Commit Graph

2847 Commits

Author SHA1 Message Date
mstarzinger@chromium.org
6420887ff1 Fix Mac build boken in r10383.
R=vegorov@chromium.org
TEST=cctest/test-heap/TestSizeOfObjects

Review URL: http://codereview.chromium.org/9187004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10385 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-11 10:59:21 +00:00
mstarzinger@chromium.org
83d912f0e4 Make heap size estimation more accurate.
This improves the heap size estimation by not counting lazy swept pages
as completely allocated but use their live bytes counter instead.

R=vegorov@chromium.org
BUG=v8:1893
TEST=cctest/test-heap/TestSizeOfObjects

Review URL: http://codereview.chromium.org/9173001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10383 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-11 10:33:34 +00:00
vegorov@chromium.org
c92a3949ea Fix build failure introduced by r10380
TBR=mstarzinger@chromium.org

Review URL: http://codereview.chromium.org/9190002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10381 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-11 09:49:47 +00:00
vegorov@chromium.org
74ef753067 Change inlined cache of intanceof stub to use indirection through cell.
The stub was directly patching caller's code without issuing write barrier which violated incremental marking invariants.

R=mstarzinger@chromium.org
BUG=http://crbug.com/109448
TEST=cctest/test-heap/InstanceOfStubWriteBarrier

Review URL: http://codereview.chromium.org/9158015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10380 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-11 09:39:37 +00:00
erik.corry@gmail.com
dc9910f4a4 Minor cleanups of numeric seeded hashing patch.
Review URL: http://codereview.chromium.org/9155010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-10 13:24:18 +00:00
erik.corry@gmail.com
6178a8d42c Add seed to hash of numeric keyed properties. This is a commit of http://codereview.chromium.org/9148006/ for Fedor Indutny.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10366 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-10 12:58:41 +00:00
danno@chromium.org
df8b359f41 Fix handling of -0.0 in IsInt32/IsUInt32
R=ager@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/9169009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10361 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-10 10:05:45 +00:00
erik.corry@gmail.com
4bea3b5c54 Fix test-hashing after recent changes to string hashing.
Acriave test-hashing in SCons and buildbot runs.
Small cleanups in root register handling on ARM and MIPS.
Review URL: http://codereview.chromium.org/9110029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10351 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-06 11:33:20 +00:00
vegorov@chromium.org
c4d3a110a2 Adjust position recorded for call expressions.
For calls of the form ident(...) record position of the identifier as the position of the call. For other calls record positions of the opening parenthesis.

This guarantees that for expressions of the form function(){}() call position will not intersect with positions recorded for function literal which is used by the debugger for scope chain resolution.

R=kmillikin@chromium.org
BUG=http://crbug.com/109195
TEST=test/mjsunit/regress/regress-109195.js

Review URL: http://codereview.chromium.org/9125001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-06 10:26:17 +00:00
ulan@chromium.org
746ef93362 Move handlified functions from handles.cc to objects.cc
BUG=
TEST=

Review URL: http://codereview.chromium.org/9008012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-05 17:16:19 +00:00
erik.corry@gmail.com
9de3992837 Fix broken test that assumes that no GC can clear the regexp
cache (GC can happen at any time due to Crankshaft).
Review URL: http://codereview.chromium.org/9113012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10343 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-05 13:16:15 +00:00
mstarzinger@chromium.org
e79274abe6 Fix handling of bogus receivers for Harmony collections.
R=rossberg@chromium.org
BUG=v8:1884
TEST=mjsunit/harmony/collections

Review URL: http://codereview.chromium.org/9074003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-05 12:55:06 +00:00
erik.corry@gmail.com
81a0271004 Randomize the seed used for string hashing. This helps guard against
CPU-eating DOS attacks against node.js servers.  Based on code from
Bert Belder.  This version only solves the issue for those that compile
V8 themselves or those that do not use snapshots.  A snapshot-based
precompiled V8 will still have predictable string hash codes.
Review URL: http://codereview.chromium.org/9086006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10330 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-04 15:12:15 +00:00
yangguo@chromium.org
f953e7fcea Fix windows build.
Review URL: http://codereview.chromium.org/8983014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10328 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-04 09:58:21 +00:00
yangguo@chromium.org
d9f7cf819c Implement callback when script finishes running in V8 API.
TEST=test-api/LeaveScriptCallback

Review URL: http://codereview.chromium.org/8937003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-04 08:48:35 +00:00
danno@chromium.org
f648626eb9 Reland 10309: Ensure large Smi-only arrays don't transition to FAST_DOUBLE_ARRAY
TBR=jkummerow@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/9051014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-30 14:28:14 +00:00
danno@chromium.org
5d85a04472 Rollback 10309
TBR=jkummerow@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/8968042

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10310 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-30 13:42:21 +00:00
danno@chromium.org
dff0e36d2d Ensure large Smi-only arrays don't transition to FAST_DOUBLE_ARRAY
BUG=v8:1849
TEST=test/mjsunit/regress/regress-1849.js

Review URL: http://codereview.chromium.org/8968028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10309 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-30 12:54:23 +00:00
danno@chromium.org
aa38094bf0 Ensure that InternalArrays remain InternalArrays regardless of how they are constructed.
R=whesse@chromium.org
BUG=v8:1878
TEST=test/mjsunit/regress/regress-1878.js

Review URL: http://codereview.chromium.org/9016041

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10306 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-27 15:12:12 +00:00
vegorov@chromium.org
3947056c03 Avoid embedding new space objects into code objects in the lithium gap resolver.
R=danno@chromium.org
BUG=http://crbug.com/108296
TEST=test/mjsunit/regress/regress-108296.js

Review URL: http://codereview.chromium.org/8960004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10301 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-23 10:39:01 +00:00
mstarzinger@chromium.org
aae7033ba1 Fix JavaScript accessors on objects with interceptors.
This fixes how Object.defineProperty() defines JavaScript accessors on
objects with installed API interceptors. The definition itself does not
cause any interceptors to be called, whereas any subsequent accesses on
said object will still fire the interceptor. This behavior is in sync
with API accessors.

R=rossberg@chromium.org
BUG=v8:1651,chromium:94666
TEST=cctest/test-api

Review URL: http://codereview.chromium.org/9021019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10293 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-21 16:14:38 +00:00
mstarzinger@chromium.org
04f0e33229 Fix handling of foreign callbacks in DefineOwnProperty.
We use foreign callbacks to make some properties shadow internal values
but still behave as data properties from within JavaScript. This means
when a value is passed to Object.defineProperty() on such a property,
it should update the internal value instead of redefinind the property
and destroying the shadowing.

R=rossberg@chromium.org
BUG=v8:1530
TEST=mjsunit/regress/regress-1530,test262/S15.3.3.1_A4

Review URL: http://codereview.chromium.org/8996008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10279 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-20 08:49:51 +00:00
fschneider@chromium.org
6c0a4f5d45 Fix bug with filtering of foreign context maps in the type feedback.
The first attempt did not properly handle keyed loads/stores and
did not check the constructors of the objects in the prototype
chain.

Added two more tests to handle the fixed cases.

BUG=v8:1823
TEST=LeakGlobalObjectViaMapKeyed,LeakGlobalContextViaMapProto
Review URL: http://codereview.chromium.org/8974009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10277 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-19 12:39:52 +00:00
mstarzinger@chromium.org
8450a9b88d Fix Test262 command line in test harness.
This just simplifies the command line used to run test cases, allowing
to copy them from the test harness output without editing. The passed
expression is obsolete by now.

R=yangguo@chromium.org

Review URL: http://codereview.chromium.org/8966023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10270 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-16 13:37:20 +00:00
mstarzinger@chromium.org
03a2fc23b6 Remove bogus writability check in DefineGetterSetter.
R=rossberg@chromium.org
TEST=test262

Review URL: http://codereview.chromium.org/8951013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10269 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-16 12:54:08 +00:00
yangguo@chromium.org
538fb2b8b4 Fix cctest/test-hashing on MIPS.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8953016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10266 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-15 14:24:07 +00:00
fschneider@chromium.org
d1e762d782 Temporarily disable new test until no-snapshot version is fixed.
Review URL: http://codereview.chromium.org/8957004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10260 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-15 10:08:25 +00:00
mstarzinger@chromium.org
d22b86a583 Mark Test262 test cases for known issue 1475.
R=rossberg@chromium.org
BUG=v8:1475
TEST=test262/15.2.3.6-4-4??

Review URL: http://codereview.chromium.org/8911006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10258 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-14 14:55:16 +00:00
fschneider@chromium.org
b6b4af9d89 Filter out maps from different global context when collecting type feedback.
This avoid leaking memory because optimized code may hold on to maps
from different tabs otherwise.

BUG=v8:1823, 102895
Review URL: http://codereview.chromium.org/8892002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10257 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-14 14:01:54 +00:00
jkummerow@chromium.org
0438c76185 Fix outdated test expectations for array literal crankshafting
TEST=nosnap builder green

Review URL: http://codereview.chromium.org/8915006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10256 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-14 13:32:34 +00:00
jkummerow@chromium.org
106973c3d2 Create missing boilerplate for array literals instead of deoptimizing
BUG=107370
TEST=new additions to mjsunit/array-literal-transitions

Review URL: http://codereview.chromium.org/8914006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10255 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-14 13:01:27 +00:00
mstarzinger@chromium.org
502039a6bd Fix invalid usage of StoreIC_ArrayLength optimization.
This introduces an additional check into the StoreIC_ArrayLength builtin
checking that the array still has fast properties. Redifinitions of the
length property that would cause it's type or attributes to change, will
switch to slow properties, thereby invalidating said optimization.

R=svenpanne@chromium.org
BUG=v8:1756
TEST=test262

Review URL: http://codereview.chromium.org/8895025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10254 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-14 12:46:32 +00:00
yangguo@chromium.org
4cd99d7cb9 Handle external strings in generated code when concatenating short strings.
TEST=string-external-cached.js

Review URL: http://codereview.chromium.org/8931025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10252 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-14 10:32:22 +00:00
fschneider@chromium.org
cf8e2b01e4 Landing forgotten mjsunit test file from previous CL.
Patch by Fedor Indutny <fedor.indutny@gmail.com>.

Original code review: http://codereview.chromium.org/8857001/
Review URL: http://codereview.chromium.org/8935006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10245 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-13 17:13:47 +00:00
jkummerow@chromium.org
91efb313eb Fix crash in d8 when external array ctor hits stack overflow
BUG=100859
TEST=mjsunit/regress/regress-crbug-100859

Review URL: http://codereview.chromium.org/8898021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10242 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-13 13:51:58 +00:00
vegorov@chromium.org
a2159a6bb9 Fix GCC 4.7 warnings, which are related to char being signed in GCC
("narrowing conversion ... inside { } is ill-formed in C++11").

* src/mksnapshot.cc: Cast "char" to "unsigned char" when outputting snapshot.
* test/cctest/test-regexp.cc: Use static_cast to uc16 as the char
literal is signed.

Review URL: http://codereview.chromium.org/8825003
Patch from Tobias Burnus <burnus@net-b.de>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10241 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-13 13:02:08 +00:00
yangguo@chromium.org
94f9aa3a0d Avoid using an invalid working directory in mjsunit/d8-os.
This test deleted its working directory and then tried to run several
shell commands which caused a failure on nfs.

Changes:
-TEST_DIR is only removed at the very end of the test
-the working directory is changed to /tmp at the beginning so that
 every iteration (when running with --stress-opt) has a valid working directory

BUG=
TEST=

Review URL: http://codereview.chromium.org/8936004
Patch from Daniel Kalmar <kalmard@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10240 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-13 12:57:33 +00:00
mstarzinger@chromium.org
4dd5bb2892 Fix another corner case for DefineOwnProperty on arrays.
R=rossberg@chromium.org
BUG=v8:1756
TEST=test262

Review URL: http://codereview.chromium.org/8890015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10236 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-12 10:20:46 +00:00
yangguo@chromium.org
a7f0c72e2d Fixing bug introduced in r10210 that crashes v8 raytrace benchmark.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8889047

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10226 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-09 12:11:56 +00:00
yangguo@chromium.org
ce86c1bfb1 Avoid bailing out to runtime for short substrings.
This significantly improves the speed for creating short substrings (less than 13 characters) from slices, flat cons strings and external strings.

