platform/upstream/v8.git
11 years agolinux: fix uClibc ifdeffery
jkummerow@chromium.org [Tue, 9 Apr 2013 08:05:38 +0000 (08:05 +0000)]
linux: fix uClibc ifdeffery

Remove duplicate inclusion of execinfo.h and make OS::DumpBacktrace
a NOOP on uclibc.

Review URL: https://codereview.chromium.org/13071007
Patch from Mostyn Bramley-Moore <mostynb@opera.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14172 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMove context retrieval method around. Use delegation for implementation.
svenpanne@chromium.org [Tue, 9 Apr 2013 07:34:32 +0000 (07:34 +0000)]
Move context retrieval method around. Use delegation for implementation.

This is a refactoring of https://code.google.com/p/v8/source/detail?r=14146.

Review URL: https://codereview.chromium.org/13940003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14171 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: ARM: Log an error if /proc/cpuinfo cannot be opened
palfia@homejinni.com [Mon, 8 Apr 2013 22:51:00 +0000 (22:51 +0000)]
MIPS: ARM: Log an error if /proc/cpuinfo cannot be opened

Port r14112 (8cc5081c)

Original commit message:
This will make it easier to see if the current CPU feature detection
starts breaking because of process sandboxing.

BUG=

Review URL: https://codereview.chromium.org/13582007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14170 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix worst-case behavior of MergeRemovableSimulates().
yangguo@chromium.org [Mon, 8 Apr 2013 17:37:22 +0000 (17:37 +0000)]
Fix worst-case behavior of MergeRemovableSimulates().

Currently, when a long series of removable simulates are merged, we do
this by merging them one by one as we find them.  As we merge the value
value lists of the simulates, those lists snowball so that we get a
quadratic complexity wrt runtime and memory consumption.

Instead, we gather simulates that need to be merged, and merge them
backwards starting from the last simulate.

R=jkummerow@chromium.org
BUG=v8:2612

Review URL: https://chromiumcodereview.appspot.com/13649003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14169 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove LOGGER macro
yurys@chromium.org [Mon, 8 Apr 2013 15:16:55 +0000 (15:16 +0000)]
Remove LOGGER macro

Use already saved isolate pointer and avoid TLS lookup when
retrieving Logger instance

BUG=None

Review URL: https://codereview.chromium.org/13529004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14168 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix bug in bignum implementation.
yangguo@chromium.org [Mon, 8 Apr 2013 15:13:57 +0000 (15:13 +0000)]
Fix bug in bignum implementation.

R=mstarzinger@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/13454019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14167 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoNo need to start Ticker for Crankshaft
yurys@chromium.org [Mon, 8 Apr 2013 15:09:03 +0000 (15:09 +0000)]
No need to start Ticker for Crankshaft

Crankshaft doesn't depend on the sampler thread any more. No
need to start the that thread for Crankshaft.

BUG=v8:2609

Review URL: https://codereview.chromium.org/13526003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14166 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoTrain wreck reduction.
svenpanne@chromium.org [Mon, 8 Apr 2013 13:10:59 +0000 (13:10 +0000)]
Train wreck reduction.

Furthermore, this tiny patch avoids direct access to the context_ field.

Review URL: https://codereview.chromium.org/13772004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14165 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoDevirtualize Parser
mstarzinger@chromium.org [Mon, 8 Apr 2013 11:53:50 +0000 (11:53 +0000)]
Devirtualize Parser

* src/parser.h: No one inherits from Parser, so the destructor can be
  non-virtual, removing the need for Parser to have a vtable. Also add
  BASE_EMBEDDED to it and to RegExpParser.

BUG=

Review URL: https://codereview.chromium.org/13640007
Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14162 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMove StackHandlerConstants to platform-independent frames.h
mstarzinger@chromium.org [Mon, 8 Apr 2013 11:17:32 +0000 (11:17 +0000)]
Move StackHandlerConstants to platform-independent frames.h

* src/frames.h: Move StackHandlerConstants here, as it is the same for
  all architectures.

BUG=

Review URL: https://codereview.chromium.org/13638002
Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14161 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoUnbreak --deopt-every-n-times.
svenpanne@chromium.org [Mon, 8 Apr 2013 07:51:32 +0000 (07:51 +0000)]
Unbreak --deopt-every-n-times.

Review URL: https://codereview.chromium.org/13779003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14160 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove ARM support for VFP2
danno@chromium.org [Sun, 7 Apr 2013 04:34:20 +0000 (04:34 +0000)]
Remove ARM support for VFP2

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/13560007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14159 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Remove conflicting FPU check for code generation in soft-float mode.
plind44@gmail.com [Fri, 5 Apr 2013 18:20:18 +0000 (18:20 +0000)]
MIPS: Remove conflicting FPU check for code generation in soft-float mode.

TEST=

BUG=

Review URL: https://codereview.chromium.org/13724002
Patch from Dusan Milosavljevic <Dusan.Milosavljevic@rt-rk.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14158 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Force context allocation for variables in generator scopes.
palfia@homejinni.com [Fri, 5 Apr 2013 16:48:36 +0000 (16:48 +0000)]
MIPS: Force context allocation for variables in generator scopes.

