AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
15,661 Commits 1 Branch 0 Tags 839 MiB
45118bfdfb
Commit Graph

2693 Commits

Author SHA1 Message Date
bmeurer@chromium.org
750f2d98f8 Fix uses of range analysis results in HChange. 
BUG=v8:3204
LOG=y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/195023002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19872 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-13 06:11:52 +00:00
rmcilroy@chromium.org
e57d0296da Reland "Pass a Code object to Assembler::(set_)target_address_at for use by ool constant pool." 
The ool constant pool will require a pointer to the code's constant pool when
updating or reading target addresses using set_target_address_at()
and target_address_at().

Original Review URL: https://codereview.chromium.org/183803022

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/195983002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-12 15:23:54 +00:00
svenpanne@chromium.org
be328fd4ce Disable special handling of flooring division by constant until it is fixed for real. 
Added a test to check the various division-like operations more exhaustively.

R=bmeurer@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/194863002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19852 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-12 14:28:59 +00:00
jkummerow@chromium.org
8a1812f252 Fix lazy deopt after tagged binary ops 
Also add policing code to ensure that optimized frames can in fact lazily deopt
at their respective current PC when we patch them for lazy bailout.

BUG=chromium:350434
LOG=y
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/194703008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19834 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-12 09:59:36 +00:00
rmcilroy@chromium.org
0896bd70a2 Revert "Pass a Code object to Assembler::(set_)target_address_at for use by ool constant pool." 
This reverts r19825 for breaking ia32.debug checks.

Original Review URL: https://codereview.chromium.org/183803022

Update serializer to be able to deal with ool constant pool.

TBR=ulan@chromium.org

Review URL: https://codereview.chromium.org/195373004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19827 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 21:46:26 +00:00
rmcilroy@chromium.org
38732785dd Pass a Code object to Assembler::(set_)target_address_at for use by ool constant pool. 
The ool constant pool will require a pointer to the code's constant pool when
updating or reading target addresses using set_target_address_at()
and target_address_at().

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/183803022

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19825 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 20:31:23 +00:00
rossberg@chromium.org
8e3f3cee9e Eliminate extended mode, and other modes clean-up 
- Merge LanguageMode and StrictModeFlag enums
- Make harmony-scoping depend only on strict mode
- Free some bits on the way
- Plus additional clean-up and renaming

R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/181543002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 14:41:22 +00:00
rossberg@chromium.org
3f702d4bf9 Mode clean-up pt 1: rename classic/non-strict mode to sloppy mode 
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/177683002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 14:39:08 +00:00
bmeurer@chromium.org
4ac0876a8c Cleanup some of the range uses in ModI/DivI. 
BUG=v8:3204
LOG=y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/191293013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19796 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 11:57:27 +00:00
titzer@chromium.org
91a2aa6a2c Add MacroAssembler::Move(reg, immediate) on IA32. 
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/188463003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19780 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 08:52:48 +00:00
rmcilroy@chromium.org
9cfd807cba Special case the recording of constant pool entries in the slot buffer. 
This CL enables RelocInfo pointers which live in the constant pool to be treated
as normal pointers by the slot buffer, avoiding the requirement of creating fake
RelocInfo objects during UpdateSlots() in order to update these slots.  This
is possible because constant pool entries are just pointers and don't require
the RelocInfo machinary to be updated.

EmbeddedObject constant pool entries can be added untyped to the slot buffer,
while code targets are still typed in order to correctly update the target
address based on the relocated code object.

Note: this is required in order to enable OOL constant pool support on Arm, but
should be benifitial for the current inline constant pool used by Arm code.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/179813005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19772 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-10 18:47:57 +00:00
bmeurer@chromium.org
bf86e624d4 Reland "Handle non-power-of-2 divisors in division-like operations". 
Fixed the flooring div bug and added a test case.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/191293012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19749 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-10 10:39:17 +00:00
dcarney@chromium.org
132d4428e5 allowed keyed store callbacks ic generation 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/173853005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19744 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-10 08:40:03 +00:00
yangguo@chromium.org
4f15fd2977 Reland "Introduce intrinsics for double values in Javascript." 
This relands r19704 with a fix to the test case.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/189823003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 14:58:41 +00:00
svenpanne@chromium.org
fa6d25a602 Revert "Handle non-power-of-2 divisors in division-like operations", "A64 tweaks for division-like operations." and "Windows build fix.". 
This reverts commit 19719, 19720 and 19721 because
mozilla/ecma/Date/15.9.3.1-1 fails (in release mode only?).

