rossberg@chromium.org
ce05280bfc
Get rid of static module allocation, do it in code.
...
Modules now have their own local scope, represented by their own context.
Module instance objects have an accessor for every export that forwards
access to the respective slot from the module's context. (Exports that are
modules themselves, however, are simple data properties.)
All modules have a _hosting_ scope/context, which (currently) is the
(innermost) enclosing global scope. To deal with recursion, nested modules
are hosted by the same scope as global ones.
For every (global or nested) module literal, the hosting context has an
internal slot that points directly to the respective module context. This
enables quick access to (statically resolved) module members by 2-dimensional
access through the hosting context. For example,
module A {
let x;
module B { let y; }
}
module C { let z; }
allocates contexts as follows:
[header| .A | .B | .C | A | C ] (global)
| | |
| | +-- [header| z ] (module)
| |
| +------- [header| y ] (module)
|
+------------ [header| x | B ] (module)
Here, .A, .B, .C are the internal slots pointing to the hosted module
contexts, whereas A, B, C hold the actual instance objects (note that every
module context also points to the respective instance object through its
extension slot in the header).
To deal with arbitrary recursion and aliases between modules,
they are created and initialized in several stages. Each stage applies to
all modules in the hosting global scope, including nested ones.
1. Allocate: for each module _literal_, allocate the module contexts and
respective instance object and wire them up. This happens in the
PushModuleContext runtime function, as generated by AllocateModules
(invoked by VisitDeclarations in the hosting scope).
2. Bind: for each module _declaration_ (i.e. literals as well as aliases),
assign the respective instance object to respective local variables. This
happens in VisitModuleDeclaration, and uses the instance objects created
in the previous stage.
For each module _literal_, this phase also constructs a module descriptor
for the next stage. This happens in VisitModuleLiteral.
3. Populate: invoke the DeclareModules runtime function to populate each
_instance_ object with accessors for it exports. This is generated by
DeclareModules (invoked by VisitDeclarations in the hosting scope again),
and uses the descriptors generated in the previous stage.
4. Initialize: execute the module bodies (and other code) in sequence. This
happens by the separate statements generated for module bodies. To reenter
the module scopes properly, the parser inserted ModuleStatements.
R=mstarzinger@chromium.org ,svenpanne@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11093074
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13033 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-22 10:25:22 +00:00
svenpanne@chromium.org
f275b36299
Reduced TLS accesses even further.
...
Thread the Isolate through FindCodeInCache, FindCodeInSpecialCache and
SetProperty. Reduced the number of TLS accesses while running the Octane
benchmark down to 19% compared to the beginning of the cleanups.
Review URL: https://codereview.chromium.org/11411033
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13030 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-22 07:58:59 +00:00
rossberg@chromium.org
4751776dce
Object.observe: Unblacklist some tests involving indexed properties
...
These were erroneously disabled because they were expecting indexed properties to be of Number type when appearing as the "name" in change records. But the "name" property will always be a string. Fixed assertRecordsEqual() to enforce this in expectations.
BUG=v8:2409
Review URL: https://codereview.chromium.org/11280105
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13027 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-21 12:50:49 +00:00
mmassi@chromium.org
5e7f30a596
Use the property load IC for accessing the array length.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11299004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-21 11:49:15 +00:00
yangguo@chromium.org
36f5b6d41f
Rename IsAsciiRepresentation
...
This is a straight rename:
IsAsciiRepresentation -> IsOneByteRepresentation
IsAsciiRepresentationUnderneath -> IsOneByteRepresentationUnderneath
AllocateRawAsciiString -> AllocateRawOneByteString
AllocateStringFromAscii -> AllocateStringFromOneByte
R=yangguo@chromium.org ,
BUG=
Review URL: https://chromiumcodereview.appspot.com/11308066
Patch from Dan Carney <dcarney@google.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13023 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-21 10:01:05 +00:00
yangguo@chromium.org
89bc2eb93f
Actually relax test expectations for known failing test.
...
This corrects r13011.
R=mstarzinger@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11415093
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13020 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-21 09:32:06 +00:00
jkummerow@chromium.org
a956594fc2
Fix corner case in x64 compare stubs.
...
BUG=v8:2416
Review URL: https://codereview.chromium.org/11413087
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13019 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-20 15:57:10 +00:00
rossberg@chromium.org
6add3222ed
Object.observe: Add test case covering most special cases.
...
Things not working yet are currently blacklisted in the test (see TODOs).
R=verwaest@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11377157
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13016 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-20 14:45:21 +00:00
yangguo@chromium.org
bfbca55d02
Relax test expectations for known failing test.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11299100
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13011 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-20 12:31:41 +00:00
mstarzinger@chromium.org
f5cff7d91c
Make test-dictionary work for GC stress builder.
...
R=yangguo@chromium.org
TEST=cctest/test-dictionary
Review URL: https://codereview.chromium.org/11299098
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13010 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-20 10:47:31 +00:00
rossberg@chromium.org
1570d62721
Object.observe/unobserve now return object
...
BUG=v8:2418
Review URL: https://codereview.chromium.org/11419078
Patch from Rafael Weinstein <rafaelw@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13009 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-20 10:38:14 +00:00
verwaest@chromium.org
08cfda49f2
Ensure CopyElementsImpl is always executed so it fills in holes even if from_size is 0. Allow FixedDoubleArray::cast to also support FixedArray with size 0.
...
Review URL: https://chromiumcodereview.appspot.com/11280054
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13000 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-19 15:00:34 +00:00
yangguo@chromium.org
d2a6e7b40d
Fix test failures.
...
R=jkummerow@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11414030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12992 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 14:24:19 +00:00
rossberg@chromium.org
8d79ff46d0
Clean-up refactoring to eliminate GetLocalElementKind.
...
Eliminates substantial amounts of fragile code duplication and special casing.
Also fixes "a".propertyIsEnumerable(0) to correctly return true.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11420011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 13:28:34 +00:00
mstarzinger@chromium.org
3d1582c474
Fix Array.prototype.join evaluation order.
...
R=yangguo@chromium.org
BUG=v8:2263
TEST=mjsunit/regress/regress-2263
Review URL: https://codereview.chromium.org/11280025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12989 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 12:45:23 +00:00
yangguo@chromium.org
af6f7742e0
Fix test failures.
...
R=jkummerow@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11299033
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12988 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 11:58:21 +00:00
mstarzinger@chromium.org
30c82d59c8
Make PrototypeTransitionClearing work with GC interval.
...
R=verwaest@chromium.org
TEST=cctest/test-heap/PrototypeTransitionClearing
Review URL: https://codereview.chromium.org/11411031
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12987 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 11:39:32 +00:00
yangguo@chromium.org
63f109aaa5
Introduce helper functions to test parallel recompilation.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11419012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12986 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 10:57:50 +00:00
jkummerow@chromium.org
7f824867f6
Perform CPU sampling by CPU sampling thread only iff processing thread is not running.
...
- perform CPU profiler sampling in the sampler thread as we used to;
- skip sampling in the sampling thread if processing thread is running;
- only install SIGPROF handler when CPU profiling is enabled.
BUG=v8:2364
Review URL: https://codereview.chromium.org/11231002
Patch from Sergey Rogulenko <rogulenko@google.com> and Andrey Kosyakov <caseq@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 10:38:10 +00:00
mstarzinger@chromium.org
b6c9bdaa9e
Disable InstanceOfStubWriteBarrier in some cases.
...
This disables the above regression test when run with forced marking
deque overflows (which is implicitly enabled by --stress-compaction).
R=verwaest@chromium.org
TEST=cctest/test-heap/InstanceOfStubWriteBarrier
Review URL: https://codereview.chromium.org/11417026
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12984 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 10:33:57 +00:00
rossberg@chromium.org
2e76922c79
Object.observe: Use [[DefineOwnProperty]] to create properties of changeRecord.
