Extra IC state is only two bits and only supported for call IC-s for
now. To change its extra state an IC stub jumps to a new miss stub
that goes to runtime as usual but then instead of going megamorphic
generates a monomorphic stub with the updated state.
Review URL: http://codereview.chromium.org/6344005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6370 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This is an improved version of my earlier change r5970. It avoids degrading the
non-optimized code.
Initially we emit a conditional branch that is either always- or never-taken
after a smi-check (depending on whether we test for smi for for non-smi)
Since test-eax always sets the carry-flag to 0 we use jump-if-carry and
jump-if-not-carry.
The first invocation of the stub patches a jc with a jz and
jnc with a jnz-instruction so that the code looks exactly as it was
without patching. The only difference is the test- or nop-instruction
after the IC-call.
Review URL: http://codereview.chromium.org/5763004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6030 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
In the case of inlined smi code in non-optimzied code we could not
distinguish between the smi-only case and the case that the operation was
never executed.
With this change the first execution of a binary operation always jumps
to the stub which in turn patches the smi-check into the correct
conditional branch, so that we benefit from inlined smi code after the
first invocation.
A nop instruction after the call to the BinaryOpIC indicates that no
smi code was inlined. A "test eax" instruction says that there was smi
code inlined and encodes the delta to the patch site and the condition
code of the branch at the patch site to restore the original jump.
Review URL: http://codereview.chromium.org/5714001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5970 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Contextual load requires only a map check followed by a cell hole
check so we can generate pretty compact code for that. The fact that
we have inlined code is marked by mov ecx, offset instruction after
the IC call. Inlining is only enabled inside loops and in non-builtin
functions.
The generated code size increase is about 3%. This descreased the
pc-to-code cache hit rate in some of the benchmarks that trigger
GC. To compensate we now have 4 times as much entries in the cache.
Review URL: http://codereview.chromium.org/3402014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5497 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
r5147 wrongly assumed that a code cache for a slow case map is always empty.
This patch solves this: whenever we attempt to add a stub to a map's code cache
we check that this map is cached. If it is we give the object its own copy
of the map and only then modify the map.
Review URL: http://codereview.chromium.org/3134027
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The IC stub is completely generic, so there will only be one such stub
in the system.
Added a new overloaded version of the macro assembler RecordWrite
method for cases where we have the address we store to computed up
front.
Review URL: http://codereview.chromium.org/2804029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4991 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Similar or duplicate checks are scattered around the code before doing the dictionary load.
Also the entire branch in GenerateCallNormal that handles global/builtin receiver is
guaranteed to bail out from GenerateDictionaryLoad, so there is no point in generating it at all.
The purpose of the patch is:
- making C++ code more compact and transparent,
- not generating dead code.
There is a tiny performance gain. The patch is ia32 only for now.
Please tell me if I am missing anything.
Review URL: http://codereview.chromium.org/2801007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4926 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
A separate object type for the code cache have been added. This object has two different code caches. The first one (default_cache) is a fixed array organized in the same way as the as the code cache was before. The second cache (global_access_cache) is for code stubs to access the global object. This cache is organized as a hash table taking the property name and code flags as the key.
The reason for separating the global access stubs into a hash table representation is that the number of these is not bounded in the same was as the other types.
This is a remake of r3952 (http://codereview.chromium.org/652119) which have the additional ability to look for the index of code stubs for access to the global object.
BUG=http://code.google.com/p/v8/issues/detail?id=613
Review URL: http://codereview.chromium.org/717001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4066 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
When a function is called with a value type as the receiver this is now boxed as an object.
This is a low-impact solution where the receiver is only boxed when required. For IC calls to the V8 builtins values are not boxed and as most of the functions on String.prototype, Number.prototype and Boolean.prototype are sitting there most IC calls on values will not need any boxing of the receiver.
For calls which are not IC calls but calls through the CallFunctionStub a flag is used to determine whether the receiver might be a value and only when that is the case will the receiver be boxed.
No changtes to Function.call and Function.apply - they already boxed values. According to the ES5 spec the receiver should not be boxed for these functions, but current browsers have not adopted that change yet.
BUG=223
TEST=test/mjsunit/value-wrapper.js
TEST=test/mjsunit/regress/regress-crbug-3184.js
Review URL: http://codereview.chromium.org/542087
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3617 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Instead of going through a runtime function for keyed loads
on strings we invoke a separate specialized stub that
assumes string as receiver type and the key to be a number.
The stub calls a JS builtin function to return the corresponding one-character string.
