Update V8 to r5091 as required by WebKit r63859.
Change-Id: I8e35d765e6f6c7f89eccff900e1cabe2d5dd6110
diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc
index 330ca5b..bd6108c 100644
--- a/test/cctest/test-api.cc
+++ b/test/cctest/test-api.cc
@@ -470,7 +470,10 @@
i::Heap::CollectGarbage(0, i::NEW_SPACE);
i::Heap::CollectGarbage(0, i::NEW_SPACE);
- Local<String> small_string = String::New(AsciiToTwoByteString("small"));
+ uint16_t* two_byte_string = AsciiToTwoByteString("small");
+ Local<String> small_string = String::New(two_byte_string);
+ i::DeleteArray(two_byte_string);
+
// We should refuse to externalize newly created small string.
CHECK(!small_string->CanMakeExternal());
// Trigger GCs so that the newly allocated string moves to old gen.
@@ -479,7 +482,10 @@
// Old space strings should be accepted.
CHECK(small_string->CanMakeExternal());
- small_string = String::New(AsciiToTwoByteString("small 2"));
+ two_byte_string = AsciiToTwoByteString("small 2");
+ small_string = String::New(two_byte_string);
+ i::DeleteArray(two_byte_string);
+
// We should refuse externalizing newly created small string.
CHECK(!small_string->CanMakeExternal());
for (int i = 0; i < 100; i++) {
@@ -492,8 +498,11 @@
char* buf = i::NewArray<char>(buf_size);
memset(buf, 'a', buf_size);
buf[buf_size - 1] = '\0';
- Local<String> large_string = String::New(AsciiToTwoByteString(buf));
+
+ two_byte_string = AsciiToTwoByteString(buf);
+ Local<String> large_string = String::New(two_byte_string);
i::DeleteArray(buf);
+ i::DeleteArray(two_byte_string);
// Large strings should be immediately accepted.
CHECK(large_string->CanMakeExternal());
}
@@ -688,7 +697,11 @@
const char* two_byte_string_2 = "a_times_two_plus_b(4, 8) + ";
const char* two_byte_extern_2 = "a_times_two_plus_b(1, 2);";
Local<String> left = v8_str(one_byte_string_1);
- Local<String> right = String::New(AsciiToTwoByteString(two_byte_string_1));
+
+ uint16_t* two_byte_source = AsciiToTwoByteString(two_byte_string_1);
+ Local<String> right = String::New(two_byte_source);
+ i::DeleteArray(two_byte_source);
+
Local<String> source = String::Concat(left, right);
right = String::NewExternal(
new TestAsciiResource(i::StrDup(one_byte_extern_1)));
@@ -698,7 +711,11 @@
source = String::Concat(source, right);
right = v8_str(one_byte_string_2);
source = String::Concat(source, right);
- right = String::New(AsciiToTwoByteString(two_byte_string_2));
+
+ two_byte_source = AsciiToTwoByteString(two_byte_string_2);
+ right = String::New(two_byte_source);
+ i::DeleteArray(two_byte_source);
+
source = String::Concat(source, right);
right = String::NewExternal(
new TestResource(AsciiToTwoByteString(two_byte_extern_2)));
@@ -3821,9 +3838,10 @@
THREADED_TEST(WeakReference) {
v8::HandleScope handle_scope;
v8::Handle<v8::ObjectTemplate> templ= v8::ObjectTemplate::New();
+ Whammy* whammy = new Whammy();
templ->SetNamedPropertyHandler(WhammyPropertyGetter,
0, 0, 0, 0,
- v8::External::New(new Whammy()));
+ v8::External::New(whammy));
const char* extension_list[] = { "v8/gc" };
v8::ExtensionConfiguration extensions(1, extension_list);
v8::Persistent<Context> context = Context::New(&extensions);
@@ -3842,7 +3860,7 @@
"4";
v8::Handle<Value> result = CompileRun(code);
CHECK_EQ(4.0, result->NumberValue());
-
+ delete whammy;
context.Dispose();
}
@@ -8612,20 +8630,31 @@
v8::HandleScope scope;
const char* cstring = "function foo(a) { return a+1; }";
+
v8::ScriptData* sd_from_cstring =
v8::ScriptData::PreCompile(cstring, i::StrLength(cstring));
TestAsciiResource* resource = new TestAsciiResource(cstring);
- v8::ScriptData* sd_from_istring = v8::ScriptData::PreCompile(
+ v8::ScriptData* sd_from_external_string = v8::ScriptData::PreCompile(
v8::String::NewExternal(resource));
- CHECK_EQ(sd_from_cstring->Length(), sd_from_istring->Length());
+ v8::ScriptData* sd_from_string = v8::ScriptData::PreCompile(
+ v8::String::New(cstring));
+
+ CHECK_EQ(sd_from_cstring->Length(), sd_from_external_string->Length());
CHECK_EQ(0, memcmp(sd_from_cstring->Data(),
- sd_from_istring->Data(),
+ sd_from_external_string->Data(),
sd_from_cstring->Length()));
+ CHECK_EQ(sd_from_cstring->Length(), sd_from_string->Length());
+ CHECK_EQ(0, memcmp(sd_from_cstring->Data(),
+ sd_from_string->Data(),
+ sd_from_cstring->Length()));
+
+
delete sd_from_cstring;
- delete sd_from_istring;
+ delete sd_from_external_string;
