mmaly@chromium.org [Thu, 17 Feb 2011 21:56:37 +0000 (21:56 +0000)]
Revert "This is not wrapped for strict mode and builtin functions."
This reverts commit 6845
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6847
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Thu, 17 Feb 2011 21:04:53 +0000 (21:04 +0000)]
Change behavior of global declarations in the presence of setters.
Call accessors in the global object prototype when initializing global
variables. Function declarations are special cased for compatibility
with Safari and setters are not called for them. If this special
casing was not done webkit layout tests would fail.
Make the declaration of global const variables in the presence of
callbacks a redeclaration error.
Handle const context slot declarations conflicting with a CALLBACK as
a redeclaration error. That is, unless it is on a context extension
object which is not a real object and therefore conceptually have no
accessors in prototype chains. Accessors in prototype chains of
context extension objects are explicitly ignored in SetProperty.
Review URL: http://codereview.chromium.org/6534029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6846
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Thu, 17 Feb 2011 17:52:03 +0000 (17:52 +0000)]
This is not wrapped for strict mode and builtin functions.
CallIC and KeyedCallIC do not wrap this when calling builtin
and strict mode functions.
Review URL: http://codereview.chromium.org/6523052
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6845
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
antonm@chromium.org [Thu, 17 Feb 2011 17:21:59 +0000 (17:21 +0000)]
Make OutOfMemory exception thrown from JS call into FatalProcessOutOfMemory as well.
That unifies the behaviour with CALL_HEAP_FUNCTION macro.
BUG=v8:1165
Review URL: http://codereview.chromium.org/6528050
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6844
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Thu, 17 Feb 2011 16:54:49 +0000 (16:54 +0000)]
Revert change to const and global variable declarations. It causes
may WebKit layout test failures.
I will look into it tomorrow.
TBR=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6537021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6843
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
vegorov@chromium.org [Thu, 17 Feb 2011 16:33:10 +0000 (16:33 +0000)]
Cygwin support
Patch by Bert Belder.
BUG=v8:64
BUG=v8:964
BUG=v8:1029
Review URL: http://codereview.chromium.org/6525028
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6842
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Thu, 17 Feb 2011 16:30:15 +0000 (16:30 +0000)]
Call accessors in the global object prototype when initializing global
variables.
Make the declaration of global const variables in the presence of
callbacks a redeclaration error.
Handle const context slot declarations conflicting with a CALLBACK as
a redeclaration error. That is, unless it is on a context extension
object which is not a real object and therefore conceptually have no
accessors in prototype chains. Accessors in prototype chains of
context extension objects are explicitly ignored in SetProperty.
Review URL: http://codereview.chromium.org/6519050
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6841
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
vegorov@chromium.org [Thu, 17 Feb 2011 16:02:12 +0000 (16:02 +0000)]
Avoid clobbering register containing name in CompilerStoreGlobal.
Review URL: http://codereview.chromium.org/6519052
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6840
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Thu, 17 Feb 2011 15:25:38 +0000 (15:25 +0000)]
ARM: Port new version of ParallelMove's GapResolver to ARM. Fix error in vstr(DoubleRegister, MemOperand), where it was implemented as a vldr, in r6830.
Review URL: http://codereview.chromium.org/6311010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6839
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
lrn@chromium.org [Thu, 17 Feb 2011 14:13:25 +0000 (14:13 +0000)]
Revert 6832.
The test contains a syntax error that shouldn't be detected, but it sometimes is.
TBR: kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6519049
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6836
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Thu, 17 Feb 2011 13:05:49 +0000 (13:05 +0000)]
Fix incorrect deoptimization for logical not in an effect context.
The baseline compiler does not materialize a value for expressions of
the form !expr in an effect context so the graph translation should
not produce such an environment, otherwise we risk targeting it by
deoptimization.
BUG=v8:1167
Review URL: http://codereview.chromium.org/6537018
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6833
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
lrn@chromium.org [Thu, 17 Feb 2011 12:23:18 +0000 (12:23 +0000)]
Handle exceptions thrown while parsing lazy functions for inlining.