TEST=string-external-cached.js, string-slices.js

Review URL: http://codereview.chromium.org/8889012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10221 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-09 10:04:58 +00:00
keuchel@chromium.org
f1649cf39c Hydrogen support for context allocated harmony bindings.
This CL adds support for loading from and storing to context slots
belonging to harmony let or const bound variables. Checks for the
hole value are performed and the function is deoptimized if they fail.
The full-codegen generated code will take care of properly throwing
a reference error in these cases.

TEST=mjsunit/harmony/block-let-crankshaft.js

Review URL: http://codereview.chromium.org/8820015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10220 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-09 09:50:30 +00:00
danno@chromium.org
ef54f5690f Support Smi->Double->HeapObject transitions in constructed Arrays.
Also several bugs with Smi/double elements handling and make Ensure* routines more flexible.

BUG=none
TEST=test/mjsunit/array-construct-transition.js

Review URL: http://codereview.chromium.org/8820014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10218 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-09 08:50:19 +00:00
vegorov@chromium.org
a457040ca6 Ensure that non-optimized code objects are not flushed for inlined functions.
Collector was flushing them if optimized code was reachable only through the stack (not through the JSFunction object) which happens when you have a pending lazy deoptimization.

Also prevent v8::Script::New from leaking internal objects allocated by the compiler into outer HandleScope.

R=kmillikin@chromium.org
BUG=http://crbug.com/97116
TEST=test/mjsunit/regress/regress-97116.js

Review URL: http://codereview.chromium.org/8888011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10215 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-08 16:07:07 +00:00
ulan@chromium.org
0fd7350595 Relax test condition to make it less brittle.
BUG=
TEST=cctest/test-api/IdleNotificationWithHint

Review URL: http://codereview.chromium.org/8839007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10202 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-07 16:08:09 +00:00
keuchel@chromium.org
410219c8f3 Sync parser and preparser on do-while and return statements.
This CL fixes the preparser to have the same liberal automatic semicolon
insertion behaviour as the parser. In the case of a return statement in
global code we throw a syntax error at runtime rather than an early error
due to compatibility with KJS. However that hack allowed the following
syntactically incorrect program in global code in the parser but not in
the preparser:
  if (false) return else {}
while the slightly saner version with the obligatory semicolon
  if (false) return; else {}
was disallowed in the parser, but the preparser allowed it. This CL also
fixes that issue.

BUG=v8:1856
TEST=cctest/test-parsing.cc

Review URL: http://codereview.chromium.org/8844002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10201 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-07 16:03:29 +00:00
fschneider@chromium.org
c1662a199b Fix a bug with register use in optimized Math.round.
We're not allowed to modify the input register and have to
use a temporary instead, otherwise the result of expressions
containing Math.round can be wrong.

BUG=106351
TEST=test/mjsunit/compiler/regress-106351.js
Review URL: http://codereview.chromium.org/8833007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10190 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-07 10:13:46 +00:00
danno@chromium.org
b5b91b5add Fix nosnap build test failures.
TBR=jkummerow@chromium.org
BUG=none
TEST=less waterfall redness

Review URL: http://codereview.chromium.org/8828004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10184 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 22:27:15 +00:00
mikhail.naganov@gmail.com
dae713f0ad Reapply r10158: Distinguish weak references in heap snapshots, group GC roots.
[Fixed the bug revealed by the Win32 bot]

Several changes to better organize snapshot data:

1. Provide information about weak references.
2. Group (GC roots) children.
3. Prettify debug snapshot printing.

BUG=v8:1832
TEST=cctest/test-heap-profiler/*Weak*
TBR=vitalyr@chromium.org

Initial CL: http://codereview.chromium.org/8716009

Review URL: http://codereview.chromium.org/8822019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10182 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 17:41:47 +00:00
ulan@chromium.org
cda5b1a53f Use the old handler for low frequency idle notifications.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8818005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10179 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 14:30:21 +00:00
yangguo@chromium.org
e9688608cd Fix presubmit.
Review URL: http://codereview.chromium.org/8821016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10178 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 13:30:22 +00:00
yangguo@chromium.org
72827079ac Fixing mozilla test failures regarding Math.pow.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8820011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10177 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 13:14:46 +00:00
erik.corry@gmail.com
c5c6cc5284 The memory size test makes no sense on the simulated platforms.
Review URL: http://codereview.chromium.org/8818007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10173 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 12:09:11 +00:00
keuchel@chromium.org
8b34f4630b Hydrogen support for stack local harmony bindings in function scope.
This is the first CL in a series that add support for the harmony scoping
features to crankshaft. This CL specifically adds support for stack
allocated 'let' and 'const' declared variables in function scopes.

TEST=mjsunit/harmony/block-let-crankshaft.js

Review URL: http://codereview.chromium.org/8806012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10171 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 09:41:06 +00:00
yangguo@chromium.org
8e6655c676 Stop skipping regress-397.js
BUG=
TEST=

Review URL: http://codereview.chromium.org/8804013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10169 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 09:20:55 +00:00
yangguo@chromium.org
fe2049fcb8 Fixing fix for MathPowHalf on ARM.
Review URL: http://codereview.chromium.org/8817012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10167 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 09:20:00 +00:00
yangguo@chromium.org
b37ee7bcce Fixing MathPowHalf on ARM.
BUG=v8:397
TEST=regress-397.js

Review URL: http://codereview.chromium.org/8800009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10166 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 08:28:12 +00:00
mikhail.naganov@gmail.com
a0c8ea00db Revert r10158 "Distinguish weak references in heap snapshots, group GC roots."
Heap profiler tests fail on Win32, need to investigate.

This reverts commit b5374ebd92c11ac4aae16b4e31e54166d406e490.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10162 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-05 17:21:55 +00:00
mikhail.naganov@gmail.com
857aa09772 Distinguish weak references in heap snapshots, group GC roots.
Several changes to better organize snapshot data:

1. Provide information about weak references.
2. Group (GC roots) children.
3. Prettify debug snapshot printing.

BUG=v8:1832
TEST=cctest/test-heap-profiler/*Weak*

Review URL: http://codereview.chromium.org/8716009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10158 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-05 16:35:57 +00:00
keuchel@chromium.org
08b4262512 Statically check for assignments to const in harmony mode.
The ES.next draft rev 4 in section 11.13 reads:
It is a Syntax Error if the AssignmentExpression is contained in extended code
and the LeftHandSideExpression is an Identifier that does not statically resolve
to a declarative environment record binding or if the resolved binding is an
immutable binding.

This CL adds corresponding static checks for the immutable binding case.

TEST=mjsunit/harmony/block-const-assign

Review URL: http://codereview.chromium.org/8688007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10156 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-05 14:43:28 +00:00
mstarzinger@chromium.org
993d650f15 MIPS: updated test .status files based mostly on the ARM version.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8572032
Patch from Gergely Kis <gergely@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10155 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-05 11:44:17 +00:00
mstarzinger@chromium.org
b45f451a27 Fix special handling of DefineOwnProperty on arrays.
According to the ES5 spec the implementation of DefineOwnProperty() has
to special case handling of arrays. This implementation correctly
handles definitions of array index properties and redefinitions of the
length property.

R=svenpanne@chromium.org
BUG=v8:1756
TEST=test262

Review URL: http://codereview.chromium.org/8776045

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10149 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-05 09:53:43 +00:00
erik.corry@gmail.com
b8691a78af Clean up multi byte nop support on x64 to more closely match IA32.
Fix missing instruction in disassembler.
Fix wrong disassembly of multi-byte NOP on x64
Add test of disassembler on 64 bit!
Review URL: http://codereview.chromium.org/8773039

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10147 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-05 08:58:01 +00:00
erik.corry@gmail.com
090be8bf15 Reduce minimum memory use on 64 bit to one page per semispace.
Review URL: http://codereview.chromium.org/8774045

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10144 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 14:19:53 +00:00
erik.corry@gmail.com
0d7380da55 Let store buffer start out small for a 1Mbyte saving in boot
memory use (2Mbyte on x64).
Review URL: http://codereview.chromium.org/8776032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10143 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 14:08:12 +00:00
yangguo@chromium.org
c0e7884752 Temporarily disable regress-397 until fix has been ported to all platforms.
Review URL: http://codereview.chromium.org/8775051

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10142 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 13:42:51 +00:00
danno@chromium.org
de55888842 Fix presubmit error.
TBR=sgjesse@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/8770042

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10141 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 13:23:44 +00:00
yangguo@chromium.org
929c619101 Quickfix for DoMathPowHalf.
TEST=regress-397.js

Review URL: http://codereview.chromium.org/8769037

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10140 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 13:16:49 +00:00
danno@chromium.org
33615c614f Fix flaky debugger test
TBR=sgjesse@chromium.org
BUG=none
TEST=test/cctest/test-debug.cc

Review URL: http://codereview.chromium.org/8773037

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10139 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 13:05:51 +00:00
danno@chromium.org
25e3d2706d Optimize Crankshaft array literal initialization from boilerplate.
BUG=none
TEST=test/mjsunit/array-literal-transitions.js

Review URL: http://codereview.chromium.org/8747009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10138 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 12:42:35 +00:00
erik.corry@gmail.com
701790fd34 Support multi-byte nop instructions as recommended by
the optimization guides from AMD and Intel.
Review URL: http://codereview.chromium.org/8776033

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10134 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 10:01:50 +00:00
yangguo@chromium.org
d5fdb76028 Implement Math.pow using FPU instructions and inline it in crankshaft (ia32).
Review URL: http://codereview.chromium.org/8749002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10133 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-02 08:06:37 +00:00
erik.corry@gmail.com
0ec9c63e59 Introduce a test of how much memory it takes to boot up V8.
Linux only at the moment, since it uses /proc.  Shows that
there is room for improvement, espcially on 64 bit.
Review URL: http://codereview.chromium.org/8750001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10122 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-01 12:32:38 +00:00
ulan@chromium.org
59897dbe44 Fix compile errors on Windows and Mac introduced by r10093.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8746021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10099 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-30 16:55:55 +00:00
sgjesse@chromium.org
5ccdb3b692 Fix handling of recompiling code for optimized and inlined functions
The debugger preparation did not take optimized functions - including
inlined function into account. This caused the full-code used for
deoptimization to be the "lazy compile" builtin which did not work and
caused V8 to crash.

R=yangguo@chromium.org

BUG=chromium:105375, v8:1782
TEST=test/mjsunit/debug-break-inline.js

Review URL: http://codereview.chromium.org//8728031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10094 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-30 11:48:35 +00:00
ulan@chromium.org
8dc728126e Start incremental marking on idle notification.
BUG=v8:1458
TEST=cctest/test-api/IdleNotification*

Review URL: http://codereview.chromium.org/8519002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10093 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-30 11:13:36 +00:00
erik.corry@gmail.com
e2f2c77e6f Be more willing to expand old space when evacuating new space at the end of
a mark-sweep.  We have a soft limit on old space size, which is designed to
trigger an old-space collection when we hit it.  Unfortunately although the
soft limit had already triggered an old space collection, the soft limit was
preventing objects from new space from being promoted.  For every promotion
candidate we were checking 3 different ways to allocate in old space before
giving up and putting the object in the other semispace.  This change allows
the promoted objects to go to old space and also makes us more eager to
sweep a page before trying other ways to find space for an object.
Review URL: http://codereview.chromium.org/8748005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10092 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-30 10:38:16 +00:00
keuchel@chromium.org
b3a2e242db Reapply "Fix the ScopeIterator reimplementation".
This reapplies a fixed version of r10076 that also works on arm. Patch set one is r10076 reapplied and patch set 2 contains the new fix.

