jkummerow@chromium.org
b413f376c4
Move profiler_ticks to Code object, don't walk the stack when patching ICs
...
Review URL: https://chromiumcodereview.appspot.com/9866030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11162 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-03-27 12:19:50 +00:00
vegorov@chromium.org
254d810a32
When transitioning LoadIC to megamorphic case place monomorphic stubs into stub cache.
...
Otherwise if function is optimized immediately after transition type oracle will be unable to gather enough maps from stub cache and graph builder will emit HLoadNamedGeneric instead of HLoadNamedPolymorphic.
R=fschneider@chromium.org
Review URL: https://chromiumcodereview.appspot.com/9705102
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11085 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-03-19 12:09:22 +00:00
yangguo@chromium.org
e711ff38ef
Inline inequality compares of strings into CompareICStub instead of jumping into the CompareStub that handles the generic case.
...
BUG=
TEST=
Review URL: https://chromiumcodereview.appspot.com/9649027
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10988 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-03-09 13:12:59 +00:00
danno@chromium.org
57a0c6c6e3
Inline ordered relational compares of mixed double/undefined values.
...
Allow Crankshaft to inline ordered relational comparisons (<, >, <=, >=) that have undefined arguments in addition to double value arguments (rather than calling the generic Compare stub).
R=fschneider@chromium.org
TEST=test/mjsunit/comparison-ops-and-undefined.js
Review URL: https://chromiumcodereview.appspot.com/9584006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-03-02 13:40:14 +00:00
jkummerow@chromium.org
2c29f4d575
Profiler experiments: be more careful when accessing TypeFeedbackInfo
...
Review URL: https://chromiumcodereview.appspot.com/9471008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-27 08:08:14 +00:00
mstarzinger@chromium.org
1a356cff3e
Fix redefinition of aliased elements in arguments.
...
This refactors the way we (re)define elements to perform normalization
and attribute updating at a much deeper level, thereby removing some
bogus special cases in upper runtime layers.
Most element setters take an indicator flag that distinguishes between
setting and defining. Setting of an element causes attributes to remain
unchanged, writability to be checked and callbacks to be called.
Defining of an element causes attributes to be updated and callbacks to
be overridden. The same approach could be taken for properties.
R=svenpanne@chromium.org
BUG=v8:1772
TEST=test262,test262/15.2.3.6-4-333-11
Review URL: https://chromiumcodereview.appspot.com/9443014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10808 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-23 11:43:07 +00:00
jkummerow@chromium.org
0177aa62da
Count ICs that have type information.
...
Hidden behind --type-info-threshold=X flag, usage dependent on experimental profiler.
Review URL: https://chromiumcodereview.appspot.com/9403009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10753 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-20 12:57:23 +00:00
danno@chromium.org
da2e84fcb2
Fix crash in CALLBACK KeyedIC stub.
...
TBR=jkummerow@chromium.org
Review URL: https://chromiumcodereview.appspot.com/9390005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-13 13:39:31 +00:00
danno@chromium.org
ad41b9ebc4
Optimize call sites that only ever see a single elements transition
...
R=jkummerow@chromium.org
TEST=imaging-gaussian-blur performance improves
Review URL: https://chromiumcodereview.appspot.com/9389001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-13 11:37:39 +00:00
danno@chromium.org
f0c4b87f34
Implement KeyedStoreICs to grow arrays on out-of-bound stores.
...
Supports growing non-COW JSArray by a single element if the backing store has room, and initial allocation of a backing store for the store to index zero of an empty array to kPreallocatedArrayElements elements (e.g. the [] array literal).
Review URL: https://chromiumcodereview.appspot.com/9310117
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-10 12:36:05 +00:00
jkummerow@chromium.org
de510c3a58
Split experimental profiler flags
...
Review URL: https://chromiumcodereview.appspot.com/9374015
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-09 13:30:01 +00:00
danno@chromium.org
1588f7224e
Revert 9111036: Promote double arrays to FAST_ELEMENT that use generic KeyedLoadIC
...
It tanked Kraken.