TBR=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/189963005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19722 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 13:11:56 +00:00
svenpanne@chromium.org
94c450fcb9 Handle non-power-of-2 divisors in division-like operations 
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/190383002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 11:44:04 +00:00
svenpanne@chromium.org
819315db4e Consistenly handle power-of-2 divisors in division-like operations 
Lithium currently supports 3 division-like operations on integral operands: "Normal" division (rounding towards zero), flooring division (rounding towards -Infinity) and modulus calculation (the counterpart for the "normal" division). For divisors which are a power of 2, one can efficiently use some bit fiddling to avoid the actual division for such operations. This CL cleanly splits off these operations into separate Lithium instructions, making the code much more maintainable and more consistent across platforms.

There are 2 basic variations of these bit fiddling algorithms: One involving branches and a seemingly more clever one without branches. Choosing between the two is not as easy as it seems: Benchmarks (and probably real-world) programs seem to favor positive dividends, registers and shifting units are sometimes scarce resources, and branch prediction is quite good in modern processors. Therefore only the "normal" division by a power of 2 is implemented in a branch-free manner, this seems to be the best approach in practice. If this turns out to be wrong, we can easily and locally change this.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/175143002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19715 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 10:36:28 +00:00
mvstanton@chromium.org
1812f63fd2 Moved type feedback vector to SharedFunctionInfo. 
Type Vector followup: the type vector currently lives off the code object. This CL moves it to the SharedFunctionInfo, facilitating re-use and continued use in crankshafted code if desired.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/178463007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 10:12:17 +00:00
yangguo@chromium.org
143902bebf Revert "Introduce intrinsics for double values in Javascript." 
This reverts r19704.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/189533008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 09:49:28 +00:00
mvstanton@chromium.org
1d3652ebe6 Symbols for type cells. We can make more efficient code to check against type cells in the future if we use symbols, guaranteed not to conflict with user code. Currently, the "symbols" are the hole and undefined. Undefined may come in from the outside. 
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/181283003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19706 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 09:10:18 +00:00
yangguo@chromium.org
2aefde4443 Introduce intrinsics for double values in Javascript. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/178583006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 09:05:10 +00:00
bmeurer@chromium.org
c6bfbace87 ia32: Simplify inlined Smi code for SAR. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/188483002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19700 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 08:36:53 +00:00
bmeurer@chromium.org
a4d3fbdc8f Optimistically untag the input in tagged-to-i. 
Also drop redundant jmp instruction in deferred code.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/182723003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19698 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 08:36:13 +00:00
mvstanton@chromium.org
6115a006fd Bugfix for 349874: we incorrectly believe we saw a growing store 
When we set an out of bounds array index, the index might be so large that
it causes the array to go to dictionary mode. It's better to avoid
"learning" that this was a growing store in that case.

This fix also partially reverts a fix for bug 347543, as this fix is
comprehensive and satisfies that repro case as well (partial revert of
v19591).

BUG=349874
LOG=N
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/188643002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-06 13:07:51 +00:00
jarin@chromium.org
7ac668f753 Deoptimization fix for HPushArgument. 
HPushArgument should never be used in a simulation environment
because the slot addresses for the arguments can be off (e.g.,
due to on-stack arguments object of an inlined caller).

R=mstarzinger@chromium.org
BUG=v8:3183
LOG=N

Review URL: https://codereview.chromium.org/178193026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-05 12:45:46 +00:00
mstarzinger@chromium.org
9ab32061ed Print properly signed displacement in disassembler. 
R=titzer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/178193028

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19667 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-05 09:28:26 +00:00
mstarzinger@chromium.org
827adfe45a Print properly signed displacement in IA32 disassembler. 
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/176993004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19652 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-04 13:07:00 +00:00
verwaest@chromium.org
9b8021ad29 Remove all uses of field-tracking flags that do not make decisions but are subject to existing information. 
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/173963002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-04 12:48:17 +00:00
bmeurer@chromium.org
e16cc0acaf Push safepoint registers in deferred number-to-i/u only on-demand. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/181053005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-04 12:45:00 +00:00
hpayer@chromium.org
b3ecfa32c2 Consolidate RecordWriteFromCode and RecordWriteForEvacuationFromCode. 
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/185233008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-03 13:27:59 +00:00
ulan@chromium.org
b9e0b87a5a Clear optimized code cache in shared function info when code gets deoptimized. 
This adds a pointer to the shared function info into deoptimization data of an optimized code. Whenever the code is deoptimized, it clears the cache in the shared function info.

