AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
yangguo@chromium.org	00170e434b	Use HBoundsCheck to check string length. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/206183003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20120 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-20 12:34:44 +00:00
yangguo@chromium.org	238f12e618	Make max size and max length of strings consistent. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/196133030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20099 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-20 08:33:06 +00:00
mvstanton@chromium.org	535f3427ca	Pretenure call new support. When FLAG_pretenure_call_new is on, we emit mementos on new object creation in full code, and consume the feedback in crankshaft. A key difference in the generated code for stubs is the allocation of an additional type vector slot for the CallNew AST node, which simplifies the CallConstructStub and CallFunctionStub considerably. Some performance tuning still needs to be addressed, therefore the flag is off at this moment, though fully functional. The goal is to remove the flag as soon as possible, which allows much code deletion (yay). R=hpayer@chromium.org Review URL: https://codereview.chromium.org/132963012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20076 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-19 13:39:09 +00:00
rossberg@chromium.org	9b28aed3f6	Introduce representation types Also: - improve type pretty-printing, - update doc comments, - some renamings for consistency. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/176843006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-18 11:50:18 +00:00
mvstanton@chromium.org	3daaba09b6	Pretenure code generation corner case with new space COW arrays. When advised to pretenure in crankshaft, and the boilerplate is a cow array, move the elements to old space if it's not already there to avoid overflowing the store buffer. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/197473004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-17 13:42:37 +00:00
mvstanton@chromium.org	e3f3f6d98b	Revert "Continued fix for 351257. Reusing the feedback vector is too complex." This reverts commit r19919. TBR=bmeuer@chromium.org Review URL: https://codereview.chromium.org/196343021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-17 08:31:21 +00:00
mvstanton@chromium.org	dd28969c1c	Continued fix for 351257. Reusing the feedback vector is too complex. Attempting to re-use the type feedback vector stored in the SharedFunctionInfo turns out to be difficult among the various cases. It will be much easier to do this when deferred type feedback processing is removed, as is in the works. Created bug v8:3212 to track re-introducing the optimization of reusing the type vector on recompile before optimization. The CL also brings back the type vector on the SharedFunctionInfo. BUG=351257 LOG=Y R=bmeurer@chromium.org, bmeuer@chromium.org Review URL: https://codereview.chromium.org/199973004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-14 09:28:37 +00:00
hpayer@chromium.org	7b810f4593	Revert "Moved type feedback vector to SharedFunctionInfo." This reverts commit 828f1d563a3f0972135886888fd26526e04da07f. Conflicts: src/compiler.cc test/cctest/test-compiler.cc BUG= R=titzer@chromium.org Review URL: https://codereview.chromium.org/196283015 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 17:47:12 +00:00
ulan@chromium.org	c64b78f6da	Check that constant is an integer before getting its value in HGraphBuilder::MatchRotateRight. BUG=351263 LOG=N TEST=mjsunit/regress/regress-351263 R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/197803005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19890 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 11:50:50 +00:00
svenpanne@chromium.org	390d3a0b15	Make translation of modulus operation '--stress-opt'-proof. Note that we unconditionally deopt later, anyway, but our compilation pipeline has to survive long enough to reach that place. :-/ LOG=y BUG=352059 R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/198833002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 09:37:16 +00:00
rossberg@chromium.org	8e3f3cee9e	Eliminate extended mode, and other modes clean-up - Merge LanguageMode and StrictModeFlag enums - Make harmony-scoping depend only on strict mode - Free some bits on the way - Plus additional clean-up and renaming R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/181543002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-11 14:41:22 +00:00
rossberg@chromium.org	3f702d4bf9	Mode clean-up pt 1: rename classic/non-strict mode to sloppy mode R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/177683002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-11 14:39:08 +00:00
yangguo@chromium.org	78d23e5662	Implement KnownSuccessor method to some control instructions. R=jkummerow@chromium.org BUG=v8:3118 LOG=N Review URL: https://codereview.chromium.org/174863002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19759 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-10 14:50:01 +00:00
bmeurer@chromium.org	48fea83dad	Merge the "Compute Minus Zero Checks" phase into the range analysis. It is not safe to access the range for an SSA value after range analysis. BUG=v8:3204 LOG=y R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/192673002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-10 11:49:29 +00:00
yangguo@chromium.org	4f15fd2977	Reland "Introduce intrinsics for double values in Javascript." This relands r19704 with a fix to the test case. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/189823003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 14:58:41 +00:00
mvstanton@chromium.org	1812f63fd2	Moved type feedback vector to SharedFunctionInfo. Type Vector followup: the type vector currently lives off the code object. This CL moves it to the SharedFunctionInfo, facilitating re-use and continued use in crankshafted code if desired. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/178463007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 10:12:17 +00:00
yangguo@chromium.org	143902bebf	Revert "Introduce intrinsics for double values in Javascript." This reverts r19704. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/189533008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 09:49:28 +00:00
verwaest@chromium.org	8a3d715250	Revert "Use Representation::Integer32() for smi types on 32-bit-tagged systems." Due to performance regression. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/189843006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 09:29:07 +00:00
yangguo@chromium.org	2aefde4443	Introduce intrinsics for double values in Javascript. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/178583006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 09:05:10 +00:00
yangguo@chromium.org	8472e0f02b	Remove duplicates in runtime macros. Each item in INLINE_RUNTIME_FUNCTION_LIST had to have a duplicate entry in RUNTIME_FUNCTION_LIST in order to match the comment. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/177313005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19703 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 08:49:02 +00:00
verwaest@chromium.org	7bf33c53eb	Use Representation::Integer32() for smi types on 32-bit-tagged systems. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/187353005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-06 09:49:10 +00:00
jarin@chromium.org	7ac668f753	Deoptimization fix for HPushArgument. HPushArgument should never be used in a simulation environment because the slot addresses for the arguments can be off (e.g., due to on-stack arguments object of an inlined caller). R=mstarzinger@chromium.org BUG=v8:3183 LOG=N Review URL: https://codereview.chromium.org/178193026 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-05 12:45:46 +00:00
mvstanton@chromium.org	df988c7f6b	The Array function must be looked up in the native context. Platforms x64, a64, arm and mips had the bug that the array function was looked up in the global context instead of the native context. Fix this, restoring a weakened assert in hydrogen along the way (by the fix for crbug 347528, which helped find this case). R=dcarney@chromium.org Review URL: https://codereview.chromium.org/184383003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 10:39:36 +00:00
dcarney@chromium.org	98d1cedac4	Get array_function from NativeContext R=mvstanton@chromium.org LOG=N BUG=347528 Review URL: https://codereview.chromium.org/184173003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 10:01:27 +00:00
bmeurer@chromium.org	5945f9ebb9	Fix handling of constant global variable assignments. BUG=347904 LOG=y R=hpayer@chromium.org Review URL: https://codereview.chromium.org/184303003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 09:40:12 +00:00
verwaest@chromium.org	d5caecccc5	Revert "Use stability to only conditionally flush information from the CheckMaps table." R=ishell@chromium.org Review URL: https://codereview.chromium.org/180023002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19548 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-25 16:11:58 +00:00
ishell@chromium.org	6c1659becf	Fix for a smi stores optimization on x64 with a regression test. BUG=345715 LOG=N R=verwaest@chromium.org Review URL: https://codereview.chromium.org/178833002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19535 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-25 09:55:02 +00:00
yangguo@chromium.org	139134acc2	Harmony: optimize Math.clz32. R=svenpanne@chromium.org BUG=v8:2938 LOG=N Review URL: https://codereview.chromium.org/172133003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19487 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-19 13:51:49 +00:00
verwaest@chromium.org	60c08a8bf2	Directly store the transition target on LookupResult in TransitionResult. BUG=chromium:343964 LOG=N R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/170343003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19440 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-18 12:19:32 +00:00
bmeurer@chromium.org	eaab533fd8	Cleanup the double field tracking in Hydrogen. Use a dedicated BuildLoadNamedField() with PropertyAccessInfo, similar to BuildStoreNamedField() for optimized graph building, and a dedicated BuildLoadNamedField() for the code stubs, and don't depend on FLAG_track_double_fields during code generation. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/168583006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19411 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 13:23:04 +00:00
jarin@chromium.org	4c7ed144e1	Comparison in effect context lazy deopt fix. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/163623002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-16 05:51:10 +00:00
ulan@chromium.org	6744ff61ae	Fix dictionary element load to pass correct elements kind. Using FAST_SMI_ELEMENTS triggers optimization on 64-bit architectures that load only the higher 32 bits of the element. If the element is a pointer to undefined that has 0 in the higher half than it is erroneously treated as SMI 0. BUG=v8:3158 LOG=N TEST=mjsunit/sparse-array-reverse,mjsunit/regress/regress-3158.js R=danno@chromium.org, ishell@chromium.org Review URL: https://codereview.chromium.org/166653005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19387 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-14 15:52:24 +00:00