We currently leave the exception as pending without returning a Failure::Exception() value. This is either caught immediately if running with --debug-code, or caught later by an assert in debug mode.
This change makes the pending exception be cleared before returning from the failed optimization attempt.
BUG=v8::1145
TEST=test/mjsunit/regress/regress-1145.js
Review URL: http://codereview.chromium.org/6524039
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6832
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Thu, 17 Feb 2011 11:06:50 +0000 (11:06 +0000)]
Fix a bug in deoptimization after logical expressions in an effect context.
When deoptimizing to after an expression of the form (expr0 || expr1)
or (expr0 && expr1) in an effect context, the unoptimized code could
incorrectly see the value of the expression.
Handle the short-circuit binary operators specially in effect contexts.
This fixes the issue and will generate better code when the left
subexpression is boolean-valued.
BUG=v8:1166
Review URL: http://codereview.chromium.org/6519046
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6831
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Thu, 17 Feb 2011 10:07:13 +0000 (10:07 +0000)]
ARM: Enable loads and stores of VFP registers with offsets >= 1024 bytes.
Review URL: http://codereview.chromium.org/6530002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6830
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sgjesse@chromium.org [Thu, 17 Feb 2011 07:47:05 +0000 (07:47 +0000)]
ARM: Don't try to flush the icache when there is nothing to flush
The simulator implementation of the icache did not like size being zero.
BUG=v8:1090
Review URL: http://codereview.chromium.org/6526052
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6829
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
vegorov@chromium.org [Wed, 16 Feb 2011 17:40:28 +0000 (17:40 +0000)]
GBDJIT: Do not check unwinding information correctness on x64.
This does not affect correctness of most common use cases.
Review URL: http://codereview.chromium.org/6525053
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6827
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Wed, 16 Feb 2011 15:45:45 +0000 (15:45 +0000)]
X64 Crankshaft: Start using LCallFunction, remove errors in it.
Review URL: http://codereview.chromium.org/6529053
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6826
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Wed, 16 Feb 2011 15:15:52 +0000 (15:15 +0000)]
X64 Crankshaft: Implement LCallFunction.
Review URL: http://codereview.chromium.org/6529052
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6825
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Wed, 16 Feb 2011 15:15:20 +0000 (15:15 +0000)]
X64 Crankshaft: Implement InstanceOf and InstanceOfKnownGlobal
Review URL: http://codereview.chromium.org/6529024
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6824
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sgjesse@chromium.org [Wed, 16 Feb 2011 14:48:41 +0000 (14:48 +0000)]
ARM: Remove crankshaft dependency on the generic binary operation stub
The crankshaft code now only relies on the type recording binary operation stub.
Added check for overwritable heap number in the type recording binary operation stub.
Review URL: http://codereview.chromium.org/6529050
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6823
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Wed, 16 Feb 2011 13:59:26 +0000 (13:59 +0000)]
Fix syntax error, feel sheepish.
Review URL: http://codereview.chromium.org/6525052
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6822
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Wed, 16 Feb 2011 13:56:23 +0000 (13:56 +0000)]
Attempt to disambiguate RUNTIME_FUNCTION for win64 build in serialization tests.
BUG=
TEST=
Review URL: http://codereview.chromium.org/6526049
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6821
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Wed, 16 Feb 2011 13:52:46 +0000 (13:52 +0000)]
Fix presubmit problem.
Review URL: http://codereview.chromium.org/6526048
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6820
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Wed, 16 Feb 2011 13:42:26 +0000 (13:42 +0000)]
Blargh. Yet another shot in the dark attempt to fix win64 compile.
BUG=
TEST=
Review URL: http://codereview.chromium.org/6480116
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6819
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Wed, 16 Feb 2011 13:37:26 +0000 (13:37 +0000)]
Another attempt to fix win64 compile.
BUG=
TEST=
Review URL: http://codereview.chromium.org/6525051
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6818
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Wed, 16 Feb 2011 13:31:12 +0000 (13:31 +0000)]
Implement crankshaft support for pixel array stores.
