AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
16,712 Commits 1 Branch 0 Tags 839 MiB
9244429707
Commit Graph

1277 Commits

Author SHA1 Message Date
bmeurer@chromium.org
785bdf7c1e Don't add code dependencies eagerly for HCheckMaps. 
Instead of adding code dependencies on stable during
graph creation, we now add them during code generation
for those HCheckMaps that survived dead code elimination.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/264973013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21139 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-05-05 11:03:14 +00:00
bmeurer@chromium.org
59e5c97ec0 Don't add code dependencies on transitioning stores eagerly. 
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/256303007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21110 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-05-02 06:37:54 +00:00
mvstanton@chromium.org
15dc39a86f Simplify feedback vector creation and store in SharedFunctionInfo. 
LOG=N
BUG=v8:3212
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/254623002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21085 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-30 10:51:01 +00:00
svenpanne@chromium.org
4dca23f825 Added a Isolate* parameter to Serializer::enabled(). 
This parameter will soon be used when a few pseudo-classes like
Serializer are turned into real classes. The current CL is already big
enough, untying our Gordian knot called "startup" will continue...

BUG=359977
LOG=y
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/260003006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21083 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-30 09:50:58 +00:00
ishell@chromium.org
e025457443 Object::Lookup(), JSObject::*Lookup*() and JSReceiver::*Lookup*() handlified. 
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/253843006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21051 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-29 13:43:17 +00:00
bmeurer@chromium.org
d4b533d41b Bulk update of Google copyright headers in source files. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/259183002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21035 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-29 06:42:26 +00:00
yangguo@chromium.org
87394009b6 Ignore debug stepin in optimized code for array builtins. 
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/251933004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21013 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-28 11:42:19 +00:00
danno@chromium.org
9aaa5367ba Revert r20974: Unify and simplify the FastCloneShallowArrayStub 
Due to Layout test redness.

TBR=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/256873007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21007 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-28 10:28:15 +00:00
bmeurer@chromium.org
88ca76bce1 Fix CurrentMapForDeprecated() to return MaybeHandle instead of a null handle. 
Also fix TryMigrateInstance() to return bool instead of the parameter or
a null handle.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/251683003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20996 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-28 05:47:43 +00:00
danno@chromium.org
198c4769f2 Unify and simplify the FastCloneShallowArrayStub 
- Don't bake in length/capacity into full codegen calls of stubs,
  allowing boilerplates to increase their capacity without regenerating
  code.
- Unify all variants of the clone stub into a single,
  length-independent version.
- Various tweaks to make sure that the clone stub doesn't spill and
  therefore need an eager stack frame.
- Handle all lengths of array literals in the fast case.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/257563004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20974 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-25 11:54:01 +00:00
verwaest@chromium.org
a55821eef2 Mark the simulate before EnterInlined with BailoutId::None(), and set ReturnId on EnterInlined. When merging simulates into the simulate before enter-inlined, adopt the last AST id that gets merged into it. 
BUG=v8:3282
LOG=n
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/257583004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20949 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-24 15:20:53 +00:00
svenpanne@chromium.org
b8d27f9d38 CodeStubs contain their corresponding Isolate* now. (part 2) 
This CL mechanically removes all useless Isolate* parameters from code
stub functions, making things quite a bit simpler.

BUG=359977
LOG=y
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/255543003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20940 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-24 12:07:40 +00:00
svenpanne@chromium.org
dd30db9021 CodeStubs contain their corresponding Isolate* now. (part 1) 
This is a purely mechanical change, adding an Isolate* to the CodeStub
constructor and a corresponding field plus a getter. A few methods in
CodeStub and its subclasses can be simplified now, but this is done in
a separate CL.

The underlying reason apart from simplicity is that deep down in the
call chain we need to detect if the serializer is active or not. This
information will be part of the Isolate, not a global variable with
funky synchronization primitives around it (which is fundamentally
wrong and the underlying cause for race conditions and a catch-22
during initialization).

