Object model changes
----------------------------------------
New fixed_cow_array_map is used for the elements array of a JSObject
to mark it as COW. The JSObject's map and other fields are not
affected. The JSObject's map still has the "fast elements" bit set. It
means we can do only the receiver map check in keyed loads and the
receiver and the elements map checks in keyed stores. So introducing
COW arrays doesn't hurt performance of these operations. But note that
the elements map check is necessary in all mutating operations because
the "has fast elements" bit now means "has fast elements for reading".
EnsureWritableFastElements can be used in runtime functions to perform
the necessary lazy copying.
Generated code changes
----------------------------------------
Generic keyed load is updated to only do the receiver map check (this
could have been done earlier). FastCloneShallowArrayStub now has two
modes: clone elements and use COW elements. AssertFastElements macro
is added to check the elements when necessary. The custom call IC
generators for Array.prototype.{push,pop} are updated to avoid going
to the slow case (and patching the IC) when calling the builtin should
work.
COW enablement
----------------------------------------
Currently we only put shallow and simple literal arrays in the COW
mode. This is done by the parser.
Review URL: http://codereview.chromium.org/3144002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5275 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Upgraded the CodeGenerator::ToBoolean() function in the ARM backend to use complete JIT code generation and not make runtime calls to ToBool (when VFP is enabled).
This change also includes the vcmp VFP instruction that supports a constant 0.0 as the second operand.
Patch by Subrato K De <subratokde@codeaurora.org>
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5267 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This adds a check to the fast case string add to ensure that the String object still have the default valueOf function. The default valueOf is sitting on a hidden prototype of String.prototype.
Before using the fast case valueOf the object is checked for a local valueOf property. For slow case objects this check always reports true (the dictionary is not probed, so valueOf might be there) and for fast case objects the descriptor array is checked for the valueOf symbol (just liniar scan). After that the prototype is checked for beeing the initial value of String.prototype. If this all pass (that is the default valueOf is still in place) this result is cached on the map making the check fast the next time.
This is only implemented in the optimizing compiler, as the two usages of %_IsStringWrapperSafeForDefaultValueOf is never hit by the full compiler.
I will port to x64 and ARM when this has been reviewed for ia32.
I will remove the performance counters prior to final commit.
BUG=http://code.google.com/p/v8/issues/detail?id=760
TEST=test/mjsunit/regress/regress-760-1.js
TEST=test/mjsunit/regress/regress-760-2.js
Review URL: http://codereview.chromium.org/3117006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5252 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
in allowing more flexible compilation and to simplify builtins lookup.
This changes a number of places where code objects are assigned to
SharedFunctionInfo objects to also assign this code object to the
JSFunction. In addition, the code flushing is changed slightly to
accomodate this (we need to flush the code from functions pointing to
SharedFunctionInfo objects that has already been flushed).
Review URL: http://codereview.chromium.org/3120006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5233 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This includes adding a new inline IsSpecObject method to the code
generator. The old approach was somehow ineffecient since we would
call both IsObject, IsUndetectable and IsFunction to determine if
something was an object according to the spec. This change introduces
a new macro that determines if something is an object according to the
spec (and this does not include null).
This change also corrects a few places where undetectable objects was
not allowed even when they should be (priorly they would use only
IS_SPEC_OBJECT_OR_NULL, which would return false on an undetectable
object, the new IS_SPEC_OBJECT returns true on an undetectable object.
Review URL: http://codereview.chromium.org/2877018
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5087 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
to the runtime will both patch in the more specialized binary op
stub and calculate the answer. This eliminates the need to call
both the rest of the binary op and the patching runtime call. The
runtime routines are altered to be more agressive in returning
Smis so we don't get spurious heap numbers as inputs to binary ops
while we are patching the binary op ICs.
Review URL: http://codereview.chromium.org/2843049
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@5026 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The change in r4990 contained a bug in Math.pow when then exponent was a large negative smi. In that case calculating 1/Math.pow(x,-y) did not provide the correct result as Math.pow(x,-y) would overflow ti infinity. This was caught by Sputnik test S8.5_A13_T1.
