Commit Graph

12498 Commits

Author SHA1 Message Date
danno@chromium.org
c65f4f7f7b Don't use StoreIC_ArrayLength on frozen arrays
The code previously assumed that an array with fast properties must have
a writable length property. But Object.freeze() now exposes a way to make
length read-only without moving the object into slow mode. This patch
simply adds a !is_frozen check to the IC code. Any future optimizations
to attribute-setting on JSArrays will need to make similar accomodations.

R=danno
BUG=v8:2711,259548

Review URL: https://chromiumcodereview.appspot.com/19115002
Patch from Adam Klein <adamk@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15651 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-14 22:03:46 +00:00
adamk@chromium.org
625a0e9759 Add map transition for observed objects
This patch enables objects to undergo a single transition when they become observed, avoiding the need to create a new map for every observed objects.

Observed objects which become unobserved does not cause another map transition and unobserved does not clear the observed bit on the map. The unobserved object.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/18221006

Patch from Rafael Weinstein <rafaelw@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-13 00:20:40 +00:00
hpayer@chromium.org
f5ab1b2a4a Collect side effects on paths to dominated block including the dominator.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/18254008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 15:06:50 +00:00
danno@chromium.org
4095600a00 Fix windows build breakage due to 15645
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/18915009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15648 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 13:45:41 +00:00
olivf@chromium.org
da7f6a68aa Fix number tag for no-sse2.
FCmp() pops 2 arguments from the stack...

BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/18254007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 13:05:39 +00:00
danno@chromium.org
5086db3d30 Fix LGapResolver::EmitMove for X64 when the dst is a double register and src is a constant
R=danno@chromium.org

Review URL: https://codereview.chromium.org/18301015

Patch from Haitao Feng <haitao.feng@intel.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 12:34:11 +00:00
danno@chromium.org
48b65f8cd5 Implement truncated d-to-i as a stub on x86
- Added a general DoubleToIStub so that it's possible to extend to other platforms and non-truncating case.
- This version handles all cases of truncation (previous code deopted in some cases) and all source/destination register combinations without clobbering any temps.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/18612005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15645 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 12:28:32 +00:00
bmeurer@chromium.org
4780c99790 Add a common templatized implementation of OS::DumpBacktrace() and OS::StackWalk() to platform-posix.h and use it for Linux, Mac OS X and FreeBSD.
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/18431004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15644 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 12:02:26 +00:00
yangguo@chromium.org
bd04a838a7 Check for scheduled exceptions after a failed-access-check callback.
R=verwaest@chromium.org
BUG=v8:2524

Review URL: https://codereview.chromium.org/18298012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 11:42:07 +00:00
yangguo@chromium.org
c28cefce91 Test case for missing access checks in object observe.
BUG=v8:2778
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/18794003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15642 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 10:11:18 +00:00
yangguo@chromium.org
e002207321 Fall back to generic on access checks in JSON.stringify.
BUG=259366
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/18225006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15641 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 10:04:35 +00:00
titzer@chromium.org
2b9836af8c Remove special-casing of EAGER and SOFT deoptimization calling conventions, allowing calling address to always be available to deoptimization entries.
BUG=

Review URL: https://codereview.chromium.org/18356008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15640 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-12 07:26:00 +00:00
olivf@chromium.org
bdf4fc96b0 Encapsulate compare nil ic_state.
BUG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/18602003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 17:20:57 +00:00
titzer@chromium.org
28aca51e8f Refactor JavaScriptFrame::function() to return a JSFunction* and remove associated casts.
BUG=

Review URL: https://codereview.chromium.org/18404009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15638 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 16:45:58 +00:00
danno@chromium.org
d1d5f59d87 Fix build breakage after 15630
Use EXTRA_CALL_FRAME rather than NO_EXTRA_FRAME in
ElementsTransitionAndStoreIC_Miss.

