Commit Graph

1363 Commits

Author SHA1 Message Date
verwaest@chromium.org
d2d3fc0e4d Use PropertyAccessType for keyed accesses rather than "bool is_store"
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/137883008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19221 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-10 11:43:34 +00:00
verwaest@chromium.org
f19aeae06b Unify BuildLoad/StoreNamedGeneric
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/155513008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-10 10:23:59 +00:00
verwaest@chromium.org
43c0a419ed Remove special ArrayLength handling already covered by JSObjectFieldAccessors
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/153743005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19152 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-06 13:01:38 +00:00
jarin@chromium.org
476881ce5b Test and fix for _CallFunction intrinsic deoptimization.
I have also cleaned up HOptimizedGraphBuilder::GenerateCallFunction
to use IfBuilder.

R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/131343013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19151 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-06 12:42:26 +00:00
jarin@chromium.org
eb502fe599 Binary operation deoptimization fix.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/132453009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19132 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-06 09:36:55 +00:00
dcarney@chromium.org
6df537d631 inline api setters in crankshaft
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/155913002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19129 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-06 07:31:08 +00:00
dcarney@chromium.org
5028ebaa8b inline api getters in crankshaft
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/146023004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19110 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-05 15:52:31 +00:00
verwaest@chromium.org
5949fe1679 Merge named part of BuildLoad and BuildStore
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/149803007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19109 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-05 15:44:20 +00:00
verwaest@chromium.org
d985948c7a Merge BuildLoad/StoreMonomorphic
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/137263021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19108 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-05 15:43:33 +00:00
verwaest@chromium.org
cb044fa2d8 Merge polymorphic load/store handling
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/150573010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19106 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-05 15:28:57 +00:00
verwaest@chromium.org
fb306f9811 Explicitly disallow stores to JSObjectAccessors (for now).
TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/154873002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19086 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-04 22:46:53 +00:00
verwaest@chromium.org
2c3e6b41ff Use PropertyAccessInfo to compute stores in crankshaft.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/153933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19085 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-04 22:23:26 +00:00
verwaest@chromium.org
8ac80c5308 Use Type* in crankshaft rather than HeapType.
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/152863002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19069 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-04 12:44:15 +00:00
ishell@chromium.org
0f89c8b91d Fix in array instance type initialization.
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/134713004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19058 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-04 10:59:40 +00:00
ishell@chromium.org
05270212c3 Remake of the load elimination fix made earlier (r18884).
R=titzer@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/149063010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19057 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-04 10:48:49 +00:00
hpayer@chromium.org
8d1504b238 Just initialize elements pointer in fast literal when pre-tenuring.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/148253004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19056 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-04 10:41:16 +00:00
yangguo@chromium.org
9e70f6a4e7 Fix short-circuiting logical and/or in HOptimizedGraphBuilder.
R=jkummerow@chromium.org
BUG=336148
LOG=Y

Review URL: https://codereview.chromium.org/143263022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19031 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-03 14:29:34 +00:00
ishell@chromium.org
b98637ce5e Elements field of newly allocated JSArray could be left uninitialized in some cases (fast literal case).
BUG=340124
LOG=Y
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/152673004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19026 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-02-03 13:33:26 +00:00
verwaest@chromium.org
ae7a209e71 Remove CallICs
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/148223002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-31 16:52:17 +00:00
jochen@chromium.org
253edf246f Remove IsRegExpEquivalent.
It's not used anywhere.

BUG=none
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/141563013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-31 14:17:02 +00:00
ishell@chromium.org
2aa17c6e62 Load elimination fix: load should not be replaced with another load if the former is not dominated by the latter.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/151333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-31 12:03:32 +00:00
verwaest@chromium.org
bef13f739c Fix regression caused by supporting inlining accesses to non-JSObjects
TBR=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/150983002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18966 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-31 00:29:04 +00:00
verwaest@chromium.org
1280edd4e5 Fix polymorphic load handling.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/150453003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18954 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-30 16:44:32 +00:00
dcarney@chromium.org
5c589640bf crankshaft support for api method calls
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/148333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18946 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-30 13:18:41 +00:00
verwaest@chromium.org
b73101d539 Optimize HWrapReceiver
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/135593006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18945 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-30 12:52:49 +00:00
verwaest@chromium.org
73529a7d14 Support loads from primitive values.
This also changes load computation to use HeapTypes rather than Maps.
TODO: move conversion between maps and heaptypes earlier in the process, already in the oracle.

BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/147763006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18938 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-30 11:30:38 +00:00
bmeurer@chromium.org
4a0959e360 Replace HThrow with HCallRuntime.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/131103021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18908 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 14:03:32 +00:00
bmeurer@chromium.org
87a3951c11 Remove the HValueOf instruction.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/139233004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 13:41:00 +00:00
bmeurer@chromium.org
3ba2f104c9 Turn RegExpConstructResultStub into a HydrogenCodeStub.
This has the additional benefit that it is now possible to
inline the RegExpResult construction code into Hydrogen
builtins.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/141703018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 13:10:35 +00:00
verwaest@chromium.org
0537955a89 Extend ArrayPop hydrogen support to COW arrays and popping from empty arrays.
R=mvstanton@chromium.org

BUG=

Review URL: https://codereview.chromium.org/148093009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18901 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 12:53:40 +00:00
bmeurer@chromium.org
5bf5849f9f Use IfBuilder instead of handcrafted basic blocks in GenerateSetValueOf().
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/130563009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18898 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 09:59:16 +00:00
bmeurer@chromium.org
d6458eb9a5 Add dependency operand to HLoadNamedField.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/148523011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18897 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 09:48:35 +00:00
bmeurer@chromium.org
c12593cf2b Kill obsolete HLoadExternalArrayPointer instruction.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/141583011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18893 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 07:27:35 +00:00
bmeurer@chromium.org
1e7bbbc921 Both HGlobalObject and HGlobalReceiver can be replaced with HLoadNamedField.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/148453009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-29 07:26:52 +00:00
ishell@chromium.org
9070615980 Fix for potential issue related to replacing CheckMaps with values.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/134733007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18887 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-28 17:49:13 +00:00
ishell@chromium.org
d330d4801d Load elimination fix with a test case.
R=titzer@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/143413019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-28 16:45:04 +00:00
hpayer@chromium.org
9e462504fb Turn off global pretenuring when allocation site pretenuring is in use.
BUG=
R=mstarzinger@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/133803002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18868 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-28 09:47:03 +00:00
bmeurer@chromium.org
f9575fb82a Remove obsolete instruction HOuterContext.
HOuterContext can be expressed in terms of HLoadNamedField.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/131513015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-28 09:42:24 +00:00
dslomov@chromium.org
1a67b7f86a External Array renaming and boilerplate scrapping
Replaced symbolic names with correct JS name (byte -> int8, unsigned int -> uint32 etc).
Using macros to scrap the boilerplate
BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/145133013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-24 16:01:15 +00:00
vegorov@chromium.org
c86da7e5dc Fix HGraphBuilder::AddSimulate to pass removable down correctly
It was passed as a position argument previously making all simulates added with it conservatively FIXED_SIMULATE.

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/146013002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18822 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-24 12:22:13 +00:00
verwaest@chromium.org
21532ddfdc Reland ArrayPop / ArrayPush.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/138443012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18814 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-24 11:47:53 +00:00
jkummerow@chromium.org
ee4e034d70 Revert broken ArrayPop changes
This reverts:
r18749 "Reland (and fix) "Add hydrogen support for ArrayPop, and remove the handwritten call stubs."",
r18790 "Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft.", and
r18798 "MIPS: Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft."

For causing crashes on Canary.

BUG=chromium:337686
LOG=N
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/146003006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18805 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-24 08:32:50 +00:00
verwaest@chromium.org
6b60546b16 Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/137693003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18790 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-23 16:20:25 +00:00
hpayer@chromium.org
83a1df2354 Remove Heap::MaxRegularSpaceAllocationSize and use Page::MaxRegularHeapObjectSize instead.
BUG=
R=mstarzinger@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/141653016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18776 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-23 13:02:27 +00:00
verwaest@chromium.org
f30330325e Reland (and fix) "Add hydrogen support for ArrayPop, and remove the handwritten call stubs."
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/144913003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18749 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-22 13:22:58 +00:00
bmeurer@chromium.org
c06d248248 Refactor fast path for empty constant strings in BinaryOp.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/143003005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18742 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-22 12:30:00 +00:00
mvstanton@chromium.org
1b3280c491 Revert "Add hydrogen support for ArrayPop, and remove the handwritten call stubs."
This reverts commit r18709, due to deopt fuzzer issue.
TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/143983010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18731 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-22 10:41:23 +00:00
rossberg@chromium.org
0d906a8bdb Zonify types in compiler frontend
Clean up some zone/isolate handling in AST and its visitors on the way.

(Based on https://codereview.chromium.org/103743004/)

R=jkummerow@chromium.org, titzer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/102563004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-21 16:22:52 +00:00
verwaest@chromium.org
2d9a4eb355 Add hydrogen support for ArrayPop, and remove the handwritten call stubs.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/137783023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-21 12:42:24 +00:00
bmeurer@chromium.org
4bae658948 Fix invalid type assumption in GenerateNumberToString().
We don't have any type feedback in %_NumberToString(), so it's
a bug to assume Type::Number here.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/143893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-21 10:35:20 +00:00
mvstanton@chromium.org
04b1baa4c4 We no longer need to recover type cells from the oracle.
We only need the values within them. Function calls to Array from optimized code needed the cell in the past, but no longer.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/141893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-20 09:48:05 +00:00
mvstanton@chromium.org
b2bea46245 Minor bugfix in building inlined Array: bad argument to JSArrayBuilder.
An HConstant pointing to a Cell rather than an AllocationSite
was passed. The argument wasn't used because of fortuitous
flags. An assert was added to protect the argument.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/141533003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-17 12:18:57 +00:00
mvstanton@chromium.org
155ef100e9 Fix logic error in assert in IsUndeclaredGlobal()
Recent changes in IC logic meant that CallStubs no longer use the Contextual bit. IsUndeclaredGlobal() needed to adjust for that.

