platform/upstream/v8.git
14 years agoIntroduce additional context to evaluate operations
peter.rybin@gmail.com [Tue, 14 Dec 2010 00:07:44 +0000 (00:07 +0000)]
Introduce additional context to evaluate operations

Review URL: http://codereview.chromium.org/5733001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5997 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoPrepare push to trunk. Now working on version 3.0.2.
kmillikin@chromium.org [Mon, 13 Dec 2010 17:50:29 +0000 (17:50 +0000)]
Prepare push to trunk.  Now working on version 3.0.2.

Review URL: http://codereview.chromium.org/5763002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5994 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix ARM and x64 compilation.
kmillikin@chromium.org [Mon, 13 Dec 2010 17:49:55 +0000 (17:49 +0000)]
Fix ARM and x64 compilation.

Fix compilation on ARM and x64 due to a change in the architecture-shared
API of the nonoptimizing code generator.  Also added new PrepareForBailout
to ARM (they are not yet fully implemented on x64).

Review URL: http://codereview.chromium.org/5794002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5993 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRename regression test and reenable disabled test.
kmillikin@chromium.org [Mon, 13 Dec 2010 16:52:04 +0000 (16:52 +0000)]
Rename regression test and reenable disabled test.

The regression test for v8 issue 969 was committed with the wrong file
name.  Also reenable a test that was disabled due to that issue.

Review URL: http://codereview.chromium.org/5707008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5992 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRevert change 5989, which causes failures in some benchmarks.
whesse@chromium.org [Mon, 13 Dec 2010 16:34:59 +0000 (16:34 +0000)]
Revert change 5989, which causes failures in some benchmarks.
Review URL: http://codereview.chromium.org/5804003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5991 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoDeoptimize to the proper target after assignment side effects.
kmillikin@chromium.org [Mon, 13 Dec 2010 16:29:47 +0000 (16:29 +0000)]
Deoptimize to the proper target after assignment side effects.

This fixes V8 issue 989.

Before, assignments used the AST ID of the assignment expression to
mark the side effect of the store, which became a target for
deoptimization bailout for code after the assignment.  In effect
contexts this environment included the value of the assignment, which
was unexpected by the unoptimized code.

Now we introduce a new assignment ID for AST node types that include
an assignment (Assignment, CountOperation, and ForInStatement) and use
it for the side effect of the store.

Review URL: http://codereview.chromium.org/5682010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoAllow optimizing compiler to compute Math.log using untagged doubles.
whesse@chromium.org [Mon, 13 Dec 2010 14:37:19 +0000 (14:37 +0000)]
Allow optimizing compiler to compute Math.log using untagged doubles.
Review URL: http://codereview.chromium.org/5741003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5989 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoAlign builtins-{arch}.cc on ia32 and x64 platforms by moving functions and editing.
whesse@chromium.org [Mon, 13 Dec 2010 12:24:29 +0000 (12:24 +0000)]
Align builtins-{arch}.cc on ia32 and x64 platforms by moving functions and editing.
Review URL: http://codereview.chromium.org/5781004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5984 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoLanding for cira.
ager@chromium.org [Mon, 13 Dec 2010 12:23:32 +0000 (12:23 +0000)]
Landing for cira.

Adding experimental JavaScript internationalization API to V8 as an
extension.  This CL implements Locale object only.

Each embeder has to decide whether to include this extension or not by
editing their build rules.

See ecmascript strawman document for details on i18n
API. http://wiki.ecmascript.org/doku.php?id=strawman:i18n_api

TEST=WebKit CL (in progress) will have layout tests for extension.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5983 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoOptimizing BuildResultFromMatchInfo, StringReplace and StringSplit.
sandholm@chromium.org [Mon, 13 Dec 2010 12:19:10 +0000 (12:19 +0000)]
Optimizing BuildResultFromMatchInfo, StringReplace and StringSplit.
Review URL: http://codereview.chromium.org/5708006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5982 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoMake idle notification cleanup less aggressive. Do not clean up on
ager@chromium.org [Mon, 13 Dec 2010 12:14:30 +0000 (12:14 +0000)]
Make idle notification cleanup less aggressive. Do not clean up on
idle notifications after the one that causes the mark-compact
collection unless four or more garbage collections (scavenges) have
occurred.

The embedder should stop sending idle notifications once V8 returns
true from the IdleNotification call. This change is being defensive so
it will not hurt as badly if embedders continue to send idle
notifications.