+ delete sd_from_string;
}
@@ -9049,6 +9078,7 @@
CHECK_EQ(String::New(expected_slice_on_cons),
env->Global()->Get(v8_str("slice_on_cons")));
}
+ i::DeleteArray(two_byte_string);
}
@@ -9073,6 +9103,7 @@
i::StrLength(ascii_sources[i])));
v8::Local<v8::String> source = v8::String::NewExternal(&uc16_resource);
v8::Script::Compile(source);
+ i::DeleteArray(two_byte_string);
}
}
@@ -10350,6 +10381,40 @@
}
+static void StackTraceForUncaughtExceptionListener(
+ v8::Handle<v8::Message> message,
+ v8::Handle<Value>) {
+ v8::Handle<v8::StackTrace> stack_trace = message->GetStackTrace();
+ CHECK_EQ(2, stack_trace->GetFrameCount());
+ checkStackFrame("origin", "foo", 2, 3, false, false,
+ stack_trace->GetFrame(0));
+ checkStackFrame("origin", "bar", 5, 3, false, false,
+ stack_trace->GetFrame(1));
+}
+
+TEST(CaptureStackTraceForUncaughtException) {
+ report_count = 0;
+ v8::HandleScope scope;
+ LocalContext env;
+ v8::V8::AddMessageListener(StackTraceForUncaughtExceptionListener);
+ v8::V8::SetCaptureStackTraceForUncaughtExceptions(true);
+
+ Script::Compile(v8_str("function foo() {\n"
+ " throw 1;\n"
+ "};\n"
+ "function bar() {\n"
+ " foo();\n"
+ "};"),
+ v8_str("origin"))->Run();
+ v8::Local<v8::Object> global = env->Global();
+ Local<Value> trouble = global->Get(v8_str("bar"));
+ CHECK(trouble->IsFunction());
+ Function::Cast(*trouble)->Call(global, 0, NULL);
+ v8::V8::SetCaptureStackTraceForUncaughtExceptions(false);
+ v8::V8::RemoveMessageListeners(StackTraceForUncaughtExceptionListener);
+}
+
+
// Test that idle notification can be handled and eventually returns true.
THREADED_TEST(IdleNotification) {
bool rv = false;
diff --git a/test/cctest/test-assembler-arm.cc b/test/cctest/test-assembler-arm.cc
index 3058c6f..5e49c0c 100644
--- a/test/cctest/test-assembler-arm.cc
+++ b/test/cctest/test-assembler-arm.cc
@@ -70,7 +70,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -107,7 +106,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -153,7 +151,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -201,7 +198,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -261,7 +257,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -301,7 +296,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
diff --git a/test/cctest/test-assembler-ia32.cc b/test/cctest/test-assembler-ia32.cc
index e499c6f..b60865d 100644
--- a/test/cctest/test-assembler-ia32.cc
+++ b/test/cctest/test-assembler-ia32.cc
@@ -70,7 +70,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -108,7 +107,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -150,7 +148,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -185,7 +182,6 @@
assm.GetCode(&desc);
Code* code =
Code::cast(Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value())));
// don't print the code - our disassembler can't handle cvttss2si
@@ -220,7 +216,6 @@
assm.GetCode(&desc);
Code* code =
Code::cast(Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value())));
// don't print the code - our disassembler can't handle cvttsd2si
@@ -250,7 +245,6 @@
assm.GetCode(&desc);
Code* code =
Code::cast(Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value())));
F0 f = FUNCTION_CAST<F0>(code->entry());
@@ -288,7 +282,6 @@
assm.GetCode(&desc);
Code* code =
Code::cast(Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value())));
#ifdef DEBUG
@@ -329,7 +322,6 @@
assm.GetCode(&desc);
Code* code =
Code::cast(Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value())));
CHECK(code->IsCode());
@@ -385,7 +377,6 @@
assm.GetCode(&desc);
Code* code =
Code::cast(Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value())));
CHECK(code->IsCode());
diff --git a/test/cctest/test-debug.cc b/test/cctest/test-debug.cc
index 8ebf752..6a94bed 100644
--- a/test/cctest/test-debug.cc
+++ b/test/cctest/test-debug.cc
@@ -6650,4 +6650,69 @@
CheckDebuggerUnloaded();
}
+
+static void* expected_break_data;
+static bool was_debug_break_called;
+static bool was_debug_event_called;
+static void DebugEventBreakDataChecker(const v8::Debug::EventDetails& details) {
+ if (details.GetEvent() == v8::BreakForCommand) {
+ CHECK_EQ(expected_break_data, details.GetClientData());
+ was_debug_event_called = true;
+ } else if (details.GetEvent() == v8::Break) {
+ was_debug_break_called = true;
+ }
+}
+
+// Check that event details contain context where debug event occured.