...
Note: The test here requires https://codereview.chromium.org/11364237/ to land in order to pass because Object.freeze calls Object.getOwnPropertyNames().
BUG=v8:2411
Review URL: https://codereview.chromium.org/11377171
Patch from Rafael Weinstein <rafaelw@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12983 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 09:35:27 +00:00
rossberg@chromium.org
af824eab8f
When using an Object as a set in Object.getOwnPropertyNames, null out the proto
...
Also apply the same fix elsewhere in v8natives.js
BUG=v8:2410
Review URL: https://codereview.chromium.org/11364237
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12982 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-16 09:32:39 +00:00
yangguo@chromium.org
3699616609
Rename SeqAsciiString
...
This is a straight rename:
NewRawAsciiString -> NewRawOneByteString
SeqAscii -> SeqOneByte
SeqOneByteString cannot yet take non-ascii data.
R=yangguo@chromium.org ,
BUG=
Review URL: https://chromiumcodereview.appspot.com/11411005
Patch from Dan Carney <dcarney@google.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12972 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-15 13:31:27 +00:00
mstarzinger@chromium.org
db4375e338
Unbreak waterfall after r12968.
...
R=jkummerow@chromium.org
TEST=test262
Review URL: https://codereview.chromium.org/11416008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12970 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-15 12:35:16 +00:00
verwaest@chromium.org
a08194c83a
Support all fast elements kinds in the major array operations.
...
Currently missing support for unshift.
BUG=
Review URL: https://chromiumcodereview.appspot.com/11377132
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12969 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-15 12:19:14 +00:00
mstarzinger@chromium.org
50e975574b
Update Test262 harness to recent version.
...
R=rossberg@chromium.org
TEST=test262
Review URL: https://codereview.chromium.org/11308033
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12968 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-15 11:41:27 +00:00
rossberg@chromium.org
4fb992a872
Object.observe: Handle oldValue for elements with accessors properly.
...
Extended ElementAccessor interface to allow querying PropertyType and
AccessorPair. Also added respective functionality to JSObject.
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11358234
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12967 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-15 11:31:40 +00:00
rossberg@chromium.org
5e7b796479
Object.observe: Move notification of JSArray length changes to JSArray::SetElementsLength
...
The previous implementation in Accessors::ArraySetLength failed when array length was set through StoreIC_ArrayLength. But that stub and the accessor both delegate to JSArray::SetElementsLength, so moving the code there allows notifications to be sent in both cases.
Review URL: https://codereview.chromium.org/11275292
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12962 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-14 16:51:21 +00:00
jkummerow@chromium.org
1c086d1202
Lattice-based representation inference, powered by left/right specific type feedback for BinaryOps and comparisons
...
Review URL: https://chromiumcodereview.appspot.com/10837165
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-14 15:59:45 +00:00
ulan@chromium.org
74492ab2d4
Emit VMLA for multiply-add on ARM
...
Review URL: https://chromiumcodereview.appspot.com/11293061
Patch from Hans Wennborg <hans@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12958 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-14 11:01:18 +00:00
yangguo@chromium.org
e49a910d99
Fix build errors.
...
R=jkummerow@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11364231
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12957 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-14 09:32:51 +00:00
yangguo@chromium.org
4783d3c31b
Remove 'type' and 'arguments' properties from Error object.
...
R=svenpanne@chromium.org
BUG=v8:2397
Review URL: https://chromiumcodereview.appspot.com/11358214
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12956 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-14 09:14:47 +00:00
peter.rybin@gmail.com
bb53dc6890
Issue 2368: LiveEdit crashes when new object/array literal is added
...
Review URL: https://codereview.chromium.org/11191039
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12952 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-13 19:13:27 +00:00
rossberg@chromium.org
92db2105e4
Object.deliverChangeRecords should remove the observer from activeObservers
...
To preserve ordering guarantees during end-of-turn delivery, Object.deliverChangeRecords needs to remove the delivered-to observer from the list of active observers.
The added test demonstrates this behavior.
Review URL: https://codereview.chromium.org/11410046
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12951 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-13 15:53:28 +00:00
rossberg@chromium.org
36c3d01589
Object.unobserve(obj, callback) now throws a TypeError when callback is not a function.
...
Review URL: https://codereview.chromium.org/11293248
Patch from Rafael Weinstein <rafaelw@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12950 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-13 15:50:59 +00:00
svenpanne@chromium.org
673924413f
Re-land rev. 12849 and 12868 (Heavy cleanup of the external pointer API + related fix).
...
Review URL: https://codereview.chromium.org/11365224
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12945 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-13 12:27:03 +00:00
yangguo@chromium.org
c6b35d0310
Correctly handle uncaught exception objects.
...
R=jkummerow@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11365200
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12939 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-12 17:32:30 +00:00
yangguo@chromium.org
693ee09cf3
Correctly check for stack overflow even when interrupt is pending.
...
BUG=v8:214
Review URL: https://chromiumcodereview.appspot.com/11362007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12936 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-12 14:56:25 +00:00
yangguo@chromium.org
4c27298d27
Collect stack trace on stack overflow.
...
BUG=v8:2394
Review URL: https://chromiumcodereview.appspot.com/11275186
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12933 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-12 14:54:29 +00:00
yangguo@chromium.org
e3e899fe53
Correctly fix test expectations.
...
R=jkummerow@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11369183
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12931 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-12 14:07:21 +00:00
yangguo@chromium.org
eea60ff76a
Fix test expectations.
...
R=jkummerow@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11361217
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12928 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-12 12:29:15 +00:00
yangguo@chromium.org
4cca6c6081
Make formatting error message side-effect-free.
...
BUG=v8:2398
Review URL: https://chromiumcodereview.appspot.com/11359130
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12926 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-12 10:33:20 +00:00
yangguo@chromium.org
ef1b3d3a76
Fix length check in JSON.stringify.
...
R=verwaest@chromium.org
BUG=160010
Review URL: https://chromiumcodereview.appspot.com/11410031
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12925 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-12 10:20:07 +00:00
rossberg@chromium.org
0e7306cc92
Implement Object.getNotifier() and remove Object.notify()
...
Updated all tests to use getNotifier or actual object mutation instead of notify, and added tests for new behavior of getNotifier.
Review URL: https://codereview.chromium.org/11369154
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12923 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 16:14:42 +00:00
rossberg@chromium.org
af7bfe0e27
Minimal implementation and tests of observable array methods
...
Bail out of any special-casing in array methods.
Further optimization is possible, but can be left for later.
Review URL: https://codereview.chromium.org/11369151
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12917 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 12:28:22 +00:00
rossberg@chromium.org
13f8fb47da
Add more test coverage for setting Array.length
...
Covers truncation of holey arrays and defineProperty('length').
Review URL: https://codereview.chromium.org/11369150
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12915 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 11:00:13 +00:00
rossberg@chromium.org
b72e5811e7
Object.observe: notify when element addition causes array growth
...
Review URL: https://codereview.chromium.org/11369135
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 10:57:54 +00:00
rossberg@chromium.org
127b944ab5
Fix InternalObjectHashTable to properly update table ref in observationState
...
The previous fix wasn't broad enough: it only fixed the reference for a single Context.
Review URL: https://codereview.chromium.org/11361172
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12913 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 10:51:35 +00:00
svenpanne@chromium.org
09666b60b8
Rollback of r12868, r12849 on bleeding_edge.
...
Fixed visibility attribute for GetPointerFromInternalField
Heavy cleanup of the external pointer API.