dcarney@chromium.org	0c844cc590	api accessor store ics should return passed value R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/166653003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19380 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-14 14:13:06 +00:00
jarin@chromium.org	8acefb33fe	Test and fix for polymorphic named call deoptimization. The fix removes wrong simulates from the number branch of polymorphic call/field access handling. The change also fixes the same thing for polymorphic named field access even thourgh the field access is probably safe in practice (because it cannot deoptimize). It is better to keep all our simulates in sync with full codegen. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/166503002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-14 12:02:39 +00:00
verwaest@chromium.org	e0960e19aa	Fix polymorphic inlining of accessors in a test-context. R=ishell@chromium.org Review URL: https://codereview.chromium.org/164003002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-13 16:55:38 +00:00
vegorov@chromium.org	8f170a66e7	Improve positions tracking inside the HGraphBuilder. Instead of tracking simple absolute offset from the start of the script like other places do, track a pair of (inlining id, offset from the start of inlined function). This enables us to pinpoint with inlining path an instruction came from. Previously in multi-script environments we emitted positions that made very little sense because inside a single optimized function they would point to different scripts without a way to distinguish them. Start dumping the source of every inlined function to make possible IR viewing tools with integrated source views as there was previously no way to acquire this information from IR dumps. We also dump source position at which each inlining occured. Tracked positions are written into hydrogen.cfg as pos:<inlining-id>_<offset>. Flag --emit-opt-code-positions is renamed by this change into --hydrogen-track-positions to better convey it's meaning. In addition this change assigned global unique identifier to each optimization performed inside isolate. This allows to precisely match compilation artifacts (e.g. IR and disassembly) and deoptimizations. BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/140683011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19360 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-13 16:09:28 +00:00
verwaest@chromium.org	386bc4c2fa	Return on the polymorphic hard deopt case to ensure we don't polute phis with fake type information. R=ishell@chromium.org Review URL: https://codereview.chromium.org/163403003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19359 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-13 15:54:19 +00:00
verwaest@chromium.org	161b2f689a	Reland: "Use stability to only conditionally flush information from the CheckMaps table." BUG= R=ishell@chromium.org Original CL: https://codereview.chromium.org/153823003 Review URL: https://codereview.chromium.org/153653007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-12 18:48:12 +00:00
verwaest@chromium.org	75432b7696	Revert "Use stability to only conditionally flush information from the CheckMaps table." R=ishell@chromium.org BUG= Review URL: https://codereview.chromium.org/137863005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19331 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-12 15:38:42 +00:00
verwaest@chromium.org	2b7d33572a	Use stability to only conditionally flush information from the CheckMaps table. BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/153823003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19330 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-12 15:07:41 +00:00
jarin@chromium.org	af29e31a11	Fix for (One\|Two)ByteSeqStringSetChar evaluation order/deopt. This makes the evaluation order consistent between full codegen and Hydrogen (so that deopt does not screw up stack). R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/159983008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19326 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-12 13:31:24 +00:00
ulan@chromium.org	e95bc7eec8	Merge experimental/a64 to bleeding_edge. BUG=v8:3113 LOG=Y R=jochen@chromium.org, rmcilroy@chromium.org, rodolph.perfetta@arm.com Review URL: https://codereview.chromium.org/148293020 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-12 09:19:30 +00:00
ishell@chromium.org	b446674c85	More check elimination improvements including partial learning on false branches of CompareMap and better handling of unreachable blocks. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/159963002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19300 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 19:18:06 +00:00
jarin@chromium.org	21bf99e53e	Fix environment of the optimized version of the _SetValueOf intrinsic. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/158723006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19289 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 16:11:53 +00:00
ishell@chromium.org	994f0f6dda	Fix for a smi stores optimization on x64 with a test case. BUG=338425 LOG=N R=verwaest@chromium.org Review URL: https://codereview.chromium.org/152923006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19288 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 16:02:18 +00:00
bmeurer@chromium.org	9a0a86fd4c	Get rid of the function sorting in for polymorphic calls. The idea of this code was to sort functions according to ticks spend executing them, but now these ticks are always zero and therefore we fall back to sorting by AST length (or even worse by source length) all the time, which is a bad, arbitrary measure. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/159653003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19267 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 10:48:37 +00:00
bmeurer@chromium.org	a5ef6e5eec	Improve inobject field tracking during GVN. Now stores to inobject fields do no longer prevent hoisting and combining of loads from other inobject fields. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/144423010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19249 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 06:53:14 +00:00
bmeurer@chromium.org	40f3b1ba87	Revert "Improve inobject field tracking during GVN." This reverts commit r19427 for breaking the build. Will reland with fix. TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/143203005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19248 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 06:46:14 +00:00
bmeurer@chromium.org	cd1b7df638	Improve inobject field tracking during GVN. Now stores to inobject fields do no longer prevent hoisting and combining of loads from other inobject fields. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/144423010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19247 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 06:41:06 +00:00
verwaest@chromium.org	c1a08679dc	Merge BuildLoadKeyedGeneric and BuildStoreKeyedGeneric, switch on AccessType R=ishell@chromium.org Review URL: https://codereview.chromium.org/146623007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-10 14:58:25 +00:00
verwaest@chromium.org	d2d3fc0e4d	Use PropertyAccessType for keyed accesses rather than "bool is_store" BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/137883008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19221 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-10 11:43:34 +00:00
verwaest@chromium.org	f19aeae06b	Unify BuildLoad/StoreNamedGeneric R=dcarney@chromium.org Review URL: https://codereview.chromium.org/155513008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-10 10:23:59 +00:00
verwaest@chromium.org	43c0a419ed	Remove special ArrayLength handling already covered by JSObjectFieldAccessors R=dslomov@chromium.org Review URL: https://codereview.chromium.org/153743005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19152 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-06 13:01:38 +00:00
jarin@chromium.org	476881ce5b	Test and fix for _CallFunction intrinsic deoptimization. I have also cleaned up HOptimizedGraphBuilder::GenerateCallFunction to use IfBuilder. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/131343013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19151 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-06 12:42:26 +00:00
jarin@chromium.org	eb502fe599	Binary operation deoptimization fix. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/132453009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19132 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-06 09:36:55 +00:00
dcarney@chromium.org	6df537d631	inline api setters in crankshaft R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/155913002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19129 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-06 07:31:08 +00:00
dcarney@chromium.org	5028ebaa8b	inline api getters in crankshaft R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/146023004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19110 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-05 15:52:31 +00:00
verwaest@chromium.org	5949fe1679	Merge named part of BuildLoad and BuildStore BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/149803007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19109 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-05 15:44:20 +00:00
verwaest@chromium.org	d985948c7a	Merge BuildLoad/StoreMonomorphic R=dcarney@chromium.org Review URL: https://codereview.chromium.org/137263021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19108 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-05 15:43:33 +00:00
verwaest@chromium.org	cb044fa2d8	Merge polymorphic load/store handling R=dcarney@chromium.org Review URL: https://codereview.chromium.org/150573010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19106 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-05 15:28:57 +00:00
verwaest@chromium.org	fb306f9811	Explicitly disallow stores to JSObjectAccessors (for now). TBR=dcarney@chromium.org Review URL: https://codereview.chromium.org/154873002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19086 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-04 22:46:53 +00:00
verwaest@chromium.org	2c3e6b41ff	Use PropertyAccessInfo to compute stores in crankshaft. BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/153933002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19085 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-04 22:23:26 +00:00
verwaest@chromium.org	8ac80c5308	Use Type* in crankshaft rather than HeapType. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/152863002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19069 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-04 12:44:15 +00:00
ishell@chromium.org	0f89c8b91d	Fix in array instance type initialization. R=dslomov@chromium.org Review URL: https://codereview.chromium.org/134713004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19058 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-04 10:59:40 +00:00
ishell@chromium.org	05270212c3	Remake of the load elimination fix made earlier (r18884). R=titzer@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/149063010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19057 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-04 10:48:49 +00:00
