RubyGems - libv8 - Versions diffs - 3.10.8.0 → 3.11.8.0 - Mend

libv8 3.10.8.0 → 3.11.8.0

Files changed (215) hide show

data/Rakefile +10 -3
data/ext/libv8/compiler.rb +46 -0
data/ext/libv8/extconf.rb +5 -1
data/ext/libv8/make.rb +13 -0
data/lib/libv8/version.rb +1 -1
data/patches/add-freebsd9-and-freebsd10-to-gyp-GetFlavor.patch +11 -0
data/patches/src_platform-freebsd.cc.patch +10 -0
data/vendor/v8/ChangeLog +124 -0
data/vendor/v8/DEPS +27 -0
data/vendor/v8/Makefile +7 -0
data/vendor/v8/SConstruct +15 -2
data/vendor/v8/build/common.gypi +129 -157
data/vendor/v8/build/gyp_v8 +11 -25
data/vendor/v8/build/standalone.gypi +9 -3
data/vendor/v8/include/v8.h +5 -3
data/vendor/v8/src/SConscript +1 -0
data/vendor/v8/src/api.cc +4 -33
data/vendor/v8/src/api.h +2 -2
data/vendor/v8/src/arm/builtins-arm.cc +5 -4
data/vendor/v8/src/arm/code-stubs-arm.cc +21 -14
data/vendor/v8/src/arm/codegen-arm.cc +2 -2
data/vendor/v8/src/arm/debug-arm.cc +3 -1
data/vendor/v8/src/arm/full-codegen-arm.cc +3 -102
data/vendor/v8/src/arm/ic-arm.cc +30 -33
data/vendor/v8/src/arm/lithium-arm.cc +20 -7
data/vendor/v8/src/arm/lithium-arm.h +10 -4
data/vendor/v8/src/arm/lithium-codegen-arm.cc +106 -60
data/vendor/v8/src/arm/macro-assembler-arm.cc +49 -39
data/vendor/v8/src/arm/macro-assembler-arm.h +5 -4
data/vendor/v8/src/arm/regexp-macro-assembler-arm.cc +115 -55
data/vendor/v8/src/arm/regexp-macro-assembler-arm.h +7 -6
data/vendor/v8/src/arm/simulator-arm.h +6 -6
data/vendor/v8/src/arm/stub-cache-arm.cc +64 -19
data/vendor/v8/src/array.js +7 -3
data/vendor/v8/src/ast.cc +11 -6
data/vendor/v8/src/bootstrapper.cc +9 -11
data/vendor/v8/src/builtins.cc +61 -31
data/vendor/v8/src/code-stubs.cc +23 -9
data/vendor/v8/src/code-stubs.h +1 -0
data/vendor/v8/src/codegen.h +3 -3
data/vendor/v8/src/compiler.cc +1 -1
data/vendor/v8/src/contexts.h +2 -18
data/vendor/v8/src/d8.cc +94 -93
data/vendor/v8/src/d8.h +1 -1
data/vendor/v8/src/debug-agent.cc +3 -3
data/vendor/v8/src/debug.cc +41 -1
data/vendor/v8/src/debug.h +50 -0
data/vendor/v8/src/elements-kind.cc +134 -0
data/vendor/v8/src/elements-kind.h +210 -0
data/vendor/v8/src/elements.cc +356 -190
data/vendor/v8/src/elements.h +36 -28
data/vendor/v8/src/factory.cc +44 -4
data/vendor/v8/src/factory.h +11 -7
data/vendor/v8/src/flag-definitions.h +3 -0
data/vendor/v8/src/frames.h +3 -0
data/vendor/v8/src/full-codegen.cc +2 -1
data/vendor/v8/src/func-name-inferrer.h +2 -0
data/vendor/v8/src/globals.h +3 -0
data/vendor/v8/src/heap-inl.h +16 -4
data/vendor/v8/src/heap.cc +38 -32
data/vendor/v8/src/heap.h +3 -17
data/vendor/v8/src/hydrogen-instructions.cc +28 -5
data/vendor/v8/src/hydrogen-instructions.h +142 -44
data/vendor/v8/src/hydrogen.cc +160 -55
data/vendor/v8/src/hydrogen.h +2 -0
data/vendor/v8/src/ia32/assembler-ia32.h +3 -0
data/vendor/v8/src/ia32/builtins-ia32.cc +5 -4
data/vendor/v8/src/ia32/code-stubs-ia32.cc +22 -16
data/vendor/v8/src/ia32/codegen-ia32.cc +2 -2
data/vendor/v8/src/ia32/debug-ia32.cc +29 -2
data/vendor/v8/src/ia32/full-codegen-ia32.cc +8 -101
data/vendor/v8/src/ia32/ic-ia32.cc +23 -19
data/vendor/v8/src/ia32/lithium-codegen-ia32.cc +126 -80
data/vendor/v8/src/ia32/lithium-codegen-ia32.h +2 -1
data/vendor/v8/src/ia32/lithium-ia32.cc +15 -9
data/vendor/v8/src/ia32/lithium-ia32.h +14 -6
data/vendor/v8/src/ia32/macro-assembler-ia32.cc +50 -40
data/vendor/v8/src/ia32/macro-assembler-ia32.h +5 -4
data/vendor/v8/src/ia32/regexp-macro-assembler-ia32.cc +113 -43
data/vendor/v8/src/ia32/regexp-macro-assembler-ia32.h +9 -4
data/vendor/v8/src/ia32/simulator-ia32.h +4 -4
data/vendor/v8/src/ia32/stub-cache-ia32.cc +52 -14
data/vendor/v8/src/ic.cc +77 -20
data/vendor/v8/src/ic.h +18 -2
data/vendor/v8/src/incremental-marking-inl.h +21 -5
data/vendor/v8/src/incremental-marking.cc +35 -8
data/vendor/v8/src/incremental-marking.h +12 -3
data/vendor/v8/src/isolate.cc +12 -2
data/vendor/v8/src/isolate.h +1 -1
data/vendor/v8/src/jsregexp.cc +66 -26
data/vendor/v8/src/jsregexp.h +60 -31
data/vendor/v8/src/list-inl.h +8 -0
data/vendor/v8/src/list.h +3 -0
data/vendor/v8/src/lithium.cc +5 -2
data/vendor/v8/src/liveedit.cc +57 -5
data/vendor/v8/src/mark-compact-inl.h +17 -11
data/vendor/v8/src/mark-compact.cc +100 -143
data/vendor/v8/src/mark-compact.h +44 -20
data/vendor/v8/src/messages.js +131 -99
data/vendor/v8/src/mips/builtins-mips.cc +5 -4
data/vendor/v8/src/mips/code-stubs-mips.cc +23 -15
data/vendor/v8/src/mips/codegen-mips.cc +2 -2
data/vendor/v8/src/mips/debug-mips.cc +3 -1
data/vendor/v8/src/mips/full-codegen-mips.cc +4 -102
data/vendor/v8/src/mips/ic-mips.cc +34 -36
data/vendor/v8/src/mips/lithium-codegen-mips.cc +116 -68
data/vendor/v8/src/mips/lithium-mips.cc +20 -7
data/vendor/v8/src/mips/lithium-mips.h +11 -4
data/vendor/v8/src/mips/macro-assembler-mips.cc +50 -39
data/vendor/v8/src/mips/macro-assembler-mips.h +5 -4
data/vendor/v8/src/mips/regexp-macro-assembler-mips.cc +110 -50
data/vendor/v8/src/mips/regexp-macro-assembler-mips.h +6 -5
data/vendor/v8/src/mips/simulator-mips.h +5 -5
data/vendor/v8/src/mips/stub-cache-mips.cc +66 -20