Review URL: https://codereview.chromium.org/11359125
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 10:07:54 +00:00
mstarzinger@chromium.org
2d69a2b12e
ES6: Add support for Set and Map clear method
...
http://wiki.ecmascript.org/doku.php?id=harmony:specification_drafts , section
15.14.5.3 and 15.14.5.2
BUG=v8:2400
Review URL: https://codereview.chromium.org/11409002
Patch from Erik Arvidsson <arv@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12909 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 09:01:29 +00:00
yangguo@chromium.org
64da47559c
Turn message property of the error object into a data property.
...
R=svenpanne@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11368142
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12908 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-09 08:22:02 +00:00
rossberg@chromium.org
2af4744889
Handle Object.observe notifications for setting Array.length
...
Also handles notification of deleted properties when an array
is truncated by setting length.
Review URL: https://codereview.chromium.org/11338048
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 16:12:12 +00:00
mstarzinger@chromium.org
a65e166aa7
Implement MarkIndependent(Isolate*) and MarkPartiallyDependent(Isolate*)
...
BUG=
TEST=cctest/test-api/IndependentWeakHandle
Review URL: https://codereview.chromium.org/11369131
Patch from Kentaro Hara <haraken@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12904 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 15:01:26 +00:00
rossberg@chromium.org
c203f05474
Delivery logic for Object.observe
...
This CL has two parts: the first is the logic itself, whereby each observer callback is assigned
a "priority" number the first time it's passed as an observer to Object.observe(), and that
priority is used to determine the order of delivery.
The second part invokes the above logic as part of the API, when the JS stack winds down to
zero.
Added several tests via the API, as the delivery logic isn't testable from a JS test
(it runs after such a test would exit).
Review URL: https://codereview.chromium.org/11266011
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 13:44:59 +00:00
rossberg@chromium.org
8eb704257f
Object.observe: Fixed missing case for turning off ICs.
...
R=mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11358122
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12901 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 13:15:54 +00:00
rossberg@chromium.org
fbc6e0d883
Object.observe: generate change records for indexed properties.
...
Details:
- Extend ElementAccessors with GetAttributes method.
- Add HasLocalElement, Get[Local]ElementAttribute methods to JSReceiver/JSObject.
- Otherwise, mirror implementation for named properties.
Cannot correctly handle the cases yet where an accessor is redefined or deleted.
Also fixed handling of object info table.
(Based on CL https://codereview.chromium.org/11362115/ )
R=verwaest@chromium.org ,mstarzinger@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11365111
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 12:58:08 +00:00
mstarzinger@chromium.org
a31889e2de
Fix slack tracking when instance prototype changes.
...
This fixes a corner case when the instance prototype of a function is
changed while inobject slack tracking is still in progress. This caused
the intial map to be unrelated for functions with the same shared info
and hence the shared construct stub is no longer generic enough to work
for all those functions.
R=danno@chromium.org
BUG=chromium:157019
TEST=mjsunit/regress/regress-crbug-157019
Review URL: https://codereview.chromium.org/11293059
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12896 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 11:56:44 +00:00
mstarzinger@chromium.org
8e7ae24b40
Fix disabling of code flusher while marking.
...
This fixes a corner case when the code flusher is disabled while
incremental marking is running. The list of candidates needs to be
evicted to prevent list fragments without a head floating around.
R=ulan@chromium.org
BUG=chromium:159140
Review URL: https://codereview.chromium.org/11366136
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12894 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 10:26:50 +00:00
mstarzinger@chromium.org
63b5392717
Make test case in r12891 non-threaded.
...
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/11366149
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12893 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 09:45:47 +00:00
mstarzinger@chromium.org
db73b0af16
Add a test case for object grouping in a scavenger GC
...
BUG=v8:2077
TEST=cctest/test-api/ApiObjectGroupsCycleForScavenger
Review URL: https://codereview.chromium.org/11312123
Patch from Kentaro Hara <haraken@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-08 09:10:53 +00:00
rossberg@chromium.org
e059e64c98
Object.observe: include oldValue in change records,
...
plus more accurate distinction of different change types.
Required handlifying more code.
Also fixed a handlification bug in JSProxy::GetElementAttributeWithHandler.
R=verwaest@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11362115
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12888 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-07 14:14:50 +00:00
yangguo@chromium.org
ecb6126e45
Remove check for recursion depth for JSON.stringify.
...
R=mstarzinger@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11368119
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12882 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-07 12:12:52 +00:00
mstarzinger@chromium.org
e405ff84b4
ES6: Adding support for size to Set and Map
...
Section 15.14.5.10 and 15.16.5.7 in the October 26, 2012 ES6 draft,
http://wiki.ecmascript.org/doku.php?id=harmony:specification_drafts
This adds a getter for "size" to Set.prototype and Map.prototype which reflects
the number of elements in the Set and Map respectively.
BUG=v8:2395
Review URL: https://codereview.chromium.org/11360089
Patch from Erik Arvidsson <arv@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12875 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-06 18:14:45 +00:00
mstarzinger@chromium.org
c54fc70f13
Store Object.observe state per-isolate rather than per-context
...
This requires adding a new JSObject to the strong root list and populating it from
object-observe.js. The main other change is that we now directly use ObjectHashTable
from JS rather than using WeakMap, since using the latter would end up leaking whichever
Context initialized that observation state.
Added a test via the API showing that different contexts all end up working on the same state.
Review URL: https://codereview.chromium.org/11274014
Patch from Adam Klein <adamk@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12873 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-06 16:47:15 +00:00
rossberg@chromium.org
b80cbd7922
Object.observe: generate change records for named properties.
...
In more detail:
- Set observation bit for observed objects (and make NormalizedMapCache respect it).
- Mutation of observed objects is always delegated from ICs to runtime.
- Introduce JS runtime function for notifying generated changes.
- Invoke this function in the appropriate places (including some local refactoring).
- Inclusion of oldValue field is not yet implemented, nor element properties.
Also, shortened flag to --harmony-observation.
R=verwaest@chromium.org
BUG=
Review URL: https://codereview.chromium.org/11347037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-06 12:32:36 +00:00
mstarzinger@chromium.org
03ba764f3e
Put incremental code flushing behind a flag.
...
This is used to disable incremental code flushing by default for now
until we can stabilize it and make it ready for production.
R=verwaest@chromium.org
BUG=chromium:159140
Review URL: https://codereview.chromium.org/11367105
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12862 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-06 11:54:05 +00:00
ulan@chromium.org
f106c9c9f7
Add rotate-right instruction to hydrogen and use it instead of bitwise operations
...
of the form ((x >>> i) | (x << (32 - i))).
This CL is based on https://chromiumcodereview.appspot.com/10984057/
by Jay Conrod <dconrod@codeaurora.org>.
R=danno@chromium.org ,mstarzinger@chromium.org,dconrod@codeaurora.org
Review URL: https://chromiumcodereview.appspot.com/11033005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-05 13:28:10 +00:00
mstarzinger@chromium.org
b77e629f1a
Implement IsIndependent(Isolate*)
...
BUG=
TEST=cctest/test-api/IndependentWeakHandle
Committed: https://code.google.com/p/v8/source/detail?r=12852
Review URL: https://codereview.chromium.org/11368053
Patch from Kentaro Hara <haraken@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12854 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-05 13:20:45 +00:00
yangguo@chromium.org
e452c10702
Add fast path for FastProperty objects in JSON.stringify.
...
R=verwaest@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11363078
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12853 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-05 12:59:35 +00:00
mstarzinger@chromium.org
ea00c51e24
Implement IsIndependent(Isolate*)
...
BUG=
TEST=cctest/test-api/IndependentWeakHandle
Review URL: https://codereview.chromium.org/11368053
Patch from Kentaro Hara <haraken@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12852 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-05 12:35:51 +00:00
yangguo@chromium.org
e26012e771
Fix JSON.stringify wrt harmony proxies.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11312063
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12851 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-05 10:53:56 +00:00
svenpanne@chromium.org
f3807ca17b
Heavy cleanup of the external pointer API.