Review URL: http://codereview.chromium.org/5726005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5981 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoTemporarily disable mjsunit/array-splice (issue 969)
ricow@chromium.org [Mon, 13 Dec 2010 12:10:41 +0000 (12:10 +0000)]
Temporarily disable mjsunit/array-splice (issue 969)

Disabling this to get the waterfall green, Kevin knows what the issue
is and is working on a fix.

Review URL: http://codereview.chromium.org/5752005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5980 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRevert 5973 as well (related to previous commit)
fschneider@chromium.org [Mon, 13 Dec 2010 10:49:00 +0000 (10:49 +0000)]
Revert 5973 as well (related to previous commit)

TBR=lrn@chromium.org,
Review URL: http://codereview.chromium.org/5754004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5979 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoNew heap profiler: add support for progress reporting and control.
mikhail.naganov@gmail.com [Mon, 13 Dec 2010 10:42:06 +0000 (10:42 +0000)]
New heap profiler: add support for progress reporting and control.

As taking a snapshot of a large heap takes noticeable time, it's
good to be able to monitor and control it.

The change itself is small, big code deletes and additions are in
fact moves. The only significant change is simplification of
approximated retained sizes calculation algorithm.

Review URL: http://codereview.chromium.org/5687003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5978 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRevert r5970 and r5975.
fschneider@chromium.org [Mon, 13 Dec 2010 10:41:50 +0000 (10:41 +0000)]
Revert r5970 and r5975.

Review URL: http://codereview.chromium.org/5717005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5977 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix incorrect assumption about young/old space allocation in
erik.corry@gmail.com [Mon, 13 Dec 2010 10:09:09 +0000 (10:09 +0000)]
Fix incorrect assumption about young/old space allocation in
JSON stringify (introduced in r5951).
Review URL: http://codereview.chromium.org/5746005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5976 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoLand Vitaly's change to fix compare IC performance.
fschneider@chromium.org [Mon, 13 Dec 2010 10:05:19 +0000 (10:05 +0000)]
Land Vitaly's change to fix compare IC performance.

Original change: http://codereview.chromium.org/5733004/

When we have inlined smi code can transition to heap number state before going to the generic state. Without inlined smi code the behaviour is unchanged.

Review URL: http://codereview.chromium.org/5689005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5975 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoMake RegExp character class match JSC.
lrn@chromium.org [Mon, 13 Dec 2010 08:33:32 +0000 (08:33 +0000)]
Make RegExp character class match JSC.
See http://trac.webkit.org/changeset/73594

Review URL: http://codereview.chromium.org/5723002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5974 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix x64 build after r5970, the same way as for ARM.
mikhail.naganov@gmail.com [Fri, 10 Dec 2010 16:33:36 +0000 (16:33 +0000)]
Fix x64 build after r5970, the same way as for ARM.

TBR=fschneider@chromium.org

Review URL: http://codereview.chromium.org/5709005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5973 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix bug that disabled optimization when profiling.
karlklose@chromium.org [Fri, 10 Dec 2010 14:49:24 +0000 (14:49 +0000)]
Fix bug that disabled optimization when profiling.

Review URL: http://codereview.chromium.org/5720003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5972 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix long line.
fschneider@chromium.org [Fri, 10 Dec 2010 14:35:40 +0000 (14:35 +0000)]
Fix long line.

Review URL: http://codereview.chromium.org/5680005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5971 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoImprove our type feedback by recogizining never-executed IC calls for binary operations.
fschneider@chromium.org [Fri, 10 Dec 2010 14:33:20 +0000 (14:33 +0000)]
Improve our type feedback by recogizining never-executed IC calls for binary operations.

In the case of inlined smi code in non-optimzied code we could not
distinguish between the smi-only case and the case that the operation was
never executed.

With this change the first execution of a binary operation always jumps
to the stub which in turn patches the smi-check into the correct
conditional branch, so that we benefit from inlined smi code after the
first invocation.

A nop instruction after the call to the BinaryOpIC indicates that no
smi code was inlined. A "test eax" instruction says that there was smi
code inlined and encodes the delta to the patch site and the condition
code of the branch at the patch site to restore the original jump.

Review URL: http://codereview.chromium.org/5714001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5970 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix issue 962.
vegorov@chromium.org [Fri, 10 Dec 2010 14:25:10 +0000 (14:25 +0000)]
Fix issue 962.

