AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
rossberg@chromium.org	8d79ff46d0	Clean-up refactoring to eliminate GetLocalElementKind. Eliminates substantial amounts of fragile code duplication and special casing. Also fixes "a".propertyIsEnumerable(0) to correctly return true. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/11420011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-16 13:28:34 +00:00
svenpanne@chromium.org	d5f589808d	Removed a bunch of GetExistingThreadLocal calls by threading the Isolate. For Octane, the number of calls go down from 7341629 to 1947880, i.e. they are reduced by more than 73%. TLS access is not especially cheap, so this exercise seems worthwhile. Review URL: https://codereview.chromium.org/11412007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12979 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-16 08:38:11 +00:00
yangguo@chromium.org	3699616609	Rename SeqAsciiString This is a straight rename: NewRawAsciiString -> NewRawOneByteString SeqAscii -> SeqOneByte SeqOneByteString cannot yet take non-ascii data. R=yangguo@chromium.org, BUG= Review URL: https://chromiumcodereview.appspot.com/11411005 Patch from Dan Carney <dcarney@google.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12972 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-15 13:31:27 +00:00
rossberg@chromium.org	4fb992a872	Object.observe: Handle oldValue for elements with accessors properly. Extended ElementAccessor interface to allow querying PropertyType and AccessorPair. Also added respective functionality to JSObject. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/11358234 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12967 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-15 11:31:40 +00:00
rossberg@chromium.org	5e7b796479	Object.observe: Move notification of JSArray length changes to JSArray::SetElementsLength The previous implementation in Accessors::ArraySetLength failed when array length was set through StoreIC_ArrayLength. But that stub and the accessor both delegate to JSArray::SetElementsLength, so moving the code there allows notifications to be sent in both cases. Review URL: https://codereview.chromium.org/11275292 Patch from Adam Klein <adamk@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12962 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-14 16:51:21 +00:00
jkummerow@chromium.org	1c086d1202	Lattice-based representation inference, powered by left/right specific type feedback for BinaryOps and comparisons Review URL: https://chromiumcodereview.appspot.com/10837165 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-14 15:59:45 +00:00
rossberg@chromium.org	dcb6abd460	Restructure JSObject::SetElement for performance. Wins back ~1500 points on Octane/Gameboy that we lost with https://codereview.chromium.org/11365111 (CL 12900), presumably by lowering register pressure and/or handlification overhead. Hopefully benefits other regressions as well. R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/11275283 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12949 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-13 15:47:46 +00:00
mmassi@chromium.org	ce682a2489	Allow property indexes to refer to slots inside the object header. BUG= Review URL: https://chromiumcodereview.appspot.com/11365221 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12944 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-13 11:07:04 +00:00
svenpanne@chromium.org	073dfc0a6f	Fixed Code::FindCodeAgeSequence logic, removing a dead method on the way. Review URL: https://codereview.chromium.org/11364177 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12930 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-12 13:27:36 +00:00
rossberg@chromium.org	92e783bc28	Minor cleanup and optimisation of element methods. R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/11365175 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12927 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-12 11:08:34 +00:00
svenpanne@chromium.org	130c4041c7	Keep the number of descriptors below DescriptorArray::kMaxNumberOfDescriptors even for accessors Review URL: https://codereview.chromium.org/11362182 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12916 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-09 11:30:05 +00:00
rossberg@chromium.org	b72e5811e7	Object.observe: notify when element addition causes array growth Review URL: https://codereview.chromium.org/11369135 Patch from Adam Klein <adamk@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-09 10:57:54 +00:00
svenpanne@chromium.org	e4cbac8dfd	Fixed assertion. The name in question is not necessarily a symbol, so we have to use Equals instead of ==. BUG=http://www.playescapegoat.com/ Review URL: https://codereview.chromium.org/11368141 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12907 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-09 07:26:05 +00:00
rossberg@chromium.org	2af4744889	Handle Object.observe notifications for setting Array.length Also handles notification of deleted properties when an array is truncated by setting length. Review URL: https://codereview.chromium.org/11338048 Patch from Adam Klein <adamk@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-08 16:12:12 +00:00
rossberg@chromium.org	c203f05474	Delivery logic for Object.observe This CL has two parts: the first is the logic itself, whereby each observer callback is assigned a "priority" number the first time it's passed as an observer to Object.observe(), and that priority is used to determine the order of delivery. The second part invokes the above logic as part of the API, when the JS stack winds down to zero. Added several tests via the API, as the delivery logic isn't testable from a JS test (it runs after such a test would exit). Review URL: https://codereview.chromium.org/11266011 Patch from Adam Klein <adamk@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-08 13:44:59 +00:00
rossberg@chromium.org	8eb704257f	Object.observe: Fixed missing case for turning off ICs. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/11358122 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12901 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-08 13:15:54 +00:00