Port r14152 (4e58a8ea)

Original commit message:
* src/scopes.h (ForceContextAllocation, has_forced_context_allocation):
  New interface to force context allocation for an entire function's
  scope.

* src/scopes.cc: Unless a new scope is a function scope, if its outer
  scope has forced context allocation, it should also force context
  allocation.
  (MustAllocateInContext): Return true if the scope as a whole has
  forced context allocation.
  (CollectStackAndContextLocals): Allow temporaries to be
  context-allocated.

* src/parser.cc (ParseFunctionLiteral): Force context allocation for
  generator scopes.

* src/v8globals.h (VariableMode): Update comment on TEMPORARY.

* src/arm/full-codegen-arm.cc (Generate):
* src/ia32/full-codegen-ia32.cc (Generate):
* src/x64/full-codegen-x64.cc (Generate): Assert that generators have no
  stack slots.

    * test/mjsunit/harmony/generators-instantiation.js: New test.

BUG=

Review URL: https://codereview.chromium.org/13726009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14157 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Compile FastCloneShallowArrayStub using Crankshaft.
palfia@homejinni.com [Fri, 5 Apr 2013 16:47:34 +0000 (16:47 +0000)]
MIPS: Compile FastCloneShallowArrayStub using Crankshaft.

Port r14143 (8fd9594d)

BUG=

Review URL: https://codereview.chromium.org/13529018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14156 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove unnecessary explicity prototype check.
verwaest@chromium.org [Fri, 5 Apr 2013 15:17:44 +0000 (15:17 +0000)]
Remove unnecessary explicity prototype check.

The prototype is implicitly checked through a map check of the holder.
This is either checked in CheckPrototypes, or as part of the IC.

Review URL: https://chromiumcodereview.appspot.com/13529017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14155 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix Array.prototype.concat when exceeding array size limit.
yangguo@chromium.org [Fri, 5 Apr 2013 15:12:59 +0000 (15:12 +0000)]
Fix Array.prototype.concat when exceeding array size limit.

R=verwaest@chromium.org
BUG=v8:581

Review URL: https://chromiumcodereview.appspot.com/13465008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14154 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix presubmit style warning for gdb-jit.cc
mstarzinger@chromium.org [Fri, 5 Apr 2013 15:10:51 +0000 (15:10 +0000)]
Fix presubmit style warning for gdb-jit.cc

For many moons now I've been seeing this warning when running make x64.release.check:

  /home/wingo/src/v8/src/gdb-jit.cc:632:
     Single-argument constructors should be marked explicit.
     [runtime/explicit] [5]

This patch fixes it.

BUG=

Review URL: https://codereview.chromium.org/13724006
Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14153 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoForce context allocation for variables in generator scopes.
mstarzinger@chromium.org [Fri, 5 Apr 2013 13:19:31 +0000 (13:19 +0000)]
Force context allocation for variables in generator scopes.

* src/scopes.h (ForceContextAllocation, has_forced_context_allocation):
  New interface to force context allocation for an entire function's
  scope.

* src/scopes.cc: Unless a new scope is a function scope, if its outer
  scope has forced context allocation, it should also force context
  allocation.
  (MustAllocateInContext): Return true if the scope as a whole has
  forced context allocation.
  (CollectStackAndContextLocals): Allow temporaries to be
  context-allocated.

* src/parser.cc (ParseFunctionLiteral): Force context allocation for
  generator scopes.

* src/v8globals.h (VariableMode): Update comment on TEMPORARY.

* src/arm/full-codegen-arm.cc (Generate):
* src/ia32/full-codegen-ia32.cc (Generate):
* src/x64/full-codegen-x64.cc (Generate): Assert that generators have no
  stack slots.

* test/mjsunit/harmony/generators-instantiation.js: New test.

BUG=v8:2355
TEST=mjsunit/harmony/generators-instantiation

Review URL: https://codereview.chromium.org/13408005
Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14152 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRefactor parser mode configuration for correctness
mstarzinger@chromium.org [Fri, 5 Apr 2013 13:01:06 +0000 (13:01 +0000)]
Refactor parser mode configuration for correctness

This patch refactors the parser and preparser interface to be more
readable and type-safe.  It has no behavior changes.

Previously, parsers and preparsers were configured via bitfield called
parser_flags in the Parser constructor, and flags in
PreParser::PreParseProgram, ParserApi::Parse, and ParserApi::PreParse.
This was error-prone in practice: six call sites passed incorrectly
typed values to this interface (a boolean FLAG value, a boolean false
and a boolean true value).  None of these errors were caught by the
compiler because it's just an "int".

The parser flags interface was also awkward because it encoded a
language mode, but the language mode was only used to turn on harmony
scoping or not -- it wasn't used to actually set the parser's language
mode.

Fundamentally these errors came in because of the desire for a
procedural parser interface, in ParserApi.  Because we need to be able
to configure the parser in various ways, the flags argument got added;
but no one understood how to use the flags properly.  Also they were
only used by constructors: callers packed bits, and the constructors
unpacked them into booleans on the parser or preparser.

The solution is to allow parser construction, configuration, and
invocation to be separated.  This patch does that.