SplitBetween (formely known as Split with 3 arguments) should select split position from [start, end] instead of [start, end[. This should also improve allocation quality (remove certain redundant move patterns).

Also some minor renaming and refactoring to make register allocator code more readable.

BUG=v8:962
TEST=test/mjsunit/regress/regress-962.js

Review URL: http://codereview.chromium.org/5720001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5969 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoIncrease the size of the max object that can be new space allocated.
erik.corry@gmail.com [Fri, 10 Dec 2010 14:11:17 +0000 (14:11 +0000)]
Increase the size of the max object that can be new space allocated.
This is neutral on in-browser SunSpider, but beneficial on other
things, and is likely to lower memory use by collecting earlier.
Review URL: http://codereview.chromium.org/5753003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5968 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoARM: Fix heap number allocation in lithium-codegen-arm that assumed
ager@chromium.org [Fri, 10 Dec 2010 14:10:54 +0000 (14:10 +0000)]
ARM: Fix heap number allocation in lithium-codegen-arm that assumed
that ip can be used as a scratch register. This is not true because
ip is already used for something else in AllocateInNewSpace in the
macro assembler.

Explicitly allocate a temp register for use in the heap number
allocation instead.
Review URL: http://codereview.chromium.org/5788001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5967 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoEnsure that default value is explicitly initialized in DefineOwnProperty.
lrn@chromium.org [Fri, 10 Dec 2010 13:07:52 +0000 (13:07 +0000)]
Ensure that default value is explicitly initialized in DefineOwnProperty.

TBR: kmillikin

Review URL: http://codereview.chromium.org/5781002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5966 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoAdd gyp target to build preparser as stand-alone library.
lrn@chromium.org [Fri, 10 Dec 2010 12:58:18 +0000 (12:58 +0000)]
Add gyp target to build preparser as stand-alone library.

Likely only works on Linux yet.

Review URL: http://codereview.chromium.org/5716001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5965 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoAdd missing include directory for shell sample.
sgjesse@chromium.org [Fri, 10 Dec 2010 12:33:59 +0000 (12:33 +0000)]
Add missing include directory for shell sample.

BUG=http://code.google.com/p/v8/issues/detail?id=967
TBR=ager@chromium.org
Review URL: http://codereview.chromium.org/5680004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5964 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoARM: Fix missing SetCC in crankshaft code emitted when running with
ager@chromium.org [Fri, 10 Dec 2010 12:12:06 +0000 (12:12 +0000)]
ARM: Fix missing SetCC in crankshaft code emitted when running with
the --debug-code flag.

Review URL: http://codereview.chromium.org/5736003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5963 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoChange test script to make it easy to run crankshaft tests on ARM and
ager@chromium.org [Fri, 10 Dec 2010 12:05:28 +0000 (12:05 +0000)]
Change test script to make it easy to run crankshaft tests on ARM and
x64 where crankshaft is not the default. Add ability to add custom
expectations for running in this special crankshaft mode.

The expectations are not updated in this change. There are a couple of
bugs that I would like to fix before doing that. Otherwise the lists
will be very long. :)

Review URL: http://codereview.chromium.org/5787001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5962 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix a bug that caused the runtime profiler to sample huge amounts of stack frames...
karlklose@chromium.org [Fri, 10 Dec 2010 12:00:26 +0000 (12:00 +0000)]
Fix a bug that caused the runtime profiler to sample huge amounts of stack frames in programs with recursively called optimized functions.

Review URL: http://codereview.chromium.org/5786001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix issue 965.
lrn@chromium.org [Fri, 10 Dec 2010 11:27:15 +0000 (11:27 +0000)]
Fix issue 965.

Review URL: http://codereview.chromium.org/5773002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5960 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix presubmit
ricow@chromium.org [Fri, 10 Dec 2010 11:02:09 +0000 (11:02 +0000)]
Fix presubmit

Review URL: http://codereview.chromium.org/5772003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5959 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoUse correct calling convention for API calls on MinGW
vegorov@chromium.org [Fri, 10 Dec 2010 10:02:42 +0000 (10:02 +0000)]
Use correct calling convention for API calls on MinGW

BUG=v8:950

Review URL: http://codereview.chromium.org/5699003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5958 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoGarbage collection of unused setters in the AST classed.
kmillikin@chromium.org [Thu, 9 Dec 2010 14:09:50 +0000 (14:09 +0000)]
Garbage collection of unused setters in the AST classed.