+TEST(DebugEventBreakData) {
+ v8::HandleScope scope;
+ DebugLocalContext env;
+ v8::Debug::SetDebugEventListener2(DebugEventBreakDataChecker);
+
+ TestClientData::constructor_call_counter = 0;
+ TestClientData::destructor_call_counter = 0;
+
+ expected_break_data = NULL;
+ was_debug_event_called = false;
+ was_debug_break_called = false;
+ v8::Debug::DebugBreakForCommand();
+ v8::Script::Compile(v8::String::New("(function(x){return x;})(1);"))->Run();
+ CHECK(was_debug_event_called);
+ CHECK(!was_debug_break_called);
+
+ TestClientData* data1 = new TestClientData();
+ expected_break_data = data1;
+ was_debug_event_called = false;
+ was_debug_break_called = false;
+ v8::Debug::DebugBreakForCommand(data1);
+ v8::Script::Compile(v8::String::New("(function(x){return x+1;})(1);"))->Run();
+ CHECK(was_debug_event_called);
+ CHECK(!was_debug_break_called);
+
+ expected_break_data = NULL;
+ was_debug_event_called = false;
+ was_debug_break_called = false;
+ v8::Debug::DebugBreak();
+ v8::Script::Compile(v8::String::New("(function(x){return x+2;})(1);"))->Run();
+ CHECK(!was_debug_event_called);
+ CHECK(was_debug_break_called);
+
+ TestClientData* data2 = new TestClientData();
+ expected_break_data = data2;
+ was_debug_event_called = false;
+ was_debug_break_called = false;
+ v8::Debug::DebugBreak();
+ v8::Debug::DebugBreakForCommand(data2);
+ v8::Script::Compile(v8::String::New("(function(x){return x+3;})(1);"))->Run();
+ CHECK(was_debug_event_called);
+ CHECK(was_debug_break_called);
+
+ CHECK_EQ(2, TestClientData::constructor_call_counter);
+ CHECK_EQ(TestClientData::constructor_call_counter,
+ TestClientData::destructor_call_counter);
+
+ v8::Debug::SetDebugEventListener(NULL);
+ CheckDebuggerUnloaded();
+}
+
#endif // ENABLE_DEBUGGER_SUPPORT
diff --git a/test/cctest/test-disasm-arm.cc b/test/cctest/test-disasm-arm.cc
index f890fc1..2bb32e7 100644
--- a/test/cctest/test-disasm-arm.cc
+++ b/test/cctest/test-disasm-arm.cc
@@ -437,6 +437,11 @@
"eeb10bc0 vsqrt.f64 d0, d0");
COMPARE(vsqrt(d2, d3, ne),
"1eb12bc3 vsqrt.f64ne d2, d3");
+
+ COMPARE(vmov(d0, 1.0),
+ "eeb70b00 vmov.f64 d0, #1");
+ COMPARE(vmov(d2, -13.0),
+ "eeba2b0a vmov.f64 d2, #-13");
}
VERIFY_RUN();
diff --git a/test/cctest/test-disasm-ia32.cc b/test/cctest/test-disasm-ia32.cc
index e51bfab..40fadd8 100644
--- a/test/cctest/test-disasm-ia32.cc
+++ b/test/cctest/test-disasm-ia32.cc
@@ -415,7 +415,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
diff --git a/test/cctest/test-heap-profiler.cc b/test/cctest/test-heap-profiler.cc
index 7f1e3d8..1819aa4 100644
--- a/test/cctest/test-heap-profiler.cc
+++ b/test/cctest/test-heap-profiler.cc
@@ -56,8 +56,7 @@
TEST(ConstructorProfile) {
v8::HandleScope scope;
- v8::Handle<v8::Context> env = v8::Context::New();
- env->Enter();
+ LocalContext env;
CompileAndRunScript(
"function F() {} // A constructor\n"
@@ -144,8 +143,7 @@
TEST(ClustersCoarserSimple) {
v8::HandleScope scope;
- v8::Handle<v8::Context> env = v8::Context::New();
- env->Enter();
+ LocalContext env;
i::ZoneScope zn_scope(i::DELETE_ON_EXIT);
@@ -183,8 +181,7 @@
TEST(ClustersCoarserMultipleConstructors) {
v8::HandleScope scope;
- v8::Handle<v8::Context> env = v8::Context::New();
- env->Enter();
+ LocalContext env;
i::ZoneScope zn_scope(i::DELETE_ON_EXIT);
@@ -214,8 +211,7 @@
TEST(ClustersCoarserPathsTraversal) {
v8::HandleScope scope;
- v8::Handle<v8::Context> env = v8::Context::New();
- env->Enter();
+ LocalContext env;
i::ZoneScope zn_scope(i::DELETE_ON_EXIT);
@@ -267,8 +263,7 @@
TEST(ClustersCoarserSelf) {
v8::HandleScope scope;
- v8::Handle<v8::Context> env = v8::Context::New();
- env->Enter();
+ LocalContext env;
i::ZoneScope zn_scope(i::DELETE_ON_EXIT);
@@ -362,8 +357,7 @@
TEST(RetainerProfile) {
v8::HandleScope scope;
- v8::Handle<v8::Context> env = v8::Context::New();
- env->Enter();
+ LocalContext env;
CompileAndRunScript(
"function A() {}\n"
@@ -431,8 +425,8 @@
static const v8::HeapGraphNode* GetGlobalObject(
const v8::HeapSnapshot* snapshot) {
- CHECK_EQ(1, snapshot->GetHead()->GetChildrenCount());
- return snapshot->GetHead()->GetChild(0)->GetToNode();
+ CHECK_EQ(1, snapshot->GetRoot()->GetChildrenCount());
+ return snapshot->GetRoot()->GetChild(0)->GetToNode();
}
@@ -449,6 +443,19 @@
}
+static bool IsNodeRetainedAs(const v8::HeapGraphNode* node,
+ v8::HeapGraphEdge::Type type,
+ const char* name) {
+ for (int i = 0, count = node->GetRetainersCount(); i < count; ++i) {
+ const v8::HeapGraphEdge* prop = node->GetRetainer(i);
+ v8::String::AsciiValue prop_name(prop->GetName());
+ if (prop->GetType() == type && strcmp(name, *prop_name) == 0)
+ return true;
+ }
+ return false;
+}
+
+
static bool HasString(const v8::HeapGraphNode* node, const char* contents) {
for (int i = 0, count = node->GetChildrenCount(); i < count; ++i) {
const v8::HeapGraphEdge* prop = node->GetChild(i);
@@ -464,11 +471,9 @@
TEST(HeapSnapshot) {
v8::HandleScope scope;
-
v8::Handle<v8::String> token1 = v8::String::New("token1");
- v8::Handle<v8::Context> env1 = v8::Context::New();
+ LocalContext env1;
env1->SetSecurityToken(token1);
- env1->Enter();
CompileAndRunScript(
"function A1() {}\n"
@@ -479,9 +484,8 @@
"var c1 = new C1(a1);");
v8::Handle<v8::String> token2 = v8::String::New("token2");
- v8::Handle<v8::Context> env2 = v8::Context::New();
+ LocalContext env2;
env2->SetSecurityToken(token2);
- env2->Enter();
CompileAndRunScript(
"function A2() {}\n"
@@ -569,8 +573,7 @@
TEST(HeapSnapshotCodeObjects) {
v8::HandleScope scope;
- v8::Handle<v8::Context> env = v8::Context::New();
- env->Enter();
+ LocalContext env;
CompileAndRunScript(
"function lazy(x) { return x - 1; }\n"
@@ -598,12 +601,13 @@
CHECK_NE(NULL, lazy_code);
// Verify that non-compiled code doesn't contain references to "x"
- // literal, while compiled code does.