data/vendor/v8/src/mksnapshot.cc +5 -1
data/vendor/v8/src/objects-debug.cc +103 -6
data/vendor/v8/src/objects-inl.h +215 -116
data/vendor/v8/src/objects-printer.cc +13 -8
data/vendor/v8/src/objects.cc +608 -331
data/vendor/v8/src/objects.h +129 -94
data/vendor/v8/src/parser.cc +16 -4
data/vendor/v8/src/platform-freebsd.cc +1 -0
data/vendor/v8/src/platform-linux.cc +9 -30
data/vendor/v8/src/platform-posix.cc +28 -7
data/vendor/v8/src/platform-win32.cc +15 -3
data/vendor/v8/src/platform.h +2 -1
data/vendor/v8/src/profile-generator-inl.h +25 -2
data/vendor/v8/src/profile-generator.cc +300 -822
data/vendor/v8/src/profile-generator.h +97 -214
data/vendor/v8/src/regexp-macro-assembler-irregexp.cc +2 -1
data/vendor/v8/src/regexp-macro-assembler-irregexp.h +2 -2
data/vendor/v8/src/regexp-macro-assembler-tracer.cc +6 -5
data/vendor/v8/src/regexp-macro-assembler-tracer.h +1 -1
data/vendor/v8/src/regexp-macro-assembler.cc +7 -3
data/vendor/v8/src/regexp-macro-assembler.h +10 -2
data/vendor/v8/src/regexp.js +6 -0
data/vendor/v8/src/runtime.cc +265 -212
data/vendor/v8/src/runtime.h +6 -5
data/vendor/v8/src/scopes.cc +20 -0
data/vendor/v8/src/scopes.h +6 -3
data/vendor/v8/src/spaces.cc +0 -2
data/vendor/v8/src/string-stream.cc +2 -2
data/vendor/v8/src/v8-counters.h +0 -2
data/vendor/v8/src/v8natives.js +2 -2
data/vendor/v8/src/v8utils.h +6 -3
data/vendor/v8/src/version.cc +1 -1
data/vendor/v8/src/x64/assembler-x64.h +2 -1
data/vendor/v8/src/x64/builtins-x64.cc +5 -4
data/vendor/v8/src/x64/code-stubs-x64.cc +25 -16
data/vendor/v8/src/x64/codegen-x64.cc +2 -2
data/vendor/v8/src/x64/debug-x64.cc +14 -1
data/vendor/v8/src/x64/disasm-x64.cc +1 -1
data/vendor/v8/src/x64/full-codegen-x64.cc +10 -106
data/vendor/v8/src/x64/ic-x64.cc +20 -16
data/vendor/v8/src/x64/lithium-codegen-x64.cc +156 -79
data/vendor/v8/src/x64/lithium-codegen-x64.h +2 -1
data/vendor/v8/src/x64/lithium-x64.cc +18 -8
data/vendor/v8/src/x64/lithium-x64.h +7 -2
data/vendor/v8/src/x64/macro-assembler-x64.cc +50 -40
data/vendor/v8/src/x64/macro-assembler-x64.h +5 -4
data/vendor/v8/src/x64/regexp-macro-assembler-x64.cc +122 -51
data/vendor/v8/src/x64/regexp-macro-assembler-x64.h +17 -8
data/vendor/v8/src/x64/simulator-x64.h +4 -4
data/vendor/v8/src/x64/stub-cache-x64.cc +55 -17
data/vendor/v8/test/cctest/cctest.status +1 -0
data/vendor/v8/test/cctest/test-api.cc +24 -0
data/vendor/v8/test/cctest/test-func-name-inference.cc +38 -0
data/vendor/v8/test/cctest/test-heap-profiler.cc +21 -77
data/vendor/v8/test/cctest/test-heap.cc +164 -3
data/vendor/v8/test/cctest/test-list.cc +12 -0
data/vendor/v8/test/cctest/test-mark-compact.cc +5 -5
data/vendor/v8/test/cctest/test-regexp.cc +14 -8
data/vendor/v8/test/cctest/testcfg.py +2 -0
data/vendor/v8/test/mjsunit/accessor-map-sharing.js +176 -0
data/vendor/v8/test/mjsunit/array-construct-transition.js +3 -3
data/vendor/v8/test/mjsunit/array-literal-transitions.js +10 -10
data/vendor/v8/test/mjsunit/big-array-literal.js +3 -0
data/vendor/v8/test/mjsunit/compiler/inline-construct.js +4 -2
data/vendor/v8/test/mjsunit/debug-liveedit-stack-padding.js +88 -0
data/vendor/v8/test/mjsunit/elements-kind.js +4 -4
data/vendor/v8/test/mjsunit/elements-transition-hoisting.js +2 -2
data/vendor/v8/test/mjsunit/elements-transition.js +5 -5
data/vendor/v8/test/mjsunit/error-constructors.js +68 -33
data/vendor/v8/test/mjsunit/harmony/proxies.js +14 -6
data/vendor/v8/test/mjsunit/mjsunit.status +1 -0
data/vendor/v8/test/mjsunit/packed-elements.js +112 -0
data/vendor/v8/test/mjsunit/regexp-capture-3.js +6 -0
data/vendor/v8/test/mjsunit/regexp-global.js +132 -0
data/vendor/v8/test/mjsunit/regexp.js +11 -0
data/vendor/v8/test/mjsunit/regress/regress-117409.js +52 -0
data/vendor/v8/test/mjsunit/regress/regress-126412.js +33 -0
data/vendor/v8/test/mjsunit/regress/regress-128018.js +35 -0
data/vendor/v8/test/mjsunit/regress/regress-128146.js +33 -0
data/vendor/v8/test/mjsunit/regress/regress-1639-2.js +4 -1
data/vendor/v8/test/mjsunit/regress/regress-1639.js +14 -8
data/vendor/v8/test/mjsunit/regress/regress-1849.js +3 -3
data/vendor/v8/test/mjsunit/regress/regress-1878.js +2 -2
data/vendor/v8/test/mjsunit/regress/regress-2071.js +79 -0
data/vendor/v8/test/mjsunit/regress/regress-2153.js +32 -0
data/vendor/v8/test/mjsunit/regress/regress-crbug-122271.js +4 -4
data/vendor/v8/test/mjsunit/regress/regress-crbug-126414.js +32 -0
data/vendor/v8/test/mjsunit/regress/regress-smi-only-concat.js +2 -2
data/vendor/v8/test/mjsunit/regress/regress-transcendental.js +49 -0
data/vendor/v8/test/mjsunit/stack-traces.js +14 -0
data/vendor/v8/test/mjsunit/unbox-double-arrays.js +4 -3
data/vendor/v8/test/test262/testcfg.py +6 -1
data/vendor/v8/tools/check-static-initializers.sh +11 -3
data/vendor/v8/tools/fuzz-harness.sh +92 -0
data/vendor/v8/tools/grokdump.py +658 -67
data/vendor/v8/tools/gyp/v8.gyp +21 -39
data/vendor/v8/tools/js2c.py +3 -3
data/vendor/v8/tools/jsmin.py +2 -2
data/vendor/v8/tools/presubmit.py +2 -1
data/vendor/v8/tools/test-wrapper-gypbuild.py +25 -11
metadata +624 -612

