AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
yangguo@chromium.org	aee76a059a	Remove calls to non-handlified version of GetProperty(name). R=ishell@chromium.org Review URL: https://codereview.chromium.org/229973004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20611 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-09 12:21:47 +00:00
palfia@homejinni.com	a0355e3745	Fix build with gcc 4.8 on Linux. This fixes a build failure on Linux with gcc 4.8, after r20581. BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/229683003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20608 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-09 11:01:58 +00:00
adamk@chromium.org	902ad4a17a	Use OrderedHashTables as the backing store of JSSet and JSMap This also deletes ObjectHashSet as it's no longer used. BUG=v8:1793 LOG=N R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/225183009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 20:06:35 +00:00
hpayer@chromium.org	930ca1b52a	Synchronize store buffer processing and concurrent sweeping. BUG= R=jarin@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/227533006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20582 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 16:31:57 +00:00
ishell@chromium.org	df4ee49348	Further ElementsAccessor handlification (Get(), AddElementsToFixedArray() and HasElement()). R=verwaest@chromium.org, yangguo@chromium.org Review URL: https://codereview.chromium.org/227713003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20581 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 14:20:29 +00:00
ulan@chromium.org	226c1d25f3	Handlify CompilationCache. BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/224733022 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20578 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 12:33:08 +00:00
rmcilroy@chromium.org	21155c1581	Ensure that we don't mark weak heap references in the constant pool array. Some heap pointer's embedded in optimized code are considered weak. Ensure that we don't mark them during GC of the ConstantPoolArray. Also, embed length metadata in a bitfield, reducing the ConstantPoolArray header size from five words to two. R=ulan@chromium.org Review URL: https://codereview.chromium.org/209473006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20573 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 10:00:57 +00:00
yangguo@chromium.org	ed9f1af2fc	Implement handlified String::Flatten. R=ulan@chromium.org Review URL: https://codereview.chromium.org/228093004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20572 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 09:49:49 +00:00
yangguo@chromium.org	9ed8c39cac	Return MaybeHandle from SetElement and DeleteElement. R=ishell@chromium.org Review URL: https://codereview.chromium.org/227573002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20560 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 07:04:13 +00:00
svenpanne@chromium.org	c0301105d8	Revert "Handlify deoptimization data allocators." This reverts r20552, it breaks with snapshot=off. TBR=mstarzinger@chromium.org BUG=cctest/test-lockers/ExtensionsRegistration LOG=n Review URL: https://codereview.chromium.org/228103002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-08 06:15:20 +00:00
mstarzinger@chromium.org	2e98bda0c0	Handlify deoptimization data allocators. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/227603004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20552 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-07 14:27:48 +00:00
ishell@chromium.org	c9b0492bf5	Callers of ElementsAccessor::Validate() handlified. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/226153002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20532 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-07 10:00:14 +00:00
ishell@chromium.org	7a3703db64	ElementsAccessor::GetAccessorPair() handlified. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/225683003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20530 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-07 09:20:44 +00:00
adamk@chromium.org	8e9eebeba1	OrderedHashTable implementation with Set and Map interfaces OrderedHashTable is an insertion-ordered HashTable based on Jason Orendorff's writeup of a data structure attributed to Tyler Close: https://wiki.mozilla.org/User:Jorend/Deterministic_hash_tables It is intended as the new backing store for JSSet/JSMap, as ES6 requires insertion-order-based iteration. Note, however, that in the interest of keeping the initial check-in small this patch does not yet include any iteration support. This change also doesn't yet touch any existing behavior, but in a branch I've verified that these structures pass the existing JSSet/JSMap mjsunit tests. BUG=v8:1793 LOG=N R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/220293002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 20:41:57 +00:00
mvstanton@chromium.org	9e5757abee	Revert "Reland of https://codereview.chromium.org/172523002/" This reverts commit r20516 due to a Sunspider performance issue. R=ishell@chromium.org Review URL: https://codereview.chromium.org/226233002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 16:18:59 +00:00
jkummerow@chromium.org	1c31f5d99a	Revert "Compare external pixel data length against Smi::kMaxValue" This reverts r20519. Reason: wrong fix. TBR=rossberg@chromium.org Review URL: https://codereview.chromium.org/226063003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20520 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 16:05:29 +00:00
jkummerow@chromium.org	cd81065745	Compare external pixel data length against Smi::kMaxValue BUG=chromium:359802 LOG=n R=rossberg@chromium.org Review URL: https://codereview.chromium.org/226133002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 15:25:37 +00:00
mvstanton@chromium.org	f9a8425cd2	Reland of https://codereview.chromium.org/172523002/ Fixed 1) Missing line in x64 port. 2) GcStress found a logic error in the IC miss handler. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/224903005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20516 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 13:57:53 +00:00
ishell@chromium.org	dd891816d4	Callers of ElementsAccessor::AddElementsToFixedArray(), ElementsAccessor::HasElement() and ElementsAccessor::GetKeyForIndex() handlified. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/225623004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 13:05:37 +00:00
yangguo@chromium.org	b0def354bc	Return MaybeHandle from GetProperty. R=ishell@chromium.org Review URL: https://codereview.chromium.org/225673003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20510 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 12:25:45 +00:00
yangguo@chromium.org	dd7bb01688	Return MaybeHandle from SetProperty. R=ishell@chromium.org Review URL: https://codereview.chromium.org/225283005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 12:06:11 +00:00