BUG=359977
LOG=y
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/246643014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-24 06:25:42 +00:00
jarin@chromium.org
cd3b9b8950 Fix the Array.push simulate for non-effect context. 
R=danno@google.com, danno@chromium.org
BUG=

Review URL: https://codereview.chromium.org/246543007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-23 14:26:53 +00:00
danno@chromium.org
2aa8941ad4 Fix deoptimization problem with inlined Array.push() 
R=jarin@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/247573008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-23 13:20:28 +00:00
bmeurer@chromium.org
7e48108f3b Sort functions in polymorphic calls based on overall profiling ticks and inlined AST size. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/248953002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20897 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-23 07:07:54 +00:00
danno@chromium.org
b4fa81dbca Insert HSimulate immediately after Crankshaft-inlined push. 
R=jarin@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/247383002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20889 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-22 12:55:40 +00:00
bmeurer@chromium.org
376bff2411 Optimize numeric comparison with known successors. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/246133005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20880 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-22 10:49:28 +00:00
bmeurer@chromium.org
7ab274d4f5 Make sure to clear any previously collected field maps. 
TEST=http://www.chaostoperfection.com/
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/246963003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20874 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-22 08:34:44 +00:00
hpayer@chromium.org
540a4c3895 Initialize elements pointer in BuildCloneShallowArray when allocation folding is turned off for arrays with lenght larger than zero. 
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/240933003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20853 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-17 14:20:26 +00:00
hpayer@chromium.org
04a0223ab7 Initialize elements pointer in BuildCloneShallowArray when allocation folding is turned off. 
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/219173003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20843 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-17 11:58:48 +00:00
danno@chromium.org
59b3dc5812 Remove hand-written assembly ArrayPush stubs 
R=mstarzinger@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/233293005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20839 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-17 11:37:59 +00:00
rossberg@chromium.org
926ec656de Implement structural function and array types 
Just wanted to add two constructors to a datatype, how ugly can it get?

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=20809

Committed: https://code.google.com/p/v8/source/detail?r=20815

Review URL: https://codereview.chromium.org/228263005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20817 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-16 16:16:37 +00:00
rossberg@chromium.org
e3e81d85bb Revert "Implement structural function and array types" 
TBR=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/237963016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-16 15:59:39 +00:00
rossberg@chromium.org
6782d9cea3 Implement structural function and array types 
Just wanted to add two constructors to a datatype, how ugly can it get?

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=20809

Review URL: https://codereview.chromium.org/228263005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20815 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-16 15:42:22 +00:00
rossberg@chromium.org
a947aeb315 Revert "Implement structural function and array types" 
TBR=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/240143003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20810 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-16 13:57:25 +00:00
rossberg@chromium.org
7de4c1c63f Implement structural function and array types 
Just wanted to add two constructors to a datatype, how ugly can it get?

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/228263005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20809 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-16 13:44:26 +00:00
bmeurer@chromium.org
42c67d5fa2 Allow merging of monomorphic accesses to tracked fields. 
Also add stability dependency only on maps that can transition,
and delay adding the dependencies until we are actually using
them, either in a HLoadNamedField or an HCheckMaps.

TEST=mjsunit/field-type-tracking
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/239923004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20796 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-16 11:41:09 +00:00
bmeurer@chromium.org
63a477b29b Clear invalid field maps in PropertyAccessInfo. 
BUG=363956
TEST=mjsunit/regress/regress-363956
LOG=y
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/239623005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20788 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-16 09:48:32 +00:00
bmeurer@chromium.org
b5cec2b72f Handlify AddDependentCode(), AddDependentCompilationInfo() and AddDependentIC(). 
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/236193014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-15 10:14:50 +00:00
bmeurer@chromium.org
6b4d4b7287 Reland "Track field types.". 
This is an initial step towards tracking the exact types instead of just
the representations of fields. It adds support to track up to one map of
heap object field values, eliminating various map checks on values
loaded from such fields, at the cost of making stores to such fields
slightly more expensive.