TBR=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/18812005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15637 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 16:25:58 +00:00
hpayer@chromium.org
90056df999 Use filler maps for folded allocations when verify heap is turned on.
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/18863011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15636 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 15:29:02 +00:00
bmeurer@chromium.org
6c13f097d6 Turn ElementsTransitionAndStore stub into a HydrogenCodeStub.
R=danno@chromium.org, mvstanton@chromium.org

Review URL: https://codereview.chromium.org/18881004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 14:29:00 +00:00
mvstanton@chromium.org
9b856d724d Bogus assert needs to be removed on non-ia32 platforms
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/18384007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15634 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 14:26:01 +00:00
verwaest@chromium.org
a7d38e483b Support grow-stub by >1 if the target is holey.
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/18484006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15633 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 14:21:14 +00:00
titzer@chromium.org
9e7819fac4 Added %NeverOptimize runtime call that can disable optimizations for a method for tests.
BUG=

Review URL: https://codereview.chromium.org/18214005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15632 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 14:17:56 +00:00
hpayer@chromium.org
90a8ac78bd Remove filler map when folding allocations and turn on allocation folding.
BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/18384004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15631 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 13:53:54 +00:00
bmeurer@chromium.org
c0603d2974 Enable compiled transitions by default.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/19005005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15630 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 13:53:06 +00:00
mvstanton@chromium.org
10615aef7b AllocationSites: when updating allocation site transition information,
be careful to merge feedback appropriately. For example, one array may
have gone holey, and then another allocated at the same place instead
went DOUBLE but remained packed. In this case the ElementsKind
ultimately stored in the AllocationSite should be HOLEY_DOUBLE.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/18531007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15629 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 13:08:36 +00:00
olivf@chromium.org
a5a144c7c0 Implement X87 stack tracking and x87 multiplication
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/18041003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15628 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 13:07:04 +00:00
bmeurer@chromium.org
b2f909cf3e Turn array index dehoisting into a proper HPhase.
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/18562009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15627 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 12:03:43 +00:00
verwaest@chromium.org
a5397dce98 Keep IC monomorphic on transition, even if previously not STANDARD_STORE.
BUG=
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/18034023

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:54:43 +00:00
rossberg@chromium.org
b17713e405 Introduce type Bounds record
Refactoring in anticipation of handling variable bounds.

R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/18415005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15625 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:47:05 +00:00
hpayer@chromium.org
99d541a486 Allocation folding integrated into the GVN phase.
BUG=
R=mstarzinger@chromium.org, titzer@chromium.org

Review URL: https://codereview.chromium.org/18596005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15624 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:41:33 +00:00
bmeurer@chromium.org
e3676e9135 Cleanup common POSIX functionality.
The Mutex implementation is the same for all 6 POSIX platformats, just
like of them use the sched_yield() to implement Thread::YieldCPU().

R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/18335008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15623 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:37:08 +00:00
jochen@chromium.org
6170afb734 Roll ICU to 210659
See http://crrev.com/210659 for the actual change.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/18507003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15622 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:34:46 +00:00
hpayer@chromium.org
fba07ddd23 Perform new space evacuation based on marking bits.
BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/18531004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15621 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:24:38 +00:00
rossberg@chromium.org
3d9586c431 This adds the following array iterator methods:
Array.prototype.values
Array.prototype.keys
Array.prototype.entries

These all return an Array Iterator object which has a next
method.

http://people.mozilla.org/~jorendorff/es6-draft.html#sec-15.4.5

BUG=v8:2722
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/16848004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15620 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:20:54 +00:00
jochen@chromium.org
2809793a4f Only depend on icudata on windows.
On windows, this triggers the dll to be copied to the correct
locations. On other platforms, icudata is compiled in, and depending on
it results in an invalid linker archive ordering.

BUG=v8:2745
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/18734003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15619 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 11:01:00 +00:00
jochen@chromium.org
97409c2363 Move InitializeICU() to the V8 API and use it.
I can't get rid of the enable_i18n flag yet, as we need to be able to
turn off all extensions for creating the snapshot.