Review URL: http://codereview.chromium.org/6528013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6817
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Wed, 16 Feb 2011 13:24:40 +0000 (13:24 +0000)]
Speculative fix for win64 build breakage.
strstr returns a pointer and we are using an int to store a pointer difference. Using intptr_t instead.
Review URL: http://codereview.chromium.org/6529049
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6816
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Wed, 16 Feb 2011 12:19:14 +0000 (12:19 +0000)]
Prepare push to trunk. We are now working on version 3.1.6.
Review URL: http://codereview.chromium.org/6530001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6811
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Wed, 16 Feb 2011 12:10:48 +0000 (12:10 +0000)]
Handle indexed properties on value objects correctly.
As with named properties, search the value wrapper prototypes for properties.
Review URL: http://codereview.chromium.org/6526046
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6810
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
antonm@chromium.org [Wed, 16 Feb 2011 11:40:48 +0000 (11:40 +0000)]
Properly process try/finally blocks.
In some circumstances, try/finally block can actually catch the exception:
function f() {
try {
throw 42;
} finally {
return 0;
}
}
Therefore when propagating exception to v8::TryCatch, we must be sure
there is no try/finally blocks as well.
When bulding the messages we should be more conservative and expect that
any v8::TryCatch with no JS try/catch in between can potentionally
be the right exception handler.
Plus various minor refactorings.
BUG=1147
TEST=cctest/test-api/TryCatchAndFinallyHidingException, cctest/test-api/TryCatchAndFinally
Review URL: http://codereview.chromium.org/6526016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6809
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Wed, 16 Feb 2011 10:10:59 +0000 (10:10 +0000)]
X64: Enable OSR as default on x64
Review URL: http://codereview.chromium.org/6480109
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6808
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sgjesse@chromium.org [Wed, 16 Feb 2011 09:20:16 +0000 (09:20 +0000)]
ARM: Add inlined smi binary operations in full code generator
Review URL: http://codereview.chromium.org/6529022
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6806
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
lrn@chromium.org [Wed, 16 Feb 2011 09:18:19 +0000 (09:18 +0000)]
Fix non-simulated ARM calling of RegExp code.
Review URL: http://codereview.chromium.org/6526043
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6805
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Wed, 16 Feb 2011 08:21:45 +0000 (08:21 +0000)]
ARM: Implement GetCachedArrayIndex in the lithium code generator.
Add GetCachedArrayIndex to the Hydrogen instruction set and implement GetCachedArrayIndex in the lithium code generator. The x64 and ia32 code generators implementations abort in the chunk builder.
Review URL: http://codereview.chromium.org/6499014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6803
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
lrn@chromium.org [Wed, 16 Feb 2011 08:10:47 +0000 (08:10 +0000)]
Fix bug 1137. No longer allow the RegExp /(*)/.
BUG=v8:1137
TEST=test/mjsunit/regexp.js
Review URL: http://codereview.chromium.org/6499016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6802
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
vegorov@chromium.org [Tue, 15 Feb 2011 21:11:31 +0000 (21:11 +0000)]
Added gdb-jit interface support for ARM. Compressed .debug_line table by 1)
removing duplicate adjacent entries having the same line number, and 2) using
special opcodes to encode multiple machine register state changes in one byte.
Also made a fix involving the order in which static initializers are performed.
Patch by Shasank Chavan of Hewlett-Packard Development Company, LP
BUG=none
TEST=Try building for arm
Review URL: http://codereview.chromium.org/6524020
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6801
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Tue, 15 Feb 2011 19:15:59 +0000 (19:15 +0000)]
Fix presubmit.
TBR= ager@chromium.org
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6800
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Tue, 15 Feb 2011 18:57:37 +0000 (18:57 +0000)]
Strict mode "this" transformation in Function.call/Function.apply.
In strict mode the transformation of "this" is skipped.
Code review feedback.
Testing memory operand against 8 bit IMM on ia32 and x64.