hpayer@chromium.org	8d1504b238	Just initialize elements pointer in fast literal when pre-tenuring. BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/148253004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19056 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-04 10:41:16 +00:00
yangguo@chromium.org	9e70f6a4e7	Fix short-circuiting logical and/or in HOptimizedGraphBuilder. R=jkummerow@chromium.org BUG=336148 LOG=Y Review URL: https://codereview.chromium.org/143263022 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19031 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-03 14:29:34 +00:00
ishell@chromium.org	b98637ce5e	Elements field of newly allocated JSArray could be left uninitialized in some cases (fast literal case). BUG=340124 LOG=Y R=hpayer@chromium.org Review URL: https://codereview.chromium.org/152673004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19026 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-03 13:33:26 +00:00
verwaest@chromium.org	ae7a209e71	Remove CallICs BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/148223002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-31 16:52:17 +00:00
jochen@chromium.org	253edf246f	Remove IsRegExpEquivalent. It's not used anywhere. BUG=none R=ulan@chromium.org LOG=n Review URL: https://codereview.chromium.org/141563013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-31 14:17:02 +00:00
ishell@chromium.org	2aa17c6e62	Load elimination fix: load should not be replaced with another load if the former is not dominated by the latter. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/151333003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-31 12:03:32 +00:00
verwaest@chromium.org	bef13f739c	Fix regression caused by supporting inlining accesses to non-JSObjects TBR=dcarney@chromium.org BUG= Review URL: https://codereview.chromium.org/150983002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18966 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-31 00:29:04 +00:00
verwaest@chromium.org	1280edd4e5	Fix polymorphic load handling. BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/150453003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18954 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-30 16:44:32 +00:00
dcarney@chromium.org	5c589640bf	crankshaft support for api method calls R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/148333003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18946 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-30 13:18:41 +00:00
verwaest@chromium.org	b73101d539	Optimize HWrapReceiver R=dcarney@chromium.org Review URL: https://codereview.chromium.org/135593006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18945 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-30 12:52:49 +00:00
verwaest@chromium.org	73529a7d14	Support loads from primitive values. This also changes load computation to use HeapTypes rather than Maps. TODO: move conversion between maps and heaptypes earlier in the process, already in the oracle. BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/147763006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18938 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-30 11:30:38 +00:00
bmeurer@chromium.org	4a0959e360	Replace HThrow with HCallRuntime. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/131103021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18908 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 14:03:32 +00:00
bmeurer@chromium.org	87a3951c11	Remove the HValueOf instruction. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/139233004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 13:41:00 +00:00
bmeurer@chromium.org	3ba2f104c9	Turn RegExpConstructResultStub into a HydrogenCodeStub. This has the additional benefit that it is now possible to inline the RegExpResult construction code into Hydrogen builtins. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/141703018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 13:10:35 +00:00
verwaest@chromium.org	0537955a89	Extend ArrayPop hydrogen support to COW arrays and popping from empty arrays. R=mvstanton@chromium.org BUG= Review URL: https://codereview.chromium.org/148093009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18901 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 12:53:40 +00:00
bmeurer@chromium.org	5bf5849f9f	Use IfBuilder instead of handcrafted basic blocks in GenerateSetValueOf(). R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/130563009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18898 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 09:59:16 +00:00
bmeurer@chromium.org	d6458eb9a5	Add dependency operand to HLoadNamedField. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/148523011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18897 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 09:48:35 +00:00
bmeurer@chromium.org	c12593cf2b	Kill obsolete HLoadExternalArrayPointer instruction. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/141583011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18893 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 07:27:35 +00:00
bmeurer@chromium.org	1e7bbbc921	Both HGlobalObject and HGlobalReceiver can be replaced with HLoadNamedField. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/148453009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-29 07:26:52 +00:00
ishell@chromium.org	9070615980	Fix for potential issue related to replacing CheckMaps with values. R=titzer@chromium.org Review URL: https://codereview.chromium.org/134733007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18887 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-28 17:49:13 +00:00
ishell@chromium.org	d330d4801d	Load elimination fix with a test case. R=titzer@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/143413019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-28 16:45:04 +00:00
hpayer@chromium.org	9e462504fb	Turn off global pretenuring when allocation site pretenuring is in use. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/133803002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18868 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-28 09:47:03 +00:00
bmeurer@chromium.org	f9575fb82a	Remove obsolete instruction HOuterContext. HOuterContext can be expressed in terms of HLoadNamedField. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/131513015 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-28 09:42:24 +00:00
dslomov@chromium.org	1a67b7f86a	External Array renaming and boilerplate scrapping Replaced symbolic names with correct JS name (byte -> int8, unsigned int -> uint32 etc). Using macros to scrap the boilerplate BUG= R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/145133013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-24 16:01:15 +00:00
vegorov@chromium.org	c86da7e5dc	Fix HGraphBuilder::AddSimulate to pass removable down correctly It was passed as a position argument previously making all simulates added with it conservatively FIXED_SIMULATE. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/146013002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18822 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-24 12:22:13 +00:00
verwaest@chromium.org	21532ddfdc	Reland ArrayPop / ArrayPush. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/138443012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18814 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-24 11:47:53 +00:00
jkummerow@chromium.org	ee4e034d70	Revert broken ArrayPop changes This reverts: r18749 "Reland (and fix) "Add hydrogen support for ArrayPop, and remove the handwritten call stubs."", r18790 "Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft.", and r18798 "MIPS: Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft." For causing crashes on Canary. BUG=chromium:337686 LOG=N R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/146003006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18805 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-24 08:32:50 +00:00
verwaest@chromium.org	6b60546b16	Remove ArrayPush from the custom call generators, and instead call directly to the handler in crankshaft. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/137693003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18790 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-23 16:20:25 +00:00
hpayer@chromium.org	83a1df2354	Remove Heap::MaxRegularSpaceAllocationSize and use Page::MaxRegularHeapObjectSize instead. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/141653016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18776 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-23 13:02:27 +00:00
verwaest@chromium.org	f30330325e	Reland (and fix) "Add hydrogen support for ArrayPop, and remove the handwritten call stubs." BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/144913003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18749 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-22 13:22:58 +00:00
bmeurer@chromium.org	c06d248248	Refactor fast path for empty constant strings in BinaryOp. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/143003005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18742 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-22 12:30:00 +00:00
mvstanton@chromium.org	1b3280c491	Revert "Add hydrogen support for ArrayPop, and remove the handwritten call stubs." This reverts commit r18709, due to deopt fuzzer issue. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/143983010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18731 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-22 10:41:23 +00:00
rossberg@chromium.org	0d906a8bdb	Zonify types in compiler frontend Clean up some zone/isolate handling in AST and its visitors on the way. (Based on https://codereview.chromium.org/103743004/) R=jkummerow@chromium.org, titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/102563004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-21 16:22:52 +00:00
verwaest@chromium.org	2d9a4eb355	Add hydrogen support for ArrayPop, and remove the handwritten call stubs. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/137783023 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-21 12:42:24 +00:00
bmeurer@chromium.org	4bae658948	Fix invalid type assumption in GenerateNumberToString(). We don't have any type feedback in %_NumberToString(), so it's a bug to assume Type::Number here. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/143893002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-21 10:35:20 +00:00
mvstanton@chromium.org	04b1baa4c4	We no longer need to recover type cells from the oracle. We only need the values within them. Function calls to Array from optimized code needed the cell in the past, but no longer. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/141893002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-20 09:48:05 +00:00
mvstanton@chromium.org	b2bea46245	Minor bugfix in building inlined Array: bad argument to JSArrayBuilder. An HConstant pointing to a Cell rather than an AllocationSite was passed. The argument wasn't used because of fortuitous flags. An assert was added to protect the argument. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/141533003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-17 12:18:57 +00:00