It passes the existing tests.

BUG=

Review URL: https://codereview.chromium.org/13450007
Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14151 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove push(holder_reg) in CheckAccessGlobalProxy.
yangguo@chromium.org [Fri, 5 Apr 2013 12:06:34 +0000 (12:06 +0000)]
Remove push(holder_reg) in CheckAccessGlobalProxy.

R=jkummerow@chromium.org
BUG=v8:119

Review URL: https://chromiumcodereview.appspot.com/13177002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14150 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoDo not implicitly convert non-object receivers for strict mode functions.
yangguo@chromium.org [Fri, 5 Apr 2013 11:57:02 +0000 (11:57 +0000)]
Do not implicitly convert non-object receivers for strict mode functions.

This was still the case for Array.prototype.* builtin functions.

R=rossberg@chromium.org
BUG=v8:2273

Review URL: https://chromiumcodereview.appspot.com/13473009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14149 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix minor typo in generator parsing test.
mstarzinger@chromium.org [Fri, 5 Apr 2013 08:38:40 +0000 (08:38 +0000)]
Fix minor typo in generator parsing test.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/13575010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14148 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRefactoring BuildAllocateElements.
hpayer@chromium.org [Fri, 5 Apr 2013 08:35:40 +0000 (08:35 +0000)]
Refactoring BuildAllocateElements.

BUG=

Review URL: https://codereview.chromium.org/13693004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14147 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoPass an isolate to GetCurrent()
haraken@chromium.org [Fri, 5 Apr 2013 02:17:56 +0000 (02:17 +0000)]
Pass an isolate to GetCurrent()

TEST=test-api.cc:GetCallingContextCallback

Review URL: https://chromiumcodereview.appspot.com//13426002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14146 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Resolved the rest of soft-float bugs.
plind44@gmail.com [Fri, 5 Apr 2013 02:16:58 +0000 (02:16 +0000)]
MIPS: Resolved the rest of soft-float bugs.

TEST=mjsunit/mul-exhaustive-part9, mjsunit/bit-not, mjsunit/greedy,
mjsunit/math-floor-of-div-nosudiv, mjsunit/math-floor-of-div,
mjsunit/numops-fuzz-part2

BUG=

Review URL: https://codereview.chromium.org/13455006
Patch from Dusan Milosavljevic <Dusan.Milosavljevic@rt-rk.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14145 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove code duplication in JSObject::HasRealElementProperty
adamk@chromium.org [Thu, 4 Apr 2013 19:12:59 +0000 (19:12 +0000)]
Remove code duplication in JSObject::HasRealElementProperty

Review URL: https://codereview.chromium.org/13540003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14144 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoCompile FastCloneShallowArrayStub using Crankshaft.
mstarzinger@chromium.org [Thu, 4 Apr 2013 17:55:43 +0000 (17:55 +0000)]
Compile FastCloneShallowArrayStub using Crankshaft.

R=danno@chromium.org

Review URL: https://codereview.chromium.org/12521011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14143 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Remove extranous holder load in some prototype-chain checking cases
palfia@homejinni.com [Thu, 4 Apr 2013 15:41:58 +0000 (15:41 +0000)]
MIPS: Remove extranous holder load in some prototype-chain checking cases

Port r14136 (d091bc0e)

BUG=

Review URL: https://codereview.chromium.org/13636002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14142 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoSkip long running regression test from r14078.
mstarzinger@chromium.org [Thu, 4 Apr 2013 14:46:18 +0000 (14:46 +0000)]
Skip long running regression test from r14078.

R=yangguo@chromium.org
BUG=chromium:217858
TEST=mjsunit/regress/regress-crbug-217858

Review URL: https://codereview.chromium.org/13640004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14141 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix bogus uses of preparser API
mstarzinger@chromium.org [Thu, 4 Apr 2013 14:34:19 +0000 (14:34 +0000)]
Fix bogus uses of preparser API

* src/api.cc (ScriptData::PreCompile): Fix bogus use of bogus value for
  preparsing flags by removing those arguments, which were always zero.

* src/parser.h
* src/parser.cc (ParserApi::PreParse): Remove extension and flags
  arguments, both of which were either always 0 or incorrectly used.

* test/cctest/test-parsing.cc (RegressChromium62639, Regress928): Fix
  more bogus uses of preparser api.

BUG=

Review URL: https://codereview.chromium.org/13496008
Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14140 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMake __proto__ a real JavaScript accessor property.
mstarzinger@chromium.org [Thu, 4 Apr 2013 12:10:23 +0000 (12:10 +0000)]
Make __proto__ a real JavaScript accessor property.

This turns the __proto__ callback from a foreign callback into a real
JavaScript accessor. It makes the accessor behavior of this property
explicit.

R=rossberg@chromium.org
BUG=v8:1949,v8:2606
TEST=mjsunit/regress/regress-2606

Review URL: https://codereview.chromium.org/13533004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14139 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove extranous holder load in some prototype-chain checking cases
danno@chromium.org [Thu, 4 Apr 2013 11:38:10 +0000 (11:38 +0000)]
Remove extranous holder load in some prototype-chain checking cases

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/13620003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14136 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoPrepare push to trunk. Now working on version 3.17.17.
mstarzinger@chromium.org [Thu, 4 Apr 2013 11:37:01 +0000 (11:37 +0000)]
Prepare push to trunk.  Now working on version 3.17.17.

