svenpanne@chromium.org
627a3ecbd9
Improved printing of Simulate, LoadNamedFieldPolymorphic, LoadNamedGeneric, and StoreNamedField Hydrogen instructions a bit.
...
Review URL: http://codereview.chromium.org/8352044
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9725 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 12:55:31 +00:00
yangguo@chromium.org
bd5e694a9c
Refactor elements kind conversion.
...
Review URL: http://codereview.chromium.org/8355035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9724 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 12:36:45 +00:00
lrn@chromium.org
a47caee095
Make builtin functions be skipped in stack traces.
...
Does include exposed builtin functions ("native functions").
Review URL: http://codereview.chromium.org/8345039
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 12:31:33 +00:00
erik.corry@gmail.com
8f9721bbbf
Shave 39% from snapshot size.
...
Review URL: http://codereview.chromium.org/8344079
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9722 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 12:27:10 +00:00
vegorov@chromium.org
5d72dde98a
Switch UnreachableObjectsFilter to use Marking instead of InstrusiveMarking.
...
GcSafeFindCodeForInnerPointer does not work with intrusive marking now and it is used when roots are iterated.
R=erik.corry@gmail.com
Review URL: http://codereview.chromium.org/8342037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9721 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 11:40:16 +00:00
whesse@chromium.org
388813581e
Speed up comparison with a constant.
...
Improve optimized code for comparison of an int32 against a constant, or comparison of two double constants. Contributed by m.m.capewell.
Original codereview is http://codereview.chromium.org/7489045/ .
This cl is just created in order to commit the change.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8352040
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9718 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 10:26:45 +00:00
danno@chromium.org
c868f0c4a4
Fix x64 and ARM builds.
...
TBR=jkummerow@chromium.org
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/8358001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9717 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 10:07:54 +00:00
danno@chromium.org
5a5c3e4eae
Make sure PrintElementsKind is compiled in release mode.
...
TBR=jkummerow@chromium.org
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/8357035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 09:56:18 +00:00
danno@chromium.org
f7563019c7
Add flag to trace element kind transitions
...
Currently only traces transitions from generated ia32 code.
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/8357004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9715 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 09:38:24 +00:00
ulan@chromium.org
f985b15aae
Handlify upper layers of KeyedLoadIC.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8352003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9714 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 09:35:47 +00:00
jkummerow@chromium.org
655b2332d7
ElementsKind transitioning support for keyed loads in Crankshaft
...
Review URL: http://codereview.chromium.org/8352012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9713 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 08:49:01 +00:00
jkummerow@chromium.org
deff312f25
Handle keyed stores after elements transition monomorphically if possible
...
Review URL: http://codereview.chromium.org/8354003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 08:41:38 +00:00
svenpanne@chromium.org
3edfb4bbbc
Make IsGenericDescriptor spec-conformant.
...
When the descriptor argument is undefined, the spec is very explicit about the
fact that we should return false (not true, like we did previously). I couldn't
come up with a test case for this, but the old code leaves a bad feeling about
corner cases, so better play safe.
Review URL: http://codereview.chromium.org/8356004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9711 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 07:55:30 +00:00
mstarzinger@chromium.org
d107773867
Adapt sputnik test expectations to last change.
...
The version of Sputnik which we test against uses the obsolete ES3
specification when it comes to Function.prototype.apply, ignore some
test cases that are supposed to fail according to ES5.
TBR=rossberg@chromium.org
TEST=sputnik
Review URL: http://codereview.chromium.org/8355005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 15:34:32 +00:00
mstarzinger@chromium.org
67c9a03922
Fix handling Function.apply for non-array arguments.
...
R=rossberg@chromium.org
TEST=mjsunit/apply,test262
Review URL: http://codereview.chromium.org/8342034
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 13:56:18 +00:00
sgjesse@chromium.org
663bc0fb78
Temporarily skip asserts in test mjsunit/debug-step-3.js until issue is resolved
...
