summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--deps/v8/ChangeLog8
-rw-r--r--deps/v8/SConstruct1
-rw-r--r--deps/v8/include/v8.h114
-rw-r--r--deps/v8/src/api.cc67
-rw-r--r--deps/v8/src/arm/assembler-arm-inl.h26
-rw-r--r--deps/v8/src/arm/assembler-arm.cc43
-rw-r--r--deps/v8/src/arm/assembler-arm.h8
-rw-r--r--deps/v8/src/arm/codegen-arm.cc149
-rw-r--r--deps/v8/src/arm/full-codegen-arm.cc1464
-rw-r--r--deps/v8/src/arm/macro-assembler-arm.cc45
-rw-r--r--deps/v8/src/arm/macro-assembler-arm.h12
-rw-r--r--deps/v8/src/arm/stub-cache-arm.cc72
-rw-r--r--deps/v8/src/assembler.h21
-rw-r--r--deps/v8/src/circular-queue-inl.h48
-rw-r--r--deps/v8/src/circular-queue.h26
-rwxr-xr-xdeps/v8/src/compiler.cc34
-rw-r--r--deps/v8/src/cpu-profiler-inl.h1
-rw-r--r--deps/v8/src/cpu-profiler.cc1
-rw-r--r--deps/v8/src/cpu-profiler.h3
-rw-r--r--deps/v8/src/flag-definitions.h4
-rw-r--r--deps/v8/src/handles.cc5
-rw-r--r--deps/v8/src/handles.h2
-rw-r--r--deps/v8/src/ia32/assembler-ia32-inl.h26
-rw-r--r--deps/v8/src/ia32/codegen-ia32.cc87
-rw-r--r--deps/v8/src/ia32/codegen-ia32.h4
-rw-r--r--deps/v8/src/ia32/full-codegen-ia32.cc4
-rw-r--r--deps/v8/src/ia32/stub-cache-ia32.cc81
-rw-r--r--deps/v8/src/jump-target-light.h2
-rw-r--r--deps/v8/src/objects.cc408
-rw-r--r--deps/v8/src/objects.h19
-rw-r--r--deps/v8/src/parser.cc6
-rw-r--r--deps/v8/src/parser.h2
-rw-r--r--deps/v8/src/platform-freebsd.cc2
-rw-r--r--deps/v8/src/platform-linux.cc22
-rw-r--r--deps/v8/src/platform-macos.cc7
-rw-r--r--deps/v8/src/platform-win32.cc6
-rw-r--r--deps/v8/src/platform.h2
-rw-r--r--deps/v8/src/runtime.js13
-rw-r--r--deps/v8/src/serialize.cc4
-rw-r--r--deps/v8/src/top.cc9
-rw-r--r--deps/v8/src/unbound-queue-inl.h87
-rw-r--r--deps/v8/src/unbound-queue.h66
-rw-r--r--deps/v8/src/v8natives.js32
-rw-r--r--deps/v8/src/version.cc2
-rw-r--r--deps/v8/src/x64/assembler-x64-inl.h31
-rw-r--r--deps/v8/src/x64/assembler-x64.cc46
-rw-r--r--deps/v8/src/x64/assembler-x64.h6
-rw-r--r--deps/v8/src/x64/codegen-x64.cc238
-rw-r--r--deps/v8/src/x64/codegen-x64.h5
-rw-r--r--deps/v8/src/x64/full-codegen-x64.cc2
-rw-r--r--deps/v8/src/x64/macro-assembler-x64.cc21
-rw-r--r--deps/v8/src/x64/stub-cache-x64.cc81
-rw-r--r--deps/v8/test/cctest/SConscript1
-rw-r--r--deps/v8/test/cctest/test-api.cc217
-rw-r--r--deps/v8/test/cctest/test-circular-queue.cc46
-rw-r--r--deps/v8/test/cctest/test-log-stack-tracer.cc8
-rwxr-xr-xdeps/v8/test/cctest/test-macro-assembler-x64.cc357
-rw-r--r--deps/v8/test/cctest/test-thread-termination.cc45
-rw-r--r--deps/v8/test/cctest/test-unbound-queue.cc54
-rw-r--r--deps/v8/test/mjsunit/object-define-property.js251
-rw-r--r--deps/v8/test/mjsunit/regress/regress-712.js38
-rw-r--r--deps/v8/test/mjsunit/regress/regress-720.js36
-rw-r--r--deps/v8/test/mjsunit/samevalue.js102
-rw-r--r--deps/v8/tools/gyp/v8.gyp2
-rw-r--r--deps/v8/tools/v8.xcodeproj/project.pbxproj4
-rw-r--r--deps/v8/tools/visual_studio/v8_base.vcproj32
-rw-r--r--deps/v8/tools/visual_studio/v8_base_arm.vcproj8
-rw-r--r--deps/v8/tools/visual_studio/v8_base_x64.vcproj8
-rw-r--r--deps/v8/tools/visual_studio/v8_cctest.vcproj4
69 files changed, 3820 insertions, 868 deletions
diff --git a/deps/v8/ChangeLog b/deps/v8/ChangeLog
index 33b6d142f7..3c7003a6d1 100644
--- a/deps/v8/ChangeLog
+++ b/deps/v8/ChangeLog
@@ -1,3 +1,11 @@
+2010-05-26: Version 2.2.12
+
+ Allowed accessors to be defined on objects rather than just object
+ templates.
+
+ Changed the ScriptData API.
+
+
2010-05-21: Version 2.2.11
Fix crash bug in liveedit on 64 bit.
diff --git a/deps/v8/SConstruct b/deps/v8/SConstruct
index 7cf866ca55..cf6b57d7ac 100644
--- a/deps/v8/SConstruct
+++ b/deps/v8/SConstruct
@@ -294,6 +294,7 @@ V8_EXTRA_FLAGS = {
'gcc': {
'all': {
'WARNINGFLAGS': ['-Wall',
+ '-Werror',
'-W',
'-Wno-unused-parameter',
'-Wnon-virtual-dtor']
diff --git a/deps/v8/include/v8.h b/deps/v8/include/v8.h
index eb12de80b0..5b5dabe309 100644
--- a/deps/v8/include/v8.h
+++ b/deps/v8/include/v8.h
@@ -126,6 +126,7 @@ template <class T> class Persistent;
class FunctionTemplate;
class ObjectTemplate;
class Data;
+class AccessorInfo;
class StackTrace;
class StackFrame;
@@ -512,11 +513,37 @@ class V8EXPORT Data {
class V8EXPORT ScriptData { // NOLINT
public:
virtual ~ScriptData() { }
+ /**
+ * Pre-compiles the specified script (context-independent).
+ *
+ * \param input Pointer to UTF-8 script source code.
+ * \param length Length of UTF-8 script source code.
+ */
static ScriptData* PreCompile(const char* input, int length);
- static ScriptData* New(unsigned* data, int length);
+ /**
+ * Load previous pre-compilation data.
+ *
+ * \param data Pointer to data returned by a call to Data() of a previous
+ * ScriptData. Ownership is not transferred.
+ * \param length Length of data.
+ */
+ static ScriptData* New(const char* data, int length);
+
+ /**
+ * Returns the length of Data().
+ */
virtual int Length() = 0;
- virtual unsigned* Data() = 0;
+
+ /**
+ * Returns a serialized representation of this ScriptData that can later be
+ * passed to New(). NOTE: Serialized data is platform-dependent.
+ */
+ virtual const char* Data() = 0;
+
+ /**
+ * Returns true if the source code could not be parsed.
+ */
virtual bool HasError() = 0;
};
@@ -1306,6 +1333,41 @@ enum ExternalArrayType {
};
/**
+ * Accessor[Getter|Setter] are used as callback functions when
+ * setting|getting a particular property. See Object and ObjectTemplate's
+ * method SetAccessor.
+ */
+typedef Handle<Value> (*AccessorGetter)(Local<String> property,
+ const AccessorInfo& info);
+
+
+typedef void (*AccessorSetter)(Local<String> property,
+ Local<Value> value,
+ const AccessorInfo& info);
+
+
+/**
+ * Access control specifications.
+ *
+ * Some accessors should be accessible across contexts. These
+ * accessors have an explicit access control parameter which specifies
+ * the kind of cross-context access that should be allowed.
+ *
+ * Additionally, for security, accessors can prohibit overwriting by
+ * accessors defined in JavaScript. For objects that have such
+ * accessors either locally or in their prototype chain it is not
+ * possible to overwrite the accessor by using __defineGetter__ or
+ * __defineSetter__ from JavaScript code.
+ */
+enum AccessControl {
+ DEFAULT = 0,
+ ALL_CAN_READ = 1,
+ ALL_CAN_WRITE = 1 << 1,
+ PROHIBITS_OVERWRITING = 1 << 2
+};
+
+
+/**
* A JavaScript object (ECMA-262, 4.3.3)
*/
class V8EXPORT Object : public Value {
@@ -1347,6 +1409,13 @@ class V8EXPORT Object : public Value {
bool Delete(uint32_t index);
+ bool SetAccessor(Handle<String> name,
+ AccessorGetter getter,
+ AccessorSetter setter = 0,
+ Handle<Value> data = Handle<Value>(),
+ AccessControl settings = DEFAULT,
+ PropertyAttribute attribute = None);
+
/**
* Returns an array containing the names of the enumerable properties
* of this object, including properties from prototype objects. The
@@ -1642,19 +1711,6 @@ typedef Handle<Value> (*InvocationCallback)(const Arguments& args);
typedef int (*LookupCallback)(Local<Object> self, Local<String> name);
/**
- * Accessor[Getter|Setter] are used as callback functions when
- * setting|getting a particular property. See objectTemplate::SetAccessor.
- */
-typedef Handle<Value> (*AccessorGetter)(Local<String> property,
- const AccessorInfo& info);
-
-
-typedef void (*AccessorSetter)(Local<String> property,
- Local<Value> value,
- const AccessorInfo& info);
-
-
-/**
* NamedProperty[Getter|Setter] are used as interceptors on object.
* See ObjectTemplate::SetNamedPropertyHandler.
*/
@@ -1734,27 +1790,6 @@ typedef Handle<Array> (*IndexedPropertyEnumerator)(const AccessorInfo& info);
/**
- * Access control specifications.
- *
- * Some accessors should be accessible across contexts. These
- * accessors have an explicit access control parameter which specifies
- * the kind of cross-context access that should be allowed.
- *
- * Additionally, for security, accessors can prohibit overwriting by
- * accessors defined in JavaScript. For objects that have such
- * accessors either locally or in their prototype chain it is not
- * possible to overwrite the accessor by using __defineGetter__ or
- * __defineSetter__ from JavaScript code.
- */
-enum AccessControl {
- DEFAULT = 0,
- ALL_CAN_READ = 1,
- ALL_CAN_WRITE = 1 << 1,
- PROHIBITS_OVERWRITING = 1 << 2
-};
-
-
-/**
* Access type specification.
*/
enum AccessType {
@@ -2866,7 +2901,12 @@ class V8EXPORT Context {
*/
void ReattachGlobal(Handle<Object> global_object);
- /** Creates a new context. */
+ /** Creates a new context.
+ *
+ * Returns a persistent handle to the newly allocated context. This
+ * persistent handle has to be disposed when the context is no
+ * longer used so the context can be garbage collected.
+ */
static Persistent<Context> New(
ExtensionConfiguration* extensions = NULL,
Handle<ObjectTemplate> global_template = Handle<ObjectTemplate>(),
diff --git a/deps/v8/src/api.cc b/deps/v8/src/api.cc
index cf940c6e00..a7948aeb54 100644
--- a/deps/v8/src/api.cc
+++ b/deps/v8/src/api.cc
@@ -58,11 +58,10 @@
namespace v8 {
-
-#define ON_BAILOUT(location, code) \
- if (IsDeadCheck(location)) { \
- code; \
- UNREACHABLE(); \
+#define ON_BAILOUT(location, code) \
+ if (IsDeadCheck(location) || v8::V8::IsExecutionTerminating()) { \
+ code; \
+ UNREACHABLE(); \
}
@@ -776,18 +775,13 @@ void FunctionTemplate::SetCallHandler(InvocationCallback callback,
}
-void FunctionTemplate::AddInstancePropertyAccessor(
+static i::Handle<i::AccessorInfo> MakeAccessorInfo(
v8::Handle<String> name,
AccessorGetter getter,
AccessorSetter setter,
v8::Handle<Value> data,
v8::AccessControl settings,
v8::PropertyAttribute attributes) {
- if (IsDeadCheck("v8::FunctionTemplate::AddInstancePropertyAccessor()")) {
- return;
- }
- ENTER_V8;
- HandleScope scope;
i::Handle<i::AccessorInfo> obj = i::Factory::NewAccessorInfo();
ASSERT(getter != NULL);
obj->set_getter(*FromCData(getter));
@@ -799,7 +793,26 @@ void FunctionTemplate::AddInstancePropertyAccessor(
if (settings & ALL_CAN_WRITE) obj->set_all_can_write(true);
if (settings & PROHIBITS_OVERWRITING) obj->set_prohibits_overwriting(true);
obj->set_property_attributes(static_cast<PropertyAttributes>(attributes));
+ return obj;
+}
+
+
+void FunctionTemplate::AddInstancePropertyAccessor(
+ v8::Handle<String> name,
+ AccessorGetter getter,
+ AccessorSetter setter,
+ v8::Handle<Value> data,
+ v8::AccessControl settings,
+ v8::PropertyAttribute attributes) {
+ if (IsDeadCheck("v8::FunctionTemplate::AddInstancePropertyAccessor()")) {
+ return;
+ }
+ ENTER_V8;
+ HandleScope scope;
+ i::Handle<i::AccessorInfo> obj = MakeAccessorInfo(name,
+ getter, setter, data,
+ settings, attributes);
i::Handle<i::Object> list(Utils::OpenHandle(this)->property_accessors());
if (list->IsUndefined()) {
list = NeanderArray().value();
@@ -1106,8 +1119,19 @@ ScriptData* ScriptData::PreCompile(const char* input, int length) {
}
-ScriptData* ScriptData::New(unsigned* data, int length) {
- return new i::ScriptDataImpl(i::Vector<unsigned>(data, length));
+ScriptData* ScriptData::New(const char* data, int length) {
+ // Return an empty ScriptData if the length is obviously invalid.
+ if (length % sizeof(unsigned) != 0) {
+ return new i::ScriptDataImpl(i::Vector<unsigned>());
+ }
+
+ // Copy the data to ensure it is properly aligned.
+ int deserialized_data_length = length / sizeof(unsigned);
+ unsigned* deserialized_data = i::NewArray<unsigned>(deserialized_data_length);
+ memcpy(deserialized_data, data, length);
+
+ return new i::ScriptDataImpl(
+ i::Vector<unsigned>(deserialized_data, deserialized_data_length));
}
@@ -2354,6 +2378,23 @@ bool v8::Object::Has(uint32_t index) {
}
+bool Object::SetAccessor(Handle<String> name,
+ AccessorGetter getter,
+ AccessorSetter setter,
+ v8::Handle<Value> data,
+ AccessControl settings,
+ PropertyAttribute attributes) {
+ ON_BAILOUT("v8::Object::SetAccessor()", return false);
+ ENTER_V8;
+ HandleScope scope;
+ i::Handle<i::AccessorInfo> info = MakeAccessorInfo(name,
+ getter, setter, data,
+ settings, attributes);
+ i::Handle<i::Object> result = i::SetAccessor(Utils::OpenHandle(this), info);
+ return !result.is_null() && !result->IsUndefined();
+}
+
+
bool v8::Object::HasRealNamedProperty(Handle<String> key) {
ON_BAILOUT("v8::Object::HasRealNamedProperty()", return false);
return Utils::OpenHandle(this)->HasRealNamedProperty(
diff --git a/deps/v8/src/arm/assembler-arm-inl.h b/deps/v8/src/arm/assembler-arm-inl.h
index a5c5bd1440..e292cefabf 100644
--- a/deps/v8/src/arm/assembler-arm-inl.h
+++ b/deps/v8/src/arm/assembler-arm-inl.h
@@ -39,6 +39,7 @@
#include "arm/assembler-arm.h"
#include "cpu.h"
+#include "debug.h"
namespace v8 {
@@ -73,6 +74,11 @@ Address RelocInfo::target_address_address() {
}
+int RelocInfo::target_address_size() {
+ return Assembler::kExternalTargetSize;
+}
+
+
void RelocInfo::set_target_address(Address target) {
ASSERT(IsCodeTarget(rmode_) || rmode_ == RUNTIME_ENTRY);
Assembler::set_target_address_at(pc_, target);
@@ -162,6 +168,26 @@ bool RelocInfo::IsPatchedReturnSequence() {
}
+void RelocInfo::Visit(ObjectVisitor* visitor) {
+ RelocInfo::Mode mode = rmode();
+ if (mode == RelocInfo::EMBEDDED_OBJECT) {
+ visitor->VisitPointer(target_object_address());
+ } else if (RelocInfo::IsCodeTarget(mode)) {
+ visitor->VisitCodeTarget(this);
+ } else if (mode == RelocInfo::EXTERNAL_REFERENCE) {
+ visitor->VisitExternalReference(target_reference_address());
+#ifdef ENABLE_DEBUGGER_SUPPORT
+ } else if (Debug::has_break_points() &&
+ RelocInfo::IsJSReturn(mode) &&
+ IsPatchedReturnSequence()) {
+ visitor->VisitDebugTarget(this);
+#endif
+ } else if (mode == RelocInfo::RUNTIME_ENTRY) {
+ visitor->VisitRuntimeEntry(this);
+ }
+}
+
+
Operand::Operand(int32_t immediate, RelocInfo::Mode rmode) {
rm_ = no_reg;
imm32_ = immediate;
diff --git a/deps/v8/src/arm/assembler-arm.cc b/deps/v8/src/arm/assembler-arm.cc
index dba62e62c6..050e15bcc2 100644
--- a/deps/v8/src/arm/assembler-arm.cc
+++ b/deps/v8/src/arm/assembler-arm.cc
@@ -1363,40 +1363,25 @@ void Assembler::ldrsh(Register dst, const MemOperand& src, Condition cond) {
}
-void Assembler::ldrd(Register dst, const MemOperand& src, Condition cond) {
+void Assembler::ldrd(Register dst1, Register dst2,
+ const MemOperand& src, Condition cond) {
+ ASSERT(CpuFeatures::IsEnabled(ARMv7));
ASSERT(src.rm().is(no_reg));
-#ifdef CAN_USE_ARMV7_INSTRUCTIONS
- addrmod3(cond | B7 | B6 | B4, dst, src);
-#else
- // Generate two ldr instructions if ldrd is not available.
- MemOperand src1(src);
- src1.set_offset(src1.offset() + 4);
- Register dst1(dst);
- dst1.set_code(dst1.code() + 1);
- if (dst.is(src.rn())) {
- ldr(dst1, src1, cond);
- ldr(dst, src, cond);
- } else {
- ldr(dst, src, cond);
- ldr(dst1, src1, cond);
- }
-#endif
+ ASSERT(!dst1.is(lr)); // r14.
+ ASSERT_EQ(0, dst1.code() % 2);
+ ASSERT_EQ(dst1.code() + 1, dst2.code());
+ addrmod3(cond | B7 | B6 | B4, dst1, src);
}
-void Assembler::strd(Register src, const MemOperand& dst, Condition cond) {
+void Assembler::strd(Register src1, Register src2,
+ const MemOperand& dst, Condition cond) {
ASSERT(dst.rm().is(no_reg));
-#ifdef CAN_USE_ARMV7_INSTRUCTIONS
- addrmod3(cond | B7 | B6 | B5 | B4, src, dst);
-#else
- // Generate two str instructions if strd is not available.
- MemOperand dst1(dst);
- dst1.set_offset(dst1.offset() + 4);
- Register src1(src);
- src1.set_code(src1.code() + 1);
- str(src, dst, cond);
- str(src1, dst1, cond);
-#endif
+ ASSERT(!src1.is(lr)); // r14.
+ ASSERT_EQ(0, src1.code() % 2);
+ ASSERT_EQ(src1.code() + 1, src2.code());
+ ASSERT(CpuFeatures::IsEnabled(ARMv7));
+ addrmod3(cond | B7 | B6 | B5 | B4, src1, dst);
}
// Load/Store multiple instructions.
diff --git a/deps/v8/src/arm/assembler-arm.h b/deps/v8/src/arm/assembler-arm.h
index 5a5d64b7b6..a1b98f673d 100644
--- a/deps/v8/src/arm/assembler-arm.h
+++ b/deps/v8/src/arm/assembler-arm.h
@@ -773,8 +773,12 @@ class Assembler : public Malloced {
void strh(Register src, const MemOperand& dst, Condition cond = al);
void ldrsb(Register dst, const MemOperand& src, Condition cond = al);
void ldrsh(Register dst, const MemOperand& src, Condition cond = al);
- void ldrd(Register dst, const MemOperand& src, Condition cond = al);
- void strd(Register src, const MemOperand& dst, Condition cond = al);
+ void ldrd(Register dst1,
+ Register dst2,
+ const MemOperand& src, Condition cond = al);
+ void strd(Register src1,
+ Register src2,
+ const MemOperand& dst, Condition cond = al);
// Load/Store multiple instructions
void ldm(BlockAddrMode am, Register base, RegList dst, Condition cond = al);
diff --git a/deps/v8/src/arm/codegen-arm.cc b/deps/v8/src/arm/codegen-arm.cc
index 7b62da9d33..64ed425a77 100644
--- a/deps/v8/src/arm/codegen-arm.cc
+++ b/deps/v8/src/arm/codegen-arm.cc
@@ -1514,7 +1514,7 @@ void CodeGenerator::CallApplyLazy(Expression* applicand,
// Then process it as a normal function call.
__ ldr(r0, MemOperand(sp, 3 * kPointerSize));
__ ldr(r1, MemOperand(sp, 2 * kPointerSize));
- __ strd(r0, MemOperand(sp, 2 * kPointerSize));
+ __ Strd(r0, r1, MemOperand(sp, 2 * kPointerSize));
CallFunctionStub call_function(2, NOT_IN_LOOP, NO_CALL_FUNCTION_FLAGS);
frame_->CallStub(&call_function, 3);
@@ -2307,12 +2307,10 @@ void CodeGenerator::VisitForInStatement(ForInStatement* node) {
node->continue_target()->SetExpectedHeight();
// Load the current count to r0, load the length to r1.
- __ ldrd(r0, frame_->ElementAt(0));
+ __ Ldrd(r0, r1, frame_->ElementAt(0));
__ cmp(r0, r1); // compare to the array length
node->break_target()->Branch(hs);
- __ ldr(r0, frame_->ElementAt(0));
-
// Get the i'th entry of the array.
__ ldr(r2, frame_->ElementAt(2));
__ add(r2, r2, Operand(FixedArray::kHeaderSize - kHeapObjectTag));
@@ -2730,7 +2728,6 @@ void CodeGenerator::VisitFunctionLiteral(FunctionLiteral* node) {
#ifdef DEBUG
int original_height = frame_->height();
#endif
- VirtualFrame::SpilledScope spilled_scope(frame_);
Comment cmnt(masm_, "[ FunctionLiteral");
// Build the function info and instantiate it.
@@ -2751,7 +2748,6 @@ void CodeGenerator::VisitSharedFunctionInfoLiteral(
#ifdef DEBUG
int original_height = frame_->height();
#endif
- VirtualFrame::SpilledScope spilled_scope(frame_);
Comment cmnt(masm_, "[ SharedFunctionInfoLiteral");
InstantiateFunction(node->shared_function_info());
ASSERT_EQ(original_height + 1, frame_->height());
@@ -4045,37 +4041,35 @@ void CodeGenerator::GenerateSetValueOf(ZoneList<Expression*>* args) {
void CodeGenerator::GenerateIsSmi(ZoneList<Expression*>* args) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
ASSERT(args->length() == 1);
- LoadAndSpill(args->at(0));
- frame_->EmitPop(r0);
- __ tst(r0, Operand(kSmiTagMask));
+ Load(args->at(0));
+ Register reg = frame_->PopToRegister();
+ __ tst(reg, Operand(kSmiTagMask));
cc_reg_ = eq;
}
void CodeGenerator::GenerateLog(ZoneList<Expression*>* args) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
// See comment in CodeGenerator::GenerateLog in codegen-ia32.cc.
ASSERT_EQ(args->length(), 3);
#ifdef ENABLE_LOGGING_AND_PROFILING
if (ShouldGenerateLog(args->at(0))) {
- LoadAndSpill(args->at(1));
- LoadAndSpill(args->at(2));
+ Load(args->at(1));
+ Load(args->at(2));
+ frame_->SpillAll();
+ VirtualFrame::SpilledScope spilled_scope(frame_);
__ CallRuntime(Runtime::kLog, 2);
}
#endif
- __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
- frame_->EmitPush(r0);
+ frame_->EmitPushRoot(Heap::kUndefinedValueRootIndex);
}
void CodeGenerator::GenerateIsNonNegativeSmi(ZoneList<Expression*>* args) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
ASSERT(args->length() == 1);
- LoadAndSpill(args->at(0));
- frame_->EmitPop(r0);
- __ tst(r0, Operand(kSmiTagMask | 0x80000000u));
+ Load(args->at(0));
+ Register reg = frame_->PopToRegister();
+ __ tst(reg, Operand(kSmiTagMask | 0x80000000u));
cc_reg_ = eq;
}
@@ -4106,22 +4100,23 @@ void CodeGenerator::GenerateMathSqrt(ZoneList<Expression*>* args) {
// flatten the string, which will ensure that the answer is in the left hand
// side the next time around.
void CodeGenerator::GenerateFastCharCodeAt(ZoneList<Expression*>* args) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
ASSERT(args->length() == 2);
Comment(masm_, "[ GenerateFastCharCodeAt");
- LoadAndSpill(args->at(0));
- LoadAndSpill(args->at(1));
- frame_->EmitPop(r1); // Index.
- frame_->EmitPop(r2); // String.
+ Load(args->at(0));
+ Load(args->at(1));
+ Register index = frame_->PopToRegister(); // Index.
+ Register string = frame_->PopToRegister(index); // String.
+ Register result = VirtualFrame::scratch0();
+ Register scratch = VirtualFrame::scratch1();
Label slow_case;
Label exit;
StringHelper::GenerateFastCharCodeAt(masm_,
- r2,
- r1,
- r3,
- r0,
+ string,
+ index,
+ scratch,
+ result,
&slow_case,
&slow_case,
&slow_case,
@@ -4131,10 +4126,10 @@ void CodeGenerator::GenerateFastCharCodeAt(ZoneList<Expression*>* args) {
__ bind(&slow_case);
// Move the undefined value into the result register, which will
// trigger the slow case.
- __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
+ __ LoadRoot(result, Heap::kUndefinedValueRootIndex);
__ bind(&exit);
- frame_->EmitPush(r0);
+ frame_->EmitPush(result);
}
@@ -4214,9 +4209,8 @@ void CodeGenerator::GenerateIsObject(ZoneList<Expression*>* args) {
__ ldr(map_reg, FieldMemOperand(r1, HeapObject::kMapOffset));
// Undetectable objects behave like undefined when tested with typeof.
__ ldrb(r1, FieldMemOperand(map_reg, Map::kBitFieldOffset));
- __ and_(r1, r1, Operand(1 << Map::kIsUndetectable));
- __ cmp(r1, Operand(1 << Map::kIsUndetectable));
- false_target()->Branch(eq);
+ __ tst(r1, Operand(1 << Map::kIsUndetectable));
+ false_target()->Branch(ne);
__ ldrb(r1, FieldMemOperand(map_reg, Map::kInstanceTypeOffset));
__ cmp(r1, Operand(FIRST_JS_OBJECT_TYPE));
@@ -4256,48 +4250,52 @@ void CodeGenerator::GenerateIsUndetectableObject(ZoneList<Expression*>* args) {
void CodeGenerator::GenerateIsConstructCall(ZoneList<Expression*>* args) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
ASSERT(args->length() == 0);
+ Register scratch0 = VirtualFrame::scratch0();
+ Register scratch1 = VirtualFrame::scratch1();
// Get the frame pointer for the calling frame.
- __ ldr(r2, MemOperand(fp, StandardFrameConstants::kCallerFPOffset));
+ __ ldr(scratch0, MemOperand(fp, StandardFrameConstants::kCallerFPOffset));
// Skip the arguments adaptor frame if it exists.
- Label check_frame_marker;
- __ ldr(r1, MemOperand(r2, StandardFrameConstants::kContextOffset));
- __ cmp(r1, Operand(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR)));
- __ b(ne, &check_frame_marker);
- __ ldr(r2, MemOperand(r2, StandardFrameConstants::kCallerFPOffset));
+ __ ldr(scratch1,
+ MemOperand(scratch0, StandardFrameConstants::kContextOffset));
+ __ cmp(scratch1, Operand(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR)));
+ __ ldr(scratch0,
+ MemOperand(scratch0, StandardFrameConstants::kCallerFPOffset), eq);
// Check the marker in the calling frame.
- __ bind(&check_frame_marker);
- __ ldr(r1, MemOperand(r2, StandardFrameConstants::kMarkerOffset));
- __ cmp(r1, Operand(Smi::FromInt(StackFrame::CONSTRUCT)));
+ __ ldr(scratch1,
+ MemOperand(scratch0, StandardFrameConstants::kMarkerOffset));
+ __ cmp(scratch1, Operand(Smi::FromInt(StackFrame::CONSTRUCT)));
cc_reg_ = eq;
}
void CodeGenerator::GenerateArgumentsLength(ZoneList<Expression*>* args) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
ASSERT(args->length() == 0);
- Label exit;
-
- // Get the number of formal parameters.
- __ mov(r0, Operand(Smi::FromInt(scope()->num_parameters())));
+ Register tos = frame_->GetTOSRegister();
+ Register scratch0 = VirtualFrame::scratch0();
+ Register scratch1 = VirtualFrame::scratch1();
// Check if the calling frame is an arguments adaptor frame.
- __ ldr(r2, MemOperand(fp, StandardFrameConstants::kCallerFPOffset));
- __ ldr(r3, MemOperand(r2, StandardFrameConstants::kContextOffset));
- __ cmp(r3, Operand(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR)));
- __ b(ne, &exit);
+ __ ldr(scratch0,
+ MemOperand(fp, StandardFrameConstants::kCallerFPOffset));
+ __ ldr(scratch1,
+ MemOperand(scratch0, StandardFrameConstants::kContextOffset));
+ __ cmp(scratch1, Operand(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR)));
+
+ // Get the number of formal parameters.
+ __ mov(tos, Operand(Smi::FromInt(scope()->num_parameters())), LeaveCC, ne);
// Arguments adaptor case: Read the arguments length from the
// adaptor frame.
- __ ldr(r0, MemOperand(r2, ArgumentsAdaptorFrameConstants::kLengthOffset));
+ __ ldr(tos,
+ MemOperand(scratch0, ArgumentsAdaptorFrameConstants::kLengthOffset),
+ eq);
- __ bind(&exit);
- frame_->EmitPush(r0);
+ frame_->EmitPush(tos);
}
@@ -4735,15 +4733,14 @@ void CodeGenerator::GenerateMathCos(ZoneList<Expression*>* args) {
void CodeGenerator::GenerateObjectEquals(ZoneList<Expression*>* args) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
ASSERT(args->length() == 2);
// Load the two objects into registers and perform the comparison.
- LoadAndSpill(args->at(0));
- LoadAndSpill(args->at(1));
- frame_->EmitPop(r0);
- frame_->EmitPop(r1);
- __ cmp(r0, r1);
+ Load(args->at(0));
+ Load(args->at(1));
+ Register lhs = frame_->PopToRegister();
+ Register rhs = frame_->PopToRegister(lhs);
+ __ cmp(lhs, rhs);
cc_reg_ = eq;
}
@@ -5042,6 +5039,7 @@ void CodeGenerator::GenerateLogicalBooleanOperation(BinaryOperation* node) {
// after evaluating the left hand side (due to the shortcut
// semantics), but the compiler must (statically) know if the result
// of compiling the binary operation is materialized or not.
+ VirtualFrame::SpilledScope spilled_scope(frame_);
if (node->op() == Token::AND) {
JumpTarget is_true;
LoadConditionAndSpill(node->left(),
@@ -5053,8 +5051,7 @@ void CodeGenerator::GenerateLogicalBooleanOperation(BinaryOperation* node) {
JumpTarget pop_and_continue;
JumpTarget exit;
- __ ldr(r0, frame_->Top()); // Duplicate the stack top.
- frame_->EmitPush(r0);
+ frame_->Dup();
// Avoid popping the result if it converts to 'false' using the
// standard ToBoolean() conversion as described in ECMA-262,
// section 9.2, page 30.
@@ -5063,7 +5060,7 @@ void CodeGenerator::GenerateLogicalBooleanOperation(BinaryOperation* node) {
// Pop the result of evaluating the first part.
pop_and_continue.Bind();
- frame_->EmitPop(r0);
+ frame_->Pop();
// Evaluate right side expression.
is_true.Bind();
@@ -5100,8 +5097,7 @@ void CodeGenerator::GenerateLogicalBooleanOperation(BinaryOperation* node) {
JumpTarget pop_and_continue;
JumpTarget exit;
- __ ldr(r0, frame_->Top());
- frame_->EmitPush(r0);
+ frame_->Dup();
// Avoid popping the result if it converts to 'true' using the
// standard ToBoolean() conversion as described in ECMA-262,
// section 9.2, page 30.