R=danno@chromium.org

Review URL: https://codereview.chromium.org/13633002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14135 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoSwitch transition zapping to slower version.
mstarzinger@chromium.org [Thu, 4 Apr 2013 10:52:53 +0000 (10:52 +0000)]
Switch transition zapping to slower version.

This is just an experiment to track down high crash rates on some
systems where third-party software corrupts memory regions.

R=danno@chromium.org

Review URL: https://codereview.chromium.org/13630002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14134 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoTest behavior of qNaN and sNaN
dslomov@chromium.org [Thu, 4 Apr 2013 09:31:24 +0000 (09:31 +0000)]
Test behavior of qNaN and sNaN

BUG=v8:2607

Review URL: https://codereview.chromium.org/13470002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14133 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoAdd extra flag for load-ic stubs in code cache.
ulan@chromium.org [Thu, 4 Apr 2013 08:29:25 +0000 (08:29 +0000)]
Add extra flag for load-ic stubs in code cache.

This allows to distinguish between stubs compiled for the current object from
stubs compiled for objects that have the current object as a prototype.

BUG=v8:2593
R=verwaest@chromium.org

Review URL: https://chromiumcodereview.appspot.com/13552003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14132 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Ensure UseRegisterAtStart not used with fixed temp/return register
palfia@homejinni.com [Wed, 3 Apr 2013 17:26:59 +0000 (17:26 +0000)]
MIPS: Ensure UseRegisterAtStart not used with fixed temp/return register

Port r14124 (f116e8b9)

BUG=

Review URL: https://codereview.chromium.org/13557002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14131 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Fix ARM build
palfia@homejinni.com [Wed, 3 Apr 2013 17:25:24 +0000 (17:25 +0000)]
MIPS: Fix ARM build

Port r14123 (ded70e2a)

BUG=

Review URL: https://codereview.chromium.org/13551004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14130 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Fix hydrogen tracing on x64 and ARM
palfia@homejinni.com [Wed, 3 Apr 2013 17:23:52 +0000 (17:23 +0000)]
MIPS: Fix hydrogen tracing on x64 and ARM

Port r14122 (43525afd)

BUG=

Review URL: https://codereview.chromium.org/13556003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14129 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoES6 symbols: fix corner cases of equality operators
rossberg@chromium.org [Wed, 3 Apr 2013 17:06:22 +0000 (17:06 +0000)]
ES6 symbols: fix corner cases of equality operators

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/13552002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14128 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove (H|L)JSArrayLength instructions
dslomov@chromium.org [Wed, 3 Apr 2013 16:25:24 +0000 (16:25 +0000)]
Remove (H|L)JSArrayLength instructions

BUG=

Review URL: https://codereview.chromium.org/12491023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14127 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix error message when reporting unexpected yield.
mstarzinger@chromium.org [Wed, 3 Apr 2013 16:14:56 +0000 (16:14 +0000)]
Fix error message when reporting unexpected yield.

R=rossberg@chromium.org
BUG=v8:2355
TEST=webkit:fast/js/reserved-words-as-property.html

Review URL: https://codereview.chromium.org/13546004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoCodify the assumption that %GetArrayKeys can return only a single interval starting...
adamk@chromium.org [Wed, 3 Apr 2013 15:52:42 +0000 (15:52 +0000)]
Codify the assumption that %GetArrayKeys can return only a single interval starting at zero

This patch adds comments explaining the interface in runtime.cc and simplifies
all callers given these assumptions (e.g., no need to loop over intervals, or
calculate where the interval starts).

Took care of some unrelated issues in the edited code:
- Fixes one use of [] to InternalArray
- Removed a bunch of comments referring to ES3 which no longer hold in ES5

Review URL: https://codereview.chromium.org/13071006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14125 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoEnsure UseRegisterAtStart not used with fixed temp/return register
danno@chromium.org [Wed, 3 Apr 2013 14:45:39 +0000 (14:45 +0000)]
Ensure UseRegisterAtStart not used with fixed temp/return register

R=vegorov@chromium.org
BUG=chromium:201590

Review URL: https://codereview.chromium.org/13527007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14124 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix ARM build
danno@chromium.org [Wed, 3 Apr 2013 12:00:23 +0000 (12:00 +0000)]
Fix ARM build

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/13529003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14123 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix hydrogen tracing on x64 and ARM
danno@chromium.org [Wed, 3 Apr 2013 11:44:03 +0000 (11:44 +0000)]
Fix hydrogen tracing on x64 and ARM

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/13461020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14122 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMove DeepCopy of JSObject from runtime to object.
hpayer@chromium.org [Wed, 3 Apr 2013 11:42:03 +0000 (11:42 +0000)]
Move DeepCopy of JSObject from runtime to object.