R=kmillikin@chromium.org
BUG=v8:1782
TEST=mjsunit/debug-step-3.js
Review URL: http://codereview.chromium.org//8356001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 13:47:53 +00:00
mstarzinger@chromium.org
6742176949
Fix Array.filter to use internal array for result.
...
In built-in code we use arrays for internal computations. This makes it
possible to affect the built-in code by putting getters or setters on
the array prototype chain. Using internal arrays prevents those issues.
Related to: http://code.google.com/p/v8/source/detail?r=7040
R=svenpanne@chromium.org
TEST=test262/15.4.4.20-9-b-6
Review URL: http://codereview.chromium.org/8353006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9707 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 13:44:29 +00:00
svenpanne@chromium.org
aaf3454248
[[DefineOwnProperty]] should always return true/false (or throw an exception), never undefined.
...
Note that this is not an observable behavior, but following the principle of
least surprise, we should follow the spec. Additional (extremely tiny) bonus:
Some ICs see fewer values => better code.
Review URL: http://codereview.chromium.org/8352004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9706 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 13:29:37 +00:00
jkummerow@chromium.org
439e4600df
Adjust elements-kind.js expectation when --smi-only-arrays is off
...
TEST=mjsunit/elements-kind passes both with and without --smi-only-arrays flag
Review URL: http://codereview.chromium.org/8356002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:44:50 +00:00
yangguo@chromium.org
372c16161c
Optimize fast element conversion in arm using batch store/loads.
...
Review URL: http://codereview.chromium.org/8353002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:15:15 +00:00
keuchel@chromium.org
17cc6d313f
Revert 9673, 9674 and 9675 because of failing webkit tests.
...
This reverts commits
r9673: "Scope tree serialization and ScopeIterator cleanup."
r9674: "Use OS::SNPrintF instead of snprintf."
r9675: "Use int instead of size_t, StrLength instead of strlen."
Review URL: http://codereview.chromium.org/8353003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9703 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:15:02 +00:00
jkummerow@chromium.org
3a9d6c04ba
Introduce HTransitionElementsKind instruction.
...
TEST=mjsunit/elements-kind
Review URL: http://codereview.chromium.org/8305001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9702 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:10:18 +00:00
kmillikin@chromium.org
838fc27766
Handlify the runtime lookup of CallIC and KeyedCallIC.
...
R=ulan@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8345038
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9701 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:04:16 +00:00
mstarzinger@chromium.org
acc0263755
MIPS: port Fix evaluation order of GT and LTE operators.
...
Port r9641 (2876c37)
Note that this port does not include crankshaft portions of this
commit. They have been included in today's update to
http://codereview.chromium.org/7934002/
Also, this fixes a changed function prototype for:
void Deoptimizer::RevertStackCheckCodeAt()
BUG=
TEST=
Review URL: http://codereview.chromium.org/8348028
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9700 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 11:44:38 +00:00
fschneider@chromium.org
2791cd5a2c
Allow inlining of named function expressions containing ThisFunction reference.
...
Named function expression have an implicit local variable that
refers to the current function (ThisFunction). Before we only could inline
anonymous function expressions like:
A.prototype.foo = function() {}
as opposed to
A.prototype.foo = function foo() {}
This change enables inlining function of expressions like this.
Review URL: http://codereview.chromium.org/8346032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9699 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 11:41:22 +00:00
danno@chromium.org
e5f23399b4
Support array literals with FAST_DOUBLE_ELEMENTS ElementsKind.
...
BUG=none
TEST=test/mjsunit/array-literal.js
Review URL: http://codereview.chromium.org/8258015
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9698 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 11:36:55 +00:00
vegorov@chromium.org
e27d8fcbdc
RegExpMacroAssembler::CheckStackGuardState should update input string pointer when it is moved or changed by GC.
...
If input string was cons-string it might undergo short-circuiting during GC. This does not change input start if underlying seq-string (first element of cons-string) does not move but this makes input-string pointer on the native regexp's frame invalid.