TBR=jkummerow@chromium.org
Review URL: https://chromiumcodereview.appspot.com/9368024
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-09 13:07:46 +00:00
jkummerow@chromium.org
aa2e842134
Count-based profiling for primitive functions (hidden behind a flag)
...
Review URL: https://chromiumcodereview.appspot.com/9361026
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10657 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-09 10:19:46 +00:00
danno@chromium.org
d89c0b9500
Promote double arrays to FAST_ELEMENT that use generic KeyedLoadIC
...
Review URL: https://chromiumcodereview.appspot.com/9111036
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10652 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-02-09 09:11:04 +00:00
svenpanne@chromium.org
fd2731a7e6
Replaced LookupResult::IsProperty by LookupResult::IsFound where possible.
...
Yak shaving for map sharing with accessor properties contd.: When CALLBACKS can
have map transitions, simply looking at the property type is not sufficient
anymore to decide if a property is there or not. One has to look at the actual
contents of the descriptor entry then, but this breaks down sometimes when the
lookup is being done with a NULL holder. Luckily enough, we can oftren replace
IsProperty by the simpler IsFound, because we inspect the type immediately
afterwards, anyway.
Review URL: https://chromiumcodereview.appspot.com/9280007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-23 12:01:47 +00:00
svenpanne@chromium.org
ed4343d982
Removed IsPropertyOrTransition method.
...
It had only 2 uses: One use could be rewritten in a simpler way, and the other
is actually more readable after inlining and fixing the comments.
Review URL: https://chromiumcodereview.appspot.com/9233006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10462 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-20 15:10:35 +00:00
jkummerow@chromium.org
606c996a67
Revert "Immediately use the generic stub when storing into COW arrays"
...
Due to unexpected performance implications.
This reverts r10429.
Review URL: https://chromiumcodereview.appspot.com/9150032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10444 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-19 14:58:54 +00:00
jkummerow@chromium.org
99718b95a8
Immediately use the generic stub when storing into COW arrays
...
Review URL: https://chromiumcodereview.appspot.com/9254005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10429 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-18 13:15:22 +00:00
ulan@chromium.org
746ef93362
Move handlified functions from handles.cc to objects.cc
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/9008012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-01-05 17:16:19 +00:00
mstarzinger@chromium.org
502039a6bd
Fix invalid usage of StoreIC_ArrayLength optimization.
...
This introduces an additional check into the StoreIC_ArrayLength builtin
checking that the array still has fast properties. Redifinitions of the
length property that would cause it's type or attributes to change, will
switch to slow properties, thereby invalidating said optimization.
R=svenpanne@chromium.org
BUG=v8:1756
TEST=test262
Review URL: http://codereview.chromium.org/8895025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10254 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-14 12:46:32 +00:00
ricow@chromium.org
ec66c36fbf
Reland 10216 - Optimize the equality check case of ICCompare stubs.
...
Now with arm and x64 support. Additionally, added default unreachable case to switch statement in CompareIC::TargetState to make win and mac compilers happy.
Reviewer guide:
This is an exact copy of 10216 except:
src/arm/*
src/x64/*
src/ic.cc (added default case to swith in CompareIC::TargetState)
Review URL: http://codereview.chromium.org/8872060
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-09 09:26:14 +00:00
ricow@chromium.org
174532d23f
Revert 10216 Optimize the equality check case of ICCompare stubs.
...
Missing arm and x64 implementations
Review URL: http://codereview.chromium.org/8883023
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10217 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-08 17:28:44 +00:00
ricow@chromium.org
1028cf2631
Optimize the equality check case of ICCompare stubs.
...
This includes specialcasing the generation when we know that the maps
of the two objects are the same. In addition, a new specialized
compare ic known objects cache is created.
The reason for the cache is that we need to have access to the stub
code from the roots; if we do not, the GC will collect the stub. In
this specialized case we use the map pointer as key in the cache, and
we always do a lookup before generating code. Actually hitting
something in the cache will happen very rarely, but we could
potentially overwrite an existing stub, which again will lead to the
GC collecting this old stub (even if it is referenced from other code
objects)
Review URL: http://codereview.chromium.org/8520006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10216 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-08 17:17:21 +00:00
fschneider@chromium.org
066822a2cf
Port to x64 and ARM and some refactoring of ia32.