BUG=

Review URL: https://codereview.chromium.org/13527005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14121 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Deoptimizer support for hydrogen stubs that accept a variable number of arguments.
palfia@homejinni.com [Tue, 2 Apr 2013 20:30:23 +0000 (20:30 +0000)]
MIPS: Deoptimizer support for hydrogen stubs that accept a variable number of arguments.

Port r14111 (29157ad7)

BUG=

Review URL: https://codereview.chromium.org/13461013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14120 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix bugs in softfloat code path.
rodolph.perfetta@gmail.com [Tue, 2 Apr 2013 18:25:09 +0000 (18:25 +0000)]
Fix bugs in softfloat code path.

BUG=none
TEST=none

Review URL: https://chromiumcodereview.appspot.com/13008018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14119 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix another set of build failures on Windows since r14116.
mstarzinger@chromium.org [Tue, 2 Apr 2013 18:09:40 +0000 (18:09 +0000)]
Fix another set of build failures on Windows since r14116.

TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/13465010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14118 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix build failure on Windows since r14116.
mstarzinger@chromium.org [Tue, 2 Apr 2013 18:00:50 +0000 (18:00 +0000)]
Fix build failure on Windows since r14116.

TBR=yangguo@chromium.org

Review URL: https://codereview.chromium.org/13464010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14117 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoAdd parser support for generators.
mstarzinger@chromium.org [Tue, 2 Apr 2013 17:34:59 +0000 (17:34 +0000)]
Add parser support for generators.

This patchset begins by adding support for "yield", which is unlike other tokens
in JS. In a generator, whether strict or classic, it is a syntactic keyword.
In classic mode it is an identifier. In strict mode it is reserved.

This patch adds YIELD as a token to the scanner, and adapts the preparser and
parser appropriately. It also parses "function*", indicating that a function is
actually a generator, for both eagerly and lazily parsed functions.

Currently "yield" just compiles as "return".

BUG=v8:2355
TEST=mjsunit/harmony/generators-parsing

Review URL: https://codereview.chromium.org/12646003
Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14116 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix Win64 build
dslomov@chromium.org [Tue, 2 Apr 2013 15:03:04 +0000 (15:03 +0000)]
Fix Win64 build

BUG=

Review URL: https://codereview.chromium.org/13463004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14115 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix CopyBytes to accept size_t for num_bytes
dslomov@chromium.org [Tue, 2 Apr 2013 13:29:26 +0000 (13:29 +0000)]
Fix CopyBytes to accept size_t for num_bytes

BUG=

Review URL: https://codereview.chromium.org/13470008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14114 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoCleanup: Rename Simulator::watched_stops to match style guide.
ulan@chromium.org [Tue, 2 Apr 2013 12:36:16 +0000 (12:36 +0000)]
Cleanup: Rename Simulator::watched_stops to match style guide.

BUG=none

Review URL: https://chromiumcodereview.appspot.com/13469002
Patch from Hans Wennborg <hans@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14113 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoARM: Log an error if /proc/cpuinfo cannot be opened
ulan@chromium.org [Tue, 2 Apr 2013 12:20:50 +0000 (12:20 +0000)]
ARM: Log an error if /proc/cpuinfo cannot be opened

This will make it easier to see if the current CPU feature detection
starts breaking because of process sandboxing.

BUG=v8:2597

Review URL: https://chromiumcodereview.appspot.com/13465003
Patch from Hans Wennborg <hans@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14112 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoDeoptimizer support for hydrogen stubs that accept a variable number of arguments.
mvstanton@chromium.org [Tue, 2 Apr 2013 11:28:01 +0000 (11:28 +0000)]
Deoptimizer support for hydrogen stubs that accept a variable number of arguments.

BUG=

Review URL: https://codereview.chromium.org/12490013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14111 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoIsolatify CPU profiler public API
yurys@chromium.org [Tue, 2 Apr 2013 08:16:53 +0000 (08:16 +0000)]
Isolatify CPU profiler public API

Relanding r14006 and r14009 that were reverted in r14031

TBR=danno
BUG=None

Review URL: https://codereview.chromium.org/13460002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14108 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoDeprecate HeapSnapshot type
yurys@chromium.org [Tue, 2 Apr 2013 08:09:59 +0000 (08:09 +0000)]
Deprecate HeapSnapshot type

Re-landing r14005 that was reverted in r14031

TBR=danno
BUG=None

Review URL: https://codereview.chromium.org/13430003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14107 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoIsolatify HeapProfiler
yurys@chromium.org [Tue, 2 Apr 2013 08:03:01 +0000 (08:03 +0000)]
Isolatify HeapProfiler

Re-landing r13997 that was reverted in r14031

TBR=danno
BUG=None

Review URL: https://codereview.chromium.org/13458003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14106 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoIsolatify CPU profiler
yurys@chromium.org [Tue, 2 Apr 2013 07:53:50 +0000 (07:53 +0000)]
Isolatify CPU profiler

Relanding r13987 that was reverted in r14031

TBR=danno
BUG=None

Review URL: https://codereview.chromium.org/13457002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14105 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoAllow recording individual samples in addition to the aggregated CPU profiles
yurys@chromium.org [Tue, 2 Apr 2013 07:48:25 +0000 (07:48 +0000)]
Allow recording individual samples in addition to the aggregated CPU profiles

Re-landing r13980 that was reverted in r14031

TBR=danno
BUG=None

Review URL: https://codereview.chromium.org/13454002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Fixed some soft-float bugs.
plind44@gmail.com [Mon, 1 Apr 2013 16:06:52 +0000 (16:06 +0000)]
MIPS: Fixed some soft-float bugs.

