review.tizen.org Git - platform/upstream/v8.git/log

Implement assignment to undefined reference in ES5 Strict Mode.

Strict mode assignment to undefined reference.
Simple assignments (x = <value>) use CODE_TARGET_CONTEXT.
StoreIC stores its own strictness in extra_ic_state.
The strcitness is propagated as further ic stubs are generated.

Details:
* ReferenceError on assignment to non-resolvable reference in strict mode.
* Fix es5conform test expectation file.
* Add es5conform test suite into .gitignore.
* Fix Xcode project.
* Change implemented in virtual frame code generator, as well as full-codegen
for all architectures.
* Fix debugger test.
* Fix comment for CODE_TARGET_CONTEXT
* Implement remaining StoreIC stubs to be strict mode aware.
* Trace extra_ic_state() for ic code stubs.

Code Review URL: http://codereview.chromium.org/6474026/

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Revert r6748.

I'm seeing some crashes after this change which I need to investigate.

Review URL: http://codereview.chromium.org/6486033

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Properly treat exceptions thrown while compiling.

BUG=v8:1132
TEST=test/mjsunit/regress/regress-1132.js

Review URL: http://codereview.chromium.org/6487021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6754 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix code.google.com/p/chromium/issues/detail?id=72555 incorrect
value for Math.LOG10E
Review URL: http://codereview.chromium.org/6489027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6753 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix sputnik regression introduced in r6747.
Review URL: http://codereview.chromium.org/6485025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6752 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Remove the uses of the arguments from all calls.

Before, Hydrogen call instructions had uses of the PushArgument instructions
for their arguments. These operands were unneeded, bloated the IR, and
caused calls to be the only Hydrogen instructions with an unpredictable
number of operands.

Now, PushArgument is a pure side-effecting instruction that has no uses.

Review URL: http://codereview.chromium.org/6480030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6749 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Add a genuine unary minus instruction to Crankshaft.

This change introduces an instruction for negation instead
of generating a multiplication with -1.

The code for x64 and ARM is not included in this change.

Review URL: http://codereview.chromium.org/6461021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6748 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Improve StringIndexOf.
Review URL: http://codereview.chromium.org/6489028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6747 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

removed

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix the semantics of delete on parameters.

Before, an attempt to delete a parameter in a function that used the
arguments object in any way would succeed with true and delete both
the parameter and the corresponding arguments object property.

Now, an attempt to delete such a parameter does not delete and
evaluates to false.

Parameters can be deleted, as before, from functions that use the
arguments object, by deleting the corresponding arguments object
property (this is a spec violation).

BUG=fixes v8:1136

Review URL: http://codereview.chromium.org/6484023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Port bug fixes to optimized Function.prototype.apply to ARM.

There were a couple of bug fixes to this code on IA32 which have not yet
been ported to ARM. They are: failure to correctly handle non-JSObject
receivers and failure to restore the context register after calling JS code.

Review URL: http://codereview.chromium.org/6479019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6744 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Small cleanup of bug ids
Review URL: http://codereview.chromium.org/6486028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6743 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Prohibit moving instructions with side effects via 'EmitAtUses'.

It's not generally safe to decide to delay the evaluation of an expression
with side effects until it is used.

BUG=v8:1138

Review URL: http://codereview.chromium.org/6474035

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6742 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

ARM: Add shift operations to the type recording binary operation stub
Review URL: http://codereview.chromium.org/6471023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6737 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix presubmit.

TBR: ager

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6736 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix typo in ASSERT in object-verifier for RegExp.

BUG=v8::1129
TEST=test/mjsunit/regress/regress-1129.js

Review URL: http://codereview.chromium.org/6476027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6735 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64: Add DoCallNamed, DoContext, DoCallGlobal, and DoLoadFunctionPrototype lithium instructions.

Review URL: http://codereview.chromium.org/6471025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6734 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Port revision 6732 to arm.

I discussed with Soeren, and they do need this on arm as well.

Review URL: http://codereview.chromium.org/6478029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6733 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64: Add VisitGlobalPropertyCell to the relocinfo visitor.

This fixes GC issues when in the threading tests.

Review URL: http://codereview.chromium.org/6478026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6732 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64: Fix Generate_NotifyLazyDeoptimized to actually call with the LAZY flag.