...
Added highly efficient Object::SetAlignedPointerInInternalField and
Object::GetAlignedPointerFromInternalField functions for 2-byte-aligned
pointers. Their non-aligned counterparts Object::GetPointerFromInternalField and
Object::SetPointerInInternalField are now deprecated utility functions.
External is now a true Value again, with New/Value/Cast using a JSObject with an
internal field containing a Foreign. External::Wrap, and External::Unwrap are now
deprecated utility functions.
Added Context::GetEmbedderData and Context::SetEmbedderData. Deprecated
Context::GetData and Context::SetData, these are now only wrappers to access
internal field 0.
Added highly efficient Context::SetAlignedPointerInEmbedderData and
Context::GetAlignedPointerFromEmbedderData functions for 2-byte-aligned
pointers.
Review URL: https://codereview.chromium.org/11190050
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12849 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-05 10:25:32 +00:00
svenpanne@chromium.org
9de1d40d28
Improve handling of property loads on the proto chain.
...
Previously Crankshaft emitted a generic load for these, now we emit a load of a
named field, guarded by a proto chain check.
LCheckPrototypeMaps now returns the holder, which is for free, because it
already had to check its map as the last step, anyway. This is in sync with what
StubCompiler::CheckPrototype does.
Review URL: https://codereview.chromium.org/11338030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12847 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-05 08:53:54 +00:00
yangguo@chromium.org
e8d91b424c
Handle edge cases in basic JSON.stringify.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11315009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12842 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-02 14:46:57 +00:00
yangguo@chromium.org
64793b3f0d
Correctly visit all external strings.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11340010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12841 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-02 12:45:00 +00:00
verwaest@chromium.org
14abf05bd5
Ensure reducing the length of an array doesn't make it go holey.
...
Also only transition and/or change anything to the backing store if we are
actually going to delete anything.
BUG=
Review URL: https://chromiumcodereview.appspot.com/11358011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12840 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-11-02 10:24:56 +00:00
yangguo@chromium.org
fe7ec01096
Fix handling arrays with holes in JSON.stringify.
...
R=verwaest@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11273112
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12834 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-30 15:29:34 +00:00
yangguo@chromium.org
8ed2e560ea
Treat leading zeros in JSON.parse correctly.
...
R=verwaest@chromium.org
BUG=158185
Review URL: https://chromiumcodereview.appspot.com/11273075
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12830 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-29 12:01:29 +00:00
mstarzinger@chromium.org
e363cd3425
Fix ugly typo in GenerateNewNonStrictFast.
...
R=svenpanne@chromium.org
BUG=chromium:157520
TEST=mjsunit/regress/regress-crbug-157520
Review URL: https://codereview.chromium.org/11300008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12826 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-26 10:55:25 +00:00
mstarzinger@chromium.org
014f00fa51
Fix code flusher to process weak function links.
...
This fixes a corner case where weak function links of the code flushing
candidates list were destroyed by scavenges that happened during
incremental marking. Now those weak function links are updated while
scavenging happens.
R=ulan@chromium.org
TEST=cctest/test-heap/TestCodeFlushingIncrementalScavenge
Review URL: https://codereview.chromium.org/11271006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12825 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-26 09:44:34 +00:00
yangguo@chromium.org
f6ed7f5e23
Relax test expectations for json-recursive.js
...
R=mvstanton@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11311002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12824 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-26 07:52:18 +00:00
rossberg@chromium.org
ae93cf665d
Initial JS stub implementation of Object.observe. Adds support for .object/.unobserve/.notify/.deliverChangeRecords. No delivery mechanism is implemented for end-of-microtask.
...
Review URL: https://codereview.chromium.org/11225058
Patch from Rafael Weinstein <rafaelw@google.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12820 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-25 14:56:44 +00:00
yangguo@chromium.org
e91473f057
Relax test expectations to appease mac build.
...
R=mstarzinger@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11272029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12817 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-25 12:39:41 +00:00
yangguo@chromium.org
58c82e93b3
Catch stack overflow in JSON.parse.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11275039
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-25 12:36:40 +00:00
yangguo@chromium.org
e40b33d39e
Correctly check for stack limit in JSON.stringify.
...
Changes include:
- inline functions in a way as not to waste stack space.
- reset StackReserveSize to the value prior to r12808.
- check stack overflow dynamically.
R=ulan@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11271021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12814 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-25 12:18:24 +00:00
yangguo@chromium.org
b2d41f8fe8
Fix stack overflow in JSON.stringify.
...
R=verwaest@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11265011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12808 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-24 15:49:59 +00:00
mstarzinger@chromium.org
cee59bf522
Enable incremental code flushing.
...
This enables code flushing even with incremental marking enabled and
fully shares the function link field in JSFunctions between candidates
for code flushing and the optimized functions list. If a candidate for
code flushing gets optimized, it will be evicted from the candidates
list.
R=ulan@chromium.org
BUG=v8:1609
Review URL: https://codereview.chromium.org/11140025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12796 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-23 08:25:04 +00:00
yangguo@chromium.org
e50ee08ad6
Reland JSON.stringify reimplementation.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11189112
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12790 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-22 14:22:58 +00:00
jkummerow@chromium.org
5ea870f855
tools/run-tests.py: A few timeout-related fixes
...
Review URL: https://codereview.chromium.org/11230029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12789 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-22 14:13:01 +00:00
mstarzinger@chromium.org
34d98a804d
Fix deletion of hidden property with inline-stored hash.
...
R=yangguo@chromium.org
BUG=chromium:157124
TEST=cctest/test-api/Regress157124
Review URL: https://codereview.chromium.org/11233033
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12785 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-22 12:50:51 +00:00
yangguo@chromium.org
e41250a390
Revert r12760 (JSON.stringify).
...
R=verwaest@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11225026
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12783 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-22 11:11:22 +00:00
yangguo@chromium.org
8148f972e8
Stress GC less by allocating exponentially growing string chunks in JSON.stringify.
...
R=verwaest@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11232002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12775 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-19 12:39:43 +00:00
yangguo@chromium.org
f910052543
Always invoke the default Array.sort functions from builtin functions, part 2.
...
R=vegorov@chromium.org
BUG=v8:2372
Review URL: https://chromiumcodereview.appspot.com/11175007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12774 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-19 12:30:18 +00:00
danno@chromium.org
063609280e
Add a faster API for creating v8::Integer objects
...
In WebKit, we have a small integer cache because calling v8::Integer::New is
slow. This patch adds a faster API for creating integers that requires the
caller to supply the v8::Isolate, saving us the work of looking up the isolate
in thread-local storage.
BUG=
Review URL: https://codereview.chromium.org/11212004
Patch from Adam Barth <abarth@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12773 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-19 11:15:04 +00:00
ulan@chromium.org
c6feb5065c
Fix test runner for Android.
...
R=jkummerow@chromium.org
Review URL: https://chromiumcodereview.appspot.com/11193055
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12770 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-19 09:55:27 +00:00
ulan@chromium.org
06a9f51ccb
Adjust Android test expectations.
...
Disable long running tests:
- test-threads/ThreadJoinSelf in release and debug modes.
- regress/regress-1122 in debug mode.
Disable failing test:
- preparser/strict-octal-regexp (v8 issue 2265).
R=jkummerow@chromium.org
Review URL: https://chromiumcodereview.appspot.com/11185073
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12769 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-19 09:28:23 +00:00
yangguo@chromium.org
5fa8f2f485
Pass pending exception to the message listener.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11014017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12768 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-19 08:45:24 +00:00
verwaest@chromium.org
fa53250dd2
Fixed json regression
...
