Commit Graph

343 Commits

Author SHA1 Message Date
rossberg@chromium.org
0977c60984 Use AST's type field and merge types for unary, binary & compare ICs
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/17468003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15264 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-21 11:10:06 +00:00
jkummerow@chromium.org
47ba2b2dd8 Migrate BinaryOpICs and UnaryOpICs to new type rep
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/16957004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15172 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-14 17:02:39 +00:00
danno@chromium.org
61a23ceb4d Refactor only: Rename JSGlobaPropertyCell to PropertyCell
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/17064002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15165 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-14 16:06:12 +00:00
verwaest@chromium.org
2987b11701 Install a generic handler whenever we fail to update the IC.
Ignore select cases in StoreIC since we don't have premonomorphic.

R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/17027007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15145 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-14 11:21:34 +00:00
verwaest@chromium.org
8bc9d98786 Implement IC support for Constant Function transitions.
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/16826016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15124 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-13 15:01:25 +00:00
rossberg@chromium.org
94f651bc1b Migrate Compare ICs to new type rep
(Does not yet use common AST expression type field.)

R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/16361015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15093 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-12 17:20:37 +00:00
olivf@chromium.org
946ea53264 use compare nil ic only for non-strict equality. strict-equality only has one check and cannot deopt. should therefore not be part of the stub.
BUG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/16732002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15045 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-10 15:47:23 +00:00
olivf@chromium.org
3a26dda780 revert accidental dcommit
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15044 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-10 15:43:40 +00:00
olivf@chromium.org
73b7ab9ae6 remove equality kind from compare nil ic
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15042 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-10 15:30:02 +00:00
verwaest@chromium.org
dbb16eaec3 Lookup transition again after migrating a transition target.
R=ulan@chromium.org
BUG=chromium:242332

Review URL: https://chromiumcodereview.appspot.com/16347005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15031 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-10 11:27:09 +00:00
jkummerow@chromium.org
2272aa71d9 Add LoadIC_Slow builtin and use it for loading properties from primitive values.
This fixes recent performance regressions on Dromaeo.

BUG=chromium:242512
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/16226024

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14950 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-05 11:12:49 +00:00
svenpanne@chromium.org
b9e025a8dc Collect type feedback for power-of-2 right operands in BinaryOps.
Improved --trace-ic output for unary/binary ops a bit on the way. Moved int32_t/uint32_t conversion helpers around.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/15735005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14928 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-04 07:49:45 +00:00
yangguo@chromium.org
7f8a3d803c Make assertion scopes thread safe.
R=svenpanne@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/15691017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-06-03 15:32:22 +00:00
olivf@chromium.org
88755fb22a Convert ToBooleanStub to a HydrogenStub. Currently just using the existing HBranch instruction, which is still fully implemented in Lithium. Will refactor HBranch in a next CL.
[
CL breaks mips, since the deoptimizer in Deoptimizer::DoTranslateCommand(...) does not convert smis passed to the stub via a0.
]

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/15302004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-29 14:49:28 +00:00
olivf@chromium.org
2952a77d0b trace compare_nil_ic state in --trace-ic output
BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/15735020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14808 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-24 15:20:48 +00:00
olivf@chromium.org
7aa74c3dc5 fix some names in compare nil ic
The compare nil ic introduces a mechanism called lightweight miss. The
idea is to insert a direct call to the miss handler instead of going
through the deopt routine. This can be use for uninitialized stubs, to
directly jump to the runtime.

This cl
1. Cleans up naming
2. localizes the lightweight miss functionality on the only user (compare nil ic)
3. fixes DoCodegen, to actually call the correct method (uninitialized vs initialized)

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/15806005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14798 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-24 11:44:55 +00:00
olivf@chromium.org
c3dde4bd9d Encapsulating Type information in the CompareICStub
Encapsulate type information in a convenient wrapper instead of storing it in a naked bitfield. This especially facilitates transitioning to a new state and converting from/to the extraICState representation. Additionally cleaning up ToBooleanICStub::Types for consistency.

BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/14862009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-16 10:59:17 +00:00
danno@chromium.org
05e8e0e7b4 Elide hole checks on KeyedLoads of holey double arrays
Improves NavierStokes by about 5%

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/15014020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14630 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-13 07:35:26 +00:00
verwaest@chromium.org
52008429b7 Use mutable heapnumbers to store doubles in fields.
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/14850006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-08 15:02:08 +00:00
verwaest@chromium.org
984122a7ea Overwrite the handler using Set.
InsertAt apparently inserts by moving the other elements... that does not work.