Issues with transitioning stores and fast object literals in Crankshaft
fixed.

TEST=mjsunit/field-type-tracking
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/238773002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20746 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-15 07:36:47 +00:00
jarin@chromium.org
c1a3ab6b4f Revert "Track field types." 
Revert r20701.

TBR=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/236843002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-14 08:24:15 +00:00
bmeurer@chromium.org
9cf3909975 Track field types. 
This is an initial step towards tracking the exact types instead of just the representations of fields. It adds support to track up to one map of heap object field values, eliminating various map checks on values loaded from such fields, at the cost of making stores to such fields slightly more expensive.

TEST=mjsunit/field-type-tracking
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/167303005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20701 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-14 06:29:15 +00:00
verwaest@chromium.org
2848dfe00d Inline immutable property loads 
When a non-configurable, non-writable field is
read from a constant holder, the load is
eliminated and replaced with the direct value
of the field

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/232853002

Patch from Petka Antonov <p.antonov@partner.samsung.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20690 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-11 13:07:10 +00:00
jarin@chromium.org
166ec11e43 Avoid type assertion on object comparison in Hydrogen - the comparison is unreachable because of previous checks. 
BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/232053004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-11 06:45:24 +00:00
danno@chromium.org
2e9902b22a Partially fix semantics of Array.push() 
Semantics of elements accessors are now preserved in all optimized code paths
through Array.push(). Previously it was possible to have inconsistent behavior
between optimized and unoptimized code, and there were cases where element
accessors were completely ingored.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/232873002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-10 13:17:48 +00:00
dcarney@chromium.org
956d4f3ca0 Revert "Populate receiver types when there is no type feedback" 
This reverts r20646.

TBR=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/232903002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20648 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-10 11:01:09 +00:00
verwaest@chromium.org
453d6fc285 Populate receiver types when there is no type feedback 
When there is no type feedback yet, ComputeReceiverTypes
should still populate the SmallMapList when the receiver
is a HConstant.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/230363003

Patch from Petka Antonov <p.antonov@partner.samsung.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-10 09:49:53 +00:00
jarin@chromium.org
57d70c149c Avoid hydrogen compare-objects-equal assertions in dead code 
ClusterFuzz test is triggering assertions for dead code. This fix issues
HDeoptimize instruction when it finds out that the compare instruction
is dead (because of previous checks).

R=yangguo@chromium.org
BUG=359491
LOG=N

Review URL: https://codereview.chromium.org/228883005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20620 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-09 13:08:28 +00:00
jarin@chromium.org
05670b63bf Add stack overflow check for inlined property getter 
We should check for overflow for each inlined property getter;
otherwise, we can get an overflow from inlining property getter while
still having pending overflow exception from some previous inlined
getter (in the same polymorphic access).

R=verwaest@chromium.org
TEST=test/mjsunit/regress/regress-inline-getter-near-stack-limit.js

Review URL: https://codereview.chromium.org/220813003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20588 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-09 07:35:12 +00:00
yangguo@chromium.org
ed9f1af2fc Implement handlified String::Flatten. 
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/228093004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20572 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-08 09:49:49 +00:00
yangguo@chromium.org
dd7bb01688 Return MaybeHandle from SetProperty. 
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/225283005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-04 12:06:11 +00:00
jkummerow@chromium.org
511edabed2 Fix HGraphBuilder::BuildAddStringLengths 
length == String::kMaxLength is fine and should not bail out.