In fact, now the CL has morphed to remove the notion of storing contextual state in the IC at all, it just becomes some extra ic state of the load ic. This took some adjustment in harmony code to use the global receiver for certain stores.

Now it's clearer that only LoadICs actually record any information about contextual or not.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/140943002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-17 11:08:24 +00:00
dslomov@chromium.org
5da41be7b8 Implement in-heap backing store for typed arrays.
This adds a fixed array sub-type that will represent a backing store for
typed arrays allocated with TypedArray(length) construtor.

R=mvstanton@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/101413006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18651 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-16 17:08:45 +00:00
dslomov@chromium.org
34eeeb8953 Revert "Implement in-heap backing store for typed arrays."
This reverts commit r18649 for breaking Linux/nosnap and Win64 tests.

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/140793003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-16 16:00:36 +00:00
dslomov@chromium.org
97040ce67b Implement in-heap backing store for typed arrays.
This adds a fixed array sub-type that will represent a backing store for
typed arrays allocated with TypedArray(length) construtor.

R=mvstanton@chromium.org, verwaest@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=18646

Review URL: https://codereview.chromium.org/101413006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-16 15:01:27 +00:00
dslomov@chromium.org
95f572389e Revert "Implement in-heap backing store for typed arrays."
This reverts commit r18646 for breaking Win32 build.

TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/132233012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-16 14:26:15 +00:00
dslomov@chromium.org
0c960c2e96 Implement in-heap backing store for typed arrays.
This adds a fixed array sub-type that will represent a backing store for
typed arrays allocated with TypedArray(length) construtor.

R=mvstanton@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/101413006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-16 14:18:37 +00:00
jarin@chromium.org
19d832719e This is a preview of a first step towards unification of the hydrogen
call machinery.  The change replaces CallNamed, CallKeyed,
CallConstantFunction and CallKnownGlobal hydrogen instructions with two
new instructions with a more lower level semantics:

1. CallJSFunction for direct calls of JSFunction objects (no
   argument adaptation)

2. CallWithDescriptor for calls of a given Code object according to
   the supplied calling convention.

Details:

CallJSFunction should be straightforward, the main difference from the
existing InvokeFunction instruction is the absence of argument adaptor
handling. (As a next step, we will replace InvokeFunction with an
equivalent hydrogen code.)

For CallWithDescriptor, the calling conventions are represented by a
tweaked version of CallStubInterfaceDescriptor. In addition to the
parameter-register mapping, we also define parameter-representation
mapping there. The CallWithDescriptor instruction has variable number of
parameters now - this required some simple tweaks in Lithium, which
assumed fixed number of arguments in some places.

The calling conventions used in the calls are initialized in the
CallDescriptors class (code-stubs.h, <arch>/code-stubs-<arch>.cc), and
they live in a new table in the Isolate class. I should say I am not
quite sure about Representation::Integer32() representation for some of
the params of ArgumentAdaptorCall - it is not clear to me wether the
params could not end up on the stack and thus confuse the GC.

The change also includes an earlier small change to argument adaptor
(https://codereview.chromium.org/98463007) that avoids passing a naked
pointer to the code entry as a parameter. I am sorry for packaging that
with an already biggish change.

Performance implications:

Locally, I see a small regression (.2% or so). It is hard to say where
exactly it comes from, but I do see inefficient call sequences to the
adaptor trampoline. For example:

;;; <@78,#24> constant-t
bf85aa515a     mov edi,0x5a51aa85          ;; debug: position 29
;;; <@72,#53> load-named-field
8b7717         mov esi,[edi+0x17]          ;; debug: position 195
;;; <@80,#51> constant-s
b902000000     mov ecx,0x2                 ;; debug: position 195
;;; <@81,#51> gap
894df0         mov [ebp+0xf0],ecx
;;; <@82,#103> constant-i
bb01000000     mov ebx,0x1
;;; <@84,#102> constant-i
b902000000     mov ecx,0x2
;;; <@85,#102> gap
89d8           mov eax,ebx
89cb           mov ebx,ecx
8b4df0         mov ecx,[ebp+0xf0]
;;; <@86,#58> call-with-descriptor
e8ef57fcff     call ArgumentsAdaptorTrampoline  (0x2d80e6e0)    ;; code: BUILTIN

Note the silly handling of ecx; the hydrogen for this code is:

0 4 s27 Constant 1  range:1_1 <|@
0 3 t30 Constant 0x5bc1aa85 <JS Function xyz (SharedFunctionInfo 0x5bc1a919)> type:object <|@
0 1 t36 LoadNamedField t30.[in-object]@24 <|@
0 1 t38 Constant 0x2300e6a1 <Code> <|@
0 1 i102 Constant 2  range:2_2 <|@
0 1 i103 Constant 1  range:1_1 <|@
0 2 t41 CallWithDescriptor t38 t30 t36 s27 i103 i102 #2 changes[*] <|@

BUG=
R=verwaest@chromium.org, danno@chromium.org

Review URL: https://codereview.chromium.org/104663004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-15 17:00:35 +00:00
jkummerow@chromium.org
5298a078c6 Revert "Eliminatable CheckMaps replaced with if(true) or if(false)."
This reverts r18592 for breaking the GC stress bots.

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/137783011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18611 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-15 09:53:54 +00:00
ishell@chromium.org
6b389902e1 Revert "Polymorphic named calls optimized for the case of repetitive call targets." for now because it prevents better results for checkmap elimination.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/138453002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-14 16:37:09 +00:00
verwaest@chromium.org
72125bafcc Remove HCallGlobal and merge uses with HCallNamed.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/134333007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-14 16:15:52 +00:00
ishell@chromium.org
952fbe475f Eliminatable CheckMaps replaced with if(true) or if(false).
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/130613003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18592 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-14 16:06:40 +00:00
verwaest@chromium.org
1257ba358c Remove CALL_AS_FUNCTION and CALL_AS_METHOD.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/136403005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18590 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-14 14:36:24 +00:00
verwaest@chromium.org
f2245a9cf9 Make the strict-mode calling convention for contextual calls the default one.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/131663003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18581 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-14 12:04:10 +00:00
hpayer@chromium.org
f01dc250dc Handlify AllocationSite AddDependentCompilationInfo.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/136703002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18570 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-13 14:54:33 +00:00
mvstanton@chromium.org
854d085996 More efficient use of space in AllocationSite.
We can eliminate one word from the object by sharing the pretenuring decision and the found memento count.

R=bmeurer@chromium.org, hpayer@chromium.org

Review URL: https://codereview.chromium.org/132063004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18554 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-13 10:28:01 +00:00
ishell@chromium.org
5c65572dd2 "dead" and "osr" block flags added to trace output for unreachable and osr entry blocks respectively.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/135943004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18550 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-13 08:45:26 +00:00
jarin@chromium.org
c0f622a45b Fix of Hydrogen environment building for function "apply" calls.
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/133773002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18548 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-11 13:59:04 +00:00
rossberg@chromium.org
cb28b7f837 Retry "Templatise type representation" after making clang happy
The only thing different now is line types.h:208/236, which had a static_cast<Type*> before.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/133683002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18533 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-10 12:19:01 +00:00
hpayer@chromium.org
4ef951cf43 Allocation site pretenuring.
Pretenuring decisions are made based on allocation site lifetime statistics.

BUG=
R=mstarzinger@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/96783002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18532 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-10 12:11:54 +00:00
machenbach@chromium.org
8ffcd2a281 [Sheriff] Revert "Templatise type representation" and "Fix Mac warnings".
This reverts commit r18521 and r18522 for breaking mac and win builders.

BUG=
TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/132493002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18524 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-09 19:52:15 +00:00
rossberg@chromium.org
1c33a2d840 Templatise type representation
This is to support both heap- and zone-allocated types in the future (the latter not yet implemented).

Also, handlify the type API some more.

R=titzer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/107933005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-09 17:12:48 +00:00
jkummerow@chromium.org
839297487f Skip back edge creation for "do ... while(false)" loops
Drive-by fix: Fix disassembling "prefetch" instruction on ia32

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/131733002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-09 15:20:25 +00:00
mvstanton@chromium.org
380aa6dc8d Array constructor can be simplified by loading context from JSFunction.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/128683002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18518 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-09 15:07:23 +00:00
mvstanton@chromium.org
7baadbfac1 FunctionLiteral has work to do in the typing phase.
In crankshaft, we searched un-optimized code for a SharedFunctionInfo
that matches the FunctionLiteral we are processing. Ideally, this
work should be done in the typing phase.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/104883006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18508 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-09 09:00:19 +00:00
ishell@chromium.org
b2616f415b Polymorphic named calls optimized for the case of repetitive call targets.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/118483003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18476 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-07 16:59:42 +00:00
verwaest@chromium.org
4615e9edac Reland v8:18458 "Load the global proxy from the context of the target function."
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/104013008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18462 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-07 10:46:39 +00:00
rossberg@chromium.org
2879f2104c Revert "Load the global proxy from the context of the target function."
This reverts commit https://code.google.com/p/v8/source/detail?r=18458, since it exhibits a bug that breaks some tests.