mvstanton@chromium.org	155ef100e9	Fix logic error in assert in IsUndeclaredGlobal() Recent changes in IC logic meant that CallStubs no longer use the Contextual bit. IsUndeclaredGlobal() needed to adjust for that. In fact, now the CL has morphed to remove the notion of storing contextual state in the IC at all, it just becomes some extra ic state of the load ic. This took some adjustment in harmony code to use the global receiver for certain stores. Now it's clearer that only LoadICs actually record any information about contextual or not. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/140943002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-17 11:08:24 +00:00
dslomov@chromium.org	5da41be7b8	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18651 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 17:08:45 +00:00
dslomov@chromium.org	34eeeb8953	Revert "Implement in-heap backing store for typed arrays." This reverts commit r18649 for breaking Linux/nosnap and Win64 tests. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/140793003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 16:00:36 +00:00
dslomov@chromium.org	97040ce67b	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Committed: https://code.google.com/p/v8/source/detail?r=18646 Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 15:01:27 +00:00
dslomov@chromium.org	95f572389e	Revert "Implement in-heap backing store for typed arrays." This reverts commit r18646 for breaking Win32 build. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/132233012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 14:26:15 +00:00
dslomov@chromium.org	0c960c2e96	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 14:18:37 +00:00
jarin@chromium.org	19d832719e	This is a preview of a first step towards unification of the hydrogen call machinery. The change replaces CallNamed, CallKeyed, CallConstantFunction and CallKnownGlobal hydrogen instructions with two new instructions with a more lower level semantics: 1. CallJSFunction for direct calls of JSFunction objects (no argument adaptation) 2. CallWithDescriptor for calls of a given Code object according to the supplied calling convention. Details: CallJSFunction should be straightforward, the main difference from the existing InvokeFunction instruction is the absence of argument adaptor handling. (As a next step, we will replace InvokeFunction with an equivalent hydrogen code.) For CallWithDescriptor, the calling conventions are represented by a tweaked version of CallStubInterfaceDescriptor. In addition to the parameter-register mapping, we also define parameter-representation mapping there. The CallWithDescriptor instruction has variable number of parameters now - this required some simple tweaks in Lithium, which assumed fixed number of arguments in some places. The calling conventions used in the calls are initialized in the CallDescriptors class (code-stubs.h, <arch>/code-stubs-<arch>.cc), and they live in a new table in the Isolate class. I should say I am not quite sure about Representation::Integer32() representation for some of the params of ArgumentAdaptorCall - it is not clear to me wether the params could not end up on the stack and thus confuse the GC. The change also includes an earlier small change to argument adaptor (https://codereview.chromium.org/98463007) that avoids passing a naked pointer to the code entry as a parameter. I am sorry for packaging that with an already biggish change. Performance implications: Locally, I see a small regression (.2% or so). It is hard to say where exactly it comes from, but I do see inefficient call sequences to the adaptor trampoline. For example: ;;; <@78,#24> constant-t bf85aa515a mov edi,0x5a51aa85 ;; debug: position 29 ;;; <@72,#53> load-named-field 8b7717 mov esi,[edi+0x17] ;; debug: position 195 ;;; <@80,#51> constant-s b902000000 mov ecx,0x2 ;; debug: position 195 ;;; <@81,#51> gap 894df0 mov [ebp+0xf0],ecx ;;; <@82,#103> constant-i bb01000000 mov ebx,0x1 ;;; <@84,#102> constant-i b902000000 mov ecx,0x2 ;;; <@85,#102> gap 89d8 mov eax,ebx 89cb mov ebx,ecx 8b4df0 mov ecx,[ebp+0xf0] ;;; <@86,#58> call-with-descriptor e8ef57fcff call ArgumentsAdaptorTrampoline (0x2d80e6e0) ;; code: BUILTIN Note the silly handling of ecx; the hydrogen for this code is: 0 4 s27 Constant 1 range:1_1 <\|@ 0 3 t30 Constant 0x5bc1aa85 <JS Function xyz (SharedFunctionInfo 0x5bc1a919)> type:object <\|@ 0 1 t36 LoadNamedField t30.[in-object]@24 <\|@ 0 1 t38 Constant 0x2300e6a1 <Code> <\|@ 0 1 i102 Constant 2 range:2_2 <\|@ 0 1 i103 Constant 1 range:1_1 <\|@ 0 2 t41 CallWithDescriptor t38 t30 t36 s27 i103 i102 #2 changes[*] <\|@ BUG= R=verwaest@chromium.org, danno@chromium.org Review URL: https://codereview.chromium.org/104663004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-15 17:00:35 +00:00
jkummerow@chromium.org	5298a078c6	Revert "Eliminatable CheckMaps replaced with if(true) or if(false)." This reverts r18592 for breaking the GC stress bots. R=machenbach@chromium.org Review URL: https://codereview.chromium.org/137783011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18611 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-15 09:53:54 +00:00
ishell@chromium.org	6b389902e1	Revert "Polymorphic named calls optimized for the case of repetitive call targets." for now because it prevents better results for checkmap elimination. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/138453002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-14 16:37:09 +00:00
verwaest@chromium.org	72125bafcc	Remove HCallGlobal and merge uses with HCallNamed. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/134333007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-14 16:15:52 +00:00
ishell@chromium.org	952fbe475f	Eliminatable CheckMaps replaced with if(true) or if(false). R=titzer@chromium.org Review URL: https://codereview.chromium.org/130613003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18592 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-14 16:06:40 +00:00
verwaest@chromium.org	1257ba358c	Remove CALL_AS_FUNCTION and CALL_AS_METHOD. BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/136403005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18590 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-14 14:36:24 +00:00
verwaest@chromium.org	f2245a9cf9	Make the strict-mode calling convention for contextual calls the default one. BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/131663003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18581 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-14 12:04:10 +00:00
hpayer@chromium.org	f01dc250dc	Handlify AllocationSite AddDependentCompilationInfo. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/136703002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18570 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 14:54:33 +00:00
mvstanton@chromium.org	854d085996	More efficient use of space in AllocationSite. We can eliminate one word from the object by sharing the pretenuring decision and the found memento count. R=bmeurer@chromium.org, hpayer@chromium.org Review URL: https://codereview.chromium.org/132063004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18554 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 10:28:01 +00:00
ishell@chromium.org	5c65572dd2	"dead" and "osr" block flags added to trace output for unreachable and osr entry blocks respectively. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/135943004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18550 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 08:45:26 +00:00
jarin@chromium.org	c0f622a45b	Fix of Hydrogen environment building for function "apply" calls. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/133773002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18548 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-11 13:59:04 +00:00
rossberg@chromium.org	cb28b7f837	Retry "Templatise type representation" after making clang happy The only thing different now is line types.h:208/236, which had a static_cast<Type*> before. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/133683002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18533 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 12:19:01 +00:00
hpayer@chromium.org	4ef951cf43	Allocation site pretenuring. Pretenuring decisions are made based on allocation site lifetime statistics. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/96783002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18532 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 12:11:54 +00:00
machenbach@chromium.org	8ffcd2a281	[Sheriff] Revert "Templatise type representation" and "Fix Mac warnings". This reverts commit r18521 and r18522 for breaking mac and win builders. BUG= TBR=rossberg@chromium.org Review URL: https://codereview.chromium.org/132493002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18524 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 19:52:15 +00:00
rossberg@chromium.org	1c33a2d840	Templatise type representation This is to support both heap- and zone-allocated types in the future (the latter not yet implemented). Also, handlify the type API some more. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/107933005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 17:12:48 +00:00
jkummerow@chromium.org	839297487f	Skip back edge creation for "do ... while(false)" loops Drive-by fix: Fix disassembling "prefetch" instruction on ia32 R=titzer@chromium.org Review URL: https://codereview.chromium.org/131733002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 15:20:25 +00:00
mvstanton@chromium.org	380aa6dc8d	Array constructor can be simplified by loading context from JSFunction. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/128683002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18518 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 15:07:23 +00:00
mvstanton@chromium.org	7baadbfac1	FunctionLiteral has work to do in the typing phase. In crankshaft, we searched un-optimized code for a SharedFunctionInfo that matches the FunctionLiteral we are processing. Ideally, this work should be done in the typing phase. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/104883006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18508 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 09:00:19 +00:00
ishell@chromium.org	b2616f415b	Polymorphic named calls optimized for the case of repetitive call targets. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/118483003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18476 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 16:59:42 +00:00
verwaest@chromium.org	4615e9edac	Reland v8:18458 "Load the global proxy from the context of the target function." BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/104013008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18462 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 10:46:39 +00:00
rossberg@chromium.org	2879f2104c	Revert "Load the global proxy from the context of the target function." This reverts commit https://code.google.com/p/v8/source/detail?r=18458, since it exhibits a bug that breaks some tests. TBR=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/93863006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18461 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 09:55:25 +00:00
verwaest@chromium.org	5b40c38679	Load the global proxy from the context of the target function. BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/111613003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18458 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 08:21:17 +00:00