Review URL: http://codereview.chromium.org/5717001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5957 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix cast that fails on Win64.
lrn@chromium.org [Thu, 9 Dec 2010 13:18:23 +0000 (13:18 +0000)]
Fix cast that fails on Win64.

Review URL: http://codereview.chromium.org/5712001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5956 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoCollect only optimizable function samples.
karlklose@chromium.org [Thu, 9 Dec 2010 13:12:23 +0000 (13:12 +0000)]
Collect only optimizable function samples.

Keep track of the ratio between JS and non-JS ticks and use this ratio to adjust the lookup threshold. (Also add support to trace compilation statistics.)

Review URL: http://codereview.chromium.org/5633009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoChange the HGraphBuilder to dispatch on the context.
kmillikin@chromium.org [Thu, 9 Dec 2010 12:49:53 +0000 (12:49 +0000)]
Change the HGraphBuilder to dispatch on the context.

Before, expressions didn't take advantage of knowing their context in
the AST.  Now, we use the context to decide what to do with a value at
the end of visiting an expression.

Review URL: http://codereview.chromium.org/5620007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5954 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRevert 5911 (RegExp fail on invalid range syntax).
lrn@chromium.org [Thu, 9 Dec 2010 12:07:52 +0000 (12:07 +0000)]
Revert 5911 (RegExp fail on invalid range syntax).

Review URL: http://codereview.chromium.org/5703001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5953 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoLanding for Martyn Capewell.
ager@chromium.org [Wed, 8 Dec 2010 18:08:23 +0000 (18:08 +0000)]
Landing for Martyn Capewell.

Fix detection of VFP support on Nexus One.

BUG=none
TEST=none

Code review URL: http://codereview.chromium.org/5664004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5952 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoSpeed up quoting of JSON strings by allocating a string that is big enough
erik.corry@gmail.com [Wed, 8 Dec 2010 16:23:25 +0000 (16:23 +0000)]
Speed up quoting of JSON strings by allocating a string that is big enough
and then trimming it when the length is known.  This way we only have to
traverse the input once.
Review URL: http://codereview.chromium.org/5556012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5951 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix compilation on ARM when adding Math.pow optimization in 5949.
whesse@chromium.org [Wed, 8 Dec 2010 15:03:08 +0000 (15:03 +0000)]
Fix compilation on ARM when adding Math.pow optimization in 5949.
Review URL: http://codereview.chromium.org/5546006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5950 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoAllow the optimizing code generator to call Math.pow with untagged doubles.
whesse@chromium.org [Wed, 8 Dec 2010 14:32:40 +0000 (14:32 +0000)]
Allow the optimizing code generator to call Math.pow with untagged doubles.
Review URL: http://codereview.chromium.org/5640004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5949 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoUse the file opened from argv[1] in preparser-process.cc
lrn@chromium.org [Wed, 8 Dec 2010 10:47:59 +0000 (10:47 +0000)]
Use the file opened from argv[1] in preparser-process.cc

Review URL: http://codereview.chromium.org/5612006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5948 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRemove a unused function form the sample shell
sgjesse@chromium.org [Wed, 8 Dec 2010 10:42:32 +0000 (10:42 +0000)]
Remove a unused function form the sample shell
Review URL: http://codereview.chromium.org/5668001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5947 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoChanged interface to preparser to not require pushback support.
lrn@chromium.org [Wed, 8 Dec 2010 10:06:40 +0000 (10:06 +0000)]
Changed interface to preparser to not require pushback support.
Changed implementation of pushback in preparer character stream.
Removed assert that isn't satisfied by in test-cases, but only by the real code.
Make preparser compile again.

Review URL: http://codereview.chromium.org/5593004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5946 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoUpdate the Visual Studio 2005 project files to include the new crankshaft files
sgjesse@chromium.org [Wed, 8 Dec 2010 10:05:10 +0000 (10:05 +0000)]
Update the Visual Studio 2005 project files to include the new crankshaft files