TBR=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/93863006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18461 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-07 09:55:25 +00:00
verwaest@chromium.org
5b40c38679 Load the global proxy from the context of the target function.
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/111613003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18458 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-07 08:21:17 +00:00
bmeurer@chromium.org
ad4231c495 Reland "Allocation site support for monomorphic StringAdds in BinaryOps".
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/106313003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18444 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-02 15:31:27 +00:00
bmeurer@chromium.org
4d88b0b4be Revert "Fix compilation with C++11." and "Allocation site support for monomorphic StringAdds in BinaryOps.".
This reverts commit r18431 and r18432 for breaking
the Linux nosnapshot build.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/122463004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-02 10:38:45 +00:00
bmeurer@chromium.org
a91499fec7 Allocation site support for monomorphic StringAdds in BinaryOps.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/106453003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-02 09:17:52 +00:00
bmeurer@chromium.org
a53dcc9da1 Make it possible to assert that certain instance types are compatible wrt HAllocate.
Turns clear_next_map_word_ into a flag and adds a new method
CompatibleInstanceTypes(). This is used in BuildUncheckedStringAdd()
to ASSERT that there's no difference wrt. HAllocate in using
CONS_STRING_TYPE vs CONS_ASCII_STRING_TYPE.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/110443003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18428 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-02 06:26:44 +00:00
jkummerow@chromium.org
3c76ecd732 Fix switch statements with non-Smi integer labels and no type feedback
BUG=chromium:329709
LOG=Y
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/98643010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18370 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-19 14:25:58 +00:00
ishell@chromium.org
e3752b63c0 HStoreKeyed for Smis optimized for x64 + related redundant moves of elements removed
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/108503004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 18:05:10 +00:00
ishell@chromium.org
8c159ed4ec HStoreNamedField for Smis optimized for x64
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/108413003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18360 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 17:53:50 +00:00
danno@chromium.org
8683920e3f Improve ==/=== comparison in Hydrogen for monomorphic maps
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/108083004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18357 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 17:18:23 +00:00
jkummerow@chromium.org
59c334ebf4 Hydrogen: Re-use regular comparisons infrastructure for switch statements
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/111573003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 11:58:58 +00:00
verwaest@chromium.org
fb7218dc3d Enable optimization of functions with generic switches.
R=jkummerow@chromium.org, titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/110123002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 11:44:38 +00:00
svenpanne@chromium.org
84aa5263f3 Remove the last remnants of the TranscendentalCache.
It was only used for Math.log, and even then only in full code and in %_MathLog. For crankshafted code, Intel already used the FP operations directly, while the ARM/MIPS ports were a bit lazy and simply called the stub. The latter directly call the C library now without any cache. It would be possible to directly generate machine code if somebody has the time, from what I've seen out in the wild it should be only about a dozen instructions.

LOG=y
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/113343003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18344 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 10:40:26 +00:00
yurys@chromium.org
cd5ea74700 Replace 'operator*' with explicit 'get' method on SmartPointer
Made operator* return reference to the raw type, not pointer. New method 'get()' should be used when raw pointer is needed.

Also removed useless inline modifier from the SmaprtPointer methods and added const modifier to the methods that don't change smart pointer.

Made ~SmartPointerBase protected to avoid accidental calls of the non-virtual base class's destructor.

drive-by: fixed use after free in src/factory.cc

BUG=None
LOG=N
R=alph@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/101763003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18275 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-09 07:41:20 +00:00
mvstanton@chromium.org
a1a871fb5a Remove unnecessary overflow check in HGraphBuilder::BuildCreateAllocationMemento().
With this fix codegen looks like:

mov ecx,[eax+0xf]  ;;; <@52,#38> load-named-field
add ecx,0x2  ;;; <@54,#40> add-i
mov [eax+0xf],ecx  ;;; <@56,#41> store-named-field

without it there is an overflow check and jump to deopt.

x64 code looks similar, except there is an (annoying) smi-untag then int32-to-smi around the add operation.

R=bmeurer@chromium.org, hpayer@chromium.org

Review URL: https://codereview.chromium.org/104313003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18255 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-04 10:46:18 +00:00
bmeurer@chromium.org
69b5d5f8f6 Revert "Use constant types to represent the fixed right arg of a MOD."
This reverts commit r18246 for tanking all benchmarks.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/104243002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18249 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-04 09:27:48 +00:00
bmeurer@chromium.org
1868ef5de9 Use constant types to represent the fixed right arg of a MOD.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/103933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18246 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-04 08:37:34 +00:00
bmeurer@chromium.org
7e540e6b8a Revert "Use constant types to represent the fixed right arg of a MOD."
This reverts commit r18228 for crashing on Windows.

TBR=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/101663002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18229 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-03 11:24:56 +00:00
bmeurer@chromium.org
5c6b9500aa Use constant types to represent the fixed right arg of a MOD.
R=mvstanton@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/99173002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-03 10:51:57 +00:00
bmeurer@chromium.org
aa83f2900a Fix invalid assertion with OSR in BuildBinaryOperation.
BUG=v8:3032
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/98623004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18190 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 13:12:07 +00:00
bmeurer@chromium.org
a3d1df29f1 Fix HInnerAllocatedObject to use an HValue for the offset.
R=hpayer@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/98673003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18181 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-02 11:24:31 +00:00
jkummerow@chromium.org
833ee3cdb7 A few small refactorings and typo fixes
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/95333002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18153 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-29 10:02:32 +00:00
mstarzinger@chromium.org
b506e8ce96 Follow-up fix for r18135 in TryCallApply.
R=yangguo@chromium.org
BUG=chromium:323942
TEST=mjsunit/regress/regress-crbug-323942
LOG=N

Review URL: https://codereview.chromium.org/95583002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18152 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-29 09:59:35 +00:00
titzer@chromium.org
6e5e23d630 Implement global check elimination using the HFlowEngine.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/46883009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18137 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 15:50:54 +00:00
yangguo@chromium.org
f235194518 Fix bug in inlining Function.apply.
R=jkummerow@chromium.org
BUG=323942
LOG=Y

Review URL: https://codereview.chromium.org/95123003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18135 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 15:30:17 +00:00
hpayer@chromium.org
0e95ffddf2 Fix allocation memento bookeeping code for js arrays.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/95053002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18124 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 13:45:23 +00:00
hpayer@chromium.org
0213fc9035 Added tracing support for pretenuring.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/94493002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18117 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-28 10:49:02 +00:00
mvstanton@chromium.org
f3a22f965e The goal is to discover the appropriate heap space for objects created in full
code. By the time we optimize the code, we'll be able to decide on new or old
space based on the number of surviving objects after one or more gcs.

The mechanism is a "memento" placed behind objects in the heap. It's currently
done for array and object literals, with plans to use mementos for constructed
objects as well (in a later CL).

The feature is behind the flag allocation_site_pretenuring, currently off.

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/40063002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-27 14:03:40 +00:00
dslomov@chromium.org
c3a4d718ce Generate TypedArrayInitialize builtin in hydrogen.
R=danno@chromium.org

Review URL: https://codereview.chromium.org/59023003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18059 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-25 14:41:46 +00:00
mvstanton@chromium.org
81b22bbf96 A performance regression in array literal creation was caused by refactoring that eliminated a special fast case for shallow arrays. At the same time the general case got a bit slower. This CL restores most of the performance without coding the special fast case. The virtual dispatching is unnecessary because we know what we want to do at compile time. A flag was added to Runtime::CreateArrayLiteral. The flags delivers information about shallowness but also whether or not allocation mementos should be created. This is useful for crankshafted code.
BUG=v8:3008
LOG=Y
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/77293003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-25 12:41:27 +00:00
dslomov@chromium.org
21dca31203 Safe HGraphBuilder::Add<> and New<>
R=danno@chromium.org

Review URL: https://codereview.chromium.org/82943005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18033 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 19:05:21 +00:00
bmeurer@chromium.org
7158b51125 Fix combined string length computation.
For 31-bit smis, we don't need to explicitly check whether the
combined string length exceeds the max supported string length,
since the value must be converted to a smi at some point (i.e.
when it is stored into the string length field of the resulting
string), which will emit an overflow check.

For 32-bit smis, we insert an explicit check that the combined
string length does not exceed String::kMaxLength.

This also enables to get rid of the JoinContinuation() usage in
BuildUncheckedStringAdd().

BUG=v8:2990
LOG=n
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/82733003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18005 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 12:03:01 +00:00
bmeurer@chromium.org
08df395f4e Get rid of the binop_stub parameter to BuildBinaryOperation().
Just ask the graph builder whether we are compiling a stub.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/83073003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18004 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 11:49:04 +00:00
svenpanne@chromium.org
b6b84c02b2 Reland "Implement Math.random() purely in JavaScript" plus fixes.
The main change is that a bit has been added to array buffers to
signal that the backing store has to be freed when the buffer dies.

BUG=316359
LOG=Y
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/82763005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18003 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 11:35:39 +00:00
bmeurer@chromium.org
da87c188ad Rework BuildCheckString() to be compatible with the other BuildCheck*() methods.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/79343009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-22 07:27:26 +00:00
danno@chromium.org
8e266c2244 Revert 17963, 17962 and 17955: Random number generator in JS changes
Revert 17966, 17965 also as collateral damage: Embed trigonometric lookup table.

Due to Heapcheck and valgrind failures that are not yet fixed.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/80513004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17981 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-21 17:21:00 +00:00
svenpanne@chromium.org
2b1da67263 Implement Math.random() purely in JavaScript.
This removes tons of architecture-specific code and makes it easy to
experiment with other pseudo-RNG algorithms. The crankshafted code is
extremely good, keeping all things unboxed and doing only minimal
checks, so it is basically equivalent to the handwritten code.

When benchmarks are run without parallel recompilation, we get a few
percent regression on SunSpider's string-validate-input and
string-base64, but these benchmarks run so fast that the overall
SunSpider score is hardly affected and within the usual jitter. Note
that these benchmarks actually run even faster when we don't
crankshaft at all on the main thread (the regression is not caused by
bad code, it is caused by Crankshaft needing a few hundred microsecond
for compilation of a trivial function). Luckily, when parallel
recompilation is enabled, i.e. in the browser, we see no regression at
all!