Review URL: http://codereview.chromium.org/6524006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6799
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
rossberg@chromium.org [Tue, 15 Feb 2011 16:37:40 +0000 (16:37 +0000)]
Enable compound assignment to context slots.
Review URL: http://codereview.chromium.org/6523025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6798
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Tue, 15 Feb 2011 16:12:46 +0000 (16:12 +0000)]
Fix wrong assert in ia32 deoptimizer.
In revision 6795 I introduced an assertion in the deoptimizer that was
wrong. We check that curr_address - prev_address > patch_size(), but
prev_address is actually the address right after the last patched
call, so we just need to be larger than or equal to prev_address.
Review URL: http://codereview.chromium.org/6480068
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6797
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
vitalyr@chromium.org [Tue, 15 Feb 2011 15:12:51 +0000 (15:12 +0000)]
Fix issue 1160: check array elements in ArrayJoin.
Review URL: http://codereview.chromium.org/6529020
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6796
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Tue, 15 Feb 2011 14:36:12 +0000 (14:36 +0000)]
Make sure we always have room for patching the reloc info during lazy deoptimization (fixes issue 1156).
Before we could have calls to builtins that would not be in the
relocation info since this used a register as target. Whenever we have
this case (from lithium codegen) we now emit a comment in the reloc
info.
Review URL: http://codereview.chromium.org/6499015
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6795
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
lrn@chromium.org [Tue, 15 Feb 2011 13:53:51 +0000 (13:53 +0000)]
Change native RegExp call code to properly set C++ structures and
to handle exceptions on return from RegExp.
BUG=1108
TEST=
Review URL: http://codereview.chromium.org/6489001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6794
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
vitalyr@chromium.org [Tue, 15 Feb 2011 13:53:30 +0000 (13:53 +0000)]
Fix issue 1152: temporary JS array invariant violation in ArrayConcat.
Review URL: http://codereview.chromium.org/6524010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6793
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Tue, 15 Feb 2011 13:37:10 +0000 (13:37 +0000)]
x64: Port OSR to the x64 platform.
Review URL: http://codereview.chromium.org/6515012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6791
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Tue, 15 Feb 2011 12:17:53 +0000 (12:17 +0000)]
X64 Crankshaft: Fix another error in pushed registers at safepoints.
Review URL: http://codereview.chromium.org/6525014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6789
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Tue, 15 Feb 2011 12:17:42 +0000 (12:17 +0000)]
Fix FastPixelArrayStore on X64 platform.
TEST=test-api/PixelArray
Review URL: http://codereview.chromium.org/6529014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6788
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Tue, 15 Feb 2011 10:50:09 +0000 (10:50 +0000)]
Fix ARM debug build: remove ASSERT.
TBR=ricow@
Review URL: http://codereview.chromium.org/6528011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6787
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Tue, 15 Feb 2011 10:39:22 +0000 (10:39 +0000)]
Add access check when Object.keys is called on the global js proxy (fixes issue 1154)
I will land access checks for a range of ES5 features in another patch (we added a bunch of cases like this in the past few weeks, i.e., cases where we simply use the global object instead of the js global proxy).
Review URL: http://codereview.chromium.org/6499013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6786
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Tue, 15 Feb 2011 10:22:24 +0000 (10:22 +0000)]
ARM: Implement DoHasCachedArrayIndex and DoHasCachedArrayIndexAndBranch.
Review URL: http://codereview.chromium.org/6519009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6785
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Tue, 15 Feb 2011 08:47:14 +0000 (08:47 +0000)]
ARM: Enable OSR by default.
Review URL: http://codereview.chromium.org/6526012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6784
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Tue, 15 Feb 2011 07:58:04 +0000 (07:58 +0000)]
Refactor construction of polymorphic loads, stores, and calls.
Rather than passing in a pair of unequal-length lists, pass the default
subgraph separately. Construct the typecase from the top down rather than
the bottom up, so it doesn't need an intermediate zone list.
Also, change a basic block's 'last' instruction field to really be its last
instruction by correctly updating it when inserting and removing
instructions.