This fixes the problem when the optimized function dies in new space GC before the code is deoptimized due to code dependency and before the optimized code cache is cleared in old space GC (see mjsunit/regress/regress-343609.js).

This partially reverts r19603 because we need to be able to evict specific code from the optimized code cache.

BUG=343609
LOG=Y
TEST=mjsunit/regress/regress-343609.js
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/184923002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-03 11:11:39 +00:00
jkummerow@chromium.org
85367a7db9 Fail early when re-entering code that has been patched for lazy deopt 
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/184373004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19607 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-28 12:41:25 +00:00
mvstanton@chromium.org
df988c7f6b The Array function must be looked up in the native context. 
Platforms x64, a64, arm and mips had the bug that the array function was looked
up in the global context instead of the native context. Fix this, restoring a
weakened assert in hydrogen along the way (by the fix for crbug 347528, which
helped find this case).

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/184383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-28 10:39:36 +00:00
ishell@chromium.org
2ab83cf192 HAllocate should never generate allocation code if the requested size does not fit into page. Regression test included. 
BUG=347543
LOG=N
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/180803005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19591 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-27 17:33:25 +00:00
jacob.bramley@arm.com
baf2614853 Remove the unused LoadInitialArrayMap. 
BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/173883003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-20 16:36:53 +00:00
ulan@chromium.org
db60894687 Clean up weak objects in optimized code. 
This prepares for weak objects in IC stubs.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/172233003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19489 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-19 14:03:48 +00:00
mvstanton@chromium.org
73b679cbee Revert "Second attempt at introducing a premonomorphic state in the call" 
This reverts commits r19463 and r19457 (includes MIPS port), there was a
Sunspider perf issue and on reflection we can achieve the necessary
result in a new way.

TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/172383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19488 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-19 13:55:25 +00:00
yangguo@chromium.org
139134acc2 Harmony: optimize Math.clz32. 
R=svenpanne@chromium.org
BUG=v8:2938
LOG=N

Review URL: https://codereview.chromium.org/172133003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19487 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-19 13:51:49 +00:00
ulan@chromium.org
cf568ea0ed Do not emit receiver map in CheckPrototypes. 
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/170613002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19471 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-19 09:24:44 +00:00
mvstanton@chromium.org
5224c3d0f0 Second attempt at introducing a premonomorphic state in the call 
target caches.

This time we don't go through the premonomorphic state for
the Array call target caches to avoid losing information from
allocation sites that aren't only used once, but where the
resulting array is used heavily.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/169683003

Patch from Kasper Lund <kasperl@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19457 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-18 15:33:34 +00:00
jacob.bramley@arm.com
847aad8059 Pass a BailoutReason to Runtime::kAbort. 
BUG=
R=rmcilroy@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/168903004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19442 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-18 13:03:24 +00:00
svenpanne@chromium.org
dbce27047e Fixed and improved code for integral division. Fixed and extended tests. 
Arithmetic right shifting is *not* division in two's complement
representation, only in one's complement. So we convert to one's
complement, shift, and go back to two's complement. By permutating the
last steps, one can get efficient branch-free code. This insight comes
from the paleozoic era of computer science, see the paper from 1976:

   Guy Lewis Steele Jr.: "Arithmetic Shifting Considered Harmful"
   ftp://publications.ai.mit.edu/ai-publications/pdf/AIM-378.pdf

This results in better and more correct code than our previous
"neg/shift/neg" dance.