BUG=chromium:357052
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/222113002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20433 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-02 12:24:42 +00:00
dcarney@chromium.org
8f0d170c37 always lookup api holder from receiver 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/219723002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20392 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-01 11:21:20 +00:00
dslomov@chromium.org
bd353dc3a0 Inline internal getters for typed arrays & friends. 
R=hpayer@chromium.org, yangguo@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=20330

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-28 15:25:24 +00:00
dslomov@chromium.org
c873e813c5 Revert "Inline internal getters for typed arrays & friends." 
This reverts commit r20330 for breaking arm64 nosnap tests.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/216993002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-28 13:33:50 +00:00
dslomov@chromium.org
6d91c1e77f Inline internal getters for typed arrays & friends. 
R=hpayer@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/212603014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20330 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-28 12:02:52 +00:00
dslomov@chromium.org
0d1b90f8aa Fix deopts causing uninitialized fixed typed arrays. 
The deopt will not happen in production code, since we check that
lengths of fixed typed arrays are smis before calling
TypedArrayInitialze, but that makes deopt bot happy.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/212643016

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20324 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-28 08:59:46 +00:00
yangguo@chromium.org
e8d5e6377e Revert "Clean up runtime functions for Maths." 
This reverts r20307.

TBR=jarin@chromium.org

Review URL: https://codereview.chromium.org/214593005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-27 16:30:03 +00:00
yangguo@chromium.org
1110f4fcbb Clean up runtime functions for Maths. 
R=dslomov@google.com, dslomov@chromium.org

Review URL: https://codereview.chromium.org/212763008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-27 14:45:56 +00:00
yangguo@chromium.org
9be61ddb8a Hide some runtime functions. 
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/212163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20285 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-26 15:51:48 +00:00
dslomov@chromium.org
76b8f25edb This implements allocating small typed arrays in heap. 
R=mvstanton@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/150813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20279 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-26 12:50:13 +00:00
hpayer@chromium.org
b90beee7f5 Always initialize elements pointer in fast literals. 
BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/211103003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20262 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-26 08:01:20 +00:00
dslomov@chromium.org
f66af4feb4 Refactor optimized in hydrogen only runtime functions. 
This splits all runtime function into 3 categories:
1) RUNTIME: implemented in runtime and called from both full and optimized code.
2) RUNTIME_HIDDEN: implemented in runtime, never called directly from JS builtins.
3) INLINE: inlined in both full and optimized code
4) INLINE_OPTIMIZED: inlined in optimized code, implemented in runtime for full code.

R=yangguo@chromium.org, yannguo@chromium.org

Review URL: https://codereview.chromium.org/209353006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20252 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 14:26:55 +00:00
dslomov@chromium.org
cdc9812756 Revert "This implements allocating small typed arrays in heap." 
This reverts commit r20244 for breaking Win64 build and webkit tests.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/208503007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20250 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 14:12:58 +00:00
dslomov@chromium.org
654b6a27d1 This implements allocating small typed arrays in heap. 
R=mvstanton@chromium.org, verwaest@chromium.org

Committed: https://code.google.com/p/v8/source/detail?r=20240

Review URL: https://codereview.chromium.org/150813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20244 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 13:21:58 +00:00
dslomov@chromium.org
727bc2153e Revert "This implements allocating small typed arrays in heap." 
This reverts commit r20240 for breaking Windows build.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/211003003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20242 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 12:58:22 +00:00
dslomov@chromium.org
322a474bf2 This implements allocating small typed arrays in heap. 
R=mvstanton@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/150813004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20240 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 12:51:49 +00:00
titzer@chromium.org
3c31102025 First implementation of store elimination. 
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/100253004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20224 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 09:06:16 +00:00
dslomov@chromium.org
5fd9ddbcbb Use HType::Tagged when allocating elements. 
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/201573010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20199 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-24 14:41:01 +00:00
yangguo@chromium.org
15951521cc Refactor inlined typed array runtime functions. 
R=dslomov@chromium.org