@@ -5110,7 +5106,7 @@ void CodeGenerator::GenerateLogicalBooleanOperation(BinaryOperation* node) {
// Pop the result of evaluating the first part.
pop_and_continue.Bind();
- frame_->EmitPop(r0);
+ frame_->Pop();
// Evaluate right side expression.
is_false.Bind();
@@ -5145,7 +5141,6 @@ void CodeGenerator::VisitBinaryOperation(BinaryOperation* node) {
Comment cmnt(masm_, "[ BinaryOperation");
if (node->op() == Token::AND || node->op() == Token::OR) {
- VirtualFrame::SpilledScope spilled_scope(frame_);
GenerateLogicalBooleanOperation(node);
} else {
// Optimize for the case where (at least) one of the expressions
@@ -5198,9 +5193,7 @@ void CodeGenerator::VisitThisFunction(ThisFunction* node) {
#ifdef DEBUG
int original_height = frame_->height();
#endif
- VirtualFrame::SpilledScope spilled_scope(frame_);
- __ ldr(r0, frame_->Function());
- frame_->EmitPush(r0);
+ frame_->EmitPush(MemOperand(frame_->Function()));
ASSERT_EQ(original_height + 1, frame_->height());
}
@@ -6386,7 +6379,7 @@ static void EmitSmiNonsmiComparison(MacroAssembler* masm,
ConvertToDoubleStub stub1(r3, r2, r7, r6);
__ Call(stub1.GetCode(), RelocInfo::CODE_TARGET);
// Load rhs to a double in r0, r1.
- __ ldrd(r0, FieldMemOperand(r0, HeapNumber::kValueOffset));
+ __ Ldrd(r0, r1, FieldMemOperand(r0, HeapNumber::kValueOffset));
__ pop(lr);
}
@@ -6421,7 +6414,7 @@ static void EmitSmiNonsmiComparison(MacroAssembler* masm,
} else {
__ push(lr);
// Load lhs to a double in r2, r3.
- __ ldrd(r2, FieldMemOperand(r1, HeapNumber::kValueOffset));
+ __ Ldrd(r2, r3, FieldMemOperand(r1, HeapNumber::kValueOffset));
// Convert rhs to a double in r0, r1.
__ mov(r7, Operand(r0));
ConvertToDoubleStub stub2(r1, r0, r7, r6);
@@ -6585,8 +6578,8 @@ static void EmitCheckForTwoHeapNumbers(MacroAssembler* masm,
__ sub(r7, r1, Operand(kHeapObjectTag));
__ vldr(d7, r7, HeapNumber::kValueOffset);
} else {
- __ ldrd(r2, FieldMemOperand(r1, HeapNumber::kValueOffset));
- __ ldrd(r0, FieldMemOperand(r0, HeapNumber::kValueOffset));
+ __ Ldrd(r2, r3, FieldMemOperand(r1, HeapNumber::kValueOffset));
+ __ Ldrd(r0, r1, FieldMemOperand(r0, HeapNumber::kValueOffset));
}
__ jmp(both_loaded_as_doubles);
}
@@ -6963,7 +6956,7 @@ void GenericBinaryOpStub::HandleBinaryOpSlowCases(
__ vldr(d7, r7, HeapNumber::kValueOffset);
} else {
// Calling convention says that second double is in r2 and r3.
- __ ldrd(r2, FieldMemOperand(r0, HeapNumber::kValueOffset));
+ __ Ldrd(r2, r3, FieldMemOperand(r0, HeapNumber::kValueOffset));
}
__ jmp(&finished_loading_r0);
__ bind(&r0_is_smi);
@@ -7015,7 +7008,7 @@ void GenericBinaryOpStub::HandleBinaryOpSlowCases(
__ vldr(d6, r7, HeapNumber::kValueOffset);
} else {
// Calling convention says that first double is in r0 and r1.
- __ ldrd(r0, FieldMemOperand(r1, HeapNumber::kValueOffset));
+ __ Ldrd(r0, r1, FieldMemOperand(r1, HeapNumber::kValueOffset));
}
__ jmp(&finished_loading_r1);
__ bind(&r1_is_smi);
@@ -7086,7 +7079,7 @@ void GenericBinaryOpStub::HandleBinaryOpSlowCases(
__ stc(p1, cr8, MemOperand(r4, HeapNumber::kValueOffset));
#else
// Double returned in registers 0 and 1.
- __ strd(r0, FieldMemOperand(r5, HeapNumber::kValueOffset));
+ __ Strd(r0, r1, FieldMemOperand(r5, HeapNumber::kValueOffset));
#endif
__ mov(r0, Operand(r5));
// And we are done.
diff --git a/deps/v8/src/arm/full-codegen-arm.cc b/deps/v8/src/arm/full-codegen-arm.cc
index c2f6ea96bd..fecc2137d3 100644
--- a/deps/v8/src/arm/full-codegen-arm.cc
+++ b/deps/v8/src/arm/full-codegen-arm.cc
@@ -64,7 +64,7 @@ void FullCodeGenerator::Generate(CompilationInfo* info, Mode mode) {
if (mode == PRIMARY) {
int locals_count = scope()->num_stack_slots();
- __ stm(db_w, sp, r1.bit() | cp.bit() | fp.bit() | lr.bit());
+ __ Push(lr, fp, cp, r1);
if (locals_count > 0) {
// Load undefined value here, so the value is ready for the loop
// below.
@@ -82,11 +82,17 @@ void FullCodeGenerator::Generate(CompilationInfo* info, Mode mode) {
bool function_in_register = true;
// Possibly allocate a local context.
- if (scope()->num_heap_slots() > 0) {
+ int heap_slots = scope()->num_heap_slots() - Context::MIN_CONTEXT_SLOTS;
+ if (heap_slots > 0) {
Comment cmnt(masm_, "[ Allocate local context");
// Argument to NewContext is the function, which is in r1.
__ push(r1);
- __ CallRuntime(Runtime::kNewContext, 1);
+ if (heap_slots <= FastNewContextStub::kMaximumSlots) {
+ FastNewContextStub stub(heap_slots);
+ __ CallStub(&stub);
+ } else {
+ __ CallRuntime(Runtime::kNewContext, 1);
+ }
function_in_register = false;
// Context is returned in both r0 and cp. It replaces the context
// passed to us. It's saved in the stack and kept live in cp.
@@ -144,6 +150,21 @@ void FullCodeGenerator::Generate(CompilationInfo* info, Mode mode) {
}
}
+ { Comment cmnt(masm_, "[ Declarations");
+ // For named function expressions, declare the function name as a
+ // constant.
+ if (scope()->is_function_scope() && scope()->function() != NULL) {
+ EmitDeclaration(scope()->function(), Variable::CONST, NULL);
+ }
+ // Visit all the explicit declarations unless there is an illegal
+ // redeclaration.
+ if (scope()->HasIllegalRedeclaration()) {
+ scope()->VisitIllegalRedeclaration(this);
+ } else {
+ VisitDeclarations(scope()->declarations());
+ }
+ }
+
// Check the stack for overflow or break request.
// Put the lr setup instruction in the delay slot. The kInstrSize is
// added to the implicit 8 byte offset that always applies to operations
@@ -160,10 +181,6 @@ void FullCodeGenerator::Generate(CompilationInfo* info, Mode mode) {
lo);
}
- { Comment cmnt(masm_, "[ Declarations");
- VisitDeclarations(scope()->declarations());
- }
-
if (FLAG_trace) {
__ CallRuntime(Runtime::kTraceEnter, 0);
}
@@ -384,6 +401,38 @@ void FullCodeGenerator::DropAndApply(int count,
}
}
+void FullCodeGenerator::PrepareTest(Label* materialize_true,
+ Label* materialize_false,
+ Label** if_true,
+ Label** if_false) {
+ switch (context_) {
+ case Expression::kUninitialized:
+ UNREACHABLE();
+ break;
+ case Expression::kEffect:
+ // In an effect context, the true and the false case branch to the
+ // same label.
+ *if_true = *if_false = materialize_true;
+ break;
+ case Expression::kValue:
+ *if_true = materialize_true;
+ *if_false = materialize_false;
+ break;
+ case Expression::kTest:
+ *if_true = true_label_;
+ *if_false = false_label_;
+ break;
+ case Expression::kValueTest:
+ *if_true = materialize_true;
+ *if_false = false_label_;
+ break;
+ case Expression::kTestValue:
+ *if_true = true_label_;
+ *if_false = materialize_false;
+ break;
+ }
+}
+
void FullCodeGenerator::Apply(Expression::Context context,
Label* materialize_true,
@@ -398,19 +447,25 @@ void FullCodeGenerator::Apply(Expression::Context context,
case Expression::kValue: {
Label done;
- __ bind(materialize_true);
- __ LoadRoot(result_register(), Heap::kTrueValueRootIndex);
- __ jmp(&done);
- __ bind(materialize_false);
- __ LoadRoot(result_register(), Heap::kFalseValueRootIndex);
- __ bind(&done);
switch (location_) {
case kAccumulator:
+ __ bind(materialize_true);
+ __ LoadRoot(result_register(), Heap::kTrueValueRootIndex);
+ __ jmp(&done);
+ __ bind(materialize_false);
+ __ LoadRoot(result_register(), Heap::kFalseValueRootIndex);
break;
case kStack:
- __ push(result_register());
+ __ bind(materialize_true);
+ __ LoadRoot(ip, Heap::kTrueValueRootIndex);
+ __ push(ip);
+ __ jmp(&done);
+ __ bind(materialize_false);
+ __ LoadRoot(ip, Heap::kFalseValueRootIndex);
+ __ push(ip);
break;
}
+ __ bind(&done);
break;
}
@@ -419,12 +474,13 @@ void FullCodeGenerator::Apply(Expression::Context context,
case Expression::kValueTest:
__ bind(materialize_true);
- __ LoadRoot(result_register(), Heap::kTrueValueRootIndex);
switch (location_) {
case kAccumulator:
+ __ LoadRoot(result_register(), Heap::kTrueValueRootIndex);
break;
case kStack:
- __ push(result_register());
+ __ LoadRoot(ip, Heap::kTrueValueRootIndex);
+ __ push(ip);
break;
}
__ jmp(true_label_);
@@ -432,12 +488,13 @@ void FullCodeGenerator::Apply(Expression::Context context,
case Expression::kTestValue:
__ bind(materialize_false);
- __ LoadRoot(result_register(), Heap::kFalseValueRootIndex);
switch (location_) {
case kAccumulator:
+ __ LoadRoot(result_register(), Heap::kFalseValueRootIndex);
break;
case kStack:
- __ push(result_register());
+ __ LoadRoot(ip, Heap::kFalseValueRootIndex);
+ __ push(ip);
break;
}
__ jmp(false_label_);
@@ -446,6 +503,68 @@ void FullCodeGenerator::Apply(Expression::Context context,
}
+// Convert constant control flow (true or false) to the result expected for
+// a given expression context.
+void FullCodeGenerator::Apply(Expression::Context context, bool flag) {
+ switch (context) {
+ case Expression::kUninitialized:
+ UNREACHABLE();
+ break;
+ case Expression::kEffect:
+ break;
+ case Expression::kValue: {
+ Heap::RootListIndex value_root_index =
+ flag ? Heap::kTrueValueRootIndex : Heap::kFalseValueRootIndex;
+ switch (location_) {
+ case kAccumulator:
+ __ LoadRoot(result_register(), value_root_index);
+ break;
+ case kStack:
+ __ LoadRoot(ip, value_root_index);
+ __ push(ip);
+ break;
+ }
+ break;
+ }
+ case Expression::kTest:
+ __ b(flag ? true_label_ : false_label_);
+ break;
+ case Expression::kTestValue:
+ switch (location_) {
+ case kAccumulator:
+ // If value is false it's needed.
+ if (!flag) __ LoadRoot(result_register(), Heap::kFalseValueRootIndex);
+ break;
+ case kStack:
+ // If value is false it's needed.
+ if (!flag) {
+ __ LoadRoot(ip, Heap::kFalseValueRootIndex);
+ __ push(ip);
+ }
+ break;
+ }
+ __ b(flag ? true_label_ : false_label_);
+ break;
+ case Expression::kValueTest:
+ switch (location_) {
+ case kAccumulator:
+ // If value is true it's needed.
+ if (flag) __ LoadRoot(result_register(), Heap::kTrueValueRootIndex);
+ break;
+ case kStack:
+ // If value is true it's needed.
+ if (flag) {
+ __ LoadRoot(ip, Heap::kTrueValueRootIndex);
+ __ push(ip);
+ }
+ break;
+ }
+ __ b(flag ? true_label_ : false_label_);
+ break;
+ }
+}
+
+
void FullCodeGenerator::DoTest(Expression::Context context) {
// The value to test is pushed on the stack, and duplicated on the stack
// if necessary (for value/test and test/value contexts).
@@ -551,22 +670,23 @@ void FullCodeGenerator::Move(Slot* dst,
}
-void FullCodeGenerator::VisitDeclaration(Declaration* decl) {
+void FullCodeGenerator::EmitDeclaration(Variable* variable,
+ Variable::Mode mode,
+ FunctionLiteral* function) {
Comment cmnt(masm_, "[ Declaration");
- Variable* var = decl->proxy()->var();
- ASSERT(var != NULL); // Must have been resolved.
- Slot* slot = var->slot();
- Property* prop = var->AsProperty();
+ ASSERT(variable != NULL); // Must have been resolved.
+ Slot* slot = variable->slot();
+ Property* prop = variable->AsProperty();
if (slot != NULL) {
switch (slot->type()) {
case Slot::PARAMETER:
case Slot::LOCAL:
- if (decl->mode() == Variable::CONST) {
+ if (mode == Variable::CONST) {
__ LoadRoot(ip, Heap::kTheHoleValueRootIndex);
__ str(ip, MemOperand(fp, SlotOffset(slot)));
- } else if (decl->fun() != NULL) {
- VisitForValue(decl->fun(), kAccumulator);
+ } else if (function != NULL) {
+ VisitForValue(function, kAccumulator);
__ str(result_register(), MemOperand(fp, SlotOffset(slot)));
}
break;
@@ -576,7 +696,7 @@ void FullCodeGenerator::VisitDeclaration(Declaration* decl) {
// this specific context.
// The variable in the decl always resides in the current context.
- ASSERT_EQ(0, scope()->ContextChainLength(var->scope()));
+ ASSERT_EQ(0, scope()->ContextChainLength(variable->scope()));
if (FLAG_debug_code) {
// Check if we have the correct context pointer.
__ ldr(r1,
@@ -584,12 +704,12 @@ void FullCodeGenerator::VisitDeclaration(Declaration* decl) {
__ cmp(r1, cp);
__ Check(eq, "Unexpected declaration in current context.");
}
- if (decl->mode() == Variable::CONST) {
+ if (mode == Variable::CONST) {
__ LoadRoot(ip, Heap::kTheHoleValueRootIndex);
__ str(ip, CodeGenerator::ContextOperand(cp, slot->index()));
// No write barrier since the_hole_value is in old space.
- } else if (decl->fun() != NULL) {
- VisitForValue(decl->fun(), kAccumulator);
+ } else if (function != NULL) {
+ VisitForValue(function, kAccumulator);
__ str(result_register(),
CodeGenerator::ContextOperand(cp, slot->index()));
int offset = Context::SlotOffset(slot->index());
@@ -601,27 +721,27 @@ void FullCodeGenerator::VisitDeclaration(Declaration* decl) {
break;
case Slot::LOOKUP: {
- __ mov(r2, Operand(var->name()));
+ __ mov(r2, Operand(variable->name()));
// Declaration nodes are always introduced in one of two modes.
- ASSERT(decl->mode() == Variable::VAR ||
- decl->mode() == Variable::CONST);
+ ASSERT(mode == Variable::VAR ||
+ mode == Variable::CONST);
PropertyAttributes attr =
- (decl->mode() == Variable::VAR) ? NONE : READ_ONLY;
+ (mode == Variable::VAR) ? NONE : READ_ONLY;
__ mov(r1, Operand(Smi::FromInt(attr)));
// Push initial value, if any.
// Note: For variables we must not push an initial value (such as
// 'undefined') because we may have a (legal) redeclaration and we
// must not destroy the current value.
- if (decl->mode() == Variable::CONST) {
+ if (mode == Variable::CONST) {
__ LoadRoot(r0, Heap::kTheHoleValueRootIndex);
- __ stm(db_w, sp, cp.bit() | r2.bit() | r1.bit() | r0.bit());
- } else if (decl->fun() != NULL) {
- __ stm(db_w, sp, cp.bit() | r2.bit() | r1.bit());
+ __ Push(cp, r2, r1, r0);
+ } else if (function != NULL) {
+ __ Push(cp, r2, r1);
// Push initial value for function declaration.
- VisitForValue(decl->fun(), kStack);
+ VisitForValue(function, kStack);
} else {
__ mov(r0, Operand(Smi::FromInt(0))); // No initial value!
- __ stm(db_w, sp, cp.bit() | r2.bit() | r1.bit() | r0.bit());
+ __ Push(cp, r2, r1, r0);
}
__ CallRuntime(Runtime::kDeclareContextSlot, 4);
break;
@@ -629,47 +749,259 @@ void FullCodeGenerator::VisitDeclaration(Declaration* decl) {
}
} else if (prop != NULL) {
- if (decl->fun() != NULL || decl->mode() == Variable::CONST) {
+ if (function != NULL || mode == Variable::CONST) {
// We are declaring a function or constant that rewrites to a
// property. Use (keyed) IC to set the initial value.
VisitForValue(prop->obj(), kStack);
- VisitForValue(prop->key(), kStack);
-
- if (decl->fun() != NULL) {
- VisitForValue(decl->fun(), kAccumulator);
+ if (function != NULL) {
+ VisitForValue(prop->key(), kStack);
+ VisitForValue(function, kAccumulator);
+ __ pop(r1); // Key.
} else {
+ VisitForValue(prop->key(), kAccumulator);
+ __ mov(r1, result_register()); // Key.
__ LoadRoot(result_register(), Heap::kTheHoleValueRootIndex);
}
+ __ pop(r2); // Receiver.
Handle<Code> ic(Builtins::builtin(Builtins::KeyedStoreIC_Initialize));
- __ pop(r1); // Key.
- __ pop(r2); // Receiver.
__ Call(ic, RelocInfo::CODE_TARGET);
-
// Value in r0 is ignored (declarations are statements).
}
}
}
+void FullCodeGenerator::VisitDeclaration(Declaration* decl) {
+ EmitDeclaration(decl->proxy()->var(), decl->mode(), decl->fun());
+}
+
+
void FullCodeGenerator::DeclareGlobals(Handle<FixedArray> pairs) {
// Call the runtime to declare the globals.
// The context is the first argument.
__ mov(r1, Operand(pairs));
__ mov(r0, Operand(Smi::FromInt(is_eval() ? 1 : 0)));
- __ stm(db_w, sp, cp.bit() | r1.bit() | r0.bit());
+ __ Push(cp, r1, r0);
__ CallRuntime(Runtime::kDeclareGlobals, 3);
// Return value is ignored.
}
void FullCodeGenerator::VisitSwitchStatement(SwitchStatement* stmt) {
- UNREACHABLE();
+ Comment cmnt(masm_, "[ SwitchStatement");
+ Breakable nested_statement(this, stmt);
+ SetStatementPosition(stmt);
+ // Keep the switch value on the stack until a case matches.
+ VisitForValue(stmt->tag(), kStack);
+
+ ZoneList<CaseClause*>* clauses = stmt->cases();
+ CaseClause* default_clause = NULL; // Can occur anywhere in the list.
+
+ Label next_test; // Recycled for each test.
+ // Compile all the tests with branches to their bodies.
+ for (int i = 0; i < clauses->length(); i++) {
+ CaseClause* clause = clauses->at(i);
+ // The default is not a test, but remember it as final fall through.
+ if (clause->is_default()) {
+ default_clause = clause;
+ continue;
+ }
+
+ Comment cmnt(masm_, "[ Case comparison");
+ __ bind(&next_test);
+ next_test.Unuse();
+
+ // Compile the label expression.
+ VisitForValue(clause->label(), kAccumulator);
+
+ // Perform the comparison as if via '==='. The comparison stub expects
+ // the smi vs. smi case to be handled before it is called.
+ Label slow_case;
+ __ ldr(r1, MemOperand(sp, 0)); // Switch value.
+ __ mov(r2, r1);
+ __ orr(r2, r2, r0);
+ __ tst(r2, Operand(kSmiTagMask));
+ __ b(ne, &slow_case);
+ __ cmp(r1, r0);
+ __ b(ne, &next_test);
+ __ Drop(1); // Switch value is no longer needed.
+ __ b(clause->body_target()->entry_label());
+
+ __ bind(&slow_case);
+ CompareStub stub(eq, true);
+ __ CallStub(&stub);
+ __ tst(r0, r0);
+ __ b(ne, &next_test);
+ __ Drop(1); // Switch value is no longer needed.
+ __ b(clause->body_target()->entry_label());
+ }
+
+ // Discard the test value and jump to the default if present, otherwise to
+ // the end of the statement.
+ __ bind(&next_test);
+ __ Drop(1); // Switch value is no longer needed.
+ if (default_clause == NULL) {
+ __ b(nested_statement.break_target());
+ } else {
+ __ b(default_clause->body_target()->entry_label());
+ }
+
+ // Compile all the case bodies.
+ for (int i = 0; i < clauses->length(); i++) {
+ Comment cmnt(masm_, "[ Case body");
+ CaseClause* clause = clauses->at(i);
+ __ bind(clause->body_target()->entry_label());
+ VisitStatements(clause->statements());
+ }
+
+ __ bind(nested_statement.break_target());
}
void FullCodeGenerator::VisitForInStatement(ForInStatement* stmt) {
- UNREACHABLE();
+ Comment cmnt(masm_, "[ ForInStatement");
+ SetStatementPosition(stmt);
+
+ Label loop, exit;
+ ForIn loop_statement(this, stmt);
+ increment_loop_depth();
+
+ // Get the object to enumerate over. Both SpiderMonkey and JSC
+ // ignore null and undefined in contrast to the specification; see
+ // ECMA-262 section 12.6.4.
+ VisitForValue(stmt->enumerable(), kAccumulator);
+ __ LoadRoot(ip, Heap::kUndefinedValueRootIndex);
+ __ cmp(r0, ip);
+ __ b(eq, &exit);
+ __ LoadRoot(ip, Heap::kNullValueRootIndex);
+ __ cmp(r0, ip);
+ __ b(eq, &exit);
+
+ // Convert the object to a JS object.
+ Label convert, done_convert;
+ __ BranchOnSmi(r0, &convert);
+ __ CompareObjectType(r0, r1, r1, FIRST_JS_OBJECT_TYPE);
+ __ b(hs, &done_convert);
+ __ bind(&convert);
+ __ push(r0);
+ __ InvokeBuiltin(Builtins::TO_OBJECT, CALL_JS);
+ __ bind(&done_convert);
+ __ push(r0);
+
+ // TODO(kasperl): Check cache validity in generated code. This is a
+ // fast case for the JSObject::IsSimpleEnum cache validity
+ // checks. If we cannot guarantee cache validity, call the runtime
+ // system to check cache validity or get the property names in a
+ // fixed array.
+
+ // Get the set of properties to enumerate.
+ __ push(r0); // Duplicate the enumerable object on the stack.
+ __ CallRuntime(Runtime::kGetPropertyNamesFast, 1);
+
+ // If we got a map from the runtime call, we can do a fast
+ // modification check. Otherwise, we got a fixed array, and we have
+ // to do a slow check.
+ Label fixed_array;
+ __ mov(r2, r0);
+ __ ldr(r1, FieldMemOperand(r2, HeapObject::kMapOffset));
+ __ LoadRoot(ip, Heap::kMetaMapRootIndex);
+ __ cmp(r1, ip);
+ __ b(ne, &fixed_array);
+
+ // We got a map in register r0. Get the enumeration cache from it.
+ __ ldr(r1, FieldMemOperand(r0, Map::kInstanceDescriptorsOffset));
+ __ ldr(r1, FieldMemOperand(r1, DescriptorArray::kEnumerationIndexOffset));
+ __ ldr(r2, FieldMemOperand(r1, DescriptorArray::kEnumCacheBridgeCacheOffset));
+
+ // Setup the four remaining stack slots.
+ __ push(r0); // Map.
+ __ ldr(r1, FieldMemOperand(r2, FixedArray::kLengthOffset));
+ __ mov(r1, Operand(r1, LSL, kSmiTagSize));
+ __ mov(r0, Operand(Smi::FromInt(0)));
+ // Push enumeration cache, enumeration cache length (as smi) and zero.
+ __ Push(r2, r1, r0);
+ __ jmp(&loop);
+
+ // We got a fixed array in register r0. Iterate through that.
+ __ bind(&fixed_array);
+ __ mov(r1, Operand(Smi::FromInt(0))); // Map (0) - force slow check.
+ __ Push(r1, r0);
+ __ ldr(r1, FieldMemOperand(r0, FixedArray::kLengthOffset));
+ __ mov(r1, Operand(r1, LSL, kSmiTagSize));
+ __ mov(r0, Operand(Smi::FromInt(0)));
+ __ Push(r1, r0); // Fixed array length (as smi) and initial index.
+
+ // Generate code for doing the condition check.
+ __ bind(&loop);
+ // Load the current count to r0, load the length to r1.
+ __ Ldrd(r0, r1, MemOperand(sp, 0 * kPointerSize));
+ __ cmp(r0, r1); // Compare to the array length.
+ __ b(hs, loop_statement.break_target());
+
+ // Get the current entry of the array into register r3.
+ __ ldr(r2, MemOperand(sp, 2 * kPointerSize));
+ __ add(r2, r2, Operand(FixedArray::kHeaderSize - kHeapObjectTag));
+ __ ldr(r3, MemOperand(r2, r0, LSL, kPointerSizeLog2 - kSmiTagSize));
+
+ // Get the expected map from the stack or a zero map in the
+ // permanent slow case into register r2.
+ __ ldr(r2, MemOperand(sp, 3 * kPointerSize));
+
+ // Check if the expected map still matches that of the enumerable.
+ // If not, we have to filter the key.
+ Label update_each;
+ __ ldr(r1, MemOperand(sp, 4 * kPointerSize));
+ __ ldr(r4, FieldMemOperand(r1, HeapObject::kMapOffset));
+ __ cmp(r4, Operand(r2));
+ __ b(eq, &update_each);
+
+ // Convert the entry to a string or null if it isn't a property
+ // anymore. If the property has been removed while iterating, we
+ // just skip it.
+ __ push(r1); // Enumerable.
+ __ push(r3); // Current entry.
+ __ InvokeBuiltin(Builtins::FILTER_KEY, CALL_JS);
+ __ mov(r3, Operand(r0));
+ __ LoadRoot(ip, Heap::kNullValueRootIndex);
+ __ cmp(r3, ip);
+ __ b(eq, loop_statement.continue_target());
+
+ // Update the 'each' property or variable from the possibly filtered
+ // entry in register r3.
+ __ bind(&update_each);
+ __ mov(result_register(), r3);
+ // Perform the assignment as if via '='.
+ EmitAssignment(stmt->each());
+
+ // Generate code for the body of the loop.
+ Label stack_limit_hit, stack_check_done;
+ Visit(stmt->body());
+
+ __ StackLimitCheck(&stack_limit_hit);
+ __ bind(&stack_check_done);
+
+ // Generate code for the going to the next element by incrementing
+ // the index (smi) stored on top of the stack.
+ __ bind(loop_statement.continue_target());
+ __ pop(r0);
+ __ add(r0, r0, Operand(Smi::FromInt(1)));
+ __ push(r0);
+ __ b(&loop);
+
+ // Slow case for the stack limit check.
+ StackCheckStub stack_check_stub;
+ __ bind(&stack_limit_hit);
+ __ CallStub(&stack_check_stub);
+ __ b(&stack_check_done);
+
+ // Remove the pointers stored on the stack.
+ __ bind(loop_statement.break_target());
+ __ Drop(5);
+
+ // Exit and decrement the loop depth.
+ __ bind(&exit);
+ decrement_loop_depth();
}
@@ -683,7 +1015,7 @@ void FullCodeGenerator::EmitNewClosure(Handle<SharedFunctionInfo> info) {
__ CallStub(&stub);
} else {
__ mov(r0, Operand(info));
- __ stm(db_w, sp, cp.bit() | r0.bit());
+ __ Push(cp, r0);
__ CallRuntime(Runtime::kNewClosure, 2);
}
Apply(context_, r0);
@@ -717,7 +1049,7 @@ void FullCodeGenerator::EmitVariableLoad(Variable* var,
} else if (slot != NULL && slot->type() == Slot::LOOKUP) {
Comment cmnt(masm_, "Lookup slot");
__ mov(r1, Operand(var->name()));
- __ stm(db_w, sp, cp.bit() | r1.bit()); // Context and name.
+ __ Push(cp, r1); // Context and name.
__ CallRuntime(Runtime::kLoadContextSlot, 2);
Apply(context, r0);
@@ -725,8 +1057,21 @@ void FullCodeGenerator::EmitVariableLoad(Variable* var,
Comment cmnt(masm_, (slot->type() == Slot::CONTEXT)
? "Context slot"
: "Stack slot");
- Apply(context, slot);
-
+ if (var->mode() == Variable::CONST) {
+ // Constants may be the hole value if they have not been initialized.
+ // Unhole them.
+ Label done;
+ MemOperand slot_operand = EmitSlotSearch(slot, r0);
+ __ ldr(r0, slot_operand);
+ __ LoadRoot(ip, Heap::kTheHoleValueRootIndex);
+ __ cmp(r0, ip);
+ __ b(ne, &done);
+ __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
+ __ bind(&done);
+ Apply(context, r0);
+ } else {
+ Apply(context, slot);
+ }
} else {
Comment cmnt(masm_, "Rewritten parameter");
ASSERT_NOT_NULL(property);
@@ -862,6 +1207,10 @@ void FullCodeGenerator::VisitObjectLiteral(ObjectLiteral* expr) {
void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) {
Comment cmnt(masm_, "[ ArrayLiteral");
+
+ ZoneList<Expression*>* subexprs = expr->values();
+ int length = subexprs->length();
+
__ ldr(r3, MemOperand(fp, JavaScriptFrameConstants::kFunctionOffset));
__ ldr(r3, FieldMemOperand(r3, JSFunction::kLiteralsOffset));
__ mov(r2, Operand(Smi::FromInt(expr->literal_index())));
@@ -869,16 +1218,18 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) {
__ Push(r3, r2, r1);
if (expr->depth() > 1) {
__ CallRuntime(Runtime::kCreateArrayLiteral, 3);
- } else {
+ } else if (length > FastCloneShallowArrayStub::kMaximumLength) {
__ CallRuntime(Runtime::kCreateArrayLiteralShallow, 3);
+ } else {
+ FastCloneShallowArrayStub stub(length);
+ __ CallStub(&stub);
}
bool result_saved = false; // Is the result saved to the stack?
// Emit code to evaluate all the non-constant subexpressions and to store
// them into the newly cloned array.
- ZoneList<Expression*>* subexprs = expr->values();
- for (int i = 0, len = subexprs->length(); i < len; i++) {
+ for (int i = 0; i < length; i++) {
Expression* subexpr = subexprs->at(i);
// If the subexpression is a literal or a simple materialized literal it
// is already set in the cloned array.
@@ -1041,6 +1392,56 @@ void FullCodeGenerator::EmitBinaryOp(Token::Value op,
}
+void FullCodeGenerator::EmitAssignment(Expression* expr) {
+ // Invalid left-hand sides are rewritten to have a 'throw
+ // ReferenceError' on the left-hand side.
+ if (!expr->IsValidLeftHandSide()) {
+ VisitForEffect(expr);
+ return;
+ }
+
+ // Left-hand side can only be a property, a global or a (parameter or local)
+ // slot. Variables with rewrite to .arguments are treated as KEYED_PROPERTY.
+ enum LhsKind { VARIABLE, NAMED_PROPERTY, KEYED_PROPERTY };
+ LhsKind assign_type = VARIABLE;
+ Property* prop = expr->AsProperty();
+ if (prop != NULL) {
+ assign_type = (prop->key()->IsPropertyName())
+ ? NAMED_PROPERTY
+ : KEYED_PROPERTY;
+ }
+
+ switch (assign_type) {
+ case VARIABLE: {
+ Variable* var = expr->AsVariableProxy()->var();
+ EmitVariableAssignment(var, Token::ASSIGN, Expression::kEffect);
+ break;
+ }
+ case NAMED_PROPERTY: {
+ __ push(r0); // Preserve value.
+ VisitForValue(prop->obj(), kAccumulator);
+ __ mov(r1, r0);
+ __ pop(r0); // Restore value.
+ __ mov(r2, Operand(prop->key()->AsLiteral()->handle()));
+ Handle<Code> ic(Builtins::builtin(Builtins::StoreIC_Initialize));
+ __ Call(ic, RelocInfo::CODE_TARGET);
+ break;
+ }
+ case KEYED_PROPERTY: {
+ __ push(r0); // Preserve value.
+ VisitForValue(prop->obj(), kStack);
+ VisitForValue(prop->key(), kAccumulator);
+ __ mov(r1, r0);
+ __ pop(r2);
+ __ pop(r0); // Restore value.