Review URL: http://codereview.chromium.org/521041
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
specification under development. The optimizations are patterned after
those previously done for CanvasPixelArray. This CL adds all of the
necessary framework but continues to use the generic KeyedLoadIC and
KeyedStoreIC code, to create a baseline for benchmarking purposes. The
next CL will add the optimized ICs to ic-ia32.cc and ic-x64.cc.
These new CanvasArray types have different semantics than
CanvasPixelArray; out-of-range values are clamped via C cast
semantics, which is cheaper than the clamping behavior specified by
CanvasPixelArray. Out-of-range indices raise exceptions instead of
being silently ignored.
As part of this work, pulled FloatingPointHelper::AllocateHeapNumber
up to MacroAssembler on ia32 and x64 platforms. Slightly refactored
KeyedLoadIC and KeyedStoreIC. Fixed encoding for fistp_d on x64 and
added a few more instructions that are needed for the new ICs. The
test cases in test-api.cc have been verified by hand to exercise all
of the generated code paths in the forthcoming specialized ICs.
Review URL: http://codereview.chromium.org/293023
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3096 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
called from within a loop or not. In the past we lost the
information if a call site went megamorphic before a lazily
compiled callee was called for the first time. Now we track
that correctly (this is an issue that affects richards).
We still don't manage to track the in-loop state through a
constructor call, since constructor calls use LoadICs instead
of CallICs. This issue affects delta-blue. So in this patch
we assume that lazy compilations that don't happen through a
CallIC happen from inside a loop. I have an idea to fix this
but this patch is big enough already.
With our improved tracking of in-loop state I have switched
off the inlining of in-object loads for code that is not in
a loop. This benefits compile speed. One issue is that
eagerly compiled code now doesn't get the in-object loads
inlined. We need to eagerly compile less code to fix this.
Review URL: http://codereview.chromium.org/115744
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This issue was raised by Brett Wilson while reviewing my changelist for readability. Craig Silverstein (one of C++ SG maintainers) confirmed that we should declare one namespace per line. Our way of namespaces closing seems not violating style guides (there is no clear agreement on it), so I left it intact.
Review URL: http://codereview.chromium.org/115756
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2038 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
For keyed IC loads setting a break point now ensures that the inlined code is not used. When the break point is set the inlined map check is changed to fail causing the inlined code not to be used but the IC to be called. As long at the break point is set the map check will stay invalid.
Review URL: http://codereview.chromium.org/87025
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
ENABLE_DEBUGGER_SUPPORT is enabled by default unless it is on Android platform.
On Android platform, it can also enabled by passing -DENABLE_DEBUGGER_SUPPORT flag to the compiler.
This should not affect any existing build (I hope, cross my fingers) except the build in real Android environment (in other word, it only affects me now).
There are lot of room for code refactoring in stead of using #ifdef all over the place. I will leave this to v8 folks.
Review URL: http://codereview.chromium.org/77035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
calling a stub. The map to check against is unknown when generating
the code, so we patch the map check in the IC initialization code.
Loop nesting is currently not tracked on ARM. I'll file feature
request bug reports for implementing this on ARM and add the number to
the TODOs before I commit.
Review URL: http://codereview.chromium.org/16409
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1015 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
operation. I have another version of this change that does not remove the
special inline caches for difference sized strings. The other version is ever
so slightly faster, but the nice thing about this version is that it removes
253 lines of code.
Review URL: http://codereview.chromium.org/8187
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@603 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
ExtendStorage did not work with keyed store IC.
- Reduced instructions generated when performing a tail call to
kSharedStoreIC_ExtendStorage
- Moved test/mjsunit/bugs/bug-109.js
to test/mjsunit/keyed-storage-extend.js
Review URL: http://codereview.chromium.org/6526
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@455 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
upper case. Moved it into the RelocInfo class together with the associated
is_xxx functions. Renamed is_xxx to IsXxx in the process.
Removed the exit_js_frame mode as it was no longer used.
Patch Set 2 renames RELOC_MODE_COUNT to NUMBER_OF_MODES and fixes a couple of lint errors.
Review URL: http://codereview.chromium.org/3186
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
occured. After a monomorphic prototype failure has been detected,
other monomorphic inline caches for the same type will have a code
object in the map's code cache which is not the current target. We
recognize this case and use the code object that is in the cache
instead of going megamorphic.
Review URL: http://codereview.chromium.org/2928
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@331 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Cleaned up ARM version by removing top of stack caching and by introducing push/pop elimination.
Cleaned up the way runtime functions are called to allow runtime calls with no arguments.
Changed Windows build options to make sure that exceptions are disabled and that optimization flags are enabled.
Added first version of Visual Studio project files.
git-svn-id: http://v8.googlecode.com/svn/trunk@13 ce2b1a6d-e550-0410-aec6-3dcde31c8c00