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/68723002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-21 09:55:15 +00:00
bmeurer@chromium.org
d38abc3bba Remove the first_right_arg hack for HMod.
Generate a proper subgraph in BuildBinaryOperation instead.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/77053003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 12:43:33 +00:00
bmeurer@chromium.org
4c4d911cde Convert constant numbers at compile time.
TEST=mjsunit/number-tostring
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/77553005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17917 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 12:35:21 +00:00
bmeurer@chromium.org
defee14d76 Make BuildBinaryOperation use ReturnValue instead of ReturnInstruction.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/78183002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 12:00:57 +00:00
bmeurer@chromium.org
6826b74708 Replace unsafe uses of Add<> with AddUncasted<>.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/78213002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17913 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 11:57:49 +00:00
bmeurer@chromium.org
da6d5586f9 Don't generate useless string checks for string adds.
If we know that one side of a string add is definitely a string
(i.e. if it's a string constant), then we don't need to emit a
string check for the argument.

This adds a new BuildCheckString() method to the graph builder,
which does "the right thing".

TEST=mjsunit/string-add
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/78063002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-20 11:53:09 +00:00
danno@chromium.org
06c7620302 Fixed crashes exposed though fuzzing.
The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set.

R=yangguo@chromium.org
TEST=test/mjsunit/regress/regress-320948.js
BUG=chromium:320948
LOG=Y

Review URL: https://codereview.chromium.org/72813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 16:41:07 +00:00
yangguo@chromium.org
e2563d7a8e Make number of available threads isolate-dependent and expose it to ResourceConstraints.
R=svenpanne@chromium.org
BUG=v8:2991
LOG=Y

Review URL: https://codereview.chromium.org/68203029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 11:52:47 +00:00
ishell@chromium.org
53bd540ee0 Constant-folding through HForceRepresentation fix.
Reverts changes in HValue::IsInteger32Constant() made in https://code.google.com/p/v8/source/detail?r=17787

R=bmeurer@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/68493005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17863 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-19 11:41:04 +00:00
vegorov@chromium.org
0ec0d5fc32 Reapply r11765
Add static_cast<int> in HPositionInfo::position to please Win64 build.

Improvements in positions handling in optimizing compiler.

- When building binary arithmetic op and comparison restore source position of the operation itself before building operation itself after it was changed by building operands. This ensures that position recorded for operation points to the operation token instead of pointing to the rightmost operand;

- Add support for recording operands' positions and use these positions when inserting HChange instructions;

- When generating hydrogen.cfg emit H-instruction position as BCI (previously 0 was emitted), additionally on every lithium instruction emit annotation pointing to corresponding hydrogen-instruction. This allows to easily reach from deopt_id to lithium instruction and from it to hydrogen instruction and source position.

R=danno@chromium.org

Review URL: https://codereview.chromium.org/59703011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17848 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 17:24:00 +00:00
dslomov@chromium.org
99133912bd Generate DataViewInitialize built-in in hydrogen.
R=bmeurer@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/66843011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 13:57:49 +00:00
danno@chromium.org
4ed2538262 Generate KeyedLoadDictionaryElementStub with Hydrogen
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/19492007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17804 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 17:53:35 +00:00
mvstanton@chromium.org
5b9569b574 Regression fix: HForceRepresentation shouldn't be an idef.
Instead, code sites that are interested in underlying constant integer values
should use HValue::IsInteger32Constant(). The issue is that the infer representation phase shouldn't "see through" HForceRepresentation nodes to an underlying, and less specific representation.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/65643003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17787 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 12:10:59 +00:00
verwaest@chromium.org
341d405301 Reland and fix "Add support for keyed-call on arrays of fast elements"
BUG=
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/71783003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 10:52:05 +00:00
danno@chromium.org
d62337e127 Add ability to do "else-if" clauses in IfBuilder
- In an Else block it's possible to add more If<>'s in the same builder that are
  treated as an else if.
- Simplified and cleaned-up some of the IfBuilder's internals.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/66983002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17780 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 10:36:02 +00:00
bmeurer@chromium.org
2ee5aa951c Fix missing type feedback check for Generic*String addition.
TEST=mjsunit/regress/regress-crbug-318671
BUG=318671
LOG=y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/67473007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17772 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-15 09:13:36 +00:00
rafaelw@chromium.org
25b450b2b7 Revert "Improvements in positions handling in optimizing compiler." (r17765)
Original issue: https://codereview.chromium.org/49203002/

TBR=vegorov

Review URL: https://codereview.chromium.org/63343003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17768 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 21:45:01 +00:00
vegorov@chromium.org
9d440ac4c0 Improvements in positions handling in optimizing compiler.
- When building binary arithmetic op and comparison restore source position of the operation itself before building operation itself after it was changed by building operands. This ensures that position recorded for operation points to the operation token instead of pointing to the rightmost operand;

- Add support for recording operands' positions and use these positions when inserting HChange instructions;

- When generating hydrogen.cfg emit H-instruction position as BCI (previously 0 was emitted), additionally on every lithium instruction emit annotation pointing to corresponding hydrogen-instruction. This allows to easily reach from deopt_id to lithium instruction and from it to hydrogen instruction and source position.

BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/49203002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17765 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 21:00:27 +00:00
machenbach@chromium.org
eef8694a7e [Sheriff] Revert "Add support for keyed-call on arrays of fast elements"
This reverts commit r17746 for breaking layout tests.

TBR=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/72753002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 15:00:13 +00:00
verwaest@chromium.org
607a175cbc Add support for keyed-call on arrays of fast elements
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23537067

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 13:46:18 +00:00
mvstanton@chromium.org
3cf157b43b Inline zero argument array constructor.
patch from issue 54583003 (dependent code).

Zero arguments - very easy

1 argument - three special cases:
  a) If length is a constant in valid array length range,
     no need to check it at runtime.
  b) respect DoNotInline feedback on the AllocationSite for
     cases that the argument is not a smi or is an integer
     with a length that should create a dictionary.
  c) if kind feedback is non-holey, and length is non-constant,
     we'd have to generate a lot of code to be correct.
     Don't inline this case.

N arguments - one special case:
  a) If a deopt ever occurs because an input argument isn't
     compatible with the elements kind, then set the
     DoNotInline flag.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/55933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-14 12:05:09 +00:00
mvstanton@chromium.org
026c5507bd Make HForceRepresentation an idef.
An optimization in the array constructor wasn't firing because the code
would check for constant values, failing to find them through
intervening HForceRepresentation instructions. Repaired this site. A
follow-on CL will provide a better way of making decisions based on
constant HValues.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/59623009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-13 17:03:11 +00:00
yangguo@chromium.org
e83fd01ce6 Reland "Implement Math.sin, cos and tan using table lookup and spline interpolation."
This relands r17594 with necessary fixes.

R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/70003004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 14:43:18 +00:00
yangguo@chromium.org
df9665032e Introduce %_IsMinusZero.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/63423004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 11:53:13 +00:00
bmeurer@chromium.org
6f75e92902 Add initial hydrogenized NewStringAddStub.
The new stub is enabled via the --new-string-add flag, which is
disabled by default. For now, it's only a stripped down version
of the native StringAddStub, it's still work-in-progress.

BUG=v8:2990
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/61893009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-12 10:21:08 +00:00
ulan@chromium.org
bc4ad49b25 Do not add values to HGraph in Lithium.
Lithium uses indexes after the maximium value ID in the HGraph as indexes
of virtual registers and assumes that the maximum value ID does not change.

The IsStandardConstant and GetConstantXX functions could add constants to
HGraph, which aliased virtual registers with real values. This could confuse
the register allocator to think that a value in a virtual register is tagged
and to incorrectly set it in the pointer map.

BUG=298269
TEST=mjsunit/regress/regress-298269.js
R=verwaest@chromium.org

Review URL: https://chromiumcodereview.appspot.com/66693002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17599 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 14:16:34 +00:00
yangguo@chromium.org
9f104a1a3e Revert "Implement Math.sin, cos and tan using table lookup and spline interpolation."
This reverts commit r17594.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/59153007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 13:44:27 +00:00
yangguo@chromium.org
063b7c4ebb Implement Math.sin, cos and tan using table lookup and spline interpolation.
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/50563003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 13:10:39 +00:00
yangguo@chromium.org
fc1dadce9b Use register allocator for context on x64.
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/50863002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-08 10:58:51 +00:00
mstarzinger@chromium.org
acac89008d Defer allocation of constant literal properties.
This moves building of constant properties and elements arrays for all
materialized literals into the compiler. The parser no longer allocates
while parsing ObjectLiteral and ArrayLiteral expressions.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/61873003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17557 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-07 12:08:37 +00:00
mvstanton@chromium.org
cec8548d0e Correct handling of arrays with callbacks in the prototype chain.
Our generic KeyedStoreIC doesn't handle the case when a callback is
set on array elements in the prototype chain of the object, nor do
we recognize that we need to avoid the monomorphic case if these
callbacks exist.

This CL addresses the issue by looking for dictionary elements in
the prototype chain on IC misses and crankshaft element store
instructions. When found, the generic IC is used. The generic IC is
changed to go to the runtime in this case too.

In general, keyed loads are immune from this problem because they
won't return the hole: discovery of the hole goes to the runtime where
the callback will be found in the prototype chain. Double array loads
in crankshaft can return the hole but only if the prototype chain is
unaltered (we will catch such alterations).

Includes the following patch as well (already reviewed by bmeurer):
Performance regression found in test regress-2185-2.js. The problem was
that the bailout method for TransitionAndStoreStub was not performing
the appropriate transition.