bmeurer@chromium.org	ad4231c495	Reland "Allocation site support for monomorphic StringAdds in BinaryOps". R=ulan@chromium.org Review URL: https://codereview.chromium.org/106313003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18444 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 15:31:27 +00:00
bmeurer@chromium.org	4d88b0b4be	Revert "Fix compilation with C++11." and "Allocation site support for monomorphic StringAdds in BinaryOps.". This reverts commit r18431 and r18432 for breaking the Linux nosnapshot build. R=ulan@chromium.org Review URL: https://codereview.chromium.org/122463004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 10:38:45 +00:00
bmeurer@chromium.org	a91499fec7	Allocation site support for monomorphic StringAdds in BinaryOps. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/106453003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 09:17:52 +00:00
bmeurer@chromium.org	a53dcc9da1	Make it possible to assert that certain instance types are compatible wrt HAllocate. Turns clear_next_map_word_ into a flag and adds a new method CompatibleInstanceTypes(). This is used in BuildUncheckedStringAdd() to ASSERT that there's no difference wrt. HAllocate in using CONS_STRING_TYPE vs CONS_ASCII_STRING_TYPE. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/110443003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18428 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 06:26:44 +00:00
jkummerow@chromium.org	3c76ecd732	Fix switch statements with non-Smi integer labels and no type feedback BUG=chromium:329709 LOG=Y R=hpayer@chromium.org Review URL: https://codereview.chromium.org/98643010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18370 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-19 14:25:58 +00:00
ishell@chromium.org	e3752b63c0	HStoreKeyed for Smis optimized for x64 + related redundant moves of elements removed R=verwaest@chromium.org Review URL: https://codereview.chromium.org/108503004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 18:05:10 +00:00
ishell@chromium.org	8c159ed4ec	HStoreNamedField for Smis optimized for x64 R=verwaest@chromium.org Review URL: https://codereview.chromium.org/108413003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18360 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 17:53:50 +00:00
danno@chromium.org	8683920e3f	Improve ==/=== comparison in Hydrogen for monomorphic maps R=titzer@chromium.org Review URL: https://codereview.chromium.org/108083004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18357 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 17:18:23 +00:00
jkummerow@chromium.org	59c334ebf4	Hydrogen: Re-use regular comparisons infrastructure for switch statements R=rossberg@chromium.org Review URL: https://codereview.chromium.org/111573003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 11:58:58 +00:00
verwaest@chromium.org	fb7218dc3d	Enable optimization of functions with generic switches. R=jkummerow@chromium.org, titzer@chromium.org Review URL: https://chromiumcodereview.appspot.com/110123002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18347 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 11:44:38 +00:00
svenpanne@chromium.org	84aa5263f3	Remove the last remnants of the TranscendentalCache. It was only used for Math.log, and even then only in full code and in %_MathLog. For crankshafted code, Intel already used the FP operations directly, while the ARM/MIPS ports were a bit lazy and simply called the stub. The latter directly call the C library now without any cache. It would be possible to directly generate machine code if somebody has the time, from what I've seen out in the wild it should be only about a dozen instructions. LOG=y R=yangguo@chromium.org Review URL: https://codereview.chromium.org/113343003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18344 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 10:40:26 +00:00
yurys@chromium.org	cd5ea74700	Replace 'operator' with explicit 'get' method on SmartPointer Made operator return reference to the raw type, not pointer. New method 'get()' should be used when raw pointer is needed. Also removed useless inline modifier from the SmaprtPointer methods and added const modifier to the methods that don't change smart pointer. Made ~SmartPointerBase protected to avoid accidental calls of the non-virtual base class's destructor. drive-by: fixed use after free in src/factory.cc BUG=None LOG=N R=alph@chromium.org, svenpanne@chromium.org Review URL: https://codereview.chromium.org/101763003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18275 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-09 07:41:20 +00:00
mvstanton@chromium.org	a1a871fb5a	Remove unnecessary overflow check in HGraphBuilder::BuildCreateAllocationMemento(). With this fix codegen looks like: mov ecx,[eax+0xf] ;;; <@52,#38> load-named-field add ecx,0x2 ;;; <@54,#40> add-i mov [eax+0xf],ecx ;;; <@56,#41> store-named-field without it there is an overflow check and jump to deopt. x64 code looks similar, except there is an (annoying) smi-untag then int32-to-smi around the add operation. R=bmeurer@chromium.org, hpayer@chromium.org Review URL: https://codereview.chromium.org/104313003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18255 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-04 10:46:18 +00:00
bmeurer@chromium.org	69b5d5f8f6	Revert "Use constant types to represent the fixed right arg of a MOD." This reverts commit r18246 for tanking all benchmarks. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/104243002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18249 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-04 09:27:48 +00:00
bmeurer@chromium.org	1868ef5de9	Use constant types to represent the fixed right arg of a MOD. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/103933002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18246 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-04 08:37:34 +00:00
bmeurer@chromium.org	7e540e6b8a	Revert "Use constant types to represent the fixed right arg of a MOD." This reverts commit r18228 for crashing on Windows. TBR=mvstanton@chromium.org Review URL: https://codereview.chromium.org/101663002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18229 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-03 11:24:56 +00:00
bmeurer@chromium.org	5c6b9500aa	Use constant types to represent the fixed right arg of a MOD. R=mvstanton@chromium.org, svenpanne@chromium.org Review URL: https://codereview.chromium.org/99173002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-03 10:51:57 +00:00
bmeurer@chromium.org	aa83f2900a	Fix invalid assertion with OSR in BuildBinaryOperation. BUG=v8:3032 LOG=n R=yangguo@chromium.org Review URL: https://codereview.chromium.org/98623004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18190 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-02 13:12:07 +00:00
bmeurer@chromium.org	a3d1df29f1	Fix HInnerAllocatedObject to use an HValue for the offset. R=hpayer@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/98673003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18181 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-02 11:24:31 +00:00
jkummerow@chromium.org	833ee3cdb7	A few small refactorings and typo fixes R=yangguo@chromium.org Review URL: https://codereview.chromium.org/95333002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18153 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-29 10:02:32 +00:00
mstarzinger@chromium.org	b506e8ce96	Follow-up fix for r18135 in TryCallApply. R=yangguo@chromium.org BUG=chromium:323942 TEST=mjsunit/regress/regress-crbug-323942 LOG=N Review URL: https://codereview.chromium.org/95583002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18152 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-29 09:59:35 +00:00
titzer@chromium.org	6e5e23d630	Implement global check elimination using the HFlowEngine. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/46883009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18137 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-28 15:50:54 +00:00
yangguo@chromium.org	f235194518	Fix bug in inlining Function.apply. R=jkummerow@chromium.org BUG=323942 LOG=Y Review URL: https://codereview.chromium.org/95123003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18135 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-28 15:30:17 +00:00
hpayer@chromium.org	0e95ffddf2	Fix allocation memento bookeeping code for js arrays. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/95053002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18124 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-28 13:45:23 +00:00
hpayer@chromium.org	0213fc9035	Added tracing support for pretenuring. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/94493002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18117 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-28 10:49:02 +00:00
mvstanton@chromium.org	f3a22f965e	The goal is to discover the appropriate heap space for objects created in full code. By the time we optimize the code, we'll be able to decide on new or old space based on the number of surviving objects after one or more gcs. The mechanism is a "memento" placed behind objects in the heap. It's currently done for array and object literals, with plans to use mementos for constructed objects as well (in a later CL). The feature is behind the flag allocation_site_pretenuring, currently off. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/40063002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-27 14:03:40 +00:00
dslomov@chromium.org	c3a4d718ce	Generate TypedArrayInitialize builtin in hydrogen. R=danno@chromium.org Review URL: https://codereview.chromium.org/59023003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18059 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-25 14:41:46 +00:00
mvstanton@chromium.org	81b22bbf96	A performance regression in array literal creation was caused by refactoring that eliminated a special fast case for shallow arrays. At the same time the general case got a bit slower. This CL restores most of the performance without coding the special fast case. The virtual dispatching is unnecessary because we know what we want to do at compile time. A flag was added to Runtime::CreateArrayLiteral. The flags delivers information about shallowness but also whether or not allocation mementos should be created. This is useful for crankshafted code. BUG=v8:3008 LOG=Y R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/77293003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-25 12:41:27 +00:00
dslomov@chromium.org	21dca31203	Safe HGraphBuilder::Add<> and New<> R=danno@chromium.org Review URL: https://codereview.chromium.org/82943005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18033 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 19:05:21 +00:00
bmeurer@chromium.org	7158b51125	Fix combined string length computation. For 31-bit smis, we don't need to explicitly check whether the combined string length exceeds the max supported string length, since the value must be converted to a smi at some point (i.e. when it is stored into the string length field of the resulting string), which will emit an overflow check. For 32-bit smis, we insert an explicit check that the combined string length does not exceed String::kMaxLength. This also enables to get rid of the JoinContinuation() usage in BuildUncheckedStringAdd(). BUG=v8:2990 LOG=n R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/82733003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18005 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 12:03:01 +00:00