R=lrn@chromium.org
Review URL: http://codereview.chromium.org/8343001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9697 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 11:01:02 +00:00
yangguo@chromium.org
96dc1fde46
Bugfix for r9690.
...
BUG=arm debug test of mjsunit/elements-transition segfaults
Review URL: http://codereview.chromium.org/8342032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 10:44:20 +00:00
ricow@chromium.org
1c21a9dc6a
Don't allow large object space to grow over the max oldspace limit (fixes issue 1717)
...
Review URL: http://codereview.chromium.org/8345040
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9695 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 10:15:09 +00:00
svenpanne@chromium.org
d0fe04447e
Fixed evaluation order issue in defineProperties.
...
This is not covered by test262 yet, but it really makes sense and matches Firefox's behaviour.
TEST=mjsunit/define-properties.js
Review URL: http://codereview.chromium.org/8349031
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9694 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:52:08 +00:00
mstarzinger@chromium.org
b3eba9e764
Fix handling of non-object receivers for array builtins.
...
R=svenpanne@chromium.org
BUG=chromium:100702
TEST=mjsunit/regress/regress-100702
Review URL: http://codereview.chromium.org/8347034
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:24:37 +00:00
ulan@chromium.org
80e3843dc3
Handlify upper layers of StoreIC based on 8337008.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8341008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:17:01 +00:00
mstarzinger@chromium.org
8b181d4de6
Fix updating of property attributes for elements.
...
This fixes updating of property attributes for data elements when
attributes are already present on a dictionary element but get removed
by a subsequent redefinition of that element.
R=rossberg@chromium.org
BUG=v8:1772
TEST=test262/15.2.3.6-4-82-18
Review URL: http://codereview.chromium.org/8337017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:06:15 +00:00
yangguo@chromium.org
8472de004b
Porting r9605 to arm (elements kind conversion in generated code).
...
Review URL: http://codereview.chromium.org/8329022
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9690 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:04:35 +00:00
erik.corry@gmail.com
aa91760570
Fix from Paul Lind that helps post-isolates V8 work with older
...
Android releases. See http://code.google.com/p/v8/issues/detail?id=1780
Review URL: http://codereview.chromium.org/8347032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 07:49:47 +00:00
svenpanne@chromium.org
140ae348d2
Recognize special comparisons via pattern matching on the hydrogen graph, 2nd attempt.
...
This time, we initially leave the HTypeof instruction in the Hydrogen graph,
even for the special cases. We later try to remove this instruction (and any
HConstant) in the canonicalization pass, if possible. Always removing the
HTypeof during the initial graph construction is wrong if e.g. it is used in an
HSimulate.
The removals can be generalized a bit, but this will happen in a separate CL.
TEST=mjsunit/optimized-typeof.js
Review URL: http://codereview.chromium.org/8334021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 07:35:30 +00:00
fschneider@chromium.org
e8a26d1eb1
Add write barrier helper for code patching and refactor stack check patching.
...
The new helper avoids expensive FindCodeForInnerPointer invocation when we have
the host code object available. It is used when patching stack checks.
Also some comments on the ARM platform are corrected.
Review URL: http://codereview.chromium.org/8330021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 15:07:42 +00:00
vegorov@chromium.org
75dc771098
Increase ARM/MIPS simulators stack safety margin to 512 bytes
...
R=erik.corry@gmail.com
BUG=v8:1773
Review URL: http://codereview.chromium.org/8337014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 14:41:45 +00:00
mstarzinger@chromium.org
c4d25c8f37
Fix updating of property attributes for elements.
...
This fixes updating of property attributes for getters and setters on
dictionary elements while redefining. This just updates the property
details on the existing element.
R=rossberg@chromium.org
BUG=v8:1772
TEST=test262
Review URL: http://codereview.chromium.org/8337013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 13:49:19 +00:00
sgjesse@chromium.org
a58c963c67
Reapply "Support for precise stepping in functions compiled before debugging was started (step 2)"
...