+ // literal, while compiled code does. The scope info is stored in FixedArray
+ // objects attached to the SharedFunctionInfo.
bool compiled_references_x = false, lazy_references_x = false;
for (int i = 0, count = compiled_code->GetChildrenCount(); i < count; ++i) {
const v8::HeapGraphEdge* prop = compiled_code->GetChild(i);
const v8::HeapGraphNode* node = prop->GetToNode();
- if (node->GetType() == v8::HeapGraphNode::CODE) {
+ if (node->GetType() == v8::HeapGraphNode::ARRAY) {
if (HasString(node, "x")) {
compiled_references_x = true;
break;
@@ -613,7 +617,7 @@
for (int i = 0, count = lazy_code->GetChildrenCount(); i < count; ++i) {
const v8::HeapGraphEdge* prop = lazy_code->GetChild(i);
const v8::HeapGraphNode* node = prop->GetToNode();
- if (node->GetType() == v8::HeapGraphNode::CODE) {
+ if (node->GetType() == v8::HeapGraphNode::ARRAY) {
if (HasString(node, "x")) {
lazy_references_x = true;
break;
@@ -624,4 +628,132 @@
CHECK(!lazy_references_x);
}
+
+// Trying to introduce a check helper for uint64_t causes many
+// overloading ambiguities, so it seems easier just to cast
+// them to a signed type.
+#define CHECK_EQ_UINT64_T(a, b) \
+ CHECK_EQ(static_cast<int64_t>(a), static_cast<int64_t>(b))
+#define CHECK_NE_UINT64_T(a, b) do \
+ { \
+ bool ne = a != b; \
+ CHECK(ne); \
+ } while (false)
+
+TEST(HeapEntryIdsAndGC) {
+ v8::HandleScope scope;
+ LocalContext env;
+
+ CompileAndRunScript(
+ "function A() {}\n"
+ "function B(x) { this.x = x; }\n"
+ "var a = new A();\n"
+ "var b = new B(a);");
+ const v8::HeapSnapshot* snapshot1 =
+ v8::HeapProfiler::TakeSnapshot(v8::String::New("s1"));
+
+ i::Heap::CollectAllGarbage(true); // Enforce compaction.
+
+ const v8::HeapSnapshot* snapshot2 =
+ v8::HeapProfiler::TakeSnapshot(v8::String::New("s2"));
+
+ const v8::HeapGraphNode* global1 = GetGlobalObject(snapshot1);
+ const v8::HeapGraphNode* global2 = GetGlobalObject(snapshot2);
+ CHECK_NE_UINT64_T(0, global1->GetId());
+ CHECK_EQ_UINT64_T(global1->GetId(), global2->GetId());
+ const v8::HeapGraphNode* A1 =
+ GetProperty(global1, v8::HeapGraphEdge::PROPERTY, "A");
+ const v8::HeapGraphNode* A2 =
+ GetProperty(global2, v8::HeapGraphEdge::PROPERTY, "A");
+ CHECK_NE_UINT64_T(0, A1->GetId());
+ CHECK_EQ_UINT64_T(A1->GetId(), A2->GetId());
+ const v8::HeapGraphNode* B1 =
+ GetProperty(global1, v8::HeapGraphEdge::PROPERTY, "B");
+ const v8::HeapGraphNode* B2 =
+ GetProperty(global2, v8::HeapGraphEdge::PROPERTY, "B");
+ CHECK_NE_UINT64_T(0, B1->GetId());
+ CHECK_EQ_UINT64_T(B1->GetId(), B2->GetId());
+ const v8::HeapGraphNode* a1 =
+ GetProperty(global1, v8::HeapGraphEdge::PROPERTY, "a");
+ const v8::HeapGraphNode* a2 =
+ GetProperty(global2, v8::HeapGraphEdge::PROPERTY, "a");
+ CHECK_NE_UINT64_T(0, a1->GetId());
+ CHECK_EQ_UINT64_T(a1->GetId(), a2->GetId());
+ const v8::HeapGraphNode* b1 =
+ GetProperty(global1, v8::HeapGraphEdge::PROPERTY, "b");
+ const v8::HeapGraphNode* b2 =
+ GetProperty(global2, v8::HeapGraphEdge::PROPERTY, "b");
+ CHECK_NE_UINT64_T(0, b1->GetId());
+ CHECK_EQ_UINT64_T(b1->GetId(), b2->GetId());
+}
+
+
+TEST(HeapSnapshotsDiff) {
+ v8::HandleScope scope;
+ LocalContext env;
+
+ CompileAndRunScript(
+ "function A() {}\n"
+ "function B(x) { this.x = x; }\n"
+ "var a = new A();\n"
+ "var b = new B(a);");
+ const v8::HeapSnapshot* snapshot1 =
+ v8::HeapProfiler::TakeSnapshot(v8::String::New("s1"));
+
+ CompileAndRunScript(
+ "delete a;\n"
+ "b.x = null;\n"
+ "var a = new A();\n"
+ "var b2 = new B(a);");
+ const v8::HeapSnapshot* snapshot2 =
+ v8::HeapProfiler::TakeSnapshot(v8::String::New("s2"));
+
+ const v8::HeapSnapshotsDiff* diff = snapshot1->CompareWith(snapshot2);
+
+ // Verify additions: ensure that addition of A and B was detected.