TEST=cctest/test-api/ExternalUnsignedIntArray

BUG=

Review URL: https://codereview.chromium.org/13165007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14101 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Make the mips port build cleanly with clang.
plind44@gmail.com [Sat, 30 Mar 2013 15:54:12 +0000 (15:54 +0000)]
MIPS: Make the mips port build cleanly with clang.

Port r13583 (b39b116b) and also fix a couple mips-specific warnings.

BUG=

Review URL: https://codereview.chromium.org/13321002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14100 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Fix register usage in softfloat code path.
palfia@homejinni.com [Thu, 28 Mar 2013 21:17:02 +0000 (21:17 +0000)]
MIPS: Fix register usage in softfloat code path.

BUG=none
TEST=mjsunit/math-floor-part2.js

Review URL: https://codereview.chromium.org/12413032
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14099 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoAdd test to check that Function.caller must not expose native functions.
yangguo@chromium.org [Thu, 28 Mar 2013 14:31:48 +0000 (14:31 +0000)]
Add test to check that Function.caller must not expose native functions.

R=svenpanne@chromium.org
BUG=v8:105

Review URL: https://chromiumcodereview.appspot.com/13166002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14096 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoAlways allocate symbols in old space.
yangguo@chromium.org [Thu, 28 Mar 2013 13:52:31 +0000 (13:52 +0000)]
Always allocate symbols in old space.

Keys are expected to be tenured. This now not only includes internalized
strings, but also symbols.

R=rossberg@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/13158002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14095 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoCanonicalize NaNs on store to Fast(Float|Double) arrays
dslomov@chromium.org [Thu, 28 Mar 2013 13:30:16 +0000 (13:30 +0000)]
Canonicalize NaNs on store to Fast(Float|Double) arrays
Also treat holey NaN coming from external float/double arrays correctly

BUG=2596

Review URL: https://codereview.chromium.org/12918028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14094 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoWin32 build fix
dslomov@chromium.org [Thu, 28 Mar 2013 13:24:02 +0000 (13:24 +0000)]
Win32 build fix

TBR=rossberg@chromium.org

BUG=

Review URL: https://codereview.chromium.org/13140009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14093 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRelease buold fix
dslomov@chromium.org [Thu, 28 Mar 2013 13:07:41 +0000 (13:07 +0000)]
Release buold fix

TBR=rossberg@chromium.org

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14092 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFirst steps towards implementing ArrayBuffer &co in V8
dslomov@chromium.org [Thu, 28 Mar 2013 12:50:18 +0000 (12:50 +0000)]
First steps towards implementing ArrayBuffer &co in V8

BUG=

Review URL: https://codereview.chromium.org/13064003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14091 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoReplace ICStub for array.length with hydrogen stub
dslomov@chromium.org [Thu, 28 Mar 2013 12:43:19 +0000 (12:43 +0000)]
Replace ICStub for array.length with hydrogen stub

BUG=

Review URL: https://codereview.chromium.org/12700006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14090 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoES6 symbols: symbol properties should not cause going into slow mode.
rossberg@chromium.org [Thu, 28 Mar 2013 12:01:46 +0000 (12:01 +0000)]
ES6 symbols: symbol properties should not cause going into slow mode.

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/13042013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14089 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoImprove SeqString::Truncate for latest allocated strings.
yangguo@chromium.org [Thu, 28 Mar 2013 11:19:38 +0000 (11:19 +0000)]
Improve SeqString::Truncate for latest allocated strings.

R=hpayer@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/12440061

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14088 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoStack trace API: poison stack frames below the first strict mode frame.
yangguo@chromium.org [Thu, 28 Mar 2013 10:40:07 +0000 (10:40 +0000)]
Stack trace API: poison stack frames below the first strict mode frame.

Function and receiver objects are not accessible for poisoned frames.

R=rossberg@chromium.org
BUG=v8:2564

Review URL: https://chromiumcodereview.appspot.com/13150003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14085 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Small refactoring of r14058.
palfia@homejinni.com [Wed, 27 Mar 2013 22:48:49 +0000 (22:48 +0000)]
MIPS: Small refactoring of r14058.

BUG=

Review URL: https://codereview.chromium.org/12703030
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14084 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMake Isolate::GetHeapStatistics robust against half-initialized isolates.
hpayer@chromium.org [Wed, 27 Mar 2013 10:33:25 +0000 (10:33 +0000)]
Make Isolate::GetHeapStatistics robust against half-initialized isolates.

The (deprecated) non-Isolate GetHeapStatistics contains the same check.

BUG=2591

Review URL: https://codereview.chromium.org/12965013
Patch from Marja Hölttä <marja@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14079 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoAdd test case for missing deopt sequence after forced deopt.
yangguo@chromium.org [Wed, 27 Mar 2013 09:58:32 +0000 (09:58 +0000)]
Add test case for missing deopt sequence after forced deopt.