Review URL: http://codereview.chromium.org/8725001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10080 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-29 08:43:14 +00:00
keuchel@chromium.org
e26093f3d8 Make let/const outside of the extended mode early errors (under harmony flag).
The ES.next drafts require that source code that matches the productions for
let and const bindings outside the extended mode trigger early syntax
errors. This CL adapts the parser / preparser accordingly under the harmony
scoping flag.

Summary:
* Harmony scoping flag not set: Old semantics allowing const in classic mode
with function level scope. Const binding in strict mode and let bindings in
classic and strict mode trigger early syntax errors.
* Harmony scoping is set: Use new harmony const and let in
extended mode and old const in classic mode. This is to preserve
compatibility with current web pages that already use
non-standard implementations of const. An early syntax error is
thrown on const in strict mode and on let in classic and strict
mode.

This depends on:
http://codereview.chromium.org/8562002/

TEST=mjsunit/harmony/block-early-errors.js

Review URL: http://codereview.chromium.org/8564001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10079 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-29 06:38:04 +00:00
keuchel@chromium.org
9664e48e14 Revert r10076 due to arm build failures.
Review URL: http://codereview.chromium.org/8716005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10077 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-28 14:01:13 +00:00
keuchel@chromium.org
8866d63cc9 The ScopeIterator uses recorded scope position - as detailed in scopes.h - and
source code positions it gets from the program counter to recreate the scope
chain by reparsing the function or program.

This CL includes the following changes
* Adds source code positions for the assignment added by the rewriter.
* Run the preparser over global code first.
* Use the ScopeType from the ScopeInfo to determine if the code being debugged
  is eval, function or global code instead of looking up the '.result' symbol.

TEST=mjsunit/debug-stepout-scope.js

Review URL: http://codereview.chromium.org/8590027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10076 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-28 12:47:39 +00:00
lrn@chromium.org
c7fccff9af Clean up JavaScript files to better follow coding standard.
Multiline conditionals must use braces.
Semicolons are not optional.

Review URL: http://codereview.chromium.org/8701006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10074 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-28 12:11:00 +00:00
mstarzinger@chromium.org
ad356bd5ad Skip test for known failure tracked by issue 1845.
R=keuchel@chromium.org
BUG=v8:1845
TEST=mjsunit/harmony/proxies-example-membrane

Review URL: http://codereview.chromium.org/8698017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10073 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-28 11:58:53 +00:00
yangguo@chromium.org
d542a2fb75 Add external strings support to regexp in generated code.
TEST=test/mjsunit/string-external-cached.js

Review URL: http://codereview.chromium.org/8680010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10070 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-25 14:04:47 +00:00
lrn@chromium.org
ebccde15bc Don't preparse large files to find boundaries of lazy functions.
Instead use the preparser inline to parse only the lazy function
bodies.

This is still disabled for small files.
More measurements are needed to determine if lazy-compiling small
sources is worth it.

Review URL: http://codereview.chromium.org/8662037

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10066 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-25 09:36:31 +00:00
keuchel@chromium.org
cbf08248f7 Make the parser track the language mode instead of keeping its own harmony flag.
So far the parser had its own harmony flag to disable the harmony scoping
feature when parsing native functions. With the introduction of the extended
language mode this becomes unnecessary because native functions will never enter
the extended mode. The parser can thus track FLAG_harmony_scoping and the
language mode of the current scope to see if harmony features are allowed. The
scanner and preparser have to keep their flag, because they can't use
FLAG_harmony_scoping as it is not available for the preparser-process
executable.

This depends on:
http://codereview.chromium.org/8417035/

Review URL: http://codereview.chromium.org/8562002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10063 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-24 15:58:09 +00:00
keuchel@chromium.org
1e9a7267ab Introduce extended mode.
This CL introduces a third mode next to the non-strict
(henceforth called 'classic mode') and 'strict mode'
which is called 'extended mode' as in the current
ES.next specification drafts. The extended mode is based on
the 'strict mode' and adds new functionality to it. This
means that most of the semantics of these two modes
coincide.

The 'extended mode' is entered instead of the 'strict mode'
during parsing when using the 'strict mode' directive
"use strict" and when the the harmony-scoping flag is
active. This should be changed once it is fully specified how the 'extended mode' is entered.

This change introduces a new 3 valued enum LanguageMode
(see globals.h) corresponding to the modes which is mostly
used by the frontend code. This includes the following
components:
* (Pre)Parser
* Compiler
* SharedFunctionInfo, Scope and ScopeInfo
* runtime functions: StoreContextSlot,
  ResolvePossiblyDirectEval, InitializeVarGlobal,
  DeclareGlobals

The old enum StrictModeFlag is still used in the backend
when the distinction between the 'strict mode' and the 'extended mode' does not matter. This includes:
* SetProperty runtime function, Delete builtin
* StoreIC and KeyedStoreIC
* StubCache

Review URL: http://codereview.chromium.org/8417035

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10062 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-24 15:17:04 +00:00
yangguo@chromium.org
2055f4195e Recommit introducing short external strings.
Review URL: http://codereview.chromium.org/8677006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10054 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-23 13:08:28 +00:00
yangguo@chromium.org
922aee5a02 Rolling back r10049 due to webkit failures.
Review URL: http://codereview.chromium.org/8681007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10050 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-23 10:41:12 +00:00
yangguo@chromium.org
21edc7c30b Introduce short external strings without pointer cache.
BUG=
TEST=

Review URL: http://codereview.chromium.org/8635011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10049 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-23 09:58:58 +00:00
ricow@chromium.org
46f0a651cc MIPS: Reduced the number of threads in cctest test-lockers.
Some MIPS boards could not handle the large number of threads and failed these tests.

BUG=
TEST=
Review URL: http://codereview.chromium.org/8506008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10048 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-23 08:36:03 +00:00
ricow@chromium.org
b642b780c2 Decrease number of threads in ExtensionRegistration tests for mips, current number is causing OOMs.
This was fixed for arm in revision 10045
Review URL: http://codereview.chromium.org/8662003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10047 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-23 08:06:13 +00:00
dslomov@chromium.org
4cedd762e5 Fix ExtensionsRegistration cctest on ARM.
Reduced the number of created threads on ARM.

Review URL: http://codereview.chromium.org/8639007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10045 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-22 18:51:53 +00:00
mikhail.naganov@gmail.com
a0f3c5d451 Really fix missing HandleScope to prevent local handles to DOMWindow leaking.
A follow-up to r9994.

R=vitalyr@chromium.org
BUG=102895
TEST=cctests/test-heap-profiler/NoHandleLeaks

Review URL: http://codereview.chromium.org/8468016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10030 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-18 11:42:39 +00:00
yangguo@chromium.org
5a82d78948 Add pointer cache field to external string for access in generated code.
TEST=test/mjsunit/string-externalize.js

Review URL: http://codereview.chromium.org/8513010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10023 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-17 17:05:12 +00:00
fschneider@chromium.org
8fbf1d5017 Landing: [hydrogen] optimize switch with string clauses. Patch by Fedor Indutny <fedor.indutny@gmail.com>.
Original code review: http://codereview.chromium.org/8373029/
Review URL: http://codereview.chromium.org/8589019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10019 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-17 13:57:55 +00:00
fschneider@chromium.org
8480569467 Fix lazy deoptimization at HInvokeFunction and enable target-recording call-function stub.
Changes the way we do lazy deoptimization:

1. For side-effect instructions, we insert the lazy-deopt call at
the following LLazyBailout instruction.

     CALL
     GAP
     LAZY-BAILOUT ==> lazy-deopt-call

2. For other instructions (StackCheck) we insert it right after the
instruction since the deopt targets an earlier deoptimization environment.

   STACK-CHECK
   GAP ==> lazy-deopt-call

The pc of the lazy-deopt call that will be patched in is recorded in the
deoptimization input data. Each Lithium instruction can have 0..n safepoints.
All safepoints get the deoptimization index of the associated LAZY-BAILOUT
instruction. On lazy deoptimization we use the return-pc to find the safepoint.
The safepoint tells us the deoptimization index, which in turn finds us the
PC where to insert the lazy-deopt-call.

Additional changes:
 * RegExpLiteral marked it as having side-effects so that it 
   gets an explicitlazy-bailout instruction (instead of
   treating it specially like stack-checks)
 * Enable target recording CallFunctionStub to achieve
   more inlining on optimized code.

BUG=v8:1789
TEST=jslint and uglify run without crashing, mjsunit/compiler/regress-lazy-deopt.js
Review URL: http://codereview.chromium.org/8492004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10006 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-16 08:44:30 +00:00
dslomov@chromium.org
963ccfdaea Extension state made per-siolate in genesis
BUG=http://code.google.com/p/v8/issues/detail?id=1821

Review URL: http://codereview.chromium.org/8536042

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-15 22:48:55 +00:00
keuchel@chromium.org
08c9629f80 Static resolution of outer variables in eval code.
So far free variables references in eval code are not statically
resolved. For example in
    function foo() { var x = 1; eval("y = x"); }
the variable x will get mode DYNAMIC and y will get mode DYNAMIC_GLOBAL,
i.e. free variable references trigger dynamic lookups with a fast case
handling for global variables.

The CL introduces static resolution of free variables references in eval
code. If possible variable references are resolved to bindings belonging to
outer scopes of the eval call site.

This is achieved by deserializing the outer scope chain using
Scope::DeserializeScopeChain prior to parsing the eval code similar to lazy
parsing of functions. The existing code for variable resolution is used,
however resolution starts at the first outer unresolved scope instead of
always starting at the root of the scope tree.

This is a prerequisite for statically checking validity of assignments in
the extended code as specified by the current ES.next draft which will be
introduced by a subsequent CL. More specifically section 11.13 of revision 4
of the ES.next draft reads:
* It is a Syntax Error if the AssignmentExpression is contained in extended
  code and the LeftHandSideExpression is an Identifier that does not
  statically resolve to a declarative environment record binding or if the
  resolved binding is an immutable binding.

TEST=existing tests in mjsunit

Review URL: http://codereview.chromium.org/8508052

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9999 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-15 13:48:40 +00:00
mstarzinger@chromium.org
330cd2205c Remove hidden prototype for builtin functions.
This is a deliberate non-conformity introduced more than 2 years ago to
be compatible with JSC. The current state is that all other browsers
perform ES5 conform in that regard.

R=erik.corry@gmail.com
BUG=chromium:1717,chromium:39662
TEST=test262/15.2.3.6-4-6??,mjsunit/undeletable-functions

Review URL: http://codereview.chromium.org/8566009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9993 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-15 09:44:57 +00:00
fschneider@chromium.org
c48f928480 Speedup unit test to avoid timeout on slow ARM simulator.
This test depends on OSR being triggered. That's why I can't
use %OptimizeFunctionOnNextCall.
Review URL: http://codereview.chromium.org/8555004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9987 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-14 12:33:44 +00:00
mikhail.naganov@gmail.com
007ad200f8 Fix missing fast property accessors in heap snapshots.
Implementation for this case

var x = {};
x.__defineGetter__("y", function Y() { return 42; });

BUG=v8:1818
TEST=cctest/test-heap-profiler/FastCaseGetter

Review URL: http://codereview.chromium.org/8491041
Patch from Ilya Tikhonovsky <loislo@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-14 11:13:29 +00:00
mstarzinger@chromium.org
9dcf002f31 Fix filtering of store buffer for large object pages.
Our Heap::FreeQueuedChunks generates fake inner chunks in large object
pages queued for freeing, so that StoreBuffer::Filter can recognize them
as pages to be freed. This also relies on MemoryChunk::Contains to work
properly, which is why the size field needs to be initialized as well.