+ const v8::HeapGraphNode* additions_root = diff->GetAdditionsRoot();
+ bool found_A = false, found_B = false;
+ uint64_t s1_A_id = 0;
+ for (int i = 0, count = additions_root->GetChildrenCount(); i < count; ++i) {
+ const v8::HeapGraphEdge* prop = additions_root->GetChild(i);
+ const v8::HeapGraphNode* node = prop->GetToNode();
+ if (node->GetType() == v8::HeapGraphNode::OBJECT) {
+ v8::String::AsciiValue node_name(node->GetName());
+ if (strcmp(*node_name, "A") == 0) {
+ CHECK(IsNodeRetainedAs(node, v8::HeapGraphEdge::PROPERTY, "a"));
+ CHECK(!found_A);
+ found_A = true;
+ s1_A_id = node->GetId();
+ } else if (strcmp(*node_name, "B") == 0) {
+ CHECK(IsNodeRetainedAs(node, v8::HeapGraphEdge::PROPERTY, "b2"));
+ CHECK(!found_B);
+ found_B = true;
+ }
+ }
+ }
+ CHECK(found_A);
+ CHECK(found_B);
+
+ // Verify deletions: ensure that deletion of A was detected.
+ const v8::HeapGraphNode* deletions_root = diff->GetDeletionsRoot();
+ bool found_A_del = false;
+ uint64_t s2_A_id = 0;
+ for (int i = 0, count = deletions_root->GetChildrenCount(); i < count; ++i) {
+ const v8::HeapGraphEdge* prop = deletions_root->GetChild(i);
+ const v8::HeapGraphNode* node = prop->GetToNode();
+ if (node->GetType() == v8::HeapGraphNode::OBJECT) {
+ v8::String::AsciiValue node_name(node->GetName());
+ if (strcmp(*node_name, "A") == 0) {
+ CHECK(IsNodeRetainedAs(node, v8::HeapGraphEdge::PROPERTY, "a"));
+ CHECK(!found_A_del);
+ found_A_del = true;
+ s2_A_id = node->GetId();
+ }
+ }
+ }
+ CHECK(found_A_del);
+ CHECK_NE_UINT64_T(0, s1_A_id);
+ CHECK(s1_A_id != s2_A_id);
+}
+
#endif // ENABLE_LOGGING_AND_PROFILING
diff --git a/test/cctest/test-heap.cc b/test/cctest/test-heap.cc
index 195fef4..01f23aa 100644
--- a/test/cctest/test-heap.cc
+++ b/test/cctest/test-heap.cc
@@ -77,7 +77,6 @@
CodeDesc desc;
assm.GetCode(&desc);
Object* code = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(code->IsCode());
@@ -91,7 +90,6 @@
}
Object* copy = Heap::CreateCode(desc,
- NULL,
Code::ComputeFlags(Code::STUB),
Handle<Object>(Heap::undefined_value()));
CHECK(copy->IsCode());
diff --git a/test/es5conform/es5conform.status b/test/es5conform/es5conform.status
index e461349..5add082 100644
--- a/test/es5conform/es5conform.status
+++ b/test/es5conform/es5conform.status
@@ -47,27 +47,6 @@
# We do not have a global object called 'global' as required by tests.
chapter15/15.1: FAIL_OK
-# NOT IMPLEMENTED: seal
-chapter15/15.2/15.2.3/15.2.3.8: UNIMPLEMENTED
-# NOT IMPLEMENTED: freeze
-chapter15/15.2/15.2.3/15.2.3.9: UNIMPLEMENTED
-# NOT IMPLEMENTED: isSealed
-chapter15/15.2/15.2.3/15.2.3.11: UNIMPLEMENTED
-# NOT IMPLEMENTED: isFrozen
-chapter15/15.2/15.2.3/15.2.3.12: UNIMPLEMENTED
-
-# NOT IMPLEMENTED: seal
-chapter15/15.2/15.2.3/15.2.3.3/15.2.3.3-4-20: UNIMPLEMENTED
-
-# NOT IMPLEMENTED: freeze
-chapter15/15.2/15.2.3/15.2.3.3/15.2.3.3-4-21: UNIMPLEMENTED
-
-# NOT IMPLEMENTED: isSealed
-chapter15/15.2/15.2.3/15.2.3.3/15.2.3.3-4-23: UNIMPLEMENTED
-
-# NOT IMPLEMENTED: isFrozen
-chapter15/15.2/15.2.3/15.2.3.3/15.2.3.3-4-24: UNIMPLEMENTED
-
# NOT IMPLEMENTED: bind
chapter15/15.2/15.2.3/15.2.3.3/15.2.3.3-4-38: UNIMPLEMENTED
diff --git a/test/mjsunit/apply.js b/test/mjsunit/apply.js
index cab7eb8..613d37d 100644
--- a/test/mjsunit/apply.js
+++ b/test/mjsunit/apply.js
@@ -94,7 +94,7 @@
}
return doo;
}
-
+
assertEquals("42foofishhorse", f.apply(this, arr), "apply to this");
function s() {
@@ -112,28 +112,13 @@
return arguments.length + arguments[arguments.length - 1];
}
-var stack_corner_case_failure = false;
-
for (var j = 1; j < 0x40000000; j <<= 1) {
try {
var a = new Array(j);
a[j - 1] = 42;
assertEquals(42 + j, al.apply(345, a));
} catch (e) {
- if (e.toString().indexOf("Maximum call stack size exceeded") != -1) {
- // For some combinations of build settings, it may be the case that the
- // stack here is just tall enough to contain the array whose size is
- // specified by j but is not tall enough to contain the activation
- // record for the apply call. Allow one such corner case through,
- // checking that the length check will do the right thing for an array
- // the next size up.