Review URL: http://codereview.chromium.org/6516016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6783
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Mon, 14 Feb 2011 23:41:47 +0000 (23:41 +0000)]
Strict mode delete of non-configurable property.
Strict mode flag is passed to runtime DELETE function
and then to JSObject::Delete(Property/Element) as STRICT_DELETION enum.
When deleting non-configurable property/eleemnt, TypeError is thrown.
Adding mozilla test to .gitignore.
Incorporate CR feedback.
Review URL: http://codereview.chromium.org/6515005/
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6782
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
danno@chromium.org [Mon, 14 Feb 2011 21:21:33 +0000 (21:21 +0000)]
Implement specialized IC code stubs for pixel array stores.
Review URL: http://codereview.chromium.org/6478027
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6781
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Mon, 14 Feb 2011 18:44:26 +0000 (18:44 +0000)]
Strict mode delete of unqualified identifier.
SyntaxError is reported in strict mode when deleting
an unqualified identifier. (11.4.1 of Ecma-262 5th ed)
Review URL: http://codereview.chromium.org/6516003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6780
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Mon, 14 Feb 2011 18:34:05 +0000 (18:34 +0000)]
X64 Crankshaft: Fix bug in pushed registers at safepoints. Fixes issue 1153 completely.
BUG=1153
TEST=mjsunit/mul-exhaustive
TBR=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6475012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6779
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Mon, 14 Feb 2011 17:33:06 +0000 (17:33 +0000)]
Refactoring codegen for delete.
* keep handling of VariableProxy and Property together
* place clauses in the order of discovery
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6778
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
antonm@chromium.org [Mon, 14 Feb 2011 17:25:12 +0000 (17:25 +0000)]
Introduce new runtime function to make join with lower memory usage.
Do not use generic StringBuilderConcat which requires array passed
to keep both elements and separator (which roughly double size
of the array). That should be faster as well.
BUG=crbug.com/54580
Review URL: http://codereview.chromium.org/6520004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6777
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Mon, 14 Feb 2011 16:02:02 +0000 (16:02 +0000)]
X64 Crankshaft: Fix error in pushed register indices for safepoints. Fixes issue 1153.
BUG=1153
TEST=mjsunit/date-parse
Review URL: http://codereview.chromium.org/6518007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6776
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Mon, 14 Feb 2011 13:57:15 +0000 (13:57 +0000)]
X64 Crankshaft: Add test that fails on x64 Crankshaft build to list of skipped mjsunit tests. Fix comments and remove unused function from date.js.
BUG=1153
TEST=mjsunit/date-parse
Review URL: http://codereview.chromium.org/6516011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6775
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Mon, 14 Feb 2011 13:39:53 +0000 (13:39 +0000)]
Change kPointerSize to kIntSize in ia32 specific stack check patching.
The call uses a 32 bit displacement relative to the next instruction. Althoug this has no actual impact on the 32 bit platform I think this is more correct (and will make the x64 and ia32 code more alike).
Review URL: http://codereview.chromium.org/6515011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6774
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
fschneider@chromium.org [Mon, 14 Feb 2011 13:13:41 +0000 (13:13 +0000)]
Fix a potential crash bug in keyed calls for non-string keys.
BUG=v8:1146
Review URL: http://codereview.chromium.org/6517010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6773
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Mon, 14 Feb 2011 12:51:25 +0000 (12:51 +0000)]
Fix a duplicate AST ID recorded for for/in.
Avoid visiting the subexpressions of a variable that rewrites to a property
when occurring as the 'left-hand side' of for/in.
BUG=v8:1149
Review URL: http://codereview.chromium.org/6475009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6772
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ager@chromium.org [Mon, 14 Feb 2011 12:34:11 +0000 (12:34 +0000)]
More x64 work.
x64: Implement DoArgumentsElements, DoNumberUntagD, DoArgumentsLength,
DoAccessArgumentsAt, DoStringLength in lithium x64 backend.
Fix a bug in DoConstantD where only 32-bits of a double was loaded to
an xmm register.