BUG=v8:2374
Review URL: https://chromiumcodereview.appspot.com/11186059
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12766 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-19 08:23:45 +00:00
verwaest@chromium.org
7bc94a92c5
Fixed error introduced in r12761.
...
BUG=2373
Review URL: https://chromiumcodereview.appspot.com/11198068
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12765 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-18 18:43:19 +00:00
yangguo@chromium.org
7a653c1675
Reimplement a simpler version of JSON.stringify.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/11186025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12760 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-18 14:42:26 +00:00
yangguo@chromium.org
a7f3edb818
Make sure the fast case of ScanJsonString bails out to the slow case correctly.
...
R=verwaest@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/11185050
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12757 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-18 13:15:05 +00:00
fschneider@chromium.org
971e834a8d
Always invoke the default Array.sort functions from builtin functions.
...
TEST=mjsunit/regress/regress-builtin-array-op.js
BUG=v8:2372
Review URL: https://chromiumcodereview.appspot.com/10559005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12752 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-18 11:18:08 +00:00
svenpanne@chromium.org
b54750c60f
Added a workaroung for a GCC visibility bug.
...
Movef a helper class to the top level to avoid
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=40145 .
TBR=ulan@chromium.org
Review URL: https://codereview.chromium.org/11194050
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-18 07:22:24 +00:00
svenpanne@chromium.org
9dc2c5b83d
Add an API for enumerating persistent handles
...
This API lets the embedder enumerate handles that have class ids. WebKit will
use this feature during garbage collection to compute object groups for DOM
nodes. Previously, we kept a list of DOM nodes on the WebKit side, but that
list is redundant with the global handles list in V8.
Review URL: https://codereview.chromium.org/11190011
Patch from Adam Barth <abarth@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12750 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-18 06:52:37 +00:00
verwaest@chromium.org
72424b3987
Move DescriptorArray into the map.
...
Review URL: https://chromiumcodereview.appspot.com/11188031
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-17 13:04:49 +00:00
jkummerow@chromium.org
62223bd2c0
Revert recent CPU profiler changes because they broke --prof.
...
This reverts r12649 and r12650.
BUG=v8:2364
Review URL: https://codereview.chromium.org/11193020
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-17 12:24:31 +00:00
mstarzinger@chromium.org
02490829dd
Fix bug in deletion of indexed properties
...
The delete operator always return true in case of indexed property. It
should return false if an indexed property can't be deleted (eg.
DontDelete attribute is set or a string object is the holder).
Contributed by Peter Varga <pvarga@inf.u-szeged.hu>
BUG=none
TEST=mjsunit/delete-non-configurable
Review URL: https://codereview.chromium.org/11094021
Patch from Peter Varga <pvarga@inf.u-szeged.hu>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12736 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-15 15:23:22 +00:00
yurys@chromium.org
eee93ec99b
Allow evals for debugger even if they are prohibited in the debugee context.
...
BUG=154733
Review URL: https://codereview.chromium.org/11111015
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12726 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-15 10:15:25 +00:00
verwaest@chromium.org
7c28995e5d
Invalidate the enum cache when converting a transition across which the descriptors are shared.
...
Review URL: https://chromiumcodereview.appspot.com/11145017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12722 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-15 08:38:51 +00:00
svenpanne@chromium.org
6cf48ce3d7
Fixed heap verification guards.
...
TBR=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/11147016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-15 06:34:22 +00:00
ulan@chromium.org
c969afe137
Reland r12342: Flush monomorphic ICs on context disposal instead of context exit.
...
The crashes that caused r12342 to be reverted are fixed in r12563.
R=mstarzinger@chromium.org
Review URL: https://chromiumcodereview.appspot.com/11092081
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12715 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-12 13:49:12 +00:00
mvstanton@chromium.org
b3c0ed8245
Enable --verify-heap in release mode
...
R=mstarzinger@chromium.org
BUG=v8:2120
Review URL: https://codereview.chromium.org/11118018
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12713 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-12 11:41:14 +00:00
verwaest@chromium.org
b75705f07b
Don't clear EnumLength but rather copy the enum cache. Added regression test for crashes from chromecrash.
...
Review URL: https://chromiumcodereview.appspot.com/11103036
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-11 15:33:34 +00:00
rossberg@chromium.org
348736efaa
Find a stack limit for the test that works on both Win32 and Linux64.
...
R=mstarzinger@chromium.org
BUG=151625
Review URL: https://codereview.chromium.org/11086073
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12701 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-11 13:10:24 +00:00
rossberg@chromium.org
ddbd426821
Increase stack size for test to work on x64.
...
R=jkummerow@chromium.org
BUG=151625
Review URL: https://codereview.chromium.org/11098070
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12700 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-11 12:11:46 +00:00
rossberg@chromium.org
00132da734
Bump variable limit further to 2^17.
...
R=jkummerow@chromium.org
BUG=151625
Review URL: https://codereview.chromium.org/11099063
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12698 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-11 11:40:10 +00:00
verwaest@chromium.org
dde1cdfb8e
Fix transition conversion from CONSTANT_FUNCTION to FIELD.
...
Review URL: https://chromiumcodereview.appspot.com/11094044
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-10 12:31:50 +00:00
verwaest@chromium.org
55e924c595
Fix CNLT regression.
...
This happens when a map A with no descriptors in fast_holey_elements
mode first gets some properties, making it share descriptor arrays with
a map B to which it transitions. Then map A transitions elements kind to
dictionary_elements in map C. C stores the empty_descriptor_array in its
own transition array. When adding a property to C, C transitions to D
and shares the descriptors. If D dies, a CNLT clears the transition
array of C, making the descriptor array of A (and thus also of B) shine
through. If a property is now added to an object in state C, it'll inherit
all the properties of A (and B). If those properties had high field indices,
we do not have a large enough backing store for the single newly added
property, and we'll write out of bounds.
BUG=chromium:151749
Review URL: https://chromiumcodereview.appspot.com/11017054
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-10 12:29:44 +00:00
svenpanne@chromium.org
5d11c5ee69
Fixed Accessors::FunctionGetPrototype's proto chain traversal.
...
Actually it didn't traverse that far... ;-) Did some cleanup on the way.
R=rossberg@chromium.org
BUG=chrome:143967
TEST=regress/regress-143967.js
Review URL: https://codereview.chromium.org/11087004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12677 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-08 12:58:46 +00:00
rossberg@chromium.org
329cf12363
Make sure that names of temporaries do not clash with real variables.
...
R=mstarzinger@chromium.org
BUG=v8:2322
Review URL: https://codereview.chromium.org/11035054
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12668 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-05 12:47:34 +00:00
rossberg@chromium.org
b07f38a46b
Reject local module declarations.
...
R=mstarzinger@chromium.org
BUG=150628
Review URL: https://codereview.chromium.org/11033025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-05 09:14:08 +00:00
rossberg@chromium.org
3f7b5c338a
Reject uses of lexical for-loop variable on the RHS.
...
R=mstarzinger@chromium.org
BUG=v8:2322
Review URL: https://codereview.chromium.org/11031045
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12664 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-05 09:07:53 +00:00
jkummerow@chromium.org
ecc7f4baad
Replacing circular queue by single buffer in CPU Profiler.
...
BUG=None
Review URL: https://codereview.chromium.org/10871039
Patch from Sergey Rogulenko <rogulenko@google.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-02 10:51:00 +00:00
jkummerow@chromium.org
dfb4218a04
Moving cpu profiling into its own thread.
...
BUG=None
Review URL: https://codereview.chromium.org/10857035
Patch from Sergey Rogulenko <rogulenko@google.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-02 09:58:11 +00:00
verwaest@chromium.org
efe955587e
Allow optimistically hoisting elements transitions over accesses.
...