hpayer@chromium.org	8072cd2935	Don't overwrite transition array map while iterating over the transition tree. Instread of using the transition array map to store the iteration index, we are using the constructor field of the map. Moreover, I removed the unchecked transition array accessors. BUG= R=mstarzinger@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/223533002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20503 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 09:25:36 +00:00
bmeurer@chromium.org	e26ff6c45f	Get rid of the TRANSITION PropertyType and consistently use CanHoldValue(). R=verwaest@chromium.org Review URL: https://codereview.chromium.org/223193005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20494 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-04 04:49:07 +00:00
mvstanton@chromium.org	5c0d85163c	Revert r20474 This reverts commit r20474 due to an x64 release issue. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/223823002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20478 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-03 12:27:24 +00:00
mvstanton@chromium.org	c21cf2d334	Function calls are handled with a LoadIC and a FunctionCallStub. This works well, but we can create a platform to gather custom feedback by inventing a CallIC. CallIC takes a JSFunction as input, maintains UNINIT/MONO/MEGA state in a feedback slot, and engages in limited patching for the most efficient code. The change creates a degrade in NBody tests, but a follow-on CL addresses it by using this custom feedback platform to give a 45% improvement. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/172523002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-03 11:41:03 +00:00
yangguo@chromium.org	dc20bb49b0	Introduce MaybeHandle to police exception checking in handlified code. R=ishell@chromium.org Review URL: https://codereview.chromium.org/222163002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20457 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-03 05:57:43 +00:00
mstarzinger@chromium.org	0f52462e10	Remove dead Object::GetPropertyOrFail. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/215973004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20445 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-02 16:36:16 +00:00
verwaest@chromium.org	ca6b727665	Replace CopyMap(constructor->initial_map()) by Map::Create(constructor) BUG= R=ulan@chromium.org Review URL: https://codereview.chromium.org/218633014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20437 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-02 13:30:36 +00:00
ulan@chromium.org	65bae6c652	Lazily initialize the target map list in IC. This makes sure that we keep the target map list alive in the handle scope during IC computation. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/220923003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20426 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-02 07:59:54 +00:00
yangguo@chromium.org	10abff3498	Remove internalized cons string types. Currently, internalizing a cons string could result in either an in-place converted internalized cons string or a newly created internalized sequential string, depending on allocation success. The former could end up being embedded into an IC, which is not supported. R=mstarzinger@chromium.org BUG=357103 LOG=N Review URL: https://codereview.chromium.org/218993011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20394 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-01 11:30:31 +00:00
svenpanne@chromium.org	4da732e321	Fixed power-of-2 predicates, excluding 0. R=dslomov@chromium.org Review URL: https://codereview.chromium.org/219213003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20383 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-01 09:20:28 +00:00
yangguo@chromium.org	4a5bccfc61	Tighten object verification. Often, when we call MaybeObject::Verify, what we want is Object::ObjectVerify. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/218993005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20382 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-04-01 08:57:48 +00:00
verwaest@chromium.org	47e660a2e1	Replace set_map_and_elements by MigrateToMap-based SetMapAndElements BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/218753005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20364 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-31 15:30:13 +00:00
hpayer@chromium.org	702ba5a0e9	Make sure when we shrink an object that we store a filler first into the free memory before updating the map or size. BUG= R=jarin@chromium.org Review URL: https://codereview.chromium.org/219103002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20361 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-31 14:29:01 +00:00
verwaest@chromium.org	019e27d8db	Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account."" BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/218663005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-31 14:21:04 +00:00
alexandre.rames@arm.com	989683d479	ARM64: Optimize AllocateHeapNumber to use STP. R=jochen@chromium.org Review URL: https://codereview.chromium.org/216933003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20356 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-31 14:06:42 +00:00
jochen@chromium.org	163044e7ba	Revert 20348 - "Fix LoadFieldByIndex to take mutable heap-numbers into account." Reason for revert: crashes benchmarks/sunspider/string-fasta on ia32.debug This also reverts r20350 and r20352 > Fix LoadFieldByIndex to take mutable heap-numbers into account. > > BUG= > R=ishell@chromium.org > > Review URL: https://codereview.chromium.org/213213002 BUG=none LOG=n TBR=verwaest@chromium.org Revert "Use sarq on x64" This reverts commit e2a8ef9321345c6bc091054443bf2b9535ff6b1c. Revert "Don't \| int and bool" This reverts commit c90d713d3a8ceba4fec41933a63beb6e50a3d7c0. Review URL: https://codereview.chromium.org/219393002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-31 13:23:32 +00:00
verwaest@chromium.org	55a6318560	Fix LoadFieldByIndex to take mutable heap-numbers into account. BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/213213002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-31 11:59:29 +00:00
bmeurer@chromium.org	49961d11a6	Handlify DescriptorArray::Merge(). R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/169363002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20339 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-31 07:48:13 +00:00
hpayer@chromium.org	a2212066da	Move FillWithHoles FixedArray and FixedDoubleArray functions to the given classes. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/216873004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20333 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-28 13:05:23 +00:00
yangguo@chromium.org	1037a883de	Clean up some "GetProperty" methods/functions. Runtime::GetObjectProperty: - handled string.charAt, element access and property access - now handlified GetProperty in handles.cc: - called to Runtime::GetObjectProperty - now removed Object::GetProperty (handlified version): - handled element access and property access - now changed to only do property access New: Object::GetPropertyOrElement: - handles element access and property access R=ishell@chromium.org Review URL: https://codereview.chromium.org/210953005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20327 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-28 09:49:27 +00:00