LOG=y
BUG=v8:3151
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/166793002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-18 10:45:27 +00:00
mvstanton@chromium.org
8bcdbc354f Revert "Add a premonomorphic state to the call target cache." 
This reverts commit r19402

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/169713002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19412 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-17 14:22:18 +00:00
dcarney@chromium.org
127cafa846 Remove arch specific api callback generate functions 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/169353002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19406 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-17 12:36:44 +00:00
mvstanton@chromium.org
be731e6c95 Add a premonomorphic state to the call target cache. 
From a CL by kasperl: https://codereview.chromium.org/162903004/

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/163413003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19402 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-17 11:59:45 +00:00
verwaest@chromium.org
ed9bbc7051 Remove HandlerKindField and just encode the handlerkind as the only extra-ic-state. 
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/166883002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19385 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 15:17:26 +00:00
verwaest@chromium.org
209b17ac31 Don't mix handler flags into regular flag computation. 
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/163363003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19384 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 15:15:08 +00:00
dcarney@chromium.org
55599b395a build fix for r19380 
R=mstarzinger@chromium.org

BUG=

Review URL: https://codereview.chromium.org/166483004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19381 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 14:48:20 +00:00
dcarney@chromium.org
0c844cc590 api accessor store ics should return passed value 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/166653003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19380 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 14:13:06 +00:00
yangguo@chromium.org
68c7523e63 Fix assignment of function name constant. 
If it's shadowed by a variable of the same name and both are forcibly
context-allocated, the function is assigned to the wrong context slot.

R=rossberg@chromium.org
BUG=v8:3138
LOG=Y

Review URL: https://codereview.chromium.org/159903008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19379 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 12:40:47 +00:00
vegorov@chromium.org
8f170a66e7 Improve positions tracking inside the HGraphBuilder. 
Instead of tracking simple absolute offset from the start of the script like other places do, track a pair of (inlining id, offset from the start of inlined function).

This enables us to pinpoint with inlining path an instruction came from. Previously in multi-script environments we emitted positions that made very little sense because inside a single optimized function they would point to different scripts without a way to distinguish them.

Start dumping the source of every inlined function to make possible IR viewing tools with integrated source views as there was previously no way to acquire this information from IR dumps. We also dump source position at which each inlining occured.

Tracked positions are written into hydrogen.cfg as pos:<inlining-id>_<offset>.

Flag --emit-opt-code-positions is renamed by this change into --hydrogen-track-positions to better convey it's meaning.

In addition this change assigned global unique identifier to each optimization performed inside isolate. This allows to precisely match compilation artifacts (e.g. IR and disassembly) and deoptimizations.

BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/140683011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19360 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-13 16:09:28 +00:00
bmeurer@chromium.org
85856feaf7 Omit redundant smi checks in write barriers. 
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/155843006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-12 12:36:53 +00:00
svenpanne@chromium.org
ad536f2afc Improved variable-related assembler comments in fullcode. 
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/157033012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19320 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-12 12:06:11 +00:00
mvstanton@chromium.org
1d88f09092 Cleanup: ContextualMode doesn't need to be passed to ICs. 
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/154113010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19277 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-11 12:41:58 +00:00
mvstanton@chromium.org
516ed9fa90 Adding a type vector to replace type cells. 
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/137403009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19244 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-10 21:38:17 +00:00
yangguo@chromium.org
db1a685b8f Revert "Fix inconsistencies wrt whitespaces." 
This reverts r19196.

TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/147443008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19199 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-07 14:13:00 +00:00
yangguo@chromium.org
d0f57e1195 Fix inconsistencies wrt whitespaces. 
\u0085 (NEL) is now considered a whitespace in accordance to http://www.unicode.org/Public/6.3.0/ucd/PropList.txt

R=mstarzinger@chromium.org
BUG=v8:3109
LOG=Y

Review URL: https://codereview.chromium.org/146983007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19196 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-07 12:34:45 +00:00
dcarney@chromium.org
12039c97c6 swap in global proxy on accessors 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/156623002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19142 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-06 10:50:07 +00:00
bmeurer@chromium.org
8150c34c82 Optimize redundant HCompareMap instructions with known successors. 
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/150663005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19094 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-05 09:30:53 +00:00
jkummerow@chromium.org
4058d90747 Cleanup: Unify CodeGenerator class across platforms 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/134643026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19072 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-04 13:53:41 +00:00
dcarney@chromium.org
ef2ca4ac09 let load and store api callbacks use global proxy as receiver 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/151063003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19033 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-03 15:19:38 +00:00
verwaest@chromium.org
ae7a209e71 Remove CallICs 
BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/148223002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-31 16:52:17 +00:00
jochen@chromium.org
253edf246f Remove IsRegExpEquivalent. 
It's not used anywhere.