Review URL: https://chromiumcodereview.appspot.com/10972011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12642 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-01 16:22:43 +00:00
jkummerow@chromium.org
22d3864a0a
Fix cctests using Sockets to be able to run in parallel
...
BUG=v8:945
Review URL: https://codereview.chromium.org/11015008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12636 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-10-01 09:41:18 +00:00
mmassi@chromium.org
8fbfad63cd
Avoid wrong imul deopt on ia32 and x64 (fixes v8 bug 2339).
...
BUG=v8:2339
Review URL: https://chromiumcodereview.appspot.com/10963032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12614 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-26 09:57:30 +00:00
erik.corry@gmail.com
72e9f1bea1
x64 and ARM: Fix issue 2346 (order of operations in keyed store
...
on arrays) and turn get-own-property-descriptor.js test into
a regression test.
Review URL: https://chromiumcodereview.appspot.com/10985017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12604 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-25 13:35:42 +00:00
rossberg@chromium.org
20b1c426cf
Bump number of allowed variables per scope to 65535, to address GWT.
...
R=jkummerow@chromium.org
BUG=151625
Review URL: https://codereview.chromium.org/10965063
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12600 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 16:22:17 +00:00
jkummerow@chromium.org
43f038d4cd
Split test/mjsunit/debug-stepout-scope into smaller chunks
...
Review URL: https://codereview.chromium.org/10969061
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 11:18:29 +00:00
jkummerow@chromium.org
8a3ec89824
Delete test/mjsunit/regress-1969.
...
It was flaky, and its usefulness was doubtful.
Review URL: https://codereview.chromium.org/10961075
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:48:14 +00:00
jkummerow@chromium.org
cc6fe90b2b
Remove trailing whitespace
...
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/10969064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:44:04 +00:00
jkummerow@chromium.org
1e1470fca0
Speed up test/mjsunit/compiler/regress-or
...
Review URL: https://codereview.chromium.org/10969063
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12593 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:08:01 +00:00
jkummerow@chromium.org
6dc2af06dc
Speed up test/mjsunit/compiler/regress-gvn
...
Review URL: https://codereview.chromium.org/10956059
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12592 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:07:09 +00:00
jkummerow@chromium.org
d600358e6d
Split test/mjsunit/numops-fuzz into smaller chunks
...
Review URL: https://codereview.chromium.org/10961065
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12591 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:06:06 +00:00
jkummerow@chromium.org
fbf5965db4
Split test/mjsunit/mul-exhaustive into smaller chunks
...
Review URL: https://codereview.chromium.org/10958064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12590 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:04:58 +00:00
jkummerow@chromium.org
a2fc134169
Split test/mjsunit/fuzz-natives into smaller chunks
...
Review URL: https://codereview.chromium.org/10970058
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12589 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:03:49 +00:00
jkummerow@chromium.org
1bfbfc34ad
Split test/mjsunit/math-floor into smaller chunks
...
Review URL: https://codereview.chromium.org/10967064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12588 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:02:44 +00:00
jkummerow@chromium.org
bafa150f99
Speed up test/mjsunit/greedy.js
...
Review URL: https://codereview.chromium.org/10969062
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12587 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:01:35 +00:00
jkummerow@chromium.org
d88069821c
Speed up test/mjsunit/debug-multiple-breakpoints
...
Review URL: https://codereview.chromium.org/10961064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12586 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 10:00:25 +00:00
jkummerow@chromium.org
6a617a7b23
Speed up test/mjsunit/d8-os by reducing sleep times
...
Review URL: https://codereview.chromium.org/10973003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 09:57:16 +00:00
jkummerow@chromium.org
cf0cae7eb1
Speed up test/mjsunit/regress/regress-crbug-119926
...
Review URL: https://codereview.chromium.org/10958063
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 09:56:11 +00:00
jkummerow@chromium.org
975d6e2170
First commit of new tools/run-tests.py
...
Review URL: https://codereview.chromium.org/10919265
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12583 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-24 09:38:46 +00:00
yurys@chromium.org
26721b7dc0
This issue is for landing patch by vsevik: http://codereview.chromium.org/10966011/
...
SourceURL comments for scripts having a name.
sourceURL comment is now preferred script name for all scripts except
for those with non zero start position (e.g. inline scripts in HTML).
BUG=v8:2342
Review URL: https://codereview.chromium.org/10959038
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12576 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-21 08:09:34 +00:00
verwaest@chromium.org
083ee63a83
Fix CNLT for enum indices.
...
Review URL: https://chromiumcodereview.appspot.com/10958015
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12569 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-20 15:18:00 +00:00
verwaest@chromium.org
ea31f868e8
Deopt on storing undefined into double elements.
...
Review URL: https://chromiumcodereview.appspot.com/10963010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12568 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-20 13:41:00 +00:00
ulan@chromium.org
a0dfdfc273
Revert r12530 "Tentatively reenable previous failing test."
...
BUG=v8:2341
R=jkummerow@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10964015
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12564 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-20 11:28:33 +00:00
mstarzinger@chromium.org
84935fb23a
Fix missing slot recodring during clearing of CallICs.
...
This fixes a rare corner case that was caused by missing recording of
relocation slots when the uninitialized CallIC stub happenes to land on
an evacuation candidate and the IC is cleared via the shared function.
R=ulan@chromium.org
BUG=chromium:144230
TEST=cctest/test-heap/Regression144230
Review URL: https://codereview.chromium.org/10963005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12563 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-20 10:45:38 +00:00
jkummerow@chromium.org
a8e502fe60
Fix LBoundsCheck on x64 to handle (stack slot + constant) correctly
...
BUG=150729
Review URL: https://codereview.chromium.org/10959009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12562 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-20 09:56:24 +00:00
jkummerow@chromium.org
83da019a46
Move regress-2286.js where it belongs
...
Review URL: https://codereview.chromium.org/10957013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12561 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-20 09:55:19 +00:00
mmassi@chromium.org
9dc822ca13
Fixed minus zero test (fixes v8:2133).
...
BUG=v8:2133
Review URL: https://chromiumcodereview.appspot.com/10937013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12548 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-19 12:48:49 +00:00
mstarzinger@chromium.org
c012afb6d4
Fix setting array length to zero for slow elements.
...
R=verwaest@chromium.org
BUG=chromium:146910
TEST=mjsunit/regress/regress-crbug-146910
Review URL: https://codereview.chromium.org/10937026
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12547 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-19 11:52:33 +00:00
mstarzinger@chromium.org
f0dcaf9a19
Fix lost arguments dropping in HLeaveInlined.
...
This fixes HleaveInlined to correctly drop pushed arguments on all code
paths and addresses a corner case where the arguments stack height
mismatched at an OSR entry point.
R=jkummerow@chromium.org
BUG=chromium:150545
TEST=mjsunit/regress/regress-crbug-150545
Review URL: https://codereview.chromium.org/10938016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12543 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-19 08:13:46 +00:00
verwaest@chromium.org
5bf15c5d6c
Preallocate space in descriptor arrays.
...
Review URL: https://chromiumcodereview.appspot.com/10916336
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12538 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-18 13:25:12 +00:00
mstarzinger@chromium.org
86fd161fdc
Fix casting error for receiver of interceptors.
...
This fixes a casting error that occured when the receiver of a missed
or uninitialized CallIC is a Smi and there is an interceptor installed
on the prototype chain.
R=yangguo@chromium.org
BUG=chromium:149912
TEST=cctest/test-api/Regress149912
Review URL: https://codereview.chromium.org/10914317
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12531 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-17 14:39:10 +00:00
yangguo@chromium.org
783d10197a
Tentatively reenable previous failing test.
...
R=mstarzinger@chromium.org
BUG=v8:2261
Review URL: https://chromiumcodereview.appspot.com/10907254
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12530 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-17 14:19:11 +00:00
yangguo@chromium.org
73462594ea
Change regress-2318 to trigger more quickly and reliably.