ishell@chromium.org	a887597e20	ElementsAccessor::CopyElements() and its callers handlified. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/212573007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-27 16:41:09 +00:00
ulan@chromium.org	a7d1b658fc	Reland r19897 "Fix memory leak caused by treating Code::next_code_link as strong in marker. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/212553003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20282 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-26 15:14:51 +00:00
dslomov@chromium.org	76b8f25edb	This implements allocating small typed arrays in heap. R=mvstanton@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/150813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20279 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-26 12:50:13 +00:00
ishell@chromium.org	f306341b46	TransitionElementsKind() and its recursive call chain handlified. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/207553005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20253 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-25 15:33:22 +00:00
dslomov@chromium.org	cdc9812756	Revert "This implements allocating small typed arrays in heap." This reverts commit r20244 for breaking Win64 build and webkit tests. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/208503007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20250 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-25 14:12:58 +00:00
dslomov@chromium.org	654b6a27d1	This implements allocating small typed arrays in heap. R=mvstanton@chromium.org, verwaest@chromium.org Committed: https://code.google.com/p/v8/source/detail?r=20240 Review URL: https://codereview.chromium.org/150813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20244 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-25 13:21:58 +00:00
dslomov@chromium.org	727bc2153e	Revert "This implements allocating small typed arrays in heap." This reverts commit r20240 for breaking Windows build. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/211003003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20242 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-25 12:58:22 +00:00
dslomov@chromium.org	322a474bf2	This implements allocating small typed arrays in heap. R=mvstanton@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/150813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20240 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-25 12:51:49 +00:00
yangguo@chromium.org	4ca46f3c3f	Handlify GetElementWithReceiver and GetElementWithInterceptor. R=ishell@chromium.org Review URL: https://codereview.chromium.org/210763003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20230 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-25 10:15:12 +00:00
ishell@chromium.org	0d7bdc0fd6	Callers of ElementsAccessor::SetCapacityAndLength() handlified. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/210063004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20229 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-25 09:51:13 +00:00
yangguo@chromium.org	8b8fb30e7f	Reland "Remove Failure::OutOfMemory propagation and V8::IgnoreOutOfMemoryException." R=dcarney@chromium.org Review URL: https://codereview.chromium.org/209903003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20184 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-24 10:07:15 +00:00
yangguo@chromium.org	03866841aa	Revert "Remove Failure::OutOfMemory propagation and V8::IgnoreOutOfMemoryException." This reverts r20179. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/201573007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20183 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-24 09:17:18 +00:00
yangguo@chromium.org	62f65d8697	Remove Failure::OutOfMemory propagation and V8::IgnoreOutOfMemoryException. R=dcarney@chromium.org BUG=v8:3060 LOG=Y Review URL: https://codereview.chromium.org/208263002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20179 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-24 08:47:45 +00:00
ishell@chromium.org	deca3f3677	JSObject::EnsureCanContainElements() handlified. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/198053013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20166 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-21 14:29:27 +00:00
ishell@chromium.org	90b1077e31	Reland of r20146 "JSObject::NormalizeElements() handlified." R=verwaest@chromium.org Review URL: https://codereview.chromium.org/208003002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20161 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-21 12:23:39 +00:00
ishell@chromium.org	309bf937a0	Revert "JSObject::NormalizeElements() handlified." This reverts commit r20146 which broke V8 GC Stress, Mjsunit tests. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/207963002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20154 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-21 10:42:19 +00:00
jochen@chromium.org	2ce0bebba1	Rename A64 port to ARM64 port BUG=354405 R=ulan@chromium.org, rodolph.perfetta@arm.com LOG=y Review URL: https://codereview.chromium.org/207823003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20148 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-21 09:28:26 +00:00
ishell@chromium.org	bd2f81397c	JSObject::NormalizeElements() handlified. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/206343002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20146 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-21 08:44:40 +00:00
ishell@chromium.org	e9a315c978	JSArray::SetContent() handlified. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/206223003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20145 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-21 08:30:42 +00:00
yangguo@chromium.org	77a28b731d	Handlify callers to GetElementNoException. R=ishell@chromium.org Review URL: https://codereview.chromium.org/204693002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20117 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-20 12:22:13 +00:00
yangguo@chromium.org	238f12e618	Make max size and max length of strings consistent. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/196133030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20099 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-20 08:33:06 +00:00
ishell@chromium.org	158269c132	ElementsAccessor::SetLength() handlified. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/204603003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20090 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-19 16:29:19 +00:00
ishell@chromium.org	368a2e78c0	Handlification of JSArray::SetElementsLength(). R=verwaest@chromium.org, yangguo@chromium.org Review URL: https://codereview.chromium.org/203333004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20080 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-19 14:09:50 +00:00