R=vegorov@chromium.org
BUG=v8:1817
TEST=mozilla/js1_5/Regress/regress-360969-05

Review URL: http://codereview.chromium.org/8536009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9964 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-11 09:45:12 +00:00
yangguo@chromium.org
4b4d75f84e Fixing crash of StringHash test.
Review URL: http://codereview.chromium.org/8520010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9962 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-10 17:01:32 +00:00
rossberg@chromium.org
a9c1b834f8 A more holistic test case for proxies.
Depends on http://codereview.chromium.org/8318014/

R=mstarzinger@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8392038

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-10 16:24:43 +00:00
rossberg@chromium.org
830763bda4 Fixing test cases for correct assertSame.
Leaving out derived construct trap for now, which I'm working on separately.

R=mstarzinger@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8506020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9960 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-10 15:48:07 +00:00
yangguo@chromium.org
07ee3e6e5c Fixing generated hash function on all platforms.
BUG=v8:1808
TEST=cctest/test-hashing.cc

Review URL: http://codereview.chromium.org/8512004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9956 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-10 14:26:57 +00:00
rossberg@chromium.org
8caa6eb732 Fix instanceof a function proxy.
R=mstarzinger@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8520001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9954 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-10 13:39:22 +00:00
yangguo@chromium.org
dbd3578e3e MIPS: Fix the cctest QuietSignalingNaNs for MIPS.
MIPS uses a different NAN bit pattern to represent quiet or
signalling NANs than does x86 or ARM.

BUG=
TEST=

Review URL: http://codereview.chromium.org/8510007
Patch from Gergely Kis <gergely@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9948 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-10 08:25:23 +00:00
yangguo@chromium.org
6157562994 Simplify StringCharCodeAt in non-crankshaft codegen.
TEST=test/mjsunit/string-slices.js

Review URL: http://codereview.chromium.org/8510005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9936 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-09 14:32:51 +00:00
yurys@chromium.org
8b7bcc4e80 Add getters for column number and script id to v8::Function
Review URL: http://codereview.chromium.org/8508008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9935 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-09 14:18:30 +00:00
mstarzinger@chromium.org
4391aff4a3 Temporarily skip one Mozilla regression test.
R=erik.corry@gmail.com
BUG=v8:1817
TEST=mozilla/js1_5/Regress/regress-360969-05

Review URL: http://codereview.chromium.org/8508006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9931 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-09 13:11:11 +00:00
yangguo@chromium.org
53c6077cee Fixing issue 103259.
BUG=103259
TEST=regress-103259.js

Review URL: http://codereview.chromium.org/8498011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9917 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 14:59:40 +00:00
rossberg@chromium.org
f936aac43e Make _CallFunction proxy-aware.
Change calling convention for CallFunction stub.
Some fixes regarding strict mode call traps.

R=kmillikin@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8318014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9916 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 14:39:37 +00:00
keuchel@chromium.org
72dba271eb Reapply r9870 "Remove some initialization checks based on source positions.".
This reverts r9896 "Revert r9870 due to browser-test failures." See below for
the diff from the previous version for the ia32 platform. The code for other
platforms has been changed accordingly.

TEST=mjsunit/compiler/lazy-const-lookup.js

diff --git a/src/ia32/full-codegen-ia32.cc b/src/ia32/full-codegen-ia32.cc
index 2cbf518..1990f2f 100644
--- a/src/ia32/full-codegen-ia32.cc
+++ b/src/ia32/full-codegen-ia32.cc
@@ -1258,13 +1258,17 @@ void FullCodeGenerator::EmitVariableLoad(VariableProxy* proxy) {
         // binding is initialized:
         //   function() { f(); let x = 1; function f() { x = 2; } }
         //
-        // Check that we always have valid source position.
-        ASSERT(var->initializer_position() != RelocInfo::kNoPosition);
-        ASSERT(proxy->position() != RelocInfo::kNoPosition);
-        bool skip_init_check =
-            var->mode() != CONST &&
-            var->scope()->DeclarationScope() == scope()->DeclarationScope() &&
-            var->initializer_position() < proxy->position();
+        bool skip_init_check;
+        if (var->scope()->DeclarationScope() != scope()->DeclarationScope()) {
+          skip_init_check = false;
+        } else {
+          // Check that we always have valid source position.
+          ASSERT(var->initializer_position() != RelocInfo::kNoPosition);
+          ASSERT(proxy->position() != RelocInfo::kNoPosition);
+          skip_init_check = var->mode() != CONST &&
+              var->initializer_position() < proxy->position();
+        }
+
         if (!skip_init_check) {
           // Let and const need a read barrier.
           Label done;

Review URL: http://codereview.chromium.org/8479034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9915 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 13:28:53 +00:00
ulan@chromium.org
0d536dec26 Shrink the new space and uncommit marking deque on low memory notification.
BUG=v8:1669
TEST=cctest/test-heap/CollectingAllAvailableGarbageShrinksNewSpace

Review URL: http://codereview.chromium.org/8065003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 12:42:02 +00:00
mstarzinger@chromium.org
e24c612a5e Fix setting array length to be ES5 conform.
This also refactors the way we set the length of an arrays' backing
store to use the new elements accessor interface. The actual fix is in
DictionaryElementsAccessor::SetLengthWithoutNormalize() where we first
search for non-deletable elements according to ES5 section 15.4.5.2
specifications.

Snippet from the specification: Attempting to set the length property of
an Array object to a value that is numerically less than or equal to the
largest numeric property name of an existing array indexed non-deletable
property of the array will result in the length being set to a numeric
value that is one greater than that largest numeric property name.

R=danno@chromium.org
TEST=test262/15.4.4.??-7-b-16

Review URL: http://codereview.chromium.org/8372064

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 11:59:56 +00:00
fschneider@chromium.org
4627023b38 Revert r9901 to make tree green again.
There was a test failure on x64 mozilla tests.

TBR=ricow@chromium.org
Review URL: http://codereview.chromium.org/8495011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 09:56:09 +00:00
fschneider@chromium.org
cac3008437 [hydrogen] optimize switch with string clauses
Hydrogen should optimize not only SMI clauses, but clauses with string literals
too.

Patch from fedor.indutny <fedor.indutny@gmail.com>.

R=vegorov@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8373029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9901 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 09:08:33 +00:00
mstarzinger@chromium.org
bca8d42e3b Revert r9596 due to page-cycler regressions.
R=vegorov@chromium.org

Review URL: http://codereview.chromium.org/8463006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9883 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-04 13:05:16 +00:00
jkummerow@chromium.org
9625d5d4a0 Fix Array.{splice,slice} to set proper ElementsKind of result
TEST=mjsunit/elements-kind.js

Review URL: http://codereview.chromium.org/8430036

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9882 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-04 12:47:58 +00:00
jkummerow@chromium.org
f2787a42b0 Fix JSObject::EnsureCanContainElements to correctly iterate over Arguments
TEST=mjsunit/elements-kind.js

Review URL: http://codereview.chromium.org/8437094

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9881 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-04 12:31:44 +00:00
jkummerow@chromium.org
8450c60d47 Fix Runtime_ArrayConcat to handle FAST_DOUBLE_ELEMENTS
TEST=mjsunit/elements-kind.js; stanford-crypto-sha256-iterative in debug mode

Review URL: http://codereview.chromium.org/8334028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9880 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-04 12:19:35 +00:00
mstarzinger@chromium.org
0bbfb46aa6 Fix Harmony sets and maps to allow undefined as keys.
This uses a global sentinel as a replacement for undefined keys, which
are not supported internally but required for Harmony sets and maps.

R=rossberg@chromium.org
BUG=v8:1622
TEST=mjsunit/harmony/collections

Review URL: http://codereview.chromium.org/8439069

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9873 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-03 14:33:58 +00:00
mstarzinger@chromium.org
79cadcc947 Fix Harmony sets and maps to allow null as key.
This changes the internal convention for marking deleted entries in hash
tables from null_value to the_hole_value, which is consistent with other
usages of the_hole.

R=rossberg@chromium.org,kmillikin@chromium.org
BUG=v8:1622
TEST=mjsunit/harmony/collections

Review URL: http://codereview.chromium.org/8343056

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9871 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-03 14:17:05 +00:00
keuchel@chromium.org
80d1b898fb Fix gcc-4.6 warnings.
BUG=v8:1806

Review URL: http://codereview.chromium.org/8386072

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-03 08:59:01 +00:00
lrn@chromium.org
65b9ab93af Merged Scanner and JavaScriptScanner.
JavaScriptScanner had become the only concrete subclass of Scanner, so there
was no longer a need for the distinction.

Also fixed up comments.

Review URL: http://codereview.chromium.org/8384003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9854 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-01 07:47:15 +00:00
danno@chromium.org
0766a138a6 Add and use ElementsKind side effect
Also partition side effects into observable and not observable, with only observable requiring Simulates and non-observable changes able to participate in GVN and code hoisting.

BUG=none
TEST=none

Review URL: http://codereview.chromium.org/8380017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9847 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-31 14:15:10 +00:00
mstarzinger@chromium.org
358d7c2078 Adapt date test to be timezone independant.
R=yangguo@chromium.org
BUG=v8:1792
TEST=mjsunit/date

Review URL: http://codereview.chromium.org/8423004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9842 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-31 11:15:23 +00:00
lrn@chromium.org
30465596e6 Make eval consider anything on the form eval(args...) a potential direct cal
Previously we omitted all cases where the global eval property was shadowed,
even if by a variable holding the same value. ES5 requires us to treat these
as direct calls.

We still throw if calling indirect eval with a detached global object.

BUG=v8:994
TEST=mjsunit/eval.js

Review URL: http://codereview.chromium.org/8343054

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9838 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-31 09:38:52 +00:00
mstarzinger@chromium.org
00bafbbc9d Mark Test262 test cases for known issue 1772.
R=svenpanne@chromium.org
BUG=v8:1772
TEST=test262

Review URL: http://codereview.chromium.org/8341111

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9836 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-28 13:03:55 +00:00
danno@chromium.org
6d7d6d4e4e Force transition to FAST_ELEMENTS on out-of-bounds KeyedLoads.
Proactively ensure that that objects don't get FAST_DOUBLE_ELEMENTS to reduce the number of double boxing operations when generated code calls the runtime frequently to satisfy KeyedLoad requests.

Review URL: http://codereview.chromium.org/8416014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9833 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-28 10:35:38 +00:00
mstarzinger@chromium.org
6d950a748f Fix assertSame for unit testing harness.
Using isNaN() here is bogus because it performs an implicit toNumber()
conversion, hence something like assertSame(undefined, {}) would not
throw an exception. These are not the NaNs you are looking for.

R=rossberg@chromium.org
TEST=mjsunit

Review URL: http://codereview.chromium.org/8400056

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-28 09:09:51 +00:00
mstarzinger@chromium.org
cd9bc6c3a6 Fix error handling in Date.prototype.toISOString.
This fixes Date.prototyoe.toISOString to throw a RangeError exception
for invalid time values. It also includes a fix to removes the arbitrary
(and completely bogus) range limit on the date value during construction
of a Date object. Note that we still have bogus range limits on the year
and month values.

R=lrn@chromium.org
BUG=v8:1792
TEST=mjsunit/date,test262/15.9.5.43-0-*

Review URL: http://codereview.chromium.org/8392036

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9829 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-28 08:45:04 +00:00
fschneider@chromium.org
a5b40e27b8 Revert r9805.
It did not fix the original problem, but instead introduced new ones.

R=vegorov@chromium.org
Review URL: http://codereview.chromium.org/8404037

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9817 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-27 12:12:53 +00:00
mstarzinger@chromium.org
973383f4e9 Mark Test262 test cases for known issue 1790.
R=lrn@chromium.org
BUG=v8:1790
TEST=test262/15.4.4.22-9-9

Review URL: http://codereview.chromium.org/8396042

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9811 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-27 07:50:40 +00:00
ricow@chromium.org
d9597f0086 Skip live edit debug tests, these are flaky because in the case of osr we will get wrong frame heights.
Review URL: http://codereview.chromium.org/8401029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9808 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-27 07:10:25 +00:00
lrn@chromium.org
a9edfefa58 Remove special-casing of calls to RegExp test and exec methods with no argument.
Matches new JSC behavior. Fix issue 75740.