@@ -89,6 +89,7 @@ namespace internal {
   F(NotifyDeoptimized, 1, 1) \
   F(NotifyOSR, 0, 1) \
   F(DeoptimizeFunction, 1, 1) \
+  F(ClearFunctionTypeFeedback, 1, 1) \
   F(RunningInSimulator, 0, 1) \
   F(OptimizeFunctionOnNextCall, -1, 1) \
   F(GetOptimizationStatus, 1, 1) \
@@ -271,7 +272,6 @@ namespace internal {
   F(GetArrayKeys, 2, 1) \
   F(MoveArrayContents, 2, 1) \
   F(EstimateNumberOfElements, 1, 1) \
-  F(SwapElements, 3, 1) \
   \
   /* Getters and Setters */ \
   F(LookupAccessor, 3, 1) \
@@ -364,9 +364,11 @@ namespace internal {
   F(IS_VAR, 1, 1) \
   \
   /* expose boolean functions from objects-inl.h */ \
-  F(HasFastSmiOnlyElements, 1, 1) \
-  F(HasFastElements, 1, 1) \
+  F(HasFastSmiElements, 1, 1) \
+  F(HasFastSmiOrObjectElements, 1, 1) \
+  F(HasFastObjectElements, 1, 1) \
   F(HasFastDoubleElements, 1, 1) \
+  F(HasFastHoleyElements, 1, 1) \
   F(HasDictionaryElements, 1, 1) \
   F(HasExternalPixelElements, 1, 1) \
   F(HasExternalArrayElements, 1, 1) \
@@ -535,8 +537,7 @@ namespace internal {
   F(RegExpExec, 4, 1)                                                        \
   F(RegExpConstructResult, 3, 1)                                             \
   F(GetFromCache, 2, 1)                                                      \
-  F(NumberToString, 1, 1)                                                    \
-  F(SwapElements, 3, 1)
+  F(NumberToString, 1, 1)
 //---------------------------------------------------------------------------