(Review URL for the ElementsTransitionAndStoreIC_Miss change:
https://codereview.chromium.org/26911007)

R=danno@chromium.org

Review URL: https://codereview.chromium.org/35413006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-06 15:45:43 +00:00
mvstanton@chromium.org
ee6e52f292 Remove CreateArrayLiteralShallow, as it's fundamentally the same now as
CreateArrayLiteral.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/54333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17470 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 09:54:59 +00:00
bmeurer@chromium.org
537100336c Do Else() first for JoinContinuation() in IfBuilder.
This is required to make sure that environments are correct
for joined continuations.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/52593008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17464 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-05 08:56:48 +00:00
plind44@gmail.com
c042ef360d Enable double alignment for constructed arrays.
2nd (of 3) CL's to ensure complete alignment of FixedDoubleArrays.

TEST=
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/35133002

Patch from Dusan Milosavljevic <Dusan.Milosavljevic@rt-rk.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17382 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-24 19:01:30 +00:00
jkummerow@chromium.org
8259439ae8 Fix HObjectAccess for loads from migrating prototypes
BUG=chromium:305309
R=danno@chromium.org

Review URL: https://codereview.chromium.org/35173005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17345 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 15:15:15 +00:00
ishell@chromium.org
bf7a9bf8dc HCheckInstanceType factories unified
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/35413007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 13:03:15 +00:00
ishell@chromium.org
a333094165 PushAndAdd() usages refactored.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/36893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17339 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 12:34:39 +00:00
hpayer@chromium.org
fbaf016b6d Add a soft-deopt in keyed element access when current IC is pre-monomorphic and no type feedback was collected.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/32643004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 10:41:21 +00:00
dcarney@chromium.org
6eeb141a37 force accessor pair accesses backed by simple api calls to be generic accesses when crankshafted
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/34773003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17332 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-23 08:46:46 +00:00
bmeurer@chromium.org
32d96248f9 Guard against misuse of IfBuilder.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/30693007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17319 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 11:37:15 +00:00
ishell@chromium.org
32cdd4d48a More Hydrogen templatization.
Factories added to a set of Hydrogen classes.
Several old-style HXxx::New() replaced with New<HXxx>() and NewUncasted<HXxx>.
Several AddInstruction() calls following New::XXX() replaced with Add<XXX>().
AddLoadNamedField() method added to GraphBuilder.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/34523004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17318 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-22 11:29:05 +00:00
titzer@chromium.org
d63c8e4dc3 Allow constants to be deleted by reinserting them into the graph as needed.
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/31943002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 14:09:32 +00:00
danno@chromium.org
4c565138b5 Add tool to visualize machine code/lithium.
In the process:
- Add a command-line flag --opt-code-positions to track source position information throughout optimized code.
- Add a subclass of the hydrogen graph builder to ensure that the source position is properly set on the graph builder for all generated hydrogen code.
- Overhaul handling of source positions in hydrogen to ensure they are passed through to generated code consistently and in most cases transparently.

Originally reviewed in this CL: https://codereview.chromium.org/24957003/

Review URL: https://codereview.chromium.org/29123008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17295 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 13:35:48 +00:00
bmeurer@chromium.org
100fb55555 Inline number to string conversion for string addition into BinaryOp(Stub).
This fixes a performance regression that was caused by converting the
BinaryOpStub to a Hydrogen code stub. It also fixes a leftover TODO wrt.
the handling of Number*String or String*Number versions of the stub.

R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/27674002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17290 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 12:42:08 +00:00
bmeurer@chromium.org
ef12527b7c Revert "Add a soft-deopt in keyed element access when current IC is pre-monomorphic and no type feedback was collected."
This reverts commit r17288 for breaking the mjsunit/unbox-double-arrays
test on almost every platform.

TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/32373002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17289 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 12:32:38 +00:00
hpayer@chromium.org
9667e1b30f Add a soft-deopt in keyed element access when current IC is pre-monomorphic and no type feedback was collected.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/32263002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17288 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-21 12:10:01 +00:00
mvstanton@chromium.org
8f9f192f6e AllocationSites for all literals
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/24250005


Review URL: https://codereview.chromium.org/27366003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-16 08:10:36 +00:00
mvstanton@chromium.org
f4edc076d8 Revert "AllocationSites for all literals"
This reverts commit r17219 due to WebKit failures.

R=mstarzinger@chromium.org
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/26539010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17222 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-15 15:35:23 +00:00
jkummerow@chromium.org
ea4e0a3d28 Simplify array element access in Hydrogen.
No change in functionality intended.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/26986004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17221 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-15 15:06:04 +00:00
mvstanton@chromium.org
362c0cfbca AllocationSites for all literals
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/24250005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-15 14:52:58 +00:00
jkummerow@chromium.org
1d580b4fd0 Delete dead code from HOptimizedGraphBuilder::VisitCompareOperation
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/26419005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17214 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-15 11:24:37 +00:00
rossberg@chromium.org
c806a2385d Unify handling of position info in AST, part 3
* Turn CaseClause into a proper AstNode

R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/23684058

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17187 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-14 11:06:15 +00:00
mvstanton@chromium.org
71af6c86a1 Allow FastCloneShallowObjectStub to use AllocationMementos.
(currently turned off)

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/26827002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17154 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-11 09:25:14 +00:00
dslomov@chromium.org
12250f23d8 Add instruction factories to HHasInstanceTypeAndBranch.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/26859003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17150 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-10 20:01:42 +00:00
olivf@chromium.org
66c610398f Reland "Hydrogenisation of binops"
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/25494007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-04 08:17:11 +00:00
olivf@chromium.org
24c2336d75 Inline some more compare operations.
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/25009003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17091 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-02 18:15:57 +00:00
verwaest@chromium.org
41f660fe07 Rename ComputeLoadStoreField to just handle ComputeStoreField.
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/25683005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17086 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-02 17:17:00 +00:00
danno@chromium.org
79a14d3f73 Fix failure in unit tests
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/25665006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17083 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-02 16:13:49 +00:00
danno@chromium.org
d4bcf5d730 Fix test262 failures and x64 compile failure.
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/25604008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17082 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-02 15:27:51 +00:00
verwaest@chromium.org
7e0ea6ab46 Only fold polymorphic into monomorphic load if all load from either receiver or same prototype.
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/25718002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17078 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-02 13:24:08 +00:00
danno@chromium.org
908a7dc2a8 Improve and simplify removal of unreachable code
- Detect unreachable basic blocks of code either following an unconditional deopt or after a provably untaken branch of HBranch or HCompareObjectEqAndBranch instructions.
- Emit dummy uses in unreachable blocks during Hydrogen -> Lithium translation.

BUG=chromium:258519
R=jkummerow@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/22876009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17073 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-02 11:43:41 +00:00
palfia@homejinni.com
4b9a9f7af7 MIPS: Allow function inlining with context change.
Port r17019 (cd4b69cd)

BUG=
R=jkummerow@chromium.org, plind44@gmail.com

Review URL: https://codereview.chromium.org/25622003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17070 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-02 11:25:06 +00:00
olivf@chromium.org
9459ed3ab4 Revert "Hydrogenisation of binops"
This reverts r17052-17054 for various build breaks.

TBR=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/25571002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17055 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-01 18:00:02 +00:00
olivf@chromium.org
7873f35eb2 Hydrogenisation of binops
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/24072013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17052 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-01 15:24:56 +00:00
mstarzinger@chromium.org
b9b528e030 Defer allocation of native function literals.
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/25473002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17038 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-01 09:47:37 +00:00
mvstanton@chromium.org
aa90e62ba0 In crankshafted code, we were creating allocation mementos for shallow
SMI array literals when we shouldn't. The idea is that we should have learned
by this point what type of array we'll end up with.

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/25146007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17028 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-10-01 08:22:01 +00:00
jkummerow@chromium.org
85ae341b09 Revert "Defer allocation of native function literals."
This reverts r17017 for breaking LayoutTests.

R=mstarzinger@chromium.org
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/25315002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-30 17:42:58 +00:00
rodolph.perfetta@gmail.com
e7669d9308 ARM: Allow function inlining with context change.
BUG=none
TEST=none
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/25247002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17019 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-30 15:08:20 +00:00
mstarzinger@chromium.org
c624141bf3 Defer allocation of native function literals.
R=dcarney@chromium.org
BUG=

Review URL: https://codereview.chromium.org/25164003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-30 14:49:11 +00:00
yangguo@chromium.org
2dec4372d8 Finish control flow after throw if not inlined.
R=jkummerow@chromium.org
BUG=v8:2868

Review URL: https://codereview.chromium.org/24768002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16992 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-27 13:48:19 +00:00
mvstanton@chromium.org
807cdd492b Refactoring such that loop builders only call into the HOsrBuilder if
compiling for OSR.

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/25039003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-27 13:38:04 +00:00
titzer@chromium.org
d441160cab Implement local check elimination on basic blocks.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23866016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16970 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-26 16:25:57 +00:00
olivf@chromium.org
9d3c5c5fb6 Macrofication of HInstruction constructors with context argument.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/24544002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16940 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-25 11:57:20 +00:00
dslomov@chromium.org
39877060ee Speed up ArrayBuffer/typed array/DataView properties.
Optimizes byteLength, byteOffset, buffer and other properties on
ArrayBuffer, typed arrays and DataView into simple field loads. Some
unification with the way Array.length and String.length are treated.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/24360019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16930 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-25 08:19:35 +00:00
titzer@chromium.org
cee5773017 Use Unique<Object> in HConstant and remove UniqueValueId.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/24350014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-24 09:48:39 +00:00
bmeurer@chromium.org
70b8e2d013 Turn the NumberToStringStub into a hydrogen stub.
This adds a BuildLookupNumberStringCache() in Hydrogen, which will
be used by the hydrogen version of StringAddStub, in addition to the
hydrogen version of NumberToStringStub.

