AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
7,088 Commits 1 Branch 0 Tags 839 MiB
ff5e1c9822
Commit Graph

489 Commits

Author SHA1 Message Date
danno@chromium.org
6a5e0448c8 Share Maps for ElementsKind transitions 
Support sharing maps after an changing an object's ElementsKind for element kinds other then external elements.

R=svenpanne@chromium.org
BUG=none
TEST=external-arrays.js

Review URL: http://codereview.chromium.org/7862036

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9304 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-15 16:38:47 +00:00
rossberg@chromium.org
ff5c242a47 Test (and fix) all exception paths that can occur with proxies. 
R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7623013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9261 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-13 13:07:20 +00:00
kmillikin@chromium.org
40cd59f238 Remove in-loop tracking for call ICs. 
We passed this flag around in a lot of places and had differenc call
ICs based on it, but never did any real specialization based on its
value.

R=fschneider@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7869009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9260 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-13 12:53:28 +00:00
rossberg@chromium.org
e645597aa7 Implement function proxies (except for their use as constructors). 
Introduce new %Apply native.

Extend Execution::Call to optionally handle receiver rewriting (needed for %Apply).

Fix Function.prototype.bind for functions that have .apply modified.

R=kmillikin@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7623011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9258 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-13 11:42:57 +00:00
mikhail.naganov@gmail.com
f8e5c71e18 Rename SmartPointer to SmartArrayPointer. 
As pointed out in: http://codereview.chromium.org/7754007/#msg5

"SmartPointer should have been named SmartArrayPointer as it expects an input
allocated using new[] and deallocates it using delete[]. Using it as a simple
scoped pointer for a single object is incorrect."

R=mnaganov@chromium.org

Review URL: http://codereview.chromium.org/7860011
Patch from Thiago Farina <tfarina@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9215 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-09 22:39:47 +00:00
danno@chromium.org
ab26d8356c Key external array map transitions on ElementsKind instead of ExternalArrayType 
R=jkummrow@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7787007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9214 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-09 14:47:37 +00:00
danno@chromium.org
df860eda5c Don't allow seal or element property re-definition on external arrays. 
R=ricow@chromium.org
BUG=95920
TEST=test/mjsunit/regress/regress-95920.js

Review URL: http://codereview.chromium.org/7858031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9213 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-09 14:30:00 +00:00
danno@chromium.org
9b2de409f9 Mechanical refactor to move ElementsKind type out of JSObject. 
R=svenpanne@chromium.org
BUG=none
TEST=all

Review URL: http://codereview.chromium.org/7849017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9208 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-09 09:35:57 +00:00
lrn@chromium.org
689f3cb314 Rename scanner.* to scanner-character-streams.*. and scanner-base.* to scanner.* 
R=lrn@chromium.org

Signed-off-by: Thiago Farina <tfarina@chromium.org>

Review URL: http://codereview.chromium.org/7739020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9195 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-08 13:06:44 +00:00
kmillikin@chromium.org
690efb3a04 Fix deoptimization data printing. 
Remove a spurious newline.

R=whesse@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7792052

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9090 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-09-01 08:00:40 +00:00
yangguo@chromium.org
77141f78ff Tentative implementation of string slices (hidden under the flag --string-slices). 
TEST=test/mjsunit/string-slices.js

Review URL: http://codereview.chromium.org/7477045

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9027 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-26 13:03:30 +00:00
lrn@chromium.org
13dd915a2a Fix typo in assert. 
Also remove the requirement to have an AssertNoAllocation object when getting the flat content. We actually do allow allocation, it's just GC's we don't allow.

Review URL: http://codereview.chromium.org/7710018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-23 13:23:30 +00:00
lrn@chromium.org
9eb7d4a53c Replace ToAsciiVector and ToUC16Vector with single function that returns a tagged value. 
The tag tells whether the content is ASCII or UC16, or even if the string wasn't flat.

BUG: v8:1633

Review URL: http://codereview.chromium.org/7709024

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8999 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-23 12:22:12 +00:00
danno@chromium.org
4c460099a0 Unify GetElement handlers in ElementsAccessor 
BUG=none
TEST=external-arrays.js

Review URL: http://codereview.chromium.org/7655030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8966 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-18 09:51:08 +00:00
danno@chromium.org
a8b4b4f42a Remove redundant implementation of UnionOfKeys 
R=svenpanne@chromium.org
BUG=none
TEST=external-arrays.js

Review URL: http://codereview.chromium.org/7670037

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8965 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-18 09:20:32 +00:00
vegorov@chromium.org
4b94137323 Fix GC unsafe place in JSProxy::DeletePropertyWithHandler. 
Review URL: http://codereview.chromium.org/7670023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8952 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-17 09:51:20 +00:00
vegorov@chromium.org
bdfceace53 Fix potentially GC unsafe place in JSObject::DeleteElementWithInterceptor. 
Review URL: http://codereview.chromium.org/7660012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8946 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-16 15:51:49 +00:00
danno@chromium.org
96f198a4dc Change AddElementsToFixedArray to work on FixedArrayBase rather than JSObject 
In the process, make ElementsAccessors work internally more seamlessly with FixedArrayBase.