Review URL: http://codereview.chromium.org/6474039
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6771
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Mon, 14 Feb 2011 12:07:48 +0000 (12:07 +0000)]
ARM: Implement PatchStackCheckCodeAt and RevertStackCheckCode.
Remove a failing test expectation from mjsunit.status.
Review URL: http://codereview.chromium.org/6410029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6770
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
whesse@chromium.org [Mon, 14 Feb 2011 11:42:06 +0000 (11:42 +0000)]
Add ArithmeticD instruction to x64 Crankshaft.
Review URL: http://codereview.chromium.org/6515010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6767
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Mon, 14 Feb 2011 10:43:21 +0000 (10:43 +0000)]
Use ForceSetObjectProperty in DefineOrRedefineDataProperty (fixes crbug 72736).
The current version uses SetObjectProperty which will not set the
value in case this is a readonly property. The spec explictly says
that a configurable but non writable property can have its value
changed with Object.defineProperty (because the same thing can be
accomplished by doing 3 calls (set writable to true, update the value,
set writable to false).
Review URL: http://codereview.chromium.org/6518004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6766
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Mon, 14 Feb 2011 09:37:56 +0000 (09:37 +0000)]
Do not allow calls to SetProtoType on functions that should not have a prototype (fixes issue 1151)
Review URL: http://codereview.chromium.org/6518003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6765
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sgjesse@chromium.org [Mon, 14 Feb 2011 09:32:33 +0000 (09:32 +0000)]
Prepare push to trunk. We are now working on version 3.1.5.
Review URL: http://codereview.chromium.org/6484030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6764
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
fschneider@chromium.org [Mon, 14 Feb 2011 09:23:26 +0000 (09:23 +0000)]
Small cleanup of unused code in hydrogen IR.
Review URL: http://codereview.chromium.org/6513008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6763
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Mon, 14 Feb 2011 07:49:13 +0000 (07:49 +0000)]
Add support for the global object in Object.keys (fixes issue 1150)
We do not currently handle the case where the JSGlobalProxy is passed
as argument to LocalKeys in runtime.cc.
Review URL: http://codereview.chromium.org/6516008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6762
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Sun, 13 Feb 2011 18:39:14 +0000 (18:39 +0000)]
Revert r6759.
TBR=sgjesse@chromium.org
Review URL: http://codereview.chromium.org/6484025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6761
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Sun, 13 Feb 2011 16:19:53 +0000 (16:19 +0000)]
Implement assignment to undefined reference in ES5 Strict Mode.
Strict mode assignment to undefined reference.
Simple assignments (x = <value>) use CODE_TARGET_CONTEXT.
StoreIC stores its own strictness in extra_ic_state.
The strcitness is propagated as further ic stubs are generated.
Details:
* ReferenceError on assignment to non-resolvable reference in strict mode.
* Fix es5conform test expectation file.
* Add es5conform test suite into .gitignore.
* Fix Xcode project.
* Change implemented in virtual frame code generator, as well as full-codegen
for all architectures.
* Fix debugger test.
* Fix comment for CODE_TARGET_CONTEXT
* Implement remaining StoreIC stubs to be strict mode aware.
* Trace extra_ic_state() for ic code stubs.
Code Review URL: http://codereview.chromium.org/6474026/
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6760
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Sun, 13 Feb 2011 13:49:57 +0000 (13:49 +0000)]
ARM: Implement PatchStackCheckCodeAt and RevertStackCheckCode.
This patch also adds platform independent CPU instruction cache flushing.
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/6410029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6759
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
karlklose@chromium.org [Sun, 13 Feb 2011 10:24:39 +0000 (10:24 +0000)]
ARM: Implement OSR infrastructure.
Review URL: http://codereview.chromium.org/6460034
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6758
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Fri, 11 Feb 2011 23:25:07 +0000 (23:25 +0000)]
Revert r6756. Check failed on V8 arm - debug - crankshaft.
Need to investigate.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6757
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mmaly@chromium.org [Fri, 11 Feb 2011 21:39:59 +0000 (21:39 +0000)]
Implement assignment to undefined reference in ES5 Strict Mode.