Review URL: https://codereview.chromium.org/203443002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20177 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-24 08:22:24 +00:00
ulan@chromium.org
fc2563f108 Visit return statement of inlined function in value context. 
BUG=354357
LOG=N
TEST=mjsunit/regress/regress-354357.js
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/206413005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20158 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-21 12:14:44 +00:00
jochen@chromium.org
2ce0bebba1 Rename A64 port to ARM64 port 
BUG=354405
R=ulan@chromium.org, rodolph.perfetta@arm.com
LOG=y

Review URL: https://codereview.chromium.org/207823003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20148 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-21 09:28:26 +00:00
jkummerow@chromium.org
2b722b663e Fix polymorphic hydrogen handling of SLOPPY_ARGUMENTS_ELEMENTS 
BUG=chromium:354391
LOG=y
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/206073008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20137 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-20 16:25:24 +00:00
yangguo@chromium.org
00170e434b Use HBoundsCheck to check string length. 
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/206183003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20120 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-20 12:34:44 +00:00
yangguo@chromium.org
238f12e618 Make max size and max length of strings consistent. 
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/196133030

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20099 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-20 08:33:06 +00:00
mvstanton@chromium.org
535f3427ca Pretenure call new support. 
When FLAG_pretenure_call_new is on, we emit mementos on new object creation
in full code, and consume the feedback in crankshaft. A key difference in the
generated code for stubs is the allocation of an additional type vector slot for the
CallNew AST node, which simplifies the CallConstructStub and CallFunctionStub
considerably.

Some performance tuning still needs to be addressed, therefore the flag is off at
this moment, though fully functional. The goal is to remove the flag as soon as
possible, which allows much code deletion (yay).

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/132963012

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20076 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-19 13:39:09 +00:00
rossberg@chromium.org
9b28aed3f6 Introduce representation types 
Also:
- improve type pretty-printing,
- update doc comments,
- some renamings for consistency.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/176843006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-18 11:50:18 +00:00
mvstanton@chromium.org
3daaba09b6 Pretenure code generation corner case with new space COW arrays. 
When advised to pretenure in crankshaft, and the boilerplate is a cow
array, move the elements to old space if it's not already there to avoid
overflowing the store buffer.

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/197473004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-17 13:42:37 +00:00
mvstanton@chromium.org
e3f3f6d98b Revert "Continued fix for 351257. Reusing the feedback vector is too complex." 
This reverts commit r19919.

TBR=bmeuer@chromium.org

Review URL: https://codereview.chromium.org/196343021

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-17 08:31:21 +00:00
mvstanton@chromium.org
dd28969c1c Continued fix for 351257. Reusing the feedback vector is too complex. 
Attempting to re-use the type feedback vector stored in the
SharedFunctionInfo turns out to be difficult among the various cases.
It will be much easier to do this when deferred type feedback processing
is removed, as is in the works.

Created bug v8:3212 to track re-introducing the optimization of reusing
the type vector on recompile before optimization.

The CL also brings back the type vector on the SharedFunctionInfo.

BUG=351257
LOG=Y
R=bmeurer@chromium.org, bmeuer@chromium.org

Review URL: https://codereview.chromium.org/199973004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-14 09:28:37 +00:00
hpayer@chromium.org
7b810f4593 Revert "Moved type feedback vector to SharedFunctionInfo." 
This reverts commit 828f1d563a3f0972135886888fd26526e04da07f.

Conflicts:
	src/compiler.cc
	test/cctest/test-compiler.cc

BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/196283015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-13 17:47:12 +00:00
ulan@chromium.org
c64b78f6da Check that constant is an integer before getting its value in HGraphBuilder::MatchRotateRight. 
BUG=351263
LOG=N
TEST=mjsunit/regress/regress-351263
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/197803005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19890 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-13 11:50:50 +00:00
svenpanne@chromium.org
390d3a0b15 Make translation of modulus operation '--stress-opt'-proof. 
Note that we unconditionally deopt later, anyway, but our compilation
pipeline has to survive long enough to reach that place. :-/