R=danno@chromium.org
BUG=217858

Review URL: https://chromiumcodereview.appspot.com/13042005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14078 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoOnly copy with, block and catch scopes in DebugEvaluate.
yangguo@chromium.org [Tue, 26 Mar 2013 17:46:16 +0000 (17:46 +0000)]
Only copy with, block and catch scopes in DebugEvaluate.

R=ulan@chromium.org
BUG=171715

Review URL: https://chromiumcodereview.appspot.com/13093003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14077 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoARM: fix dictionary negative lookup.
ulan@chromium.org [Tue, 26 Mar 2013 09:28:26 +0000 (09:28 +0000)]
ARM: fix dictionary negative lookup.

Do not skip the last inlined probe.

BUG=171975

Review URL: https://chromiumcodereview.appspot.com/12703014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14074 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Generalizing remaining Allocate functions in the macro assemblers used in prete...
plind44@gmail.com [Mon, 25 Mar 2013 19:01:36 +0000 (19:01 +0000)]
MIPS: Generalizing remaining Allocate functions in the macro assemblers used in pretenuring.

Port r14065 (f09e7e38)

BUG=

Review URL: https://codereview.chromium.org/12855004
Patch from Akos Palfi <palfia@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14073 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove bogus test flags
danno@chromium.org [Mon, 25 Mar 2013 17:59:15 +0000 (17:59 +0000)]
Remove bogus test flags

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/12872007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14072 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoUse code_range()->exists() to determine the size of the first code page when code...
danno@chromium.org [Mon, 25 Mar 2013 17:27:54 +0000 (17:27 +0000)]
Use code_range()->exists() to determine the size of the first code page when code range is used.

Review URL: https://codereview.chromium.org/12452012
Patch from Haitao Feng <haitao.feng@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14071 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: Change LookupForWrite to always do a full lookup and check the result.
palfia@homejinni.com [Mon, 25 Mar 2013 17:12:50 +0000 (17:12 +0000)]
MIPS: Change LookupForWrite to always do a full lookup and check the result.

Port r14061 (df49702a)

Original commit message:
If we find a property in the prototype-chain that we can overwrite, and
we have a transition, keep the holder in the lookup-result as the actual
holder. We will need it for the consistency-check in GenerateStoreField.

By directly checking the entire chain we avoid having to lazily bail out
to a copy of the miss stub while generating the Field Store IC.

Currently this CL disallows a normal non-receiver holder, given that
that would require a positive lookup + details verification to ensure
the property did not become read-only. This fixes the regressions in the
attached tests.

BUG=

Review URL: https://codereview.chromium.org/12924011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14070 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoCreate a new HandleScope for each JSON-parsed object to avoid excessive growth
verwaest@chromium.org [Mon, 25 Mar 2013 17:10:33 +0000 (17:10 +0000)]
Create a new HandleScope for each JSON-parsed object to avoid excessive growth

Review URL: https://chromiumcodereview.appspot.com/12880019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14069 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoAdd AssertNoAllocation to ensure TransitionArray* transitions is safe.
verwaest@chromium.org [Mon, 25 Mar 2013 15:59:08 +0000 (15:59 +0000)]
Add AssertNoAllocation to ensure TransitionArray* transitions is safe.

Review URL: https://chromiumcodereview.appspot.com/12583013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14066 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoGeneralizing remaining Allocate functions in the macro assemblers used in pretenuring.
hpayer@chromium.org [Mon, 25 Mar 2013 15:54:15 +0000 (15:54 +0000)]
Generalizing remaining Allocate functions in the macro assemblers used in pretenuring.

BUG=

Review URL: https://codereview.chromium.org/12440041

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14065 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix store_mode bug involving polymorphism with external and JS arrays.
danno@chromium.org [Mon, 25 Mar 2013 15:19:22 +0000 (15:19 +0000)]
Fix store_mode bug involving polymorphism with external and JS arrays.

Review URL: https://codereview.chromium.org/12987014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14064 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix crash involving zombie maps escaping from the JSON parser's underground lab
jkummerow@chromium.org [Mon, 25 Mar 2013 15:18:52 +0000 (15:18 +0000)]
Fix crash involving zombie maps escaping from the JSON parser's underground lab

Zapping is required since transition arrays contain weak references to maps: At the end of a GC cycle, ClearNonLiveTransitions removes references to dead maps from transition arrays. If a marked transition array with weak (dead) references is replaced by another transition array before the end of the GC cycle, dead references are not removed from the replaced transition array. If the replaced transition array is kept alive by a handle, marking will crash when trying to mark the first reference to a dead map.

Review URL: https://codereview.chromium.org/12987013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14063 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoChange LookupForWrite to always do a full lookup and check the result.
verwaest@chromium.org [Mon, 25 Mar 2013 12:55:27 +0000 (12:55 +0000)]
Change LookupForWrite to always do a full lookup and check the result.

If we find a property in the prototype-chain that we can overwrite, and
we have a transition, keep the holder in the lookup-result as the actual
holder. We will need it for the consistency-check in GenerateStoreField.