BUG=75740
TEST=mjsunit/regexp-static

Review URL: http://codereview.chromium.org/6677020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9804 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-26 12:51:07 +00:00
mstarzinger@chromium.org
d0ce626477 Fix identity hash code function to respect flag.
The flag passed to JSObject::GetIdentityHash() was not respected so far
and an indentity hash code was generated even when the flag requested
not to do so. This could lead to a rare corner cases (for which a test
case was added) where a GC request would have been dropped.

R=rossberg@chromium.org
TEST=cctest/test-dictionary

Review URL: http://codereview.chromium.org/8390047

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9801 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-26 12:23:40 +00:00
mstarzinger@chromium.org
5a33ffd7e8 Fix Error.prototype.toString to be ES5 conform.
R=lrn@chromium.org
TEST=test262/15.11.4.4-8-1,mjsunit/error-tostring

Review URL: http://codereview.chromium.org/8341021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9790 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-26 10:41:52 +00:00
fschneider@chromium.org
2d4bb1803d Fix bug in inlining call-as-function when inlining multiple levels deep.
This change fixes a off-by-one level error when dropping the
function from the environment. The function of the outermost
environment was not dropped.

BUG=v8:1785
TEST=test/mjsunit/compiler/regress-inline-callfunctionstub.js
Review URL: http://codereview.chromium.org/8341019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9789 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-26 10:31:06 +00:00
rossberg@chromium.org
f7d56eb602 Handle proxies in KeyedStoreIC::Store, instead of just ignoring them.
R=mstarzinger@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/8391005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9787 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-26 09:31:40 +00:00
fschneider@chromium.org
f8f8c672b6 Temporarily skip failing test to make sure builders cycle green.
R=mstarzinger@chromium.org
Review URL: http://codereview.chromium.org/8393005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9779 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-25 16:11:53 +00:00
vegorov@chromium.org
f8c2d3847f Take loop side-effects into account when collecting side-effects on the path between two blocks.
R=fschneider@chromium.org
BUG=100409
TEST=test/mjsunit/regress/regress-100409.js

Review URL: http://codereview.chromium.org/8395002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9778 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-25 15:39:55 +00:00
mstarzinger@chromium.org
622d35dc0e Implement Harmony sets and maps.
This implementation extends the internal ObjectHashTable to be able to
hold arbitrary objects (e.g. Smis, Strings, ...) as keys by applying
specialized hashing functions to primitive types. Equality of keys is
defined using the internal SameValue function.

R=rossberg@chromium.org
BUG=v8:1622
TEST=mjsunit/harmony/collections

Review URL: http://codereview.chromium.org/8372027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9777 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-25 14:14:56 +00:00
keuchel@chromium.org
e8bccc2cb0 Block scoped const variables.
This implements block scoped 'const' declared variables in harmony mode. They
have a temporal dead zone semantics similar to 'let' bindings, i.e. accessing
uninitialized 'const' bindings in throws a ReferenceError.

As for 'let' bindings, the semantics of 'const' bindings in global scope is not
correctly implemented yet. Furthermore assignments to 'const's are silently
ignored. Another CL will introduce treatment of those assignments as early
errors.

Review URL: http://codereview.chromium.org/7992005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9764 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-25 08:33:08 +00:00
rossberg@chromium.org
46dde044de Adapt to latest spec changes for Proxy.create[Function].
R=mstarzinger@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8271005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9761 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-24 16:25:30 +00:00
rossberg@chromium.org
70dc2fe968 Implement for-in loop for proxies.
Fix related corner case for Object.keys.
Remove obsolete GET_KEYS builtin.

R=ricow@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8256015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9760 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-24 15:56:18 +00:00
yangguo@chromium.org
f92da58e13 Handle COW-arrays correctly when converting smi->double fast elements.
TEST=mjsunit/elements-transition.js

Review URL: http://codereview.chromium.org/8383002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9759 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-24 15:06:20 +00:00
fschneider@chromium.org
53e7502fa0 Fix bug in environment simulation after inlined call-as-function.
This change is based on my previous change enabling inlining calls-as-function
fixing the bugs related to deoptimization.

The function value on top of the environment was dropped too late in the old code.
As a result we could get a wrong value on top after deoptimization.

This change includes r9619. It was reverted because of test failures that are fixed
with this patch.
Review URL: http://codereview.chromium.org/8360001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9758 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-24 13:53:08 +00:00
keuchel@chromium.org
c6464d500b Replace boolean indications of strict mode by an enum value.
Review URL: http://codereview.chromium.org/8344082

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-24 07:47:22 +00:00
mikhail.naganov@gmail.com
fa0d4ecf43 The detailed heap snapshot generator was slightly adjusted for tracking sliced strings.
BUG=v8:1779
TEST=cctest/test-heap-profiler/HeapSnapshotSlicedString

Review URL: http://codereview.chromium.org/8362028
Patch from Ilya Tikhonovsky <loislo@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9742 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-21 13:05:37 +00:00
keuchel@chromium.org
666c4be29f Reapply r9673 "Scope tree serialization and ScopeIterator cleanup."
This also includes the two fixes from r9674 and r9675. Here's the diff
to the previous CL.

 --- a/src/runtime.cc
 +++ b/src/runtime.cc
 @@ -11133,17 +11133,26 @@ class ScopeIterator {
        context_(Context::cast(frame->context())),
        nested_scope_chain_(4) {

 +    // Catch the case when the debugger stops in an internal function.
 +    Handle<SharedFunctionInfo> shared_info(function_->shared());
 +    if (shared_info->script() == isolate->heap()->undefined_value()) {
 +      if (shared_info->scope_info()->HasContext()) Next();
 +      return;
 +    }
 +
      // Check whether we are in global code or function code. If there is a stack
      // slot for .result then this function has been created for evaluating
      // global code and it is not a real function.
      // Checking for the existence of .result seems fragile, but the scope info
      // saved with the code object does not otherwise have that information.
 -    int index = function_->shared()->scope_info()->
 +    int index = shared_info->scope_info()->
          StackSlotIndex(isolate_->heap()->result_symbol());

      // Reparse the code and analyze the scopes.
      ZoneScope zone_scope(isolate, DELETE_ON_EXIT);
 -    Handle<SharedFunctionInfo> shared_info(function_->shared());
      Handle<Script> script(Script::cast(shared_info->script()));
      Scope* scope;
      if (index >= 0) {

Review URL: http://codereview.chromium.org/8344046

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9734 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-21 10:26:59 +00:00
kmillikin@chromium.org
e3792a6830 Handlify the stub cache lookup and patching for CallIC and KeyedCallIC.
R=ulan@chromium.org,vegorov@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8357010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9729 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 17:08:53 +00:00
lrn@chromium.org
a47caee095 Make builtin functions be skipped in stack traces.
Does include exposed builtin functions ("native functions").

Review URL: http://codereview.chromium.org/8345039

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 12:31:33 +00:00
erik.corry@gmail.com
8f9721bbbf Shave 39% from snapshot size.
Review URL: http://codereview.chromium.org/8344079

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9722 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 12:27:10 +00:00
mstarzinger@chromium.org
d107773867 Adapt sputnik test expectations to last change.
The version of Sputnik which we test against uses the obsolete ES3
specification when it comes to Function.prototype.apply, ignore some
test cases that are supposed to fail according to ES5.

TBR=rossberg@chromium.org
TEST=sputnik

Review URL: http://codereview.chromium.org/8355005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 15:34:32 +00:00
mstarzinger@chromium.org
67c9a03922 Fix handling Function.apply for non-array arguments.
R=rossberg@chromium.org
TEST=mjsunit/apply,test262

Review URL: http://codereview.chromium.org/8342034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 13:56:18 +00:00
sgjesse@chromium.org
663bc0fb78 Temporarily skip asserts in test mjsunit/debug-step-3.js until issue is resolved
R=kmillikin@chromium.org

BUG=v8:1782
TEST=mjsunit/debug-step-3.js

Review URL: http://codereview.chromium.org//8356001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 13:47:53 +00:00
mstarzinger@chromium.org
6742176949 Fix Array.filter to use internal array for result.
In built-in code we use arrays for internal computations. This makes it
possible to affect the built-in code by putting getters or setters on
the array prototype chain. Using internal arrays prevents those issues.

Related to: http://code.google.com/p/v8/source/detail?r=7040

R=svenpanne@chromium.org
TEST=test262/15.4.4.20-9-b-6

Review URL: http://codereview.chromium.org/8353006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9707 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 13:44:29 +00:00
jkummerow@chromium.org
439e4600df Adjust elements-kind.js expectation when --smi-only-arrays is off
TEST=mjsunit/elements-kind passes both with and without --smi-only-arrays flag

Review URL: http://codereview.chromium.org/8356002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:44:50 +00:00
yangguo@chromium.org
372c16161c Optimize fast element conversion in arm using batch store/loads.
Review URL: http://codereview.chromium.org/8353002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:15:15 +00:00
keuchel@chromium.org
17cc6d313f Revert 9673, 9674 and 9675 because of failing webkit tests.
This reverts commits
r9673: "Scope tree serialization and ScopeIterator cleanup."
r9674: "Use OS::SNPrintF instead of snprintf."
r9675: "Use int instead of size_t, StrLength instead of strlen."

Review URL: http://codereview.chromium.org/8353003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9703 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:15:02 +00:00
jkummerow@chromium.org
3a9d6c04ba Introduce HTransitionElementsKind instruction.
TEST=mjsunit/elements-kind

Review URL: http://codereview.chromium.org/8305001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9702 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:10:18 +00:00
danno@chromium.org
e5f23399b4 Support array literals with FAST_DOUBLE_ELEMENTS ElementsKind.
BUG=none
TEST=test/mjsunit/array-literal.js

Review URL: http://codereview.chromium.org/8258015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9698 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 11:36:55 +00:00
svenpanne@chromium.org
d0fe04447e Fixed evaluation order issue in defineProperties.
This is not covered by test262 yet, but it really makes sense and matches Firefox's behaviour.

TEST=mjsunit/define-properties.js
Review URL: http://codereview.chromium.org/8349031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9694 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:52:08 +00:00
mstarzinger@chromium.org
b3eba9e764 Fix handling of non-object receivers for array builtins.
R=svenpanne@chromium.org
BUG=chromium:100702
TEST=mjsunit/regress/regress-100702

Review URL: http://codereview.chromium.org/8347034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:24:37 +00:00
mstarzinger@chromium.org
8b181d4de6 Fix updating of property attributes for elements.
This fixes updating of property attributes for data elements when
attributes are already present on a dictionary element but get removed
by a subsequent redefinition of that element.

R=rossberg@chromium.org
BUG=v8:1772
TEST=test262/15.2.3.6-4-82-18

Review URL: http://codereview.chromium.org/8337017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:06:15 +00:00
yangguo@chromium.org
8472de004b Porting r9605 to arm (elements kind conversion in generated code).
Review URL: http://codereview.chromium.org/8329022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9690 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:04:35 +00:00
svenpanne@chromium.org
140ae348d2 Recognize special comparisons via pattern matching on the hydrogen graph, 2nd attempt.
This time, we initially leave the HTypeof instruction in the Hydrogen graph,
even for the special cases. We later try to remove this instruction (and any
HConstant) in the canonicalization pass, if possible. Always removing the
HTypeof during the initial graph construction is wrong if e.g. it is used in an
HSimulate.

The removals can be generalized a bit, but this will happen in a separate CL.

TEST=mjsunit/optimized-typeof.js
Review URL: http://codereview.chromium.org/8334021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 07:35:30 +00:00
mstarzinger@chromium.org
c4d25c8f37 Fix updating of property attributes for elements.
This fixes updating of property attributes for getters and setters on
dictionary elements while redefining. This just updates the property
details on the existing element.

R=rossberg@chromium.org
BUG=v8:1772
TEST=test262

Review URL: http://codereview.chromium.org/8337013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 13:49:19 +00:00
sgjesse@chromium.org
a58c963c67 Reapply "Support for precise stepping in functions compiled before debugging was started (step 2)"
This is reapplying r9501 with this single change which seemed to be causing most (all) of the failures for r9501.