Review URL: http://codereview.chromium.org/2815039
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4994 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The change in r4990 contained a bug in Math.pow. One of the arguments for the call to runtime where clobbered if allocation of the heap number for the result failed.
Caught by a couple of Mozilla tests which does a lot of calls to Math.pow.
Fix presubmit error in x64.
Review URL: http://codereview.chromium.org/2847037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4993 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The IC stub is completely generic, so there will only be one such stub
in the system.
Added a new overloaded version of the macro assembler RecordWrite
method for cases where we have the address we store to computed up
front.
Review URL: http://codereview.chromium.org/2804029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4991 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
When calculating Math.pow where the exponent is a smi use a simple loop to calculate the result.
Added support for the vmov instruction moving from one doubleword extension register to another.
Added some Math.pow tests which partially covers what is in the Sputnik tests.
Review URL: http://codereview.chromium.org/2804033
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
A potential issue with this change is creating lots of maps when
objects flip between fast/slow elements modes. We could add special
transitions to avoid this. Yet testing this on our benchmarks, gmail,
and wave seems to indicate that this is not a real problem.
Review URL: http://codereview.chromium.org/2870018
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4941 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Similar or duplicate checks are scattered around the code before doing the dictionary load.
Also the entire branch in GenerateCallNormal that handles global/builtin receiver is
guaranteed to bail out from GenerateDictionaryLoad, so there is no point in generating it at all.
The purpose of the patch is:
- making C++ code more compact and transparent,
- not generating dead code.
There is a tiny performance gain. The patch is ia32 only for now.
Please tell me if I am missing anything.
Review URL: http://codereview.chromium.org/2801007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4926 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Zhang Kun. For now we only emit movw and movt in places where no
relocation is needed. Small performance boost (around 0.5%).
Also adds support for turning ALU operations (eor etc.) with
large immediates into mvn or movw followed by a register-based
ALU operation.
Review URL: http://codereview.chromium.org/2821014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4913 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
If a two-byte string only contains ascii characters, then we can save
memory when flattening a cons string containing it. Similarly we can
use this in Array.prototype.join implementation. To track this a new
bit is added to instance type. This bit is used as a hint in generated
code and in runtime functions.
To enable testing a new V8 extension is added controlled by
--expose-externalize-string flag.
Review URL: http://codereview.chromium.org/2762008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4894 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Generating code for function return on ARM is now aligned with the other platforms. The first non-shadowed return statement encountered will emit code for function return and all other returns including the fall through at the bottom of a function will jump to that.
Review URL: http://codereview.chromium.org/2815003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
With the change in r4820 all return statements are now breakable like any statement, so stepping will stop before the return statement actually returning from a function. With this change the position when breaking in the function return (after executing the return statement) will be the actual end of the function. At this point the return value is available as it saved to the stack by the debug break at return handling. Added information on the actual value returned from the function to the debugger.
Review URL: http://codereview.chromium.org/2783002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Added support for more precise break points when debugging and stepping. To achieve that additional nop instructions are inserted where breaking would otherwise be impossible. The number of nop instructions inserted are sufficient to make place for patching with a call to a debug break code stub. On Intel that is 5 nop's for 32-bit and 13 for 64-bit. Om ARM 3 nop instructions (12 bytes) are required.
In order to avoid inserting nop's in to many places a simple ast checker have been added to check whether there are breakable code in a statement or expression. If it is possible to break in an expression no additional break enabeling code is inserted.
Added break locations to the true and false part of a conditional expression.
Added stepping tests to cover more constructs.
These changes are only in the full compiler.
Changed the default value for the option --debugger in teh d8 shell from true to false. The reason for this is that with --debugger turned on the full compiler will be used for all code in when running d8, which can be unexpeceted.
Review URL: http://codereview.chromium.org/2693002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4820 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
in a spilled scope or not. Also get rid of some spilled scopes
that we don't need any more. The generators for the %_ functions,
CodeGenerator::Generate*, are now not spilled by default. Some
of them (IsObject and related) have been converted to register
allocated operation.
Review URL: http://codereview.chromium.org/2368001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4749 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
