ca	Fix smi-based math floor. BUG=chromium:270268 R=svenpanne@chromium.org Review URL: https://chromiumcodereview.appspot.com/22623007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16128 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-09 11:21:03 +00:00
verwaest@chromium.org	e5afd32129	Fix Object.freeze, Object.observe wrt CountOperation and CompoundAssignment. BUG=2774,2779 R=adamk@chromium.org Review URL: https://chromiumcodereview.appspot.com/22562004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16111 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-07 18:45:41 +00:00
jkummerow@chromium.org	371ac893f9	Check for empty handle in JSON stringifier R=yangguo@chromium.org Review URL: https://codereview.chromium.org/22420004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16106 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-07 16:34:13 +00:00
prybin@chromium.org	29bb553b1d	Fix step in positions (include various calls and exclude current pc point), add a test R=yangguo@chromium.org Review URL: https://codereview.chromium.org/22198002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16100 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-07 12:27:22 +00:00
mstarzinger@chromium.org	63defee477	First implementation of allocation elimination in Hydrogen. This change implements a simple data-flow analysis pass over captured objects to the existing escape analysis. It tracks the state of values in the Hydrogen graph through CapturedObject marker instructions that are used to construct an appropriate translation for the deoptimizer to be able to materialize these objects again. This can be considered a combination of scalar replacement of loads and stores on captured objects and sinking of unused allocations. R=titzer@chromium.org TEST=mjsunit/compiler/escape-analysis Review URL: https://codereview.chromium.org/21055011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16098 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-07 11:24:14 +00:00
yangguo@chromium.org	ef8d394f12	Re-reland "Flush parallel recompilation queues on context dispose notification" BUG= R=hpayer@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/22379002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16095 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-07 09:33:09 +00:00
ulan@chromium.org	3511f7a428	Fix Array index dehoisting. BUG=264203 TEST=test/mjsunit/regress/regress-264203 R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/22314012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16082 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-06 16:38:39 +00:00
rossberg@chromium.org	5e121882c6	Remove test that causes illegal access now TBR=mstarzinger@chromium.org BUG=265369 Review URL: https://codereview.chromium.org/22428002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16077 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-06 14:34:25 +00:00
rossberg@chromium.org	f56ad9cab7	Turn assert into runtime assertion to make fuzzer happy R=mstarzinger@chromium.org BUG=265369 Review URL: https://codereview.chromium.org/22284009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16076 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-06 14:19:13 +00:00
rossberg@chromium.org	92bd4d1f2d	I found this working on https://codereview.chromium.org/19541010/ The main problem is that if you called Object.getNotifier(obj) on an object, %SetObserved(object) would never get called on it, and thus it would be unobservable (new test added for this). Additionally, Runtime::SetObserved was asserting obj->IsJSObject() which would fail if called on a proxy. It just happens that our existing test always called getNotifier() before Object.observe on proxies, and thus we never previously attempted to transition the map of a proxy. Both issues are now fixed and properly tested. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/21891008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16074 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-06 13:49:10 +00:00
dslomov@chromium.org	45f4b685bf	Update Array Iterator to use numeric indexes At the last face-to-face meeting it was decided that we should use numeric indexes for the Array Iterator values. https://github.com/rwldrn/tc39-notes/blob/master/es6/2013-07/july-24.md#514-keys-entries-return-numbers-for-array-index-properties BUG=v8:2818 R=dslomov@chromium.org Review URL: https://codereview.chromium.org/21180008 Patch from Erik Arvidsson <arv@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16072 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-06 13:10:07 +00:00
jkummerow@chromium.org	232a2c0d88	Regression test for issue 2813 / r16008 BUG=v8:2813 R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/21806002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16030 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-02 12:17:19 +00:00
svenpanne@chromium.org	bf71023ba5	Replaced unary negation by multiplication with -1. This fixes a deopt loop in the Epic Citadel demo and removes some code. Apart from that, this change is performance-neutral. When we do something similar for BIT_NOT, the whole UnaryOp stuff can go away. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/21782002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16029 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-02 11:56:35 +00:00
mstarzinger@chromium.org	c87abd1117	Add new Harmony methods to Array.prototype object. Array.prototype.find Array.prototype.findIndex http://people.mozilla.org/~jorendorff/es6-draft.html BUG=v8:2776,v8:2777 TEST=mjsunit/harmony/array-find,mjsunit/harmony/array-findindex R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/21079003 Patch from Ioseb Dzmanashvili <ioseb.dzmanashvili@gmail.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-02 10:57:48 +00:00
jkummerow@chromium.org	a47705644e	Avoid redundant smi check for Math.abs R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/21180004 Patch from Weiliang Lin <weiliang.lin2@gmail.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16021 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-02 08:59:02 +00:00
hpayer@chromium.org	286fc963b2	Disable test in object observe because of bug 2774. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/21495004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-02 06:40:50 +00:00
dslomov@chromium.org	f62ffeef31	Calling Map etc without new should throw TypeError Even though we do not yet allow Map, Set, WeakMap and WeakSet to be subclassed we need to ensure that we do not allow them to be [[Call]]ed to allow them to be subclassed in the future. BUG=v8:2819 R=dslomov@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/21400002 Patch from Erik Arvidsson <arv@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16006 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-01 09:18:28 +00:00