...
BUG=v8:2336
Review URL: https://chromiumcodereview.appspot.com/10913294
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12529 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-17 13:21:59 +00:00
erik.corry@gmail.com
bafcfe5427
Fix misplaced assert in heap.cc.
...
Bug=2336
Review URL: https://chromiumcodereview.appspot.com/10911334
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12528 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-17 11:38:24 +00:00
ulan@chromium.org
4bd4fb1aa4
Throw a more descriptive exception when blocking 'eval' via CSP.
...
BUG=140191
R=svenpanne@chromium.org ,mkwst@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10837358
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-17 09:58:22 +00:00
yangguo@chromium.org
cb72bf5735
Fix debugger's eval when close to stack overflow.
...
R=verwaest@chromium.org
BUG=v8:2318
Review URL: https://chromiumcodereview.appspot.com/10914290
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12518 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-14 13:40:32 +00:00
verwaest@chromium.org
ad4746c8a3
CNLT with descriptors but no valid enum fields has to clear the EnumCache.
...
Review URL: https://chromiumcodereview.appspot.com/10928204
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12512 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-14 13:15:43 +00:00
yangguo@chromium.org
8d04c8c89f
Replace r12503. Explicitly check toString() for exception in d8's print().
...
R=jkummerow@chromium.org
BUG=v8:2317
Review URL: https://chromiumcodereview.appspot.com/10911305
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12507 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-14 11:43:46 +00:00
erik.corry@gmail.com
5a8d1764bc
Refactoring of snapshots. This simplifies and improves
...
the speed of deserializing code. The current startup
time improvement for V8 is around 6%, but code deserialization
is speeded up disproportionately, and we will soon have more
code in the snapshot.
* Removed support for deserializing into large object space.
The regular pages are 1Mbyte now and that is plenty. This
is a big simplification.
* Instead of reserving space for the snapshot we actually
allocate it now. This removes some special casing from
the memory management and simplifies deserialization since
we are just bumping a pointer rather than calling the
normal allocation routines during deserialization.
* Record in the snapshot how much we need to boot up and
allocate it instead of just assuming that allocations in
a new VM will always be linear.
* In the snapshot we always address an object as a negative
offset from the current allocation point. We used to
sometimes address from the start of the deserialized data,
but this is less useful now that we have good support for
roots and repetitions in the deserialization data.
* Code objects were previously deserialized (like other
objects) by alternating raw data (deserialized with memcpy)
and pointers (to external references, other objects, etc.).
Now we deserialize code objects with a single memcpy,
followed by a series of skips and pointers that partially
overwrite the code we memcopied out of the snapshot.
The skips are sometimes merged into the following
instruction in the deserialization data to reduce dispatch
time.
* Integers in the snapshot were stored in a variable length
format that gives a compact representation for small positive
integers. This is still the case, but the new encoding can
be decoded without branches or conditional instructions,
which is faster on a modern CPU.
Review URL: https://chromiumcodereview.appspot.com/10918067
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12505 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-14 11:16:56 +00:00
mstarzinger@chromium.org
77a7d9f539
Fix caching of optimized code for OSR.
...
This makes sure we do not share optimized code across closures that were
optimized using OSR (for a particular OSR entry AST id) even if caching
of optimized code kicks in.
R=danno@chromium.org
BUG=v8:2326
TEST=mjsunit/regress/regress-2326
Review URL: https://codereview.chromium.org/10933088
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12504 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-14 10:41:31 +00:00
yangguo@chromium.org
4fe330c055
Not mask exception thrown by toString in String::UtfValue etc.
...
R=jkummerow@chromium.org
BUG=v8:2317
Review URL: https://chromiumcodereview.appspot.com/10917236
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12503 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-14 08:13:57 +00:00
yangguo@chromium.org
4f47e68a08
Fix printf formatting in test-compiler.
...
R=jkummerow@chromium.org
BUG=v8:2319
Review URL: https://chromiumcodereview.appspot.com/10928182
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12499 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-13 15:06:15 +00:00
mstarzinger@chromium.org
8db2000615
Fix API check for length of external arrays.
...
R=jkummerow@chromium.org
BUG=chromium:148896
TEST=cctest/test-api/ExternalArrayLimits
Review URL: https://codereview.chromium.org/10914257
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12495 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-13 09:36:56 +00:00
verwaest@chromium.org
1d1adaf9d3
Ensure correct enumeration indices in the dict
...
BUG=chromium:148376
Review URL: https://chromiumcodereview.appspot.com/10908216
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12494 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-13 08:52:55 +00:00
mmassi@chromium.org
22aed1cddd
Fixed bounds check removal by restricting it to int32 indexes (and reenabled both ABCR and index dehoisting).
...
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10905232
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12493 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-12 17:00:25 +00:00
verwaest@chromium.org
ebd3241b05
Sharing of descriptor arrays.
...
This CL adds multiple things:
Transition arrays do not directly point at their descriptor array anymore, but rather do so via an indirect pointer (a JSGlobalPropertyCell).
An ownership bit is added to maps indicating whether it owns its own descriptor array or not.
Maps owning a descriptor array can pass on ownership if a transition from that map is generated; but only if the descriptor array stays exactly the same; or if a descriptor is added.
Maps that don't have ownership get ownership back if their direct child to which ownership was passed is cleared in ClearNonLiveTransitions.
To detect which descriptors in an array are valid, each map knows its own NumberOfOwnDescriptors. Since the descriptors are sorted in order of addition, if we search and find a descriptor with index bigger than this number, it is not valid for the given map.
We currently still build up an enumeration cache (although this may disappear). The enumeration cache is always built for the entire descriptor array, even if not all descriptors are owned by the map. Once a descriptor array has an enumeration cache for a given map; this invariant will always be true, even if the descriptor array was extended. The extended array will inherit the enumeration cache from the smaller descriptor array. If a map with more descriptors needs an enumeration cache, it's EnumLength will still be set to invalid, so it will have to recompute the enumeration cache. This new cache will also be valid for smaller maps since they have their own enumlength; and use this to loop over the cache. If the EnumLength is still invalid, but there is already a cache present that is big enough; we just initialize the EnumLength field for the map.
When we apply ClearNonLiveTransitions and descriptor ownership is passed back to a parent map, the descriptor array is trimmed in-place and resorted. At the same time, the enumeration cache is trimmed in-place.
Only transition arrays contain descriptor arrays. If we transition to a map and pass ownership of the descriptor array along, the child map will not store the descriptor array it owns. Rather its parent will keep the pointer. So for every leaf-map, we find the descriptor array by following the back pointer, reading out the transition array, and fetching the descriptor array from the JSGlobalPropertyCell. If a map has a transition array, we fetch it from there. If a map has undefined as its back-pointer and has no transition array; it is considered to have an empty descriptor array.
When we modify properties, we cannot share the descriptor array. To accommodate this, the child map will get its own transition array; even if there are not necessarily any transitions leaving from the child map. This is necessary since it's the only way to store its own descriptor array.
Review URL: https://chromiumcodereview.appspot.com/10909007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12492 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-12 16:43:57 +00:00
yangguo@chromium.org
67d0506622
Correctly initialize regexp global cache.
...
R=ulan@chromium.org
BUG=148378
Review URL: https://chromiumcodereview.appspot.com/10905239
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12491 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-12 15:26:43 +00:00
mstarzinger@chromium.org
f37f504de5
Fix arguments object materialization during deopt.
...
This fixes materialization of arguments objects for strict mode functions during
deoptimization. We materialize arguments from the stack area where optimized
code pushes the arguments when entering the inlined environment. For adapted
invocations we use the arguments adaptor frame for materialization.