+ Handle<Code> ic(Builtins::builtin(Builtins::KeyedStoreIC_Initialize));
+ __ Call(ic, RelocInfo::CODE_TARGET);
+ break;
+ }
+ }
+}
+
+
void FullCodeGenerator::EmitVariableAssignment(Variable* var,
Token::Value op,
Expression::Context context) {
@@ -1082,9 +1483,9 @@ void FullCodeGenerator::EmitVariableAssignment(Variable* var,
MemOperand target = EmitSlotSearch(slot, r1);
if (op == Token::INIT_CONST) {
// Detect const reinitialization by checking for the hole value.
- __ ldr(r1, target);
+ __ ldr(r2, target);
__ LoadRoot(ip, Heap::kTheHoleValueRootIndex);
- __ cmp(r1, ip);
+ __ cmp(r2, ip);
__ b(ne, &done);
}
// Perform the assignment and issue the write barrier.
@@ -1256,7 +1657,8 @@ void FullCodeGenerator::EmitCallWithStub(Call* expr) {
}
// Record source position for debugger.
SetSourcePosition(expr->position());
- CallFunctionStub stub(arg_count, NOT_IN_LOOP, RECEIVER_MIGHT_BE_VALUE);
+ InLoopFlag in_loop = (loop_depth() > 0) ? IN_LOOP : NOT_IN_LOOP;
+ CallFunctionStub stub(arg_count, in_loop, RECEIVER_MIGHT_BE_VALUE);
__ CallStub(&stub);
// Restore context register.
__ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
@@ -1270,8 +1672,51 @@ void FullCodeGenerator::VisitCall(Call* expr) {
Variable* var = fun->AsVariableProxy()->AsVariable();
if (var != NULL && var->is_possibly_eval()) {
- // Call to the identifier 'eval'.
- UNREACHABLE();
+ // In a call to eval, we first call %ResolvePossiblyDirectEval to
+ // resolve the function we need to call and the receiver of the
+ // call. Then we call the resolved function using the given
+ // arguments.
+ VisitForValue(fun, kStack);
+ __ LoadRoot(r2, Heap::kUndefinedValueRootIndex);
+ __ push(r2); // Reserved receiver slot.
+
+ // Push the arguments.
+ ZoneList<Expression*>* args = expr->arguments();
+ int arg_count = args->length();
+ for (int i = 0; i < arg_count; i++) {
+ VisitForValue(args->at(i), kStack);
+ }
+
+ // Push copy of the function - found below the arguments.
+ __ ldr(r1, MemOperand(sp, (arg_count + 1) * kPointerSize));
+ __ push(r1);
+
+ // Push copy of the first argument or undefined if it doesn't exist.
+ if (arg_count > 0) {
+ __ ldr(r1, MemOperand(sp, arg_count * kPointerSize));
+ __ push(r1);
+ } else {
+ __ push(r2);
+ }
+
+ // Push the receiver of the enclosing function and do runtime call.
+ __ ldr(r1, MemOperand(fp, (2 + scope()->num_parameters()) * kPointerSize));
+ __ push(r1);
+ __ CallRuntime(Runtime::kResolvePossiblyDirectEval, 3);
+
+ // The runtime call returns a pair of values in r0 (function) and
+ // r1 (receiver). Touch up the stack with the right values.
+ __ str(r0, MemOperand(sp, (arg_count + 1) * kPointerSize));
+ __ str(r1, MemOperand(sp, arg_count * kPointerSize));
+
+ // Record source position for debugger.
+ SetSourcePosition(expr->position());
+ InLoopFlag in_loop = (loop_depth() > 0) ? IN_LOOP : NOT_IN_LOOP;
+ CallFunctionStub stub(arg_count, in_loop, RECEIVER_MIGHT_BE_VALUE);
+ __ CallStub(&stub);
+ // Restore context register.
+ __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+ DropAndApply(1, context_, r0);
} else if (var != NULL && !var->is_this() && var->is_global()) {
// Push global object as receiver for the call IC.
__ ldr(r0, CodeGenerator::GlobalObject());
@@ -1279,8 +1724,16 @@ void FullCodeGenerator::VisitCall(Call* expr) {
EmitCallWithIC(expr, var->name(), RelocInfo::CODE_TARGET_CONTEXT);
} else if (var != NULL && var->slot() != NULL &&
var->slot()->type() == Slot::LOOKUP) {
- // Call to a lookup slot.
- UNREACHABLE();
+ // Call to a lookup slot (dynamically introduced variable). Call the
+ // runtime to find the function to call (returned in eax) and the object
+ // holding it (returned in edx).
+ __ push(context_register());
+ __ mov(r2, Operand(var->name()));
+ __ push(r2);
+ __ CallRuntime(Runtime::kLoadContextSlot, 2);
+ __ push(r0); // Function.
+ __ push(r1); // Receiver.
+ EmitCallWithStub(expr);
} else if (fun->AsProperty() != NULL) {
// Call to an object property.
Property* prop = fun->AsProperty();
@@ -1376,7 +1829,720 @@ void FullCodeGenerator::VisitCallNew(CallNew* expr) {
}
+void FullCodeGenerator::EmitInlineRuntimeCall(CallRuntime* expr) {
+ Handle<String> name = expr->name();
+ if (strcmp("_IsSmi", *name->ToCString()) == 0) {
+ EmitIsSmi(expr->arguments());
+ } else if (strcmp("_IsNonNegativeSmi", *name->ToCString()) == 0) {
+ EmitIsNonNegativeSmi(expr->arguments());
+ } else if (strcmp("_IsObject", *name->ToCString()) == 0) {
+ EmitIsObject(expr->arguments());
+ } else if (strcmp("_IsUndetectableObject", *name->ToCString()) == 0) {
+ EmitIsUndetectableObject(expr->arguments());
+ } else if (strcmp("_IsFunction", *name->ToCString()) == 0) {
+ EmitIsFunction(expr->arguments());
+ } else if (strcmp("_IsArray", *name->ToCString()) == 0) {
+ EmitIsArray(expr->arguments());
+ } else if (strcmp("_IsRegExp", *name->ToCString()) == 0) {
+ EmitIsRegExp(expr->arguments());
+ } else if (strcmp("_IsConstructCall", *name->ToCString()) == 0) {
+ EmitIsConstructCall(expr->arguments());
+ } else if (strcmp("_ObjectEquals", *name->ToCString()) == 0) {
+ EmitObjectEquals(expr->arguments());
+ } else if (strcmp("_Arguments", *name->ToCString()) == 0) {
+ EmitArguments(expr->arguments());
+ } else if (strcmp("_ArgumentsLength", *name->ToCString()) == 0) {
+ EmitArgumentsLength(expr->arguments());
+ } else if (strcmp("_ClassOf", *name->ToCString()) == 0) {
+ EmitClassOf(expr->arguments());
+ } else if (strcmp("_Log", *name->ToCString()) == 0) {
+ EmitLog(expr->arguments());
+ } else if (strcmp("_RandomHeapNumber", *name->ToCString()) == 0) {
+ EmitRandomHeapNumber(expr->arguments());
+ } else if (strcmp("_SubString", *name->ToCString()) == 0) {
+ EmitSubString(expr->arguments());
+ } else if (strcmp("_RegExpExec", *name->ToCString()) == 0) {
+ EmitRegExpExec(expr->arguments());
+ } else if (strcmp("_ValueOf", *name->ToCString()) == 0) {
+ EmitValueOf(expr->arguments());
+ } else if (strcmp("_SetValueOf", *name->ToCString()) == 0) {
+ EmitSetValueOf(expr->arguments());
+ } else if (strcmp("_NumberToString", *name->ToCString()) == 0) {
+ EmitNumberToString(expr->arguments());
+ } else if (strcmp("_CharFromCode", *name->ToCString()) == 0) {
+ EmitCharFromCode(expr->arguments());
+ } else if (strcmp("_FastCharCodeAt", *name->ToCString()) == 0) {
+ EmitFastCharCodeAt(expr->arguments());
+ } else if (strcmp("_StringAdd", *name->ToCString()) == 0) {
+ EmitStringAdd(expr->arguments());
+ } else if (strcmp("_StringCompare", *name->ToCString()) == 0) {
+ EmitStringCompare(expr->arguments());
+ } else if (strcmp("_MathPow", *name->ToCString()) == 0) {
+ EmitMathPow(expr->arguments());
+ } else if (strcmp("_MathSin", *name->ToCString()) == 0) {
+ EmitMathSin(expr->arguments());
+ } else if (strcmp("_MathCos", *name->ToCString()) == 0) {
+ EmitMathCos(expr->arguments());
+ } else if (strcmp("_MathSqrt", *name->ToCString()) == 0) {
+ EmitMathSqrt(expr->arguments());
+ } else if (strcmp("_CallFunction", *name->ToCString()) == 0) {
+ EmitCallFunction(expr->arguments());
+ } else if (strcmp("_RegExpConstructResult", *name->ToCString()) == 0) {
+ EmitRegExpConstructResult(expr->arguments());
+ } else if (strcmp("_SwapElements", *name->ToCString()) == 0) {
+ EmitSwapElements(expr->arguments());
+ } else if (strcmp("_GetFromCache", *name->ToCString()) == 0) {
+ EmitGetFromCache(expr->arguments());
+ } else {
+ UNREACHABLE();
+ }
+}
+
+
+void FullCodeGenerator::EmitIsSmi(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ __ BranchOnSmi(r0, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitIsNonNegativeSmi(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ __ tst(r0, Operand(kSmiTagMask | 0x80000000));
+ __ b(eq, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitIsObject(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+ __ BranchOnSmi(r0, if_false);
+ __ LoadRoot(ip, Heap::kNullValueRootIndex);
+ __ cmp(r0, ip);
+ __ b(eq, if_true);
+ __ ldr(r2, FieldMemOperand(r0, HeapObject::kMapOffset));
+ // Undetectable objects behave like undefined when tested with typeof.
+ __ ldrb(r1, FieldMemOperand(r2, Map::kBitFieldOffset));
+ __ tst(r1, Operand(1 << Map::kIsUndetectable));
+ __ b(ne, if_false);
+ __ ldrb(r1, FieldMemOperand(r2, Map::kInstanceTypeOffset));
+ __ cmp(r1, Operand(FIRST_JS_OBJECT_TYPE));
+ __ b(lt, if_false);
+ __ cmp(r1, Operand(LAST_JS_OBJECT_TYPE));
+ __ b(le, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitIsUndetectableObject(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ __ BranchOnSmi(r0, if_false);
+ __ ldr(r1, FieldMemOperand(r0, HeapObject::kMapOffset));
+ __ ldrb(r1, FieldMemOperand(r1, Map::kBitFieldOffset));
+ __ tst(r1, Operand(1 << Map::kIsUndetectable));
+ __ b(ne, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitIsFunction(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ __ BranchOnSmi(r0, if_false);
+ __ CompareObjectType(r0, r1, r1, JS_FUNCTION_TYPE);
+ __ b(eq, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitIsArray(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ __ BranchOnSmi(r0, if_false);
+ __ CompareObjectType(r0, r1, r1, JS_ARRAY_TYPE);
+ __ b(eq, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitIsRegExp(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ __ BranchOnSmi(r0, if_false);
+ __ CompareObjectType(r0, r1, r1, JS_REGEXP_TYPE);
+ __ b(eq, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+
+void FullCodeGenerator::EmitIsConstructCall(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 0);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ // Get the frame pointer for the calling frame.
+ __ ldr(r2, MemOperand(fp, StandardFrameConstants::kCallerFPOffset));
+
+ // Skip the arguments adaptor frame if it exists.
+ Label check_frame_marker;
+ __ ldr(r1, MemOperand(r2, StandardFrameConstants::kContextOffset));
+ __ cmp(r1, Operand(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR)));
+ __ b(ne, &check_frame_marker);
+ __ ldr(r2, MemOperand(r2, StandardFrameConstants::kCallerFPOffset));
+
+ // Check the marker in the calling frame.
+ __ bind(&check_frame_marker);
+ __ ldr(r1, MemOperand(r2, StandardFrameConstants::kMarkerOffset));
+ __ cmp(r1, Operand(Smi::FromInt(StackFrame::CONSTRUCT)));
+ __ b(eq, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitObjectEquals(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 2);
+
+ // Load the two objects into registers and perform the comparison.
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kAccumulator);
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
+
+ __ pop(r1);
+ __ cmp(r0, r1);
+ __ b(eq, if_true);
+ __ b(if_false);
+
+ Apply(context_, if_true, if_false);
+}
+
+
+void FullCodeGenerator::EmitArguments(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ // ArgumentsAccessStub expects the key in edx and the formal
+ // parameter count in eax.
+ VisitForValue(args->at(0), kAccumulator);
+ __ mov(r1, r0);
+ __ mov(r0, Operand(Smi::FromInt(scope()->num_parameters())));
+ ArgumentsAccessStub stub(ArgumentsAccessStub::READ_ELEMENT);
+ __ CallStub(&stub);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitArgumentsLength(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 0);
+
+ Label exit;
+ // Get the number of formal parameters.
+ __ mov(r0, Operand(Smi::FromInt(scope()->num_parameters())));
+
+ // Check if the calling frame is an arguments adaptor frame.
+ __ ldr(r2, MemOperand(fp, StandardFrameConstants::kCallerFPOffset));
+ __ ldr(r3, MemOperand(r2, StandardFrameConstants::kContextOffset));
+ __ cmp(r3, Operand(Smi::FromInt(StackFrame::ARGUMENTS_ADAPTOR)));
+ __ b(ne, &exit);
+
+ // Arguments adaptor case: Read the arguments length from the
+ // adaptor frame.
+ __ ldr(r0, MemOperand(r2, ArgumentsAdaptorFrameConstants::kLengthOffset));
+
+ __ bind(&exit);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitClassOf(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+ Label done, null, function, non_function_constructor;
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ // If the object is a smi, we return null.
+ __ BranchOnSmi(r0, &null);
+
+ // Check that the object is a JS object but take special care of JS
+ // functions to make sure they have 'Function' as their class.
+ __ CompareObjectType(r0, r0, r1, FIRST_JS_OBJECT_TYPE); // Map is now in r0.
+ __ b(lt, &null);
+
+ // As long as JS_FUNCTION_TYPE is the last instance type and it is
+ // right after LAST_JS_OBJECT_TYPE, we can avoid checking for
+ // LAST_JS_OBJECT_TYPE.
+ ASSERT(LAST_TYPE == JS_FUNCTION_TYPE);
+ ASSERT(JS_FUNCTION_TYPE == LAST_JS_OBJECT_TYPE + 1);
+ __ cmp(r1, Operand(JS_FUNCTION_TYPE));
+ __ b(eq, &function);
+
+ // Check if the constructor in the map is a function.
+ __ ldr(r0, FieldMemOperand(r0, Map::kConstructorOffset));
+ __ CompareObjectType(r0, r1, r1, JS_FUNCTION_TYPE);
+ __ b(ne, &non_function_constructor);
+
+ // r0 now contains the constructor function. Grab the
+ // instance class name from there.
+ __ ldr(r0, FieldMemOperand(r0, JSFunction::kSharedFunctionInfoOffset));
+ __ ldr(r0, FieldMemOperand(r0, SharedFunctionInfo::kInstanceClassNameOffset));
+ __ b(&done);
+
+ // Functions have class 'Function'.
+ __ bind(&function);
+ __ LoadRoot(r0, Heap::kfunction_class_symbolRootIndex);
+ __ jmp(&done);
+
+ // Objects with a non-function constructor have class 'Object'.
+ __ bind(&non_function_constructor);
+ __ LoadRoot(r0, Heap::kfunction_class_symbolRootIndex);
+ __ jmp(&done);
+
+ // Non-JS objects have class null.
+ __ bind(&null);
+ __ LoadRoot(r0, Heap::kNullValueRootIndex);
+
+ // All done.
+ __ bind(&done);
+
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitLog(ZoneList<Expression*>* args) {
+ // Conditionally generate a log call.
+ // Args:
+ // 0 (literal string): The type of logging (corresponds to the flags).
+ // This is used to determine whether or not to generate the log call.
+ // 1 (string): Format string. Access the string at argument index 2
+ // with '%2s' (see Logger::LogRuntime for all the formats).
+ // 2 (array): Arguments to the format string.
+ ASSERT_EQ(args->length(), 3);
+#ifdef ENABLE_LOGGING_AND_PROFILING
+ if (CodeGenerator::ShouldGenerateLog(args->at(0))) {
+ VisitForValue(args->at(1), kStack);
+ VisitForValue(args->at(2), kStack);
+ __ CallRuntime(Runtime::kLog, 2);
+ }
+#endif
+ // Finally, we're expected to leave a value on the top of the stack.
+ __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitRandomHeapNumber(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 0);
+
+ Label slow_allocate_heapnumber;
+ Label heapnumber_allocated;
+
+ __ AllocateHeapNumber(r4, r1, r2, &slow_allocate_heapnumber);
+ __ jmp(&heapnumber_allocated);
+
+ __ bind(&slow_allocate_heapnumber);
+ // To allocate a heap number, and ensure that it is not a smi, we
+ // call the runtime function FUnaryMinus on 0, returning the double
+ // -0.0. A new, distinct heap number is returned each time.
+ __ mov(r0, Operand(Smi::FromInt(0)));
+ __ push(r0);
+ __ CallRuntime(Runtime::kNumberUnaryMinus, 1);
+ __ mov(r4, Operand(r0));
+
+ __ bind(&heapnumber_allocated);
+
+ // Convert 32 random bits in r0 to 0.(32 random bits) in a double
+ // by computing:
+ // ( 1.(20 0s)(32 random bits) x 2^20 ) - (1.0 x 2^20)).
+ if (CpuFeatures::IsSupported(VFP3)) {
+ __ PrepareCallCFunction(0, r1);
+ __ CallCFunction(ExternalReference::random_uint32_function(), 0);
+
+ CpuFeatures::Scope scope(VFP3);
+ // 0x41300000 is the top half of 1.0 x 2^20 as a double.
+ // Create this constant using mov/orr to avoid PC relative load.
+ __ mov(r1, Operand(0x41000000));
+ __ orr(r1, r1, Operand(0x300000));
+ // Move 0x41300000xxxxxxxx (x = random bits) to VFP.
+ __ vmov(d7, r0, r1);
+ // Move 0x4130000000000000 to VFP.
+ __ mov(r0, Operand(0));
+ __ vmov(d8, r0, r1);
+ // Subtract and store the result in the heap number.
+ __ vsub(d7, d7, d8);
+ __ sub(r0, r4, Operand(kHeapObjectTag));
+ __ vstr(d7, r0, HeapNumber::kValueOffset);
+ __ mov(r0, r4);
+ } else {
+ __ mov(r0, Operand(r4));
+ __ PrepareCallCFunction(1, r1);
+ __ CallCFunction(
+ ExternalReference::fill_heap_number_with_random_function(), 1);
+ }
+
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitSubString(ZoneList<Expression*>* args) {
+ // Load the arguments on the stack and call the stub.
+ SubStringStub stub;
+ ASSERT(args->length() == 3);
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kStack);
+ VisitForValue(args->at(2), kStack);
+ __ CallStub(&stub);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitRegExpExec(ZoneList<Expression*>* args) {
+ // Load the arguments on the stack and call the stub.
+ RegExpExecStub stub;
+ ASSERT(args->length() == 4);
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kStack);
+ VisitForValue(args->at(2), kStack);
+ VisitForValue(args->at(3), kStack);
+ __ CallStub(&stub);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitValueOf(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator); // Load the object.
+
+ Label done;
+ // If the object is a smi return the object.
+ __ BranchOnSmi(r0, &done);
+ // If the object is not a value type, return the object.
+ __ CompareObjectType(r0, r1, r1, JS_VALUE_TYPE);
+ __ b(ne, &done);
+ __ ldr(r0, FieldMemOperand(r0, JSValue::kValueOffset));
+
+ __ bind(&done);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitMathPow(ZoneList<Expression*>* args) {
+ // Load the arguments on the stack and call the runtime function.
+ ASSERT(args->length() == 2);
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kStack);
+ __ CallRuntime(Runtime::kMath_pow, 2);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitSetValueOf(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 2);
+
+ VisitForValue(args->at(0), kStack); // Load the object.
+ VisitForValue(args->at(1), kAccumulator); // Load the value.
+ __ pop(r1); // r0 = value. r1 = object.
+
+ Label done;
+ // If the object is a smi, return the value.
+ __ BranchOnSmi(r1, &done);
+
+ // If the object is not a value type, return the value.
+ __ CompareObjectType(r1, r2, r2, JS_VALUE_TYPE);
+ __ b(ne, &done);
+
+ // Store the value.
+ __ str(r0, FieldMemOperand(r1, JSValue::kValueOffset));
+ // Update the write barrier. Save the value as it will be
+ // overwritten by the write barrier code and is needed afterward.
+ __ mov(r2, Operand(JSValue::kValueOffset - kHeapObjectTag));
+ __ RecordWrite(r1, r2, r3);
+
+ __ bind(&done);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitNumberToString(ZoneList<Expression*>* args) {
+ ASSERT_EQ(args->length(), 1);
+
+ // Load the argument on the stack and call the stub.
+ VisitForValue(args->at(0), kStack);
+
+ NumberToStringStub stub;
+ __ CallStub(&stub);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitCharFromCode(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 1);
+
+ VisitForValue(args->at(0), kAccumulator);
+
+ Label slow_case, done;
+ // Fast case of Heap::LookupSingleCharacterStringFromCode.
+ ASSERT(kSmiTag == 0);
+ ASSERT(kSmiShiftSize == 0);
+ ASSERT(IsPowerOf2(String::kMaxAsciiCharCode + 1));
+ __ tst(r0, Operand(kSmiTagMask |
+ ((~String::kMaxAsciiCharCode) << kSmiTagSize)));
+ __ b(nz, &slow_case);
+ __ mov(r1, Operand(Factory::single_character_string_cache()));
+ ASSERT(kSmiTag == 0);
+ ASSERT(kSmiTagSize == 1);
+ ASSERT(kSmiShiftSize == 0);
+ // At this point code register contains smi tagged ascii char code.
+ __ add(r1, r1, Operand(r0, LSL, kPointerSizeLog2 - kSmiTagSize));
+ __ ldr(r1, MemOperand(r1, FixedArray::kHeaderSize - kHeapObjectTag));
+ __ LoadRoot(r2, Heap::kUndefinedValueRootIndex);
+ __ cmp(r1, r2);
+ __ b(eq, &slow_case);
+ __ mov(r0, r1);
+ __ b(&done);
+
+ __ bind(&slow_case);
+ __ push(r0);
+ __ CallRuntime(Runtime::kCharFromCode, 1);
+
+ __ bind(&done);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitFastCharCodeAt(ZoneList<Expression*>* args) {
+ // TODO(fsc): Port the complete implementation from the classic back-end.
+ // Move the undefined value into the result register, which will
+ // trigger the slow case.
+ __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
+ Apply(context_, r0);
+}
+
+void FullCodeGenerator::EmitStringAdd(ZoneList<Expression*>* args) {
+ ASSERT_EQ(2, args->length());
+
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kStack);
+
+ StringAddStub stub(NO_STRING_ADD_FLAGS);
+ __ CallStub(&stub);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitStringCompare(ZoneList<Expression*>* args) {
+ ASSERT_EQ(2, args->length());
+
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kStack);
+
+ StringCompareStub stub;
+ __ CallStub(&stub);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitMathSin(ZoneList<Expression*>* args) {
+ // Load the argument on the stack and call the runtime.
+ ASSERT(args->length() == 1);
+ VisitForValue(args->at(0), kStack);
+ __ CallRuntime(Runtime::kMath_sin, 1);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitMathCos(ZoneList<Expression*>* args) {
+ // Load the argument on the stack and call the runtime.
+ ASSERT(args->length() == 1);
+ VisitForValue(args->at(0), kStack);
+ __ CallRuntime(Runtime::kMath_cos, 1);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitMathSqrt(ZoneList<Expression*>* args) {
+ // Load the argument on the stack and call the runtime function.
+ ASSERT(args->length() == 1);
+ VisitForValue(args->at(0), kStack);
+ __ CallRuntime(Runtime::kMath_sqrt, 1);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitCallFunction(ZoneList<Expression*>* args) {
+ ASSERT(args->length() >= 2);
+
+ int arg_count = args->length() - 2; // For receiver and function.
+ VisitForValue(args->at(0), kStack); // Receiver.
+ for (int i = 0; i < arg_count; i++) {
+ VisitForValue(args->at(i + 1), kStack);
+ }
+ VisitForValue(args->at(arg_count + 1), kAccumulator); // Function.
+
+ // InvokeFunction requires function in r1. Move it in there.
+ if (!result_register().is(r1)) __ mov(r1, result_register());
+ ParameterCount count(arg_count);
+ __ InvokeFunction(r1, count, CALL_FUNCTION);
+ __ ldr(cp, MemOperand(fp, StandardFrameConstants::kContextOffset));
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitRegExpConstructResult(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 3);
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kStack);
+ VisitForValue(args->at(2), kStack);
+ __ CallRuntime(Runtime::kRegExpConstructResult, 3);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitSwapElements(ZoneList<Expression*>* args) {
+ ASSERT(args->length() == 3);
+ VisitForValue(args->at(0), kStack);
+ VisitForValue(args->at(1), kStack);
+ VisitForValue(args->at(2), kStack);
+ __ CallRuntime(Runtime::kSwapElements, 3);
+ Apply(context_, r0);
+}
+
+
+void FullCodeGenerator::EmitGetFromCache(ZoneList<Expression*>* args) {
+ ASSERT_EQ(2, args->length());
+
+ ASSERT_NE(NULL, args->at(0)->AsLiteral());
+ int cache_id = Smi::cast(*(args->at(0)->AsLiteral()->handle()))->value();
+
+ Handle<FixedArray> jsfunction_result_caches(
+ Top::global_context()->jsfunction_result_caches());
+ if (jsfunction_result_caches->length() <= cache_id) {
+ __ Abort("Attempt to use undefined cache.");
+ __ LoadRoot(r0, Heap::kUndefinedValueRootIndex);
+ Apply(context_, r0);
+ return;
+ }
+
+ VisitForValue(args->at(1), kAccumulator);
+
+ Register key = r0;
+ Register cache = r1;
+ __ ldr(cache, CodeGenerator::ContextOperand(cp, Context::GLOBAL_INDEX));
+ __ ldr(cache, FieldMemOperand(cache, GlobalObject::kGlobalContextOffset));
+ __ ldr(cache,
+ CodeGenerator::ContextOperand(
+ cache, Context::JSFUNCTION_RESULT_CACHES_INDEX));
+ __ ldr(cache,
+ FieldMemOperand(cache, FixedArray::OffsetOfElementAt(cache_id)));
+
+
+ Label done, not_found;
+ // tmp now holds finger offset as a smi.
+ ASSERT(kSmiTag == 0 && kSmiTagSize == 1);
+ __ ldr(r2, FieldMemOperand(cache, JSFunctionResultCache::kFingerOffset));
+ // r2 now holds finger offset as a smi.
+ __ add(r3, cache, Operand(FixedArray::kHeaderSize - kHeapObjectTag));
+ // r3 now points to the start of fixed array elements.
+ __ ldr(r2, MemOperand(r3, r2, LSL, kPointerSizeLog2 - kSmiTagSize, PreIndex));
+ // Note side effect of PreIndex: r3 now points to the key of the pair.
+ __ cmp(key, r2);
+ __ b(ne, &not_found);
+
+ __ ldr(r0, MemOperand(r3, kPointerSize));
+ __ b(&done);
+
+ __ bind(&not_found);
+ // Call runtime to perform the lookup.
+ __ Push(cache, key);
+ __ CallRuntime(Runtime::kGetFromCache, 2);
+
+ __ bind(&done);
+ Apply(context_, r0);
+}
+
+
void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
+ Handle<String> name = expr->name();
+ if (name->length() > 0 && name->Get(0) == '_') {
+ Comment cmnt(masm_, "[ InlineRuntimeCall");
+ EmitInlineRuntimeCall(expr);
+ return;
+ }
+
Comment cmnt(masm_, "[ CallRuntime");
ZoneList<Expression*>* args = expr->arguments();
@@ -1411,6 +2577,49 @@ void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
void FullCodeGenerator::VisitUnaryOperation(UnaryOperation* expr) {
switch (expr->op()) {
+ case Token::DELETE: {
+ Comment cmnt(masm_, "[ UnaryOperation (DELETE)");
+ Property* prop = expr->expression()->AsProperty();
+ Variable* var = expr->expression()->AsVariableProxy()->AsVariable();
+ if (prop == NULL && var == NULL) {
+ // Result of deleting non-property, non-variable reference is true.
+ // The subexpression may have side effects.
+ VisitForEffect(expr->expression());
+ Apply(context_, true);
+ } else if (var != NULL &&
+ !var->is_global() &&
+ var->slot() != NULL &&
+ var->slot()->type() != Slot::LOOKUP) {
+ // Result of deleting non-global, non-dynamic variables is false.
+ // The subexpression does not have side effects.
+ Apply(context_, false);
+ } else {
+ // Property or variable reference. Call the delete builtin with
+ // object and property name as arguments.
+ if (prop != NULL) {
+ VisitForValue(prop->obj(), kStack);
+ VisitForValue(prop->key(), kStack);
+ } else if (var->is_global()) {
+ __ ldr(r1, CodeGenerator::GlobalObject());
+ __ mov(r0, Operand(var->name()));
+ __ Push(r1, r0);
+ } else {
+ // Non-global variable. Call the runtime to look up the context
+ // where the variable was introduced.
+ __ push(context_register());
+ __ mov(r2, Operand(var->name()));
+ __ push(r2);
+ __ CallRuntime(Runtime::kLookupContext, 2);
+ __ push(r0);
+ __ mov(r2, Operand(var->name()));
+ __ push(r2);
+ }
+ __ InvokeBuiltin(Builtins::DELETE, CALL_JS);
+ Apply(context_, r0);
+ }
+ break;
+ }
+
case Token::VOID: {
Comment cmnt(masm_, "[ UnaryOperation (VOID)");
VisitForEffect(expr->expression());
@@ -1451,33 +2660,15 @@ void FullCodeGenerator::VisitUnaryOperation(UnaryOperation* expr) {
case Token::NOT: {
Comment cmnt(masm_, "[ UnaryOperation (NOT)");
- Label materialize_true, materialize_false, done;
- // Initially assume a pure test context. Notice that the labels are
- // swapped.
- Label* if_true = false_label_;
- Label* if_false = true_label_;
- switch (context_) {
- case Expression::kUninitialized:
- UNREACHABLE();
- break;
- case Expression::kEffect:
- if_true = &done;
- if_false = &done;
- break;
- case Expression::kValue:
- if_true = &materialize_false;
- if_false = &materialize_true;
- break;
- case Expression::kTest:
- break;
- case Expression::kValueTest:
- if_false = &materialize_true;
- break;
- case Expression::kTestValue:
- if_true = &materialize_false;
- break;
- }
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+
+ // Notice that the labels are swapped.
+ PrepareTest(&materialize_true, &materialize_false, &if_false, &if_true);
+
VisitForControl(expr->expression(), if_true, if_false);
+
Apply(context_, if_false, if_true); // Labels swapped.
break;
}
@@ -1500,7 +2691,7 @@ void FullCodeGenerator::VisitUnaryOperation(UnaryOperation* expr) {
proxy->var()->slot() != NULL &&
proxy->var()->slot()->type() == Slot::LOOKUP) {
__ mov(r0, Operand(proxy->name()));
- __ stm(db_w, sp, cp.bit() | r0.bit());
+ __ Push(cp, r0);
__ CallRuntime(Runtime::kLoadContextSlotNoReferenceError, 2);
__ push(r0);
} else {
@@ -1551,8 +2742,7 @@ void FullCodeGenerator::VisitUnaryOperation(UnaryOperation* expr) {
VisitForValue(expr->expression(), kAccumulator);
// Avoid calling the stub for Smis.
Label smi, done;
- __ tst(result_register(), Operand(kSmiTagMask));
- __ b(eq, &smi);
+ __ BranchOnSmi(result_register(), &smi);
// Non-smi: call stub leaving result in accumulator register.
__ CallStub(&stub);
__ b(&done);
@@ -1574,6 +2764,12 @@ void FullCodeGenerator::VisitUnaryOperation(UnaryOperation* expr) {
void FullCodeGenerator::VisitCountOperation(CountOperation* expr) {
Comment cmnt(masm_, "[ CountOperation");
+ // Invalid left-hand sides are rewritten to have a 'throw ReferenceError'
+ // as the left-hand side.
+ if (!expr->expression()->IsValidLeftHandSide()) {
+ VisitForEffect(expr->expression());
+ return;
+ }
// Expression can only be a property, a global or a (parameter or local)
// slot. Variables with rewrite to .arguments are treated as KEYED_PROPERTY.
@@ -1617,8 +2813,7 @@ void FullCodeGenerator::VisitCountOperation(CountOperation* expr) {
// Call ToNumber only if operand is not a smi.
Label no_conversion;
- __ tst(r0, Operand(kSmiTagMask));
- __ b(eq, &no_conversion);
+ __ BranchOnSmi(r0, &no_conversion);
__ push(r0);
__ InvokeBuiltin(Builtins::TO_NUMBER, CALL_JS);
__ bind(&no_conversion);
@@ -1662,8 +2857,7 @@ void FullCodeGenerator::VisitCountOperation(CountOperation* expr) {
__ b(vs, &stub_call);
// We could eliminate this smi check if we split the code at
// the first smi check before calling ToNumber.