bmeurer@chromium.org	08df395f4e	Get rid of the binop_stub parameter to BuildBinaryOperation(). Just ask the graph builder whether we are compiling a stub. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/83073003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18004 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 11:49:04 +00:00
svenpanne@chromium.org	b6b84c02b2	Reland "Implement Math.random() purely in JavaScript" plus fixes. The main change is that a bit has been added to array buffers to signal that the backing store has to be freed when the buffer dies. BUG=316359 LOG=Y R=yangguo@chromium.org Review URL: https://codereview.chromium.org/82763005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18003 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 11:35:39 +00:00
bmeurer@chromium.org	da87c188ad	Rework BuildCheckString() to be compatible with the other BuildCheck*() methods. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/79343009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 07:27:26 +00:00
danno@chromium.org	8e266c2244	Revert 17963, 17962 and 17955: Random number generator in JS changes Revert 17966, 17965 also as collateral damage: Embed trigonometric lookup table. Due to Heapcheck and valgrind failures that are not yet fixed. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/80513004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17981 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 17:21:00 +00:00
svenpanne@chromium.org	2b1da67263	Implement Math.random() purely in JavaScript. This removes tons of architecture-specific code and makes it easy to experiment with other pseudo-RNG algorithms. The crankshafted code is extremely good, keeping all things unboxed and doing only minimal checks, so it is basically equivalent to the handwritten code. When benchmarks are run without parallel recompilation, we get a few percent regression on SunSpider's string-validate-input and string-base64, but these benchmarks run so fast that the overall SunSpider score is hardly affected and within the usual jitter. Note that these benchmarks actually run even faster when we don't crankshaft at all on the main thread (the regression is not caused by bad code, it is caused by Crankshaft needing a few hundred microsecond for compilation of a trivial function). Luckily, when parallel recompilation is enabled, i.e. in the browser, we see no regression at all! R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/68723002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 09:55:15 +00:00
bmeurer@chromium.org	d38abc3bba	Remove the first_right_arg hack for HMod. Generate a proper subgraph in BuildBinaryOperation instead. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/77053003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-20 12:43:33 +00:00
bmeurer@chromium.org	4c4d911cde	Convert constant numbers at compile time. TEST=mjsunit/number-tostring R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/77553005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17917 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-20 12:35:21 +00:00
bmeurer@chromium.org	defee14d76	Make BuildBinaryOperation use ReturnValue instead of ReturnInstruction. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/78183002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-20 12:00:57 +00:00
bmeurer@chromium.org	6826b74708	Replace unsafe uses of Add<> with AddUncasted<>. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/78213002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17913 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-20 11:57:49 +00:00
bmeurer@chromium.org	da6d5586f9	Don't generate useless string checks for string adds. If we know that one side of a string add is definitely a string (i.e. if it's a string constant), then we don't need to emit a string check for the argument. This adds a new BuildCheckString() method to the graph builder, which does "the right thing". TEST=mjsunit/string-add R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/78063002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-20 11:53:09 +00:00
danno@chromium.org	06c7620302	Fixed crashes exposed though fuzzing. The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set. R=yangguo@chromium.org TEST=test/mjsunit/regress/regress-320948.js BUG=chromium:320948 LOG=Y Review URL: https://codereview.chromium.org/72813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 16:41:07 +00:00
yangguo@chromium.org	e2563d7a8e	Make number of available threads isolate-dependent and expose it to ResourceConstraints. R=svenpanne@chromium.org BUG=v8:2991 LOG=Y Review URL: https://codereview.chromium.org/68203029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 11:52:47 +00:00
ishell@chromium.org	53bd540ee0	Constant-folding through HForceRepresentation fix. Reverts changes in HValue::IsInteger32Constant() made in https://code.google.com/p/v8/source/detail?r=17787 R=bmeurer@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/68493005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17863 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 11:41:04 +00:00
vegorov@chromium.org	0ec0d5fc32	Reapply r11765 Add static_cast<int> in HPositionInfo::position to please Win64 build. Improvements in positions handling in optimizing compiler. - When building binary arithmetic op and comparison restore source position of the operation itself before building operation itself after it was changed by building operands. This ensures that position recorded for operation points to the operation token instead of pointing to the rightmost operand; - Add support for recording operands' positions and use these positions when inserting HChange instructions; - When generating hydrogen.cfg emit H-instruction position as BCI (previously 0 was emitted), additionally on every lithium instruction emit annotation pointing to corresponding hydrogen-instruction. This allows to easily reach from deopt_id to lithium instruction and from it to hydrogen instruction and source position. R=danno@chromium.org Review URL: https://codereview.chromium.org/59703011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17848 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-18 17:24:00 +00:00
dslomov@chromium.org	99133912bd	Generate DataViewInitialize built-in in hydrogen. R=bmeurer@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/66843011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17831 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-18 13:57:49 +00:00
danno@chromium.org	4ed2538262	Generate KeyedLoadDictionaryElementStub with Hydrogen R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/19492007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17804 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-15 17:53:35 +00:00
mvstanton@chromium.org	5b9569b574	Regression fix: HForceRepresentation shouldn't be an idef. Instead, code sites that are interested in underlying constant integer values should use HValue::IsInteger32Constant(). The issue is that the infer representation phase shouldn't "see through" HForceRepresentation nodes to an underlying, and less specific representation. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/65643003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17787 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-15 12:10:59 +00:00
verwaest@chromium.org	341d405301	Reland and fix "Add support for keyed-call on arrays of fast elements" BUG= R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/71783003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17782 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-15 10:52:05 +00:00
danno@chromium.org	d62337e127	Add ability to do "else-if" clauses in IfBuilder - In an Else block it's possible to add more If<>'s in the same builder that are treated as an else if. - Simplified and cleaned-up some of the IfBuilder's internals. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/66983002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17780 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-15 10:36:02 +00:00
bmeurer@chromium.org	2ee5aa951c	Fix missing type feedback check for Generic*String addition. TEST=mjsunit/regress/regress-crbug-318671 BUG=318671 LOG=y R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/67473007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17772 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-15 09:13:36 +00:00
rafaelw@chromium.org	25b450b2b7	Revert "Improvements in positions handling in optimizing compiler." (r17765) Original issue: https://codereview.chromium.org/49203002/ TBR=vegorov Review URL: https://codereview.chromium.org/63343003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17768 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 21:45:01 +00:00
vegorov@chromium.org	9d440ac4c0	Improvements in positions handling in optimizing compiler. - When building binary arithmetic op and comparison restore source position of the operation itself before building operation itself after it was changed by building operands. This ensures that position recorded for operation points to the operation token instead of pointing to the rightmost operand; - Add support for recording operands' positions and use these positions when inserting HChange instructions; - When generating hydrogen.cfg emit H-instruction position as BCI (previously 0 was emitted), additionally on every lithium instruction emit annotation pointing to corresponding hydrogen-instruction. This allows to easily reach from deopt_id to lithium instruction and from it to hydrogen instruction and source position. BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/49203002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17765 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 21:00:27 +00:00
machenbach@chromium.org	eef8694a7e	[Sheriff] Revert "Add support for keyed-call on arrays of fast elements" This reverts commit r17746 for breaking layout tests. TBR=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/72753002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 15:00:13 +00:00
verwaest@chromium.org	607a175cbc	Add support for keyed-call on arrays of fast elements R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/23537067 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 13:46:18 +00:00
mvstanton@chromium.org	3cf157b43b	Inline zero argument array constructor. patch from issue 54583003 (dependent code). Zero arguments - very easy 1 argument - three special cases: a) If length is a constant in valid array length range, no need to check it at runtime. b) respect DoNotInline feedback on the AllocationSite for cases that the argument is not a smi or is an integer with a length that should create a dictionary. c) if kind feedback is non-holey, and length is non-constant, we'd have to generate a lot of code to be correct. Don't inline this case. N arguments - one special case: a) If a deopt ever occurs because an input argument isn't compatible with the elements kind, then set the DoNotInline flag. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/55933002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 12:05:09 +00:00