By directly checking the entire chain we avoid having to lazily bail out
to a copy of the miss stub while generating the Field Store IC.

Currently this CL disallows a normal non-receiver holder, given that
that would require a positive lookup + details verification to ensure
the property did not become read-only. This fixes the regressions in the
attached tests.

Review URL: https://chromiumcodereview.appspot.com/12810006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14061 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoRemove GC hazard (temporary handle object)
rossberg@chromium.org [Mon, 25 Mar 2013 11:40:14 +0000 (11:40 +0000)]
Remove GC hazard (temporary handle object)

R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/12913019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14060 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoCorrectly materialize arguments object in Runtime_DebugEvaluate.
yangguo@chromium.org [Mon, 25 Mar 2013 10:01:53 +0000 (10:01 +0000)]
Correctly materialize arguments object in Runtime_DebugEvaluate.

The problem was that if the # arguments specified in the function
declaration and the # arguments passed to the function are not
the same, we use an arguments adapter frame to make it work. This
confuses the existing implementation to materialize the arguments
object.

R=peter.rybin@gmail.com
BUG=222893

Review URL: https://chromiumcodereview.appspot.com/12674027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14059 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoMIPS: ES6 symbols: turn symbols into a proper primitive type
palfia@homejinni.com [Sat, 23 Mar 2013 02:39:31 +0000 (02:39 +0000)]
MIPS: ES6 symbols: turn symbols into a proper primitive type

Port r14051 (e9140a92)

Original commit message:
(qua last week's TC39)

Specifically:
- Install Symbol constructor function on the global object.
- Adjust code generation for typeof.
- Remove IsSymbol built-in, IS_SYMBOL macro now defined using typeof.
- Remove hack that allowed symbols as constructor results, and some other special cases.
- Remove symbol_delegate and GetDelegate function.
- Extend ToBoolean stub to handle symbols.
- Extend ToNumber to return NaN on symbols.
- Poison symbol's toString function, and thereby ToString on symbols.

BUG=

Review URL: https://codereview.chromium.org/13007003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14058 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix %GetArrayKeys to not skip non-enumerable indices
adamk@chromium.org [Fri, 22 Mar 2013 18:04:32 +0000 (18:04 +0000)]
Fix %GetArrayKeys to not skip non-enumerable indices

This is one step in the direction of fixing a range of small bugs in the array methods when dealing with non-standard element attributes.

Added tests exercising this behavior for shift and unshift.

For Proxies and Interceptors, the behavior of %GetArrayKeys is now to just return an interval, rather than trying to list all their indexed properties. In the Proxy case, this seems like the only way to avoid an observable difference between smart and non-smart array methods. For Interceptors, the usual case (in WebKit, anyway) is for them to have all indices in [0, length), so enumerating them won't be any better than simply iterating over that range.

Review URL: https://codereview.chromium.org/12653010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14057 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoES6 symbols: prevent reflection, proxy, and observe APIs from leaking symbols
rossberg@chromium.org [Fri, 22 Mar 2013 17:27:44 +0000 (17:27 +0000)]
ES6 symbols: prevent reflection, proxy, and observe APIs from leaking symbols

R=svenpanne@chromium.org
BUG=v8:2158

Review URL: https://codereview.chromium.org/12422019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14056 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoES6 symbols: implement name property
rossberg@chromium.org [Fri, 22 Mar 2013 16:51:28 +0000 (16:51 +0000)]
ES6 symbols: implement name property

Adds string-valued name property to symbols, and uses it for pretty-printing.

Requires allocating symbols in pointer space, with a custom iterator to skip the unboxed hash.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/12459026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14053 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix global object check in %IsObserved and %SetIsObserved.
yangguo@chromium.org [Fri, 22 Mar 2013 16:37:11 +0000 (16:37 +0000)]
Fix global object check in %IsObserved and %SetIsObserved.

BUG=

Review URL: https://chromiumcodereview.appspot.com/12929024

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14052 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoES6 symbols: turn symbols into a proper primitive type
rossberg@chromium.org [Fri, 22 Mar 2013 16:33:50 +0000 (16:33 +0000)]
ES6 symbols: turn symbols into a proper primitive type

(qua last week's TC39)

Specifically:
- Install Symbol constructor function on the global object.
- Adjust code generation for typeof.
- Remove IsSymbol built-in, IS_SYMBOL macro now defined using typeof.
- Remove hack that allowed symbols as constructor results, and some other special cases.
- Remove symbol_delegate and GetDelegate function.
- Extend ToBoolean stub to handle symbols.
- Extend ToNumber to return NaN on symbols.
- Poison symbol's toString function, and thereby ToString on symbols.

R=mstarzinger@chromium.org
BUG=v8:2158

Review URL: https://codereview.chromium.org/12957004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14051 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

11 years agoFix bogus left-shifts in Array tests
adamk@chromium.org [Fri, 22 Mar 2013 15:08:30 +0000 (15:08 +0000)]
Fix bogus left-shifts in Array tests

Review URL: https://codereview.chromium.org/12729014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14050 ce2b1a6d-e550-0410-aec6-3dcde31c8c00