data/vendor/v8/src/scopes.cc CHANGED

@@ -658,6 +658,26 @@ bool Scope::HasTrivialOuterContext() const {
 }
+bool Scope::AllowsLazyRecompilation() const {
+  return !force_eager_compilation_ &&
+         !TrivialDeclarationScopesBeforeWithScope();
+}
+bool Scope::TrivialDeclarationScopesBeforeWithScope() const {
+  Scope* outer = outer_scope_;
+  if (outer == NULL) return false;
+  outer = outer->DeclarationScope();
+  while (outer != NULL) {
+    if (outer->is_with_scope()) return true;
+    if (outer->is_declaration_scope() && outer->num_heap_slots() > 0)
+      return false;
+    outer = outer->outer_scope_;
+  }
+  return false;
+}
 int Scope::ContextChainLength(Scope* scope) {
   int n = 0;
   for (Scope* s = this; s != scope; s = s->outer_scope_) {

data/vendor/v8/src/scopes.h CHANGED

@@ -362,13 +362,16 @@ class Scope: public ZoneObject {
   bool AllowsLazyCompilation() const;
   // True if we can lazily recompile functions with this scope.
-  bool allows_lazy_recompilation() const {
-    return !force_eager_compilation_;
-  }
+  bool AllowsLazyRecompilation() const;
   // True if the outer context of this scope is always the global context.
   bool HasTrivialOuterContext() const;
+  // True if this scope is inside a with scope and all declaration scopes
+  // between them have empty contexts. Such declaration scopes become
+  // invisible during scope info deserialization.
+  bool TrivialDeclarationScopesBeforeWithScope() const;
   // The number of contexts between this and scope; zero if this == scope.
   int ContextChainLength(Scope* scope);

data/vendor/v8/src/spaces.cc CHANGED

@@ -2295,8 +2295,6 @@ bool PagedSpace::AdvanceSweeper(intptr_t bytes_to_sweep) {
     first_unswept_page_ = p;
   }
-  heap()->LowerOldGenLimits(freed_bytes);
   heap()->FreeQueuedChunks();
   return IsSweepingComplete();

data/vendor/v8/src/string-stream.cc CHANGED

@@ -1,4 +1,4 @@
-// Copyright 2011 the V8 project authors. All rights reserved.
+// Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
@@ -427,7 +427,7 @@ void StringStream::PrintMentionedObjectCache() {
       PrintUsingMap(JSObject::cast(printee));
       if (printee->IsJSArray()) {
         JSArray* array = JSArray::cast(printee);
-        if (array->HasFastElements()) {
+        if (array->HasFastObjectElements()) {
           unsigned int limit = FixedArray::cast(array->elements())->length();
           unsigned int length =
             static_cast<uint32_t>(JSArray::cast(array)->length()->Number());

data/vendor/v8/src/v8-counters.h CHANGED

@@ -236,8 +236,6 @@ namespace internal {
   SC(math_sin, V8.MathSin)                                            \
   SC(math_sqrt, V8.MathSqrt)                                          \
   SC(math_tan, V8.MathTan)                                            \
-  SC(array_bounds_checks_seen, V8.ArrayBoundsChecksSeen)              \
-  SC(array_bounds_checks_removed, V8.ArrayBoundsChecksRemoved)        \
   SC(transcendental_cache_hit, V8.TranscendentalCacheHit)             \
   SC(transcendental_cache_miss, V8.TranscendentalCacheMiss)           \
   SC(stack_interrupts, V8.StackInterrupts)                            \

data/vendor/v8/src/v8natives.js CHANGED

@@ -337,7 +337,7 @@ function ObjectKeys(obj) {
   if (%IsJSProxy(obj)) {
     var handler = %GetHandler(obj);
     var names = CallTrap0(handler, "keys", DerivedKeysTrap);
-    return ToStringArray(names);
+    return ToStringArray(names, "keys");
   }
   return %LocalKeys(obj);
 }
@@ -963,7 +963,7 @@ function ToStringArray(obj, trap) {
   var names = {};  // TODO(rossberg): use sets once they are ready.
   for (var index = 0; index < n; index++) {
     var s = ToString(obj[index]);
-    if (s in names) {
+    if (%HasLocalProperty(names, s)) {
       throw MakeTypeError("proxy_repeated_prop_name", [obj, trap, s]);
     }
     array[index] = s;