mvstanton@chromium.org	026c5507bd	Make HForceRepresentation an idef. An optimization in the array constructor wasn't firing because the code would check for constant values, failing to find them through intervening HForceRepresentation instructions. Repaired this site. A follow-on CL will provide a better way of making decisions based on constant HValues. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/59623009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-13 17:03:11 +00:00
yangguo@chromium.org	e83fd01ce6	Reland "Implement Math.sin, cos and tan using table lookup and spline interpolation." This relands r17594 with necessary fixes. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/70003004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-12 14:43:18 +00:00
yangguo@chromium.org	df9665032e	Introduce %_IsMinusZero. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/63423004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-12 11:53:13 +00:00
bmeurer@chromium.org	6f75e92902	Add initial hydrogenized NewStringAddStub. The new stub is enabled via the --new-string-add flag, which is disabled by default. For now, it's only a stripped down version of the native StringAddStub, it's still work-in-progress. BUG=v8:2990 R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/61893009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-12 10:21:08 +00:00
ulan@chromium.org	bc4ad49b25	Do not add values to HGraph in Lithium. Lithium uses indexes after the maximium value ID in the HGraph as indexes of virtual registers and assumes that the maximum value ID does not change. The IsStandardConstant and GetConstantXX functions could add constants to HGraph, which aliased virtual registers with real values. This could confuse the register allocator to think that a value in a virtual register is tagged and to incorrectly set it in the pointer map. BUG=298269 TEST=mjsunit/regress/regress-298269.js R=verwaest@chromium.org Review URL: https://chromiumcodereview.appspot.com/66693002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17599 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 14:16:34 +00:00
yangguo@chromium.org	9f104a1a3e	Revert "Implement Math.sin, cos and tan using table lookup and spline interpolation." This reverts commit r17594. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/59153007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 13:44:27 +00:00
yangguo@chromium.org	063b7c4ebb	Implement Math.sin, cos and tan using table lookup and spline interpolation. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/50563003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 13:10:39 +00:00
yangguo@chromium.org	fc1dadce9b	Use register allocator for context on x64. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/50863002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 10:58:51 +00:00
mstarzinger@chromium.org	acac89008d	Defer allocation of constant literal properties. This moves building of constant properties and elements arrays for all materialized literals into the compiler. The parser no longer allocates while parsing ObjectLiteral and ArrayLiteral expressions. R=ulan@chromium.org Review URL: https://codereview.chromium.org/61873003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17557 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-07 12:08:37 +00:00
mvstanton@chromium.org	cec8548d0e	Correct handling of arrays with callbacks in the prototype chain. Our generic KeyedStoreIC doesn't handle the case when a callback is set on array elements in the prototype chain of the object, nor do we recognize that we need to avoid the monomorphic case if these callbacks exist. This CL addresses the issue by looking for dictionary elements in the prototype chain on IC misses and crankshaft element store instructions. When found, the generic IC is used. The generic IC is changed to go to the runtime in this case too. In general, keyed loads are immune from this problem because they won't return the hole: discovery of the hole goes to the runtime where the callback will be found in the prototype chain. Double array loads in crankshaft can return the hole but only if the prototype chain is unaltered (we will catch such alterations). Includes the following patch as well (already reviewed by bmeurer): Performance regression found in test regress-2185-2.js. The problem was that the bailout method for TransitionAndStoreStub was not performing the appropriate transition. (Review URL for the ElementsTransitionAndStoreIC_Miss change: https://codereview.chromium.org/26911007) R=danno@chromium.org Review URL: https://codereview.chromium.org/35413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-06 15:45:43 +00:00
mvstanton@chromium.org	ee6e52f292	Remove CreateArrayLiteralShallow, as it's fundamentally the same now as CreateArrayLiteral. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/54333003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17470 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 09:54:59 +00:00
bmeurer@chromium.org	537100336c	Do Else() first for JoinContinuation() in IfBuilder. This is required to make sure that environments are correct for joined continuations. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/52593008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17464 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 08:56:48 +00:00
plind44@gmail.com	c042ef360d	Enable double alignment for constructed arrays. 2nd (of 3) CL's to ensure complete alignment of FixedDoubleArrays. TEST= BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/35133002 Patch from Dusan Milosavljevic <Dusan.Milosavljevic@rt-rk.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17382 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-24 19:01:30 +00:00
jkummerow@chromium.org	8259439ae8	Fix HObjectAccess for loads from migrating prototypes BUG=chromium:305309 R=danno@chromium.org Review URL: https://codereview.chromium.org/35173005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17345 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 15:15:15 +00:00
ishell@chromium.org	bf7a9bf8dc	HCheckInstanceType factories unified R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/35413007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17342 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 13:03:15 +00:00
ishell@chromium.org	a333094165	PushAndAdd() usages refactored. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/36893002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17339 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 12:34:39 +00:00
hpayer@chromium.org	fbaf016b6d	Add a soft-deopt in keyed element access when current IC is pre-monomorphic and no type feedback was collected. BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/32643004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 10:41:21 +00:00
dcarney@chromium.org	6eeb141a37	force accessor pair accesses backed by simple api calls to be generic accesses when crankshafted R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/34773003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17332 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 08:46:46 +00:00
bmeurer@chromium.org	32d96248f9	Guard against misuse of IfBuilder. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/30693007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17319 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 11:37:15 +00:00
ishell@chromium.org	32cdd4d48a	More Hydrogen templatization. Factories added to a set of Hydrogen classes. Several old-style HXxx::New() replaced with New<HXxx>() and NewUncasted<HXxx>. Several AddInstruction() calls following New::XXX() replaced with Add<XXX>(). AddLoadNamedField() method added to GraphBuilder. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/34523004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17318 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 11:29:05 +00:00
titzer@chromium.org	d63c8e4dc3	Allow constants to be deleted by reinserting them into the graph as needed. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/31943002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-21 14:09:32 +00:00
danno@chromium.org	4c565138b5	Add tool to visualize machine code/lithium. In the process: - Add a command-line flag --opt-code-positions to track source position information throughout optimized code. - Add a subclass of the hydrogen graph builder to ensure that the source position is properly set on the graph builder for all generated hydrogen code. - Overhaul handling of source positions in hydrogen to ensure they are passed through to generated code consistently and in most cases transparently. Originally reviewed in this CL: https://codereview.chromium.org/24957003/ Review URL: https://codereview.chromium.org/29123008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17295 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-21 13:35:48 +00:00
bmeurer@chromium.org	100fb55555	Inline number to string conversion for string addition into BinaryOp(Stub). This fixes a performance regression that was caused by converting the BinaryOpStub to a Hydrogen code stub. It also fixes a leftover TODO wrt. the handling of NumberString or StringNumber versions of the stub. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/27674002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17290 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-21 12:42:08 +00:00
bmeurer@chromium.org	ef12527b7c	Revert "Add a soft-deopt in keyed element access when current IC is pre-monomorphic and no type feedback was collected." This reverts commit r17288 for breaking the mjsunit/unbox-double-arrays test on almost every platform. TBR=hpayer@chromium.org Review URL: https://codereview.chromium.org/32373002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17289 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-21 12:32:38 +00:00
hpayer@chromium.org	9667e1b30f	Add a soft-deopt in keyed element access when current IC is pre-monomorphic and no type feedback was collected. BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/32263002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17288 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-21 12:10:01 +00:00
mvstanton@chromium.org	8f9f192f6e	AllocationSites for all literals R=hpayer@chromium.org Review URL: https://codereview.chromium.org/24250005 Review URL: https://codereview.chromium.org/27366003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-16 08:10:36 +00:00
mvstanton@chromium.org	f4edc076d8	Revert "AllocationSites for all literals" This reverts commit r17219 due to WebKit failures. R=mstarzinger@chromium.org TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/26539010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17222 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 15:35:23 +00:00
jkummerow@chromium.org	ea4e0a3d28	Simplify array element access in Hydrogen. No change in functionality intended. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/26986004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17221 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 15:06:04 +00:00
mvstanton@chromium.org	362c0cfbca	AllocationSites for all literals BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/24250005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 14:52:58 +00:00
jkummerow@chromium.org	1d580b4fd0	Delete dead code from HOptimizedGraphBuilder::VisitCompareOperation R=rossberg@chromium.org Review URL: https://codereview.chromium.org/26419005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17214 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 11:24:37 +00:00
