It's cheaper to materialize heap constants by loading from the roots
array instead of embedding the constant into the instruction stream, at
least on x64, arm and arm64.
Drive-by-fix: Also cleanup the materialize constant from frame
optimization.
R=dcarney@chromium.org
Review URL: https://codereview.chromium.org/1088913002
Cr-Commit-Position: refs/heads/master@{#27818}
If a major gc happens between allocation and initialization of the
buffer, it might be already in old space. Since we need the list of
buffers to be sorted from new to old, we keep track of the last buffer
and put old buffers to the end
BUG=chromium:476032
R=hpayer@chromium.org,dslomov@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1079923003
Cr-Commit-Position: refs/heads/master@{#27811}
Instead of modifying a context chain and then modifying it back, causing
potential mismatches, we clone the inner context chain and evaluate
the expression in this cloned context. We then copy all local variable
values back if needed.
R=yangguo@chromium.org,yurys@chromium.org
Review URL: https://codereview.chromium.org/1088503003
Cr-Commit-Position: refs/heads/master@{#27809}
The overwrite-builtins test cases will throw one expected exception
and the exception message should include the source position in the JS
file. But crankshaft compiler does not generate the source position for
it when creating the flow graph by default. The source position information
is always zero. So it failed when comparing with the reference file.
If we use crankshaft compiler on IA32 platform to run this test case, it
has the same failure.
BUG=
Review URL: https://codereview.chromium.org/1086503002
Cr-Commit-Position: refs/heads/master@{#27807}
As uClibc defines __GLIBC__ in an attempt to look like glibc, V8_LIBC_GLIBC
was true for uClibc as well. Checking for uClibc before glibc fixes this
and restores the correct behavior.
BUG=
Review URL: https://codereview.chromium.org/1066573005
Cr-Commit-Position: refs/heads/master@{#27806}
port e0844a24d3 (r27793).
original commit message:
These options were added for a hydrogen code stub version of
the VectorIC dispatcher, which was discontinued.
BUG=
Review URL: https://codereview.chromium.org/1087573003
Cr-Commit-Position: refs/heads/master@{#27802}
The assembler code generated by the DeoptimizeIf(...) function under X87 is larger
and the distance between the link point and the bind point which has two DeoptimizeIf()
is larger then near link distance (127) for labels.
BUG=
Review URL: https://codereview.chromium.org/1065893003
Cr-Commit-Position: refs/heads/master@{#27801}
This avoids both a mysterious boolean argument ("insert") and lets
non-mutating lookups skip passing an allocator (in one such case,
we were passing a scary-looking ZoneAllocationPolicy(NULL)!).
Review URL: https://codereview.chromium.org/1074943002
Cr-Commit-Position: refs/heads/master@{#27799}
Does not entirely disallow the use of 'eval' as an identifier in strong mode,
as originally proposed.
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/1059273004
Cr-Commit-Position: refs/heads/master@{#27796}
Use fsub rather than fadd to avoid stripping the sign from minus zero.
Fixes mjsunit/result-table-min and mjsunit/result-table-max test failures.
R=michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1084583003
Cr-Commit-Position: refs/heads/master@{#27794}
They are content with a dummy vector, as MISSES won't result in
changing the real vector/slot at all.
BUG=
Review URL: https://codereview.chromium.org/1067573003
Cr-Commit-Position: refs/heads/master@{#27788}
rename to ReferenceMap
use ZoneVector for storage
drop dead code
BUG=
Review URL: https://codereview.chromium.org/1081053002
Cr-Commit-Position: refs/heads/master@{#27785}
This allows the embedder to decide whether it's worthwhile to copy the
contents to avoid materializing a buffer.
BUG=v8:3996
R=dslomov@chromium.org,kbr@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/1084513002
Cr-Commit-Position: refs/heads/master@{#27782}
Deoptimization infrastructure already handles it correctly.
This change fixes repetitive deoptimizations in the code like this:
var u32 = new Uint32Array(1);
u32[0] = -1;
function tr(x) { return x|0; }
function ld() { return tr(u32[0]); }
while (true) ld();
Currently inlined tr will contain HArgumentsObject that is considered uint32-unsafe use and prevents u32[0] from becoming uint32 load - instead a speculative int32 load is generated which just deopts.
BUG=
Review URL: https://codereview.chromium.org/1077113002
Cr-Commit-Position: refs/heads/master@{#27781}
This makes the compilers agree on the source position of a message
generated by "throw new Error()", it points to the beginning of the
throw directive.
R=titzer@chromium.org
TEST=message/regress/regress-3995
BUG=v8:3995
LOG=N
Review URL: https://codereview.chromium.org/1049703002
Cr-Commit-Position: refs/heads/master@{#27775}
This tweak was already present in CrankShaft for the non-AVX case. As it
turns out, it's also relevant even with AVX. Now the same optimization
is applied in case of TurboFan as well.
R=dcarney@chromium.org
Review URL: https://codereview.chromium.org/1081033003
Cr-Commit-Position: refs/heads/master@{#27774}
This commit is a precursor to making lazy arrow function parsing use
similar logic to function(){} argument parsing.
R=arv@chromium.org
BUG=4020
LOG=N
Review URL: https://codereview.chromium.org/1078093002
Cr-Commit-Position: refs/heads/master@{#27773}