rossberg@chromium.org	fbc6e0d883	Object.observe: generate change records for indexed properties. Details: - Extend ElementAccessors with GetAttributes method. - Add HasLocalElement, Get[Local]ElementAttribute methods to JSReceiver/JSObject. - Otherwise, mirror implementation for named properties. Cannot correctly handle the cases yet where an accessor is redefined or deleted. Also fixed handling of object info table. (Based on CL https://codereview.chromium.org/11362115/) R=verwaest@chromium.org,mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/11365111 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-08 12:58:08 +00:00
danno@chromium.org	bd4e114b8e	Add code again to allow reclaiming old unexecuted functions. When code objects in the heap for FUNCTIONs and OPTIMIZED_FUNCTIONs are marked by the GC, their prologue is patched with a call to a stub that removes the patch. This allows the collector to quickly identify code objects that haven't been executed since the last full collection (they are the ones that sill contain the patch). The functionality is currently disabled, but can be activated by specifying the "--age-code". R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/10837037 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12898 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-08 12:18:11 +00:00
yangguo@chromium.org	943c10bb87	Rename kAsciiStringTag to kOneByteStringTag This is just a rename. After commit, I'll begin with the semantic changes. Until those are complete, kOneByteStringTag will have the same meaning as kAsciiStringTag. BUG= Review URL: https://chromiumcodereview.appspot.com/11293168 Patch from Dan Carney <dcarney@google.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12897 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-08 12:14:29 +00:00
mstarzinger@chromium.org	a31889e2de	Fix slack tracking when instance prototype changes. This fixes a corner case when the instance prototype of a function is changed while inobject slack tracking is still in progress. This caused the intial map to be unrelated for functions with the same shared info and hence the shared construct stub is no longer generic enough to work for all those functions. R=danno@chromium.org BUG=chromium:157019 TEST=mjsunit/regress/regress-crbug-157019 Review URL: https://codereview.chromium.org/11293059 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12896 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-08 11:56:44 +00:00
rossberg@chromium.org	e059e64c98	Object.observe: include oldValue in change records, plus more accurate distinction of different change types. Required handlifying more code. Also fixed a handlification bug in JSProxy::GetElementAttributeWithHandler. R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/11362115 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12888 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-07 14:14:50 +00:00
rossberg@chromium.org	b80cbd7922	Object.observe: generate change records for named properties. In more detail: - Set observation bit for observed objects (and make NormalizedMapCache respect it). - Mutation of observed objects is always delegated from ICs to runtime. - Introduce JS runtime function for notifying generated changes. - Invoke this function in the appropriate places (including some local refactoring). - Inclusion of oldValue field is not yet implemented, nor element properties. Also, shortened flag to --harmony-observation. R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/11347037 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-06 12:32:36 +00:00
verwaest@chromium.org	f95d9502c3	Removed duplicate line. Review URL: https://chromiumcodereview.appspot.com/11359055 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12860 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-05 15:37:04 +00:00
verwaest@chromium.org	384ab895e8	Remove superfluous setting of bitfield3. Review URL: https://chromiumcodereview.appspot.com/11367093 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12858 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-11-05 14:43:11 +00:00
mstarzinger@chromium.org	b55988625d	Get rid of obsolete unchecked accessors. R=yangguo@chromium.org BUG=v8:1490 Review URL: https://codereview.chromium.org/11271020 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12813 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-25 11:52:37 +00:00
mstarzinger@chromium.org	34d98a804d	Fix deletion of hidden property with inline-stored hash. R=yangguo@chromium.org BUG=chromium:157124 TEST=cctest/test-api/Regress157124 Review URL: https://codereview.chromium.org/11233033 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12785 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-22 12:50:51 +00:00
yangguo@chromium.org	3c5e899378	Fix two-char hash to use correct fallback for zero hashes. R=verwaest@chromium.org BUG= Review URL: https://chromiumcodereview.appspot.com/11228004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-22 10:38:40 +00:00
verwaest@chromium.org	b61933ba10	Eagerly follow transitions to existing maps while json parsing. Review URL: https://chromiumcodereview.appspot.com/11184006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12747 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-17 14:09:42 +00:00
verwaest@chromium.org	72424b3987	Move DescriptorArray into the map. Review URL: https://chromiumcodereview.appspot.com/11188031 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-17 13:04:49 +00:00
mstarzinger@chromium.org	02490829dd	Fix bug in deletion of indexed properties The delete operator always return true in case of indexed property. It should return false if an indexed property can't be deleted (eg. DontDelete attribute is set or a string object is the holder). Contributed by Peter Varga <pvarga@inf.u-szeged.hu> BUG=none TEST=mjsunit/delete-non-configurable Review URL: https://codereview.chromium.org/11094021 Patch from Peter Varga <pvarga@inf.u-szeged.hu>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12736 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-15 15:23:22 +00:00
verwaest@chromium.org	7c28995e5d	Invalidate the enum cache when converting a transition across which the descriptors are shared. Review URL: https://chromiumcodereview.appspot.com/11145017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12722 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-15 08:38:51 +00:00