rmcilroy@chromium.org	0acbcf9876	Reland "Add out-of-line constant pool support to Arm." This CL adds out-of-line constant pool support to Arm. A ConstantPoolBuilder object is introduced to manage building of the ConstantPoolArray for a given code object. This CL depends on the following CLs landing first: https://codereview.chromium.org/138503002/ https://codereview.chromium.org/179813005/ https://codereview.chromium.org/183553003/ https://codereview.chromium.org/183803022/ https://codereview.chromium.org/183883011/ https://codereview.chromium.org/186733006/ https://codereview.chromium.org/188063002/ https://codereview.chromium.org/190793002/ https://codereview.chromium.org/190823002/ https://codereview.chromium.org/190833002/ https://codereview.chromium.org/190883002/ R=ulan@chromium.org Review URL: https://codereview.chromium.org/204323004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20053 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-19 10:32:12 +00:00
yangguo@chromium.org	bd2397c90c	Revert "Add out-of-line constant pool support to Arm." This reverts commit r20051. TBR=rmcilroy@chromium.org Review URL: https://codereview.chromium.org/204403002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20052 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-19 09:53:58 +00:00
rmcilroy@chromium.org	9415863c97	Add out-of-line constant pool support to Arm. This CL adds out-of-line constant pool support to Arm. A ConstantPoolBuilder object is introduced to manage building of the ConstantPoolArray for a given code object. This CL depends on the following CLs landing first: https://codereview.chromium.org/138503002/ https://codereview.chromium.org/179813005/ https://codereview.chromium.org/183553003/ https://codereview.chromium.org/183803022/ https://codereview.chromium.org/183883011/ https://codereview.chromium.org/186733006/ https://codereview.chromium.org/188063002/ https://codereview.chromium.org/190793002/ https://codereview.chromium.org/190823002/ https://codereview.chromium.org/190833002/ https://codereview.chromium.org/190883002/ R=ulan@chromium.org Review URL: https://codereview.chromium.org/191233003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20051 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-19 09:38:20 +00:00
ulan@chromium.org	18104111f4	Refactor GetCodeCopyFromTemplate to get a single point where objects are replaced in code. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/197283017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20035 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-18 14:15:09 +00:00
yangguo@chromium.org	c76a97159f	Handlify callers of Object::GetElement. R=ishell@chromium.org Review URL: https://codereview.chromium.org/200363002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20028 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-18 12:34:02 +00:00
ishell@chromium.org	acf695e37a	Handlification of ArrayConstructorCommon(). R=yangguo@chromium.org Review URL: https://codereview.chromium.org/201303009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-18 11:38:27 +00:00
ishell@chromium.org	9a340d1fff	Handlification of ArrayConstructorCommon(). R=yangguo@chromium.org Review URL: https://codereview.chromium.org/200213003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-17 15:01:45 +00:00
mvstanton@chromium.org	6a4a934d8d	Utility functions for pretenure call new. These functions aren't yet called in the tree but will be in the next days. AssertUndefinedOrAllocationSite is to be used in several places where AllocationSite feedback is optional. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/197643008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19998 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-17 13:55:22 +00:00
mvstanton@chromium.org	e3f3f6d98b	Revert "Continued fix for 351257. Reusing the feedback vector is too complex." This reverts commit r19919. TBR=bmeuer@chromium.org Review URL: https://codereview.chromium.org/196343021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-17 08:31:21 +00:00
mvstanton@chromium.org	dd28969c1c	Continued fix for 351257. Reusing the feedback vector is too complex. Attempting to re-use the type feedback vector stored in the SharedFunctionInfo turns out to be difficult among the various cases. It will be much easier to do this when deferred type feedback processing is removed, as is in the works. Created bug v8:3212 to track re-introducing the optimization of reusing the type vector on recompile before optimization. The CL also brings back the type vector on the SharedFunctionInfo. BUG=351257 LOG=Y R=bmeurer@chromium.org, bmeuer@chromium.org Review URL: https://codereview.chromium.org/199973004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19919 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-14 09:28:37 +00:00
hpayer@chromium.org	7b810f4593	Revert "Moved type feedback vector to SharedFunctionInfo." This reverts commit 828f1d563a3f0972135886888fd26526e04da07f. Conflicts: src/compiler.cc test/cctest/test-compiler.cc BUG= R=titzer@chromium.org Review URL: https://codereview.chromium.org/196283015 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 17:47:12 +00:00
ulan@chromium.org	81a5cfb0e0	Revert r19897, r19898 for breaking mac-64 debug. TBR=dslomov@chromium.org Review URL: https://codereview.chromium.org/199203002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19901 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 15:10:35 +00:00
ulan@chromium.org	2f26700885	Fix memory leak caused by treating Code::next_code_link as strong in marker. BUG= TEST=test/cctest/NextCodeLinkIsWeak R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/181833004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19897 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 14:09:18 +00:00
ulan@chromium.org	66c8130b8a	Simplify GetEnumPropertyKeys and avoid trimming fixed arrays in large object space. BUG=352070 LOG=N R=verwaest@chromium.org Review URL: https://codereview.chromium.org/198943002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19894 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 12:45:12 +00:00
yangguo@chromium.org	6f6356a248	Handlify PropertyAttribute lookups. R=ishell@chromium.org Review URL: https://codereview.chromium.org/197813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19891 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-13 11:55:31 +00:00
mvstanton@chromium.org	f8648911af	FastNewClosureStub failed to load the cached literals array. Also, less efficient code was generated because of negative keyed load offsets. I changed this to benefit from HLoadKeyed dehoisting. BUG=v8:3185 LOG=N R=yangguo@chromium.org Review URL: https://codereview.chromium.org/184103004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19846 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-12 13:29:42 +00:00
verwaest@chromium.org	abace56b29	Use MigrateToMap instead of set_map to update the map of a JSObject. This is necessary to guarantee correct representation usage. Some unhandlified code still needs to be handlified before we can push this through fully. BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/194783002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19844 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-12 13:18:27 +00:00