R=svenpanne@chromium.org
BUG=v8:2261
TEST=mjsunit/regress/regress-2261,mjsunit/compiler/inline-arguments
Review URL: https://chromiumcodereview.appspot.com/10908194
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12489 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-12 12:28:42 +00:00
yangguo@chromium.org
6a9e4048aa
Introduce new API to expose external string resource regardless of encoding.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/10917211
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12488 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-12 11:29:50 +00:00
yangguo@chromium.org
59b9a32b34
Fix edge case of extension with NULL as source string.
...
BUG=144649
Review URL: https://chromiumcodereview.appspot.com/10914201
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12485 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-11 14:16:56 +00:00
ulan@chromium.org
a9162af1af
Fix delta computation in DoDeferredInstanceOfKnownGlobal() for ARM.
...
BUG=v8:2314
R=yangguo@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10908195
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12478 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-11 11:36:48 +00:00
peter.rybin@gmail.com
bda5ce9cd6
Introduce InternalProperty type and expose internal properties for bound functions
...
Committed: https://code.google.com/p/v8/source/detail?r=12346
Review URL: https://chromiumcodereview.appspot.com/10834376
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-10 23:17:04 +00:00
mstarzinger@chromium.org
f6cd2403e3
Fix deoptimizer for shared optimized code.
...
The deoptimizer searched the stack for activations of the same function to
determine whether to trigger lazy deopting. Since we share optimized code we
actually need to search for activations of the same code (but potentially
different functions).
R=jkummerow@chromium.org
BUG=chromium:147475
TEST=mjsunit/regress/regress-crbug-147475
Review URL: https://chromiumcodereview.appspot.com/10917162
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-10 11:05:17 +00:00
yangguo@chromium.org
bf229e93eb
Enable/disable LiveEdit using the (C++) debug API.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/10875072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12472 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-10 09:24:17 +00:00
yangguo@chromium.org
1a0c14f12c
Add checks to runtime functions.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/10915062
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12471 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-10 08:35:26 +00:00
svenpanne@chromium.org
7af6883098
Fixed deoptimization of inlined getters.
...
It is necessary to explicitly handle the internal frame lying between the caller
of the getter and the getter itself in the deoptimizer: When the getter is
inlined, leaving the internal frame restores the correct context.
BUG=http://crbug/134609
TEST=mjsunit/regress/regress-crbug-134609
Review URL: https://chromiumcodereview.appspot.com/10910110
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12470 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-07 09:01:54 +00:00
erik.corry@gmail.com
03e4ddcfcf
Loosen up code logging test that was sensitive to GC timing.
...
Review URL: https://chromiumcodereview.appspot.com/10918096
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12463 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-06 11:05:40 +00:00
erik.corry@gmail.com
9ff7ec1c4a
Fix binding in new Function().
...
Review URL: https://chromiumcodereview.appspot.com/10916114
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12442 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-05 11:45:58 +00:00
erik.corry@gmail.com
e5df02834b
Fix some corner cases in skipping native methods using caller.
...
Review URL: https://chromiumcodereview.appspot.com/10911063
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12439 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-05 08:19:49 +00:00
yangguo@chromium.org
5ac2a5d22e
Revert r12430, r12432, r12433 (basic support for Latin1).
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/10905075
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12438 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-04 12:23:22 +00:00
verwaest@chromium.org
0c24942be7
Fixed test expectation.
...
Review URL: https://chromiumcodereview.appspot.com/10913062
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12435 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-04 09:54:36 +00:00
verwaest@chromium.org
a8638c1570
Support register as right operand in min/max support.
...
R=jkummerow@chromium.org
BUG=chromium:145961
TEST=mjsunit/regress/regress-crbug-145961.js
Review URL: https://chromiumcodereview.appspot.com/10914072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-04 09:35:43 +00:00
yangguo@chromium.org
37c1c06108
Fix more windows build warnings.
...
TBR=ulan@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/10917065
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12433 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-03 15:50:24 +00:00
yangguo@chromium.org
74f06b1f99
Add basic support for Latin1 to the API.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/10857030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12430 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-03 15:06:36 +00:00
mstarzinger@chromium.org
74aa15bfa0
Fix FindSharedFunctionInfoInScript to not optimize.
...
This prevents a corner case in FindSharedFunctionInfoInScript that would cause
functions to be optimized because an intermittent GC would clear the flag
indicating whether breakpoints are present. Above method was also moved into the
Debug class because it is only used by the debugger.
R=verwaest@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10914065
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12428 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-03 14:23:00 +00:00
yangguo@chromium.org
ddfae013a6
Disable test that triggers known bug.
...
BUG=v8:2261
Review URL: https://chromiumcodereview.appspot.com/10910029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12418 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-31 12:02:02 +00:00
yangguo@chromium.org
5dd51bafef
Cache results in SearchRegExpMultiple.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/10837290
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12416 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-31 09:28:01 +00:00
verwaest@chromium.org
90db487390
Elements load depends on the type of the receiver.
...
R=jkummerow@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10918005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12413 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-30 17:31:32 +00:00
yangguo@chromium.org
5419ee7ba0
Release stack trace data after firing Error.stack accessor.
...
BUG=v8:2308
Review URL: https://chromiumcodereview.appspot.com/10886012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12403 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-29 07:51:48 +00:00
jkummerow@chromium.org
f9d4856289
Add a new API V8::SetJitCodeEventHandler to push code name and location to users such as profilers.
...
BUG=None
TEST=Included in CL.
Committed: https://code.google.com/p/v8/source/detail?r=12389
Review URL: https://chromiumcodereview.appspot.com/10795074
Patch from Sigurður Ásgeirsson <siggi@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12401 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-28 14:43:28 +00:00
rossberg@chromium.org
b0067e9cd5
Disable test that triggers known bug.
...
R=verwaest@chromium.org
BUG=v8:2261
Review URL: https://chromiumcodereview.appspot.com/10896005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12399 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-28 14:17:55 +00:00
rossberg@chromium.org
ccc827a6f8
Allocate block-scoped global bindings to global context.
...
- The global object has a reference to the current global scope chain.
Running a script adds to the chain if it contains global lexical declarations.
- Scripts are executed relative to a global, not a native context.
- Harmony let and const bindings are allocated to the innermost global context;
var and function still live on the global object.
(Lexical bindings are not reflected on the global object at all,
but that will probably change later using accessors, as for modules.)
- Compilation of scripts now needs a (global) context (previously only eval did).
- The global scope chain represents one logical scope, so collision tests take
the chain into account.
R=svenpanne@chromium.org
BUG=
Review URL: https://chromiumcodereview.appspot.com/10872084
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12398 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-28 11:25:08 +00:00
rossberg@chromium.org
1dbf670713
Index script compilation cache over context, too,
...
in preparation for global lexical scope.
R=ulan@chromium.org
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/10878007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-28 10:49:23 +00:00
yangguo@chromium.org
7cbca775ee
Reland regexp global optimizations.
...
BUG=
Review URL: https://chromiumcodereview.appspot.com/10872010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-28 09:37:41 +00:00
verwaest@chromium.org
a713f82aa6
Revert "Add a new API V8::SetJitCodeEventHandler to push code name and location to users such as profilers."
...
This reverts commit r12389.
TBR=jkummerow@chromium.org , CC=siggi@chromium.org
Review URL: https://chromiumcodereview.appspot.com/10870108
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12390 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-27 19:47:02 +00:00
jkummerow@chromium.org
0a6493b5a8
Add a new API V8::SetJitCodeEventHandler to push code name and location to users such as profilers.
...
BUG=None
TEST=Included in CL.
Review URL: https://chromiumcodereview.appspot.com/10795074
Patch from Sigurður Ásgeirsson <siggi@chromium.org>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12389 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-08-27 18:03:38 +00:00