Tested With Visual Studio 2008 which converts the files and builds all targets.
Review URL: http://codereview.chromium.org/5660005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5945 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix sputnik regression introduced in r5943.
sandholm@chromium.org [Wed, 8 Dec 2010 09:52:48 +0000 (09:52 +0000)]
Fix sputnik regression introduced in r5943.
Review URL: http://codereview.chromium.org/5516013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5944 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoUse the PushIfAbsent function for the JSON stringify stack.
sandholm@chromium.org [Wed, 8 Dec 2010 09:10:36 +0000 (09:10 +0000)]
Use the PushIfAbsent function for the JSON stringify stack.
Optimize ConvertToString.
Review URL: http://codereview.chromium.org/5614004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5943 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix compile error on gcc-4.5 bug 963
erik.corry@gmail.com [Wed, 8 Dec 2010 08:31:10 +0000 (08:31 +0000)]
Fix compile error on gcc-4.5 bug 963
Review URL: http://codereview.chromium.org/5642004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5942 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix arm gyp files, lithium files where not added.
ricow@chromium.org [Tue, 7 Dec 2010 15:47:17 +0000 (15:47 +0000)]
Fix arm gyp files, lithium files where not added.

Review URL: http://codereview.chromium.org/5558009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5938 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRemove NearestNextGapPos. It is not used anymore.
vegorov@chromium.org [Tue, 7 Dec 2010 14:51:49 +0000 (14:51 +0000)]
Remove NearestNextGapPos. It is not used anymore.

Remove uses of NearestGapPos in splitting helpers. We can split at any position.

Review URL: http://codereview.chromium.org/5605004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5937 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix RecordStackTraceAtStartProfiling test.
vitalyr@chromium.org [Tue, 7 Dec 2010 14:10:41 +0000 (14:10 +0000)]
Fix RecordStackTraceAtStartProfiling test.

Review URL: http://codereview.chromium.org/5598008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5936 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoOptimized scanner to avoid virtual calls for every character read.
lrn@chromium.org [Tue, 7 Dec 2010 14:03:59 +0000 (14:03 +0000)]
Optimized scanner to avoid virtual calls for every character read.

Review URL: http://codereview.chromium.org/5545006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5935 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRemove log compression support.
mikhail.naganov@gmail.com [Tue, 7 Dec 2010 13:24:22 +0000 (13:24 +0000)]
Remove log compression support.

This is no longer used in Chromium, and only pollutes code.

BUG=859

Review URL: http://codereview.chromium.org/5575006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5934 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix ARM sim build.
vegorov@chromium.org [Tue, 7 Dec 2010 12:43:23 +0000 (12:43 +0000)]
Fix ARM sim build.

Review URL: http://codereview.chromium.org/5618005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5931 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoDisable mozilla test that when timing out prints insane amounts of data.
ricow@chromium.org [Tue, 7 Dec 2010 12:42:37 +0000 (12:42 +0000)]
Disable mozilla test that when timing out prints insane amounts of data.

I have filled a bug for this:
http://code.google.com/p/v8/issues/detail?id=960

Review URL: http://codereview.chromium.org/5662003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5930 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoPrepare push to trunk. Now working on version 3.0.1.
kasperl@chromium.org [Tue, 7 Dec 2010 12:26:36 +0000 (12:26 +0000)]
Prepare push to trunk. Now working on version 3.0.1.
Review URL: http://codereview.chromium.org/5586007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5929 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix ARM build.
vegorov@chromium.org [Tue, 7 Dec 2010 12:21:26 +0000 (12:21 +0000)]
Fix ARM build.

Review URL: http://codereview.chromium.org/5638003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5928 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoBe more careful about exiting inlined functions in a test context.
kmillikin@chromium.org [Tue, 7 Dec 2010 12:07:40 +0000 (12:07 +0000)]
Be more careful about exiting inlined functions in a test context.

When falling off the end of a function inlined in a test context, we cannot
constant fold the test of undefined away. The graph builder assumes that
control flow always reaches both branches of a test.

Instead, explicitly test and branch on "undefined". Introduce a pair of
empty blocks to hold the necessary LeaveInlined instructions.

Review URL: http://codereview.chromium.org/5566005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5927 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoDisable tests failing due to sockets on arm.
ricow@chromium.org [Tue, 7 Dec 2010 11:59:50 +0000 (11:59 +0000)]
Disable tests failing due to sockets on arm.

This is a copy of http://codereview.chromium.org/5365005/ against the 3.0 branch.

TBR: eric.corry

Review URL: http://codereview.chromium.org/5624005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5926 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix Win64 compilation.
vegorov@chromium.org [Tue, 7 Dec 2010 11:53:19 +0000 (11:53 +0000)]
Fix Win64 compilation.