R=svenpanne@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7618012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8930 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-12 14:52:03 +00:00
danno@chromium.org
48f411a225 Change JSObject elements to be of type FixedArrayBase 
R=kmillikin@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7617010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8927 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-12 13:54:27 +00:00
svenpanne@chromium.org
bb81895595 Fixed printing of deoptimization input data without --print-code-verbose. 
Review URL: http://codereview.chromium.org/7617008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8898 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-11 13:56:09 +00:00
danno@chromium.org
ff13ab4575 Refactor UnionOfKeys into ElementsAccessor 
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7529046

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8870 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-10 10:51:01 +00:00
whesse@chromium.org
92e7656c4d Clean up TranslationIterator and DeoptimizationInputDataPrint. 
Without this refactoring, they break when we add alignment padding in the Translation info.

BUG=
TEST=

Review URL: http://codereview.chromium.org/7569009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8851 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-08 07:17:01 +00:00
danno@chromium.org
4a7a47ac8f Move element deletion into element handlers 
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7566004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8826 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-04 11:42:14 +00:00
danno@chromium.org
9aa75ed998 Fix out-of-bounds access in fetching propery names 
R=vegorov@chromium.org
BUG=chromium:91517
TEST=none

Review URL: http://codereview.chromium.org/7565009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-04 09:23:25 +00:00
mstarzinger@chromium.org
b05ff5e0b9 Prototype of mark-and-compact support for Harmony weak maps. 
R=vegorov@chromium.org
BUG=v8:1565
TEST=cctest/test-weakmaps

Review URL: http://codereview.chromium.org/7553012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8817 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-03 12:48:30 +00:00
danno@chromium.org
a2eaf852a9 Fix performance regression due to elements refactor 
Consolidate the runtime logic for fetching elements from Objects and JSObjects so that element access in the GetElement cases that are not handled in generated code.

R=svenpanne@chromium.org
BUG=none
TEST=closure.js test faster

Review URL: http://codereview.chromium.org/7569001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8815 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-03 12:42:04 +00:00
mstarzinger@chromium.org
2bb7c74f80 Preliminary Harmony weak maps API implementation. 
R=rossberg@chromium.org,danno@chromium.org
BUG=v8:1565
TEST=mjsunit/harmony/weakmaps

Review URL: http://codereview.chromium.org/7529007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8811 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-03 11:55:13 +00:00
danno@chromium.org
bdf6895bb3 Encapsulate element handling into a class keyed on ElementsKind 
Advantage is that it's much easier to add new element types (like FAST_SMI_ELEMENTS), and that handling logic for each element kind is (more) consolidated.

Currently, only GetElementsWithReceiver uses the new encapsulation, but the goal is to move much more element functionality into the class incrementally.

BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7527001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8810 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-03 11:12:46 +00:00
danno@chromium.org
b333719607 Properly handle FixedDoubleArrays in sort() 
R=jkummerow@chromium.org
BUG=91008
TEST=regress-91008.js

Review URL: http://codereview.chromium.org/7542008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-08-02 14:05:11 +00:00
mstarzinger@chromium.org
eef3e8739e Reintroduced dictionary that can use objects as keys. 
R=vitalyr@chromium.org
TEST=cctest/test-dictionary

Review URL: http://codereview.chromium.org/7385006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8761 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-28 17:21:22 +00:00
vitalyr@chromium.org
42a2b4ede7 Improve fast to slow elements conversion: 
o Use a more strict limit for old arrays.

o Initial capacity of a slow elements dictionary should be the number
  of used elements and not the old array capacity.

R=danno@chromium.org

Review URL: http://codereview.chromium.org/7464032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8744 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-26 13:56:21 +00:00
jkummerow@chromium.org
0aab25fabf Fix: FunctionTemplate::SetPrototypeAttributes broke prototype object 
BUG=v8:1539
TEST=cctest test-api/SetPrototypeAttributes

Review URL: http://codereview.chromium.org/7324027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8737 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-25 15:01:45 +00:00
danno@chromium.org
3e7d642d0a Remaining changes to fully support FastDoubleArray. 
R=ager@chromium.org
BUG=none
TEST=cctests, unboxed-double-array.js

Review URL: http://codereview.chromium.org/7473031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8718 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-22 09:04:16 +00:00
svenpanne@chromium.org
f7138b1427 Implement a type recording ToBoolean IC. 
The IC records the set of types it has seen, e.g. {String} or {Boolean,
Undefined}, etc.  Note that in theory this could lead to a large number of
different ToBoolean ICs (512, to be exact, because we distinguish 9 types),
but in practice only a small handful of them are actually generated.

Currently the type recording part is only implemented on ia32, other platforms
continue to work like they did before, though.