- assertEquals(false, stack_corner_case_failure);
- stack_corner_case_failure = true;
- continue;
- }
- assertTrue(e.toString().indexOf("Function.prototype.apply") != -1,
- "exception does not contain Function.prototype.apply: " +
- e.toString());
+ assertTrue(e.toString().indexOf("Maximum call stack size exceeded") != -1);
for (; j < 0x40000000; j <<= 1) {
var caught = false;
try {
@@ -143,9 +128,7 @@
assertUnreachable("Apply of array with length " + a.length +
" should have thrown");
} catch (e) {
- assertTrue(e.toString().indexOf("Function.prototype.apply") != -1,
- "exception does not contain Function.prototype.apply [" +
- "length = " + j + "]: " + e.toString());
+ assertTrue(e.toString().indexOf("Maximum call stack size exceeded") != -1);
caught = true;
}
assertTrue(caught, "exception not caught");
diff --git a/test/mjsunit/call-stub.js b/test/mjsunit/call-stub.js
index a9132a6..9d11649 100644
--- a/test/mjsunit/call-stub.js
+++ b/test/mjsunit/call-stub.js
@@ -49,3 +49,18 @@
}
assertEquals(i < 50 || i >= 70 ? 1 : 2, h.m());
}
+
+
+var nonsymbol = 'wwwww '.split(' ')[0];
+Hash.prototype.wwwww = Hash.prototype.m;
+
+for (var i = 1; i < 100; i++) {
+ if (i == 50) {
+ h[nonsymbol] = function() {
+ return 2;
+ };
+ } else if (i == 70) {
+ delete h[nonsymbol];
+ }
+ assertEquals(i < 50 || i >= 70 ? 1 : 2, h.wwwww());
+}
diff --git a/test/mjsunit/json.js b/test/mjsunit/json.js
index 85457cd..945b662 100644
--- a/test/mjsunit/json.js
+++ b/test/mjsunit/json.js
@@ -85,7 +85,7 @@
};
assertEquals(null, n4.toJSON());
-assertEquals(Object.prototype, JSON.__proto__);
+assertTrue(Object.prototype === JSON.__proto__);
assertEquals("[object JSON]", Object.prototype.toString.call(JSON));
// DontEnum
@@ -313,3 +313,7 @@
var x = 0;
eval("(1); x++; (1)");
TestInvalid('1); x++; (1');
+
+// Test string conversion of argument.
+var o = { toString: function() { return "42"; } };
+assertEquals(42, JSON.parse(o));
diff --git a/test/mjsunit/object-freeze.js b/test/mjsunit/object-freeze.js
new file mode 100644
index 0000000..5ab45e1
--- /dev/null
+++ b/test/mjsunit/object-freeze.js
@@ -0,0 +1,193 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Tests the Object.freeze and Object.isFrozen methods - ES 15.2.3.9 and
+// ES 15.2.3.12
+
+
+// Test that we throw an error if an object is not passed as argument.
+var non_objects = new Array(undefined, null, 1, -1, 0, 42.43);
+for (var key in non_objects) {
+ try {
+ Object.freeze(non_objects[key]);
+ assertUnreachable();
+ } catch(e) {
+ assertTrue(/Object.freeze called on non-object/.test(e));
+ }
+}
+
+for (var key in non_objects) {
+ try {
+ Object.isFrozen(non_objects[key]);
+ assertUnreachable();
+ } catch(e) {
+ assertTrue(/Object.isFrozen called on non-object/.test(e));
+ }
+}
+
+// Test normal data properties.
+var obj = { x: 42, z: 'foobar' };
+var desc = Object.getOwnPropertyDescriptor(obj, 'x');
+assertTrue(desc.writable);
+assertTrue(desc.configurable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(obj, 'z');
+assertTrue(desc.writable);
+assertTrue(desc.configurable);
+assertEquals('foobar', desc.value);
+
+assertTrue(Object.isExtensible(obj));
+assertFalse(Object.isFrozen(obj));
+
+Object.freeze(obj);
+
+// Make sure we are no longer extensible.
+assertFalse(Object.isExtensible(obj));
+assertTrue(Object.isFrozen(obj));
+
+try {
+ obj.foo = 42;
+ assertUnreachable();
+} catch(e) {
+ assertTrue(/object is not extensible/.test(e));
+}
+
+desc = Object.getOwnPropertyDescriptor(obj, 'x');
+assertFalse(desc.writable);
+assertFalse(desc.configurable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(obj, 'z');
+assertFalse(desc.writable);
+assertFalse(desc.configurable);
+assertEquals("foobar", desc.value);
+
+// Make sure that even if we try overwrite a value that is not writable, it is
+// not changed.