mvstanton@chromium.org	b3c0ed8245	Enable --verify-heap in release mode R=mstarzinger@chromium.org BUG=v8:2120 Review URL: https://codereview.chromium.org/11118018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12713 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-12 11:41:14 +00:00
verwaest@chromium.org	9ecabf526c	Make EnumCacheBridge immutable. Review URL: https://chromiumcodereview.appspot.com/11048051 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-12 08:16:49 +00:00
verwaest@chromium.org	b75705f07b	Don't clear EnumLength but rather copy the enum cache. Added regression test for crashes from chromecrash. Review URL: https://chromiumcodereview.appspot.com/11103036 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-11 15:33:34 +00:00
verwaest@chromium.org	ad6a21c0d0	Remove descriptors pointer. Secondary changes: - don't transfer ownership back on CNLT - turned debugging checks back into ASSERT Review URL: https://chromiumcodereview.appspot.com/11099064 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12699 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-11 12:01:19 +00:00
verwaest@chromium.org	c2a9d49393	Transition ownership back if the descriptors were shared via elements transitions. BUG= Review URL: https://chromiumcodereview.appspot.com/11091044 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-10 13:13:35 +00:00
verwaest@chromium.org	dde1cdfb8e	Fix transition conversion from CONSTANT_FUNCTION to FIELD. Review URL: https://chromiumcodereview.appspot.com/11094044 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-10 12:31:50 +00:00
verwaest@chromium.org	55e924c595	Fix CNLT regression. This happens when a map A with no descriptors in fast_holey_elements mode first gets some properties, making it share descriptor arrays with a map B to which it transitions. Then map A transitions elements kind to dictionary_elements in map C. C stores the empty_descriptor_array in its own transition array. When adding a property to C, C transitions to D and shares the descriptors. If D dies, a CNLT clears the transition array of C, making the descriptor array of A (and thus also of B) shine through. If a property is now added to an object in state C, it'll inherit all the properties of A (and B). If those properties had high field indices, we do not have a large enough backing store for the single newly added property, and we'll write out of bounds. BUG=chromium:151749 Review URL: https://chromiumcodereview.appspot.com/11017054 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-10 12:29:44 +00:00
verwaest@chromium.org	15ebb22b6f	Off-by-one error in zapping objects after right trimming. Review URL: https://chromiumcodereview.appspot.com/11013012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12637 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-10-01 09:48:07 +00:00
verwaest@chromium.org	6fd0e69156	Restore the descriptor array before returning allocation failure. BUG=chromium:151750 Review URL: https://chromiumcodereview.appspot.com/10989076 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12629 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-28 10:15:58 +00:00
verwaest@chromium.org	f623eefddb	Only use OwnDescriptors to decide whether to go slow or not. Review URL: https://chromiumcodereview.appspot.com/10996044 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-27 13:55:50 +00:00
yangguo@chromium.org	681eda652d	Fast path for symbol lookup in JSON.parse. R=verwaest@chromium.org BUG= Review URL: https://chromiumcodereview.appspot.com/10969069 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12598 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-24 14:23:46 +00:00
verwaest@chromium.org	ab94a69d3d	Remove whitespace Review URL: https://chromiumcodereview.appspot.com/10949018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12546 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-19 11:09:07 +00:00
verwaest@chromium.org	947663aaa3	Use NumberOfOwnDescriptors/EnumLength for counting properties on fast objects. Also split CNLT into small functions. Review URL: https://chromiumcodereview.appspot.com/10950023 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-19 10:06:02 +00:00
verwaest@chromium.org	8b57f2694b	Reduce space usage of simple transitions and descriptors holders. Review URL: https://chromiumcodereview.appspot.com/10915260 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12544 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-19 09:54:10 +00:00
verwaest@chromium.org	1b9c319da2	Clear EnumIndices as well on CNLT. BUG= Review URL: https://chromiumcodereview.appspot.com/10944011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12542 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-19 08:08:02 +00:00
verwaest@chromium.org	5bf15c5d6c	Preallocate space in descriptor arrays. Review URL: https://chromiumcodereview.appspot.com/10916336 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12538 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-18 13:25:12 +00:00
mstarzinger@chromium.org	86fd161fdc	Fix casting error for receiver of interceptors. This fixes a casting error that occured when the receiver of a missed or uninitialized CallIC is a Smi and there is an interceptor installed on the prototype chain. R=yangguo@chromium.org BUG=chromium:149912 TEST=cctest/test-api/Regress149912 Review URL: https://codereview.chromium.org/10914317 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12531 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-17 14:39:10 +00:00
verwaest@chromium.org	204d22a583	Moving the WhitenessWitness back to DescriptorArray. TransitionArrays never allocate while being created. Review URL: https://chromiumcodereview.appspot.com/10908237 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-14 15:10:31 +00:00
verwaest@chromium.org	ad4746c8a3	CNLT with descriptors but no valid enum fields has to clear the EnumCache. Review URL: https://chromiumcodereview.appspot.com/10928204 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12512 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2012-09-14 13:15:43 +00:00

1 2 3 4 5 ...

825 Commits