--- a/src/debug.cc
+++ b/src/debug.cc
@@ -2230,6 +2230,7 @@ Debugger::Debugger(Isolate* isolate)
       compiling_natives_(false),
       is_loading_debugger_(false),
       never_unload_debugger_(false),
+      force_debugger_active_(true),
       message_handler_(NULL),
       debugger_unload_pending_(false),
       host_dispatch_handler_(NULL),

R=kmillikin@chromium.org

BUG=
TEST=

Review URL: http://codereview.chromium.org//8337009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 13:40:33 +00:00
lrn@chromium.org
cefbb1e7f8 Make bound functions have poisoned .caller and .arguments.
Also makes func.caller return null if the caller is a bound function,
matching JSC.
Fix bug preventing poisoned setters from triggering.

TEST=mjsunit/function-bind, mjsunit/strict-mode

Review URL: http://codereview.chromium.org/8333019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:26:53 +00:00
keuchel@chromium.org
96a2c24a16 Use int instead of size_t, StrLength instead of strlen.
Review URL: http://codereview.chromium.org/8339013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 10:08:33 +00:00
keuchel@chromium.org
69afd18e56 Use OS::SNPrintF instead of snprintf.
Review URL: http://codereview.chromium.org/8339011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9674 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 09:48:13 +00:00
keuchel@chromium.org
4e5643a648 Scope tree serialization and ScopeIterator cleanup.
The intention is to store enough scope information for the debugger to
handle stack allocation of block scoped variables introduced by
http://codereview.chromium.org/7860045/ .

This CL is based on
http://codereview.chromium.org/7904008/ .

Review URL: http://codereview.chromium.org/7979001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 08:46:46 +00:00
yangguo@chromium.org
d7f3985e33 Rolling back r9662.
Review URL: http://codereview.chromium.org/8321001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 13:39:56 +00:00
mstarzinger@chromium.org
18125191ce Mark Test262 test cases for known issue 893.
R=lrn@chromium.org
BUG=v8:893
TEST=test262

Review URL: http://codereview.chromium.org/8320001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9663 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:58:32 +00:00
yangguo@chromium.org
d2434953e2 Changes around ascii-check for strings wrt external strings.
Review URL: http://codereview.chromium.org/8312015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9662 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:49:34 +00:00
erikcorry
dac0b853e1 Improve speed of Utf8Write by always flattening the string first and
detecting the ASCII case.  Also rewrite Utf8Length to work on an
unflattened string.  Bug: http://code.google.com/p/v8/issues/detail?id=1665
Review URL: http://codereview.chromium.org/8304021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9661 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:48:31 +00:00
lrn@chromium.org
2bbf3bbee7 Make native syntax an early error in the preparser.
Previously the preparser always accepted natives syntax and let the
real parser throw the syntax error. In ES5, it should be an early error,
so the preparser must catch the error.
The perparser library does not expose parsing for natives syntax, it's
only used internally.

Review URL: http://codereview.chromium.org/8306024

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:45:52 +00:00
lrn@chromium.org
5152d2e0da Reimplement Function.prototype.bind.
Make instanceof work correctly.

BUG=v8:893

Review URL: http://codereview.chromium.org/8199004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:44:16 +00:00
keuchel@chromium.org
6f4e70a1dc Let bound iteration variables in for-loops
TEST=mjsunit/harmony/block-for.js

Review URL: http://codereview.chromium.org/7837028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9658 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:19:06 +00:00
keuchel@chromium.org
f93c69308f Disallow function declarations in statement positions in harmony mode.
Review URL: http://codereview.chromium.org/8306025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9657 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 11:59:08 +00:00
yangguo@chromium.org
92fdeff125 Porting r9605 to x64 (elements kind conversion in generated code).
Review URL: http://codereview.chromium.org/8271007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 10:44:47 +00:00
lrn@chromium.org
50ef25e0f3 Remove redundant allow-natives flag from CompilationInfo.
Just use script being native and FLAG_allow_natives_syntax directly.

Review URL: http://codereview.chromium.org/8314018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 09:02:26 +00:00
mstarzinger@chromium.org
ac712f13c3 Fix evaluation order of GT and LTE operators.
According to the ES5 spec all ">" and "<=" expressions should be be
evaluated left-to-right. This obsoletes old hacks for reversing the
order to be ES3 compliant.

R=lrn@chromium.org
BUG=v8:1752

Review URL: http://codereview.chromium.org/8275035

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9641 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 07:43:40 +00:00
ricow@chromium.org
fe74726099 Remove timeout test expectation for OutOfMemoryNested
This has already been fixed, we not actually use the constraints.
Review URL: http://codereview.chromium.org/8276029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9620 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 09:10:29 +00:00
rossberg@chromium.org
4753976194 Fix handling of this in direct calls to function proxies.
Fix & tweak some proxy-related error messages.

R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/8229008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9613 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-13 15:55:57 +00:00
yangguo@chromium.org
00a5287d2f Fixing test failures in arm and x64 due to missing implementation introduced in r9605.
Review URL: http://codereview.chromium.org/8261007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9608 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-13 12:03:33 +00:00
yangguo@chromium.org
fae807b3bb Elements kind conversion in generated code (ia32).
BUG=
TEST=

Review URL: http://codereview.chromium.org/8241003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9605 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-13 10:53:31 +00:00
mstarzinger@chromium.org
d32c330ecf Fix special handling of DefineOwnProperty on arrays.
According to the ES5 spec the implementation of DefineOwnProperty() has
to special case handling of arrays. This is a preliminary implementation
correctly handling definition of array index properties, defining length
properties is not completely covered yet.

R=rossberg@chromium.org
TEST=test262

Review URL: http://codereview.chromium.org/8221002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-12 14:47:13 +00:00
rossberg@chromium.org
1abf3ed0a4 Introduce collective --harmony flag.
Shorten --harmony-block-scoping to --harmony-scoping.

R=keuchel@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8226017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9589 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-12 12:23:06 +00:00
jkummerow@chromium.org
ddacdf847b Make elements_kind map transition test conditional on smi element support
TEST=mjsunit/element-kind passes even without --smi-only-arrays

Review URL: http://codereview.chromium.org/8230008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9578 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 10:02:42 +00:00
jkummerow@chromium.org
184fdcf28b Track elements_kind transitions in KeyedStoreICs.
Review URL: http://codereview.chromium.org/8166017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9577 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 09:33:00 +00:00
yangguo@chromium.org
3249530ef0 Fixing issue 1757 (string slices of external strings).
BUG=v8:1757
TEST=regress-1757.js

Review URL: http://codereview.chromium.org/8217011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9573 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-10 16:09:03 +00:00
kmillikin@chromium.org
fa18fdb206 Add a regression test for an already fixed issue.
Add a regression test for Chromium issue 99167.

R=vegorov@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8222002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9562 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-10 10:46:27 +00:00
rossberg@chromium.org
357b45dea5 Tests for evil side-effects during 'internal methods'.
R=kmillikin@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8200002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9558 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-10 09:59:03 +00:00
rossberg@chromium.org
8898b97dc4 Separate tests specific to function proxies in a separate file.
R=mstarzinger@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8218003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-10 08:58:44 +00:00
mstarzinger@chromium.org
e340163301 Fixed status file of es5conform test suite.
R=erik.corry@gmail.com
TEST=es5conform

Review URL: http://codereview.chromium.org/8202005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9552 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-07 15:02:42 +00:00
erik.corry@gmail.com
338ab857b9 Remove a static initializer that could potentially slow down startup time.
BUG=1753
Review URL: http://codereview.chromium.org/8198005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9551 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-07 14:41:08 +00:00
mstarzinger@chromium.org
cd6a982b52 Fix string whitespace trimming of byte order marks.
R=rossberg@chromium.org
TEST=test262

Review URL: http://codereview.chromium.org/8195006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9550 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-07 14:33:46 +00:00
mstarzinger@chromium.org
e699434266 Fix some array functions to behave as specified.
This fixes the handling of primitives and the order of how side effects
are visible in some array functions as specified by the ES5.

R=rossberg@chromium.org
TEST=test262

Review URL: http://codereview.chromium.org/8197002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9549 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-07 14:07:33 +00:00
mstarzinger@chromium.org
213bac1fd2 Update test harness and status file for Test262.
R=rossberg@chromium.org
TEST=test262

Review URL: http://codereview.chromium.org/8171005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9543 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-07 07:30:45 +00:00
keuchel@chromium.org
80048c14b1 Fix load of potentially eval-shadowed let bindings.
BUG=
TEST=test/mjsunit/harmony/block-let-semantics.js

Review URL: http://codereview.chromium.org/8118032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9541 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-06 15:24:20 +00:00
kmillikin@chromium.org
1f12cc4099 Simplify calling generated code from the runtime.
Instead of expecting Object** arrays at the outermost level, expect
Handle<Object> arrays and reinterpret_cast them only just before invoking
the generated code.

R=rossberg@chromium.org,fschneider@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8133020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9537 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-06 09:31:38 +00:00
rossberg@chromium.org
ebf6cb7150 Use correct trap for lookup in prototype proxy.
R=kmillikin@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8133023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9535 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-06 08:42:10 +00:00
lrn@chromium.org
ebc0f85e40 Revert "Added ability to lock strings to prevent their representation or encoding from changing."
This reverts r9424.

Review URL: http://codereview.chromium.org/8143018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9529 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-05 11:09:34 +00:00
lrn@chromium.org
5f353a81ef Fix sputnik test expectations to no longer expect the wrong behavior.
Review URL: http://codereview.chromium.org/8139023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9520 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-05 08:11:53 +00:00
lrn@chromium.org
9f73eed45f Fix issue 1361 - Implement ES5 Array.prototype.toString.
BUG=v8:1361
TEST=mjsunit/array-tostring

Review URL: http://codereview.chromium.org/8124025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-05 07:08:23 +00:00
mstarzinger@chromium.org
9f06a99592 Fix compilation error and add missing file to GYP.
R=ricow@chromium.org

Review URL: http://codereview.chromium.org/8136004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9518 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-04 16:32:34 +00:00
mstarzinger@chromium.org
c034518442 Fix preparation for sorting of external arrays.
R=rossberg@chromium.org
BUG=98773
TEST=mjsunit/regress/regress-98773

Review URL: http://codereview.chromium.org/8122020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9516 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-04 13:49:50 +00:00
fschneider@chromium.org
976d5f3797 Clean list of external references from internal objects like the hole value.
Review URL: http://codereview.chromium.org/8114032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-04 09:07:50 +00:00
lrn@chromium.org
4750f0c3cd Fix issue 1415 - allow surrogate pair codes in decodeURIComponent.
Also some cleanup of uri.js.

BUG=v8:1415
TEST=mjsunit/regress/regress-1415

Review URL: http://codereview.chromium.org/8118004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-04 07:15:07 +00:00
mikhail.naganov@gmail.com
3e4b4a6a86 Fix incorrect function name inference in case of assignment / global assignment.
R=kmillikin@chromium.org
BUG=v8:1732
TEST=test-func-name-inference/GlobalAssignmentAndCall,AssignmentAndCall

Review URL: http://codereview.chromium.org/8112007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9508 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-03 19:18:05 +00:00
kmillikin@chromium.org
a4e0103708 Clean up the x86 assembler API.
The API is inconsistent about when a register must be coerced to an operand
and when it can be used as a register.  Simplify usage by never requiring it
to be wrapped.

R=fschneider@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/8086021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9507 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-03 11:44:39 +00:00
lrn@chromium.org
4b385d7e8e Fix bug in x64 RegExp detecting start of string.
Also add missing MIPS case in regexp tracer.

Fixes issues v8:1748 and v8:1746

BUG=v8:1748, v8:1746
TEST=mjsunit/regress/regress-1748.js

Review URL: http://codereview.chromium.org/8116001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9504 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-03 10:31:01 +00:00
lrn@chromium.org
165e105ec9 Check enumerability of array indices correctly in propertyIsEnumerable.
Fix issue 1692.