...
Review URL: http://codereview.chromium.org/8111006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10174 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-06 12:11:08 +00:00
danno@chromium.org
5bcb4d30ed
Improve TraceIC logging
...
Explicitly log generic stub transitions and the reason that they are happening.
R=jkummerow@chromium.org
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/8803013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10165 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-12-05 21:54:45 +00:00
keuchel@chromium.org
1e9a7267ab
Introduce extended mode.
...
This CL introduces a third mode next to the non-strict
(henceforth called 'classic mode') and 'strict mode'
which is called 'extended mode' as in the current
ES.next specification drafts. The extended mode is based on
the 'strict mode' and adds new functionality to it. This
means that most of the semantics of these two modes
coincide.
The 'extended mode' is entered instead of the 'strict mode'
during parsing when using the 'strict mode' directive
"use strict" and when the the harmony-scoping flag is
active. This should be changed once it is fully specified how the 'extended mode' is entered.
This change introduces a new 3 valued enum LanguageMode
(see globals.h) corresponding to the modes which is mostly
used by the frontend code. This includes the following
components:
* (Pre)Parser
* Compiler
* SharedFunctionInfo, Scope and ScopeInfo
* runtime functions: StoreContextSlot,
ResolvePossiblyDirectEval, InitializeVarGlobal,
DeclareGlobals
The old enum StrictModeFlag is still used in the backend
when the distinction between the 'strict mode' and the 'extended mode' does not matter. This includes:
* SetProperty runtime function, Delete builtin
* StoreIC and KeyedStoreIC
* StubCache
Review URL: http://codereview.chromium.org/8417035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10062 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-24 15:17:04 +00:00
svenpanne@chromium.org
36b715b1bd
Refactoring only: Make the handling of PropertyType more explicit.
...
Do not rely on 'default' clauses or 'if's when analysing a PropertyType, because
this makes it hard to find the relevant places when a new type is added. Note
that the detection of "phantom property types" is left untouched, because this
might have a performance impact, especially for the GC (to be investigated).
This is a preliminary step for introducing a new kind of map transition.
Review URL: http://codereview.chromium.org/8491016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-11-08 08:42:13 +00:00
rossberg@chromium.org
f7d56eb602
Handle proxies in KeyedStoreIC::Store, instead of just ignoring them.
...
R=mstarzinger@chromium.org
BUG=v8:1543
TEST=
Review URL: http://codereview.chromium.org/8391005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9787 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-26 09:31:40 +00:00
ulan@chromium.org
ae6e6a689c
Handlify KeyedIC::ComputeStub.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8356041
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-21 11:42:54 +00:00
kmillikin@chromium.org
e3792a6830
Handlify the stub cache lookup and patching for CallIC and KeyedCallIC.
...
R=ulan@chromium.org ,vegorov@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8357010
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9729 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 17:08:53 +00:00
ulan@chromium.org
997ad6387a
Handlify upper layers of KeyedStoreIC.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8356039
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9727 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 13:54:16 +00:00
yangguo@chromium.org
bd5e694a9c
Refactor elements kind conversion.
...
Review URL: http://codereview.chromium.org/8355035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9724 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 12:36:45 +00:00
ulan@chromium.org
f985b15aae
Handlify upper layers of KeyedLoadIC.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8352003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9714 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-20 09:35:47 +00:00
jkummerow@chromium.org
3a9d6c04ba
Introduce HTransitionElementsKind instruction.
...
TEST=mjsunit/elements-kind
Review URL: http://codereview.chromium.org/8305001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9702 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:10:18 +00:00
kmillikin@chromium.org
838fc27766
Handlify the runtime lookup of CallIC and KeyedCallIC.
...