verwaest@chromium.org	2af164f4d9	Mark maps as unstable if their instances potentially transition away. Use this as a prerequisite for adding code dependencies. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/21095005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 16:33:58 +00:00
mstarzinger@chromium.org	0627d433b0	Add new Harmony methods to String.prototype object. String.prototype.repeat String.prototype.startsWith String.prototype.endsWith String.prototype.contains http://people.mozilla.org/~jorendorff/es6-draft.html BUG=v8:2796,v8:2797,v8:2798,v8:2799 TEST=mjsunit/string-repeat,mjsunit/string-startswith,mjsunit/string-endswith,mjsunit/string-contains R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/21014007 Patch from Ioseb Dzmanashvili <ioseb.dzmanashvili@gmail.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15960 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 16:33:08 +00:00
titzer@chromium.org	45d4afbde5	Fix many tests that try to force an OSR by checking OptimizationStatus() to instead check OptimizationCount(). BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/21221003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15951 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 09:28:55 +00:00
machenbach@chromium.org	7696139437	Run some skipped tests again after resolved issue. BUG=2795 R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/21220002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15949 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 08:52:26 +00:00
mstarzinger@chromium.org	3202e1d795	Re-revert "Flush parallel recompilation queues on context dispose notification" (r15883). R=danno@chromium.org BUG= Review URL: https://codereview.chromium.org/21156009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15947 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 08:35:48 +00:00
titzer@chromium.org	37ee4a0369	Fix IsDeletable() for HStringAdd, HStringCharCodeAt, HStringCharFromCode. BUG= R=mstarzinger@chromium.org, svenpanne@chromium.org Review URL: https://codereview.chromium.org/20241005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15934 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-29 12:35:43 +00:00
mvstanton@chromium.org	43e35a87e2	Fix: Need to remove function type feedback between stress stages in release build BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/20987005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15933 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-29 12:22:34 +00:00
mvstanton@chromium.org	e9cc78af7e	Fix for V8 issue 2795: Check fails with deopt for mjsunit/array-store-and-grow (https://code.google.com/p/v8/issues/detail?id=2795) The reason is when allocating and building arrays in hydrogen we need to ensure we do any int32-to-smi conversions BEFORE the allocation. These conversions can at least theoretically deoptimize. If this happens before all the fields of the newly allocated object are filled in, we will have a corrupted heap. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/20726002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15929 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-29 11:50:39 +00:00
bmeurer@chromium.org	709012021a	The compiled_transitions flag was enabled for quite some time now and seems to work out quite well, so time has come to remove the obsolete code paths and remove the unused methods. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/18034024 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15922 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-29 09:12:16 +00:00
jkummerow@chromium.org	3619dcf868	Add regression test for recently fixed bug BUG=chromium:258519 R=machenbach@chromium.org Review URL: https://codereview.chromium.org/20732002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-26 14:58:30 +00:00
machenbach@chromium.org	53c95353c9	Disable mjsunit test when parallel recompilation is not available. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/20573003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15907 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-26 12:34:46 +00:00
verwaest@chromium.org	565699669e	Fix Smi-based MathMinMax on x64, and reenable smi mode. BUG= R=jkummerow@chromium.org Review URL: https://chromiumcodereview.appspot.com/20706002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-26 12:06:22 +00:00
yangguo@chromium.org	372763897d	Lazy call to custom stack trace formatting using Error.prepareStackTrace. This enables custom stack trace formatting for stack overflow. A consequence is that stack trace formatting is now easily observable, but we already established that the default stack trace formatting can be observed anyways. It is only triggered by the .stack getter, and it has to be explicitly called, (e.g. not implicitly after GC). R=mstarzinger@chromium.org BUG=v8:2559 Review URL: https://codereview.chromium.org/20692002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-26 11:28:08 +00:00
jkummerow@chromium.org	32e2e37230	Fix JSArray-specific length lookup in polymorphic array handling BUG=chromium:263276 R=yangguo@chromium.org Review URL: https://codereview.chromium.org/20295005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-25 15:04:21 +00:00
yangguo@chromium.org	14e205e9cf	Reland "Flush parallel recompilation queues on context dispose notification." BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/19500022 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15883 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-25 15:01:23 +00:00
dslomov@chromium.org	a418b36b75	Make DataView setters throw when only offset is provided. Also fix typo in error message id. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/20030004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15865 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-24 17:35:15 +00:00
yangguo@chromium.org	eaedafad4b	Restore test and behavior prior to deferred stack trace formatting. R=mstarzinger@chromium.org TEST=stack-traces-overflow.js Review URL: https://codereview.chromium.org/19805003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-24 12:16:02 +00:00