data/vendor/v8/src/v8utils.h CHANGED

@@ -1,4 +1,4 @@
-// Copyright 2011 the V8 project authors. All rights reserved.
+// Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
@@ -199,10 +199,13 @@ Vector<const char> ReadFile(FILE* file,
                             bool verbose = true);
 // Copy from ASCII/16bit chars to ASCII/16bit chars.
 template <typename sourcechar, typename sinkchar>
-inline void CopyChars(sinkchar* dest, const sourcechar* src, int chars) {
+INLINE(void CopyChars(sinkchar* dest, const sourcechar* src, int chars));
+template <typename sourcechar, typename sinkchar>
+void CopyChars(sinkchar* dest, const sourcechar* src, int chars) {
   sinkchar* limit = dest + chars;
 #ifdef V8_HOST_CAN_READ_UNALIGNED
   if (sizeof(*dest) == sizeof(*src)) {

data/vendor/v8/src/version.cc CHANGED

@@ -33,7 +33,7 @@
 // NOTE these macros are used by the SCons build script so their names
 // cannot be changed without changing the SCons build script.
 #define MAJOR_VERSION     3
-#define MINOR_VERSION     10
+#define MINOR_VERSION     11
 #define BUILD_NUMBER      8
 #define PATCH_LEVEL       0
 // Use 1 for candidates and 0 otherwise.

data/vendor/v8/src/x64/assembler-x64.h CHANGED

@@ -629,7 +629,8 @@ class Assembler : public AssemblerBase {
   static const byte kJccShortPrefix = 0x70;
   static const byte kJncShortOpcode = kJccShortPrefix | not_carry;
   static const byte kJcShortOpcode = kJccShortPrefix | carry;
+  static const byte kJnzShortOpcode = kJccShortPrefix | not_zero;
+  static const byte kJzShortOpcode = kJccShortPrefix | zero;
   // ---------------------------------------------------------------------------

data/vendor/v8/src/x64/builtins-x64.cc CHANGED

@@ -977,7 +977,7 @@ static void AllocateEmptyJSArray(MacroAssembler* masm,
   const int initial_capacity = JSArray::kPreallocatedArrayElements;
   STATIC_ASSERT(initial_capacity >= 0);
-  __ LoadInitialArrayMap(array_function, scratch2, scratch1);
+  __ LoadInitialArrayMap(array_function, scratch2, scratch1, false);
   // Allocate the JSArray object together with space for a fixed array with the
   // requested elements.
@@ -1076,7 +1076,8 @@ static void AllocateJSArray(MacroAssembler* masm,
                             Register scratch,
                             bool fill_with_hole,
                             Label* gc_required) {
-  __ LoadInitialArrayMap(array_function, scratch, elements_array);
+  __ LoadInitialArrayMap(array_function, scratch,
+                         elements_array, fill_with_hole);
   if (FLAG_debug_code) {  // Assert that array size is not zero.
     __ testq(array_size, array_size);
@@ -1303,10 +1304,10 @@ static void ArrayNativeCode(MacroAssembler* masm,
   __ jmp(call_generic_code);
   __ bind(&not_double);
-  // Transition FAST_SMI_ONLY_ELEMENTS to FAST_ELEMENTS.
+  // Transition FAST_SMI_ELEMENTS to FAST_ELEMENTS.
   // rbx: JSArray
   __ movq(r11, FieldOperand(rbx, HeapObject::kMapOffset));
-  __ LoadTransitionedArrayMapConditional(FAST_SMI_ONLY_ELEMENTS,
+  __ LoadTransitionedArrayMapConditional(FAST_SMI_ELEMENTS,
                                          FAST_ELEMENTS,
                                          r11,
                                          kScratchRegister,