This should fix the flaky cctest failure on the debug run of x64 with
crankshaft enabled.

Review URL: http://codereview.chromium.org/6480032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6731 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Bypass JS accessors when building error array.

In the presence of JS accessors for elements on Object.prototype JSArray::SetFastElement
may throw or its behaviour can be altered. Instead operate on plain FixedArrays and
turn them into JSArry later.

BUG=v8:1130
TEST=test/mjsunit/regress/regress-1130.js

Review URL: http://codereview.chromium.org/6481001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6730 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix various places which do not check if SetProperty threw an exception.

Review URL: http://codereview.chromium.org/6480003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6729 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix forging of object's identity hashes.

Do not do standard property lookup on hidden properties object as it might
reach Object.prototype which can be altered to forge identity hashes.
Instead do only local lookup.

Review URL: http://codereview.chromium.org/6472001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6728 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Check holder before optimizing calls to global functions.

In the case where the function is not found in the global object,
we have to generate a generic call.

BUG=v8:1106
TEST=mjsunit/regress/regress-1106.js

Review URL: http://codereview.chromium.org/6483010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6727 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Bailout from PrepareSlowElementsForSort when hiting a key outside of smi-range.

BUG=v8:1131
TEST=test/mjsunit/regress/regress-1131.js

Review URL: http://codereview.chromium.org/6469006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6726 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Implement crankshaft support for pixel array loads.

Review URL: http://codereview.chromium.org/6410112

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6725 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Strengthen requirements for fixed registers at calls.

Already done on ia-32. This change is for x64 and ARM.
We now always require fixed input registers at calls to
avoid overlap with temp registers.

This fixes the affected instructions on ARM.

Review URL: http://codereview.chromium.org/6471021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6722 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix a representation change bug in the Hydrogen graph construction.

We could try to treat an HPhi as an HInstruction because the code did
not properly handle the case of a phi in a block with itself as one of
the predecessors.

BUG=v8:1134

Review URL: http://codereview.chromium.org/6471020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6721 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Insert a space to please our presubmit overlords.

Review URL: http://codereview.chromium.org/6480027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6715 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix bug in register requirements for function.apply.

Whenever we use a fixed temp at a call that can eagerly deopt we
now allow fixed register exclusively to avoid any overlap.

Review URL: http://codereview.chromium.org/6479014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6714 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Allow esi to be an allocatable register on IA32.

Make esi available to the register allocator rather than dedicating it
permanently to the context.

The context is still passed in register esi to JavaScript and to the runtime
as part of the calling convention. Because some stubs might end up calling
JS or the runtime, it is also conservatively passed to stubs.

Roughly half the calls have been modified to use the context as an input
value in fixed register esi. The other half are marked as calls or deferred
code so esi is spilled and can be explicitly set.

It is no longer necessary to restore the context to esi after a call that
might change it.

Review URL: http://codereview.chromium.org/6452001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6713 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Shorten constructor names in JS tickprocessor.

As they are no more used in DevTools profiler, there is no
need to prefix them with "devtools.profiler" namespace.

Review URL: http://codereview.chromium.org/6456025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Do not invoke any setters when forming stack trace JS object.

Review URL: http://codereview.chromium.org/6463022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Reapply code.google.com/p/v8/source/detail?r=6555

Compare JSObjects by identity immediately.

When invoking EQUALS JS builtin, 1st argument is passed as a receiver and
if it's a global object, it gets overwritten with global proxy object and
thus one gets incorrect results.

BUG=v8:1082

TBR=ricow@chromium.org

Review URL: http://codereview.chromium.org/6461028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Make optimized Function.prototype.apply safe for non-JSObject first arguments.

If we have a property access of the form this.x, where the access site sees
the global object, we can specialize the IC stub so that it performs a map
check without first performing a heap object check.

Ensure that we do not get in JS code with a non-JSObject this value by
deoptimizing at Function.prototype.apply if the first argument is not a
JSObject.