Review URL: https://chromiumcodereview.appspot.com/14566007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14535 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-03 08:48:53 +00:00
verwaest@chromium.org
84fd96e4d1 Cleanup IC heuristics.
Review URL: https://chromiumcodereview.appspot.com/14611006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14524 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-05-02 15:42:22 +00:00
verwaest@chromium.org
99e17bb12a Track storage types of instance variables.
Review URL: https://chromiumcodereview.appspot.com/14146005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14464 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-26 15:30:41 +00:00
danno@chromium.org
f8ddf3a262 Add monomorphic CompareNilICs and Crankshaft support
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/14367018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14407 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-24 11:32:17 +00:00
danno@chromium.org
bc04544f02 Replace math.h with cmath
This will make it easier to use other STL headers in the future

Review URL: https://codereview.chromium.org/14362023

Patch from Jochen Eisinger <jochen@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14352 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-19 13:26:47 +00:00
ulan@chromium.org
1938b1de3b Handle retry-after-gc failures within LoadIC::Load and StoreIC::Store.
Follow-up for r14321, makes the remaining unsafe calls to runtime functions during ic computation safe.

R=verwaest@chromium.org
BUG=222301

Review URL: https://chromiumcodereview.appspot.com/13976015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-19 08:30:49 +00:00
danno@chromium.org
80adb58933 Add infrastructure to automatucally generate IC miss stubs
Review URL: https://codereview.chromium.org/13886013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-18 20:37:27 +00:00
ulan@chromium.org
5a21512936 Handle retry-after-gc failures within KeyedLoadIC::Load and KeyedStoreIC::Store.
Returning retry-after-gc failure from these functions causes them to be
re-executed after ic state change, which breaks stub computation assumptions.

R=verwaest@chromium.org
BUG=222301
TEST=mjsunit/array-bounds-check-removal.js --gc_interval=10 in x64.debug

Review URL: https://chromiumcodereview.appspot.com/14251014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-18 08:14:59 +00:00
verwaest@chromium.org
c96a928c75 Disentangle field from transition stores.
Review URL: https://chromiumcodereview.appspot.com/14063006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14223 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-11 09:48:03 +00:00
svenpanne@chromium.org
90a587088b Train wreck reduction.
Furthermore, this tiny patch avoids direct access to the context_ field.

Review URL: https://codereview.chromium.org/13772004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14165 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-04-08 13:10:59 +00:00
dslomov@chromium.org
e357ddc249 Replace ICStub for array.length with hydrogen stub
BUG=

Review URL: https://codereview.chromium.org/12700006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14090 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-28 12:43:19 +00:00
danno@chromium.org
dfd9ea8087 Fix store_mode bug involving polymorphism with external and JS arrays.
Review URL: https://codereview.chromium.org/12987014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14064 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-25 15:19:22 +00:00
verwaest@chromium.org
a8b3215afa Change LookupForWrite to always do a full lookup and check the result.
If we find a property in the prototype-chain that we can overwrite, and
we have a transition, keep the holder in the lookup-result as the actual
holder. We will need it for the consistency-check in GenerateStoreField.

By directly checking the entire chain we avoid having to lazily bail out
to a copy of the miss stub while generating the Field Store IC.

Currently this CL disallows a normal non-receiver holder, given that
that would require a positive lookup + details verification to ensure
the property did not become read-only. This fixes the regressions in the
attached tests.

Review URL: https://chromiumcodereview.appspot.com/12810006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14061 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-25 12:55:27 +00:00
rossberg@chromium.org
83d4a41dec ES6 symbols: turn symbols into a proper primitive type
(qua last week's TC39)

Specifically:
- Install Symbol constructor function on the global object.
- Adjust code generation for typeof.
- Remove IsSymbol built-in, IS_SYMBOL macro now defined using typeof.
- Remove hack that allowed symbols as constructor results, and some other special cases.
- Remove symbol_delegate and GetDelegate function.
- Extend ToBoolean stub to handle symbols.
- Extend ToNumber to return NaN on symbols.
- Poison symbol's toString function, and thereby ToString on symbols.

R=mstarzinger@chromium.org
BUG=v8:2158

Review URL: https://codereview.chromium.org/12957004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14051 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-22 16:33:50 +00:00
verwaest@chromium.org
a23caf9f71 Explicitly pass the isolate to create handles in ic.cc
Review URL: https://chromiumcodereview.appspot.com/12704015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14007 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-20 13:12:33 +00:00
danno@chromium.org
ffd0c712e8 Implement many KeyedStoreStubs using Crankshaft
- Addition of a compiled hydrogen stub for KeyedStores.
- Inlining of "grow" stubs into OPTIMIZED_FUNCTIONs
- Addition of new "ignore OOB" ic stub that silently swallows out-of-bounds stores to external typed arrays.
- Addition of new "copy-on-write" ic stub that inlines allocation and copying operations for cow array
- New stub are generated with Crankshaft, so they are automatically inlined into OPTIMIZED_FUNCTIONs

Review URL: https://codereview.chromium.org/12221064

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-20 10:37:13 +00:00
verwaest@chromium.org
5615a1d606 Cleanup the copying of ICs to the Megamorphic Code Cache
Review URL: https://chromiumcodereview.appspot.com/12521007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13907 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-11 15:11:39 +00:00
danno@chromium.org
bbc599f334 Unify grow mode and stub kind
In the process, ensure that transition-causing element stores handle all cases of the transitioned receiver map.