data/vendor/v8/src/x64/code-stubs-x64.cc CHANGED

@@ -2864,30 +2864,37 @@ void RegExpExecStub::Generate(MacroAssembler* masm) {
   __ IncrementCounter(counters->regexp_entry_native(), 1);
   // Isolates: note we add an additional parameter here (isolate pointer).
-  static const int kRegExpExecuteArguments = 8;
+  static const int kRegExpExecuteArguments = 9;
   int argument_slots_on_stack =
       masm->ArgumentStackSlotsForCFunctionCall(kRegExpExecuteArguments);
   __ EnterApiExitFrame(argument_slots_on_stack);
-  // Argument 8: Pass current isolate address.
+  // Argument 9: Pass current isolate address.
   // __ movq(Operand(rsp, (argument_slots_on_stack - 1) * kPointerSize),
   //     Immediate(ExternalReference::isolate_address()));
   __ LoadAddress(kScratchRegister, ExternalReference::isolate_address());
   __ movq(Operand(rsp, (argument_slots_on_stack - 1) * kPointerSize),
           kScratchRegister);
-  // Argument 7: Indicate that this is a direct call from JavaScript.
+  // Argument 8: Indicate that this is a direct call from JavaScript.
   __ movq(Operand(rsp, (argument_slots_on_stack - 2) * kPointerSize),
           Immediate(1));
-  // Argument 6: Start (high end) of backtracking stack memory area.
+  // Argument 7: Start (high end) of backtracking stack memory area.
   __ movq(kScratchRegister, address_of_regexp_stack_memory_address);
   __ movq(r9, Operand(kScratchRegister, 0));
   __ movq(kScratchRegister, address_of_regexp_stack_memory_size);
   __ addq(r9, Operand(kScratchRegister, 0));
-  // Argument 6 passed in r9 on Linux and on the stack on Windows.
-#ifdef _WIN64
   __ movq(Operand(rsp, (argument_slots_on_stack - 3) * kPointerSize), r9);
+  // Argument 6: Set the number of capture registers to zero to force global
+  // regexps to behave as non-global.  This does not affect non-global regexps.
+  // Argument 6 is passed in r9 on Linux and on the stack on Windows.
+#ifdef _WIN64
+  __ movq(Operand(rsp, (argument_slots_on_stack - 4) * kPointerSize),
+          Immediate(0));
+#else
+  __ Set(r9, 0);
 #endif
   // Argument 5: static offsets vector buffer.
@@ -2895,7 +2902,7 @@ void RegExpExecStub::Generate(MacroAssembler* masm) {
                  ExternalReference::address_of_static_offsets_vector(isolate));
   // Argument 5 passed in r8 on Linux and on the stack on Windows.
 #ifdef _WIN64
-  __ movq(Operand(rsp, (argument_slots_on_stack - 4) * kPointerSize), r8);
+  __ movq(Operand(rsp, (argument_slots_on_stack - 5) * kPointerSize), r8);
 #endif
   // First four arguments are passed in registers on both Linux and Windows.
@@ -2960,7 +2967,9 @@ void RegExpExecStub::Generate(MacroAssembler* masm) {
   // Check the result.
   Label success;
   Label exception;
-  __ cmpl(rax, Immediate(NativeRegExpMacroAssembler::SUCCESS));
+  __ cmpl(rax, Immediate(1));
+  // We expect exactly one result since we force the called regexp to behave
+  // as non-global.
   __ j(equal, &success, Label::kNear);
   __ cmpl(rax, Immediate(NativeRegExpMacroAssembler::EXCEPTION));
   __ j(equal, &exception);
@@ -5993,12 +6002,12 @@ struct AheadOfTimeWriteBarrierStubList kAheadOfTime[] = {
   // KeyedStoreStubCompiler::GenerateStoreFastElement.
   { REG(rdi), REG(rbx), REG(rcx), EMIT_REMEMBERED_SET},
   { REG(rdx), REG(rdi), REG(rbx), EMIT_REMEMBERED_SET},
-  // ElementsTransitionGenerator::GenerateSmiOnlyToObject
-  // and ElementsTransitionGenerator::GenerateSmiOnlyToObject
+  // ElementsTransitionGenerator::GenerateMapChangeElementTransition
+  // and ElementsTransitionGenerator::GenerateSmiToDouble
   // and ElementsTransitionGenerator::GenerateDoubleToObject
   { REG(rdx), REG(rbx), REG(rdi), EMIT_REMEMBERED_SET},
   { REG(rdx), REG(rbx), REG(rdi), OMIT_REMEMBERED_SET},
-  // ElementsTransitionGenerator::GenerateSmiOnlyToDouble
+  // ElementsTransitionGenerator::GenerateSmiToDouble
   // and ElementsTransitionGenerator::GenerateDoubleToObject
   { REG(rdx), REG(r11), REG(r15), EMIT_REMEMBERED_SET},
   // ElementsTransitionGenerator::GenerateDoubleToObject
@@ -6272,9 +6281,9 @@ void StoreArrayLiteralElementStub::Generate(MacroAssembler* masm) {
   __ CheckFastElements(rdi, &double_elements);
-  // FAST_SMI_ONLY_ELEMENTS or FAST_ELEMENTS
+  // FAST_*_SMI_ELEMENTS or FAST_*_ELEMENTS
   __ JumpIfSmi(rax, &smi_element);
-  __ CheckFastSmiOnlyElements(rdi, &fast_elements);
+  __ CheckFastSmiElements(rdi, &fast_elements);
   // Store into the array literal requires a elements transition. Call into
   // the runtime.
@@ -6292,7 +6301,7 @@ void StoreArrayLiteralElementStub::Generate(MacroAssembler* masm) {
                  // place.
   __ TailCallRuntime(Runtime::kStoreArrayLiteralElement, 5, 1);
-  // Array literal has ElementsKind of FAST_ELEMENTS and value is an object.
+  // Array literal has ElementsKind of FAST_*_ELEMENTS and value is an object.
   __ bind(&fast_elements);
   __ SmiToInteger32(kScratchRegister, rcx);
   __ movq(rbx, FieldOperand(rbx, JSObject::kElementsOffset));
@@ -6306,8 +6315,8 @@ void StoreArrayLiteralElementStub::Generate(MacroAssembler* masm) {
                  OMIT_SMI_CHECK);
   __ ret(0);
-  // Array literal has ElementsKind of FAST_SMI_ONLY_ELEMENTS or
-  // FAST_ELEMENTS, and value is Smi.
+  // Array literal has ElementsKind of FAST_*_SMI_ELEMENTS or
+  // FAST_*_ELEMENTS, and value is Smi.
   __ bind(&smi_element);
   __ SmiToInteger32(kScratchRegister, rcx);
   __ movq(rbx, FieldOperand(rbx, JSObject::kElementsOffset));

data/vendor/v8/src/x64/codegen-x64.cc CHANGED

@@ -220,7 +220,7 @@ ModuloFunction CreateModuloFunction() {
 #define __ ACCESS_MASM(masm)
-void ElementsTransitionGenerator::GenerateSmiOnlyToObject(
+void ElementsTransitionGenerator::GenerateMapChangeElementsTransition(
     MacroAssembler* masm) {
   // ----------- S t a t e -------------
   //  -- rax    : value
@@ -241,7 +241,7 @@ void ElementsTransitionGenerator::GenerateSmiOnlyToObject(
 }
-void ElementsTransitionGenerator::GenerateSmiOnlyToDouble(
+void ElementsTransitionGenerator::GenerateSmiToDouble(
     MacroAssembler* masm, Label* fail) {
   // ----------- S t a t e -------------
   //  -- rax    : value