BUG=none
R=ulan@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/141563013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-31 14:17:02 +00:00
hpayer@chromium.org
dae054e7f0 Fix compiler error on MacOS, remove unused ParameterCount member in CallInterceptorCompiler. 
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/132113004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18969 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-31 07:02:33 +00:00
verwaest@chromium.org
a9ba16dee3 Fix the context check in LoadGlobalFunctionPrototype 
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/146303003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18958 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-30 17:45:09 +00:00
dcarney@chromium.org
5c589640bf crankshaft support for api method calls 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/148333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18946 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-30 13:18:41 +00:00
verwaest@chromium.org
b73101d539 Optimize HWrapReceiver 
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/135593006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18945 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-30 12:52:49 +00:00
dcarney@chromium.org
a1f55c107f stub api getters 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/150213003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18941 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-30 12:15:51 +00:00
ulan@chromium.org
979cd4b0f3 Disable tracking of double fields during snapshot creation. 
Follow-up to r18298.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/101123004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18909 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 14:18:55 +00:00
bmeurer@chromium.org
4a0959e360 Replace HThrow with HCallRuntime. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/131103021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18908 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 14:03:32 +00:00
bmeurer@chromium.org
f80e76cd58 Remove the unused HElementsKind instruction. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/136093004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18906 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 13:44:50 +00:00
bmeurer@chromium.org
87a3951c11 Remove the HValueOf instruction. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/139233004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 13:41:00 +00:00
bmeurer@chromium.org
3ba2f104c9 Turn RegExpConstructResultStub into a HydrogenCodeStub. 
This has the additional benefit that it is now possible to
inline the RegExpResult construction code into Hydrogen
builtins.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/141703018

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 13:10:35 +00:00
bmeurer@chromium.org
1e6606849a Don't create dummy uses for control dependencies. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/149513002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 12:48:32 +00:00
bmeurer@chromium.org
c12593cf2b Kill obsolete HLoadExternalArrayPointer instruction. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/141583011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18893 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 07:27:35 +00:00
bmeurer@chromium.org
1e7bbbc921 Both HGlobalObject and HGlobalReceiver can be replaced with HLoadNamedField. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/148453009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 07:26:52 +00:00
bmeurer@chromium.org
a2d1f8b8f6 Drop the native FastNewBlockContextStub. 
This code is almost never executed in real world and benchmarks,
and there's obviously absolutely no need to have this native code
hanging around for no benefit.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/148873002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18880 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-28 13:43:04 +00:00
mvstanton@chromium.org
371d6f6a98 We shouldn't throw under FLAG_debug_code, rather abort. 
Throwing under FLAG_debug_code confuses the rest of our infrastructure
which expects a safe point at the site of call into the runtime
for throw. We were doing that to make a clusterfuzz test happy, but
the better solution is to assert/abort under debug_code, and prevent
clusterfuzz from fuzzing on internal APIs that crash on incorrect
values.

We'll need to alter the fuzzer to turn off fuzzing for:

string-natives.js
lithium/SeqStringSetChar.js
regress/regress-seqstrsetchar-ex3.js
regress/regress-seqstrsetchar-ex1.js
regress/regress-crbug-320922.js

So as to prevent the fuzzer from running
%_OneByteSeqStringSetChar() and
%_TwoByteSeqStringSetChar().

BUG=
R=hpayer@chromium.org, machenbach@chromium.org

Review URL: https://codereview.chromium.org/139903005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18878 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-28 11:53:11 +00:00
bmeurer@chromium.org
f9575fb82a Remove obsolete instruction HOuterContext. 
HOuterContext can be expressed in terms of HLoadNamedField.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/131513015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-28 09:42:24 +00:00
dcarney@chromium.org
d1a10c6e37 stub fast api calls 
R=verwaest@chromium.org, vervaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/140613004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18847 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-27 09:57:54 +00:00
dslomov@chromium.org
1a67b7f86a External Array renaming and boilerplate scrapping 
Replaced symbolic names with correct JS name (byte -> int8, unsigned int -> uint32 etc).
Using macros to scrap the boilerplate
BUG=
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/145133013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-24 16:01:15 +00:00
svenpanne@chromium.org
13395a8392 Simplify HUnaryMathOperation::Canonicalize. 
Made the logic architecture-independent, although we should really have some kind of instruction selection instead of trying to handle some weird cases at the hydrogen level.