BUG=v8:1692
TEST=mjsunit/regress/regress-1692

Review URL: http://codereview.chromium.org/8113001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9503 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-03 09:15:58 +00:00
sgjesse@chromium.org
08a85de703 Revert "Support for precise stepping in functions compiled before debugging was started (step 2)"
TBR=kmillikin@chromium.org

BUG=
TEST=

Review URL: http://codereview.chromium.org//8101011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9502 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-01 08:47:12 +00:00
sgjesse@chromium.org
b2ebc91f5c Reapply "Support for precise stepping in functions compiled before debugging was started (step 2)"
This is to get a clean run in the buildbot.

TBR=kmillikin@chromium.org

BUG=
TEST=

Review URL: http://codereview.chromium.org//8098020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9501 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-01 05:39:14 +00:00
sgjesse@chromium.org
083275715a Revert "Support for precise stepping in functions compiled before debugging was started (step 2)"
This reverts commits r9499, r9497 and r9489.

Then changed caused a number of failures.

TBR=kmillikin@chromium.org

BUG=
TEST=

Review URL: http://codereview.chromium.org//8086020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9500 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-30 13:27:38 +00:00
sgjesse@chromium.org
de7b222e36 Support for precise stepping in functions compiled before debugging was started (step 2)
This change will ensure that full code with debug break slots is compiled and activated for all functions which already have activation frames.

This additional handling is only for functions which have activations on the stack, and that activation is of the full code compiled without debug break slots. In that case the full code is recompiled with debug break slots. It is ensured that the full code is compiled generating the exact same instructions - except for the additional debug break slots - as before. The return address on the stack is then patched to continue execution in the new code.

Also fixed SortedListBSearch to actually use the passed comparision function.

R=svenpanne@chromium.org, kmillikin@chromium.org

BUG=
TEST=

Review URL: http://codereview.chromium.org//8050010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9489 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-30 08:39:56 +00:00
yangguo@chromium.org
008f7ab302 Enable --smi-only-arrays flag in test case for no-snapshot build.
TEST=element-kind.js

Review URL: http://codereview.chromium.org/8077008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9485 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-29 14:00:53 +00:00
vegorov@chromium.org
3e9891c1d0 Enable code flushing for full (non-incremental) collections.
This will ensure that we will flush code when we hit memory limits.

R=erik.corry@gmail.com
BUG=v8:1609

Review URL: http://codereview.chromium.org/8060053

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9484 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-29 13:51:47 +00:00
vegorov@chromium.org
1a0423b54f Fix leakage of virtual address space on Linux platform.
Ensure that unmap return values are checked in debug mode.

R=erik.corry@gmail.com
BUG=v8:1701

Review URL: http://codereview.chromium.org/8060052

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9480 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-29 12:23:05 +00:00
yangguo@chromium.org
589ce7561a Fixing test case from r9469.
Review URL: http://codereview.chromium.org/8038046

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-28 14:26:23 +00:00
erik.corry@gmail.com
4d062f6ea5 Disable array-join test. We know it is flaky and it is
making it hard to see other failures on the build bot.
Review URL: http://codereview.chromium.org/8036018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9470 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-28 13:29:00 +00:00
yangguo@chromium.org
fd575f7177 Fixed deadlock in the debugger agent in Windows.
BUG=v8:1723
TEST=cctest test-debug/DebuggerAgent

Review URL: http://codereview.chromium.org/8069002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9469 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-28 13:27:20 +00:00
jkummerow@chromium.org
8e5db73e7d Add /bigobj parameter to cctest to make MSVS happy.
TEST=MSVS 2008 compiles cctest without warnings/errors.

Review URL: http://codereview.chromium.org/8052031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9458 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-28 09:13:30 +00:00
ricow@chromium.org
7810ff70f6 Make sure that we can't access hidden properties by installing accessors on Object.prototype.
BUG:chromium:97784
TEST=cctest/test-api
Review URL: http://codereview.chromium.org/8041020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 16:54:50 +00:00
ulan@chromium.org
16ae2551ae Search prototypes for accessor setters if interceptor returns empty value.
Extract the part of SetPropertyForResult that searches the prototype chain
for accessor setters into a separate function SetPropertyInPrototypes.
Call this function in SetPropertyPostInterceptor.

This should fix both optimized and unoptimized cases because
the cache stub for storing with interceptor calls the runtime system.

BUG=v8:1636

TEST=cctest/test-api.cc/EmptyInterceptorDoesNotShadowAccessors

Review URL: http://codereview.chromium.org/7991007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 14:54:57 +00:00
mikhail.naganov@gmail.com
c05354ecc4 Add v8::HeapGraphNode::GetHeapValue method.
This allows getting a heap object by a heap snapshot node for further
inspection. Very useful for objects from bindings that mostly have
getter-provided fields.

R=vegorov@google.com
BUG=webkit/61179
TEST=test-heap-profiler/GetHeapValue,GetHeapValueForDeletedObject

Review URL: http://codereview.chromium.org/8046006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9430 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 14:38:29 +00:00
jkummerow@chromium.org
0455aadbeb Add Crankshaft support for smi-only elements
Review URL: http://codereview.chromium.org/8002019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9426 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 12:09:04 +00:00
vegorov@chromium.org
6dee868e03 Enable compaction, disable code-compaction.
Enable array-join test again.

R=erik.corry@gmail.com

Review URL: http://codereview.chromium.org/8043022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9425 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 11:46:16 +00:00
lrn@chromium.org
172c27a6ba Added ability to lock strings to prevent their representation or encoding from changing.
Use string locking to ensure consistent representation of source string during JSON parsing.

Review URL: http://codereview.chromium.org/7977001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9424 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 11:14:41 +00:00
lrn@chromium.org
b9d39c48b8 Make the RegExp.prototype object be a RegExp object.
BUG=v8:1217
TEST=mjsunit/regress/regress-1217

Review URL: http://codereview.chromium.org/8041015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9419 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 08:42:01 +00:00
yangguo@chromium.org
65b1ea22fe Porting r9392 to x64 (smi-only arrays).
Review URL: http://codereview.chromium.org/7992003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9416 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-23 14:19:04 +00:00
rossberg@chromium.org
3df2602037 Handle function proxies as getters/setters.
R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7849021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9407 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 17:12:41 +00:00
ricow@chromium.org
e4c90dc958 GC Cleanup + Set max old generation size to 700MB on ia32 and max executable size to 128 MB (on ia32)
Review URL: http://codereview.chromium.org/7993003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9406 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 17:10:40 +00:00
mstarzinger@chromium.org
7414229602 Fix compilation of GrowAndShrinkNewSpace on Mac.
R=jkummerow@chromium.org
BUG=v8:1707
TEST=cctest/test-heap/GrowAndShrinkNewSpace

Review URL: http://codereview.chromium.org/7989009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9405 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 16:40:07 +00:00
keuchel@chromium.org
ad9290a6ae Disallow strict mode FutureReservedWords as break/continue labels in strict mode
TEST=preparser/strict-identifiers.pyt

Review URL: http://codereview.chromium.org/7987002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9404 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 16:38:28 +00:00
vegorov@chromium.org
bfd048173f Notify collector about lazily deoptimized code objects.
All slots that were recorded on these objects during incremental marking should be ignored as they are no longer valid.

To filter such invalidated slots out during slots buffers iteration we set all markbits under the invalidated code object to 1 after the code space was swept and before slots buffers are processed.

R=erik.corry@gmail.com
BUG=v8:1713
TEST=test/mjsunit/regress/regress-1713.js

Review URL: http://codereview.chromium.org/7983045

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9402 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 16:01:35 +00:00
yangguo@chromium.org
7ab81a14fa Reverting r9399.
Review URL: http://codereview.chromium.org/7989007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9401 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 15:55:44 +00:00
yangguo@chromium.org
0c6863a1ef Set RegExp's prototype to RegExp as specified by ES5.
BUG=v8:1217
TEST=regress-1217.js

Review URL: http://codereview.chromium.org/7995005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9399 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 15:11:12 +00:00
mstarzinger@chromium.org
190d8d671d Cleanup and enable GrowAndShrinkNewSpace test case.
R=svenpanne@chromium.org
BUG=v8:1707
TEST=cctest/test-heap/GrowAndShrinkNewSpace

Review URL: http://codereview.chromium.org/7995004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9398 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 14:50:20 +00:00
rossberg@chromium.org
d938560d59 Implement identity hashes for proxies.
R=mstarzinger@chromium.org
BUG=v8:1543,v8:1565
TEST=

Review URL: http://codereview.chromium.org/7754015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 13:54:53 +00:00
fschneider@chromium.org
fd71ed8d36 Temporarily mark a test as timing out until the problem is found.
Review URL: http://codereview.chromium.org/7989003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9395 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 13:19:19 +00:00
mstarzinger@chromium.org
873e4980db Fix transferal of marking bits on array trimming.
R=vegorov@chromium.org
BUG=v8:1708
TEST=mjsunit/regress/regress-1708

Review URL: http://codereview.chromium.org/7979038

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9394 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 13:03:22 +00:00
danno@chromium.org
f48c9f6557 Basic support for tracking smi-only arrays on ia32.
Activated by the flag --smi-only-arrays

Currently not crankshaft support, using flag on non-ia32 platforms will lead to write barrier misses and crashes.

BUG=none
TEST=elements_kind.js

Review URL: http://codereview.chromium.org/7901016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9392 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 11:30:04 +00:00
rossberg@chromium.org
e04d0b23a8 Make integer indexed properties ("elements") work for proxies.
Rehome some Object/JSReceiver/JSObject methods.

R=ricow@chromium.org,kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7795055

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9381 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 10:45:37 +00:00
yangguo@chromium.org
b7cac76bae Fixed string.split: always convert non-regexp separator to string.
BUG=v8:1711
TEST=mjsunit/regress/regress-1711.js

Review URL: http://codereview.chromium.org/7976046

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9371 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 08:18:58 +00:00
fschneider@chromium.org
ad5ed43c13 Fix broken Windows build.
Review URL: http://codereview.chromium.org/7983033

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9369 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-21 14:42:50 +00:00
fschneider@chromium.org
fdaadb78d6 Landing for miket@chromium.org: Add an optional source length field to the Extension constructor.
Original code review: http://codereview.chromium.org/7889046/
Review URL: http://codereview.chromium.org/7978028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9365 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-21 13:28:09 +00:00
rossberg@chromium.org
6c8472bd3a Fix and test use of property descriptor objects.
R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7828080

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9364 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-21 12:45:51 +00:00
keuchel@chromium.org
41eb990afe Fix pre-parsing function declarations.
The preparser has been out of sync with the parser. As a reminder, we have the
following grammer for harmony mode

 Block ::
   { SourceElement* }
 SourceElement ::
   Statement
   FunctionDeclaration
   LetDeclaration

instead of

 Block ::
   { Statement* }
 SourceElement ::
   Statement
   FunctionDeclaration

The extension to allow FunctionDeclarations in statement positions in
non-strict code is still active.

Review URL: http://codereview.chromium.org/7983006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-21 12:27:07 +00:00
rossberg@chromium.org
647ad8f500 Fix GC hazard.
R=jkummerow@chromium.org
BUG=v8:1698
TEST=

Review URL: http://codereview.chromium.org/7977021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-21 09:58:40 +00:00
erik.corry@gmail.com
14087f430d Disable some tests while we hunt for the reasons behind them.
Review URL: http://codereview.chromium.org/7978022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-21 07:25:33 +00:00
mstarzinger@chromium.org
3fabe323f2 Add kHeaderSize constant to SeqString.
This prevents potential misuse of SeqString::kHeaderSize as in the
case of live byte counting in incremental marking stub. All stubs
picked up the undefined size constant SeqString::kHeaderSize, thus
the computed size of all strings was off by two pointers slots.

R=lrn@chromium.org
BUG=v8:1672
TEST=mjsunit/object-seal.js,...