LOG=y
BUG=352059
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/198833002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19884 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-13 09:37:16 +00:00
rossberg@chromium.org
8e3f3cee9e Eliminate extended mode, and other modes clean-up 
- Merge LanguageMode and StrictModeFlag enums
- Make harmony-scoping depend only on strict mode
- Free some bits on the way
- Plus additional clean-up and renaming

R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/181543002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 14:41:22 +00:00
rossberg@chromium.org
3f702d4bf9 Mode clean-up pt 1: rename classic/non-strict mode to sloppy mode 
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/177683002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-11 14:39:08 +00:00
yangguo@chromium.org
78d23e5662 Implement KnownSuccessor method to some control instructions. 
R=jkummerow@chromium.org
BUG=v8:3118
LOG=N

Review URL: https://codereview.chromium.org/174863002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19759 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-10 14:50:01 +00:00
bmeurer@chromium.org
48fea83dad Merge the "Compute Minus Zero Checks" phase into the range analysis. 
It is not safe to access the range for an SSA value
after range analysis.

BUG=v8:3204
LOG=y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/192673002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19751 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-10 11:49:29 +00:00
yangguo@chromium.org
4f15fd2977 Reland "Introduce intrinsics for double values in Javascript." 
This relands r19704 with a fix to the test case.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/189823003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19723 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 14:58:41 +00:00
mvstanton@chromium.org
1812f63fd2 Moved type feedback vector to SharedFunctionInfo. 
Type Vector followup: the type vector currently lives off the code object. This CL moves it to the SharedFunctionInfo, facilitating re-use and continued use in crankshafted code if desired.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/178463007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 10:12:17 +00:00
yangguo@chromium.org
143902bebf Revert "Introduce intrinsics for double values in Javascript." 
This reverts r19704.

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/189533008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 09:49:28 +00:00
verwaest@chromium.org
8a3d715250 Revert "Use Representation::Integer32() for smi types on 32-bit-tagged systems." 
Due to performance regression.

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/189843006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 09:29:07 +00:00
yangguo@chromium.org
2aefde4443 Introduce intrinsics for double values in Javascript. 
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/178583006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19704 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 09:05:10 +00:00
yangguo@chromium.org
8472e0f02b Remove duplicates in runtime macros. 
Each item in INLINE_RUNTIME_FUNCTION_LIST had to have a duplicate
entry in RUNTIME_FUNCTION_LIST in order to match the comment.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/177313005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19703 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-07 08:49:02 +00:00
verwaest@chromium.org
7bf33c53eb Use Representation::Integer32() for smi types on 32-bit-tagged systems. 
BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/187353005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19684 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-06 09:49:10 +00:00
jarin@chromium.org
7ac668f753 Deoptimization fix for HPushArgument. 
HPushArgument should never be used in a simulation environment
because the slot addresses for the arguments can be off (e.g.,
due to on-stack arguments object of an inlined caller).

R=mstarzinger@chromium.org
BUG=v8:3183
LOG=N

Review URL: https://codereview.chromium.org/178193026

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19675 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-05 12:45:46 +00:00
mvstanton@chromium.org
df988c7f6b The Array function must be looked up in the native context. 
Platforms x64, a64, arm and mips had the bug that the array function was looked
up in the global context instead of the native context. Fix this, restoring a
weakened assert in hydrogen along the way (by the fix for crbug 347528, which
helped find this case).