This is reapplying r9501 with this single change which seemed to be causing most (all) of the failures for r9501.
--- a/src/debug.cc
+++ b/src/debug.cc
@@ -2230,6 +2230,7 @@ Debugger::Debugger(Isolate* isolate)
compiling_natives_(false),
is_loading_debugger_(false),
never_unload_debugger_(false),
+ force_debugger_active_(true),
message_handler_(NULL),
debugger_unload_pending_(false),
host_dispatch_handler_(NULL),
R=kmillikin@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org//8337009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 13:40:33 +00:00
lrn@chromium.org
cefbb1e7f8
Make bound functions have poisoned .caller and .arguments.
...
Also makes func.caller return null if the caller is a bound function,
matching JSC.
Fix bug preventing poisoned setters from triggering.
TEST=mjsunit/function-bind, mjsunit/strict-mode
Review URL: http://codereview.chromium.org/8333019
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:26:53 +00:00
ulan@chromium.org
feeb0b0211
Handlify upper layers of LoadIC.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8337008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:19:18 +00:00
jkummerow@chromium.org
24bc70b2fb
Silence GCC-4.5.3 warning about unused result in d8.cc
...
TEST=GCC 4.5.3 successfully compiles d8.cc even with -Werror enabled.
Review URL: http://codereview.chromium.org/8296018
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9679 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:10:13 +00:00
fschneider@chromium.org
456e5e00c3
Fix assert by reordering the initialization of the arguments boilerplate.
...
If a GC happened during initialization (when allocating the elements array)
of the non_strict_arguments_boilerplate, heap verification would fail with the following assert:
ASSERT_EQ((map()->has_fast_elements() || map()->has_fast_smi_only_elements()),
(elements()->map() == GetHeap()->fixed_array_map() ||
elements()->map() == GetHeap()->fixed_cow_array_map()));
This was not harmful since the boilerplate was setup
correctly immediatly afterwards.
Simplified the setup code by removing a call to GetElementsTransitionMap. It always return the same map as
the input object in this case and is therefore unnecessary.
Added more assertions to verify well-formed non-strict
arguments backing store.
BUG=v8:1520
TEST=no more flaky tests with failing this assert.
Review URL: http://codereview.chromium.org/8336021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9678 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:32:57 +00:00
lrn@chromium.org
b15cfedf38
Fix bug in instanceof of bound functions on ARM.
...
Implement same on Mips.
BUG=v8:1774
TEST=mjsunit/function-bind
Review URL: http://codereview.chromium.org/8337012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9677 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:30:29 +00:00
kmillikin@chromium.org
56c763f023
Make the GC aware of JSReceiver pointers in LookupResults.
...
The LookupResult utility class is used in handlified code, but it can
contain a raw pointer to the lookup's holder object. Create a per-thread
stack of live LookupResults and iterate all the live ones on GC.
R=vegorov@chromium.org ,erik.corry@gmail.com
BUG=
TEST=
Review URL: http://codereview.chromium.org/8341009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9676 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:18:55 +00:00
keuchel@chromium.org
96a2c24a16
Use int instead of size_t, StrLength instead of strlen.
...
Review URL: http://codereview.chromium.org/8339013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 10:08:33 +00:00
keuchel@chromium.org
69afd18e56
Use OS::SNPrintF instead of snprintf.
...
Review URL: http://codereview.chromium.org/8339011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9674 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 09:48:13 +00:00
keuchel@chromium.org
4e5643a648
Scope tree serialization and ScopeIterator cleanup.
...
The intention is to store enough scope information for the debugger to
handle stack allocation of block scoped variables introduced by
http://codereview.chromium.org/7860045/ .
This CL is based on
http://codereview.chromium.org/7904008/ .
Review URL: http://codereview.chromium.org/7979001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 08:46:46 +00:00
keuchel@chromium.org
7d89f0f3c8
Replace calls_eval() by calls_non_strict_eval() where possible.
...
Review URL: http://codereview.chromium.org/8321002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 15:19:34 +00:00