BUG=v8:1128

Review URL: http://codereview.chromium.org/6463025

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6707 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Make VS2005 project files compile without errors: changelist codereview.chromium.org/6286135/.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6706 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Add a regression test for issue 1106, optimized access to the prototype chain of the global object.
Review URL: http://codereview.chromium.org/6459023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

ARM: Add type-feedback recording for compare

Change the comparison in the full code generator to use CompareIC instead of the CompareStub to record the types. This also implements the patching in the full code generator where the inlined smi code is de-activated by default to call the CompareIC once and then activating the inlined smi code by patching the code.

Fixed the smi comparison in the ICCompareStub.

Fixed ToBooleanStub to ensure that the scratch register used is not the input. Use r9 as default as that will never be input with Crankshaft.

Implemented lithium instruction CmpTAndBranch.

Make sure that the lithium instruction CmpID have operands in registrers as the current optimized code expects that.
Review URL: http://codereview.chromium.org/6461017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

x64: Enable inline smi code patching to reenable the inlined code in
the code generated by the full code generator after my previous
change.

The generated code is the same as on ia32 and so is the patching.

Review URL: http://codereview.chromium.org/6456023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6703 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Prepare push to trunk. Now working on version 3.1.4.
Review URL: http://codereview.chromium.org/6458026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6702 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix incorrect asserts in scanner.

BUG=v8::1126
TEST=test/mjsunit/regress/regress-1126.js

Review URL: http://codereview.chromium.org/6459021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6701 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Add two tests to strtod.

Review URL: http://codereview.chromium.org/6461018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6700 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix assert error on ARM triggered by large numbers of function parameters.
Review URL: http://codereview.chromium.org/6458027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6699 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix typo in r6697: Use assertThrows correctly in the added test regress-1122.js.
Review URL: http://codereview.chromium.org/6460030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6698 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix a bug that occurs when functions are defined with more than 16,382 parameters.
Review URL: http://codereview.chromium.org/6447007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6697 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Change the code for materializing double constants on ia32.

Instead of using the stack, use a temporary integer register
and avoid memory access.

Review URL: http://codereview.chromium.org/6452002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Change our zap values from hex numbers tagged as a heap object to hex numbers tagged as a failure.

Since our zap values are valid heap object addreses we might hit asserts if a heap object gets the value of a zap constant as its address.

Review URL: http://codereview.chromium.org/6456022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6695 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix an assertion failure in stack trace construction.

When constructing stack traces we interpret the deoptimization data for
optimized frames to find the receiver value. This value could sometimes be
eliminated from the deoptimization data if we though it was unused.

BUG=v8:1118

Review URL: http://codereview.chromium.org/6465023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6694 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Use GC-safe version when setting elements.

BUG=1125
TEST=test/mjsunit/regress/regress-1125.js

Review URL: http://codereview.chromium.org/6463001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Do sanity check of exception state when returning from native to JS.

If --debug-code is on, check that returned value and Top::has_pending_exception
agree on exception state.

Review URL: http://codereview.chromium.org/6450004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Check if Array.prototype.__proto__ has been reset to null.

BUG=v8:1121
TEST=test/mjsunit/regress/regress-1121.js

Review URL: http://codereview.chromium.org/6454004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Port fix for duplicate AST ID for deoptimization to ARM and x64.

Review URL: http://codereview.chromium.org/6458001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6690 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Propagate exceptions thrown when setting elements.

Plus use more robust path when formatting messages---work
directly with fixed arrays.

BUG=v8:1107
TEST=test/mjsunit/getter-in-prototype.js,test/mjsunit/regress/regress-1107.js

Review URL: http://codereview.chromium.org/6451004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

We cannot assert that v8 is running in fatal error callback.

BUG=v8:1111

Review URL: http://codereview.chromium.org/6450005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6688 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

1) Return failure if any of property sets failed;
2) We cannot assert the declared property will go to the extension in the presence of callbacks and interceptors.

BUG=1119
TEST=test/mjsunit/regress/regress-1119.js

Review URL: http://codereview.chromium.org/6454011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix wrong assumption in parser that parsing a function literal cannot throw an exception.

Review URL: http://codereview.chromium.org/6453009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

ARM: Fix condition usage in DeoptimizeIf().

BUG=none
TEST=none

Review URL: http://codereview.chromium.org/6447003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Check for overflow when bumping new space's top in inlined allocation.