Removed some dead code on the way.
Review URL: http://codereview.chromium.org/7473028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-21 13:51:04 +00:00
rossberg@chromium.org
3ff882ff64 Make proxy fixing GC safe. 
R=vegorov@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7460009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-21 11:28:18 +00:00
vitalyr@chromium.org
013baa4164 Slightly simplify slow elements conversion check. 
R=danno@chromium.org

Review URL: http://codereview.chromium.org/7460011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8700 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-20 15:14:50 +00:00
danno@chromium.org
92fc85b480 Implement support for getters/setter on FixedDoubleArrays. 
R=ager@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7459009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-20 13:41:50 +00:00
danno@chromium.org
8bc3254e4b Implement for..in for FastDoubleArrays 
Also add tests for apply on FastDoubleArrays.

R=ager@chromium.org
BUG=none
TEST=unboxed-double-array.js

Review URL: http://codereview.chromium.org/7461018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-20 10:54:58 +00:00
danno@chromium.org
a85a493f70 Reland 8636: Implement setting the length property for FixedDoubleArrays. 
R=ager@chromium.org
BUG=none
TEST=unboxed-double-arrays.js

Review URL: http://codereview.chromium.org/7460008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8690 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-20 09:11:38 +00:00
whesse@chromium.org
47e03a0000 fix -Wunused-but-set-variable for gcc-4.6 on x64 
* src/third_party/valgrind/valgrind.h: Update from upstream valgrind
  r11899, so as to get around some unused value warnings.  Also adds
  support for darwin.

  This version of valgrind.h differs from the original in that all
  instances of "unsigned long long int" have been replaced with
  "uint64_t", as the former is not allowed in ISO C++ 89.

  See https://bugs.kde.org/show_bug.cgi?id=211926 for the upstream bug
  report.

* src/x64/cpu-x64.cc:
* src/builtins.cc:
* src/conversions-inl.h:
* src/debug.cc:
* src/frames.cc:
* src/full-codegen.cc:
* src/jsregexp.cc:
* src/objects.cc:
* src/parser.cc:
* src/platform-linux.cc:
* src/x64/code-stubs-x64.cc:
* src/x64/deoptimizer-x64.cc:
* src/x64/full-codegen-x64.cc:
* src/x64/lithium-codegen-x64.cc:
* src/x64/regexp-macro-assembler-x64.cc:
* src/x64/stub-cache-x64.cc: Remove a number of assigned but
  unreferenced variables.

* SConstruct (CCTEST_EXTRA_FLAGS): Punt on -Wunused-but-set-variable for
  the test suite.

BUG=1291
TEST=A build and tools/test.py passes.

Review URL: http://codereview.chromium.org/7400023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-20 08:09:58 +00:00
danno@chromium.org
a1e851e916 Rollback 8683: Implement setting the length property for FixedDoubleArrays 
R=ager@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7448002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-19 16:34:17 +00:00
danno@chromium.org
837d83ebf3 Implement setting the length property for FixedDoubleArrays. 
R=ager@chromium.org
BUG=none
TEST=none

Review URL: http://codereview.chromium.org/7400020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-19 16:06:17 +00:00
rossberg@chromium.org
f7ff89ea02 Implement `in' for proxies. 
R=ager@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7390028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-19 09:38:59 +00:00
rossberg@chromium.org
5e62e325ac Implement sealing, freezing, and related functions for proxies. 
R=ager@chromium.org
BUG=v8:1543
TEST=

Review URL: http://codereview.chromium.org/7391001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-18 13:04:52 +00:00
rossberg@chromium.org
75a2c49c1d Implement delete trap for proxies. 
R=ager@chromium.org
BUG=1543
TEST=

Review URL: http://codereview.chromium.org/7369001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-15 09:10:20 +00:00
danno@chromium.org
391ef3be33 Implement ICs for FastDoubleArray loads and stores 
Implemented on ia32, x64, ARM. Stubbed out with UNIMPLEMENTED on MIPS.

BUG=none
TEST=unbox-double-arrays.js

Review URL: http://codereview.chromium.org/7307030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8637 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-13 13:50:27 +00:00
whesse@chromium.org
b2e8d72bf5 Revert r8619 because of Webkit failures. 
Review URL: http://codereview.chromium.org/7351014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8628 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-13 11:13:40 +00:00
yangguo@chromium.org
c0044bb7e2 Added dictionary that can use objects as keys. 
R=vegorov@chromium.org
TEST=cctest/test-dictionary

Review URL: http://codereview.chromium.org/7349005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8619 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-12 15:13:57 +00:00
kmillikin@chromium.org
890bc1607a Fix a potential crash in const declaration. 
Declaration of const lookup slots would trigger an assertion if there was a
setter somewhere in the prototype chain, and that setter was shadowed by a
non-readonly data property also in the prototype chain.

R=ager@chromium.org
BUG=
TEST=

Review URL: http://codereview.chromium.org/7324048

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8602 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-11 14:07:12 +00:00
vegorov@chromium.org
3555f82311 Fix bug in Map::TraverseTransitionTree. 
If map has an empty DescriptorArray we have to set map_or_index_field to NULL otherwise we will
reset iteration state for a previously visited map in the transition tree which has a non-empty
DescriptorArray. This might result in visiting the same map several times.

R=whesse@chromium.org
BUG=v8:1526

Review URL: http://codereview.chromium.org/7329043

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2011-07-11 12:06:35 +00:00