rossberg@chromium.org	8e3f3cee9e	Eliminate extended mode, and other modes clean-up - Merge LanguageMode and StrictModeFlag enums - Make harmony-scoping depend only on strict mode - Free some bits on the way - Plus additional clean-up and renaming R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/181543002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-11 14:41:22 +00:00
rossberg@chromium.org	3f702d4bf9	Mode clean-up pt 1: rename classic/non-strict mode to sloppy mode R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/177683002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-11 14:39:08 +00:00
rmcilroy@chromium.org	a199ba80ef	Differentate between code target pointers and heap pointers in constant pools. Separate out code target pointers from normal heap pointer entries in constant pool arrays so that the GC can correctly relocate these pointers using the appropriate mechanism. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/183883011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19773 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-10 19:05:43 +00:00
verwaest@chromium.org	1180803953	Reland and fix "Allow ICs to be generated for own global proxy." BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/176793003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-10 12:23:05 +00:00
yangguo@chromium.org	469428e610	Handlify JSObject::CanSetCallback. Also use temporary wrapper functions where possible to mark progress. R=ishell@chromium.org Review URL: https://codereview.chromium.org/172503002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19743 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-10 08:28:59 +00:00
mvstanton@chromium.org	1812f63fd2	Moved type feedback vector to SharedFunctionInfo. Type Vector followup: the type vector currently lives off the code object. This CL moves it to the SharedFunctionInfo, facilitating re-use and continued use in crankshafted code if desired. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/178463007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 10:12:17 +00:00
marja@chromium.org	bd1fb97d5c	Remove Script::SetData and the script_data parameter from Script::(Compile\|New). This feature makes it possible to associate data with a script and get it back when the script is compiled or when an event is handled. It was historically used by Chromium Dev Tools, but not any more. It is not used by node.js. Note: this has nothing to do with the preparse data, despite the confusing name. The preparse data is passed as ScriptData*. Note 2: This is the same as r19616 ( https://codereview.chromium.org/184403002/ ) with a unused variable fix in bootstrapper.cc. R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/185533014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19702 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-07 08:43:54 +00:00
mvstanton@chromium.org	6115a006fd	Bugfix for 349874: we incorrectly believe we saw a growing store When we set an out of bounds array index, the index might be so large that it causes the array to go to dictionary mode. It's better to avoid "learning" that this was a growing store in that case. This fix also partially reverts a fix for bug 347543, as this fix is comprehensive and satisfies that repro case as well (partial revert of v19591). BUG=349874 LOG=N R=verwaest@chromium.org Review URL: https://codereview.chromium.org/188643002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19691 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-06 13:07:51 +00:00
ulan@chromium.org	b9e0b87a5a	Clear optimized code cache in shared function info when code gets deoptimized. This adds a pointer to the shared function info into deoptimization data of an optimized code. Whenever the code is deoptimized, it clears the cache in the shared function info. This fixes the problem when the optimized function dies in new space GC before the code is deoptimized due to code dependency and before the optimized code cache is cleared in old space GC (see mjsunit/regress/regress-343609.js). This partially reverts r19603 because we need to be able to evict specific code from the optimized code cache. BUG=343609 LOG=Y TEST=mjsunit/regress/regress-343609.js R=yangguo@chromium.org Review URL: https://codereview.chromium.org/184923002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-03-03 11:11:39 +00:00
marja@chromium.org	40ffba58a4	Revert "Remove Script::SetData and the script_data parameter from Script::(Compile\|New)." This reverts revision 19616. BUG= TBR=marja@chromium.org,svenpanne@chromium.org Review URL: https://codereview.chromium.org/181113008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19618 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 14:09:52 +00:00
marja@chromium.org	55750b1c62	Remove Script::SetData and the script_data parameter from Script::(Compile\|New). This feature makes it possible to associate data with a script and get it back when the script is compiled or when an event is handled. It was historically used by Chromium Dev Tools, but not any more. It is not used by node.js. Note: this has nothing to do with the preparse data, despite the confusing name. The preparse data is passed as ScriptData*. R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/184403002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19616 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 13:54:14 +00:00
jkummerow@chromium.org	85367a7db9	Fail early when re-entering code that has been patched for lazy deopt R=ulan@chromium.org Review URL: https://codereview.chromium.org/184373004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19607 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 12:41:25 +00:00
yangguo@chromium.org	5c186bb197	Evict from optimized code map in sync with removing from optimized functions list. R=ulan@chromium.org Review URL: https://codereview.chromium.org/184443002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19603 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 12:27:31 +00:00
titzer@chromium.org	0a93163138	Remove dead CompileOptimized() method from JSFunction. BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/181253004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19593 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-28 08:57:38 +00:00
mvstanton@chromium.org	e664f42a5a	Revert r19430, r19459: "Reland "Allow ICs to be generated for own global proxy."" Causing ClusterFuzz crash (issue 343928) TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/179643003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-25 12:18:30 +00:00
ulan@chromium.org	db60894687	Clean up weak objects in optimized code. This prepares for weak objects in IC stubs. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/172233003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19489 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-19 14:03:48 +00:00