Review URL: http://codereview.chromium.org/5597007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5925 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix no sse3 support by correctly allocating temp register
ricow@chromium.org [Tue, 7 Dec 2010 11:53:11 +0000 (11:53 +0000)]
Fix no sse3 support by correctly allocating temp register

Review URL: http://codereview.chromium.org/5534004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5924 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix strict aliasing rule violation in runtime-profiler.cc
vegorov@chromium.org [Tue, 7 Dec 2010 11:40:36 +0000 (11:40 +0000)]
Fix strict aliasing rule violation in runtime-profiler.cc

Review URL: http://codereview.chromium.org/5621005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5923 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoUpdate V8 to version 3.0 (re-land r5920).
kasperl@chromium.org [Tue, 7 Dec 2010 11:31:57 +0000 (11:31 +0000)]
Update V8 to version 3.0 (re-land r5920).

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5922 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRevert r5920. Will re-land shortly.
kasperl@chromium.org [Tue, 7 Dec 2010 11:01:02 +0000 (11:01 +0000)]
Revert r5920. Will re-land shortly.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5921 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoUpdate V8 to version 3.0.
kasperl@chromium.org [Tue, 7 Dec 2010 09:11:56 +0000 (09:11 +0000)]
Update V8 to version 3.0.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5920 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoImproved JSON stringify.
sandholm@chromium.org [Mon, 6 Dec 2010 15:41:07 +0000 (15:41 +0000)]
Improved JSON stringify.
Review URL: http://codereview.chromium.org/5578004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoJSON stringify collects substrings in one builder array rather than using regular
sandholm@chromium.org [Mon, 6 Dec 2010 11:44:16 +0000 (11:44 +0000)]
JSON stringify collects substrings in one builder array rather than using regular
string cons.
Review URL: http://codereview.chromium.org/5567005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5918 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoImprove code generated for AllocInNewSpace. This is a commit of http://codereview...
erik.corry@gmail.com [Mon, 6 Dec 2010 09:59:08 +0000 (09:59 +0000)]
Improve code generated for AllocInNewSpace.  This is a commit of codereview.chromium.org/5512004 for Rodolph Perfetta.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5917 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoSimplify JSON stringify and add special case for default replacer and space.
sandholm@chromium.org [Fri, 3 Dec 2010 11:12:02 +0000 (11:12 +0000)]
Simplify JSON stringify and add special case for default replacer and space.
Review URL: http://codereview.chromium.org/5551002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5916 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoIrregexp: Preload more characters when we are not at the
erik.corry@gmail.com [Fri, 3 Dec 2010 09:54:06 +0000 (09:54 +0000)]
Irregexp:  Preload more characters when we are not at the
start of the input and some alternations in the disjunction
are anchored.
Review URL: http://codereview.chromium.org/5524006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5915 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoNew Heap Profiler: add API method for finding a graph node by id.
mikhail.naganov@gmail.com [Thu, 2 Dec 2010 15:38:51 +0000 (15:38 +0000)]
New Heap Profiler: add API method for finding a graph node by id.

TEST=cctest/test-heap-profiler/HeapSnapshotGetNodeById

Review URL: http://codereview.chromium.org/5537001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agonGW build
sgjesse@chromium.org [Thu, 2 Dec 2010 15:37:45 +0000 (15:37 +0000)]
nGW build
- add missing functions SignalCodeMovingGC() and MemoryBarrier()
- avoid pointer conversion/comparison warnings
- don't attempt to hide symbols with -fvisibility, MinGW doesn't support it

BUG=http://code.google.com/p/v8/issues/detail?id=949

Patch by Bert Belder <bertbelder@gmail.com>

Review URL: http://codereview.chromium.org/5471001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5913 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoAdd generated code to calculate Math.log and to search Transcendental cache for logs...
whesse@chromium.org [Thu, 2 Dec 2010 11:20:44 +0000 (11:20 +0000)]
Add generated code to calculate Math.log and to search Transcendental cache for logs.  Implemented on all platforms.
Review URL: http://codereview.chromium.org/5437002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoChange RegExp syntax to fail on invalid ranges like [\d-x], [x-\d] and [\d-\d].
lrn@chromium.org [Thu, 2 Dec 2010 08:02:37 +0000 (08:02 +0000)]
Change RegExp syntax to fail on invalid ranges like [\d-x], [x-\d] and [\d-\d].

The previous behavior was to treat the "-" as verbatim if the range was invalid.
This change matches the JSC changeset http://trac.webkit.org/changeset/72813/

Review URL: http://codereview.chromium.org/5464001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix compile problem on ARM. Remove unused argument.
lrn@chromium.org [Wed, 1 Dec 2010 13:11:28 +0000 (13:11 +0000)]
Fix compile problem on ARM. Remove unused argument.