R=mvstanton@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=16874

Review URL: https://codereview.chromium.org/23726041

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16910 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-24 09:31:07 +00:00
mstarzinger@chromium.org
8cbb4dcb49 Handlify JSObject::MigrateInstance and friends.
This relands the original change from r16899 together with a bugfix for
two unhandlified values which became stale.

R=verwaest@chromium.org
TEST=mjsunit/debug-evaluate-locals-optimized (in GC stress mode)

Review URL: https://codereview.chromium.org/24210011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-23 19:56:36 +00:00
olivf@chromium.org
42ce84134f Revert "Allow control intructions to have side effects."
Breaks arm build.

BUG=
TBR=titzer@chromium.org

Review URL: https://codereview.chromium.org/24255015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16903 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-23 18:57:32 +00:00
olivf@chromium.org
3e13af46e4 Allow control intructions to have side effects.
As a first application convert HCompareGeneric to a control Instruction, thus avoid materializing a boolean result value.

BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/23710070

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-23 16:56:34 +00:00
mstarzinger@chromium.org
40decafa84 Revert "Handlify JSObject::MigrateInstance and friends."
This is reverted due to mozilla/ecma/Date/15.9.5.9 failing on Windows.

TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/24374002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-23 16:53:59 +00:00
mstarzinger@chromium.org
1279103806 Handlify JSObject::MigrateInstance and friends.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/23583052

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16899 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-23 15:02:25 +00:00
machenbach@chromium.org
576515ebf3 Revert "Turn the NumberToStringStub into a hydrogen stub."
This reverts commit 16874 for breaking the tests.

TBR=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/23440064

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16876 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-23 11:22:35 +00:00
bmeurer@chromium.org
9c48fbda75 Turn the NumberToStringStub into a hydrogen stub.
This adds a BuildLookupNumberStringCache() in Hydrogen, which will
be used by the hydrogen version of StringAddStub, in addition to the
hydrogen version of NumberToStringStub.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/23726041

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16874 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-23 10:58:45 +00:00
verwaest@chromium.org
3dd88c4067 Pad the environment with 0 rather than the receiver to avoid influencing the representation of the join.
R=titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23707055

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16861 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-20 11:34:05 +00:00
bmeurer@chromium.org
6fce49609b Allow IfBuilder's to join existing (captured) continuations.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/23452049

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16857 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-20 10:47:09 +00:00
mvstanton@chromium.org
1b576e1e86 Some cleanup fixes
* Consolidated CopyJSObject and CopyJSObjectWithAllocationSite
* Factory.h helper for struct maps.
* BuildFastLiteral shouldn't create allocation sites in pretenuring mode.

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/24255005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-20 09:27:40 +00:00
olivf@chromium.org
06be8bf0d5 Use New<> constructors in BuildBinaryOperation.
BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/24267012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16853 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-20 09:25:10 +00:00
olivf@chromium.org
6fc2875d51 Fix Environment size mismatch in r6849.
TBR=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/23983043

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16851 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-20 08:34:23 +00:00
olivf@chromium.org
c4a03e4c71 Hydrogen binop improvements
- Truncate oddball if possible.
- Support for StringAdd with only one String argument.
- Use constructor macro for HMul.
- Add ForceNumberType for HydrogenStubs to enforce input representations.

BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/23503058

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16849 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-20 07:21:30 +00:00
verwaest@chromium.org
f74c62e58b Optimize typed-array length loading.
R=dslomov@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23484060

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16845 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-19 18:19:24 +00:00
verwaest@chromium.org
138eacd5af Reenable polymorphic getter inlining.
R=titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/24134003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-19 14:47:15 +00:00
bmeurer@chromium.org
42f4d213ca Fix missing initialization of last_true_block_ in IfBuilder.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/23976005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16834 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-19 14:35:53 +00:00
bmeurer@chromium.org
557e9b9d5c Fix IfBuilder to use instruction factories. Add missing instruction factories.
This also makes the instruction constructors private and fixes
all uses of the public constructors to use the factory methods
instead.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/23654051

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16808 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-19 06:45:45 +00:00
verwaest@chromium.org
4db74648bd Turn of polymorphic getter inlining since it breaks webkit tests
BUG=
R=titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23526063

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16804 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-18 16:59:23 +00:00
mstarzinger@chromium.org
ff2719a075 Remove obsolete Runtime_CreateObjectLiteralShallow.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/24096019

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16793 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-18 15:08:17 +00:00
verwaest@chromium.org
4da303d937 Unify load handling into CanLoad and Load.
R=titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/24088003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16792 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-18 14:56:18 +00:00
verwaest@chromium.org
8c0c573d96 Set the proper instance-type on HAllocate in BuildFastLiteral
BUG=chromium:284577
R=hpayer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23480094

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16790 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-18 14:14:55 +00:00
titzer@chromium.org
05797e77fd Implement local load/store elimination on basic blocks.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/24117004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16776 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-17 15:32:21 +00:00
mvstanton@chromium.org
61a3605ad2 Chromium 284577 needs a mitigation CL added. There is a TODO to remove
the mitigation when the cause of the bug is discovered.

BUG=
R=hpayer@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23606032

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16742 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-16 16:50:41 +00:00
svenpanne@chromium.org
8ed9b08e31 In the case of shift amounts with two constants and if their sum is equal 32, then shift can also be replaced with bit rotate.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/24095002

Patch from Bangfu Tao <bangfu.tao@samsung.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16735 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-16 13:51:14 +00:00
bmeurer@chromium.org
8588b74491 Remove unused context parameter from AddIncrementCounter().
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/23622033

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16728 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-16 11:30:10 +00:00
mvstanton@chromium.org
516339cba5 Every place where AllocationMemento is initialized with an
AllocationSite is now checked to be sure a valid Site goes in.

This is temporary code to diagnose chromium bug 284577.

(This is a second attempt, the first attempt ran into the problem of undefined ordering of function calls in Windows and Mac optimized builds, see the fixes in code-stubs-hydrogen.cc).

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23440035

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-13 13:50:16 +00:00
verwaest@chromium.org
ea77a8edc0 Use regular map-checks to guard string-length loading.
R=ulan@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23702039

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-13 09:57:48 +00:00
mstarzinger@chromium.org
50b0567640 Handlify JSObject::DeepCopy method.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/22934006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-13 09:51:11 +00:00
mvstanton@chromium.org
c29295e88b Revert "Every place where AllocationMemento is initialized with an"
This reverts r16705 for breaking Windows build.

R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/23447031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16706 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-13 08:44:37 +00:00
mvstanton@chromium.org
25c4f763ed Every place where AllocationMemento is initialized with an
AllocationSite is now checked to be sure a valid Site goes in.
This is temporary code to diagnose chromium bug 284577.

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23622029

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-13 08:13:17 +00:00
verwaest@chromium.org
e9c4a49866 Reland Handle non-JSObject heap objects using slow-path IC stub guarded by the map.
R=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23578030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-12 22:04:04 +00:00
verwaest@chromium.org
ff412d8c37 Revert "Handle non-JSObject heap objects using slow-path IC stub guarded by the map."
TBR=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23475039

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-12 16:57:37 +00:00
verwaest@chromium.org
f375e0514b Handle non-JSObject heap objects using slow-path IC stub guarded by the map.
BUG=chromium:280632
R=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23691056

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-12 16:12:04 +00:00
mvstanton@chromium.org
6790b83748 To diagnose chromium bug 284577, some additional CHECKS. TODOs are
added so these can be backed out once the cause of the bug is determined.

BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/23936007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-11 13:39:11 +00:00
yangguo@chromium.org
64bb1800a5 Add assertion to UniqueValueId constructor.
R=verwaest@chromium.org
BUG=

Review URL: https://codereview.chromium.org/23781006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16652 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-11 13:00:27 +00:00
dcarney@chromium.org
7983023682 thread isolate for HConstant::handle
R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/24027004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16587 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-09 07:57:23 +00:00
verwaest@chromium.org
e25e6ab25d Let BuildStore/BuildLoad distinguish between keyed/named load/stores.
R=bmeurer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23537024

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16575 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-06 13:06:39 +00:00
verwaest@chromium.org
18f6577bad Properly filter types using the initial map from HAllocate.
R=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23615012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16572 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-06 11:32:46 +00:00
mstarzinger@chromium.org
9b1ab75c51 Consistently use CHECK_ALIVE_OR_RETURN in graph builder.
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/23819026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16562 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-05 18:41:20 +00:00
verwaest@chromium.org
79a5834cd0 Wrap PushLoad and BuildStoreInEffect in CHECK_ALIVE.
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23903017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16558 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-05 16:22:46 +00:00
loislo@chromium.org
bbd26abedb Functions may not be optimized and we would like to know in cpu profiler what was the reason.
Current v8 implementation may disable optimization for a particular function or block it with help of dont_optimize flag.
The patch propagates the reason of that to the SharedFunctionInfo where cpu profiler can get it.

SharedFunctionInfo is a heap object so I extracted 8 bits from OptsCount for handling bailout reason code.