- __ tst(r0, Operand(kSmiTagMask));
- __ b(eq, &done);
+ __ BranchOnSmi(r0, &done);
__ bind(&stub_call);
// Call stub. Undo operation first.
__ sub(r0, r0, Operand(Smi::FromInt(count_value)));
@@ -1758,36 +2952,41 @@ void FullCodeGenerator::VisitBinaryOperation(BinaryOperation* expr) {
}
+void FullCodeGenerator::EmitNullCompare(bool strict,
+ Register obj,
+ Register null_const,
+ Label* if_true,
+ Label* if_false,
+ Register scratch) {
+ __ cmp(obj, null_const);
+ if (strict) {
+ __ b(eq, if_true);
+ } else {
+ __ b(eq, if_true);
+ __ LoadRoot(ip, Heap::kUndefinedValueRootIndex);
+ __ cmp(obj, ip);
+ __ b(eq, if_true);
+ __ BranchOnSmi(obj, if_false);
+ // It can be an undetectable object.
+ __ ldr(scratch, FieldMemOperand(obj, HeapObject::kMapOffset));
+ __ ldrb(scratch, FieldMemOperand(scratch, Map::kBitFieldOffset));
+ __ tst(scratch, Operand(1 << Map::kIsUndetectable));
+ __ b(ne, if_true);
+ }
+ __ jmp(if_false);
+}
+
+
void FullCodeGenerator::VisitCompareOperation(CompareOperation* expr) {
Comment cmnt(masm_, "[ CompareOperation");
// Always perform the comparison for its control flow. Pack the result
// into the expression's context after the comparison is performed.
- Label materialize_true, materialize_false, done;
- // Initially assume we are in a test context.
- Label* if_true = true_label_;
- Label* if_false = false_label_;
- switch (context_) {
- case Expression::kUninitialized:
- UNREACHABLE();
- break;
- case Expression::kEffect:
- if_true = &done;
- if_false = &done;
- break;
- case Expression::kValue:
- if_true = &materialize_true;
- if_false = &materialize_false;
- break;
- case Expression::kTest:
- break;
- case Expression::kValueTest:
- if_true = &materialize_true;
- break;
- case Expression::kTestValue:
- if_false = &materialize_false;
- break;
- }
+
+ Label materialize_true, materialize_false;
+ Label* if_true = NULL;
+ Label* if_false = NULL;
+ PrepareTest(&materialize_true, &materialize_false, &if_true, &if_false);
VisitForValue(expr->left(), kStack);
switch (expr->op()) {
@@ -1818,10 +3017,24 @@ void FullCodeGenerator::VisitCompareOperation(CompareOperation* expr) {
case Token::EQ_STRICT:
strict = true;
// Fall through
- case Token::EQ:
+ case Token::EQ: {
cc = eq;
__ pop(r1);
+ // If either operand is constant null we do a fast compare
+ // against null.
+ Literal* right_literal = expr->right()->AsLiteral();
+ Literal* left_literal = expr->left()->AsLiteral();
+ if (right_literal != NULL && right_literal->handle()->IsNull()) {
+ EmitNullCompare(strict, r1, r0, if_true, if_false, r2);
+ Apply(context_, if_true, if_false);
+ return;
+ } else if (left_literal != NULL && left_literal->handle()->IsNull()) {
+ EmitNullCompare(strict, r0, r1, if_true, if_false, r2);
+ Apply(context_, if_true, if_false);
+ return;
+ }
break;
+ }
case Token::LT:
cc = lt;
__ pop(r1);
@@ -1852,8 +3065,7 @@ void FullCodeGenerator::VisitCompareOperation(CompareOperation* expr) {
// before it is called.
Label slow_case;
__ orr(r2, r0, Operand(r1));
- __ tst(r2, Operand(kSmiTagMask));
- __ b(ne, &slow_case);
+ __ BranchOnNotSmi(r2, &slow_case);
__ cmp(r1, r0);
__ b(cc, if_true);
__ jmp(if_false);
diff --git a/deps/v8/src/arm/macro-assembler-arm.cc b/deps/v8/src/arm/macro-assembler-arm.cc
index e356d55e1b..29c48a400f 100644
--- a/deps/v8/src/arm/macro-assembler-arm.cc
+++ b/deps/v8/src/arm/macro-assembler-arm.cc
@@ -354,6 +354,51 @@ void MacroAssembler::RecordWrite(Register object, Register offset,
}
+void MacroAssembler::Ldrd(Register dst1, Register dst2,
+ const MemOperand& src, Condition cond) {
+ ASSERT(src.rm().is(no_reg));
+ ASSERT(!dst1.is(lr)); // r14.
+ ASSERT_EQ(0, dst1.code() % 2);
+ ASSERT_EQ(dst1.code() + 1, dst2.code());
+
+ // Generate two ldr instructions if ldrd is not available.
+ if (CpuFeatures::IsSupported(ARMv7)) {
+ CpuFeatures::Scope scope(ARMv7);
+ ldrd(dst1, dst2, src, cond);
+ } else {
+ MemOperand src2(src);
+ src2.set_offset(src2.offset() + 4);
+ if (dst1.is(src.rn())) {
+ ldr(dst2, src2, cond);
+ ldr(dst1, src, cond);
+ } else {
+ ldr(dst1, src, cond);
+ ldr(dst2, src2, cond);
+ }
+ }
+}
+
+
+void MacroAssembler::Strd(Register src1, Register src2,
+ const MemOperand& dst, Condition cond) {
+ ASSERT(dst.rm().is(no_reg));
+ ASSERT(!src1.is(lr)); // r14.
+ ASSERT_EQ(0, src1.code() % 2);
+ ASSERT_EQ(src1.code() + 1, src2.code());
+
+ // Generate two str instructions if strd is not available.
+ if (CpuFeatures::IsSupported(ARMv7)) {
+ CpuFeatures::Scope scope(ARMv7);
+ strd(src1, src2, dst, cond);
+ } else {
+ MemOperand dst2(dst);
+ dst2.set_offset(dst2.offset() + 4);
+ str(src1, dst, cond);
+ str(src2, dst2, cond);
+ }
+}
+
+
void MacroAssembler::EnterFrame(StackFrame::Type type) {
// r0-r3: preserved
stm(db_w, sp, cp.bit() | fp.bit() | lr.bit());
diff --git a/deps/v8/src/arm/macro-assembler-arm.h b/deps/v8/src/arm/macro-assembler-arm.h
index 9cf93da341..494f2b6926 100644
--- a/deps/v8/src/arm/macro-assembler-arm.h
+++ b/deps/v8/src/arm/macro-assembler-arm.h
@@ -185,6 +185,18 @@ class MacroAssembler: public Assembler {
}
}
+ // Load two consecutive registers with two consecutive memory locations.
+ void Ldrd(Register dst1,
+ Register dst2,
+ const MemOperand& src,
+ Condition cond = al);
+
+ // Store two consecutive registers to two consecutive memory locations.
+ void Strd(Register src1,
+ Register src2,
+ const MemOperand& dst,
+ Condition cond = al);
+
// ---------------------------------------------------------------------------
// Stack limit support
diff --git a/deps/v8/src/arm/stub-cache-arm.cc b/deps/v8/src/arm/stub-cache-arm.cc
index 8001cd842a..d82ef21ce0 100644
--- a/deps/v8/src/arm/stub-cache-arm.cc
+++ b/deps/v8/src/arm/stub-cache-arm.cc
@@ -436,7 +436,7 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
Register holder,
Register scratch1,
Register scratch2,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
LookupResult* lookup,
String* name,
Label* miss_label) {
@@ -456,7 +456,8 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
}
if (!optimize) {
- CompileRegular(masm, receiver, holder, scratch2, holder_obj, miss_label);
+ CompileRegular(masm, receiver, holder, scratch2, interceptor_holder,
+ miss_label);
return;
}
@@ -466,14 +467,18 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
__ push(receiver);
__ Push(holder, name_);
+ // Invoke an interceptor. Note: map checks from receiver to
+ // interceptor's holder has been compiled before (see a caller
+ // of this method.)
CompileCallLoadPropertyWithInterceptor(masm,
receiver,
holder,
name_,
- holder_obj);
+ interceptor_holder);
+ // Check if interceptor provided a value for property. If it's
+ // the case, return immediately.
Label interceptor_failed;
- // Compare with no_interceptor_result_sentinel.
__ LoadRoot(scratch1, Heap::kNoInterceptorResultSentinelRootIndex);
__ cmp(r0, scratch1);
__ b(eq, &interceptor_failed);
@@ -488,13 +493,17 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
__ LeaveInternalFrame();
if (lookup->type() == FIELD) {
- holder = stub_compiler->CheckPrototypes(holder_obj,
+ // We found FIELD property in prototype chain of interceptor's holder.
+ // Check that the maps from interceptor's holder to field's holder
+ // haven't changed...
+ holder = stub_compiler->CheckPrototypes(interceptor_holder,
holder,
lookup->holder(),
scratch1,
scratch2,
name,
miss_label);
+ // ... and retrieve a field from field's holder.
stub_compiler->GenerateFastPropertyLoad(masm,
r0,
holder,
@@ -502,30 +511,38 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
lookup->GetFieldIndex());
__ Ret();
} else {
+ // We found CALLBACKS property in prototype chain of interceptor's
+ // holder.
ASSERT(lookup->type() == CALLBACKS);
ASSERT(lookup->GetCallbackObject()->IsAccessorInfo());
ASSERT(callback != NULL);
ASSERT(callback->getter() != NULL);
+ // Prepare for tail call: push receiver to stack.
Label cleanup;
__ push(receiver);
- holder = stub_compiler->CheckPrototypes(holder_obj, holder,
+ // Check that the maps from interceptor's holder to callback's holder
+ // haven't changed.
+ holder = stub_compiler->CheckPrototypes(interceptor_holder, holder,
lookup->holder(), scratch1,
scratch2,
name,
&cleanup);
+ // Continue tail call preparation: push remaining parameters.
__ push(holder);
__ Move(holder, Handle<AccessorInfo>(callback));
__ push(holder);
__ ldr(scratch1, FieldMemOperand(holder, AccessorInfo::kDataOffset));
__ Push(scratch1, name_);
+ // Tail call to runtime.
ExternalReference ref =
ExternalReference(IC_Utility(IC::kLoadCallbackProperty));
__ TailCallExternalReference(ref, 5, 1);
+ // Clean up code: we pushed receiver and need to remove it.
__ bind(&cleanup);
__ pop(scratch2);
}
@@ -536,9 +553,9 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
Register receiver,
Register holder,
Register scratch,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
Label* miss_label) {
- PushInterceptorArguments(masm, receiver, holder, name_, holder_obj);
+ PushInterceptorArguments(masm, receiver, holder, name_, interceptor_holder);
ExternalReference ref = ExternalReference(
IC_Utility(IC::kLoadPropertyWithInterceptorForLoad));
@@ -714,7 +731,7 @@ class CallInterceptorCompiler BASE_EMBEDDED {
Register receiver,
Register scratch1,
Register scratch2,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
LookupResult* lookup,
String* name,
const CallOptimization& optimization,
@@ -727,10 +744,13 @@ class CallInterceptorCompiler BASE_EMBEDDED {
bool can_do_fast_api_call = false;
if (optimization.is_simple_api_call() &&
!lookup->holder()->IsGlobalObject()) {
- depth1 = optimization.GetPrototypeDepthOfExpectedType(object, holder_obj);
+ depth1 =
+ optimization.GetPrototypeDepthOfExpectedType(object,
+ interceptor_holder);
if (depth1 == kInvalidProtoDepth) {
- depth2 = optimization.GetPrototypeDepthOfExpectedType(holder_obj,
- lookup->holder());
+ depth2 =
+ optimization.GetPrototypeDepthOfExpectedType(interceptor_holder,
+ lookup->holder());
}
can_do_fast_api_call = (depth1 != kInvalidProtoDepth) ||
(depth2 != kInvalidProtoDepth);
@@ -745,23 +765,31 @@ class CallInterceptorCompiler BASE_EMBEDDED {
ReserveSpaceForFastApiCall(masm, scratch1);
}
+ // Check that the maps from receiver to interceptor's holder
+ // haven't changed and thus we can invoke interceptor.
Label miss_cleanup;
Label* miss = can_do_fast_api_call ? &miss_cleanup : miss_label;
Register holder =
- stub_compiler_->CheckPrototypes(object, receiver, holder_obj, scratch1,
- scratch2, name, depth1, miss);
+ stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
+ scratch1, scratch2, name,
+ depth1, miss);
+ // Invoke an interceptor and if it provides a value,
+ // branch to |regular_invoke|.
Label regular_invoke;
- LoadWithInterceptor(masm, receiver, holder, holder_obj, scratch2,
+ LoadWithInterceptor(masm, receiver, holder, interceptor_holder, scratch2,
&regular_invoke);
- // Generate code for the failed interceptor case.
+ // Interceptor returned nothing for this property. Try to use cached
+ // constant function.
- // Check the lookup is still valid.
- stub_compiler_->CheckPrototypes(holder_obj, receiver,
+ // Check that the maps from interceptor's holder to constant function's
+ // holder haven't changed and thus we can use cached constant function.
+ stub_compiler_->CheckPrototypes(interceptor_holder, receiver,
lookup->holder(), scratch1,
scratch2, name, depth2, miss);
+ // Invoke function.
if (can_do_fast_api_call) {
GenerateFastApiCall(masm, optimization, arguments_.immediate());
} else {
@@ -769,12 +797,14 @@ class CallInterceptorCompiler BASE_EMBEDDED {
JUMP_FUNCTION);
}
+ // Deferred code for fast API call case---clean preallocated space.
if (can_do_fast_api_call) {
__ bind(&miss_cleanup);
FreeSpaceForFastApiCall(masm);
__ b(miss_label);
}
+ // Invoke a regular function.
__ bind(&regular_invoke);
if (can_do_fast_api_call) {
FreeSpaceForFastApiCall(masm);
@@ -787,10 +817,10 @@ class CallInterceptorCompiler BASE_EMBEDDED {
Register scratch1,
Register scratch2,
String* name,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
Label* miss_label) {
Register holder =
- stub_compiler_->CheckPrototypes(object, receiver, holder_obj,
+ stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
scratch1, scratch2, name,
miss_label);
@@ -803,7 +833,7 @@ class CallInterceptorCompiler BASE_EMBEDDED {
receiver,
holder,
name_,
- holder_obj);
+ interceptor_holder);
__ CallExternalReference(
ExternalReference(
diff --git a/deps/v8/src/assembler.h b/deps/v8/src/assembler.h
index f2a6c8be39..74613b3427 100644
--- a/deps/v8/src/assembler.h
+++ b/deps/v8/src/assembler.h
@@ -38,6 +38,7 @@
#include "runtime.h"
#include "top.h"
#include "token.h"
+#include "objects.h"
namespace v8 {
namespace internal {
@@ -199,9 +200,23 @@ class RelocInfo BASE_EMBEDDED {
INLINE(Object** target_object_address());
INLINE(void set_target_object(Object* target));
- // Read the address of the word containing the target_address. Can only
- // be called if IsCodeTarget(rmode_) || rmode_ == RUNTIME_ENTRY.
+ // Read the address of the word containing the target_address in an
+ // instruction stream. What this means exactly is architecture-independent.
+ // The only architecture-independent user of this function is the serializer.
+ // The serializer uses it to find out how many raw bytes of instruction to
+ // output before the next target. Architecture-independent code shouldn't
+ // dereference the pointer it gets back from this.
INLINE(Address target_address_address());
+ // This indicates how much space a target takes up when deserializing a code
+ // stream. For most architectures this is just the size of a pointer. For
+ // an instruction like movw/movt where the target bits are mixed into the
+ // instruction bits the size of the target will be zero, indicating that the
+ // serializer should not step forwards in memory after a target is resolved
+ // and written. In this case the target_address_address function above
+ // should return the end of the instructions to be patched, allowing the
+ // deserializer to deserialize the instructions as raw bytes and put them in
+ // place, ready to be patched with the target.
+ INLINE(int target_address_size());
// Read/modify the reference in the instruction this relocation
// applies to; can only be called if rmode_ is external_reference
@@ -216,6 +231,8 @@ class RelocInfo BASE_EMBEDDED {
INLINE(Object** call_object_address());
INLINE(void set_call_object(Object* target));
+ inline void Visit(ObjectVisitor* v);
+
// Patch the code with some other code.
void PatchCode(byte* instructions, int instruction_count);
diff --git a/deps/v8/src/circular-queue-inl.h b/deps/v8/src/circular-queue-inl.h
index 90ab0f5c9b..349f22299a 100644
--- a/deps/v8/src/circular-queue-inl.h
+++ b/deps/v8/src/circular-queue-inl.h
@@ -34,54 +34,6 @@ namespace v8 {
namespace internal {
-template<typename Record>
-CircularQueue<Record>::CircularQueue(int desired_buffer_size_in_bytes)
- : buffer_(NewArray<Record>(desired_buffer_size_in_bytes / sizeof(Record))),
- buffer_end_(buffer_ + desired_buffer_size_in_bytes / sizeof(Record)),
- enqueue_semaphore_(
- OS::CreateSemaphore(static_cast<int>(buffer_end_ - buffer_) - 1)),
- enqueue_pos_(buffer_),
- dequeue_pos_(buffer_) {
- // To be able to distinguish between a full and an empty queue
- // state, the queue must be capable of containing at least 2
- // records.
- ASSERT((buffer_end_ - buffer_) >= 2);
-}
-
-
-template<typename Record>
-CircularQueue<Record>::~CircularQueue() {
- DeleteArray(buffer_);
- delete enqueue_semaphore_;
-}
-
-
-template<typename Record>
-void CircularQueue<Record>::Dequeue(Record* rec) {
- ASSERT(!IsEmpty());
- *rec = *dequeue_pos_;
- dequeue_pos_ = Next(dequeue_pos_);
- // Tell we have a spare record.
- enqueue_semaphore_->Signal();
-}
-
-
-template<typename Record>
-void CircularQueue<Record>::Enqueue(const Record& rec) {
- // Wait until we have at least one spare record.
- enqueue_semaphore_->Wait();
- ASSERT(Next(enqueue_pos_) != dequeue_pos_);
- *enqueue_pos_ = rec;
- enqueue_pos_ = Next(enqueue_pos_);
-}
-
-
-template<typename Record>
-Record* CircularQueue<Record>::Next(Record* curr) {
- return ++curr != buffer_end_ ? curr : buffer_;
-}
-
-
void* SamplingCircularQueue::Enqueue() {
WrapPositionIfNeeded(&producer_pos_->enqueue_pos);
void* result = producer_pos_->enqueue_pos;
diff --git a/deps/v8/src/circular-queue.h b/deps/v8/src/circular-queue.h
index 486f10748f..73afc68316 100644
--- a/deps/v8/src/circular-queue.h
+++ b/deps/v8/src/circular-queue.h
@@ -32,32 +32,6 @@ namespace v8 {
namespace internal {
-// Lock-based blocking circular queue for small records. Intended for
-// transfer of small records between a single producer and a single
-// consumer. Blocks on enqueue operation if the queue is full.
-template<typename Record>
-class CircularQueue {
- public:
- inline explicit CircularQueue(int desired_buffer_size_in_bytes);
- inline ~CircularQueue();
-
- INLINE(void Dequeue(Record* rec));
- INLINE(void Enqueue(const Record& rec));
- INLINE(bool IsEmpty()) { return enqueue_pos_ == dequeue_pos_; }
-
- private:
- INLINE(Record* Next(Record* curr));
-
- Record* buffer_;
- Record* const buffer_end_;
- Semaphore* enqueue_semaphore_;
- Record* enqueue_pos_;
- Record* dequeue_pos_;
-
- DISALLOW_COPY_AND_ASSIGN(CircularQueue);
-};
-
-
// Lock-free cache-friendly sampling circular queue for large
// records. Intended for fast transfer of large records between a
// single producer and a single consumer. If the queue is full,
diff --git a/deps/v8/src/compiler.cc b/deps/v8/src/compiler.cc
index 27d4835dcf..ca92ed9213 100755
--- a/deps/v8/src/compiler.cc
+++ b/deps/v8/src/compiler.cc
@@ -44,6 +44,18 @@
namespace v8 {
namespace internal {
+// For normal operation the syntax checker is used to determine whether to
+// use the full compiler for top level code or not. However if the flag
+// --always-full-compiler is specified or debugging is active the full
+// compiler will be used for all code.
+static bool AlwaysFullCompiler() {
+#ifdef ENABLE_DEBUGGER_SUPPORT
+ return FLAG_always_full_compiler || Debugger::IsDebuggerActive();
+#else
+ return FLAG_always_full_compiler;
+#endif
+}
+
static Handle<Code> MakeCode(Handle<Context> context, CompilationInfo* info) {
FunctionLiteral* function = info->function();
@@ -120,21 +132,9 @@ static Handle<Code> MakeCode(Handle<Context> context, CompilationInfo* info) {
? info->scope()->is_global_scope()
: (shared->is_toplevel() || shared->try_full_codegen());
- bool force_full_compiler = false;
-#if defined(V8_TARGET_ARCH_IA32) || defined(V8_TARGET_ARCH_X64)
- // On ia32 the full compiler can compile all code whereas the other platforms
- // the constructs supported is checked by the associated syntax checker. When
- // --always-full-compiler is used on ia32 the syntax checker is still in
- // effect, but there is a special flag --force-full-compiler to ignore the
- // syntax checker completely and use the full compiler for all code. Also
- // when debugging on ia32 the full compiler will be used for all code.
- force_full_compiler =
- Debugger::IsDebuggerActive() || FLAG_force_full_compiler;
-#endif
-
- if (force_full_compiler) {
+ if (AlwaysFullCompiler()) {
return FullCodeGenerator::MakeCode(info);
- } else if (FLAG_always_full_compiler || (FLAG_full_compiler && is_run_once)) {
+ } else if (FLAG_full_compiler && is_run_once) {
FullCodeGenSyntaxChecker checker;
checker.Check(function);
if (checker.has_supported_syntax()) {
@@ -521,7 +521,11 @@ Handle<SharedFunctionInfo> Compiler::BuildFunctionInfo(FunctionLiteral* literal,
CHECK(!FLAG_always_full_compiler || !FLAG_always_fast_compiler);
bool is_run_once = literal->try_full_codegen();
bool is_compiled = false;
- if (FLAG_always_full_compiler || (FLAG_full_compiler && is_run_once)) {
+
+ if (AlwaysFullCompiler()) {
+ code = FullCodeGenerator::MakeCode(&info);
+ is_compiled = true;
+ } else if (FLAG_full_compiler && is_run_once) {
FullCodeGenSyntaxChecker checker;
checker.Check(literal);
if (checker.has_supported_syntax()) {
diff --git a/deps/v8/src/cpu-profiler-inl.h b/deps/v8/src/cpu-profiler-inl.h
index 9ef6841dc6..cb7fdd8ff6 100644
--- a/deps/v8/src/cpu-profiler-inl.h
+++ b/deps/v8/src/cpu-profiler-inl.h
@@ -34,6 +34,7 @@
#include "circular-queue-inl.h"
#include "profile-generator-inl.h"
+#include "unbound-queue-inl.h"
namespace v8 {
namespace internal {
diff --git a/deps/v8/src/cpu-profiler.cc b/deps/v8/src/cpu-profiler.cc
index 52a891f925..31c4658eeb 100644
--- a/deps/v8/src/cpu-profiler.cc
+++ b/deps/v8/src/cpu-profiler.cc
@@ -46,7 +46,6 @@ static const int kTickSamplesBufferChunksCount = 16;
ProfilerEventsProcessor::ProfilerEventsProcessor(ProfileGenerator* generator)
: generator_(generator),
running_(false),
- events_buffer_(kEventsBufferSize),
ticks_buffer_(sizeof(TickSampleEventRecord),
kTickSamplesBufferChunkSize,
kTickSamplesBufferChunksCount),
diff --git a/deps/v8/src/cpu-profiler.h b/deps/v8/src/cpu-profiler.h
index a51133d424..81f9ae394b 100644
--- a/deps/v8/src/cpu-profiler.h
+++ b/deps/v8/src/cpu-profiler.h
@@ -31,6 +31,7 @@
#ifdef ENABLE_LOGGING_AND_PROFILING
#include "circular-queue.h"
+#include "unbound-queue.h"
namespace v8 {
namespace internal {
@@ -181,7 +182,7 @@ class ProfilerEventsProcessor : public Thread {
ProfileGenerator* generator_;
bool running_;
- CircularQueue<CodeEventsContainer> events_buffer_;
+ UnboundQueue<CodeEventsContainer> events_buffer_;
SamplingCircularQueue ticks_buffer_;
unsigned enqueue_order_;
};
diff --git a/deps/v8/src/flag-definitions.h b/deps/v8/src/flag-definitions.h
index c360508c17..c086df4c77 100644
--- a/deps/v8/src/flag-definitions.h
+++ b/deps/v8/src/flag-definitions.h
@@ -149,10 +149,6 @@ DEFINE_bool(full_compiler, true, "enable dedicated backend for run-once code")
DEFINE_bool(fast_compiler, false, "enable speculative optimizing backend")
DEFINE_bool(always_full_compiler, false,
"try to use the dedicated run-once backend for all code")
-#if defined(V8_TARGET_ARCH_IA32) || defined(V8_TARGET_ARCH_X64)
-DEFINE_bool(force_full_compiler, false,
- "force use of the dedicated run-once backend for all code")
-#endif
DEFINE_bool(always_fast_compiler, false,
"try to use the speculative optimizing backend for all code")
DEFINE_bool(trace_bailout, false,
diff --git a/deps/v8/src/handles.cc b/deps/v8/src/handles.cc
index 1d4465f3bf..c90365c31a 100644
--- a/deps/v8/src/handles.cc
+++ b/deps/v8/src/handles.cc
@@ -399,6 +399,11 @@ Handle<JSObject> Copy(Handle<JSObject> obj) {
}
+Handle<Object> SetAccessor(Handle<JSObject> obj, Handle<AccessorInfo> info) {
+ CALL_HEAP_FUNCTION(obj->DefineAccessor(*info), Object);
+}
+
+
// Wrappers for scripts are kept alive and cached in weak global
// handles referred from proxy objects held by the scripts as long as
// they are used. When they are not used anymore, the garbage
diff --git a/deps/v8/src/handles.h b/deps/v8/src/handles.h
index ea13deffa2..96b17a653c 100644
--- a/deps/v8/src/handles.h
+++ b/deps/v8/src/handles.h
@@ -262,6 +262,8 @@ Handle<Object> LookupSingleCharacterStringFromCode(uint32_t index);
Handle<JSObject> Copy(Handle<JSObject> obj);
+Handle<Object> SetAccessor(Handle<JSObject> obj, Handle<AccessorInfo> info);
+
Handle<FixedArray> AddKeysFromJSArray(Handle<FixedArray>,
Handle<JSArray> array);
diff --git a/deps/v8/src/ia32/assembler-ia32-inl.h b/deps/v8/src/ia32/assembler-ia32-inl.h
index 1d88220469..9c96e1977c 100644
--- a/deps/v8/src/ia32/assembler-ia32-inl.h
+++ b/deps/v8/src/ia32/assembler-ia32-inl.h
@@ -38,6 +38,7 @@
#define V8_IA32_ASSEMBLER_IA32_INL_H_
#include "cpu.h"
+#include "debug.h"
namespace v8 {
namespace internal {
@@ -77,6 +78,11 @@ Address RelocInfo::target_address_address() {
}
+int RelocInfo::target_address_size() {
+ return Assembler::kExternalTargetSize;
+}
+
+
void RelocInfo::set_target_address(Address target) {
ASSERT(IsCodeTarget(rmode_) || rmode_ == RUNTIME_ENTRY);
Assembler::set_target_address_at(pc_, target);
@@ -148,6 +154,26 @@ bool RelocInfo::IsPatchedReturnSequence() {
}
+void RelocInfo::Visit(ObjectVisitor* visitor) {
+ RelocInfo::Mode mode = rmode();
+ if (mode == RelocInfo::EMBEDDED_OBJECT) {
+ visitor->VisitPointer(target_object_address());
+ } else if (RelocInfo::IsCodeTarget(mode)) {
+ visitor->VisitCodeTarget(this);
+ } else if (mode == RelocInfo::EXTERNAL_REFERENCE) {
+ visitor->VisitExternalReference(target_reference_address());
+#ifdef ENABLE_DEBUGGER_SUPPORT
+ } else if (Debug::has_break_points() &&
+ RelocInfo::IsJSReturn(mode) &&
+ IsPatchedReturnSequence()) {
+ visitor->VisitDebugTarget(this);
+#endif
+ } else if (mode == RelocInfo::RUNTIME_ENTRY) {
+ visitor->VisitRuntimeEntry(this);
+ }
+}
+
+
Immediate::Immediate(int x) {
x_ = x;
rmode_ = RelocInfo::NONE;
diff --git a/deps/v8/src/ia32/codegen-ia32.cc b/deps/v8/src/ia32/codegen-ia32.cc
index 226a374bc4..c55ec7b203 100644
--- a/deps/v8/src/ia32/codegen-ia32.cc
+++ b/deps/v8/src/ia32/codegen-ia32.cc
@@ -695,9 +695,7 @@ void CodeGenerator::LoadTypeofExpression(Expression* expr) {
} else if (variable != NULL && variable->slot() != NULL) {
// For a variable that rewrites to a slot, we signal it is the immediate
// subexpression of a typeof.
- Result result =
- LoadFromSlotCheckForArguments(variable->slot(), INSIDE_TYPEOF);
- frame()->Push(&result);
+ LoadFromSlotCheckForArguments(variable->slot(), INSIDE_TYPEOF);
} else {
// Anything else can be handled normally.
Load(expr);
@@ -746,7 +744,8 @@ Result CodeGenerator::StoreArgumentsObject(bool initial) {
// We have to skip storing into the arguments slot if it has already
// been written to. This can happen if the a function has a local
// variable named 'arguments'.
- Result probe = LoadFromSlot(arguments->slot(), NOT_INSIDE_TYPEOF);
+ LoadFromSlot(arguments->slot(), NOT_INSIDE_TYPEOF);
+ Result probe = frame_->Pop();
if (probe.is_constant()) {
// We have to skip updating the arguments object if it has
// been assigned a proper value.
@@ -3026,9 +3025,7 @@ void CodeGenerator::CallApplyLazy(Expression* applicand,
// Load the receiver and the existing arguments object onto the
// expression stack. Avoid allocating the arguments object here.
Load(receiver);
- Result existing_args =
- LoadFromSlot(scope()->arguments()->var()->slot(), NOT_INSIDE_TYPEOF);
- frame()->Push(&existing_args);
+ LoadFromSlot(scope()->arguments()->var()->slot(), NOT_INSIDE_TYPEOF);
// Emit the source position information after having loaded the
// receiver and the arguments.
@@ -4719,19 +4716,19 @@ void CodeGenerator::VisitConditional(Conditional* node) {
}
-Result CodeGenerator::LoadFromSlot(Slot* slot, TypeofState typeof_state) {
- Result result;
+void CodeGenerator::LoadFromSlot(Slot* slot, TypeofState typeof_state) {
if (slot->type() == Slot::LOOKUP) {
ASSERT(slot->var()->is_dynamic());
JumpTarget slow;
JumpTarget done;
+ Result value;
// Generate fast case for loading from slots that correspond to
// local/global variables or arguments unless they are shadowed by
// eval-introduced bindings.
EmitDynamicLoadFromSlotFastCase(slot,
typeof_state,
- &result,
+ &value,
&slow,
&done);
@@ -4743,14 +4740,14 @@ Result CodeGenerator::LoadFromSlot(Slot* slot, TypeofState typeof_state) {
frame()->EmitPush(esi);
frame()->EmitPush(Immediate(slot->var()->name()));
if (typeof_state == INSIDE_TYPEOF) {
- result =
+ value =
frame()->CallRuntime(Runtime::kLoadContextSlotNoReferenceError, 2);
} else {
- result = frame()->CallRuntime(Runtime::kLoadContextSlot, 2);
+ value = frame()->CallRuntime(Runtime::kLoadContextSlot, 2);
}
- done.Bind(&result);
- return result;
+ done.Bind(&value);
+ frame_->Push(&value);
} else if (slot->var()->mode() == Variable::CONST) {
// Const slots may contain 'the hole' value (the constant hasn't been
@@ -4767,15 +4764,13 @@ Result CodeGenerator::LoadFromSlot(Slot* slot, TypeofState typeof_state) {
__ j(not_equal, &exit);
__ mov(ecx, Factory::undefined_value());
__ bind(&exit);
- return Result(ecx);
+ frame()->EmitPush(ecx);
} else if (slot->type() == Slot::PARAMETER) {
frame()->PushParameterAt(slot->index());
- return frame()->Pop();
} else if (slot->type() == Slot::LOCAL) {
frame()->PushLocalAt(slot->index());
- return frame()->Pop();
} else {
// The other remaining slot types (LOOKUP and GLOBAL) cannot reach
@@ -4784,46 +4779,48 @@ Result CodeGenerator::LoadFromSlot(Slot* slot, TypeofState typeof_state) {
// The use of SlotOperand below is safe for an unspilled frame
// because it will always be a context slot.