R=ulan@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8345038
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9701 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 12:04:16 +00:00
ulan@chromium.org
80e3843dc3
Handlify upper layers of StoreIC based on 8337008.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8341008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 09:17:01 +00:00
lrn@chromium.org
cefbb1e7f8
Make bound functions have poisoned .caller and .arguments.
...
Also makes func.caller return null if the caller is a bound function,
matching JSC.
Fix bug preventing poisoned setters from triggering.
TEST=mjsunit/function-bind, mjsunit/strict-mode
Review URL: http://codereview.chromium.org/8333019
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:26:53 +00:00
ulan@chromium.org
feeb0b0211
Handlify upper layers of LoadIC.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8337008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 12:19:18 +00:00
kmillikin@chromium.org
56c763f023
Make the GC aware of JSReceiver pointers in LookupResults.
...
The LookupResult utility class is used in handlified code, but it can
contain a raw pointer to the lookup's holder object. Create a per-thread
stack of live LookupResults and iterate all the live ones on GC.
R=vegorov@chromium.org ,erik.corry@gmail.com
BUG=
TEST=
Review URL: http://codereview.chromium.org/8341009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9676 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:18:55 +00:00
rossberg@chromium.org
4753976194
Fix handling of this in direct calls to function proxies.
...
Fix & tweak some proxy-related error messages.
R=kmillikin@chromium.org
BUG=v8:1543
TEST=
Review URL: http://codereview.chromium.org/8229008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9613 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-13 15:55:57 +00:00
yangguo@chromium.org
fae807b3bb
Elements kind conversion in generated code (ia32).
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8241003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9605 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-13 10:53:31 +00:00
jkummerow@chromium.org
312c534a6c
Refactor and fix polymorphic KeyedStoreIC creation
...
Review URL: http://codereview.chromium.org/8233011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 16:02:45 +00:00
jkummerow@chromium.org
184fdcf28b
Track elements_kind transitions in KeyedStoreICs.
...
Review URL: http://codereview.chromium.org/8166017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9577 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 09:33:00 +00:00
fschneider@chromium.org
313f9505b4
Make accessors for oddball objects return Oddball* instead of Object*.
...
Fix a use of the hole value and the undefined value before initialization when
initializing V8. Before we just read a NULL value from them.
Review URL: http://codereview.chromium.org/8130002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9557 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-10 09:21:48 +00:00
kmillikin@chromium.org
1f12cc4099
Simplify calling generated code from the runtime.
...
Instead of expecting Object** arrays at the outermost level, expect
Handle<Object> arrays and reinterpret_cast them only just before invoking
the generated code.
R=rossberg@chromium.org ,fschneider@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8133020
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9537 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-06 09:31:38 +00:00
jkummerow@chromium.org
0455aadbeb
Add Crankshaft support for smi-only elements
...
Review URL: http://codereview.chromium.org/8002019
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9426 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 12:09:04 +00:00
danno@chromium.org
f48c9f6557
Basic support for tracking smi-only arrays on ia32.
...
Activated by the flag --smi-only-arrays
Currently not crankshaft support, using flag on non-ia32 platforms will lead to write barrier misses and crashes.
BUG=none
TEST=elements_kind.js
Review URL: http://codereview.chromium.org/7901016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9392 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 11:30:04 +00:00
rossberg@chromium.org
42f0a73a96
Make proxies work as prototypes.
...
Fix a couple of other proxy bugs along the way.
Refactor trap invocation in native code.
R=kmillikin@chromium.org
BUG=v8:1543
TEST=
Review URL: http://codereview.chromium.org/7799026
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-16 13:38:30 +00:00
kmillikin@chromium.org
40cd59f238
Remove in-loop tracking for call ICs.
...
We passed this flag around in a lot of places and had differenc call
ICs based on it, but never did any real specialization based on its
value.
R=fschneider@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/7869009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9260 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-13 12:53:28 +00:00
danno@chromium.org
9b2de409f9
Mechanical refactor to move ElementsKind type out of JSObject.
...
R=svenpanne@chromium.org
BUG=none
TEST=all
Review URL: http://codereview.chromium.org/7849017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9208 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-09 09:35:57 +00:00