BUG=none
TEST=test-profile-generator/BailoutReason
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/23817003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16555 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-05 13:20:51 +00:00
verwaest@chromium.org
b41a7b9cea Properly close the CountOperation value/effect context after leaving the store effect context.
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23897003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16554 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-05 12:33:14 +00:00
verwaest@chromium.org
924463984c Use ast_id (id) instead of return_id (LoadId) in simulates for load instructions.
R=svenpanne@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23889006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-04 09:19:17 +00:00
verwaest@chromium.org
6f8713e25b Put store of postcrement in EffectContext.
R=svenpanne@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23514034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16516 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-04 08:16:54 +00:00
svenpanne@chromium.org
75763061e7 Cleaned up deopt reason messages a bit.
They are now a bit more consistent, and they don't mention the name of a
flag, which will go out of sync some day. ;-)

R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/23845003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16514 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-04 07:27:10 +00:00
verwaest@chromium.org
26dc6c6e19 Support setter inlining in CountOperation.
R=svenpanne@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23757018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-03 14:10:25 +00:00
verwaest@chromium.org
80dda72f4b Unify all 3 implementations of load handling.
R=svenpanne@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23496031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16510 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-03 14:07:38 +00:00
verwaest@chromium.org
c41cb4be44 Fix interceptor handling in crankshaft.
R=dcarney@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23614011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16495 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-03 08:55:52 +00:00
dcarney@chromium.org
f4e16f24ec remove Isolate::Current from most files starting with 'a'
R=svenpanne@chromium.org
BUG=

Review URL: https://codereview.chromium.org/23859002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16463 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-09-02 09:27:27 +00:00
jkummerow@chromium.org
9efb5cd23b Make VisitStatements() consistent among all AstVisitor implementations
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/23441018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16443 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-30 10:51:37 +00:00
jkummerow@chromium.org
2c9ac9c7e1 Always visit branches during HGraph building
even if constant values indicate that they are unreachable.

BUG=chromium:280333
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23623009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-29 14:55:45 +00:00
hpayer@chromium.org
95c7ae8149 Simplified BuildFastLiteral by eliminating manual allocation folding.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23030002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16422 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-29 12:06:45 +00:00
olivf@chromium.org
5659e7c84e Fix assert triggered by constant folding.
Add<> asserts the return type, which might not be an HAdd in this case
because of constant folding.

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/23754002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16414 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-29 09:54:52 +00:00
bmeurer@chromium.org
b320dfcf58 Reland^2 "Add Chromium-style TimeDelta, Time and TimeTicks classes, and a new ElapsedTimer class."
These classes are meant to replace OS::Ticks() and OS::TimeCurrentMillis(),
which are broken in several ways. The ElapsedTimer class implements a
stopwatch using TimeTicks::HighResNow() for high resolution, monotonic
timing.

Also fix the CpuProfile::GetStartTime() and CpuProfile::GetEndTime()
methods to actually return the time relative to the unix epoch as stated
in the documentation (previously that was relative to some arbitrary
point in time, i.e. boot time).

The previous Windows issues have been resolved, and we now use GetTickCount64()
on Windows Vista and later, falling back to timeGetTime() with rollover
protection for earlier Windows versions.

BUG=v8:2853
R=machenbach@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/23490015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16413 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-29 09:15:13 +00:00
jkummerow@chromium.org
3747b5bc6d Delete HAbnormalExit. It does more harm than good.
BUG=v8:2843
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23462007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16406 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 15:00:30 +00:00
bmeurer@chromium.org
adab11d0f9 Revert "Cross-compiling from Linux to Android requires -lrt for the host toolset.", "Fix Visual Studio debug build after r16398." and "Reland "Add Chromium-style TimeDelta, Time and TimeTicks classes, and a new ElapsedTimer class.""
This reverts commit r16398, r16399 and r16402 for breaking the Windows
WebKit tests. Will reland fix which doesn't use High Resolution Timer
for ElapsedTimer (we suspect QueryPerformanceCounter overhead is
responsible for test breakage).

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/23710002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16405 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 14:32:08 +00:00
mstarzinger@chromium.org
57ac971a78 Implement proper map checks of captured objects.
R=verwaest@chromium.org
TEST=mjsunit/compiler/escape-analysis

Review URL: https://codereview.chromium.org/23697002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16403 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 14:16:57 +00:00
bmeurer@chromium.org
e2b4525397 Reland "Add Chromium-style TimeDelta, Time and TimeTicks classes, and a new ElapsedTimer class."
These classes are meant to replace OS::Ticks() and OS::TimeCurrentMillis(),
which are broken in several ways. The ElapsedTimer class implements a
stopwatch using TimeTicks::HighResNow() for high resolution, monotonic
timing.

Also fix the CpuProfile::GetStartTime() and CpuProfile::GetEndTime()
methods to actually return the time relative to the unix epoch as stated
in the documentation (previously that was relative to some arbitrary
point in time, i.e. boot time).

BUG=v8:2853
R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/23469013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16398 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 13:03:06 +00:00
bmeurer@chromium.org
1d3f6815e3 Revert "Add Chromium-style TimeDelta, Time and TimeTicks classes, and a new ElapsedTimer class."
This reverts commit r16390 for breaking the Windows build. Will
reland fixed version, which also uses the platform/ folder instead
of time/ folder as per offline discussion.

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/23690003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16391 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 11:38:20 +00:00
bmeurer@chromium.org
fa5216a145 Add Chromium-style TimeDelta, Time and TimeTicks classes, and a new ElapsedTimer class.
These classes are meant to replace OS::Ticks() and OS::TimeCurrentMillis(),
which are broken in several ways. The ElapsedTimer class implements a
stopwatch using TimeTicks::HighResNow() for high resolution, monotonic
timing.

Also fix the CpuProfile::GetStartTime() and CpuProfile::GetEndTime()
methods to actually return the time relative to the unix epoch as stated
in the documentation (previously that was relative to some arbitrary
point in time, i.e. boot time).

BUG=v8:2853
R=machenbach@chromium.org, yurys@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=16388

Review URL: https://codereview.chromium.org/23295034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16390 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 11:06:11 +00:00
bmeurer@chromium.org
cfb126c52a Revert "Add Chromium-style TimeDelta, Time and TimeTicks classes, and a new ElapsedTimer class."
This reverts commit r16388 for breaking build due to merge typo,
will reland with typo fixed.

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/23698002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16389 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 11:04:40 +00:00
bmeurer@chromium.org
8faf4d4291 Add Chromium-style TimeDelta, Time and TimeTicks classes, and a new ElapsedTimer class.
These classes are meant to replace OS::Ticks() and OS::TimeCurrentMillis(),
which are broken in several ways. The ElapsedTimer class implements a
stopwatch using TimeTicks::HighResNow() for high resolution, monotonic
timing.

Also fix the CpuProfile::GetStartTime() and CpuProfile::GetEndTime()
methods to actually return the time relative to the unix epoch as stated
in the documentation (previously that was relative to some arbitrary
point in time, i.e. boot time).

BUG=v8:2853
R=machenbach@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/23295034

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16388 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 10:59:07 +00:00
hpayer@chromium.org
4d7375ca98 Clear next map word when folding allocations into js arrays.
BUG=
R=mstarzinger@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/22915007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16381 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-28 08:39:43 +00:00
hpayer@chromium.org
6379e5dc41 Eliminated manual allocation folding in BuildCloneShallowArray.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/23038003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16359 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-27 13:39:52 +00:00
mvstanton@chromium.org
7fea193609 Convert FastNewClosureStub into hydrogen.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/22562002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16356 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-27 11:55:08 +00:00
jkummerow@chromium.org
da037f9872 H-BuildIncrement should make use of available type feedback
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/22611009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16353 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-27 11:44:45 +00:00
mvstanton@chromium.org
c9591f005e Store mode for keyed stores should be passed in from type feedback
regardless of the map used in polymorphic stores.

BUG=
R=jkummerow@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/21058003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-26 12:28:08 +00:00
verwaest@chromium.org
e7b3bb3c81 Replace mapcheck dependency on HStoreNamedField with object.
R=mstarzinger@chromium.org

Review URL: https://chromiumcodereview.appspot.com/23402005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16308 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-23 17:55:22 +00:00
verwaest@chromium.org
3837ef57d0 Fix dependency of loading the heap-number for a double-field store to be the mapcheck.
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22926027

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16306 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-23 16:31:31 +00:00
jkummerow@chromium.org
183090464d Clean up the redundant Int32Constant check which is covered by double case
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/22815032

Patch from Weiliang Lin <weiliang.lin2@gmail.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16282 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-23 08:11:12 +00:00
yangguo@chromium.org
be48c5ae26 Rename "parallel recompilation" to "concurrent recompilation".
Also introduced macros for flag aliases for temporary backwards compatibility.

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/23014007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16280 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-22 16:14:37 +00:00
svenpanne@chromium.org
40f81949d3 Cleaned up nil comparisons in Hydrogen.
This consists basically of 2 parts:

   * Restructured BuildCompareNil to make the logic behind it clearer.
     Note that it is intentionally written in a quite stylized way.

   * Replaced a usesless IfBuilder by a plain HInstruction, removing
     some empty blocks.

R=danno@chromium.org

Review URL: https://codereview.chromium.org/22305004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16266 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-22 06:44:34 +00:00
jkummerow@chromium.org
e814a9b96b Fix "Hole" leak in TryBuildConsolidatedElementLoad
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/23361007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16262 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-21 15:31:03 +00:00
verwaest@chromium.org
6337281204 Pass checked values to HLoadNamedField, removing the need for extra type-check field.
R=titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22831003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16260 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-21 14:49:56 +00:00
bmeurer@chromium.org
c2c6b2813d Reland "Use V8_FINAL and V8_OVERRIDE in various places, fixing bugs revealed by them.".
- Use V8_FINAL and V8_OVERRIDE in Ast classes.
- Use V8_FINAL and V8_OVERRIDE in Lithium mips backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium arm backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium x64 backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium ia32 backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium classes.
- Use V8_FINAL and V8_OVERRIDE in Hydrogen classes.