ASSERT(slot->type() == Slot::CONTEXT);
- result = allocator()->Allocate();
- ASSERT(result.is_valid());
- __ mov(result.reg(), SlotOperand(slot, result.reg()));
- return result;
+ Result temp = allocator()->Allocate();
+ ASSERT(temp.is_valid());
+ __ mov(temp.reg(), SlotOperand(slot, temp.reg()));
+ frame()->Push(&temp);
}
}
-Result CodeGenerator::LoadFromSlotCheckForArguments(Slot* slot,
+void CodeGenerator::LoadFromSlotCheckForArguments(Slot* slot,
TypeofState state) {
- Result result = LoadFromSlot(slot, state);
+ LoadFromSlot(slot, state);
// Bail out quickly if we're not using lazy arguments allocation.
- if (ArgumentsMode() != LAZY_ARGUMENTS_ALLOCATION) return result;
+ if (ArgumentsMode() != LAZY_ARGUMENTS_ALLOCATION) return;
// ... or if the slot isn't a non-parameter arguments slot.
- if (slot->type() == Slot::PARAMETER || !slot->is_arguments()) return result;
+ if (slot->type() == Slot::PARAMETER || !slot->is_arguments()) return;
// If the loaded value is a constant, we know if the arguments
// object has been lazily loaded yet.
+ Result result = frame()->Pop();
if (result.is_constant()) {
if (result.handle()->IsTheHole()) {
- result.Unuse();
- return StoreArgumentsObject(false);
- } else {
- return result;
+ result = StoreArgumentsObject(false);
}
+ frame()->Push(&result);
+ return;
}
-
+ ASSERT(result.is_register());
// The loaded value is in a register. If it is the sentinel that
// indicates that we haven't loaded the arguments object yet, we
// need to do it now.
JumpTarget exit;
__ cmp(Operand(result.reg()), Immediate(Factory::the_hole_value()));
- exit.Branch(not_equal, &result);
+ frame()->Push(&result);
+ exit.Branch(not_equal);
- result.Unuse();
result = StoreArgumentsObject(false);
- exit.Bind(&result);
- return result;
+ frame()->SetElementAt(0, &result);
+ result.Unuse();
+ exit.Bind();
+ return;
}
@@ -5073,8 +5070,7 @@ void CodeGenerator::VisitSlot(Slot* slot) {
UNREACHABLE();
}
} else {
- Result result = LoadFromSlotCheckForArguments(slot, NOT_INSIDE_TYPEOF);
- frame()->Push(&result);
+ LoadFromSlotCheckForArguments(slot, NOT_INSIDE_TYPEOF);
}
}
@@ -5395,8 +5391,7 @@ void CodeGenerator::EmitSlotAssignment(Assignment* node) {
if (node->is_compound()) {
// For a compound assignment the right-hand side is a binary operation
// between the current property value and the actual right-hand side.
- Result result = LoadFromSlotCheckForArguments(slot, NOT_INSIDE_TYPEOF);
- frame()->Push(&result);
+ LoadFromSlotCheckForArguments(slot, NOT_INSIDE_TYPEOF);
Load(node->value());
// Perform the binary operation.
@@ -8603,16 +8598,16 @@ Result CodeGenerator::EmitKeyedLoad() {
if (loop_nesting() > 0) {
Comment cmnt(masm_, "[ Inlined load from keyed Property");
- Result key = frame_->Pop();
- Result receiver = frame_->Pop();
- key.ToRegister();
- receiver.ToRegister();
-
// Use a fresh temporary to load the elements without destroying
// the receiver which is needed for the deferred slow case.
Result elements = allocator()->Allocate();
ASSERT(elements.is_valid());
+ Result key = frame_->Pop();
+ Result receiver = frame_->Pop();
+ key.ToRegister();
+ receiver.ToRegister();
+
// Use a fresh temporary for the index and later the loaded
// value.
result = allocator()->Allocate();
@@ -8626,6 +8621,7 @@ Result CodeGenerator::EmitKeyedLoad() {
__ test(receiver.reg(), Immediate(kSmiTagMask));
deferred->Branch(zero);
+ // Check that the receiver has the expected map.
// Initially, use an invalid map. The map is patched in the IC
// initialization code.
__ bind(deferred->patch_site());
@@ -8659,7 +8655,6 @@ Result CodeGenerator::EmitKeyedLoad() {
FieldOperand(elements.reg(), FixedArray::kLengthOffset));
deferred->Branch(above_equal);
- // Load and check that the result is not the hole.
__ mov(result.reg(), Operand(elements.reg(),
result.reg(),
times_4,
@@ -8857,10 +8852,8 @@ void Reference::GetValue() {
Comment cmnt(masm, "[ Load from Slot");
Slot* slot = expression_->AsVariableProxy()->AsVariable()->slot();
ASSERT(slot != NULL);
- Result result =
- cgen_->LoadFromSlotCheckForArguments(slot, NOT_INSIDE_TYPEOF);
+ cgen_->LoadFromSlotCheckForArguments(slot, NOT_INSIDE_TYPEOF);
if (!persist_after_get_) set_unloaded();
- cgen_->frame()->Push(&result);
break;
}
diff --git a/deps/v8/src/ia32/codegen-ia32.h b/deps/v8/src/ia32/codegen-ia32.h
index e00bec7131..a098dc3859 100644
--- a/deps/v8/src/ia32/codegen-ia32.h
+++ b/deps/v8/src/ia32/codegen-ia32.h
@@ -459,8 +459,8 @@ class CodeGenerator: public AstVisitor {
void LoadWithSafeInt32ModeDisabled(Expression* expr);
// Read a value from a slot and leave it on top of the expression stack.
- Result LoadFromSlot(Slot* slot, TypeofState typeof_state);
- Result LoadFromSlotCheckForArguments(Slot* slot, TypeofState typeof_state);
+ void LoadFromSlot(Slot* slot, TypeofState typeof_state);
+ void LoadFromSlotCheckForArguments(Slot* slot, TypeofState typeof_state);
Result LoadFromGlobalSlotCheckExtensions(Slot* slot,
TypeofState typeof_state,
JumpTarget* slow);
diff --git a/deps/v8/src/ia32/full-codegen-ia32.cc b/deps/v8/src/ia32/full-codegen-ia32.cc
index 368a8eeb0b..1b78772f74 100644
--- a/deps/v8/src/ia32/full-codegen-ia32.cc
+++ b/deps/v8/src/ia32/full-codegen-ia32.cc
@@ -2222,9 +2222,7 @@ void FullCodeGenerator::EmitClassOf(ZoneList<Expression*>* args) {
// Check that the object is a JS object but take special care of JS
// functions to make sure they have 'Function' as their class.
- __ mov(eax, FieldOperand(eax, HeapObject::kMapOffset));
- __ movzx_b(ebx, FieldOperand(eax, Map::kInstanceTypeOffset));
- __ cmp(ebx, FIRST_JS_OBJECT_TYPE);
+ __ CmpObjectType(eax, FIRST_JS_OBJECT_TYPE, eax); // Map is now in eax.
__ j(below, &null);
// As long as JS_FUNCTION_TYPE is the last instance type and it is
diff --git a/deps/v8/src/ia32/stub-cache-ia32.cc b/deps/v8/src/ia32/stub-cache-ia32.cc
index d7b05cf40b..eb555d705d 100644
--- a/deps/v8/src/ia32/stub-cache-ia32.cc
+++ b/deps/v8/src/ia32/stub-cache-ia32.cc
@@ -356,7 +356,7 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
Register holder,
Register scratch1,
Register scratch2,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
LookupResult* lookup,
String* name,
Label* miss_label) {
@@ -376,7 +376,8 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
}
if (!optimize) {
- CompileRegular(masm, receiver, holder, scratch2, holder_obj, miss_label);
+ CompileRegular(masm, receiver, holder, scratch2, interceptor_holder,
+ miss_label);
return;
}
@@ -389,12 +390,17 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
__ push(holder);
__ push(name_);
+ // Invoke an interceptor. Note: map checks from receiver to
+ // interceptor's holder has been compiled before (see a caller
+ // of this method.)
CompileCallLoadPropertyWithInterceptor(masm,
receiver,
holder,
name_,
- holder_obj);
+ interceptor_holder);
+ // Check if interceptor provided a value for property. If it's
+ // the case, return immediately.
Label interceptor_failed;
__ cmp(eax, Factory::no_interceptor_result_sentinel());
__ j(equal, &interceptor_failed);
@@ -411,47 +417,61 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
__ LeaveInternalFrame();
if (lookup->type() == FIELD) {
- holder = stub_compiler->CheckPrototypes(holder_obj, holder,
+ // We found FIELD property in prototype chain of interceptor's holder.
+ // Check that the maps from interceptor's holder to field's holder
+ // haven't changed...
+ holder = stub_compiler->CheckPrototypes(interceptor_holder, holder,
lookup->holder(), scratch1,
scratch2,
name,
miss_label);
+ // ... and retrieve a field from field's holder.
stub_compiler->GenerateFastPropertyLoad(masm, eax,
holder, lookup->holder(),
lookup->GetFieldIndex());
__ ret(0);
} else {
+ // We found CALLBACKS property in prototype chain of interceptor's
+ // holder.
ASSERT(lookup->type() == CALLBACKS);
ASSERT(lookup->GetCallbackObject()->IsAccessorInfo());
ASSERT(callback != NULL);
ASSERT(callback->getter() != NULL);
+ // Prepare for tail call: push receiver to stack after return address.
Label cleanup;
- __ pop(scratch2);
+ __ pop(scratch2); // return address
__ push(receiver);
__ push(scratch2);
- holder = stub_compiler->CheckPrototypes(holder_obj, holder,
+ // Check that the maps from interceptor's holder to callback's holder
+ // haven't changed.
+ holder = stub_compiler->CheckPrototypes(interceptor_holder, holder,
lookup->holder(), scratch1,
scratch2,
name,
&cleanup);
- __ pop(scratch2); // save old return address
+ // Continue tail call preparation: push remaining parameters after
+ // return address.
+ __ pop(scratch2); // return address
__ push(holder);
__ mov(holder, Immediate(Handle<AccessorInfo>(callback)));
__ push(holder);
__ push(FieldOperand(holder, AccessorInfo::kDataOffset));
__ push(name_);
- __ push(scratch2); // restore old return address
+ __ push(scratch2); // restore return address
+ // Tail call to runtime.
ExternalReference ref =
ExternalReference(IC_Utility(IC::kLoadCallbackProperty));
__ TailCallExternalReference(ref, 5, 1);
+ // Clean up code: we pushed receiver after return address and
+ // need to remove it from there.
__ bind(&cleanup);
- __ pop(scratch1);
- __ pop(scratch2);
+ __ pop(scratch1); // return address.
+ __ pop(scratch2); // receiver.
__ push(scratch1);
}
}
@@ -461,10 +481,10 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
Register receiver,
Register holder,
Register scratch,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
Label* miss_label) {
__ pop(scratch); // save old return address
- PushInterceptorArguments(masm, receiver, holder, name_, holder_obj);
+ PushInterceptorArguments(masm, receiver, holder, name_, interceptor_holder);
__ push(scratch); // restore old return address
ExternalReference ref = ExternalReference(
@@ -626,7 +646,7 @@ class CallInterceptorCompiler BASE_EMBEDDED {
Register receiver,
Register scratch1,
Register scratch2,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
LookupResult* lookup,
String* name,
const CallOptimization& optimization,
@@ -639,10 +659,13 @@ class CallInterceptorCompiler BASE_EMBEDDED {
bool can_do_fast_api_call = false;
if (optimization.is_simple_api_call() &&
!lookup->holder()->IsGlobalObject()) {
- depth1 = optimization.GetPrototypeDepthOfExpectedType(object, holder_obj);
+ depth1 =
+ optimization.GetPrototypeDepthOfExpectedType(object,
+ interceptor_holder);
if (depth1 == kInvalidProtoDepth) {
- depth2 = optimization.GetPrototypeDepthOfExpectedType(holder_obj,
- lookup->holder());
+ depth2 =
+ optimization.GetPrototypeDepthOfExpectedType(interceptor_holder,
+ lookup->holder());
}
can_do_fast_api_call = (depth1 != kInvalidProtoDepth) ||
(depth2 != kInvalidProtoDepth);
@@ -655,24 +678,32 @@ class CallInterceptorCompiler BASE_EMBEDDED {
ReserveSpaceForFastApiCall(masm, scratch1);
}
+ // Check that the maps from receiver to interceptor's holder
+ // haven't changed and thus we can invoke interceptor.
Label miss_cleanup;
Label* miss = can_do_fast_api_call ? &miss_cleanup : miss_label;
Register holder =
- stub_compiler_->CheckPrototypes(object, receiver, holder_obj,
+ stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
scratch1, scratch2, name,
depth1, miss);
+ // Invoke an interceptor and if it provides a value,
+ // branch to |regular_invoke|.
Label regular_invoke;
- LoadWithInterceptor(masm, receiver, holder, holder_obj, &regular_invoke);
+ LoadWithInterceptor(masm, receiver, holder, interceptor_holder,
+ &regular_invoke);
- // Generate code for the failed interceptor case.
+ // Interceptor returned nothing for this property. Try to use cached
+ // constant function.
- // Check the lookup is still valid.
- stub_compiler_->CheckPrototypes(holder_obj, receiver,
+ // Check that the maps from interceptor's holder to constant function's
+ // holder haven't changed and thus we can use cached constant function.
+ stub_compiler_->CheckPrototypes(interceptor_holder, receiver,
lookup->holder(),
scratch1, scratch2, name,
depth2, miss);
+ // Invoke function.
if (can_do_fast_api_call) {
GenerateFastApiCall(masm, optimization, arguments_.immediate());
} else {
@@ -680,12 +711,14 @@ class CallInterceptorCompiler BASE_EMBEDDED {
JUMP_FUNCTION);
}
+ // Deferred code for fast API call case---clean preallocated space.
if (can_do_fast_api_call) {
__ bind(&miss_cleanup);
FreeSpaceForFastApiCall(masm, scratch1);
__ jmp(miss_label);
}
+ // Invoke a regular function.
__ bind(&regular_invoke);
if (can_do_fast_api_call) {
FreeSpaceForFastApiCall(masm, scratch1);
@@ -698,10 +731,10 @@ class CallInterceptorCompiler BASE_EMBEDDED {
Register scratch1,
Register scratch2,
String* name,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
Label* miss_label) {
Register holder =
- stub_compiler_->CheckPrototypes(object, receiver, holder_obj,
+ stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
scratch1, scratch2, name,
miss_label);
@@ -713,7 +746,7 @@ class CallInterceptorCompiler BASE_EMBEDDED {
receiver,
holder,
name_,
- holder_obj);
+ interceptor_holder);
__ CallExternalReference(
ExternalReference(
diff --git a/deps/v8/src/jump-target-light.h b/deps/v8/src/jump-target-light.h
index 656ec75651..084bd582c7 100644
--- a/deps/v8/src/jump-target-light.h
+++ b/deps/v8/src/jump-target-light.h
@@ -74,6 +74,8 @@ class JumpTarget : public ZoneObject { // Shadows are dynamically allocated.
inline CodeGenerator* cgen();
+ Label* entry_label() { return &entry_label_; }
+
const VirtualFrame* entry_frame() const {
return entry_frame_set_ ? &entry_frame_ : NULL;
}
diff --git a/deps/v8/src/objects.cc b/deps/v8/src/objects.cc
index 360eb28fb1..ab678cb539 100644
--- a/deps/v8/src/objects.cc
+++ b/deps/v8/src/objects.cc
@@ -189,7 +189,7 @@ Object* Object::GetPropertyWithCallback(Object* receiver,
}
UNREACHABLE();
- return 0;
+ return NULL;
}
@@ -1613,7 +1613,7 @@ Object* JSObject::SetPropertyWithCallback(Object* structure,
}
UNREACHABLE();
- return 0;
+ return NULL;
}
@@ -1657,7 +1657,8 @@ void JSObject::LookupCallbackSetterInPrototypes(String* name,
}
-Object* JSObject::LookupCallbackSetterInPrototypes(uint32_t index) {
+bool JSObject::SetElementWithCallbackSetterInPrototypes(uint32_t index,
+ Object* value) {
for (Object* pt = GetPrototype();
pt != Heap::null_value();
pt = pt->GetPrototype()) {
@@ -1670,12 +1671,12 @@ Object* JSObject::LookupCallbackSetterInPrototypes(uint32_t index) {
Object* element = dictionary->ValueAt(entry);
PropertyDetails details = dictionary->DetailsAt(entry);
if (details.type() == CALLBACKS) {
- // Only accessors allowed as elements.
- return FixedArray::cast(element)->get(kSetterIndex);
+ SetElementWithCallback(element, index, value, JSObject::cast(pt));
+ return true;
}
}
}
- return Heap::undefined_value();
+ return false;
}
@@ -2692,30 +2693,11 @@ Object* JSObject::DefineGetterSetter(String* name,
// interceptor calls.
AssertNoContextChange ncc;
- // Check access rights if needed.
- if (IsAccessCheckNeeded() &&
- !Top::MayNamedAccess(this, name, v8::ACCESS_SET)) {
- Top::ReportFailedAccessCheck(this, v8::ACCESS_SET);
- return Heap::undefined_value();
- }
-
// Try to flatten before operating on the string.
name->TryFlatten();
- // Check if there is an API defined callback object which prohibits
- // callback overwriting in this object or it's prototype chain.
- // This mechanism is needed for instance in a browser setting, where
- // certain accessors such as window.location should not be allowed
- // to be overwritten because allowing overwriting could potentially
- // cause security problems.
- LookupResult callback_result;
- LookupCallback(name, &callback_result);
- if (callback_result.IsFound()) {
- Object* obj = callback_result.GetCallbackObject();
- if (obj->IsAccessorInfo() &&
- AccessorInfo::cast(obj)->prohibits_overwriting()) {
- return Heap::undefined_value();
- }
+ if (!CanSetCallback(name)) {
+ return Heap::undefined_value();
}
uint32_t index;
@@ -2746,9 +2728,10 @@ Object* JSObject::DefineGetterSetter(String* name,
PropertyDetails details = dictionary->DetailsAt(entry);
if (details.IsReadOnly()) return Heap::undefined_value();
if (details.type() == CALLBACKS) {
- // Only accessors allowed as elements.
- ASSERT(result->IsFixedArray());
- return result;
+ if (result->IsFixedArray()) {
+ return result;
+ }
+ // Otherwise allow to override it.
}
}
break;
@@ -2765,15 +2748,10 @@ Object* JSObject::DefineGetterSetter(String* name,
if (result.IsReadOnly()) return Heap::undefined_value();
if (result.type() == CALLBACKS) {
Object* obj = result.GetCallbackObject();
+ // Need to preserve old getters/setters.
if (obj->IsFixedArray()) {
- // The object might be in fast mode even though it has
- // a getter/setter.
- Object* ok = NormalizeProperties(CLEAR_INOBJECT_PROPERTIES, 0);
- if (ok->IsFailure()) return ok;
-
- PropertyDetails details = PropertyDetails(attributes, CALLBACKS);
- SetNormalizedProperty(name, obj, details);
- return obj;
+ // Use set to update attributes.
+ return SetPropertyCallback(name, obj, attributes);
}
}
}
@@ -2782,50 +2760,100 @@ Object* JSObject::DefineGetterSetter(String* name,
// Allocate the fixed array to hold getter and setter.
Object* structure = Heap::AllocateFixedArray(2, TENURED);
if (structure->IsFailure()) return structure;
- PropertyDetails details = PropertyDetails(attributes, CALLBACKS);
if (is_element) {
- // Normalize object to make this operation simple.
- Object* ok = NormalizeElements();
- if (ok->IsFailure()) return ok;
+ return SetElementCallback(index, structure, attributes);
+ } else {
+ return SetPropertyCallback(name, structure, attributes);
+ }
+}
- // Update the dictionary with the new CALLBACKS property.
- Object* dict =
- element_dictionary()->Set(index, structure, details);
- if (dict->IsFailure()) return dict;
- // If name is an index we need to stay in slow case.
- NumberDictionary* elements = NumberDictionary::cast(dict);
- elements->set_requires_slow_elements();
- // Set the potential new dictionary on the object.
- set_elements(NumberDictionary::cast(dict));
- } else {
- // Normalize object to make this operation simple.
- Object* ok = NormalizeProperties(CLEAR_INOBJECT_PROPERTIES, 0);
- if (ok->IsFailure()) return ok;
+bool JSObject::CanSetCallback(String* name) {
+ ASSERT(!IsAccessCheckNeeded()
+ || Top::MayNamedAccess(this, name, v8::ACCESS_SET));
- // For the global object allocate a new map to invalidate the global inline
- // caches which have a global property cell reference directly in the code.
- if (IsGlobalObject()) {
- Object* new_map = map()->CopyDropDescriptors();
- if (new_map->IsFailure()) return new_map;
- set_map(Map::cast(new_map));
+ // Check if there is an API defined callback object which prohibits
+ // callback overwriting in this object or it's prototype chain.
+ // This mechanism is needed for instance in a browser setting, where
+ // certain accessors such as window.location should not be allowed
+ // to be overwritten because allowing overwriting could potentially
+ // cause security problems.
+ LookupResult callback_result;
+ LookupCallback(name, &callback_result);
+ if (callback_result.IsProperty()) {
+ Object* obj = callback_result.GetCallbackObject();
+ if (obj->IsAccessorInfo() &&
+ AccessorInfo::cast(obj)->prohibits_overwriting()) {
+ return false;
}
-
- // Update the dictionary with the new CALLBACKS property.
- return SetNormalizedProperty(name, structure, details);
}
+ return true;
+}
+
+
+Object* JSObject::SetElementCallback(uint32_t index,
+ Object* structure,
+ PropertyAttributes attributes) {
+ PropertyDetails details = PropertyDetails(attributes, CALLBACKS);
+
+ // Normalize elements to make this operation simple.
+ Object* ok = NormalizeElements();
+ if (ok->IsFailure()) return ok;
+
+ // Update the dictionary with the new CALLBACKS property.
+ Object* dict =
+ element_dictionary()->Set(index, structure, details);
+ if (dict->IsFailure()) return dict;
+
+ NumberDictionary* elements = NumberDictionary::cast(dict);
+ elements->set_requires_slow_elements();
+ // Set the potential new dictionary on the object.
+ set_elements(elements);
+
return structure;
}
+Object* JSObject::SetPropertyCallback(String* name,
+ Object* structure,
+ PropertyAttributes attributes) {
+ PropertyDetails details = PropertyDetails(attributes, CALLBACKS);
+
+ bool convert_back_to_fast = HasFastProperties() &&
+ (map()->instance_descriptors()->number_of_descriptors()
+ < DescriptorArray::kMaxNumberOfDescriptors);
+
+ // Normalize object to make this operation simple.
+ Object* ok = NormalizeProperties(CLEAR_INOBJECT_PROPERTIES, 0);
+ if (ok->IsFailure()) return ok;
+
+ // For the global object allocate a new map to invalidate the global inline
+ // caches which have a global property cell reference directly in the code.
+ if (IsGlobalObject()) {
+ Object* new_map = map()->CopyDropDescriptors();
+ if (new_map->IsFailure()) return new_map;
+ set_map(Map::cast(new_map));
+ }
+
+ // Update the dictionary with the new CALLBACKS property.
+ Object* result = SetNormalizedProperty(name, structure, details);
+ if (result->IsFailure()) return result;
+
+ if (convert_back_to_fast) {
+ ok = TransformToFastProperties(0);
+ if (ok->IsFailure()) return ok;
+ }
+ return result;
+}
+
Object* JSObject::DefineAccessor(String* name, bool is_getter, JSFunction* fun,
PropertyAttributes attributes) {
// Check access rights if needed.
if (IsAccessCheckNeeded() &&
- !Top::MayNamedAccess(this, name, v8::ACCESS_HAS)) {
- Top::ReportFailedAccessCheck(this, v8::ACCESS_HAS);
+ !Top::MayNamedAccess(this, name, v8::ACCESS_SET)) {
+ Top::ReportFailedAccessCheck(this, v8::ACCESS_SET);
return Heap::undefined_value();
}
@@ -2844,6 +2872,78 @@ Object* JSObject::DefineAccessor(String* name, bool is_getter, JSFunction* fun,
}
+Object* JSObject::DefineAccessor(AccessorInfo* info) {
+ String* name = String::cast(info->name());
+ // Check access rights if needed.
+ if (IsAccessCheckNeeded() &&
+ !Top::MayNamedAccess(this, name, v8::ACCESS_SET)) {
+ Top::ReportFailedAccessCheck(this, v8::ACCESS_SET);
+ return Heap::undefined_value();
+ }
+
+ if (IsJSGlobalProxy()) {
+ Object* proto = GetPrototype();
+ if (proto->IsNull()) return this;
+ ASSERT(proto->IsJSGlobalObject());
+ return JSObject::cast(proto)->DefineAccessor(info);
+ }
+
+ // Make sure that the top context does not change when doing callbacks or
+ // interceptor calls.
+ AssertNoContextChange ncc;
+
+ // Try to flatten before operating on the string.
+ name->TryFlatten();
+
+ if (!CanSetCallback(name)) {
+ return Heap::undefined_value();
+ }
+
+ uint32_t index = 0;
+ bool is_element = name->AsArrayIndex(&index);
+
+ if (is_element) {
+ if (IsJSArray()) return Heap::undefined_value();
+
+ // Accessors overwrite previous callbacks (cf. with getters/setters).
+ switch (GetElementsKind()) {
+ case FAST_ELEMENTS:
+ break;
+ case PIXEL_ELEMENTS:
+ case EXTERNAL_BYTE_ELEMENTS:
+ case EXTERNAL_UNSIGNED_BYTE_ELEMENTS:
+ case EXTERNAL_SHORT_ELEMENTS:
+ case EXTERNAL_UNSIGNED_SHORT_ELEMENTS:
+ case EXTERNAL_INT_ELEMENTS:
+ case EXTERNAL_UNSIGNED_INT_ELEMENTS:
+ case EXTERNAL_FLOAT_ELEMENTS:
+ // Ignore getters and setters on pixel and external array
+ // elements.
+ return Heap::undefined_value();
+ case DICTIONARY_ELEMENTS:
+ break;
+ default:
+ UNREACHABLE();
+ break;
+ }
+
+ SetElementCallback(index, info, info->property_attributes());
+ } else {
+ // Lookup the name.
+ LookupResult result;
+ LocalLookup(name, &result);
+ // ES5 forbids turning a property into an accessor if it's not
+ // configurable (that is IsDontDelete in ES3 and v8), see 8.6.1 (Table 5).
+ if (result.IsProperty() && (result.IsReadOnly() || result.IsDontDelete())) {
+ return Heap::undefined_value();
+ }
+ SetPropertyCallback(name, info, info->property_attributes());
+ }
+
+ return this;
+}
+
+
Object* JSObject::LookupAccessor(String* name, bool is_getter) {
// Make sure that the top context does not change when doing callbacks or
// interceptor calls.
@@ -2871,8 +2971,9 @@ Object* JSObject::LookupAccessor(String* name, bool is_getter) {
Object* element = dictionary->ValueAt(entry);
PropertyDetails details = dictionary->DetailsAt(entry);
if (details.type() == CALLBACKS) {
- // Only accessors allowed as elements.
- return FixedArray::cast(element)->get(accessor_index);
+ if (element->IsFixedArray()) {
+ return FixedArray::cast(element)->get(accessor_index);
+ }
}
}
}
@@ -5171,22 +5272,7 @@ void Code::CodeIterateBody(ObjectVisitor* v) {
RelocInfo::ModeMask(RelocInfo::RUNTIME_ENTRY);
for (RelocIterator it(this, mode_mask); !it.done(); it.next()) {
- RelocInfo::Mode rmode = it.rinfo()->rmode();
- if (rmode == RelocInfo::EMBEDDED_OBJECT) {
- v->VisitPointer(it.rinfo()->target_object_address());
- } else if (RelocInfo::IsCodeTarget(rmode)) {
- v->VisitCodeTarget(it.rinfo());
- } else if (rmode == RelocInfo::EXTERNAL_REFERENCE) {
- v->VisitExternalReference(it.rinfo()->target_reference_address());
-#ifdef ENABLE_DEBUGGER_SUPPORT
- } else if (Debug::has_break_points() &&
- RelocInfo::IsJSReturn(rmode) &&
- it.rinfo()->IsPatchedReturnSequence()) {
- v->VisitDebugTarget(it.rinfo());
-#endif
- } else if (rmode == RelocInfo::RUNTIME_ENTRY) {
- v->VisitRuntimeEntry(it.rinfo());
- }
+ it.rinfo()->Visit(v);
}
ScopeInfo<>::IterateScopeInfo(this, v);
@@ -5854,6 +5940,108 @@ Object* JSObject::SetElementWithInterceptor(uint32_t index, Object* value) {
}
+Object* JSObject::GetElementWithCallback(Object* receiver,
+ Object* structure,
+ uint32_t index,
+ Object* holder) {
+ ASSERT(!structure->IsProxy());
+
+ // api style callbacks.
+ if (structure->IsAccessorInfo()) {
+ AccessorInfo* data = AccessorInfo::cast(structure);
+ Object* fun_obj = data->getter();
+ v8::AccessorGetter call_fun = v8::ToCData<v8::AccessorGetter>(fun_obj);
+ HandleScope scope;
+ Handle<JSObject> self(JSObject::cast(receiver));
+ Handle<JSObject> holder_handle(JSObject::cast(holder));
+ Handle<Object> number = Factory::NewNumberFromUint(index);
+ Handle<String> key(Factory::NumberToString(number));
+ LOG(ApiNamedPropertyAccess("load", *self, *key));
+ CustomArguments args(data->data(), *self, *holder_handle);
+ v8::AccessorInfo info(args.end());
+ v8::Handle<v8::Value> result;
+ {
+ // Leaving JavaScript.
+ VMState state(EXTERNAL);
+ result = call_fun(v8::Utils::ToLocal(key), info);
+ }
+ RETURN_IF_SCHEDULED_EXCEPTION();
+ if (result.IsEmpty()) return Heap::undefined_value();
+ return *v8::Utils::OpenHandle(*result);
+ }
+
+ // __defineGetter__ callback
+ if (structure->IsFixedArray()) {
+ Object* getter = FixedArray::cast(structure)->get(kGetterIndex);
+ if (getter->IsJSFunction()) {
+ return Object::GetPropertyWithDefinedGetter(receiver,
+ JSFunction::cast(getter));
+ }
+ // Getter is not a function.
+ return Heap::undefined_value();
+ }
+
+ UNREACHABLE();
+ return NULL;
+}
+
+
+Object* JSObject::SetElementWithCallback(Object* structure,
+ uint32_t index,
+ Object* value,
+ JSObject* holder) {
+ HandleScope scope;
+
+ // We should never get here to initialize a const with the hole
+ // value since a const declaration would conflict with the setter.
+ ASSERT(!value->IsTheHole());
+ Handle<Object> value_handle(value);
+
+ // To accommodate both the old and the new api we switch on the
+ // data structure used to store the callbacks. Eventually proxy
+ // callbacks should be phased out.
+ ASSERT(!structure->IsProxy());
+
+ if (structure->IsAccessorInfo()) {
+ // api style callbacks
+ AccessorInfo* data = AccessorInfo::cast(structure);
+ Object* call_obj = data->setter();
+ v8::AccessorSetter call_fun = v8::ToCData<v8::AccessorSetter>(call_obj);
+ if (call_fun == NULL) return value;
+ Handle<Object> number = Factory::NewNumberFromUint(index);
+ Handle<String> key(Factory::NumberToString(number));
+ LOG(ApiNamedPropertyAccess("store", this, *key));
+ CustomArguments args(data->data(), this, JSObject::cast(holder));
+ v8::AccessorInfo info(args.end());
+ {
+ // Leaving JavaScript.
+ VMState state(EXTERNAL);
+ call_fun(v8::Utils::ToLocal(key),
+ v8::Utils::ToLocal(value_handle),
+ info);
+ }
+ RETURN_IF_SCHEDULED_EXCEPTION();
+ return *value_handle;
+ }
+
+ if (structure->IsFixedArray()) {
+ Object* setter = FixedArray::cast(structure)->get(kSetterIndex);
+ if (setter->IsJSFunction()) {
+ return SetPropertyWithDefinedSetter(JSFunction::cast(setter), value);
+ } else {
+ Handle<Object> holder_handle(holder);
+ Handle<Object> key(Factory::NewNumberFromUint(index));
+ Handle<Object> args[2] = { key, holder_handle };
+ return Top::Throw(*Factory::NewTypeError("no_setter_in_callback",
+ HandleVector(args, 2)));
+ }
+ }
+
+ UNREACHABLE();
+ return NULL;
+}
+
+
// Adding n elements in fast case is O(n*n).
// Note: revisit design to have dual undefined values to capture absent
// elements.
@@ -5864,9 +6052,8 @@ Object* JSObject::SetFastElement(uint32_t index, Object* value) {
uint32_t elms_length = static_cast<uint32_t>(elms->length());
if (!IsJSArray() && (index >= elms_length || elms->get(index)->IsTheHole())) {
- Object* setter = LookupCallbackSetterInPrototypes(index);
- if (setter->IsJSFunction()) {
- return SetPropertyWithDefinedSetter(JSFunction::cast(setter), value);
+ if (SetElementWithCallbackSetterInPrototypes(index, value)) {
+ return value;
}
}
@@ -5984,18 +6171,7 @@ Object* JSObject::SetElementWithoutInterceptor(uint32_t index, Object* value) {
Object* element = dictionary->ValueAt(entry);
PropertyDetails details = dictionary->DetailsAt(entry);
if (details.type() == CALLBACKS) {
- // Only accessors allowed as elements.