BUG=v8:2745
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/18860007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15618 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 09:58:54 +00:00
mvstanton@chromium.org
b61dfd4a82 A bug in AllocationSite::GetMode(from, to) meant that we didn't update
boilerplates for SMI to SMI_HOLEY transitions.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/18917003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15617 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 09:39:22 +00:00
hpayer@chromium.org
c518bee54e Implemented lazy sweeping of new space.
BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/18998004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15616 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 09:17:03 +00:00
bmeurer@chromium.org
c294a40e0a Turn canonicalization into a proper HPhase.
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/18758003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15613 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 08:21:50 +00:00
verwaest@chromium.org
e6721cdcb4 Fix StoreIsUninitialized, and add Soft Deopt if keyed store is uninitialized.
R=jkummerow@chromium.org

Review URL: https://chromiumcodereview.appspot.com/18526005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15612 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 07:52:57 +00:00
yangguo@chromium.org
56e2658eda Set mime-type of test log file to text/plain.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15611 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-11 07:39:38 +00:00
adamk@chromium.org
25ca62b6ad HasRealIndexedProperty doesn't work on JSGlobalProxy
HasRealIndexedProperty didn't unwrap the JSGlobalProxy and therefore always
returned false.

BUG=257748
R=adamk@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/18402007

Patch from Adam Barth <abarth@chromium.org>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15610 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 19:03:58 +00:00
bmeurer@chromium.org
695b18c050 Turn merge removable simulates into a proper HPhase.
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/18258004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15609 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 16:34:28 +00:00
machenbach@chromium.org
1d1b846778 Suppress array bounds check for nacl build.
The NaCl and the ARM builder started failing to compile at revision 15593 with spurious array bounds warnings.

The ARM builder will be fixed by updating the cross-compiler version. Since the nacl compiler comes with the nacl toolchain, the warning will be suppressed for that builder.

See also: http://gcc.gnu.org/bugzilla/buglist.cgi?quicksearch=array%20subscript%20is%20above%20array%20bounds

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/19009003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15608 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 16:21:17 +00:00
dslomov@chromium.org
5eb63e483d Change DataView accessors behavior for insufficient args.
ES6 spec for DataView is not fully finished, but Blink, WebKit and
Firefox agree in that for DataView use of getters/setters with no
arguments should result in exceptions, while undefined offset argument
is the same as zero.

R=bmeurer@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/18313007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15607 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 16:18:59 +00:00
verwaest@chromium.org
6efe8ca229 Flag rewriting an IC while writing to a global constant property as a failure caused by the constant property turning mutable.
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/19006002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15606 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 16:06:30 +00:00
olivf@chromium.org
e84649d85e Fix unary op type feedback.
BUG=
R=danno@chromium.org

Review URL: https://codereview.chromium.org/18526003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15605 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 16:03:00 +00:00
verwaest@chromium.org
d1155a1f09 Revert "Allow NORMAL ICs to go polymorphic."
BUG=
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/18881006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15604 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 16:00:48 +00:00
olivf@chromium.org
01b4c2831e Use static_cast instead of reinterpret_cast
BUG=
R=rossberg@chromium.org

Review URL: https://codereview.chromium.org/18899003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15603 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 16:00:08 +00:00
rodolph.perfetta@gmail.com
762157d697 ARM: Implement memcpy using NEON.
Add support for a few NEON and ARM SIMD instructions and use them for various
memcpy operations.

BUG=none
TEST=none

Review URL: https://chromiumcodereview.appspot.com/17858002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15602 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 15:32:39 +00:00
palfia@homejinni.com
c04a72e76b MIPS: Replace custom builtin invocation instructions by a generic version.
Port r15582 (585c121)

BUG=

Review URL: https://codereview.chromium.org/18881005
Patch from Balazs Kilvady <kilvadyb@homejinni.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15601 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 15:26:38 +00:00
verwaest@chromium.org
51aa0c13da Allow NORMAL ICs to go polymorphic.
R=danno@chromium.org

Review URL: https://chromiumcodereview.appspot.com/19005002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15600 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-07-10 15:24:15 +00:00