+obj.x = "tete";
+assertEquals(42, obj.x);
+obj.x = { get: function() {return 43}, set: function() {} };
+assertEquals(42, obj.x);
+
+// Test on accessors.
+var obj2 = {};
+function get() { return 43; };
+function set() {};
+Object.defineProperty(obj2, 'x', { get: get, set: set, configurable: true });
+
+desc = Object.getOwnPropertyDescriptor(obj2, 'x');
+assertTrue(desc.configurable);
+assertEquals(undefined, desc.value);
+assertEquals(set, desc.set);
+assertEquals(get, desc.get);
+
+assertTrue(Object.isExtensible(obj2));
+assertFalse(Object.isFrozen(obj2));
+Object.freeze(obj2);
+assertTrue(Object.isFrozen(obj2));
+assertFalse(Object.isExtensible(obj2));
+
+desc = Object.getOwnPropertyDescriptor(obj2, 'x');
+assertFalse(desc.configurable);
+assertEquals(undefined, desc.value);
+assertEquals(set, desc.set);
+assertEquals(get, desc.get);
+
+try {
+ obj2.foo = 42;
+ assertUnreachable();
+} catch(e) {
+ assertTrue(/object is not extensible/.test(e));
+}
+
+
+// Test freeze on arrays.
+var arr = new Array(42,43);
+
+desc = Object.getOwnPropertyDescriptor(arr, '0');
+assertTrue(desc.configurable);
+assertTrue(desc.writable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(arr, '1');
+assertTrue(desc.configurable);
+assertTrue(desc.writable);
+assertEquals(43, desc.value);
+
+assertTrue(Object.isExtensible(arr));
+assertFalse(Object.isFrozen(arr));
+Object.freeze(arr);
+assertTrue(Object.isFrozen(arr));
+assertFalse(Object.isExtensible(arr));
+
+desc = Object.getOwnPropertyDescriptor(arr, '0');
+assertFalse(desc.configurable);
+assertFalse(desc.writable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(arr, '1');
+assertFalse(desc.configurable);
+assertFalse(desc.writable);
+assertEquals(43, desc.value);
+
+arr[0] = 'foo';
+
+assertEquals(arr[0], 42);
+
+
+// Test that isFrozen return the correct value even if configurable has been set
+// to false on all properties manually and the extensible flag has also been set
+// to false manually.
+var obj3 = { x: 42, y: 'foo' };
+
+assertFalse(Object.isFrozen(obj3));
+
+Object.defineProperty(obj3, 'x', {configurable: false, writable: false});
+Object.defineProperty(obj3, 'y', {configurable: false, writable: false});
+Object.preventExtensions(obj3);
+
+assertTrue(Object.isFrozen(obj3));
+
+
+// Make sure that an object that has only non-configurable, but one
+// writable property, is not classified as frozen.
+var obj4 = {};
+Object.defineProperty(obj4, 'x', {configurable: false, writable: true});
+Object.defineProperty(obj4, 'y', {configurable: false, writable: false});
+Object.preventExtensions(obj4);
+
+assertFalse(Object.isFrozen(obj4));
+
+// Make sure that an object that has only non-writable, but one
+// configurable property, is not classified as frozen.
+var obj5 = {};
+Object.defineProperty(obj5, 'x', {configurable: true, writable: false});
+Object.defineProperty(obj5, 'y', {configurable: false, writable: false});
+Object.preventExtensions(obj5);
+
+assertFalse(Object.isFrozen(obj5));
diff --git a/test/mjsunit/object-seal.js b/test/mjsunit/object-seal.js
new file mode 100644
index 0000000..896411c
--- /dev/null
+++ b/test/mjsunit/object-seal.js
@@ -0,0 +1,195 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Tests the Object.seal and Object.isSealed methods - ES 15.2.3.9 and
+// ES 15.2.3.12
+
+
+// Test that we throw an error if an object is not passed as argument.
+var non_objects = new Array(undefined, null, 1, -1, 0, 42.43);
+for (var key in non_objects) {
+ try {
+ Object.seal(non_objects[key]);
+ assertUnreachable();
+ } catch(e) {
+ assertTrue(/Object.seal called on non-object/.test(e));
+ }
+}
+
+for (var key in non_objects) {
+ try {
+ Object.isSealed(non_objects[key]);
+ assertUnreachable();
+ } catch(e) {
+ assertTrue(/Object.isSealed called on non-object/.test(e));
+ }
+}
+
+// Test normal data properties.
+var obj = { x: 42, z: 'foobar' };
+var desc = Object.getOwnPropertyDescriptor(obj, 'x');
+assertTrue(desc.writable);
+assertTrue(desc.configurable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(obj, 'z');
+assertTrue(desc.writable);
+assertTrue(desc.configurable);
+assertEquals('foobar', desc.value);
+
+assertTrue(Object.isExtensible(obj));
+assertFalse(Object.isSealed(obj));
+
+Object.seal(obj);
+
+// Make sure we are no longer extensible.
+assertFalse(Object.isExtensible(obj));
+assertTrue(Object.isSealed(obj));
+
+// We should not be frozen, since we are still able to
+// update values.
+assertFalse(Object.isFrozen(obj));
+
+// We should not allow new properties to be added.