- FixedArray* structure = FixedArray::cast(element);
- if (structure->get(kSetterIndex)->IsJSFunction()) {
- JSFunction* setter = JSFunction::cast(structure->get(kSetterIndex));
- return SetPropertyWithDefinedSetter(setter, value);
- } else {
- Handle<Object> self(this);
- Handle<Object> key(Factory::NewNumberFromUint(index));
- Handle<Object> args[2] = { key, self };
- return Top::Throw(*Factory::NewTypeError("no_setter_in_callback",
- HandleVector(args, 2)));
- }
+ return SetElementWithCallback(element, index, value, this);
} else {
dictionary->UpdateMaxNumberKey(index);
dictionary->ValueAtPut(entry, value);
@@ -6003,10 +6179,8 @@ Object* JSObject::SetElementWithoutInterceptor(uint32_t index, Object* value) {
} else {
// Index not already used. Look for an accessor in the prototype chain.
if (!IsJSArray()) {
- Object* setter = LookupCallbackSetterInPrototypes(index);
- if (setter->IsJSFunction()) {
- return SetPropertyWithDefinedSetter(JSFunction::cast(setter),
- value);
+ if (SetElementWithCallbackSetterInPrototypes(index, value)) {
+ return value;
}
}
Object* result = dictionary->AtNumberPut(index, value);
@@ -6109,16 +6283,10 @@ Object* JSObject::GetElementPostInterceptor(JSObject* receiver,
Object* element = dictionary->ValueAt(entry);
PropertyDetails details = dictionary->DetailsAt(entry);
if (details.type() == CALLBACKS) {
- // Only accessors allowed as elements.
- FixedArray* structure = FixedArray::cast(element);
- Object* getter = structure->get(kGetterIndex);
- if (getter->IsJSFunction()) {
- return GetPropertyWithDefinedGetter(receiver,
- JSFunction::cast(getter));
- } else {
- // Getter is not a function.
- return Heap::undefined_value();
- }
+ return GetElementWithCallback(receiver,
+ element,
+ index,
+ this);
}
return element;
}
@@ -6266,16 +6434,10 @@ Object* JSObject::GetElementWithReceiver(JSObject* receiver, uint32_t index) {
Object* element = dictionary->ValueAt(entry);
PropertyDetails details = dictionary->DetailsAt(entry);
if (details.type() == CALLBACKS) {
- // Only accessors allowed as elements.
- FixedArray* structure = FixedArray::cast(element);
- Object* getter = structure->get(kGetterIndex);
- if (getter->IsJSFunction()) {
- return GetPropertyWithDefinedGetter(receiver,
- JSFunction::cast(getter));
- } else {
- // Getter is not a function.
- return Heap::undefined_value();
- }
+ return GetElementWithCallback(receiver,
+ element,
+ index,
+ this);
}
return element;
}
diff --git a/deps/v8/src/objects.h b/deps/v8/src/objects.h
index 7f9c2a03db..8e89e8f0f4 100644
--- a/deps/v8/src/objects.h
+++ b/deps/v8/src/objects.h
@@ -1248,6 +1248,8 @@ class JSObject: public HeapObject {
PropertyAttributes attributes);
Object* LookupAccessor(String* name, bool is_getter);
+ Object* DefineAccessor(AccessorInfo* info);
+
// Used from Object::GetProperty().
Object* GetPropertyWithFailedAccessCheck(Object* receiver,
LookupResult* result,
@@ -1370,7 +1372,7 @@ class JSObject: public HeapObject {
void LookupRealNamedProperty(String* name, LookupResult* result);
void LookupRealNamedPropertyInPrototypes(String* name, LookupResult* result);
void LookupCallbackSetterInPrototypes(String* name, LookupResult* result);
- Object* LookupCallbackSetterInPrototypes(uint32_t index);
+ bool SetElementWithCallbackSetterInPrototypes(uint32_t index, Object* value);
void LookupCallback(String* name, LookupResult* result);
// Returns the number of properties on this object filtering out properties
@@ -1539,6 +1541,14 @@ class JSObject: public HeapObject {
Object* GetElementWithInterceptor(JSObject* receiver, uint32_t index);
private:
+ Object* GetElementWithCallback(Object* receiver,
+ Object* structure,
+ uint32_t index,
+ Object* holder);
+ Object* SetElementWithCallback(Object* structure,
+ uint32_t index,
+ Object* value,
+ JSObject* holder);
Object* SetElementWithInterceptor(uint32_t index, Object* value);
Object* SetElementWithoutInterceptor(uint32_t index, Object* value);
@@ -1569,6 +1579,13 @@ class JSObject: public HeapObject {
// Returns true if most of the elements backing storage is used.
bool HasDenseElements();
+ bool CanSetCallback(String* name);
+ Object* SetElementCallback(uint32_t index,
+ Object* structure,
+ PropertyAttributes attributes);
+ Object* SetPropertyCallback(String* name,
+ Object* structure,
+ PropertyAttributes attributes);
Object* DefineGetterSetter(String* name, PropertyAttributes attributes);
void LookupInDescriptor(String* name, LookupResult* result);
diff --git a/deps/v8/src/parser.cc b/deps/v8/src/parser.cc
index c482fdf5f9..bbf71bcad4 100644
--- a/deps/v8/src/parser.cc
+++ b/deps/v8/src/parser.cc
@@ -5073,12 +5073,12 @@ ScriptDataImpl::~ScriptDataImpl() {
int ScriptDataImpl::Length() {
- return store_.length();
+ return store_.length() * sizeof(unsigned);
}
-unsigned* ScriptDataImpl::Data() {
- return store_.start();
+const char* ScriptDataImpl::Data() {
+ return reinterpret_cast<const char*>(store_.start());
}
diff --git a/deps/v8/src/parser.h b/deps/v8/src/parser.h
index 2e5daf961c..89966a6fef 100644
--- a/deps/v8/src/parser.h
+++ b/deps/v8/src/parser.h
@@ -90,7 +90,7 @@ class ScriptDataImpl : public ScriptData {
last_entry_(0) { }
virtual ~ScriptDataImpl();
virtual int Length();
- virtual unsigned* Data();
+ virtual const char* Data();
virtual bool HasError();
FunctionEntry GetFunctionEnd(int start);
bool SanityCheck();
diff --git a/deps/v8/src/platform-freebsd.cc b/deps/v8/src/platform-freebsd.cc
index b1075cf321..72fe088d8a 100644
--- a/deps/v8/src/platform-freebsd.cc
+++ b/deps/v8/src/platform-freebsd.cc
@@ -290,7 +290,7 @@ int OS::StackWalk(Vector<OS::StackFrame> frames) {
int frames_count = backtrace(addresses.start(), frames_size);
- char** symbols = backtrace_symbols(addresses, frames_count);
+ char** symbols = backtrace_symbols(addresses.start(), frames_count);
if (symbols == NULL) {
return kStackWalkError;
}
diff --git a/deps/v8/src/platform-linux.cc b/deps/v8/src/platform-linux.cc
index fca218fe9e..ff1ecb13ce 100644
--- a/deps/v8/src/platform-linux.cc
+++ b/deps/v8/src/platform-linux.cc
@@ -165,6 +165,28 @@ int OS::ActivationFrameAlignment() {
}
+#ifdef V8_TARGET_ARCH_ARM
+// 0xffff0fa0 is the hard coded address of a function provided by
+// the kernel which implements a memory barrier. On older
+// ARM architecture revisions (pre-v6) this may be implemented using
+// a syscall. This address is stable, and in active use (hard coded)
+// by at least glibc-2.7 and the Android C library.
+typedef void (*LinuxKernelMemoryBarrierFunc)(void);
+LinuxKernelMemoryBarrierFunc pLinuxKernelMemoryBarrier __attribute__((weak)) =
+ (LinuxKernelMemoryBarrierFunc) 0xffff0fa0;
+#endif
+
+void OS::ReleaseStore(volatile AtomicWord* ptr, AtomicWord value) {
+#if defined(V8_TARGET_ARCH_ARM) && defined(__arm__) // don't use on a simulator
+ pLinuxKernelMemoryBarrier();
+#else
+ __asm__ __volatile__("" : : : "memory");
+ // An x86 store acts as a release barrier.
+#endif
+ *ptr = value;
+}
+
+
const char* OS::LocalTimezone(double time) {
if (isnan(time)) return "";
time_t tv = static_cast<time_t>(floor(time/msPerSecond));
diff --git a/deps/v8/src/platform-macos.cc b/deps/v8/src/platform-macos.cc
index 23747c35f5..47193de7c4 100644
--- a/deps/v8/src/platform-macos.cc
+++ b/deps/v8/src/platform-macos.cc
@@ -39,6 +39,7 @@
#include <pthread.h>
#include <semaphore.h>
#include <signal.h>
+#include <libkern/OSAtomic.h>
#include <mach/mach.h>
#include <mach/semaphore.h>
#include <mach/task.h>
@@ -259,6 +260,12 @@ int OS::ActivationFrameAlignment() {
}
+void OS::ReleaseStore(volatile AtomicWord* ptr, AtomicWord value) {
+ OSMemoryBarrier();
+ *ptr = value;
+}
+
+
const char* OS::LocalTimezone(double time) {
if (isnan(time)) return "";
time_t tv = static_cast<time_t>(floor(time/msPerSecond));
diff --git a/deps/v8/src/platform-win32.cc b/deps/v8/src/platform-win32.cc
index bee517364a..e2d123cd1b 100644
--- a/deps/v8/src/platform-win32.cc
+++ b/deps/v8/src/platform-win32.cc
@@ -1340,6 +1340,12 @@ int OS::ActivationFrameAlignment() {
}
+void OS::ReleaseStore(volatile AtomicWord* ptr, AtomicWord value) {
+ MemoryBarrier();
+ *ptr = value;
+}
+
+
bool VirtualMemory::IsReserved() {
return address_ != NULL;
}
diff --git a/deps/v8/src/platform.h b/deps/v8/src/platform.h
index 606e5b46e6..d63ca5e617 100644
--- a/deps/v8/src/platform.h
+++ b/deps/v8/src/platform.h
@@ -277,6 +277,8 @@ class OS {
// the platform doesn't care. Guaranteed to be a power of two.
static int ActivationFrameAlignment();
+ static void ReleaseStore(volatile AtomicWord* ptr, AtomicWord value);
+
private:
static const int msPerSecond = 1000;
diff --git a/deps/v8/src/runtime.js b/deps/v8/src/runtime.js
index 8e3883f756..3e4d473c27 100644
--- a/deps/v8/src/runtime.js
+++ b/deps/v8/src/runtime.js
@@ -559,20 +559,15 @@ function ToInt32(x) {
// ES5, section 9.12
function SameValue(x, y) {
if (typeof x != typeof y) return false;
- if (IS_NULL_OR_UNDEFINED(x)) return true;
if (IS_NUMBER(x)) {
if (NUMBER_IS_NAN(x) && NUMBER_IS_NAN(y)) return true;
- // x is +0 and y is -0 or vice versa
- if (x === 0 && y === 0 && !%_IsSmi(x) && !%_IsSmi(y) &&
- ((1 / x < 0 && 1 / y > 0) || (1 / x > 0 && 1 / y < 0))) {
+ // x is +0 and y is -0 or vice versa.
+ if (x === 0 && y === 0 && (1 / x) != (1 / y)) {
return false;
}
- return x == y;
+ return x === y;
}
- if (IS_STRING(x)) return %StringEquals(x, y);
- if (IS_BOOLEAN(x))return %NumberEquals(%ToNumber(x),%ToNumber(y));
-
- return %_ObjectEquals(x, y);
+ return x === y
}
diff --git a/deps/v8/src/serialize.cc b/deps/v8/src/serialize.cc
index a3a2ba9bcb..06c6df724c 100644
--- a/deps/v8/src/serialize.cc
+++ b/deps/v8/src/serialize.cc
@@ -1299,7 +1299,7 @@ void Serializer::ObjectSerializer::VisitRuntimeEntry(RelocInfo* rinfo) {
}
sink_->Put(kExternalReference + representation, "ExternalReference");
sink_->PutInt(encoding, "reference id");
- bytes_processed_so_far_ += Assembler::kExternalTargetSize;
+ bytes_processed_so_far_ += rinfo->target_address_size();
}
@@ -1309,7 +1309,7 @@ void Serializer::ObjectSerializer::VisitCodeTarget(RelocInfo* rinfo) {
OutputRawData(target_start);
Code* target = Code::GetCodeFromTargetAddress(rinfo->target_address());
serializer_->SerializeObject(target, kFromCode, kFirstInstruction);
- bytes_processed_so_far_ += Assembler::kCallTargetSize;
+ bytes_processed_so_far_ += rinfo->target_address_size();
}
diff --git a/deps/v8/src/top.cc b/deps/v8/src/top.cc
index 87dc1f61ff..516ec67496 100644
--- a/deps/v8/src/top.cc
+++ b/deps/v8/src/top.cc
@@ -370,8 +370,7 @@ Local<StackTrace> Top::CaptureCurrentStackTrace(
v8::HandleScope scope;
// Ensure no negative values.
int limit = Max(frame_limit, 0);
- Handle<JSArray> stackTrace = Factory::NewJSArray(frame_limit);
- FixedArray* frames = FixedArray::cast(stackTrace->elements());
+ Handle<JSArray> stack_trace = Factory::NewJSArray(frame_limit);
Handle<String> column_key = Factory::LookupAsciiSymbol("column");
Handle<String> line_key = Factory::LookupAsciiSymbol("lineNumber");
@@ -438,13 +437,13 @@ Local<StackTrace> Top::CaptureCurrentStackTrace(
SetProperty(stackFrame, constructor_key, is_constructor, NONE);
}
- frames->set(frames_seen, *stackFrame);
+ FixedArray::cast(stack_trace->elements())->set(frames_seen, *stackFrame);
frames_seen++;
it.Advance();
}
- stackTrace->set_length(Smi::FromInt(frames_seen));
- return scope.Close(Utils::StackTraceToLocal(stackTrace));
+ stack_trace->set_length(Smi::FromInt(frames_seen));
+ return scope.Close(Utils::StackTraceToLocal(stack_trace));
}
diff --git a/deps/v8/src/unbound-queue-inl.h b/deps/v8/src/unbound-queue-inl.h
new file mode 100644
index 0000000000..ff5d833830
--- /dev/null
+++ b/deps/v8/src/unbound-queue-inl.h
@@ -0,0 +1,87 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#ifndef V8_UNBOUND_QUEUE_INL_H_
+#define V8_UNBOUND_QUEUE_INL_H_
+
+#include "unbound-queue.h"
+
+namespace v8 {
+namespace internal {
+
+template<typename Record>
+struct UnboundQueue<Record>::Node: public Malloced {
+ explicit Node(const Record& value)
+ : value(value), next(NULL) {
+ }
+
+ Record value;
+ Node* next;
+};
+
+
+template<typename Record>
+UnboundQueue<Record>::UnboundQueue() {
+ first_ = new Node(Record());
+ divider_ = last_ = reinterpret_cast<AtomicWord>(first_);
+}
+
+
+template<typename Record>
+UnboundQueue<Record>::~UnboundQueue() {
+ while (first_ != NULL) DeleteFirst();
+}
+
+
+template<typename Record>
+void UnboundQueue<Record>::DeleteFirst() {
+ Node* tmp = first_;
+ first_ = tmp->next;
+ delete tmp;
+}
+
+
+template<typename Record>
+void UnboundQueue<Record>::Dequeue(Record* rec) {
+ ASSERT(divider_ != last_);
+ Node* next = reinterpret_cast<Node*>(divider_)->next;
+ *rec = next->value;
+ OS::ReleaseStore(&divider_, reinterpret_cast<AtomicWord>(next));
+}
+
+
+template<typename Record>
+void UnboundQueue<Record>::Enqueue(const Record& rec) {
+ Node*& next = reinterpret_cast<Node*>(last_)->next;
+ next = new Node(rec);
+ OS::ReleaseStore(&last_, reinterpret_cast<AtomicWord>(next));
+ while (first_ != reinterpret_cast<Node*>(divider_)) DeleteFirst();
+}
+
+} } // namespace v8::internal
+
+#endif // V8_UNBOUND_QUEUE_INL_H_
diff --git a/deps/v8/src/unbound-queue.h b/deps/v8/src/unbound-queue.h
new file mode 100644
index 0000000000..7bc314bc7f
--- /dev/null
+++ b/deps/v8/src/unbound-queue.h
@@ -0,0 +1,66 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+#ifndef V8_UNBOUND_QUEUE_
+#define V8_UNBOUND_QUEUE_
+
+namespace v8 {
+namespace internal {
+
+
+// Lock-free unbound queue for small records. Intended for
+// transferring small records between a Single producer and a Single
+// consumer. Doesn't have restrictions on the number of queued
+// elements, so producer never blocks. Implemented after Herb
+// Sutter's article:
+// http://www.ddj.com/high-performance-computing/210604448
+template<typename Record>
+class UnboundQueue BASE_EMBEDDED {
+ public:
+ inline UnboundQueue();
+ inline ~UnboundQueue();
+
+ INLINE(void Dequeue(Record* rec));
+ INLINE(void Enqueue(const Record& rec));
+ INLINE(bool IsEmpty()) { return divider_ == last_; }
+
+ private:
+ INLINE(void DeleteFirst());
+
+ struct Node;
+
+ Node* first_;
+ AtomicWord divider_; // Node*
+ AtomicWord last_; // Node*
+
+ DISALLOW_COPY_AND_ASSIGN(UnboundQueue);
+};
+
+
+} } // namespace v8::internal
+
+#endif // V8_UNBOUND_QUEUE_
diff --git a/deps/v8/src/v8natives.js b/deps/v8/src/v8natives.js
index 531bd0ef31..ed392e2ed0 100644
--- a/deps/v8/src/v8natives.js
+++ b/deps/v8/src/v8natives.js
@@ -434,6 +434,11 @@ PropertyDescriptor.prototype.isWritable = function() {
}
+PropertyDescriptor.prototype.hasWritable = function() {
+ return this.hasWritable_;
+}
+
+
PropertyDescriptor.prototype.setConfigurable = function(configurable) {
this.configurable_ = configurable;
this.hasConfigurable_ = true;
@@ -537,6 +542,22 @@ function DefineOwnProperty(obj, p, desc, should_throw) {
throw MakeTypeError("define_disallowed", ["defineProperty"]);
if (!IS_UNDEFINED(current) && !current.isConfigurable()) {
+ // Step 5 and 6
+ if ((!desc.hasEnumerable() ||
+ SameValue(desc.isEnumerable() && current.isEnumerable())) &&
+ (!desc.hasConfigurable() ||
+ SameValue(desc.isConfigurable(), current.isConfigurable())) &&
+ (!desc.hasWritable() ||
+ SameValue(desc.isWritable(), current.isWritable())) &&
+ (!desc.hasValue() ||
+ SameValue(desc.getValue(), current.getValue())) &&
+ (!desc.hasGetter() ||
+ SameValue(desc.getGet(), current.getGet())) &&
+ (!desc.hasSetter() ||
+ SameValue(desc.getSet(), current.getSet()))) {
+ return true;
+ }
+
// Step 7
if (desc.isConfigurable() || desc.isEnumerable() != current.isEnumerable())
throw MakeTypeError("redefine_disallowed", ["defineProperty"]);
@@ -583,7 +604,13 @@ function DefineOwnProperty(obj, p, desc, should_throw) {
flag |= DONT_DELETE;
if (IsDataDescriptor(desc) || IsGenericDescriptor(desc)) {
- flag |= desc.isWritable() ? 0 : READ_ONLY;
+ if (desc.hasWritable()) {
+ flag |= desc.isWritable() ? 0 : READ_ONLY;
+ } else if (!IS_UNDEFINED(current)) {
+ flag |= current.isWritable() ? 0 : READ_ONLY;
+ } else {
+ flag |= READ_ONLY;
+ }
%DefineOrRedefineDataProperty(obj, p, desc.getValue(), flag);
} else {
if (desc.hasGetter() && IS_FUNCTION(desc.getGet())) {
@@ -673,8 +700,9 @@ function ObjectCreate(proto, properties) {
// ES5 section 15.2.3.6.
function ObjectDefineProperty(obj, p, attributes) {
if ((!IS_SPEC_OBJECT_OR_NULL(obj) || IS_NULL_OR_UNDEFINED(obj)) &&
- !IS_UNDETECTABLE(obj))
+ !IS_UNDETECTABLE(obj)) {
throw MakeTypeError("obj_ctor_property_non_object", ["defineProperty"]);
+ }
var name = ToString(p);
var desc = ToPropertyDescriptor(attributes);
DefineOwnProperty(obj, name, desc, true);
diff --git a/deps/v8/src/version.cc b/deps/v8/src/version.cc
index b05251f680..adeee595a3 100644
--- a/deps/v8/src/version.cc
+++ b/deps/v8/src/version.cc
@@ -34,7 +34,7 @@
// cannot be changed without changing the SCons build script.
#define MAJOR_VERSION 2
#define MINOR_VERSION 2
-#define BUILD_NUMBER 11
+#define BUILD_NUMBER 12
#define PATCH_LEVEL 0
#define CANDIDATE_VERSION false
diff --git a/deps/v8/src/x64/assembler-x64-inl.h b/deps/v8/src/x64/assembler-x64-inl.h
index be7cfe0169..4c69510cae 100644
--- a/deps/v8/src/x64/assembler-x64-inl.h
+++ b/deps/v8/src/x64/assembler-x64-inl.h
@@ -29,6 +29,7 @@
#define V8_X64_ASSEMBLER_X64_INL_H_
#include "cpu.h"
+#include "debug.h"
#include "memory.h"
namespace v8 {
@@ -229,6 +230,15 @@ Address RelocInfo::target_address_address() {
}
+int RelocInfo::target_address_size() {
+ if (IsCodedSpecially()) {
+ return Assembler::kCallTargetSize;
+ } else {
+ return Assembler::kExternalTargetSize;
+ }
+}
+
+
void RelocInfo::set_target_address(Address target) {
ASSERT(IsCodeTarget(rmode_) || rmode_ == RUNTIME_ENTRY);
if (IsCodeTarget(rmode_)) {
@@ -320,6 +330,27 @@ Object** RelocInfo::call_object_address() {
pc_ + Assembler::kPatchReturnSequenceAddressOffset);
}
+
+void RelocInfo::Visit(ObjectVisitor* visitor) {
+ RelocInfo::Mode mode = rmode();
+ if (mode == RelocInfo::EMBEDDED_OBJECT) {
+ visitor->VisitPointer(target_object_address());
+ } else if (RelocInfo::IsCodeTarget(mode)) {
+ visitor->VisitCodeTarget(this);
+ } else if (mode == RelocInfo::EXTERNAL_REFERENCE) {
+ visitor->VisitExternalReference(target_reference_address());
+#ifdef ENABLE_DEBUGGER_SUPPORT
+ } else if (Debug::has_break_points() &&
+ RelocInfo::IsJSReturn(mode) &&
+ IsPatchedReturnSequence()) {
+ visitor->VisitDebugTarget(this);
+#endif
+ } else if (mode == RelocInfo::RUNTIME_ENTRY) {
+ visitor->VisitRuntimeEntry(this);
+ }
+}
+
+
// -----------------------------------------------------------------------------
// Implementation of Operand
diff --git a/deps/v8/src/x64/assembler-x64.cc b/deps/v8/src/x64/assembler-x64.cc
index 3d03949f25..9f264964b9 100644
--- a/deps/v8/src/x64/assembler-x64.cc
+++ b/deps/v8/src/x64/assembler-x64.cc
@@ -239,6 +239,52 @@ Operand::Operand(Register index,
}
+Operand::Operand(const Operand& operand, int32_t offset) {
+ ASSERT(operand.len_ >= 1);
+ // Operand encodes REX ModR/M [SIB] [Disp].
+ byte modrm = operand.buf_[0];
+ ASSERT(modrm < 0xC0); // Disallow mode 3 (register target).
+ bool has_sib = ((modrm & 0x07) == 0x04);
+ byte mode = modrm & 0xC0;
+ int disp_offset = has_sib ? 2 : 1;
+ int base_reg = (has_sib ? operand.buf_[1] : modrm) & 0x07;
+ // Mode 0 with rbp/r13 as ModR/M or SIB base register always has a 32-bit
+ // displacement.
+ bool is_baseless = (mode == 0) && (base_reg == 0x05); // No base or RIP base.
+ int32_t disp_value = 0;
+ if (mode == 0x80 || is_baseless) {
+ // Mode 2 or mode 0 with rbp/r13 as base: Word displacement.
+ disp_value = *reinterpret_cast<const int32_t*>(&operand.buf_[disp_offset]);
+ } else if (mode == 0x40) {
+ // Mode 1: Byte displacement.
+ disp_value = static_cast<signed char>(operand.buf_[disp_offset]);
+ }
+
+ // Write new operand with same registers, but with modified displacement.
+ ASSERT(offset >= 0 ? disp_value + offset > disp_value
+ : disp_value + offset < disp_value); // No overflow.
+ disp_value += offset;
+ rex_ = operand.rex_;
+ if (!is_int8(disp_value) || is_baseless) {
+ // Need 32 bits of displacement, mode 2 or mode 1 with register rbp/r13.
+ buf_[0] = (modrm & 0x3f) | (is_baseless ? 0x00 : 0x80);
+ len_ = disp_offset + 4;
+ Memory::int32_at(&buf_[disp_offset]) = disp_value;
+ } else if (disp_value != 0 || (base_reg == 0x05)) {
+ // Need 8 bits of displacement.
+ buf_[0] = (modrm & 0x3f) | 0x40; // Mode 1.
+ len_ = disp_offset + 1;
+ buf_[disp_offset] = static_cast<byte>(disp_value);
+ } else {
+ // Need no displacement.
+ buf_[0] = (modrm & 0x3f); // Mode 0.
+ len_ = disp_offset;
+ }
+ if (has_sib) {
+ buf_[1] = operand.buf_[1];
+ }
+}
+
// -----------------------------------------------------------------------------
// Implementation of Assembler.
diff --git a/deps/v8/src/x64/assembler-x64.h b/deps/v8/src/x64/assembler-x64.h
index b55a7b7263..3db4d084e2 100644
--- a/deps/v8/src/x64/assembler-x64.h
+++ b/deps/v8/src/x64/assembler-x64.h
@@ -300,12 +300,16 @@ class Operand BASE_EMBEDDED {
ScaleFactor scale,
int32_t disp);
+ // Offset from existing memory operand.
+ // Offset is added to existing displacement as 32-bit signed values and
+ // this must not overflow.
+ Operand(const Operand& base, int32_t offset);
+
private:
byte rex_;
byte buf_[10];
// The number of bytes in buf_.
unsigned int len_;
- RelocInfo::Mode rmode_;
// Set the ModR/M byte without an encoded 'reg' register. The
// register is encoded later as part of the emit_operand operation.
diff --git a/deps/v8/src/x64/codegen-x64.cc b/deps/v8/src/x64/codegen-x64.cc
index 6f6670aa3b..767c33fe6d 100644
--- a/deps/v8/src/x64/codegen-x64.cc
+++ b/deps/v8/src/x64/codegen-x64.cc
@@ -603,9 +603,8 @@ class DeferredReferenceGetKeyedValue: public DeferredCode {
public:
explicit DeferredReferenceGetKeyedValue(Register dst,
Register receiver,
- Register key,
- bool is_global)
- : dst_(dst), receiver_(receiver), key_(key), is_global_(is_global) {
+ Register key)
+ : dst_(dst), receiver_(receiver), key_(key) {
set_comment("[ DeferredReferenceGetKeyedValue");
}
@@ -618,7 +617,6 @@ class DeferredReferenceGetKeyedValue: public DeferredCode {
Register dst_;
Register receiver_;
Register key_;
- bool is_global_;
};
@@ -633,10 +631,7 @@ void DeferredReferenceGetKeyedValue::Generate() {
// This means that we cannot allow test instructions after calls to
// KeyedLoadIC stubs in other places.
Handle<Code> ic(Builtins::builtin(Builtins::KeyedLoadIC_Initialize));
- RelocInfo::Mode mode = is_global_
- ? RelocInfo::CODE_TARGET_CONTEXT
- : RelocInfo::CODE_TARGET;
- __ Call(ic, mode);
+ __ Call(ic, RelocInfo::CODE_TARGET);
// The delta from the start of the map-compare instruction to the
// test instruction. We use masm_-> directly here instead of the __
// macro because the macro sometimes uses macro expansion to turn
@@ -5693,7 +5688,7 @@ void CodeGenerator::EmitDynamicLoadFromSlotFastCase(Slot* slot,
slow));
frame_->Push(&arguments);
frame_->Push(key_literal->handle());
- *result = EmitKeyedLoad(false);
+ *result = EmitKeyedLoad();
frame_->Drop(2); // Drop key and receiver.
done->Jump(result);
}
@@ -7188,8 +7183,89 @@ Result CodeGenerator::LikelySmiBinaryOperation(BinaryOperation* expr,
}
-Result CodeGenerator::EmitKeyedLoad(bool is_global) {
- Comment cmnt(masm_, "[ Load from keyed Property");
+Result CodeGenerator::EmitNamedLoad(Handle<String> name, bool is_contextual) {
+#ifdef DEBUG
+ int original_height = frame()->height();
+#endif
+ Result result;
+ // Do not inline the inobject property case for loads from the global
+ // object. Also do not inline for unoptimized code. This saves time
+ // in the code generator. Unoptimized code is toplevel code or code
+ // that is not in a loop.
+ if (is_contextual || scope()->is_global_scope() || loop_nesting() == 0) {
+ Comment cmnt(masm(), "[ Load from named Property");
+ frame()->Push(name);
+
+ RelocInfo::Mode mode = is_contextual
+ ? RelocInfo::CODE_TARGET_CONTEXT
+ : RelocInfo::CODE_TARGET;
+ result = frame()->CallLoadIC(mode);
+ // A test rax instruction following the call signals that the
+ // inobject property case was inlined. Ensure that there is not
+ // a test rax instruction here.
+ __ nop();
+ } else {
+ // Inline the inobject property case.
+ Comment cmnt(masm(), "[ Inlined named property load");
+ Result receiver = frame()->Pop();
+ receiver.ToRegister();
+ result = allocator()->Allocate();
+ ASSERT(result.is_valid());
+
+ // Cannot use r12 for receiver, because that changes
+ // the distance between a call and a fixup location,
+ // due to a special encoding of r12 as r/m in a ModR/M byte.
+ if (receiver.reg().is(r12)) {
+ frame()->Spill(receiver.reg()); // It will be overwritten with result.
+ // Swap receiver and value.
+ __ movq(result.reg(), receiver.reg());
+ Result temp = receiver;
+ receiver = result;
+ result = temp;
+ }
+
+ DeferredReferenceGetNamedValue* deferred =
+ new DeferredReferenceGetNamedValue(result.reg(), receiver.reg(), name);
+
+ // Check that the receiver is a heap object.
+ __ JumpIfSmi(receiver.reg(), deferred->entry_label());
+
+ __ bind(deferred->patch_site());
+ // This is the map check instruction that will be patched (so we can't
+ // use the double underscore macro that may insert instructions).
+ // Initially use an invalid map to force a failure.
+ masm()->Move(kScratchRegister, Factory::null_value());
+ masm()->cmpq(FieldOperand(receiver.reg(), HeapObject::kMapOffset),
+ kScratchRegister);
+ // This branch is always a forwards branch so it's always a fixed
+ // size which allows the assert below to succeed and patching to work.
+ // Don't use deferred->Branch(...), since that might add coverage code.
+ masm()->j(not_equal, deferred->entry_label());
+
+ // The delta from the patch label to the load offset must be
+ // statically known.
+ ASSERT(masm()->SizeOfCodeGeneratedSince(deferred->patch_site()) ==
+ LoadIC::kOffsetToLoadInstruction);
+ // The initial (invalid) offset has to be large enough to force
+ // a 32-bit instruction encoding to allow patching with an
+ // arbitrary offset. Use kMaxInt (minus kHeapObjectTag).
+ int offset = kMaxInt;
+ masm()->movq(result.reg(), FieldOperand(receiver.reg(), offset));
+
+ __ IncrementCounter(&Counters::named_load_inline, 1);
+ deferred->BindExit();
+ frame()->Push(&receiver);
+ }
+ ASSERT(frame()->height() == original_height);
+ return result;
+}
+
+
+Result CodeGenerator::EmitKeyedLoad() {
+#ifdef DEBUG
+ int original_height = frame()->height();
+#endif
+ Result result;
// Inline array load code if inside of a loop. We do not know
// the receiver map yet, so we initially generate the code with
// a check against an invalid map. In the inline cache code, we
@@ -7197,34 +7273,30 @@ Result CodeGenerator::EmitKeyedLoad(bool is_global) {
if (loop_nesting() > 0) {
Comment cmnt(masm_, "[ Inlined load from keyed Property");
- Result key = frame_->Pop();
- Result receiver = frame_->Pop();
- key.ToRegister();
- receiver.ToRegister();
-
// Use a fresh temporary to load the elements without destroying
// the receiver which is needed for the deferred slow case.
+ // Allocate the temporary early so that we use rax if it is free.