Strict mode assignment to undefined reference.
Simple assignments (x = <value>) use CODE_TARGET_CONTEXT.
StoreIC stores its own strictness in extra_ic_state.
The strcitness is propagated as further ic stubs are generated.
Details:
* ReferenceError on assignment to non-resolvable reference in strict mode.
* Fix es5conform test expectation file.
* Add es5conform test suite into .gitignore.
* Fix Xcode project.
* Change implemented in virtual frame code generator, as well as full-codegen
for all architectures.
* Fix debugger test.
* Fix comment for CODE_TARGET_CONTEXT
* Implement remaining StoreIC stubs to be strict mode aware.
* Trace extra_ic_state() for ic code stubs.
Code Review URL: http://codereview.chromium.org/6474026/
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6756
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
fschneider@chromium.org [Fri, 11 Feb 2011 14:34:02 +0000 (14:34 +0000)]
Revert r6748.
I'm seeing some crashes after this change which I need to investigate.
Review URL: http://codereview.chromium.org/6486033
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6755
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
antonm@chromium.org [Fri, 11 Feb 2011 14:26:56 +0000 (14:26 +0000)]
Properly treat exceptions thrown while compiling.
BUG=v8:1132
TEST=test/mjsunit/regress/regress-1132.js
Review URL: http://codereview.chromium.org/6487021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6754
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
erik.corry@gmail.com [Fri, 11 Feb 2011 14:23:47 +0000 (14:23 +0000)]
Fix code.google.com/p/chromium/issues/detail?id=72555 incorrect
value for Math.LOG10E
Review URL: http://codereview.chromium.org/6489027
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6753
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sandholm@chromium.org [Fri, 11 Feb 2011 13:30:37 +0000 (13:30 +0000)]
Fix sputnik regression introduced in r6747.
Review URL: http://codereview.chromium.org/6485025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6752
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Fri, 11 Feb 2011 13:20:06 +0000 (13:20 +0000)]
Remove the uses of the arguments from all calls.
Before, Hydrogen call instructions had uses of the PushArgument instructions
for their arguments. These operands were unneeded, bloated the IR, and
caused calls to be the only Hydrogen instructions with an unpredictable
number of operands.
Now, PushArgument is a pure side-effecting instruction that has no uses.
Review URL: http://codereview.chromium.org/6480030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6749
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
fschneider@chromium.org [Fri, 11 Feb 2011 12:56:30 +0000 (12:56 +0000)]
Add a genuine unary minus instruction to Crankshaft.
This change introduces an instruction for negation instead
of generating a multiplication with -1.
The code for x64 and ARM is not included in this change.
Review URL: http://codereview.chromium.org/6461021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6748
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sandholm@chromium.org [Fri, 11 Feb 2011 12:33:30 +0000 (12:33 +0000)]
Improve StringIndexOf.
Review URL: http://codereview.chromium.org/6489028
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6747
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
mikhail.naganov@gmail.com [Fri, 11 Feb 2011 12:25:41 +0000 (12:25 +0000)]
removed
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6746
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Fri, 11 Feb 2011 11:57:11 +0000 (11:57 +0000)]
Fix the semantics of delete on parameters.
Before, an attempt to delete a parameter in a function that used the
arguments object in any way would succeed with true and delete both
the parameter and the corresponding arguments object property.
Now, an attempt to delete such a parameter does not delete and
evaluates to false.
Parameters can be deleted, as before, from functions that use the
arguments object, by deleting the corresponding arguments object
property (this is a spec violation).
BUG=fixes v8:1136
Review URL: http://codereview.chromium.org/6484023
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6745
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Fri, 11 Feb 2011 11:24:38 +0000 (11:24 +0000)]
Port bug fixes to optimized Function.prototype.apply to ARM.
There were a couple of bug fixes to this code on IA32 which have not yet
been ported to ARM. They are: failure to correctly handle non-JSObject
receivers and failure to restore the context register after calling JS code.