machenbach@chromium.org	a0734ba3af	Add deopt fuzzer tool. Can be run as a stand-alone script like run-tests. Executes first all tests of a given test suite to collect the maximum number of possible deopt points. Runs then a fuzzing phase with artificial deoptimizations triggered during testing. Works for now with mjsunit and ia32 only. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/19931005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-24 12:04:29 +00:00
hpayer@chromium.org	6c83b7d6c1	Support double allocations when folding allocation. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/19956002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15839 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-23 19:27:00 +00:00
verwaest@chromium.org	7e08f81e6d	Also eliminate map checks with transitions. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/19888006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15821 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-23 10:01:06 +00:00
verwaest@chromium.org	babce318d1	Eliminate map checks of constant values. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/19954005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15819 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-23 09:18:42 +00:00
mstarzinger@chromium.org	232c55854f	Add test case for issue 2793 about experimental natives. R=yangguo@chromium.org BUG=v8:2793 Review URL: https://codereview.chromium.org/19948002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15810 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-22 18:18:55 +00:00
ulan@chromium.org	b2dd5c67f7	ARM: Ensure space for lazy deoptimization before calling IC. If IC triggers deoptimization, then subsequent patching might get invalid target address that was overwritten. R=verwaest@chromium.org BUG=247688 TEST=mjsunit/regress/regress-247688.js Review URL: https://chromiumcodereview.appspot.com/19972002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15808 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-22 17:21:41 +00:00
yangguo@chromium.org	cd41cb9b6d	Turn on parallel recompilation for tests that assert optimization status. R=mvstanton@chromium.org BUG= Review URL: https://codereview.chromium.org/19807002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15793 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-22 09:16:33 +00:00
mstarzinger@chromium.org	ce81b0d3a8	ES6: Implement WeakSet WeakSets work similar to ordinary Sets but the value (which must be an object) is held weakly. This is available under --harmony-collections BUG=v8:2785 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/19678023 Patch from Erik Arvidsson <arv@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15792 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-22 08:32:24 +00:00
rossberg@chromium.org	ac2b8c04f3	Proxies: Make 'with' work, plus minor other fixes Also fixes internal exception handling in several places of the runtime. R=yangguo@chromium.org BUG=v8:1543 Review URL: https://codereview.chromium.org/19384004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15781 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-19 14:07:23 +00:00
ulan@chromium.org	88a4b0d6ca	Fix deopt in store with effect context. R=verwaest@chromium.org Review URL: https://chromiumcodereview.appspot.com/19693004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15780 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-19 13:45:26 +00:00
rossberg@chromium.org	83d9e6e7ee	Add support for explicit octal and binary integer literals http://people.mozilla.org/~jorendorff/es6-draft.html#sec-7.8.3 ES6 extends the numeric literals to support explicit support for binary and octal literals using the following syntax: 0b10101 0o777 This is currently behind the flag, --harmony-numeric-literals BUG=2783 R=rossberg@chromium.org Review URL: https://codereview.chromium.org/19300002 Patch from Erik Arvidsson <arv@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15772 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-19 09:57:35 +00:00
verwaest@chromium.org	be472d82fd	Fix wrong bailout id in polymorphic stores. BUG=chromium:259787 R=titzer@chromium.org, ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/19528005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15763 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-19 08:45:47 +00:00
mstarzinger@chromium.org	3eded2c06c	Fix %NeverOptimizeFunction runtime call. The current usage of this runtime function is broken as it does not prevent inlining of the affected function but rather bails out from the whole unit of compilation after trying to inline affected functions. This simplifies said runtime function to avoid accidental misuse. R=titzer@chromium.org TEST=mjsunit/never-optimize Review URL: https://codereview.chromium.org/19776006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-19 08:25:44 +00:00
machenbach@chromium.org	0288214530	Disable some tests for nacl runs. These tests fail with the nacl/v8 builders. Patch from bradchen@chromium.org. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/19769002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-18 12:21:46 +00:00
svenpanne@chromium.org	b951f03cee	Fixed type feedback in presence of negative lookups. To fix the issue at hand regarding constant function calls and perhaps other hidden issues regarding negative lookups, we basically add a "marker instruction", just for harvesting purposes. Our type feedback oracle is really, really fragile, we should better switch to some more explicit and robust scheme soon. BUG=chromium:252797 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/19588002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-18 09:12:44 +00:00
yangguo@chromium.org	9d6445cf32	Do not materialize context-allocated values for debug-evaluate. BUG=259300 R=ulan@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/19569003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15727 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-17 15:29:00 +00:00
jkummerow@chromium.org	22f2fd8397	Synchronize Compare-Literal behavior in FullCodegen and Hydrogen BUG=chromium:260345 R=danno@chromium.org Review URL: https://codereview.chromium.org/19582002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-17 13:13:38 +00:00
mvstanton@chromium.org	7632a311aa	Some tests involving AllocationSites are failing in GcStress test mode. The reason is that an AllocationMemento associated with an array only lives for one gc (it is unrooted). So an excess of garbage collections in these tests cause the Memento to be lost, and expected behavior can't be guaranteed. BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/19544002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15714 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-17 11:42:32 +00:00

1 2 3 4 5 ...

2316 Commits