+try {
+ obj.foo = 42;
+ assertUnreachable();
+} catch(e) {
+ assertTrue(/object is not extensible/.test(e));
+}
+
+desc = Object.getOwnPropertyDescriptor(obj, 'x');
+assertTrue(desc.writable);
+assertFalse(desc.configurable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(obj, 'z');
+assertTrue(desc.writable);
+assertFalse(desc.configurable);
+assertEquals("foobar", desc.value);
+
+// Since writable is not affected by seal we should still be able to
+// update the values.
+obj.x = "43";
+assertEquals(43, obj.x);
+
+// Test on accessors.
+var obj2 = {};
+function get() { return 43; };
+function set() {};
+Object.defineProperty(obj2, 'x', { get: get, set: set, configurable: true });
+
+desc = Object.getOwnPropertyDescriptor(obj2, 'x');
+assertTrue(desc.configurable);
+assertEquals(undefined, desc.value);
+assertEquals(set, desc.set);
+assertEquals(get, desc.get);
+
+assertTrue(Object.isExtensible(obj2));
+assertFalse(Object.isSealed(obj2));
+Object.seal(obj2);
+
+// Since this is an accessor property the object is now effectively both
+// sealed and frozen (accessors has no writable attribute).
+assertTrue(Object.isFrozen(obj2));
+assertFalse(Object.isExtensible(obj2));
+assertTrue(Object.isSealed(obj2));
+
+desc = Object.getOwnPropertyDescriptor(obj2, 'x');
+assertFalse(desc.configurable);
+assertEquals(undefined, desc.value);
+assertEquals(set, desc.set);
+assertEquals(get, desc.get);
+
+try {
+ obj2.foo = 42;
+ assertUnreachable();
+} catch(e) {
+ assertTrue(/object is not extensible/.test(e));
+}
+
+
+// Test seal on arrays.
+var arr = new Array(42,43);
+
+desc = Object.getOwnPropertyDescriptor(arr, '0');
+assertTrue(desc.configurable);
+assertTrue(desc.writable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(arr, '1');
+assertTrue(desc.configurable);
+assertTrue(desc.writable);
+assertEquals(43, desc.value);
+
+assertTrue(Object.isExtensible(arr));
+assertFalse(Object.isSealed(arr));
+Object.seal(arr);
+assertTrue(Object.isSealed(arr));
+assertFalse(Object.isExtensible(arr));
+// Since the values in the array is still writable this object
+// is not frozen.
+assertFalse(Object.isFrozen(arr));
+
+desc = Object.getOwnPropertyDescriptor(arr, '0');
+assertFalse(desc.configurable);
+assertTrue(desc.writable);
+assertEquals(42, desc.value);
+
+desc = Object.getOwnPropertyDescriptor(arr, '1');
+assertFalse(desc.configurable);
+assertTrue(desc.writable);
+assertEquals(43, desc.value);
+
+arr[0] = 'foo';
+
+// We should be able to overwrite the existing value.
+assertEquals('foo', arr[0]);
+
+
+// Test that isSealed returns the correct value even if configurable
+// has been set to false on all properties manually and the extensible
+// flag has also been set to false manually.
+var obj3 = { x: 42, y: 'foo' };
+
+assertFalse(Object.isFrozen(obj3));
+
+Object.defineProperty(obj3, 'x', {configurable: false, writable: true});
+Object.defineProperty(obj3, 'y', {configurable: false, writable: false});
+Object.preventExtensions(obj3);
+
+assertTrue(Object.isSealed(obj3));
+
+
+// Make sure that an object that has a configurable property
+// is not classified as sealed.
+var obj4 = {};
+Object.defineProperty(obj4, 'x', {configurable: true, writable: false});
+Object.defineProperty(obj4, 'y', {configurable: false, writable: false});
+Object.preventExtensions(obj4);
+
+assertFalse(Object.isSealed(obj4));
diff --git a/test/mjsunit/regress/regress-r4998.js b/test/mjsunit/regress/regress-r4998.js
new file mode 100644
index 0000000..9cf3371
--- /dev/null
+++ b/test/mjsunit/regress/regress-r4998.js
@@ -0,0 +1,94 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Test for a broken fast-smi-loop that does not save the incremented value
+// of the loop index. If this test fails, it loops forever, and times out.
+
+// Flags: --nofull-compiler
+
+// Calling foo() spills the virtual frame.
+function foo() {
+ return;
+}
+
+function bar() {
+ var x1 = 3;
+ var x2 = 3;
+ var x3 = 3;
+ var x4 = 3;
+ var x5 = 3;
+ var x6 = 3;
+ var x7 = 3;
+ var x8 = 3;
+ var x9 = 3;
+ var x10 = 3;
+ var x11 = 3;
+ var x12 = 3;
+ var x13 = 3;
+
+ foo();
+
+ x1 = 257;
+ x2 = 258;
+ x3 = 259;
+ x4 = 260;
+ x5 = 261;
+ x6 = 262;
+ x7 = 263;
+ x8 = 264;
+ x9 = 265;
+ x10 = 266;
+ x11 = 267;
+ x12 = 268;
+ x13 = 269;
+
+ // The loop variable x7 is initialized to 3,
+ // and then MakeMergeable is called on the virtual frame.
+ // MakeMergeable has forced the loop variable x7 to be spilled,
+ // so it is marked as synced
+ // The back edge then merges its virtual frame, which incorrectly
+ // claims that x7 is synced, and does not save the modified
+ // value.
+ for (x7 = 3; x7 < 10; ++x7) {
+ foo();
+ }
+}
+
+bar();
+
+function aliasing() {
+ var x = 3;
+ var j;
+ for (j = 7; j < 11; ++j) {
+ x = j;
+ }
+
+ assertEquals(10, x);
+ assertEquals(11, j);
+}
+
+aliasing();