mvstanton@chromium.org	73b679cbee	Revert "Second attempt at introducing a premonomorphic state in the call" This reverts commits r19463 and r19457 (includes MIPS port), there was a Sunspider perf issue and on reflection we can achieve the necessary result in a new way. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/172383003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19488 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-19 13:55:25 +00:00
yangguo@chromium.org	139134acc2	Harmony: optimize Math.clz32. R=svenpanne@chromium.org BUG=v8:2938 LOG=N Review URL: https://codereview.chromium.org/172133003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19487 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-19 13:51:49 +00:00
jacob.bramley@arm.com	6d9fcf1198	A64: Tidy up Push and Pop TODOs. This addresses several TODOs: - Push and Pop requests can be queued up so that arrays of Registers can be pushed efficiently, with just one PrepareForPush/Pop. - PushMultipleTimes now takes an Operand. This allows variable-length arguments arrays to be initialized, for example. - A NoUseRealAbortsScope has been added to Abort so that AssertStackConsistency can be called from PrepareForPush without introducing infinite recursion. BUG= R=rmcilroy@chromium.org, ulan@chromium.org Review URL: https://codereview.chromium.org/170623002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-19 09:43:45 +00:00
mvstanton@chromium.org	5224c3d0f0	Second attempt at introducing a premonomorphic state in the call target caches. This time we don't go through the premonomorphic state for the Array call target caches to avoid losing information from allocation sites that aren't only used once, but where the resulting array is used heavily. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/169683003 Patch from Kasper Lund <kasperl@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19457 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-18 15:33:34 +00:00
verwaest@chromium.org	60c08a8bf2	Directly store the transition target on LookupResult in TransitionResult. BUG=chromium:343964 LOG=N R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/170343003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19440 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-18 12:19:32 +00:00
bmeurer@chromium.org	a7c82c49f4	Consistent use of const for LookupResult. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/170073003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19438 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-18 11:30:51 +00:00
bmeurer@chromium.org	0ec3dc296a	Revert "Handlify DescriptorArray::Merge()." This reverts commit r19410. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/169113005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19432 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-18 10:38:25 +00:00
verwaest@chromium.org	2f9f49798a	Reland "Allow ICs to be generated for own global proxy." BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/170343002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19430 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-18 10:10:06 +00:00
danno@chromium.org	bedf702bcb	Revert r19403: "A64: Tidy up Push and Pop TODOs." Causes a64 debug asserts TBR=jacob.bramley@arm.com,ulan@chromium.org Review URL: https://codereview.chromium.org/169303007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19419 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 16:08:44 +00:00
mvstanton@chromium.org	8bcdbc354f	Revert "Add a premonomorphic state to the call target cache." This reverts commit r19402 R=verwaest@chromium.org Review URL: https://codereview.chromium.org/169713002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19412 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 14:22:18 +00:00
bmeurer@chromium.org	c1729e5283	Handlify DescriptorArray::Merge(). R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/169363002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19410 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 13:22:34 +00:00
hpayer@chromium.org	22602980c0	Added a special stack guard to deopt marked allocation sites. BUG= R=mvstanton@chromium.org, ulan@chromium.org Review URL: https://codereview.chromium.org/169563002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19404 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 12:15:16 +00:00
jacob.bramley@arm.com	1634631ae4	A64: Tidy up Push and Pop TODOs. This addresses several TODOs: - Push and Pop requests can be queued up so that arrays of Registers can be pushed efficiently, with just one PrepareForPush/Pop. - PushMultipleTimes now takes an Operand. This allows variable-length arguments arrays to be initialized, for example. - A NoUseRealAbortsScope has been added to Abort so that AssertStackConsistency can be called from PrepareForPush without introducing infinite recursion. BUG= R=ulan@chromium.org Review URL: https://codereview.chromium.org/169533002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19403 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 12:08:06 +00:00
mvstanton@chromium.org	be731e6c95	Add a premonomorphic state to the call target cache. From a CL by kasperl: https://codereview.chromium.org/162903004/ R=verwaest@chromium.org Review URL: https://codereview.chromium.org/163413003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19402 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 11:59:45 +00:00
yangguo@chromium.org	7f6dc1ff9b	Do not visit smis in the root list during GC. R=mstarzinger@chromium.org BUG=328804 LOG=N Review URL: https://codereview.chromium.org/166023003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19400 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-17 10:41:25 +00:00
verwaest@chromium.org	ed9bbc7051	Remove HandlerKindField and just encode the handlerkind as the only extra-ic-state. R=ishell@chromium.org Review URL: https://codereview.chromium.org/166883002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19385 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-14 15:17:26 +00:00
verwaest@chromium.org	209b17ac31	Don't mix handler flags into regular flag computation. BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/163363003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19384 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-14 15:15:08 +00:00
verwaest@chromium.org	fe0fe20e8f	Pass in the handler kind to IC computation rather than extracting it from the handler. R=ishell@chromium.org Review URL: https://codereview.chromium.org/163463002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19383 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-14 15:14:34 +00:00