Review URL: https://codereview.chromium.org/12390031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13850 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-06 21:51:07 +00:00
verwaest@chromium.org
34697f5b12 Make IC patching resilient to flushing of the original target() ic.
Review URL: https://chromiumcodereview.appspot.com/12451003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-05 17:38:35 +00:00
verwaest@chromium.org
590a3f8811 Polymorphism support for load IC.
Review URL: https://chromiumcodereview.appspot.com/12340112

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13801 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-04 14:03:27 +00:00
rossberg@chromium.org
090d09d685 ES6 symbols: Implement Symbol intrinsic and basic functionality
- Add --harmony-symbols flag.
- Add Symbol constructor; allow symbols as (unreplaced) return value from constructors.
- Introduce %CreateSymbol and %_IsSymbol natives and respective instructions.
- Extend 'typeof' code generation to handle symbols.
- Extend CompareIC with a UNIQUE_NAMES state that (uniformly) handles internalized strings and symbols.
- Property lookup delegates to SymbolDelegate object for symbols, which only carries the toString method.
- Extend Object.prototype.toString to recognise symbols.

Per the current draft spec, symbols are actually pseudo objects that are frozen with a null prototype and only one property (toString). For simplicity, we do not treat them as proper objects for now, although typeof will return "object". Only property access works as if they were (frozen) objects (via the internal delegate object).

(Baseline CL: https://codereview.chromium.org/12223071/)

R=mstarzinger@chromium.org
BUG=v8:2158

Review URL: https://codereview.chromium.org/12296026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13786 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-03-01 13:28:55 +00:00
rossberg@chromium.org
55f93b5532 Renamed "symbols" to "internalized strings" throughout the code base,
in preparation of the introduction of ES6 'symbols' (aka private/unique names).

The SymbolTable became the StringTable. I also made sure to adapt all comments. The only remaining use of the term "symbol" (other than unrelated uses in the parser and such) is now 'NewSymbol' in the API and the 'V8.KeyedLoadGenericSymbol' counter, changing which might break embedders.

The one functional change in this CL is that I removed the former 'empty_string' constant, since it is redundant given the 'empty_symbol' constant that we also had (and both were used inconsistently).

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/12210083

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13781 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-28 17:03:34 +00:00
rossberg@chromium.org
8924d03e16 Minor cleanup of CompareIC state
Allow transitioning from KNOWN_OBJECT to KNONW_OBJECT or OBJECT.
Also, rename HEAP_NUMBER IC states to NUMBER, since they handle Smis, too.

R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/12254036

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13775 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-28 14:43:57 +00:00
svenpanne@chromium.org
c26d100b10 Avoid TLS accesses in Object::Lookup and Object::GetPrototype.
Both methods were among the top causes for TLS accesses.

BUG=v8:2487

Review URL: https://codereview.chromium.org/12319144

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13759 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-27 13:22:29 +00:00
svenpanne@chromium.org
6e829ed485 Added Isolate parameter to CodeStub::GetCode().
According to gprof, this was the #1 cause for TLS access during an Octane run.

BUG=v8:2487

Review URL: https://codereview.chromium.org/12317141

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-27 12:33:24 +00:00
svenpanne@chromium.org
fb6776e84a Made Isolate a mandatory parameter for everything Handle-related.
Unified parameter order of CreateHandle with the rest of v8 on the way. A few
Isolate::Current()s had to be introduced, which is not nice, and not every place
will win a beauty contest, but we can clean this up later easily in smaller steps.

Review URL: https://codereview.chromium.org/12300018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13717 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-25 14:46:09 +00:00
svenpanne@chromium.org
71a26c928a Make the Isolate parameter mandatory for internal HandleScopes.
Improved Frames and their iterators on the way, too.

BUG=v8:2487

Review URL: https://codereview.chromium.org/12254007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13674 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-15 09:27:10 +00:00
dcarney@chromium.org
0da6e525b7 Split AccessorInfo into DeclaredAccessorInfo and ExecutableAccessorInfo
R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/12213012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-12 14:33:08 +00:00
verwaest@chromium.org
394cf5111d Calculate proper receiver map for monomorphic transitioning ICs.
This fixes a regression caused by
https://chromiumcodereview.appspot.com/11953025/

Review URL: https://chromiumcodereview.appspot.com/12217131

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13644 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-02-12 10:56:04 +00:00
verwaest@chromium.org
b1e5157e7b Support slow-mode prototypes for load and call ICs.
This changes LoadNonExistent to handle negative lookups as well.

Review URL: https://chromiumcodereview.appspot.com/12092043

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13571 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-01-31 16:18:18 +00:00
danno@chromium.org
f7bae62cd3 Fix gbemu preformance regression
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/12084063

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13557 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-01-30 14:25:34 +00:00