Review URL: http://codereview.chromium.org/5455001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5910 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoMove quoting of a JSON string to a specialized runtime function.
lrn@chromium.org [Wed, 1 Dec 2010 10:04:34 +0000 (10:04 +0000)]
Move quoting of a JSON string to a specialized runtime function.

Previously used string replace regexp with function replacement.

Review URL: http://codereview.chromium.org/5443001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5909 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoSave full source position state to avoid forced positions.
vitalyr@chromium.org [Tue, 30 Nov 2010 13:17:36 +0000 (13:17 +0000)]
Save full source position state to avoid forced positions.

Review URL: http://codereview.chromium.org/5277008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5908 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoMaintain the invariant that the pattern string in an atom regexp is always
sandholm@chromium.org [Tue, 30 Nov 2010 13:16:36 +0000 (13:16 +0000)]
Maintain the invariant that the pattern string in an atom regexp is always
a flat non-cons string.
Review URL: http://codereview.chromium.org/5270006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5907 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix mac build.
vitalyr@chromium.org [Tue, 30 Nov 2010 11:44:51 +0000 (11:44 +0000)]
Fix mac build.

Review URL: http://codereview.chromium.org/5333007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5906 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRelocInfo: fix source position decoding.
vitalyr@chromium.org [Tue, 30 Nov 2010 10:55:24 +0000 (10:55 +0000)]
RelocInfo: fix source position decoding.

We used to rely on reading both POSITION and STATEMENT_POSITION to get
correct decoding of positions. This was error prone and made liveedit
unhappy.

Review URL: http://codereview.chromium.org/5277007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix windows build.
ager@chromium.org [Mon, 29 Nov 2010 16:38:05 +0000 (16:38 +0000)]
Fix windows build.

TBR=lrn
Review URL: http://codereview.chromium.org/5367007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5904 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoRevert seeding the random number generator with rand_s on Windows. It
ager@chromium.org [Mon, 29 Nov 2010 14:28:06 +0000 (14:28 +0000)]
Revert seeding the random number generator with rand_s on Windows. It
makes browser_tests fail.

TBR=jschuh@chromium.org
Review URL: http://codereview.chromium.org/5284006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoPreparser extracted into separate files that can be compiled to a library.
lrn@chromium.org [Mon, 29 Nov 2010 13:24:37 +0000 (13:24 +0000)]
Preparser extracted into separate files that can be compiled to a library.
No scons target yet.

Review URL: http://codereview.chromium.org/5295004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5899 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoPrepare push to trunk. Now working on version 2.6.0.
ager@chromium.org [Mon, 29 Nov 2010 07:47:34 +0000 (07:47 +0000)]
Prepare push to trunk. Now working on version 2.6.0.

Review URL: http://codereview.chromium.org/5381004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5895 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix number parsing to not allow space between sign and digits.
lrn@chromium.org [Fri, 26 Nov 2010 12:45:41 +0000 (12:45 +0000)]
Fix number parsing to not allow space between sign and digits.
Affects both parseFloat and ToNumber conversion.

Fix issue 946.

Review URL: http://codereview.chromium.org/5338005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5894 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agomake DateParser::TimeComposer handle 1-2 digits millisecond values
lrn@chromium.org [Fri, 26 Nov 2010 11:48:35 +0000 (11:48 +0000)]
make DateParser::TimeComposer handle 1-2 digits millisecond values

see http://code.google.com/p/v8/issues/detail?id=944
This patch makes DateParser::TimeComposer process times that have
millisecond values with only 1 or 2 digits.

Without this patch, Date.parse("2010-11-25T22:02:30.5") returns
1290690150005 and
Date.parse("2010-11-25T22:02:30.5") == Date.parse("2010-11-25T22:02:30.005")
evaluates to true.

With this patch, Date.parse("2010-11-25T22:02:30.5") returns
1290690150500 instead, and
Date.parse("2010-11-25T22:02:30.5") == Date.parse("2010-11-25T22:02:30.005")
evaluates to false.

Review URL: http://codereview.chromium.org/5336005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5893 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoLanding for Martyn Capewell.
ager@chromium.org [Fri, 26 Nov 2010 08:43:34 +0000 (08:43 +0000)]
Landing for Martyn Capewell.

Implement string constructor stub on ARM.