vegorov@chromium.org	8f170a66e7	Improve positions tracking inside the HGraphBuilder. Instead of tracking simple absolute offset from the start of the script like other places do, track a pair of (inlining id, offset from the start of inlined function). This enables us to pinpoint with inlining path an instruction came from. Previously in multi-script environments we emitted positions that made very little sense because inside a single optimized function they would point to different scripts without a way to distinguish them. Start dumping the source of every inlined function to make possible IR viewing tools with integrated source views as there was previously no way to acquire this information from IR dumps. We also dump source position at which each inlining occured. Tracked positions are written into hydrogen.cfg as pos:<inlining-id>_<offset>. Flag --emit-opt-code-positions is renamed by this change into --hydrogen-track-positions to better convey it's meaning. In addition this change assigned global unique identifier to each optimization performed inside isolate. This allows to precisely match compilation artifacts (e.g. IR and disassembly) and deoptimizations. BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/140683011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19360 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-13 16:09:28 +00:00
ulan@chromium.org	e95bc7eec8	Merge experimental/a64 to bleeding_edge. BUG=v8:3113 LOG=Y R=jochen@chromium.org, rmcilroy@chromium.org, rodolph.perfetta@arm.com Review URL: https://codereview.chromium.org/148293020 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-12 09:19:30 +00:00
verwaest@chromium.org	78f568d69c	Remove extended_extra_ic_state and extend extra_ic_state instead. BUG= R=ishell@chromium.org Review URL: https://codereview.chromium.org/159013003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19287 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 15:01:44 +00:00
yangguo@chromium.org	1f7feb9696	Remove obsolete stack trace string in a message object. The stack trace string is an ancient relic that is no longer being used. We use the structured stack trace object instead. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/159013002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19264 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 09:29:51 +00:00
palfia@homejinni.com	21cdcf34b4	MIPS: Add kExpectedFixedArrayInRegisterA2 message. Port r19244 (08e0afd9) BUG= R=mvstanton@chromium.org, plind44@gmail.com Review URL: https://codereview.chromium.org/159423003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19263 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-11 09:27:01 +00:00
mvstanton@chromium.org	516ed9fa90	Adding a type vector to replace type cells. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/137403009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19244 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-10 21:38:17 +00:00
ishell@chromium.org	05270212c3	Remake of the load elimination fix made earlier (r18884). R=titzer@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/149063010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19057 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-02-04 10:48:49 +00:00
verwaest@chromium.org	ae7a209e71	Remove CallICs BUG= R=dcarney@chromium.org Review URL: https://codereview.chromium.org/148223002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-31 16:52:17 +00:00
jochen@chromium.org	253edf246f	Remove IsRegExpEquivalent. It's not used anywhere. BUG=none R=ulan@chromium.org LOG=n Review URL: https://codereview.chromium.org/141563013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18995 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-31 14:17:02 +00:00
bmeurer@chromium.org	735a507385	Improve HConstant::ImmortalImmovable() to check for all immortal immovable roots. Move the list to IMMORTAL_IMMOVABLE_ROOT_LIST in heap.h, and automatically include INTERNALIZED_STRING_LIST and STRING_TYPE_LIST. R=hpayer@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/146623003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18970 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-31 07:28:46 +00:00
plind44@gmail.com	02d8dc57c1	MIPS: Specialize FixedTypedArray<> set and get functions to solve unaligned double access. BUG= TEST=test-api/FixedFloat64Array R=dslomov@chromium.org Review URL: https://codereview.chromium.org/136333011 Patch from Balazs Kilvady <kilvadyb@homejinni.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18965 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-30 20:05:11 +00:00
dslomov@chromium.org	1a67b7f86a	External Array renaming and boilerplate scrapping Replaced symbolic names with correct JS name (byte -> int8, unsigned int -> uint32 etc). Using macros to scrap the boilerplate BUG= R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/145133013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18835 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-24 16:01:15 +00:00
hpayer@chromium.org	83a1df2354	Remove Heap::MaxRegularSpaceAllocationSize and use Page::MaxRegularHeapObjectSize instead. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/141653016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18776 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-23 13:02:27 +00:00
rossberg@chromium.org	0d906a8bdb	Zonify types in compiler frontend Clean up some zone/isolate handling in AST and its visitors on the way. (Based on https://codereview.chromium.org/103743004/) R=jkummerow@chromium.org, titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/102563004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18719 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-21 16:22:52 +00:00
mvstanton@chromium.org	c472ee85f8	Array constructor shouldn't require a Cell, just an AllocationSite. The Array constructor has a needless dependency on an input argument that is a Cell. It uses this to walk through to an AllocationSite. The dependency hampers future work. Instead, pass the AllocationSite as input to the Array constructor. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/140963004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-21 16:04:39 +00:00
rossberg@chromium.org	928d71f83b	Retry landing "Implement zone-allocated types" Works around apparent scoping bug in VS, the only change to before being a method rename in the test suite: --- a/test/cctest/test-types.cc +++ b/test/cctest/test-types.cc @@ -153,7 +153,7 @@ struct ZoneRep { return reinterpret_cast<ZoneList<ZoneType>>(AsTagged(t)); } - static Zone* Region(Zone* zone, Isolate* isolate) { return zone; } + static Zone* ToRegion(Zone* zone, Isolate* isolate) { return zone; } }; @@ -168,7 +168,7 @@ struct HeapRep { static Object* AsConstant(Handle<Type> t) { return Box::cast(t)->value(); } static FixedArray AsUnion(Handle<Type> t) { return FixedArray::cast(t); } - static Isolate Region(Zone* zone, Isolate* isolate) { return isolate; } + static Isolate* ToRegion(Zone* zone, Isolate* isolate) { return isolate; } }; @@ -183,7 +183,7 @@ struct Tests : Rep { isolate(CcTest::i_isolate()), scope(isolate), zone(isolate), - T(Rep::Region(&zone, isolate), isolate) { + T(Rep::ToRegion(&zone, isolate), isolate) { } static void CheckEqual(TypeHandle type1, TypeHandle type2) { R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/143693003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18711 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-21 14:14:12 +00:00