data/vendor/v8/src/x64/debug-x64.cc CHANGED

@@ -1,4 +1,4 @@
-// Copyright 2011 the V8 project authors. All rights reserved.
+// Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
@@ -91,6 +91,8 @@ void BreakLocationIterator::ClearDebugBreakAtSlot() {
   rinfo()->PatchCode(original_rinfo()->pc(), Assembler::kDebugBreakSlotLength);
 }
+const bool Debug::FramePaddingLayout::kIsSupported = true;
 #define __ ACCESS_MASM(masm)
@@ -103,6 +105,12 @@ static void Generate_DebugBreakCallHelper(MacroAssembler* masm,
   {
     FrameScope scope(masm, StackFrame::INTERNAL);
+    // Load padding words on stack.
+    for (int i = 0; i < Debug::FramePaddingLayout::kInitialSize; i++) {
+      __ Push(Smi::FromInt(Debug::FramePaddingLayout::kPaddingValue));
+    }
+    __ Push(Smi::FromInt(Debug::FramePaddingLayout::kInitialSize));
     // Store the registers containing live values on the expression stack to
     // make sure that these are correctly updated during GC. Non object values
     // are stored as as two smis causing it to be untouched by GC.
@@ -157,6 +165,11 @@ static void Generate_DebugBreakCallHelper(MacroAssembler* masm,
       }
     }
+    // Read current padding counter and skip corresponding number of words.
+    __ pop(kScratchRegister);
+    __ SmiToInteger32(kScratchRegister, kScratchRegister);
+    __ lea(rsp, Operand(rsp, kScratchRegister, times_pointer_size, 0));
     // Get rid of the internal frame.
   }

data/vendor/v8/src/x64/disasm-x64.cc CHANGED

@@ -1684,7 +1684,7 @@ int DisassemblerX64::InstructionDecode(v8::internal::Vector<char> out_buffer,
           default:
             UNREACHABLE();
         }
-        AppendToBuffer("test%c rax,0x%"V8_PTR_PREFIX"x",
+        AppendToBuffer("test%c rax,0x%" V8_PTR_PREFIX "x",
                        operand_size_code(),
                        value);
         break;