Review URL: http://codereview.chromium.org/7971009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9349 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 16:33:03 +00:00
mstarzinger@chromium.org
bffbcefffb Fix new space shrinking to compute correct capacity.
R=vegorov@chromium.org
BUG=v8:1702
TEST=cctest/test-heap/GrowAndShrinkNewSpace

Review URL: http://codereview.chromium.org/7983001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 15:35:36 +00:00
mstarzinger@chromium.org
86832d5924 Fix new space shrinking to reset from-space.
R=lrn@chromium.org
BUG=v8:1702
TEST=cctest/test-heap/GrowAndShrinkNewSpace

Review URL: http://codereview.chromium.org/7976003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9346 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 13:37:40 +00:00
lrn@chromium.org
610281f4ee Fix calculation of live-bytes in pages.
The "live bytes" count is *really* a "marked black" count - i.e., the count of bytes *known* to be live.

Fix aggravating bug on X64 where assembler code used a value that was off
by a factor of 2^31.

Ensure that sweeping clears live-bytes. Added other missing increments.

Added print statements to trace live-byte modifications, under a flag.

Still a few cases of undercounting left.

(New issue to merge from GC branch to bleeding_edge)

Review URL: http://codereview.chromium.org/7970009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 11:20:00 +00:00
fschneider@chromium.org
76c869434d Fix a bug with uninitialized const variables in the optimizing compiler.
We have to check for uninitialized uses before phi-elimination. Otherwise we
may miss such a use and result in using the hole value instead. This
causes a NULL-dereference or assertion failure.

BUG=96989
TEST=mjsunit/compiler/regress-96989.js
Review URL: http://codereview.chromium.org/7974009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9337 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 10:26:01 +00:00
yangguo@chromium.org
fdffe67205 Initialize pre-allocated fields of JSObject with undefined.
BUG=94873

Review URL: http://codereview.chromium.org/7929001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 10:06:23 +00:00
fschneider@chromium.org
403a022272 Skip crashing Harmony proxies unit test until underlying issue is fixed.
BUG=v8:1698
Review URL: http://codereview.chromium.org/7974006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9330 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 07:00:59 +00:00
vegorov@chromium.org
ac36cb4504 Merge experimental/gc branch to the bleeding_edge.
Review URL: http://codereview.chromium.org/7945009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9328 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-19 18:36:47 +00:00
rossberg@chromium.org
42f0a73a96 Make proxies work as prototypes.
Fix a couple of other proxy bugs along the way.
Refactor trap invocation in native code.

R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7799026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-16 13:38:30 +00:00
erik.corry@gmail.com
ff5e1c9822 Fix asserts and GC unsafeness in stub generation, bug=1689.
Review URL: http://codereview.chromium.org/7920006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-16 13:06:51 +00:00
rossberg@chromium.org
07469fa5ae Make function proxies work as constructors.
R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7628021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9310 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-16 12:26:29 +00:00
erik.corry@gmail.com
2517b0ef5d Fix some asserts in stub generation and file some bugs where
we appear to have valid asserts triggering.
Review URL: http://codereview.chromium.org/7908005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9305 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-15 19:24:04 +00:00
jkummerow@chromium.org
6cbf91039d Update mozilla test expectations (FAIL regress-103602)
TEST=mozilla tests are green

Review URL: http://codereview.chromium.org/7908002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9301 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-15 12:57:16 +00:00
yangguo@chromium.org
3439ab60f7 Correcting a bogus assert outdated since r9295.
Review URL: http://codereview.chromium.org/7909002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9300 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-15 12:47:06 +00:00
jkummerow@chromium.org
fcc2e65aad Change global const handling to silently ignore redeclarations
and make window.{Infinity,NaN,undefined} read-only as per ES5

BUG=89490
TEST=mjsunit/const-redecl.js, mjsunit/undeletable-functions.js, es5conform, sputnik

Review URL: http://codereview.chromium.org/7811015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-15 12:00:30 +00:00
yangguo@chromium.org
327eb48ce6 Enable slices of external strings (in the tentative implementation).
TEST=cctest test-strings/SliceFromExternal, mjsunit/string-slices.js

Review URL: http://codereview.chromium.org/7832002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9295 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-15 11:10:01 +00:00
fschneider@chromium.org
9e4663a8d9 Enable inlining of functions that reference context slots.
Review URL: http://codereview.chromium.org/7887038

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9294 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-15 10:57:47 +00:00
yangguo@chromium.org
48b5328bde Fixing issue 1639, debugger stops stepping outside evaluate.
BUG=v8:1639

Review URL: http://codereview.chromium.org/7889039

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9287 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-15 07:23:31 +00:00
keuchel@chromium.org
96de832c89 Mark variables as being accessed from any inner scope, not only function scopes
BUG=96523
TEST=mjsunit/regress/regress-96523.js

Review URL: http://codereview.chromium.org/7890031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9281 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-14 13:51:29 +00:00
mikhail.naganov@gmail.com
b706cfce94 Eliminate the need for code delete events in CPU profiler.
Events are still generated for tick processor on performance testing
server to work, as soon as scripts will be updated, it will be safe
to remove code delete events emitting code.

R=erik.corry@gmail.com
BUG=v8:1466
TEST=existing tests in test-profile-generator,test-cpu-profiler and mjsunit/tools

Review URL: http://codereview.chromium.org/7864017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9275 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-14 11:47:03 +00:00
keuchel@chromium.org
a392f5bf70 Fix scope iteration when debugging global code.
TEST=mjsunit/debug-scopes.js

Review URL: http://codereview.chromium.org/7890007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9273 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-14 11:20:31 +00:00
kmillikin@chromium.org
63bec78428 Revert "MIPS: port Remove in-loop tracking for call ICs."
Committed incorrectly.

TBR=ricow@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7890026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9270 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-14 08:08:16 +00:00
kmillikin@chromium.org
f9e2922b12 MIPS: port Remove in-loop tracking for call ICs.
port r9260 (af9cfd83).

Original commit message:
We passed this flag around in a lot of places and had differenc call
ICs based on it, but never did any real specialization based on its
value.

BUG=
TEST=

Review URL: http://codereview.chromium.org/7886028
Patch from Paul Lind <plind44@gmail.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9269 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-14 08:04:47 +00:00
rossberg@chromium.org
40880d3206 Fixed spurious character in test case, plus presubmit issues.
Also addressed Slava's complaint about the personalized comment.

R=jkummerow@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7886032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9268 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-14 07:30:51 +00:00
rossberg@chromium.org
28f7136ced Fix for .bind regression.
R=jkummerow@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7892013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9267 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 17:14:39 +00:00
yangguo@chromium.org
321bfc549f Fixing r9265: moving test case into correct location.
Review URL: http://codereview.chromium.org/7889008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9266 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 16:11:05 +00:00
yangguo@chromium.org
fc2c22dd2b Adding test case for issue 1639, fixed by r9264.
BUG=v8:1639

Review URL: http://codereview.chromium.org/7889006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9265 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 15:08:36 +00:00
rossberg@chromium.org
ff5c242a47 Test (and fix) all exception paths that can occur with proxies.
R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7623013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9261 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 13:07:20 +00:00
rossberg@chromium.org
e645597aa7 Implement function proxies (except for their use as constructors).
Introduce new %Apply native.

Extend Execution::Call to optionally handle receiver rewriting (needed for %Apply).

Fix Function.prototype.bind for functions that have .apply modified.

R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7623011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9258 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 11:42:57 +00:00
mstarzinger@chromium.org
aae949ba10 Fix parent of the WeakMap prototype.
R=rossberg@chromium.org
BUG=v8:1565
TEST=mjsunit/harmony/weakmaps

Review URL: http://codereview.chromium.org/7890003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9254 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 09:45:10 +00:00
sgjesse@chromium.org
81df4a42e4 Support for precise stepping in functions compiled before debugging was started (step 1)
This change will ensure that all non-optimized code will be compiled
with debug break slots when debugging is initiated. This is handled by
scanning the heap for non-optimized functions without debug break slots and setting their code to be lazy recomplied. When the lazy recompilation happens the code will ge generated with debug break slots (if debugging is still active at that point in time).

R=svenpanne@chromium.org
Currently this is only implemented for functions which do not have activations on the stack.

BUG=
TEST=

Review URL: http://codereview.chromium.org//7839030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9250 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 08:31:21 +00:00
jkummerow@chromium.org
3ec371690c d8 external array c'tors: allow parameters that can be converted to numbers
BUG=v8:1681
TEST=d8 accepts: var a = new Int32Array("2");

Review URL: http://codereview.chromium.org/7867036

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9243 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-12 12:42:05 +00:00
mikhail.naganov@gmail.com
57b9e9d968 Revert accidental r9229 and r9230
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9231 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-12 10:50:40 +00:00
mikhail.naganov@gmail.com
03d325da08 add test
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9230 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-12 10:42:25 +00:00
mikhail.naganov@gmail.com
f8e5c71e18 Rename SmartPointer to SmartArrayPointer.
As pointed out in: http://codereview.chromium.org/7754007/#msg5

"SmartPointer should have been named SmartArrayPointer as it expects an input
allocated using new[] and deallocates it using delete[]. Using it as a simple
scoped pointer for a single object is incorrect."

R=mnaganov@chromium.org

Review URL: http://codereview.chromium.org/7860011
Patch from Thiago Farina <tfarina@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9215 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-09 22:39:47 +00:00
danno@chromium.org
df860eda5c Don't allow seal or element property re-definition on external arrays.
R=ricow@chromium.org
BUG=95920
TEST=test/mjsunit/regress/regress-95920.js

Review URL: http://codereview.chromium.org/7858031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9213 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-09 14:30:00 +00:00
ricow@chromium.org
b8cbe08fcc Fix presubmit errors caused by updated depot tools
This is all blank line before/after linting errors.
Review URL: http://codereview.chromium.org/7754022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9204 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-08 19:57:14 +00:00
lrn@chromium.org
c1dc429c02 Fix bug in collector.
Small cleanups in preparser.

TEST=cctest/test-utils/SequenceCollectorRegression

Review URL: http://codereview.chromium.org/7754014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9197 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-08 13:44:11 +00:00
lrn@chromium.org
689f3cb314 Rename scanner.* to scanner-character-streams.*. and scanner-base.* to scanner.*
R=lrn@chromium.org

Signed-off-by: Thiago Farina <tfarina@chromium.org>

Review URL: http://codereview.chromium.org/7739020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9195 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-08 13:06:44 +00:00
yangguo@chromium.org
f877f7bda2 Fixing presubmit error.
Review URL: http://codereview.chromium.org/7839031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9181 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-07 16:15:48 +00:00
erik.corry@gmail.com
e9cc1804bd Make one-character strings into symbols more agressively.
Review URL: http://codereview.chromium.org/7840029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9175 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-07 13:13:56 +00:00
lrn@chromium.org
81e7f597b0 Reintroduce duplicate identifier detection in preparser.
Duplicate identifier detection must be an early syntax error in strict code,
so errors in otherwise lazily compiled functions must be caught in the
preparser.

Originally introduced in r8541 and reverted in r8542.
Now really compiles on Windows.

Review URL: http://codereview.chromium.org/7782023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9172 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-07 12:39:53 +00:00
lrn@chromium.org
2c8680cc46 Avoid size increase of snapshot.
The prototype of builtin functions is already unwritable, so we don't
have to make it so (the default map for functions changes after builtins
are initialized).

We no longer need to make the prototype non-extensible, since all properties
that are ever read by the bultins code has been added and frozen already.
Adding properties to the prototype, or changing its __proto__, cannot affect
code.

Removing these two pieces of initialization code reduces the snapshot size
by a few Kb.

Review URL: http://codereview.chromium.org/7839028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9166 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-07 11:56:06 +00:00
kmillikin@chromium.org
94777e213d Remove variable rewrites and the unneccesary Slot class.
R=fschneider@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7824038

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9162 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-07 11:02:31 +00:00