TBR=dslomov@chromium.org

Review URL: https://codereview.chromium.org/22796020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16244 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-20 11:10:24 +00:00
bmeurer@chromium.org
60e7d4b1e3 Revert "Use V8_FINAL and V8_OVERRIDE in various places, fixing bugs revealed by them."
This reverts commit r16232 for breaking the
tools/gen-postmortem-metadata.py script. Will reland without the
objects.{cc,h} changes.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/23143007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16243 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-20 10:52:23 +00:00
bmeurer@chromium.org
9929a9cd12 Use V8_FINAL and V8_OVERRIDE in various places, fixing bugs revealed by them.
- Use V8_FINAL and V8_OVERRIDE in objects.
- Use V8_FINAL and V8_OVERRIDE in Ast classes.
- Use V8_FINAL and V8_OVERRIDE in Lithium mips backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium arm backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium x64 backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium ia32 backend.
- Use V8_FINAL and V8_OVERRIDE in Lithium classes.
- Use V8_FINAL and V8_OVERRIDE in Hydrogen classes.

R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/23064017

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16232 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-20 07:27:06 +00:00
verwaest@chromium.org
169f5a9d7b Never hchange nan-hole to hole or hole to nan-hole.
Only allow changing hole to nan if all uses allow undefined as nan.

R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22152003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16183 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-14 08:54:27 +00:00
verwaest@chromium.org
ee53b0a5ed Make all load-named-fields depend on their map-check, unless explicitly ignored.
BUG=
R=titzer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22555004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16139 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-09 18:40:10 +00:00
mstarzinger@chromium.org
6989edf771 Make sure polymorphic element access creates non-replaying phis.
R=danno@chromium.org
BUG=v8:2815

Review URL: https://codereview.chromium.org/22589005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16136 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-09 15:23:15 +00:00
mstarzinger@chromium.org
cc3b7a007f Allow HPhis to have an invalid merge index.
All phis that do not represent local variables or values on the operand
stack are not allowed to carry a merge index, as the replay of the
HEnvironment during LChunkBuilder time might get out of sync due to
colliding indexes.

R=danno@chromium.org
BUG=v8:2815

Review URL: https://codereview.chromium.org/22494003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16135 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-09 15:18:23 +00:00
verwaest@chromium.org
3715358145 Replace LoadNamedFieldPolymorphic with explicit branches.
R=ulan@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22213002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16133 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-09 14:04:47 +00:00
mvstanton@chromium.org
201c512dc7 Deoptimization is easier to diagnose when there is a text reason.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/22339018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16131 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-09 12:50:42 +00:00
verwaest@chromium.org
19659646ca Fix smi-based math floor.
BUG=chromium:270268
R=svenpanne@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22623007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16128 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-09 11:21:03 +00:00
verwaest@chromium.org
e5afd32129 Fix Object.freeze, Object.observe wrt CountOperation and CompoundAssignment.
BUG=2774,2779
R=adamk@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22562004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16111 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-07 18:45:41 +00:00
mstarzinger@chromium.org
63defee477 First implementation of allocation elimination in Hydrogen.
This change implements a simple data-flow analysis pass over captured
objects to the existing escape analysis. It tracks the state of values
in the Hydrogen graph through CapturedObject marker instructions that
are used to construct an appropriate translation for the deoptimizer to
be able to materialize these objects again.

This can be considered a combination of scalar replacement of loads and
stores on captured objects and sinking of unused allocations.

R=titzer@chromium.org
TEST=mjsunit/compiler/escape-analysis

Review URL: https://codereview.chromium.org/21055011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16098 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-07 11:24:14 +00:00
svenpanne@chromium.org
bc6fe88030 Desugar bitwise negation into XOR and kill all UnaryOp stuff.
R=mstarzinger@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/22184004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16073 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-06 13:34:51 +00:00
verwaest@chromium.org
2622158aa0 Change environment padding value to value with smi representation.
BUG=
R=ulan@chromium.org

Review URL: https://chromiumcodereview.appspot.com/22226002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16059 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-05 16:53:28 +00:00
verwaest@chromium.org
04b5e7fa63 Replace HCheckPrototypeMaps by explicit map checks of constant values.
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/21065006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16055 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-05 13:45:16 +00:00
verwaest@chromium.org
251c191824 Fix the loop-builder to tag the entire body as part of the loop.
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/21813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16041 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-05 08:59:55 +00:00
svenpanne@chromium.org
bf71023ba5 Replaced unary negation by multiplication with -1.
This fixes a deopt loop in the Epic Citadel demo and removes some code. Apart from that, this change is performance-neutral.

When we do something similar for BIT_NOT, the whole UnaryOp stuff can go away.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/21782002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16029 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-02 11:56:35 +00:00
mstarzinger@chromium.org
1e296936eb Store transition on HStoreNamedField as HConstant.
This allows optimization passes that run in the parallel compiler thread
to use the map that a store transitions to for further analysis even
though the map handle cannot be dereferenced.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/21560002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16028 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-02 11:24:55 +00:00
titzer@chromium.org
af2663afd8 Remove instructions and infrastructure related to IDEFs that is now obsolete (and was never turned on). The new bounds check elimination phase doesn't make use of these features, as they were the first parts of the previous approach which was never completed.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/21579003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16027 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-02 11:17:26 +00:00
loislo@chromium.org
d2c443b774 Extract hardcoded error strings into a single place and replace them with enum.
I'd like to propagate bailout reason to cpu profiler.
So I need to save it into heap object SharedFunctionInfo.
But:
1) all bailout reason strings spread across all the sources.
2) they are native strings and if I convert them into String then I may have a performance issue.
3) one byte is enough for 184 bailout reasons. Otherwise we need 8 bytes for the pointer.

Also I think it would be nice to have error strings collected in one place.
In that case we will get additional benefits:

It allows us to keep this set of messages under control.
It gives us a chance to internationalize them.
It slightly reduces the binary footprint.

From the other hand the developers have to add new strings into that enum.

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/20843012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-02 09:53:11 +00:00
jkummerow@chromium.org
61f531cf23 Remove buggy ToNumber truncation
BUG=v8:2813
R=danno@chromium.org

Review URL: https://codereview.chromium.org/21531003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16008 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-01 16:12:31 +00:00
hpayer@chromium.org
3e7e3f70a6 Pretenure heap number in high promotino mode if a store requires a mutable heap number to be allocated.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/21501002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16004 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-01 08:49:27 +00:00
bmeurer@chromium.org
3da5d1ad7b Get rid of HStringLength.
Use HLoadNamedField to load the string length field instead.

Depends on: https://codereview.chromium.org/21488002

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/21499002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16002 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-01 08:42:47 +00:00
hpayer@chromium.org
9e8058146e Cleaning up HAllocate space and double alignment selection.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/21074004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16000 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-08-01 08:34:36 +00:00
danno@chromium.org
e5e0100504 Fix overzealous casting that erroneously lead to ASSERTs
R=verwaest@chromium.org

Review URL: https://chromiumcodereview.appspot.com/21372002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15991 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-31 15:40:24 +00:00
danno@chromium.org
4cdffbf4fe Improve instruction creating/adding shorthand in HGraphBuilder
Add multi-argument templates for New, NewUncasted, Add and AddUncasted that
call boilerplate HInstruction::New methods rather than the constructor directly.
This allows for automatic passing of the zone and context for instructions that
need them.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/21356002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-31 14:58:39 +00:00
verwaest@chromium.org
3143f5f88b Remove special handling of fields in combination with elements transitions in Crankshaft.
Instead first try to keep ICs monomorphic if elements kinds generalize. If that fails, use standard polymorphic handling. The Try*PolymorphicAsMonomorphic methods will automatically produce code similar to the previous approach using CheckMapsWithTransitions.

BUG=
R=hpayer@chromium.org

Review URL: https://chromiumcodereview.appspot.com/21107004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15982 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-31 10:08:05 +00:00
hpayer@chromium.org
b6a6fc76dc Allocation space decisions are precisely made in hydrogen.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/21089006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15970 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-31 07:03:16 +00:00
bmeurer@chromium.org
82e4ba6f70 Turn mark deoptimize on undefined into a proper HPhase.
This patch also removes the implicit recursion on phi operands,
using a loop and a worklist instead, to avoid potential stack
overflows.

R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/21065003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15952 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-30 10:25:20 +00:00
bmeurer@chromium.org
b019910a38 This adds generic support for ExternalReferences in Hydrogen (and Lithium), as required for AddIncrementCounter.
R=danno@chromium.org, titzer@chromium.org

Review URL: https://codereview.chromium.org/19562003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15936 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-29 13:56:51 +00:00
mvstanton@chromium.org
e9cc78af7e Fix for V8 issue 2795: Check fails with deopt for mjsunit/array-store-and-grow
(https://code.google.com/p/v8/issues/detail?id=2795)

The reason is when allocating and building arrays in hydrogen we need to ensure
we do any int32-to-smi conversions BEFORE the allocation. These conversions can
at least theoretically deoptimize. If this happens before all the fields of the
newly allocated object are filled in, we will have a corrupted heap.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/20726002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15929 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-29 11:50:39 +00:00
jkummerow@chromium.org
32e2e37230 Fix JSArray-specific length lookup in polymorphic array handling
BUG=chromium:263276
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/20295005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-25 15:04:21 +00:00
verwaest@chromium.org
5de783d47e Adding Smi support to Add, Sub, Mul, and Bitwise
R=svenpanne@chromium.org

Review URL: https://chromiumcodereview.appspot.com/20070005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15879 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-25 11:53:38 +00:00
titzer@chromium.org
5dd517ff3b Move representation into HObjectAccess and remove from HLoadNamedField and HStoreNamedField.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/18503006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15875 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-25 09:37:52 +00:00
mmassi@chromium.org
b5a43f48a6 New array bounds check elimination pass (focused on induction variables and bitwise operations).
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/17568015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-25 06:37:25 +00:00
verwaest@chromium.org
6b83c868f0 Convert CONSTANT_FUNCTION to CONSTANT
R=yangguo@chromium.org

Review URL: https://chromiumcodereview.appspot.com/19485008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15858 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-24 12:34:50 +00:00