rossberg@chromium.org	c806a2385d	Unify handling of position info in AST, part 3 * Turn CaseClause into a proper AstNode R=yangguo@chromium.org BUG= Review URL: https://codereview.chromium.org/23684058 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17187 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-14 11:06:15 +00:00
mvstanton@chromium.org	71af6c86a1	Allow FastCloneShallowObjectStub to use AllocationMementos. (currently turned off) BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/26827002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17154 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-11 09:25:14 +00:00
dslomov@chromium.org	12250f23d8	Add instruction factories to HHasInstanceTypeAndBranch. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/26859003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17150 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-10 20:01:42 +00:00
olivf@chromium.org	66c610398f	Reland "Hydrogenisation of binops" BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/25494007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-04 08:17:11 +00:00
olivf@chromium.org	24c2336d75	Inline some more compare operations. BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/25009003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17091 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 18:15:57 +00:00
verwaest@chromium.org	41f660fe07	Rename ComputeLoadStoreField to just handle ComputeStoreField. R=jkummerow@chromium.org Review URL: https://chromiumcodereview.appspot.com/25683005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17086 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 17:17:00 +00:00
danno@chromium.org	79a14d3f73	Fix failure in unit tests R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/25665006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17083 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 16:13:49 +00:00
danno@chromium.org	d4bcf5d730	Fix test262 failures and x64 compile failure. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/25604008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17082 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 15:27:51 +00:00
verwaest@chromium.org	7e0ea6ab46	Only fold polymorphic into monomorphic load if all load from either receiver or same prototype. R=jkummerow@chromium.org Review URL: https://chromiumcodereview.appspot.com/25718002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17078 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 13:24:08 +00:00
danno@chromium.org	908a7dc2a8	Improve and simplify removal of unreachable code - Detect unreachable basic blocks of code either following an unconditional deopt or after a provably untaken branch of HBranch or HCompareObjectEqAndBranch instructions. - Emit dummy uses in unreachable blocks during Hydrogen -> Lithium translation. BUG=chromium:258519 R=jkummerow@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/22876009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17073 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 11:43:41 +00:00
palfia@homejinni.com	4b9a9f7af7	MIPS: Allow function inlining with context change. Port r17019 (cd4b69cd) BUG= R=jkummerow@chromium.org, plind44@gmail.com Review URL: https://codereview.chromium.org/25622003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17070 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 11:25:06 +00:00
olivf@chromium.org	9459ed3ab4	Revert "Hydrogenisation of binops" This reverts r17052-17054 for various build breaks. TBR=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/25571002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17055 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 18:00:02 +00:00
olivf@chromium.org	7873f35eb2	Hydrogenisation of binops BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/24072013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17052 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 15:24:56 +00:00
mstarzinger@chromium.org	b9b528e030	Defer allocation of native function literals. R=dcarney@chromium.org Review URL: https://codereview.chromium.org/25473002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17038 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 09:47:37 +00:00
mvstanton@chromium.org	aa90e62ba0	In crankshafted code, we were creating allocation mementos for shallow SMI array literals when we shouldn't. The idea is that we should have learned by this point what type of array we'll end up with. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/25146007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17028 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 08:22:01 +00:00
jkummerow@chromium.org	85ae341b09	Revert "Defer allocation of native function literals." This reverts r17017 for breaking LayoutTests. R=mstarzinger@chromium.org TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/25315002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 17:42:58 +00:00
rodolph.perfetta@gmail.com	e7669d9308	ARM: Allow function inlining with context change. BUG=none TEST=none R=ulan@chromium.org Review URL: https://codereview.chromium.org/25247002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17019 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 15:08:20 +00:00
mstarzinger@chromium.org	c624141bf3	Defer allocation of native function literals. R=dcarney@chromium.org BUG= Review URL: https://codereview.chromium.org/25164003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 14:49:11 +00:00
yangguo@chromium.org	2dec4372d8	Finish control flow after throw if not inlined. R=jkummerow@chromium.org BUG=v8:2868 Review URL: https://codereview.chromium.org/24768002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16992 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-27 13:48:19 +00:00
mvstanton@chromium.org	807cdd492b	Refactoring such that loop builders only call into the HOsrBuilder if compiling for OSR. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/25039003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16990 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-27 13:38:04 +00:00
titzer@chromium.org	d441160cab	Implement local check elimination on basic blocks. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23866016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16970 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-26 16:25:57 +00:00
olivf@chromium.org	9d3c5c5fb6	Macrofication of HInstruction constructors with context argument. BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/24544002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16940 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-25 11:57:20 +00:00
dslomov@chromium.org	39877060ee	Speed up ArrayBuffer/typed array/DataView properties. Optimizes byteLength, byteOffset, buffer and other properties on ArrayBuffer, typed arrays and DataView into simple field loads. Some unification with the way Array.length and String.length are treated. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/24360019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16930 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-25 08:19:35 +00:00
titzer@chromium.org	cee5773017	Use Unique<Object> in HConstant and remove UniqueValueId. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/24350014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-24 09:48:39 +00:00
bmeurer@chromium.org	70b8e2d013	Turn the NumberToStringStub into a hydrogen stub. This adds a BuildLookupNumberStringCache() in Hydrogen, which will be used by the hydrogen version of StringAddStub, in addition to the hydrogen version of NumberToStringStub. R=mvstanton@chromium.org Committed: https://code.google.com/p/v8/source/detail?r=16874 Review URL: https://codereview.chromium.org/23726041 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16910 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-24 09:31:07 +00:00
mstarzinger@chromium.org	8cbb4dcb49	Handlify JSObject::MigrateInstance and friends. This relands the original change from r16899 together with a bugfix for two unhandlified values which became stale. R=verwaest@chromium.org TEST=mjsunit/debug-evaluate-locals-optimized (in GC stress mode) Review URL: https://codereview.chromium.org/24210011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 19:56:36 +00:00
olivf@chromium.org	42ce84134f	Revert "Allow control intructions to have side effects." Breaks arm build. BUG= TBR=titzer@chromium.org Review URL: https://codereview.chromium.org/24255015 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16903 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 18:57:32 +00:00
olivf@chromium.org	3e13af46e4	Allow control intructions to have side effects. As a first application convert HCompareGeneric to a control Instruction, thus avoid materializing a boolean result value. BUG= R=titzer@chromium.org Review URL: https://codereview.chromium.org/23710070 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16902 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 16:56:34 +00:00
mstarzinger@chromium.org	40decafa84	Revert "Handlify JSObject::MigrateInstance and friends." This is reverted due to mozilla/ecma/Date/15.9.5.9 failing on Windows. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/24374002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 16:53:59 +00:00
mstarzinger@chromium.org	1279103806	Handlify JSObject::MigrateInstance and friends. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23583052 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16899 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 15:02:25 +00:00
machenbach@chromium.org	576515ebf3	Revert "Turn the NumberToStringStub into a hydrogen stub." This reverts commit 16874 for breaking the tests. TBR=bmeurer@chromium.org Review URL: https://codereview.chromium.org/23440064 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16876 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 11:22:35 +00:00
bmeurer@chromium.org	9c48fbda75	Turn the NumberToStringStub into a hydrogen stub. This adds a BuildLookupNumberStringCache() in Hydrogen, which will be used by the hydrogen version of StringAddStub, in addition to the hydrogen version of NumberToStringStub. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/23726041 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16874 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 10:58:45 +00:00
verwaest@chromium.org	3dd88c4067	Pad the environment with 0 rather than the receiver to avoid influencing the representation of the join. R=titzer@chromium.org Review URL: https://chromiumcodereview.appspot.com/23707055 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16861 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 11:34:05 +00:00
bmeurer@chromium.org	6fce49609b	Allow IfBuilder's to join existing (captured) continuations. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/23452049 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16857 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 10:47:09 +00:00
mvstanton@chromium.org	1b576e1e86	Some cleanup fixes * Consolidated CopyJSObject and CopyJSObjectWithAllocationSite * Factory.h helper for struct maps. * BuildFastLiteral shouldn't create allocation sites in pretenuring mode. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/24255005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 09:27:40 +00:00

... 3 4 5 6 7 ...

1363 Commits