BUG=v8:1109
TEST=test/mjsunit/regress/regress-1109.js

Review URL: http://codereview.chromium.org/6453005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix issues with using defineProperty on the global proxy object.

Review URL: http://codereview.chromium.org/6452004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Prepare for bailout with the proper state at labeled block entries.

The state here should be NO_REGISTERS. It was spuriously changed to from
NO_REGISTERS to TOS_REG when TOS_EAX was renamed to TOS_REG.

BUG=v8:1113

Review URL: http://codereview.chromium.org/6452007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

x64: Add MulI and DivI to lithium instructions.

Review URL: http://codereview.chromium.org/6448001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Correct propagation of exceptions from setters.

BUG=v8:1105
TEST=test/mjsunit/regress/regress-1105.js

Review URL: http://codereview.chromium.org/6451003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix a possible duplicate AST ID for deoptimization.

For redeclarations of variables that alias the parameters in functions
using arguments, we need to avoid re-visiting the shared variable
rewrite.

BUG=v8:1104

Review URL: http://codereview.chromium.org/6453004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6679 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Bailout from crankshaft if a global property is found in the prototype chain of the global object, not on the global object itself.
Review URL: http://codereview.chromium.org/6449002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6678 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Make sure that we do not call is_extensible on the global proxy.

When calling Object.isExtensible we did not do a check for the global
js proxy. This caused the check on the extensible bit on the map to
return true, even when the bit was set to false on the global js
object.

Review URL: http://codereview.chromium.org/6450003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6677 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Speedup decodeURI/decodeURIComponent by switching from charAt(i) to charCodeAt(i) in Decode.

Original patch by Alexander Karpinsky.

Review URL: http://codereview.chromium.org/6440001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6676 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Make sure that we never call prevent extension on the global proxy,
but instead call this on the global object.

BUG: 1103

Review URL: http://codereview.chromium.org/6454001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix bug in JSON.parse for objects containing "__proto__" as key.

It added the __proto__ key as a normal key, which made it visible
in enumeration, while reading still hit the hard-coded accessor.

Review URL: http://codereview.chromium.org/6451002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6674 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64 Crankshaft: Implement DoCodeStub on X64 platform.
Review URL: http://codereview.chromium.org/6451001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Refactor lithium instructions for constants.

1. Remove unnecessary superlcass LConstant.
2. Use hydrogen accessor instead of duplicating the value.

Review URL: http://codereview.chromium.org/6410120

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6672 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Support %_IsConstructCall in the Crankshaft pipeline.

Provide special case for f.bind(obj).

Review URL: http://codereview.chromium.org/6368138

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6671 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64 Crankshaft: Use TypeRecordingBinaryStub in crankshaft.
Review URL: http://codereview.chromium.org/6449001

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6670 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fixed a number of issues on x64 crankshaft port:

- Don't use SmiSub when overflow can occur. It asserts that overflow
  does not happen.

- Actually use CompareICs and signal to crankshaft whether or not smi
  code was inlined.

- Fix bug in CmpI where 64 bits were compared instead of 32 bits.

- Implement Throw, DeferredStackCheck, StoreKeyedFastElement in
  lithium backend.

BUG=
TEST=

Review URL: http://codereview.chromium.org/6312193

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6669 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Clean up es5conform.status per feedback.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6668 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64: Add Crankshaft operation LoadGlobal.

Copied some serializer-related checks and counters from ia32.

Review URL: http://codereview.chromium.org/6312186

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6667 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

x64: Implement SmiUntag, SmiTag, LoadHeapObject and LoadNamedGeneric
in the lithium backend.

Review URL: http://codereview.chromium.org/6312185

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64: Disable crankshaft if serializerion is enabled.

Review URL: http://codereview.chromium.org/6413017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6665 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Prepare push to trunk. Now working on version 3.1.3.

Review URL: http://codereview.chromium.org/6286145

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6661 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Re-insert exception for mozilla/ecma/Date/15.9.5.10-2 in release mode on arm

The last change to mozilla.status made the assumption that this test always finish on time when in release mode, but that is not the case on arm. This change just skips the test completely on arm.

Review URL: http://codereview.chromium.org/6250193

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Do not compile the unreachable body of functions with illegal redeclarations.