Result elements = allocator()->Allocate();
ASSERT(elements.is_valid());
- // Use a fresh temporary for the index and later the loaded
- // value.
+
+ Result key = frame_->Pop();
+ Result receiver = frame_->Pop();
+ key.ToRegister();
+ receiver.ToRegister();
+
+ // Use a fresh temporary for the index
Result index = allocator()->Allocate();
ASSERT(index.is_valid());
DeferredReferenceGetKeyedValue* deferred =
- new DeferredReferenceGetKeyedValue(index.reg(),
+ new DeferredReferenceGetKeyedValue(elements.reg(),
receiver.reg(),
- key.reg(),
- is_global);
+ key.reg());
- // Check that the receiver is not a smi (only needed if this
- // is not a load from the global context) and that it has the
- // expected map.
- if (!is_global) {
- __ JumpIfSmi(receiver.reg(), deferred->entry_label());
- }
+ __ JumpIfSmi(receiver.reg(), deferred->entry_label());
+ // Check that the receiver has the expected map.
// Initially, use an invalid map. The map is patched in the IC
// initialization code.
__ bind(deferred->patch_site());
@@ -7255,7 +7327,6 @@ Result CodeGenerator::EmitKeyedLoad(bool is_global) {
__ cmpl(index.reg(),
FieldOperand(elements.reg(), FixedArray::kLengthOffset));
deferred->Branch(above_equal);
-
// The index register holds the un-smi-tagged key. It has been
// zero-extended to 64-bits, so it can be used directly as index in the
// operand below.
@@ -7266,39 +7337,33 @@ Result CodeGenerator::EmitKeyedLoad(bool is_global) {
// heuristic about which register to reuse. For example, if
// one is rax, the we can reuse that one because the value
// coming from the deferred code will be in rax.
- Result value = index;
- __ movq(value.reg(),
+ __ movq(elements.reg(),
Operand(elements.reg(),
index.reg(),
times_pointer_size,
FixedArray::kHeaderSize - kHeapObjectTag));
+ result = elements;
elements.Unuse();
index.Unuse();
- __ CompareRoot(value.reg(), Heap::kTheHoleValueRootIndex);
+ __ CompareRoot(result.reg(), Heap::kTheHoleValueRootIndex);
deferred->Branch(equal);
__ IncrementCounter(&Counters::keyed_load_inline, 1);
deferred->BindExit();
- // Restore the receiver and key to the frame and push the
- // result on top of it.
frame_->Push(&receiver);
frame_->Push(&key);
- return value;
-
} else {
Comment cmnt(masm_, "[ Load from keyed Property");
- RelocInfo::Mode mode = is_global
- ? RelocInfo::CODE_TARGET_CONTEXT
- : RelocInfo::CODE_TARGET;
- Result answer = frame_->CallKeyedLoadIC(mode);
+ result = frame_->CallKeyedLoadIC(RelocInfo::CODE_TARGET);
// Make sure that we do not have a test instruction after the
// call. A test instruction after the call is used to
// indicate that we have generated an inline version of the
// keyed load. The explicit nop instruction is here because
// the push that follows might be peep-hole optimized away.
__ nop();
- return answer;
}
+ ASSERT(frame()->height() == original_height);
+ return result;
}
@@ -7341,6 +7406,7 @@ void Reference::GetValue() {
Slot* slot = expression_->AsVariableProxy()->AsVariable()->slot();
ASSERT(slot != NULL);
cgen_->LoadFromSlotCheckForArguments(slot, NOT_INSIDE_TYPEOF);
+ if (!persist_after_get_) set_unloaded();
break;
}
@@ -7348,101 +7414,29 @@ void Reference::GetValue() {
Variable* var = expression_->AsVariableProxy()->AsVariable();
bool is_global = var != NULL;
ASSERT(!is_global || var->is_global());
-
- // Do not inline the inobject property case for loads from the global
- // object. Also do not inline for unoptimized code. This saves time
- // in the code generator. Unoptimized code is toplevel code or code
- // that is not in a loop.
- if (is_global ||
- cgen_->scope()->is_global_scope() ||
- cgen_->loop_nesting() == 0) {
- Comment cmnt(masm, "[ Load from named Property");
- cgen_->frame()->Push(GetName());
-
- RelocInfo::Mode mode = is_global
- ? RelocInfo::CODE_TARGET_CONTEXT
- : RelocInfo::CODE_TARGET;
- Result answer = cgen_->frame()->CallLoadIC(mode);
- // A test rax instruction following the call signals that the
- // inobject property case was inlined. Ensure that there is not
- // a test rax instruction here.
- __ nop();
- cgen_->frame()->Push(&answer);
- } else {
- // Inline the inobject property case.
- Comment cmnt(masm, "[ Inlined named property load");
- Result receiver = cgen_->frame()->Pop();
- receiver.ToRegister();
- Result value = cgen_->allocator()->Allocate();
- ASSERT(value.is_valid());
- // Cannot use r12 for receiver, because that changes
- // the distance between a call and a fixup location,
- // due to a special encoding of r12 as r/m in a ModR/M byte.
- if (receiver.reg().is(r12)) {
- // Swap receiver and value.
- __ movq(value.reg(), receiver.reg());
- Result temp = receiver;
- receiver = value;
- value = temp;
- cgen_->frame()->Spill(value.reg()); // r12 may have been shared.
- }
-
- DeferredReferenceGetNamedValue* deferred =
- new DeferredReferenceGetNamedValue(value.reg(),
- receiver.reg(),
- GetName());
-
- // Check that the receiver is a heap object.
- __ JumpIfSmi(receiver.reg(), deferred->entry_label());
-
- __ bind(deferred->patch_site());
- // This is the map check instruction that will be patched (so we can't
- // use the double underscore macro that may insert instructions).
- // Initially use an invalid map to force a failure.
- masm->Move(kScratchRegister, Factory::null_value());
- masm->cmpq(FieldOperand(receiver.reg(), HeapObject::kMapOffset),
- kScratchRegister);
- // This branch is always a forwards branch so it's always a fixed
- // size which allows the assert below to succeed and patching to work.
- // Don't use deferred->Branch(...), since that might add coverage code.
- masm->j(not_equal, deferred->entry_label());
-
- // The delta from the patch label to the load offset must be
- // statically known.
- ASSERT(masm->SizeOfCodeGeneratedSince(deferred->patch_site()) ==
- LoadIC::kOffsetToLoadInstruction);
- // The initial (invalid) offset has to be large enough to force
- // a 32-bit instruction encoding to allow patching with an
- // arbitrary offset. Use kMaxInt (minus kHeapObjectTag).
- int offset = kMaxInt;
- masm->movq(value.reg(), FieldOperand(receiver.reg(), offset));
-
- __ IncrementCounter(&Counters::named_load_inline, 1);
- deferred->BindExit();
- cgen_->frame()->Push(&receiver);
- cgen_->frame()->Push(&value);
+ Result result = cgen_->EmitNamedLoad(GetName(), is_global);
+ cgen_->frame()->Push(&result);
+ if (!persist_after_get_) {
+ cgen_->UnloadReference(this);
}
break;
}
case KEYED: {
- Comment cmnt(masm, "[ Load from keyed Property");
- Variable* var = expression_->AsVariableProxy()->AsVariable();
- bool is_global = var != NULL;
- ASSERT(!is_global || var->is_global());
+ // A load of a bare identifier (load from global) cannot be keyed.
+ ASSERT(expression_->AsVariableProxy()->AsVariable() == NULL);
- Result value = cgen_->EmitKeyedLoad(is_global);
+ Result value = cgen_->EmitKeyedLoad();
cgen_->frame()->Push(&value);
+ if (!persist_after_get_) {
+ cgen_->UnloadReference(this);
+ }
break;
}
default:
UNREACHABLE();
}
-
- if (!persist_after_get_) {
- cgen_->UnloadReference(this);
- }
}
diff --git a/deps/v8/src/x64/codegen-x64.h b/deps/v8/src/x64/codegen-x64.h
index 01bbd20246..9d465839c0 100644
--- a/deps/v8/src/x64/codegen-x64.h
+++ b/deps/v8/src/x64/codegen-x64.h
@@ -449,10 +449,13 @@ class CodeGenerator: public AstVisitor {
// value in place.
void StoreToSlot(Slot* slot, InitState init_state);
+ // Receiver is passed on the frame and not consumed.
+ Result EmitNamedLoad(Handle<String> name, bool is_contextual);
+
// Load a property of an object, returning it in a Result.
// The object and the property name are passed on the stack, and
// not changed.
- Result EmitKeyedLoad(bool is_global);
+ Result EmitKeyedLoad();
// Special code for typeof expressions: Unfortunately, we must
// be careful when loading the expression in 'typeof'
diff --git a/deps/v8/src/x64/full-codegen-x64.cc b/deps/v8/src/x64/full-codegen-x64.cc
index 81424f6611..5bd09c2147 100644
--- a/deps/v8/src/x64/full-codegen-x64.cc
+++ b/deps/v8/src/x64/full-codegen-x64.cc
@@ -2217,7 +2217,7 @@ void FullCodeGenerator::EmitClassOf(ZoneList<Expression*>* args) {
// Check that the object is a JS object but take special care of JS
// functions to make sure they have 'Function' as their class.
- __ CmpObjectType(rax, FIRST_JS_OBJECT_TYPE, rax);
+ __ CmpObjectType(rax, FIRST_JS_OBJECT_TYPE, rax); // Map is now in rax.
__ j(below, &null);
// As long as JS_FUNCTION_TYPE is the last instance type and it is
diff --git a/deps/v8/src/x64/macro-assembler-x64.cc b/deps/v8/src/x64/macro-assembler-x64.cc
index 065b61693f..b7a6aaf9ef 100644
--- a/deps/v8/src/x64/macro-assembler-x64.cc
+++ b/deps/v8/src/x64/macro-assembler-x64.cc
@@ -603,7 +603,7 @@ void MacroAssembler::SmiCompare(Register dst, Smi* src) {
}
-void MacroAssembler::SmiCompare(Register dst, const Operand& src) {
+void MacroAssembler::SmiCompare(Register dst, const Operand& src) {
cmpq(dst, src);
}
@@ -614,13 +614,7 @@ void MacroAssembler::SmiCompare(const Operand& dst, Register src) {
void MacroAssembler::SmiCompare(const Operand& dst, Smi* src) {
- if (src->value() == 0) {
- // Only tagged long smi to have 32-bit representation.
- cmpq(dst, Immediate(0));
- } else {
- Move(kScratchRegister, src);
- cmpq(dst, kScratchRegister);
- }
+ cmpl(Operand(dst, kIntSize), Immediate(src->value()));
}
@@ -922,8 +916,7 @@ void MacroAssembler::SmiAddConstant(Register dst, Register src, Smi* constant) {
void MacroAssembler::SmiAddConstant(const Operand& dst, Smi* constant) {
if (constant->value() != 0) {
- Move(kScratchRegister, constant);
- addq(dst, kScratchRegister);
+ addl(Operand(dst, kIntSize), Immediate(constant->value()));
}
}
@@ -1607,13 +1600,7 @@ void MacroAssembler::Drop(int stack_elements) {
void MacroAssembler::Test(const Operand& src, Smi* source) {
- intptr_t smi = reinterpret_cast<intptr_t>(source);
- if (is_int32(smi)) {
- testl(src, Immediate(static_cast<int32_t>(smi)));
- } else {
- Move(kScratchRegister, source);
- testq(src, kScratchRegister);
- }
+ testl(Operand(src, kIntSize), Immediate(source->value()));
}
diff --git a/deps/v8/src/x64/stub-cache-x64.cc b/deps/v8/src/x64/stub-cache-x64.cc
index 25361b367f..8b095cbbe6 100644
--- a/deps/v8/src/x64/stub-cache-x64.cc
+++ b/deps/v8/src/x64/stub-cache-x64.cc
@@ -430,7 +430,7 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
Register holder,
Register scratch1,
Register scratch2,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
LookupResult* lookup,
String* name,
Label* miss_label) {
@@ -450,7 +450,8 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
}
if (!optimize) {
- CompileRegular(masm, receiver, holder, scratch2, holder_obj, miss_label);
+ CompileRegular(masm, receiver, holder, scratch2, interceptor_holder,
+ miss_label);
return;
}
@@ -463,12 +464,17 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
__ push(holder);
__ push(name_);
+ // Invoke an interceptor. Note: map checks from receiver to
+ // interceptor's holder has been compiled before (see a caller
+ // of this method.)
CompileCallLoadPropertyWithInterceptor(masm,
receiver,
holder,
name_,
- holder_obj);
+ interceptor_holder);
+ // Check if interceptor provided a value for property. If it's
+ // the case, return immediately.
Label interceptor_failed;
__ CompareRoot(rax, Heap::kNoInterceptorResultSentinelRootIndex);
__ j(equal, &interceptor_failed);
@@ -485,13 +491,17 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
__ LeaveInternalFrame();
if (lookup->type() == FIELD) {
- holder = stub_compiler->CheckPrototypes(holder_obj,
+ // We found FIELD property in prototype chain of interceptor's holder.
+ // Check that the maps from interceptor's holder to field's holder
+ // haven't changed...
+ holder = stub_compiler->CheckPrototypes(interceptor_holder,
holder,
lookup->holder(),
scratch1,
scratch2,
name,
miss_label);
+ // ... and retrieve a field from field's holder.
stub_compiler->GenerateFastPropertyLoad(masm,
rax,
holder,
@@ -499,37 +509,47 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
lookup->GetFieldIndex());
__ ret(0);
} else {
+ // We found CALLBACKS property in prototype chain of interceptor's
+ // holder.
ASSERT(lookup->type() == CALLBACKS);
ASSERT(lookup->GetCallbackObject()->IsAccessorInfo());
ASSERT(callback != NULL);
ASSERT(callback->getter() != NULL);
+ // Prepare for tail call. Push receiver to stack after return address.
Label cleanup;
- __ pop(scratch2);
+ __ pop(scratch2); // return address
__ push(receiver);
__ push(scratch2);
- holder = stub_compiler->CheckPrototypes(holder_obj, holder,
+ // Check that the maps from interceptor's holder to callback's holder
+ // haven't changed.
+ holder = stub_compiler->CheckPrototypes(interceptor_holder, holder,
lookup->holder(), scratch1,
scratch2,
name,
&cleanup);
- __ pop(scratch2); // save old return address
+ // Continue tail call preparation: push remaining parameters after
+ // return address.
+ __ pop(scratch2); // return address
__ push(holder);
__ Move(holder, Handle<AccessorInfo>(callback));
__ push(holder);
__ push(FieldOperand(holder, AccessorInfo::kDataOffset));
__ push(name_);
- __ push(scratch2); // restore old return address
+ __ push(scratch2); // restore return address
+ // Tail call to runtime.
ExternalReference ref =
ExternalReference(IC_Utility(IC::kLoadCallbackProperty));
__ TailCallExternalReference(ref, 5, 1);
+ // Clean up code: we pushed receiver after return address and
+ // need to remove it from there.
__ bind(&cleanup);
- __ pop(scratch1);
- __ pop(scratch2);
+ __ pop(scratch1); // return address
+ __ pop(scratch2); // receiver
__ push(scratch1);
}
}
@@ -539,10 +559,10 @@ class LoadInterceptorCompiler BASE_EMBEDDED {
Register receiver,
Register holder,
Register scratch,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
Label* miss_label) {
__ pop(scratch); // save old return address
- PushInterceptorArguments(masm, receiver, holder, name_, holder_obj);
+ PushInterceptorArguments(masm, receiver, holder, name_, interceptor_holder);
__ push(scratch); // restore old return address
ExternalReference ref = ExternalReference(
@@ -704,7 +724,7 @@ class CallInterceptorCompiler BASE_EMBEDDED {
Register receiver,
Register scratch1,
Register scratch2,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
LookupResult* lookup,
String* name,
const CallOptimization& optimization,
@@ -717,10 +737,13 @@ class CallInterceptorCompiler BASE_EMBEDDED {
bool can_do_fast_api_call = false;
if (optimization.is_simple_api_call() &&
!lookup->holder()->IsGlobalObject()) {
- depth1 = optimization.GetPrototypeDepthOfExpectedType(object, holder_obj);
+ depth1 =
+ optimization.GetPrototypeDepthOfExpectedType(object,
+ interceptor_holder);
if (depth1 == kInvalidProtoDepth) {
- depth2 = optimization.GetPrototypeDepthOfExpectedType(holder_obj,
- lookup->holder());
+ depth2 =
+ optimization.GetPrototypeDepthOfExpectedType(interceptor_holder,
+ lookup->holder());
}
can_do_fast_api_call = (depth1 != kInvalidProtoDepth) ||
(depth2 != kInvalidProtoDepth);
@@ -733,24 +756,32 @@ class CallInterceptorCompiler BASE_EMBEDDED {
ReserveSpaceForFastApiCall(masm, scratch1);
}
+ // Check that the maps from receiver to interceptor's holder
+ // haven't changed and thus we can invoke interceptor.
Label miss_cleanup;
Label* miss = can_do_fast_api_call ? &miss_cleanup : miss_label;
Register holder =
- stub_compiler_->CheckPrototypes(object, receiver, holder_obj,
+ stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
scratch1, scratch2, name,
depth1, miss);
+ // Invoke an interceptor and if it provides a value,
+ // branch to |regular_invoke|.
Label regular_invoke;
- LoadWithInterceptor(masm, receiver, holder, holder_obj, &regular_invoke);
+ LoadWithInterceptor(masm, receiver, holder, interceptor_holder,
+ &regular_invoke);
- // Generate code for the failed interceptor case.
+ // Interceptor returned nothing for this property. Try to use cached
+ // constant function.
- // Check the lookup is still valid.
- stub_compiler_->CheckPrototypes(holder_obj, receiver,
+ // Check that the maps from interceptor's holder to constant function's
+ // holder haven't changed and thus we can use cached constant function.
+ stub_compiler_->CheckPrototypes(interceptor_holder, receiver,
lookup->holder(),
scratch1, scratch2, name,
depth2, miss);
+ // Invoke function.
if (can_do_fast_api_call) {
GenerateFastApiCall(masm, optimization, arguments_.immediate());
} else {
@@ -758,12 +789,14 @@ class CallInterceptorCompiler BASE_EMBEDDED {
JUMP_FUNCTION);
}
+ // Deferred code for fast API call case---clean preallocated space.
if (can_do_fast_api_call) {
__ bind(&miss_cleanup);
FreeSpaceForFastApiCall(masm, scratch1);
__ jmp(miss_label);
}
+ // Invoke a regular function.
__ bind(&regular_invoke);
if (can_do_fast_api_call) {
FreeSpaceForFastApiCall(masm, scratch1);
@@ -776,10 +809,10 @@ class CallInterceptorCompiler BASE_EMBEDDED {
Register scratch1,
Register scratch2,
String* name,
- JSObject* holder_obj,
+ JSObject* interceptor_holder,
Label* miss_label) {
Register holder =
- stub_compiler_->CheckPrototypes(object, receiver, holder_obj,
+ stub_compiler_->CheckPrototypes(object, receiver, interceptor_holder,
scratch1, scratch2, name,
miss_label);
@@ -791,7 +824,7 @@ class CallInterceptorCompiler BASE_EMBEDDED {
receiver,
holder,
name_,
- holder_obj);
+ interceptor_holder);
__ CallExternalReference(
ExternalReference(IC_Utility(IC::kLoadPropertyWithInterceptorForCall)),
diff --git a/deps/v8/test/cctest/SConscript b/deps/v8/test/cctest/SConscript
index 2cf0b128ad..876c104bca 100644
--- a/deps/v8/test/cctest/SConscript
+++ b/deps/v8/test/cctest/SConscript
@@ -71,6 +71,7 @@ SOURCES = {
'test-strings.cc',
'test-threads.cc',
'test-thread-termination.cc',
+ 'test-unbound-queue.cc',
'test-utils.cc',
'test-version.cc'
],
diff --git a/deps/v8/test/cctest/test-api.cc b/deps/v8/test/cctest/test-api.cc
index ea9e6e122a..46eaccd539 100644
--- a/deps/v8/test/cctest/test-api.cc
+++ b/deps/v8/test/cctest/test-api.cc
@@ -76,6 +76,11 @@ static void ExpectBoolean(const char* code, bool expected) {
}
+static void ExpectTrue(const char* code) {
+ ExpectBoolean(code, true);
+}
+
+
static void ExpectObject(const char* code, Local<Value> expected) {
Local<Value> result = CompileRun(code);
CHECK(result->Equals(expected));
@@ -2506,7 +2511,7 @@ THREADED_TEST(DefinePropertyOnAPIAccessor) {
// Uses getOwnPropertyDescriptor to check the configurable status
Local<Script> script_desc
- = Script::Compile(v8_str("var prop =Object.getOwnPropertyDescriptor( "
+ = Script::Compile(v8_str("var prop = Object.getOwnPropertyDescriptor( "
"obj, 'x');"
"prop.configurable;"));
Local<Value> result = script_desc->Run();
@@ -2592,7 +2597,166 @@ THREADED_TEST(DefinePropertyOnDefineGetterSetter) {
}
+static v8::Handle<v8::Object> GetGlobalProperty(LocalContext* context,
+ char const* name) {
+ return v8::Handle<v8::Object>::Cast((*context)->Global()->Get(v8_str(name)));
+}
+
+
+THREADED_TEST(DefineAPIAccessorOnObject) {
+ v8::HandleScope scope;
+ Local<ObjectTemplate> templ = ObjectTemplate::New();
+ LocalContext context;
+
+ context->Global()->Set(v8_str("obj1"), templ->NewInstance());
+ CompileRun("var obj2 = {};");
+
+ CHECK(CompileRun("obj1.x")->IsUndefined());
+ CHECK(CompileRun("obj2.x")->IsUndefined());
+
+ CHECK(GetGlobalProperty(&context, "obj1")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+
+ ExpectString("obj1.x", "x");
+ CHECK(CompileRun("obj2.x")->IsUndefined());
+
+ CHECK(GetGlobalProperty(&context, "obj2")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+
+ ExpectString("obj1.x", "x");
+ ExpectString("obj2.x", "x");
+
+ ExpectTrue("Object.getOwnPropertyDescriptor(obj1, 'x').configurable");
+ ExpectTrue("Object.getOwnPropertyDescriptor(obj2, 'x').configurable");
+
+ CompileRun("Object.defineProperty(obj1, 'x',"
+ "{ get: function() { return 'y'; }, configurable: true })");
+
+ ExpectString("obj1.x", "y");
+ ExpectString("obj2.x", "x");
+
+ CompileRun("Object.defineProperty(obj2, 'x',"
+ "{ get: function() { return 'y'; }, configurable: true })");
+
+ ExpectString("obj1.x", "y");
+ ExpectString("obj2.x", "y");
+
+ ExpectTrue("Object.getOwnPropertyDescriptor(obj1, 'x').configurable");
+ ExpectTrue("Object.getOwnPropertyDescriptor(obj2, 'x').configurable");
+
+ CHECK(GetGlobalProperty(&context, "obj1")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+ CHECK(GetGlobalProperty(&context, "obj2")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+
+ ExpectString("obj1.x", "x");
+ ExpectString("obj2.x", "x");
+
+ ExpectTrue("Object.getOwnPropertyDescriptor(obj1, 'x').configurable");
+ ExpectTrue("Object.getOwnPropertyDescriptor(obj2, 'x').configurable");
+
+ // Define getters/setters, but now make them not configurable.
+ CompileRun("Object.defineProperty(obj1, 'x',"
+ "{ get: function() { return 'z'; }, configurable: false })");
+ CompileRun("Object.defineProperty(obj2, 'x',"
+ "{ get: function() { return 'z'; }, configurable: false })");
+
+ ExpectTrue("!Object.getOwnPropertyDescriptor(obj1, 'x').configurable");
+ ExpectTrue("!Object.getOwnPropertyDescriptor(obj2, 'x').configurable");
+
+ ExpectString("obj1.x", "z");
+ ExpectString("obj2.x", "z");
+
+ CHECK(!GetGlobalProperty(&context, "obj1")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+ CHECK(!GetGlobalProperty(&context, "obj2")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+
+ ExpectString("obj1.x", "z");
+ ExpectString("obj2.x", "z");
+}
+
+
+THREADED_TEST(DontDeleteAPIAccessorsCannotBeOverriden) {
+ v8::HandleScope scope;
+ Local<ObjectTemplate> templ = ObjectTemplate::New();
+ LocalContext context;
+
+ context->Global()->Set(v8_str("obj1"), templ->NewInstance());
+ CompileRun("var obj2 = {};");
+
+ CHECK(GetGlobalProperty(&context, "obj1")->SetAccessor(
+ v8_str("x"),
+ GetXValue, NULL,
+ v8_str("donut"), v8::DEFAULT, v8::DontDelete));
+ CHECK(GetGlobalProperty(&context, "obj2")->SetAccessor(
+ v8_str("x"),
+ GetXValue, NULL,
+ v8_str("donut"), v8::DEFAULT, v8::DontDelete));
+
+ ExpectString("obj1.x", "x");
+ ExpectString("obj2.x", "x");
+
+ ExpectTrue("!Object.getOwnPropertyDescriptor(obj1, 'x').configurable");
+ ExpectTrue("!Object.getOwnPropertyDescriptor(obj2, 'x').configurable");
+
+ CHECK(!GetGlobalProperty(&context, "obj1")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+ CHECK(!GetGlobalProperty(&context, "obj2")->
+ SetAccessor(v8_str("x"), GetXValue, NULL, v8_str("donut")));
+
+ {
+ v8::TryCatch try_catch;
+ CompileRun("Object.defineProperty(obj1, 'x',"
+ "{get: function() { return 'func'; }})");
+ CHECK(try_catch.HasCaught());
+ String::AsciiValue exception_value(try_catch.Exception());
+ CHECK_EQ(*exception_value,
+ "TypeError: Cannot redefine property: defineProperty");
+ }
+ {
+ v8::TryCatch try_catch;
+ CompileRun("Object.defineProperty(obj2, 'x',"
+ "{get: function() { return 'func'; }})");
+ CHECK(try_catch.HasCaught());
+ String::AsciiValue exception_value(try_catch.Exception());
+ CHECK_EQ(*exception_value,
+ "TypeError: Cannot redefine property: defineProperty");
+ }
+}
+
+
+static v8::Handle<Value> Get239Value(Local<String> name,
+ const AccessorInfo& info) {
+ ApiTestFuzzer::Fuzz();
+ CHECK_EQ(info.Data(), v8_str("donut"));
+ CHECK_EQ(name, v8_str("239"));
+ return name;
+}
+
+
+THREADED_TEST(ElementAPIAccessor) {
+ v8::HandleScope scope;
+ Local<ObjectTemplate> templ = ObjectTemplate::New();
+ LocalContext context;
+ context->Global()->Set(v8_str("obj1"), templ->NewInstance());
+ CompileRun("var obj2 = {};");
+
+ CHECK(GetGlobalProperty(&context, "obj1")->SetAccessor(
+ v8_str("239"),
+ Get239Value, NULL,
+ v8_str("donut")));
+ CHECK(GetGlobalProperty(&context, "obj2")->SetAccessor(
+ v8_str("239"),
+ Get239Value, NULL,
+ v8_str("donut")));
+
+ ExpectString("obj1[239]", "239");
+ ExpectString("obj2[239]", "239");
+ ExpectString("obj1['239']", "239");
+ ExpectString("obj2['239']", "239");
+}
v8::Persistent<Value> xValue;
@@ -8003,8 +8167,8 @@ TEST(PreCompile) {
// TODO(155): This test would break without the initialization of V8. This is
// a workaround for now to make this test not fail.
v8::V8::Initialize();
- const char *script = "function foo(a) { return a+1; }";
- v8::ScriptData *sd =
+ const char* script = "function foo(a) { return a+1; }";
+ v8::ScriptData* sd =
v8::ScriptData::PreCompile(script, i::StrLength(script));
CHECK_NE(sd->Length(), 0);
CHECK_NE(sd->Data(), NULL);
@@ -8015,8 +8179,8 @@ TEST(PreCompile) {
TEST(PreCompileWithError) {
v8::V8::Initialize();
- const char *script = "function foo(a) { return 1 * * 2; }";
- v8::ScriptData *sd =
+ const char* script = "function foo(a) { return 1 * * 2; }";
+ v8::ScriptData* sd =
v8::ScriptData::PreCompile(script, i::StrLength(script));
CHECK(sd->HasError());
delete sd;
@@ -8025,14 +8189,53 @@ TEST(PreCompileWithError) {
TEST(Regress31661) {
v8::V8::Initialize();
- const char *script = " The Definintive Guide";
- v8::ScriptData *sd =
+ const char* script = " The Definintive Guide";
+ v8::ScriptData* sd =
v8::ScriptData::PreCompile(script, i::StrLength(script));
CHECK(sd->HasError());
delete sd;
}
+// Tests that ScriptData can be serialized and deserialized.
+TEST(PreCompileSerialization) {
+ v8::V8::Initialize();
+ const char* script = "function foo(a) { return a+1; }";
+ v8::ScriptData* sd =
+ v8::ScriptData::PreCompile(script, i::StrLength(script));
+
+ // Serialize.
+ int serialized_data_length = sd->Length();
+ char* serialized_data = i::NewArray<char>(serialized_data_length);
+ memcpy(serialized_data, sd->Data(), serialized_data_length);
+
+ // Deserialize.
+ v8::ScriptData* deserialized_sd =
+ v8::ScriptData::New(serialized_data, serialized_data_length);
+
+ // Verify that the original is the same as the deserialized.
+ CHECK_EQ(sd->Length(), deserialized_sd->Length());
+ CHECK_EQ(0, memcmp(sd->Data(), deserialized_sd->Data(), sd->Length()));
+ CHECK_EQ(sd->HasError(), deserialized_sd->HasError());
+
+ delete sd;
+ delete deserialized_sd;
+}
+
+
+// Attempts to deserialize bad data.
+TEST(PreCompileDeserializationError) {
+ v8::V8::Initialize();
+ const char* data = "DONT CARE";
+ int invalid_size = 3;
+ v8::ScriptData* sd = v8::ScriptData::New(data, invalid_size);
+
+ CHECK_EQ(0, sd->Length());
+
+ delete sd;
+}
+
+
// This tests that we do not allow dictionary load/call inline caches
// to use functions that have not yet been compiled. The potential
// problem of loading a function that has not yet been compiled can
diff --git a/deps/v8/test/cctest/test-circular-queue.cc b/deps/v8/test/cctest/test-circular-queue.cc
index 3fa49bfaf3..ce9a42e81f 100644
--- a/deps/v8/test/cctest/test-circular-queue.cc
+++ b/deps/v8/test/cctest/test-circular-queue.cc
@@ -1,6 +1,6 @@
// Copyright 2010 the V8 project authors. All rights reserved.
//
-// Tests of circular queues.
+// Tests of the circular queue.
#include "v8.h"
#include "circular-queue-inl.h"
@@ -8,53 +8,9 @@
namespace i = v8::internal;
-using i::CircularQueue;
using i::SamplingCircularQueue;
-TEST(SingleRecordCircularQueue) {
- typedef int Record;
- CircularQueue<Record> cq(sizeof(Record) * 2);
- CHECK(cq.IsEmpty());
- cq.Enqueue(1);
- CHECK(!cq.IsEmpty());
- Record rec = 0;
- cq.Dequeue(&rec);
- CHECK_EQ(1, rec);
- CHECK(cq.IsEmpty());
-}
-
-
-TEST(MultipleRecordsCircularQueue) {
- typedef int Record;
- const int kQueueSize = 10;
- CircularQueue<Record> cq(sizeof(Record) * (kQueueSize + 1));
- CHECK(cq.IsEmpty());
- cq.Enqueue(1);
- CHECK(!cq.IsEmpty());
- for (int i = 2; i <= 5; ++i) {
- cq.Enqueue(i);
- CHECK(!cq.IsEmpty());
- }
- Record rec = 0;
- for (int i = 1; i <= 4; ++i) {
- CHECK(!cq.IsEmpty());
- cq.Dequeue(&rec);
- CHECK_EQ(i, rec);
- }
- for (int i = 6; i <= 12; ++i) {
- cq.Enqueue(i);
- CHECK(!cq.IsEmpty());
- }
- for (int i = 5; i <= 12; ++i) {
- CHECK(!cq.IsEmpty());
- cq.Dequeue(&rec);
- CHECK_EQ(i, rec);
- }
- CHECK(cq.IsEmpty());
-}
-
-
TEST(SamplingCircularQueue) {
typedef SamplingCircularQueue::Cell Record;
const int kRecordsPerChunk = 4;
diff --git a/deps/v8/test/cctest/test-log-stack-tracer.cc b/deps/v8/test/cctest/test-log-stack-tracer.cc
index 3fd5c69b1c..6da1a75972 100644
--- a/deps/v8/test/cctest/test-log-stack-tracer.cc
+++ b/deps/v8/test/cctest/test-log-stack-tracer.cc
@@ -273,12 +273,10 @@ static void CreateTraceCallerFunction(const char* func_name,
// StackTracer uses Top::c_entry_fp as a starting point for stack
// walking.
TEST(CFromJSStackTrace) {
-#if defined(V8_HOST_ARCH_IA32) || defined(V8_HOST_ARCH_X64)
// TODO(711) The hack of replacing the inline runtime function
// RandomHeapNumber with GetFrameNumber does not work with the way the full
// compiler generates inline runtime calls.