BUG=none
TEST=none

Codereview URL: http://codereview.chromium.org/5322009/

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5892 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoSimplify ProfLazyMode test on Linux.
mikhail.naganov@gmail.com [Thu, 25 Nov 2010 15:54:52 +0000 (15:54 +0000)]
Simplify ProfLazyMode test on Linux.

Instead of installing signal handler, count samples taken.

Review URL: http://codereview.chromium.org/5325003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoExpose a method for getting JSObject constructor name
yurys@chromium.org [Thu, 25 Nov 2010 08:04:12 +0000 (08:04 +0000)]
Expose a method for getting JSObject constructor name
Review URL: http://codereview.chromium.org/5256004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5890 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoLanding for Justin Schuh.
ager@chromium.org [Thu, 25 Nov 2010 07:39:17 +0000 (07:39 +0000)]
Landing for Justin Schuh.

Seed the random number generator in Windows with rand_s

This is a quick fix for m9. It works on Windows Chrome because the random device is already initialized before permissions are dropped for the Chrome sandbox. The same trick isn't possible on Linux or Mac.

I think the long-term solution is to provide an interface for supplying v8 with a true random number generator. Then Chrome can just hook up the generator from base/rand_util.h

BUG=http://code.google.com/p/v8/issues/detail?id=936
TEST=None.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5889 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoNew Heap profiler: fix JSON serialization of aggregated profiles.
mikhail.naganov@gmail.com [Wed, 24 Nov 2010 10:47:18 +0000 (10:47 +0000)]
New Heap profiler: fix JSON serialization of aggregated profiles.

Serialization was failing due to unset dominator pointers.

TEST=test-heap-snapshot/AggregatedHeapSnapshotJSONSerialization

Review URL: http://codereview.chromium.org/5314003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5888 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix break of build.
lrn@chromium.org [Wed, 24 Nov 2010 10:28:22 +0000 (10:28 +0000)]
Fix break of build.
Mental note: When you make a fix, remember to save it before committing.

Review URL: http://codereview.chromium.org/5330005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5887 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoWorking stand-alone preparser.
lrn@chromium.org [Wed, 24 Nov 2010 09:57:06 +0000 (09:57 +0000)]
Working stand-alone preparser.

BUG=
TEST=

Review URL: http://codereview.chromium.org/5302003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5885 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoARM: Defer the prefix/postfix code generation. This is a fixed
erik.corry@gmail.com [Wed, 24 Nov 2010 09:55:58 +0000 (09:55 +0000)]
ARM: Defer the prefix/postfix code generation.  This is a fixed
version of http://codereview.chromium.org/3666001/ by ZhangK with
an added call to ForgetTypeInfo to fix a debug mode assert.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoMake randomized allocations along 64k granularity boundaries to avoid comitting unuse...
sgjesse@chromium.org [Wed, 24 Nov 2010 09:40:58 +0000 (09:40 +0000)]
Make randomized allocations along 64k granularity boundaries to avoid comitting unused memory.

BUG=56036
TEST=None.

Patch by Justin Schuh <jschuh@chromium.org>

Review URL: http://codereview.chromium.org/3849004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5883 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix the process sample to actually dispose the contexts used for
ager@chromium.org [Wed, 24 Nov 2010 09:21:29 +0000 (09:21 +0000)]
Fix the process sample to actually dispose the contexts used for
processors.

Review URL: http://codereview.chromium.org/5302004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5882 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoDelete empty directory.
ager@chromium.org [Wed, 24 Nov 2010 06:35:35 +0000 (06:35 +0000)]
Delete empty directory.

TBR=ricow@chromium.org

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5880 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

14 years agoFix crashes during GC caused by partially initialized objects. The
ager@chromium.org [Wed, 24 Nov 2010 06:26:36 +0000 (06:26 +0000)]
Fix crashes during GC caused by partially initialized objects. The
inline allocation code used the expected number of properties to
calculate the number of inobject properties for an object instead of
getting the actual number from the initial map.

It is safer to use the inobject property count from the initial map in
any case because that is the amount the instances will get. I think
this disconnect got introduced when adding shrinking of objects.

Unfortuntely I haven't been able to create a simple reproduction for a
test case but this fixes the webpage that exhibits the crash. I'll see
if I can create a reproduction tomorrow.

Review URL: http://codereview.chromium.org/5278003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5879 ce2b1a6d-e550-0410-aec6-3dcde31c8c00