data/vendor/v8/src/x64/full-codegen-x64.cc CHANGED

@@ -659,7 +659,7 @@ void FullCodeGenerator::DoTest(Expression* condition,
                                Label* fall_through) {
   ToBooleanStub stub(result_register());
   __ push(result_register());
-  __ CallStub(&stub);
+  __ CallStub(&stub, condition->test_id());
   __ testq(result_register(), result_register());
   // The stub returns nonzero for true.
   Split(not_zero, if_true, if_false, fall_through);
@@ -1659,7 +1659,8 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) {
   ASSERT_EQ(2, constant_elements->length());
   ElementsKind constant_elements_kind =
       static_cast<ElementsKind>(Smi::cast(constant_elements->get(0))->value());
-  bool has_constant_fast_elements = constant_elements_kind == FAST_ELEMENTS;
+  bool has_constant_fast_elements =
+      IsFastObjectElementsKind(constant_elements_kind);
   Handle<FixedArrayBase> constant_elements_values(
       FixedArrayBase::cast(constant_elements->get(1)));
@@ -1670,7 +1671,7 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) {
   Heap* heap = isolate()->heap();
   if (has_constant_fast_elements &&
       constant_elements_values->map() == heap->fixed_cow_array_map()) {
-    // If the elements are already FAST_ELEMENTS, the boilerplate cannot
+    // If the elements are already FAST_*_ELEMENTS, the boilerplate cannot
     // change, so it's possible to specialize the stub in advance.
     __ IncrementCounter(isolate()->counters()->cow_arrays_created_stub(), 1);
     FastCloneShallowArrayStub stub(
@@ -1682,10 +1683,9 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) {
   } else if (length > FastCloneShallowArrayStub::kMaximumClonedLength) {
     __ CallRuntime(Runtime::kCreateArrayLiteralShallow, 3);
   } else {
-    ASSERT(constant_elements_kind == FAST_ELEMENTS ||
-           constant_elements_kind == FAST_SMI_ONLY_ELEMENTS ||
+    ASSERT(IsFastSmiOrObjectElementsKind(constant_elements_kind) ||
            FLAG_smi_only_arrays);
-    // If the elements are already FAST_ELEMENTS, the boilerplate cannot
+    // If the elements are already FAST_*_ELEMENTS, the boilerplate cannot
     // change, so it's possible to specialize the stub in advance.
     FastCloneShallowArrayStub::Mode mode = has_constant_fast_elements
         ? FastCloneShallowArrayStub::CLONE_ELEMENTS
@@ -1713,9 +1713,9 @@ void FullCodeGenerator::VisitArrayLiteral(ArrayLiteral* expr) {
     }
     VisitForAccumulatorValue(subexpr);
-    if (constant_elements_kind == FAST_ELEMENTS) {
-      // Fast-case array literal with ElementsKind of FAST_ELEMENTS, they cannot
-      // transition and don't need to call the runtime stub.
+    if (IsFastObjectElementsKind(constant_elements_kind)) {
+      // Fast-case array literal with ElementsKind of FAST_*_ELEMENTS, they
+      // cannot transition and don't need to call the runtime stub.
       int offset = FixedArray::kHeaderSize + (i * kPointerSize);
       __ movq(rbx, Operand(rsp, 0));  // Copy of array literal.
       __ movq(rbx, FieldOperand(rbx, JSObject::kElementsOffset));
@@ -2287,7 +2287,7 @@ void FullCodeGenerator::EmitCallWithStub(Call* expr, CallFunctionFlags flags) {
   CallFunctionStub stub(arg_count, flags);
   __ movq(rdi, Operand(rsp, (arg_count + 1) * kPointerSize));
-  __ CallStub(&stub);
+  __ CallStub(&stub, expr->id());
   RecordJSReturnSite(expr);
   // Restore context register.
   __ movq(rsi, Operand(rbp, StandardFrameConstants::kContextOffset));
@@ -3360,102 +3360,6 @@ void FullCodeGenerator::EmitRegExpConstructResult(CallRuntime* expr) {
 }
-void FullCodeGenerator::EmitSwapElements(CallRuntime* expr) {
-  ZoneList<Expression*>* args = expr->arguments();
-  ASSERT(args->length() == 3);
-  VisitForStackValue(args->at(0));
-  VisitForStackValue(args->at(1));
-  VisitForStackValue(args->at(2));
-  Label done;
-  Label slow_case;
-  Register object = rax;
-  Register index_1 = rbx;
-  Register index_2 = rcx;
-  Register elements = rdi;
-  Register temp = rdx;
-  __ movq(object, Operand(rsp, 2 * kPointerSize));
-  // Fetch the map and check if array is in fast case.
-  // Check that object doesn't require security checks and
-  // has no indexed interceptor.
-  __ CmpObjectType(object, JS_ARRAY_TYPE, temp);
-  __ j(not_equal, &slow_case);
-  __ testb(FieldOperand(temp, Map::kBitFieldOffset),
-           Immediate(KeyedLoadIC::kSlowCaseBitFieldMask));
-  __ j(not_zero, &slow_case);
-  // Check the object's elements are in fast case and writable.
-  __ movq(elements, FieldOperand(object, JSObject::kElementsOffset));
-  __ CompareRoot(FieldOperand(elements, HeapObject::kMapOffset),
-                 Heap::kFixedArrayMapRootIndex);
-  __ j(not_equal, &slow_case);
-  // Check that both indices are smis.
-  __ movq(index_1, Operand(rsp, 1 * kPointerSize));
-  __ movq(index_2, Operand(rsp, 0 * kPointerSize));
-  __ JumpIfNotBothSmi(index_1, index_2, &slow_case);
-  // Check that both indices are valid.
-  // The JSArray length field is a smi since the array is in fast case mode.
-  __ movq(temp, FieldOperand(object, JSArray::kLengthOffset));
-  __ SmiCompare(temp, index_1);
-  __ j(below_equal, &slow_case);
-  __ SmiCompare(temp, index_2);
-  __ j(below_equal, &slow_case);
-  __ SmiToInteger32(index_1, index_1);
-  __ SmiToInteger32(index_2, index_2);
-  // Bring addresses into index1 and index2.
-  __ lea(index_1, FieldOperand(elements, index_1, times_pointer_size,
-                               FixedArray::kHeaderSize));
-  __ lea(index_2, FieldOperand(elements, index_2, times_pointer_size,
-                               FixedArray::kHeaderSize));
-  // Swap elements.  Use object and temp as scratch registers.
-  __ movq(object, Operand(index_1, 0));
-  __ movq(temp,   Operand(index_2, 0));
-  __ movq(Operand(index_2, 0), object);
-  __ movq(Operand(index_1, 0), temp);
-  Label no_remembered_set;
-  __ CheckPageFlag(elements,
-                   temp,
-                   1 << MemoryChunk::SCAN_ON_SCAVENGE,
-                   not_zero,
-                   &no_remembered_set,
-                   Label::kNear);
-  // Possible optimization: do a check that both values are Smis
-  // (or them and test against Smi mask.)
-  // We are swapping two objects in an array and the incremental marker never
-  // pauses in the middle of scanning a single object.  Therefore the
-  // incremental marker is not disturbed, so we don't need to call the
-  // RecordWrite stub that notifies the incremental marker.
-  __ RememberedSetHelper(elements,
-                         index_1,
-                         temp,
-                         kDontSaveFPRegs,
-                         MacroAssembler::kFallThroughAtEnd);
-  __ RememberedSetHelper(elements,
-                         index_2,
-                         temp,
-                         kDontSaveFPRegs,
-                         MacroAssembler::kFallThroughAtEnd);
-  __ bind(&no_remembered_set);
-  // We are done. Drop elements from the stack, and return undefined.
-  __ addq(rsp, Immediate(3 * kPointerSize));
-  __ LoadRoot(rax, Heap::kUndefinedValueRootIndex);
-  __ jmp(&done);
-  __ bind(&slow_case);
-  __ CallRuntime(Runtime::kSwapElements, 3);
-  __ bind(&done);
-  context()->Plug(rax);
-}
 void FullCodeGenerator::EmitGetFromCache(CallRuntime* expr) {
   ZoneList<Expression*>* args = expr->arguments();
   ASSERT_EQ(2, args->length());