Some tiny related cleanups on the way.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/141653015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18824 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-24 14:05:11 +00:00
verwaest@chromium.org
21532ddfdc Reland ArrayPop / ArrayPush. 
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/138443012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18814 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-24 11:47:53 +00:00
jkummerow@chromium.org
ee4e034d70 Revert broken ArrayPop changes 
This reverts:
r18749 "Reland (and fix) "Add hydrogen support for ArrayPop, and remove the handwritten call stubs."",
r18790 "Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft.", and
r18798 "MIPS: Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft."

For causing crashes on Canary.

BUG=chromium:337686
LOG=N
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/146003006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18805 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-24 08:32:50 +00:00
verwaest@chromium.org
6b60546b16 Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft. 
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/137693003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18790 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-23 16:20:25 +00:00
hpayer@chromium.org
83a1df2354 Remove Heap::MaxRegularSpaceAllocationSize and use Page::MaxRegularHeapObjectSize instead. 
BUG=
R=mstarzinger@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/141653016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18776 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-23 13:02:27 +00:00
bmeurer@chromium.org
5e0f020d3a Turn FastNewContextStub into a HydrogenCodeStub. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/145513002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18764 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-23 08:36:22 +00:00
dcarney@chromium.org
02c02fe567 Reland r18714 'Unify calling to GenerateFastApiCallBody before stubbing it' 
TBR=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/144543004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-23 08:14:00 +00:00
bmeurer@chromium.org
e5f1ac1ded Get rid of the unused native code StringAddStub. 
BUG=v8:2990
LOG=n
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/144023009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18752 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-22 13:48:05 +00:00
verwaest@chromium.org
f30330325e Reland (and fix) "Add hydrogen support for ArrayPop, and remove the handwritten call stubs." 
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/144913003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18749 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-22 13:22:58 +00:00
mvstanton@chromium.org
1b3280c491 Revert "Add hydrogen support for ArrayPop, and remove the handwritten call stubs." 
This reverts commit r18709, due to deopt fuzzer issue.
TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/143983010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18731 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-22 10:41:23 +00:00
mvstanton@chromium.org
796a244bea Revert "Unify calling to GenerateFastApiCallBody before stubbing it" 
This reverts commit r18714 for breaking webkit tests with an assert.

TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/144143002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18720 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-21 17:04:17 +00:00
rossberg@chromium.org
0d906a8bdb Zonify types in compiler frontend 
Clean up some zone/isolate handling in AST and its visitors on the way.

(Based on https://codereview.chromium.org/103743004/)

R=jkummerow@chromium.org, titzer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/102563004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-21 16:22:52 +00:00
mvstanton@chromium.org
c472ee85f8 Array constructor shouldn't require a Cell, just an AllocationSite. 
The Array constructor has a needless dependency on an input argument
that is a Cell. It uses this to walk through to an AllocationSite.
The dependency hampers future work. Instead, pass the AllocationSite
as input to the Array constructor.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/140963004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-21 16:04:39 +00:00
dcarney@chromium.org
058c5c9f40 Unify calling to GenerateFastApiCallBody before stubbing it 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/142973005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18714 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-21 15:06:46 +00:00
verwaest@chromium.org
2d9a4eb355 Add hydrogen support for ArrayPop, and remove the handwritten call stubs. 
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/137783023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-21 12:42:24 +00:00
verwaest@chromium.org
342b534e7e Stay in fast enum case if the empty_slow_element_dictionary is used. 
This fixes slow for-in over frozen objects.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/135903014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-21 11:20:11 +00:00
verwaest@chromium.org
9f64f43a1c Turn ArrayPush into a stub specialized on the elements kind and argc. 
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/143213003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-20 17:09:24 +00:00
mvstanton@chromium.org
04b1baa4c4 We no longer need to recover type cells from the oracle. 
We only need the values within them. Function calls to Array from optimized code needed the cell in the past, but no longer.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/141893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-20 09:48:05 +00:00
svenpanne@chromium.org
0757d56057 De-virtualize GenerateNameCheck. 
Currently there are two kinds of "vtables" used in the load/store stub
compilers: kind() and C++'s own vtables. This is a bit confusing, and
this is a step towards simplifying things.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/141763002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18676 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-20 07:05:23 +00:00