Revision 6635 added an assert on IA32 that there were no 'const' parameters.
This assert could be hit at compile time because we compiled the unreachable
body of functions with illegal redeclarations, which are thrown at runtime.

Review URL: http://codereview.chromium.org/6286144

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Improve ScanJsonNumber.
Review URL: http://codereview.chromium.org/6334106

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6658 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Remove exceptions for Function.prototype.bind from es5conform.status.

These exceptions are no longer valid since we do implement bind.

Review URL: http://codereview.chromium.org/6410116

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6657 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Simplify exceptions for ecma/Date/15.9.5.10-2 in mozilla.status

We had a large number of different exceptions for this test in the
mozilla.status file - changing this to only one exception where we
allow fail and timeout in debug mode.

Review URL: http://codereview.chromium.org/6286143

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6656 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix an issue in DoMulI and address mjsunit test failure.

BUG=v8:1098
TEST=mjsunit/compiler/regress-intoverflow.js

Patch by Rodolph Perfetta from ARM Ltd.

Review URL: http://codereview.chromium.org/6312151

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix es5conform.status expectation file.
The strict mode tests were disabled until now.
The propagation of strict mode flag into eval enabled them but there are
failures due to unimplemented features of strict mode, as well as some
incorrect tests in the suite.

TBR=ager@chromium.org, lrn@chromium.org

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Issue 117 - strict mode and future reserved words

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6653 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Pass strict mode to eval.
Code review feedback.

Code Review URL: http://codereview.chromium.org/6286043/

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6652 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Restore context after LApplyArguments.

BUG=v8:1099
TEST=test/mjsunit/regress/regress-1099.js

Review URL: http://codereview.chromium.org/6246106

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Disable Mozilla date test that times out on X64 crankshaft.
BUG=1100
TEST=ecma/Date/15.9.5.10-2.js
Review URL: http://codereview.chromium.org/6246104

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6648 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix potential overwriting of debug jumps of following code.

Add JSArrayLength, CallKnownFunction, and InstanceType operations.
Remove LadGlobal and StoreGlobal again (they fail).

Review URL: http://codereview.chromium.org/6347067

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6645 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix ARM debug build. Insert missing declaration.

Review URL: http://codereview.chromium.org/6250160

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6640 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Landing for Zaheer Ahmad.

Direct call api functions (arm implementation)

See: http://codereview.chromium.org/6170001/

Review URL: http://codereview.chromium.org/6286078

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Remove instruction summaries.

Instead of constructing a temporary container for all LOperands of each
instruction, the register works directly on the LIR instructions that
provide an abstract interface for input/output/temp operands.

This saves allocation of zone memory and speeds up LIR construction,
but makes iterating over all uses in the register allocator slightly
more expensive because environment uses are stored in a linked list of
environments. We can fix this by using a flat representation of LOperands.

Review URL: http://codereview.chromium.org/6352006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6638 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64 Crankshaft: Port TaggedToI to X64.
Review URL: http://codereview.chromium.org/6368097

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6637 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Make sure that we don't actually overwrite a property that has failed access checsk with Object.defineProperty.

Review URL: http://codereview.chromium.org/6246103

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6636 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Remove the redundant load on every context lookup.

There was an unnecessary load on every statically-resolved context lookup.
Remove it.

This revealed a hidden bug in const initializers inside 'with'. They claim
to be statically resolved (having slot type CONTEXT) but they occur in a
spot where the runtime context chain and the static scope chain do not
agree. This is fixed by special casing const initializers in the backend.

Review URL: http://codereview.chromium.org/6384020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

ARM: Implement DoCmpID and DoCmpIDAndBranch in the lithium code generator.

BUG=none
TEST=none

Review URL: http://codereview.chromium.org/6379007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6633 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

X64 Crankshaft: Add bit operations and shifts to x64 crankshaft.
Review URL: http://codereview.chromium.org/6246099

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6632 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

ARM: Add support for and, or and xor to the type recording binary op stub.
Review URL: http://codereview.chromium.org/6250126

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6631 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix compliance bug in decodeURI/decodeURIComponent.

Review URL: http://codereview.chromium.org/6349105

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6630 ce2b1a6d-e550-0410-aec6-3dcde31c8c00