Review URL: http://codereview.chromium.org/6479019
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6744
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sgjesse@chromium.org [Fri, 11 Feb 2011 10:36:58 +0000 (10:36 +0000)]
Small cleanup of bug ids
Review URL: http://codereview.chromium.org/6486028
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6743
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
kmillikin@chromium.org [Fri, 11 Feb 2011 10:17:52 +0000 (10:17 +0000)]
Prohibit moving instructions with side effects via 'EmitAtUses'.
It's not generally safe to decide to delay the evaluation of an expression
with side effects until it is used.
BUG=v8:1138
Review URL: http://codereview.chromium.org/6474035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6742
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
sgjesse@chromium.org [Thu, 10 Feb 2011 20:04:54 +0000 (20:04 +0000)]
ARM: Add shift operations to the type recording binary operation stub
Review URL: http://codereview.chromium.org/6471023
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6737
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Thu, 10 Feb 2011 16:45:03 +0000 (16:45 +0000)]
Fix presubmit.
TBR: ager
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6736
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
lrn@chromium.org [Thu, 10 Feb 2011 16:43:01 +0000 (16:43 +0000)]
Fix typo in ASSERT in object-verifier for RegExp.
BUG=v8::1129
TEST=test/mjsunit/regress/regress-1129.js
Review URL: http://codereview.chromium.org/6476027
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6735
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Thu, 10 Feb 2011 16:33:01 +0000 (16:33 +0000)]
X64: Add DoCallNamed, DoContext, DoCallGlobal, and DoLoadFunctionPrototype lithium instructions.
Review URL: http://codereview.chromium.org/6471025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6734
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Thu, 10 Feb 2011 16:26:44 +0000 (16:26 +0000)]
Port revision 6732 to arm.
I discussed with Soeren, and they do need this on arm as well.
Review URL: http://codereview.chromium.org/6478029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6733
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Thu, 10 Feb 2011 16:13:21 +0000 (16:13 +0000)]
X64: Add VisitGlobalPropertyCell to the relocinfo visitor.
This fixes GC issues when in the threading tests.
Review URL: http://codereview.chromium.org/6478026
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6732
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
ricow@chromium.org [Thu, 10 Feb 2011 15:17:38 +0000 (15:17 +0000)]
X64: Fix Generate_NotifyLazyDeoptimized to actually call with the LAZY flag.
This should fix the flaky cctest failure on the debug run of x64 with
crankshaft enabled.
Review URL: http://codereview.chromium.org/6480032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6731
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
antonm@chromium.org [Thu, 10 Feb 2011 15:02:13 +0000 (15:02 +0000)]
Bypass JS accessors when building error array.
In the presence of JS accessors for elements on Object.prototype JSArray::SetFastElement
may throw or its behaviour can be altered. Instead operate on plain FixedArrays and
turn them into JSArry later.
BUG=v8:1130
TEST=test/mjsunit/regress/regress-1130.js
Review URL: http://codereview.chromium.org/6481001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6730
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
antonm@chromium.org [Thu, 10 Feb 2011 14:41:16 +0000 (14:41 +0000)]
Fix various places which do not check if SetProperty threw an exception.
Review URL: http://codereview.chromium.org/6480003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6729
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
antonm@chromium.org [Thu, 10 Feb 2011 14:09:52 +0000 (14:09 +0000)]
Fix forging of object's identity hashes.
Do not do standard property lookup on hidden properties object as it might
reach Object.prototype which can be altered to forge identity hashes.
Instead do only local lookup.
Review URL: http://codereview.chromium.org/6472001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6728
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
fschneider@chromium.org [Thu, 10 Feb 2011 12:33:51 +0000 (12:33 +0000)]
Check holder before optimizing calls to global functions.
In the case where the function is not found in the global object,
we have to generate a generic call.
BUG=v8:1106
TEST=mjsunit/regress/regress-1106.js
Review URL: http://codereview.chromium.org/6483010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6727
ce2b1a6d-e550-0410-aec6-
3dcde31c8c00
projects / platform / upstream / v8.git / log