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/184383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-28 10:39:36 +00:00
dcarney@chromium.org
98d1cedac4 Get array_function from NativeContext 
R=mvstanton@chromium.org
LOG=N
BUG=347528

Review URL: https://codereview.chromium.org/184173003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-28 10:01:27 +00:00
bmeurer@chromium.org
5945f9ebb9 Fix handling of constant global variable assignments. 
BUG=347904
LOG=y
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/184303003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-28 09:40:12 +00:00
verwaest@chromium.org
d5caecccc5 Revert "Use stability to only conditionally flush information from the CheckMaps table." 
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/180023002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19548 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-25 16:11:58 +00:00
ishell@chromium.org
6c1659becf Fix for a smi stores optimization on x64 with a regression test. 
BUG=345715
LOG=N
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/178833002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19535 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-25 09:55:02 +00:00
yangguo@chromium.org
139134acc2 Harmony: optimize Math.clz32. 
R=svenpanne@chromium.org
BUG=v8:2938
LOG=N

Review URL: https://codereview.chromium.org/172133003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19487 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-19 13:51:49 +00:00
verwaest@chromium.org
60c08a8bf2 Directly store the transition target on LookupResult in TransitionResult. 
BUG=chromium:343964
LOG=N
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/170343003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19440 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-18 12:19:32 +00:00
bmeurer@chromium.org
eaab533fd8 Cleanup the double field tracking in Hydrogen. 
Use a dedicated BuildLoadNamedField() with PropertyAccessInfo,
similar to BuildStoreNamedField() for optimized graph building,
and a dedicated BuildLoadNamedField() for the code stubs, and
don't depend on FLAG_track_double_fields during code generation.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/168583006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19411 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-17 13:23:04 +00:00
jarin@chromium.org
4c7ed144e1 Comparison in effect context lazy deopt fix. 
R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/163623002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19396 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-16 05:51:10 +00:00
ulan@chromium.org
6744ff61ae Fix dictionary element load to pass correct elements kind. 
Using FAST_SMI_ELEMENTS triggers optimization on 64-bit architectures that load
only the higher 32 bits of the element. If the element is a pointer to undefined
that has 0 in the higher half than it is erroneously treated as SMI 0.

BUG=v8:3158
LOG=N
TEST=mjsunit/sparse-array-reverse,mjsunit/regress/regress-3158.js
R=danno@chromium.org, ishell@chromium.org

Review URL: https://codereview.chromium.org/166653005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19387 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 15:52:24 +00:00
dcarney@chromium.org
0c844cc590 api accessor store ics should return passed value 
R=verwaest@chromium.org

BUG=

Review URL: https://codereview.chromium.org/166653003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19380 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 14:13:06 +00:00
jarin@chromium.org
8acefb33fe Test and fix for polymorphic named call deoptimization. 
The fix removes wrong simulates from the number branch of polymorphic
call/field access handling.

The change also fixes the same thing for polymorphic named field
access even thourgh the field access is probably safe in practice
(because it cannot deoptimize). It is better to keep all our simulates
in sync with full codegen.

R=jkummerow@chromium.org
BUG=

Review URL: https://codereview.chromium.org/166503002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19375 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-14 12:02:39 +00:00
verwaest@chromium.org
e0960e19aa Fix polymorphic inlining of accessors in a test-context. 
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/164003002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19363 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-13 16:55:38 +00:00
vegorov@chromium.org
8f170a66e7 Improve positions tracking inside the HGraphBuilder. 
Instead of tracking simple absolute offset from the start of the script like other places do, track a pair of (inlining id, offset from the start of inlined function).

This enables us to pinpoint with inlining path an instruction came from. Previously in multi-script environments we emitted positions that made very little sense because inside a single optimized function they would point to different scripts without a way to distinguish them.

Start dumping the source of every inlined function to make possible IR viewing tools with integrated source views as there was previously no way to acquire this information from IR dumps. We also dump source position at which each inlining occured.

Tracked positions are written into hydrogen.cfg as pos:<inlining-id>_<offset>.

Flag --emit-opt-code-positions is renamed by this change into --hydrogen-track-positions to better convey it's meaning.

In addition this change assigned global unique identifier to each optimization performed inside isolate. This allows to precisely match compilation artifacts (e.g. IR and disassembly) and deoptimizations.

BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/140683011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19360 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-13 16:09:28 +00:00