- i::FLAG_force_full_compiler = false;
-#endif
+ i::FLAG_always_full_compiler = false;
TickSample sample;
InitTraceEnv(&sample);
@@ -315,12 +313,10 @@ TEST(CFromJSStackTrace) {
// Top::c_entry_fp value. In this case, StackTracer uses passed frame
// pointer value as a starting point for stack walking.
TEST(PureJSStackTrace) {
-#if defined(V8_HOST_ARCH_IA32) || defined(V8_HOST_ARCH_X64)
// TODO(711) The hack of replacing the inline runtime function
// RandomHeapNumber with GetFrameNumber does not work with the way the full
// compiler generates inline runtime calls.
- i::FLAG_force_full_compiler = false;
-#endif
+ i::FLAG_always_full_compiler = false;
TickSample sample;
InitTraceEnv(&sample);
diff --git a/deps/v8/test/cctest/test-macro-assembler-x64.cc b/deps/v8/test/cctest/test-macro-assembler-x64.cc
index 8924ba7e64..dd97498611 100755
--- a/deps/v8/test/cctest/test-macro-assembler-x64.cc
+++ b/deps/v8/test/cctest/test-macro-assembler-x64.cc
@@ -61,6 +61,7 @@ using v8::internal::r12; // Remember: r12..r15 are callee save!
using v8::internal::r13;
using v8::internal::r14;
using v8::internal::r15;
+using v8::internal::times_pointer_size;
using v8::internal::FUNCTION_CAST;
using v8::internal::CodeDesc;
using v8::internal::less_equal;
@@ -75,6 +76,8 @@ using v8::internal::positive;
using v8::internal::Smi;
using v8::internal::kSmiTagMask;
using v8::internal::kSmiValueSize;
+using v8::internal::kPointerSize;
+using v8::internal::kIntSize;
// Test the x64 assembler by compiling some simple functions into
// a buffer and executing them. These tests do not initialize the
@@ -2053,4 +2056,358 @@ TEST(PositiveSmiTimesPowerOfTwoToInteger64) {
}
+TEST(OperandOffset) {
+ int data[256];
+ for (int i = 0; i < 256; i++) { data[i] = i * 0x01010101; }
+
+ // Allocate an executable page of memory.
+ size_t actual_size;
+ byte* buffer =
+ static_cast<byte*>(OS::Allocate(Assembler::kMinimalBufferSize * 2,
+ &actual_size,
+ true));
+ CHECK(buffer);
+ HandleScope handles;
+ MacroAssembler assembler(buffer, static_cast<int>(actual_size));
+
+ MacroAssembler* masm = &assembler;
+ masm->set_allow_stub_calls(false);
+ Label exit;
+
+ __ push(r12);
+ __ push(r13);
+ __ push(rbx);
+ __ push(rbp);
+ __ push(Immediate(0x100)); // <-- rbp
+ __ movq(rbp, rsp);
+ __ push(Immediate(0x101));
+ __ push(Immediate(0x102));
+ __ push(Immediate(0x103));
+ __ push(Immediate(0x104));
+ __ push(Immediate(0x105)); // <-- rbx
+ __ push(Immediate(0x106));
+ __ push(Immediate(0x107));
+ __ push(Immediate(0x108));
+ __ push(Immediate(0x109)); // <-- rsp
+ // rbp = rsp[9]
+ // r12 = rsp[3]
+ // rbx = rsp[5]
+ // r13 = rsp[7]
+ __ lea(r12, Operand(rsp, 3 * kPointerSize));
+ __ lea(r13, Operand(rbp, -3 * kPointerSize));
+ __ lea(rbx, Operand(rbp, -5 * kPointerSize));
+ __ movl(rcx, Immediate(2));
+ __ movq(r8, reinterpret_cast<uintptr_t>(&data[128]), RelocInfo::NONE);
+ __ movl(rax, Immediate(1));
+
+ Operand sp0 = Operand(rsp, 0);
+
+ // Test 1.
+ __ movl(rdx, sp0); // Sanity check.
+ __ cmpl(rdx, Immediate(0x109));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Test 2.
+ // Zero to non-zero displacement.
+ __ movl(rdx, Operand(sp0, 2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x107));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand sp2 = Operand(rsp, 2 * kPointerSize);
+
+ // Test 3.
+ __ movl(rdx, sp2); // Sanity check.
+ __ cmpl(rdx, Immediate(0x107));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(sp2, 2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x105));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Non-zero to zero displacement.
+ __ movl(rdx, Operand(sp2, -2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x109));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand sp2c2 = Operand(rsp, rcx, times_pointer_size, 2 * kPointerSize);
+
+ // Test 6.
+ __ movl(rdx, sp2c2); // Sanity check.
+ __ cmpl(rdx, Immediate(0x105));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(sp2c2, 2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x103));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Non-zero to zero displacement.
+ __ movl(rdx, Operand(sp2c2, -2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x107));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+
+ Operand bp0 = Operand(rbp, 0);
+
+ // Test 9.
+ __ movl(rdx, bp0); // Sanity check.
+ __ cmpl(rdx, Immediate(0x100));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Zero to non-zero displacement.
+ __ movl(rdx, Operand(bp0, -2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x102));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand bp2 = Operand(rbp, -2 * kPointerSize);
+
+ // Test 11.
+ __ movl(rdx, bp2); // Sanity check.
+ __ cmpl(rdx, Immediate(0x102));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Non-zero to zero displacement.
+ __ movl(rdx, Operand(bp2, 2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x100));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bp2, -2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x104));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand bp2c4 = Operand(rbp, rcx, times_pointer_size, -4 * kPointerSize);
+
+ // Test 14:
+ __ movl(rdx, bp2c4); // Sanity check.
+ __ cmpl(rdx, Immediate(0x102));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bp2c4, 2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x100));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bp2c4, -2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x104));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand bx0 = Operand(rbx, 0);
+
+ // Test 17.
+ __ movl(rdx, bx0); // Sanity check.
+ __ cmpl(rdx, Immediate(0x105));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bx0, 5 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x100));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bx0, -4 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x109));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand bx2 = Operand(rbx, 2 * kPointerSize);
+
+ // Test 20.
+ __ movl(rdx, bx2); // Sanity check.
+ __ cmpl(rdx, Immediate(0x103));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bx2, 2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x101));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Non-zero to zero displacement.
+ __ movl(rdx, Operand(bx2, -2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x105));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand bx2c2 = Operand(rbx, rcx, times_pointer_size, -2 * kPointerSize);
+
+ // Test 23.
+ __ movl(rdx, bx2c2); // Sanity check.
+ __ cmpl(rdx, Immediate(0x105));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bx2c2, 2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x103));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(bx2c2, -2 * kPointerSize));
+ __ cmpl(rdx, Immediate(0x107));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand r80 = Operand(r8, 0);
+
+ // Test 26.
+ __ movl(rdx, r80); // Sanity check.
+ __ cmpl(rdx, Immediate(0x80808080));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, -8 * kIntSize));
+ __ cmpl(rdx, Immediate(0x78787878));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, 8 * kIntSize));
+ __ cmpl(rdx, Immediate(0x88888888));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, -64 * kIntSize));
+ __ cmpl(rdx, Immediate(0x40404040));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, 64 * kIntSize));
+ __ cmpl(rdx, Immediate(0xC0C0C0C0));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ Operand r88 = Operand(r8, 8 * kIntSize);
+
+ // Test 31.
+ __ movl(rdx, r88); // Sanity check.
+ __ cmpl(rdx, Immediate(0x88888888));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r88, -8 * kIntSize));
+ __ cmpl(rdx, Immediate(0x80808080));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r88, 8 * kIntSize));
+ __ cmpl(rdx, Immediate(0x90909090));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r88, -64 * kIntSize));
+ __ cmpl(rdx, Immediate(0x48484848));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r88, 64 * kIntSize));
+ __ cmpl(rdx, Immediate(0xC8C8C8C8));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+
+ Operand r864 = Operand(r8, 64 * kIntSize);
+
+ // Test 36.
+ __ movl(rdx, r864); // Sanity check.
+ __ cmpl(rdx, Immediate(0xC0C0C0C0));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r864, -8 * kIntSize));
+ __ cmpl(rdx, Immediate(0xB8B8B8B8));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r864, 8 * kIntSize));
+ __ cmpl(rdx, Immediate(0xC8C8C8C8));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r864, -64 * kIntSize));
+ __ cmpl(rdx, Immediate(0x80808080));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r864, 32 * kIntSize));
+ __ cmpl(rdx, Immediate(0xE0E0E0E0));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // 32-bit offset to 8-bit offset.
+ __ movl(rdx, Operand(r864, -60 * kIntSize));
+ __ cmpl(rdx, Immediate(0x84848484));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r864, 60 * kIntSize));
+ __ cmpl(rdx, Immediate(0xFCFCFCFC));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Test unaligned offsets.
+
+ // Test 43.
+ __ movl(rdx, Operand(r80, 2));
+ __ cmpl(rdx, Immediate(0x81818080));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, -2));
+ __ cmpl(rdx, Immediate(0x80807F7F));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, 126));
+ __ cmpl(rdx, Immediate(0xA0A09F9F));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, -126));
+ __ cmpl(rdx, Immediate(0x61616060));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, 254));
+ __ cmpl(rdx, Immediate(0xC0C0BFBF));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ __ movl(rdx, Operand(r80, -254));
+ __ cmpl(rdx, Immediate(0x41414040));
+ __ j(not_equal, &exit);
+ __ incq(rax);
+
+ // Success.
+
+ __ movl(rax, Immediate(0));
+ __ bind(&exit);
+ __ lea(rsp, Operand(rbp, kPointerSize));
+ __ pop(rbp);
+ __ pop(rbx);
+ __ pop(r13);
+ __ pop(r12);
+ __ ret(0);
+
+
+ CodeDesc desc;
+ masm->GetCode(&desc);
+ // Call the function from C++.
+ int result = FUNCTION_CAST<F0>(buffer)();
+ CHECK_EQ(0, result);
+}
+
+
+
#undef __
diff --git a/deps/v8/test/cctest/test-thread-termination.cc b/deps/v8/test/cctest/test-thread-termination.cc
index 83a1e1917d..aed7466a09 100644
--- a/deps/v8/test/cctest/test-thread-termination.cc
+++ b/deps/v8/test/cctest/test-thread-termination.cc
@@ -308,3 +308,48 @@ TEST(TerminateLoadICException) {
v8::Script::Compile(source)->Run();
context.Dispose();
}
+
+v8::Handle<v8::Value> ReenterAfterTermination(const v8::Arguments& args) {
+ v8::TryCatch try_catch;
+ CHECK(!v8::V8::IsExecutionTerminating());
+ v8::Script::Compile(v8::String::New("function f() {"
+ " var term = true;"
+ " try {"
+ " while(true) {"
+ " if (term) terminate();"
+ " term = false;"
+ " }"
+ " fail();"
+ " } catch(e) {"
+ " fail();"
+ " }"
+ "}"
+ "f()"))->Run();
+ CHECK(try_catch.HasCaught());
+ CHECK(try_catch.Exception()->IsNull());
+ CHECK(try_catch.Message().IsEmpty());
+ CHECK(!try_catch.CanContinue());
+ CHECK(v8::V8::IsExecutionTerminating());
+ v8::Script::Compile(v8::String::New("function f() { fail(); } f()"))->Run();
+ return v8::Undefined();
+}
+
+// Test that reentry into V8 while the termination exception is still pending
+// (has not yet unwound the 0-level JS frame) does not crash.
+TEST(TerminateAndReenterFromThreadItself) {
+ v8::HandleScope scope;
+ v8::Handle<v8::ObjectTemplate> global =
+ CreateGlobalTemplate(TerminateCurrentThread, ReenterAfterTermination);
+ v8::Persistent<v8::Context> context = v8::Context::New(NULL, global);
+ v8::Context::Scope context_scope(context);
+ CHECK(!v8::V8::IsExecutionTerminating());
+ v8::Handle<v8::String> source =
+ v8::String::New("try { loop(); fail(); } catch(e) { fail(); }");
+ v8::Script::Compile(source)->Run();
+ CHECK(!v8::V8::IsExecutionTerminating());
+ // Check we can run JS again after termination.
+ CHECK(v8::Script::Compile(v8::String::New("function f() { return true; }"
+ "f()"))->Run()->IsTrue());
+ context.Dispose();
+}
+
diff --git a/deps/v8/test/cctest/test-unbound-queue.cc b/deps/v8/test/cctest/test-unbound-queue.cc
new file mode 100644
index 0000000000..df5509ef87
--- /dev/null
+++ b/deps/v8/test/cctest/test-unbound-queue.cc
@@ -0,0 +1,54 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+//
+// Tests of the unbound queue.
+
+#include "v8.h"
+#include "unbound-queue-inl.h"
+#include "cctest.h"
+
+namespace i = v8::internal;
+
+using i::UnboundQueue;
+
+
+TEST(SingleRecord) {
+ typedef int Record;
+ UnboundQueue<Record> cq;
+ CHECK(cq.IsEmpty());
+ cq.Enqueue(1);
+ CHECK(!cq.IsEmpty());
+ Record rec = 0;
+ cq.Dequeue(&rec);
+ CHECK_EQ(1, rec);
+ CHECK(cq.IsEmpty());
+}
+
+
+TEST(MultipleRecords) {
+ typedef int Record;
+ UnboundQueue<Record> cq;
+ CHECK(cq.IsEmpty());
+ cq.Enqueue(1);
+ CHECK(!cq.IsEmpty());
+ for (int i = 2; i <= 5; ++i) {
+ cq.Enqueue(i);
+ CHECK(!cq.IsEmpty());
+ }
+ Record rec = 0;
+ for (int i = 1; i <= 4; ++i) {
+ CHECK(!cq.IsEmpty());
+ cq.Dequeue(&rec);
+ CHECK_EQ(i, rec);
+ }
+ for (int i = 6; i <= 12; ++i) {
+ cq.Enqueue(i);
+ CHECK(!cq.IsEmpty());
+ }
+ for (int i = 5; i <= 12; ++i) {
+ CHECK(!cq.IsEmpty());
+ cq.Dequeue(&rec);
+ CHECK_EQ(i, rec);
+ }
+ CHECK(cq.IsEmpty());
+}
+
diff --git a/deps/v8/test/mjsunit/object-define-property.js b/deps/v8/test/mjsunit/object-define-property.js
index 43b1c7f09d..46bfb34c93 100644
--- a/deps/v8/test/mjsunit/object-define-property.js
+++ b/deps/v8/test/mjsunit/object-define-property.js
@@ -53,36 +53,46 @@ try {
assertTrue(/called on non-object/.test(e));
}
-// Object
+// Object.
var obj1 = {};
-// Values
+// Values.
var val1 = 0;
var val2 = 0;
var val3 = 0;
-// Descriptors
+function setter1() {val1++; }
+function getter1() {return val1; }
+
+function setter2() {val2++; }
+function getter2() {return val2; }
+
+function setter3() {val3++; }
+function getter3() {return val3; }
+
+
+// Descriptors.
var emptyDesc = {};
var accessorConfigurable = {
- set: function() { val1++; },
- get: function() { return val1; },
+ set: setter1,
+ get: getter1,
configurable: true
};
var accessorNoConfigurable = {
- set: function() { val2++; },
- get: function() { return val2; },
+ set: setter2,
+ get: getter2,
configurable: false
};
var accessorOnlySet = {
- set: function() { val3++; },
+ set: setter3,
configurable: true
};
var accessorOnlyGet = {
- get: function() { return val3; },
+ get: getter3,
configurable: true
};
@@ -200,7 +210,7 @@ assertEquals(2, val1);
assertEquals(4, val2);
assertEquals(4, obj1.bar);
-// Define an accessor that has only a setter
+// Define an accessor that has only a setter.
Object.defineProperty(obj1, "setOnly", accessorOnlySet);
desc = Object.getOwnPropertyDescriptor(obj1, "setOnly");
assertTrue(desc.configurable);
@@ -212,7 +222,7 @@ assertEquals(desc.get, undefined);
assertEquals(1, obj1.setOnly = 1);
assertEquals(1, val3);
-// Add a getter - should not touch the setter
+// Add a getter - should not touch the setter.
Object.defineProperty(obj1, "setOnly", accessorOnlyGet);
desc = Object.getOwnPropertyDescriptor(obj1, "setOnly");
assertTrue(desc.configurable);
@@ -256,7 +266,7 @@ obj1.foobar = 1001;
assertEquals(obj1.foobar, 1000);
-// Redefine to writable descriptor - now writing to foobar should be allowed
+// Redefine to writable descriptor - now writing to foobar should be allowed.
Object.defineProperty(obj1, "foobar", dataWritable);
desc = Object.getOwnPropertyDescriptor(obj1, "foobar");
assertEquals(obj1.foobar, 3000);
@@ -279,7 +289,7 @@ desc = Object.getOwnPropertyDescriptor(obj1, "foobar");
assertEquals(obj1.foobar, 2000);
assertEquals(desc.value, 2000);
assertFalse(desc.configurable);
-assertFalse(desc.writable);
+assertTrue(desc.writable);
assertFalse(desc.enumerable);
assertEquals(desc.get, undefined);
assertEquals(desc.set, undefined);
@@ -307,7 +317,7 @@ desc = Object.getOwnPropertyDescriptor(obj1, "foobar");
assertEquals(obj1.foobar, 2000);
assertEquals(desc.value, 2000);
assertFalse(desc.configurable);
-assertFalse(desc.writable);
+assertTrue(desc.writable);
assertFalse(desc.enumerable);
assertEquals(desc.get, undefined);
assertEquals(desc.set, undefined);
@@ -375,7 +385,7 @@ assertEquals(desc.set, undefined);
// Redefinition of an accessor defined using __defineGetter__ and
-// __defineSetter__
+// __defineSetter__.
function get(){return this.x}
function set(x){this.x=x};
@@ -442,7 +452,7 @@ assertEquals(1, obj4.bar = 1);
assertEquals(5, val1);
assertEquals(5, obj4.bar);
-// Make sure an error is thrown when trying to access to redefined function
+// Make sure an error is thrown when trying to access to redefined function.
try {
obj4.bar();
assertTrue(false);
@@ -453,7 +463,7 @@ try {
// Test runtime calls to DefineOrRedefineDataProperty and
// DefineOrRedefineAccessorProperty - make sure we don't
-// crash
+// crash.
try {
%DefineOrRedefineAccessorProperty(0, 0, 0, 0, 0);
} catch (e) {
@@ -497,3 +507,210 @@ try {
} catch (e) {
assertTrue(/illegal access/.test(e));
}
+
+// Test that all possible differences in step 6 in DefineOwnProperty are
+// exercised, i.e., any difference in the given property descriptor and the
+// existing properties should not return true, but throw an error if the
+// existing configurable property is false.
+
+var obj5 = {};
+// Enumerable will default to false.
+Object.defineProperty(obj5, 'foo', accessorNoConfigurable);
+desc = Object.getOwnPropertyDescriptor(obj5, 'foo');
+// First, test that we are actually allowed to set the accessor if all
+// values are of the descriptor are the same as the existing one.
+Object.defineProperty(obj5, 'foo', accessorNoConfigurable);
+
+// Different setter.
+var descDifferent = {
+ configurable:false,
+ enumerable:false,
+ set: setter1,
+ get: getter2
+};
+
+try {
+ Object.defineProperty(obj5, 'foo', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+// Different getter.
+descDifferent = {
+ configurable:false,
+ enumerable:false,
+ set: setter2,
+ get: getter1
+};
+
+try {
+ Object.defineProperty(obj5, 'foo', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+// Different enumerable.
+descDifferent = {
+ configurable:false,
+ enumerable:true,
+ set: setter2,
+ get: getter2
+};
+
+try {
+ Object.defineProperty(obj5, 'foo', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+// Different configurable.
+descDifferent = {
+ configurable:false,
+ enumerable:true,
+ set: setter2,
+ get: getter2
+};
+
+try {
+ Object.defineProperty(obj5, 'foo', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+// No difference.
+descDifferent = {
+ configurable:false,
+ enumerable:false,
+ set: setter2,
+ get: getter2
+};
+// Make sure we can still redefine if all properties are the same.
+Object.defineProperty(obj5, 'foo', descDifferent);
+
+// Make sure that obj5 still holds the original values.
+desc = Object.getOwnPropertyDescriptor(obj5, 'foo');
+assertEquals(desc.get, getter2);
+assertEquals(desc.set, setter2);
+assertFalse(desc.enumerable);
+assertFalse(desc.configurable);
+
+
+// Also exercise step 6 on data property, writable and enumerable
+// defaults to false.
+Object.defineProperty(obj5, 'bar', dataNoConfigurable);
+
+// Test that redefinition with the same property descriptor is possible
+Object.defineProperty(obj5, 'bar', dataNoConfigurable);
+
+// Different value.
+descDifferent = {
+ configurable:false,
+ enumerable:false,
+ writable: false,
+ value: 1999
+};
+
+try {
+ Object.defineProperty(obj5, 'bar', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+// Different writable.
+descDifferent = {
+ configurable:false,
+ enumerable:false,
+ writable: true,
+ value: 2000
+};
+
+try {
+ Object.defineProperty(obj5, 'bar', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+
+// Different enumerable.
+descDifferent = {
+ configurable:false,
+ enumerable:true ,
+ writable:false,
+ value: 2000
+};
+
+try {
+ Object.defineProperty(obj5, 'bar', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+
+// Different configurable.
+descDifferent = {
+ configurable:true,
+ enumerable:false,
+ writable:false,
+ value: 2000
+};
+
+try {
+ Object.defineProperty(obj5, 'bar', descDifferent);
+ assertTrue(false);
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+// No difference.
+descDifferent = {
+ configurable:false,
+ enumerable:false,
+ writable:false,
+ value:2000
+};
+// Make sure we can still redefine if all properties are the same.
+Object.defineProperty(obj5, 'bar', descDifferent);
+
+// Make sure that obj5 still holds the original values.
+desc = Object.getOwnPropertyDescriptor(obj5, 'bar');
+assertEquals(desc.value, 2000);
+assertFalse(desc.writable);
+assertFalse(desc.enumerable);
+assertFalse(desc.configurable);
+
+
+// Make sure that we can't overwrite +0 with -0 and vice versa.
+var descMinusZero = {value: -0, configurable: false};
+var descPlusZero = {value: +0, configurable: false};
+
+Object.defineProperty(obj5, 'minuszero', descMinusZero);
+
+// Make sure we can redefine with -0.
+Object.defineProperty(obj5, 'minuszero', descMinusZero);
+
+try {
+ Object.defineProperty(obj5, 'minuszero', descPlusZero);
+ assertUnreachable();
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
+
+
+Object.defineProperty(obj5, 'pluszero', descPlusZero);
+
+// Make sure we can redefine with +0.
+Object.defineProperty(obj5, 'pluszero', descPlusZero);
+
+try {
+ Object.defineProperty(obj5, 'pluszero', descMinusZero);
+ assertUnreachable();
+} catch (e) {
+ assertTrue(/Cannot redefine property/.test(e));
+}
diff --git a/deps/v8/test/mjsunit/regress/regress-712.js b/deps/v8/test/mjsunit/regress/regress-712.js
new file mode 100644
index 0000000000..b26b94a607
--- /dev/null
+++ b/deps/v8/test/mjsunit/regress/regress-712.js
@@ -0,0 +1,38 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// This regression test is used to ensure that Object.defineProperty
+// can't be called with an empty property descriptor on a non-configurable
+// existing property and override the existing property.
+// See: http://code.google.com/p/v8/issues/detail?id=712
+
+var obj = {};
+Object.defineProperty(obj, "x", { get: function() { return "42"; },
+ configurable: false });
+assertEquals(obj.x, "42");
+Object.defineProperty(obj, 'x', {});
+assertEquals(obj.x, "42");
diff --git a/deps/v8/test/mjsunit/regress/regress-720.js b/deps/v8/test/mjsunit/regress/regress-720.js
new file mode 100644
index 0000000000..97e1284e09
--- /dev/null
+++ b/deps/v8/test/mjsunit/regress/regress-720.js
@@ -0,0 +1,36 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// This regression test is used to ensure that Object.defineProperty
+// keeps the existing value of the writable flag if none is given
+// in the provided descriptor.
+// See: http://code.google.com/p/v8/issues/detail?id=720
+
+var o = {x: 10};
+Object.defineProperty(o, "x", {value: 5});
+var desc = Object.getOwnPropertyDescriptor(o, "x");
+assertTrue(desc["writable"]);
diff --git a/deps/v8/test/mjsunit/samevalue.js b/deps/v8/test/mjsunit/samevalue.js
new file mode 100644
index 0000000000..6cb35e6e58
--- /dev/null
+++ b/deps/v8/test/mjsunit/samevalue.js
@@ -0,0 +1,102 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+// Flags: --expose-natives_as natives
+// Test the SameValue internal method.
+
+var obj1 = {x: 10, y: 11, z: "test"};
+var obj2 = {x: 10, y: 11, z: "test"};
+
+assertTrue(natives.SameValue(0, 0));
+assertTrue(natives.SameValue(+0, +0));
+assertTrue(natives.SameValue(-0, -0));
+assertTrue(natives.SameValue(1, 1));
+assertTrue(natives.SameValue(2, 2));
+assertTrue(natives.SameValue(-1, -1));
+assertTrue(natives.SameValue(0.5, 0.5));
+assertTrue(natives.SameValue(true, true));
+assertTrue(natives.SameValue(false, false));
+assertTrue(natives.SameValue(NaN, NaN));
+assertTrue(natives.SameValue(null, null));
+assertTrue(natives.SameValue("foo", "foo"));
+assertTrue(natives.SameValue(obj1, obj1));
+// Undefined values.
+assertTrue(natives.SameValue());
+assertTrue(natives.SameValue(undefined, undefined));
+
+assertFalse(natives.SameValue(0,1));
+assertFalse(natives.SameValue("foo", "bar"));
+assertFalse(natives.SameValue(obj1, obj2));
+assertFalse(natives.SameValue(true, false));
+
+assertFalse(natives.SameValue(obj1, true));
+assertFalse(natives.SameValue(obj1, "foo"));
+assertFalse(natives.SameValue(obj1, 1));
+assertFalse(natives.SameValue(obj1, undefined));
+assertFalse(natives.SameValue(obj1, NaN));
+
+assertFalse(natives.SameValue(undefined, true));
+assertFalse(natives.SameValue(undefined, "foo"));
+assertFalse(natives.SameValue(undefined, 1));
+assertFalse(natives.SameValue(undefined, obj1));
+assertFalse(natives.SameValue(undefined, NaN));
+
+assertFalse(natives.SameValue(NaN, true));
+assertFalse(natives.SameValue(NaN, "foo"));
+assertFalse(natives.SameValue(NaN, 1));
+assertFalse(natives.SameValue(NaN, obj1));
+assertFalse(natives.SameValue(NaN, undefined));
+
+assertFalse(natives.SameValue("foo", true));
+assertFalse(natives.SameValue("foo", 1));
+assertFalse(natives.SameValue("foo", obj1));
+assertFalse(natives.SameValue("foo", undefined));
+assertFalse(natives.SameValue("foo", NaN));
+
+assertFalse(natives.SameValue(true, 1));
+assertFalse(natives.SameValue(true, obj1));
+assertFalse(natives.SameValue(true, undefined));
+assertFalse(natives.SameValue(true, NaN));
+assertFalse(natives.SameValue(true, "foo"));
+
+assertFalse(natives.SameValue(1, true));
+assertFalse(natives.SameValue(1, obj1));
+assertFalse(natives.SameValue(1, undefined));
+assertFalse(natives.SameValue(1, NaN));
+assertFalse(natives.SameValue(1, "foo"));
+
+// Special string cases.
+assertFalse(natives.SameValue("1", 1));
+assertFalse(natives.SameValue("true", true));
+assertFalse(natives.SameValue("false", false));
+assertFalse(natives.SameValue("undefined", undefined));
+assertFalse(natives.SameValue("NaN", NaN));
+
+// -0 and +0 are should be different
+assertFalse(natives.SameValue(+0, -0));
+assertFalse(natives.SameValue(-0, +0));
diff --git a/deps/v8/tools/gyp/v8.gyp b/deps/v8/tools/gyp/v8.gyp
index 5985b9fd14..a92576e8d3 100644
--- a/deps/v8/tools/gyp/v8.gyp
+++ b/deps/v8/tools/gyp/v8.gyp
@@ -412,6 +412,8 @@
'../../src/top.h',
'../../src/type-info.cc',
'../../src/type-info.h',
+ '../../src/unbound-queue-inl.h',
+ '../../src/unbound-queue.h',
'../../src/unicode-inl.h',
'../../src/unicode.cc',
'../../src/unicode.h',
diff --git a/deps/v8/tools/v8.xcodeproj/project.pbxproj b/deps/v8/tools/v8.xcodeproj/project.pbxproj
index 46aba8d478..48d63b7a2b 100644
--- a/deps/v8/tools/v8.xcodeproj/project.pbxproj
+++ b/deps/v8/tools/v8.xcodeproj/project.pbxproj
@@ -627,6 +627,8 @@
9FBE03E410BD412600F8BFBA /* fast-codegen-arm.cc */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = "fast-codegen-arm.cc"; path = "arm/fast-codegen-arm.cc"; sourceTree = "<group>"; };
9FC86ABB0F5FEDAC00F22668 /* oprofile-agent.cc */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = "oprofile-agent.cc"; sourceTree = "<group>"; };
9FC86ABC0F5FEDAC00F22668 /* oprofile-agent.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "oprofile-agent.h"; sourceTree = "<group>"; };
+ 9FF7A28211A642EA0051B8F2 /* unbound-queue-inl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "unbound-queue-inl.h"; sourceTree = "<group>"; };
+ 9FF7A28311A642EA0051B8F2 /* unbound-queue.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "unbound-queue.h"; sourceTree = "<group>"; };
/* End PBXFileReference section */
/* Begin PBXFrameworksBuildPhase section */
@@ -970,6 +972,8 @@
897FF1910E719B8F00D62E90 /* top.h */,
9FA38BAE1175B2D200C4CD55 /* type-info.cc */,
9FA38BAF1175B2D200C4CD55 /* type-info.h */,
+ 9FF7A28211A642EA0051B8F2 /* unbound-queue-inl.h */,
+ 9FF7A28311A642EA0051B8F2 /* unbound-queue.h */,
897FF1920E719B8F00D62E90 /* unicode-inl.h */,
897FF1930E719B8F00D62E90 /* unicode.cc */,
897FF1940E719B8F00D62E90 /* unicode.h */,
diff --git a/deps/v8/tools/visual_studio/v8_base.vcproj b/deps/v8/tools/visual_studio/v8_base.vcproj
index 004e16ee0e..2571b6525b 100644
--- a/deps/v8/tools/visual_studio/v8_base.vcproj
+++ b/deps/v8/tools/visual_studio/v8_base.vcproj
@@ -144,6 +144,30 @@
/>
</FileConfiguration>
</File>
+ <File
+ RelativePath="..\..\src\dtoa.cc"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\dtoa.h"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\fast-dtoa.cc"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\fast-dtoa.h"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\fixed-dtoa.cc"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\fixed-dtoa.h"
+ >
+ </File>
</Filter>
<Filter
Name="src"
@@ -961,6 +985,14 @@
>
</File>
<File
+ RelativePath="..\..\src\unbound-queue-inl.h"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\unbound-queue.h"
+ >
+ </File>
+ <File
RelativePath="..\..\src\unicode-inl.h"
>
</File>
diff --git a/deps/v8/tools/visual_studio/v8_base_arm.vcproj b/deps/v8/tools/visual_studio/v8_base_arm.vcproj
index 39cd42afe1..a3c597099d 100644
--- a/deps/v8/tools/visual_studio/v8_base_arm.vcproj
+++ b/deps/v8/tools/visual_studio/v8_base_arm.vcproj
@@ -953,6 +953,14 @@
>
</File>
<File
+ RelativePath="..\..\src\unbound-queue-inl.h"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\unbound-queue.h"
+ >
+ </File>
+ <File
RelativePath="..\..\src\unicode-inl.h"
>
</File>
diff --git a/deps/v8/tools/visual_studio/v8_base_x64.vcproj b/deps/v8/tools/visual_studio/v8_base_x64.vcproj
index 46078179e1..708b380c94 100644
--- a/deps/v8/tools/visual_studio/v8_base_x64.vcproj
+++ b/deps/v8/tools/visual_studio/v8_base_x64.vcproj
@@ -938,6 +938,14 @@
>
</File>
<File
+ RelativePath="..\..\src\unbound-queue-inl.h"
+ >
+ </File>
+ <File
+ RelativePath="..\..\src\unbound-queue.h"
+ >
+ </File>
+ <File
RelativePath="..\..\src\unicode-inl.h"
>
</File>
diff --git a/deps/v8/tools/visual_studio/v8_cctest.vcproj b/deps/v8/tools/visual_studio/v8_cctest.vcproj
index 424d2262bd..cca6ebaeeb 100644
--- a/deps/v8/tools/visual_studio/v8_cctest.vcproj
+++ b/deps/v8/tools/visual_studio/v8_cctest.vcproj
@@ -248,6 +248,10 @@
>
</File>
<File
+ RelativePath="..\..\test\cctest\test-unbound-queue.cc"
+ >
+ </File>
+ <File
RelativePath="..\..\test\cctest\test-utils.cc"
>
</File>