mvstanton@chromium.org	155ef100e9	Fix logic error in assert in IsUndeclaredGlobal() Recent changes in IC logic meant that CallStubs no longer use the Contextual bit. IsUndeclaredGlobal() needed to adjust for that. In fact, now the CL has morphed to remove the notion of storing contextual state in the IC at all, it just becomes some extra ic state of the load ic. This took some adjustment in harmony code to use the global receiver for certain stores. Now it's clearer that only LoadICs actually record any information about contextual or not. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/140943002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18660 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-17 11:08:24 +00:00
ulan@chromium.org	0575396a4c	Refactor string internalization. Remove duplicate code in StringTable and Heap. Instead of having many InternalizeXXXString methods, add a general InternalizeStringWithKey that takes a string table key. BUG= R=dcarney@chromium.org, svenpanne@chromium.org Review URL: https://codereview.chromium.org/140953002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18657 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-17 10:27:57 +00:00
dslomov@chromium.org	5da41be7b8	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18651 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 17:08:45 +00:00
dslomov@chromium.org	34eeeb8953	Revert "Implement in-heap backing store for typed arrays." This reverts commit r18649 for breaking Linux/nosnap and Win64 tests. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/140793003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 16:00:36 +00:00
dslomov@chromium.org	97040ce67b	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Committed: https://code.google.com/p/v8/source/detail?r=18646 Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 15:01:27 +00:00
dslomov@chromium.org	95f572389e	Revert "Implement in-heap backing store for typed arrays." This reverts commit r18646 for breaking Win32 build. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/132233012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 14:26:15 +00:00
dslomov@chromium.org	0c960c2e96	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 14:18:37 +00:00
hpayer@chromium.org	e3fdf3f4e7	Refactor DeoptimizeDependentCodeGroup. BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/137783016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 10:00:03 +00:00
hpayer@chromium.org	f01dc250dc	Handlify AllocationSite AddDependentCompilationInfo. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/136703002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18570 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 14:54:33 +00:00
bmeurer@chromium.org	53e29e5f19	Inline AllocationMemento::FindForHeapObject() into the two call sites. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/136633002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18565 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 13:11:46 +00:00
mvstanton@chromium.org	854d085996	More efficient use of space in AllocationSite. We can eliminate one word from the object by sharing the pretenuring decision and the found memento count. R=bmeurer@chromium.org, hpayer@chromium.org Review URL: https://codereview.chromium.org/132063004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18554 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 10:28:01 +00:00
rossberg@chromium.org	99359d389c	Revert "Implement zone-allocated types" This reverts commit 4308974b16d1ee67d9f64d797c5ea64ffaab51df. TBR=machenbach@chromium.org BUG= Review URL: https://codereview.chromium.org/133353005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 15:33:37 +00:00
rossberg@chromium.org	d849dfa5d4	Implement zone-allocated types More template magic FTW. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/103743004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18543 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 14:43:48 +00:00
rossberg@chromium.org	cb28b7f837	Retry "Templatise type representation" after making clang happy The only thing different now is line types.h:208/236, which had a static_cast<Type*> before. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/133683002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18533 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 12:19:01 +00:00
hpayer@chromium.org	4ef951cf43	Allocation site pretenuring. Pretenuring decisions are made based on allocation site lifetime statistics. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/96783002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18532 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 12:11:54 +00:00
machenbach@chromium.org	8ffcd2a281	[Sheriff] Revert "Templatise type representation" and "Fix Mac warnings". This reverts commit r18521 and r18522 for breaking mac and win builders. BUG= TBR=rossberg@chromium.org Review URL: https://codereview.chromium.org/132493002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18524 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 19:52:15 +00:00
rossberg@chromium.org	713a74ca09	Fix Mac warnings R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/132263002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 17:37:48 +00:00
rossberg@chromium.org	1c33a2d840	Templatise type representation This is to support both heap- and zone-allocated types in the future (the latter not yet implemented). Also, handlify the type API some more. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/107933005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 17:12:48 +00:00
rmcilroy@chromium.org	687537ded3	Fix some out-of-line constant pool garbage collection bugs. This CL fixes some bugs in the out of line constant pool implementation when constant pools are GCed. Namely: - Push/Pop pp register in exit frames and VisitPointer on it to ensure it is updated if the ConstantPoolArray is moved by GC. - Mark pp as a SafePoint Register for optimized functions. - Ensure that StandardFrame::IterateExpressions also iterates over the constant pool pointer in the stackframe. - Fix calculation of last_ptr_offset in ConstantPoolArray body iterator. - Make ensure that CONSTANT_POOL_ARRAY_TYPE is a pointer object InstanceType. R=ulan@chromium.org Review URL: https://codereview.chromium.org/123263005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 15:53:54 +00:00
mvstanton@chromium.org	e3e7daf01c	We need to know if a load, store or call IC is assumed to be on the global object. Previously, this information was stored in RelocInfo. A more logical place for this kind of structural information is ExtraICState. Storing it there makes it easier for us to gather type feedback from these sites too. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/96083005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18466 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 14:14:34 +00:00
bmeurer@chromium.org	ad4231c495	Reland "Allocation site support for monomorphic StringAdds in BinaryOps". R=ulan@chromium.org Review URL: https://codereview.chromium.org/106313003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18444 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 15:31:27 +00:00
bmeurer@chromium.org	4d88b0b4be	Revert "Fix compilation with C++11." and "Allocation site support for monomorphic StringAdds in BinaryOps.". This reverts commit r18431 and r18432 for breaking the Linux nosnapshot build. R=ulan@chromium.org Review URL: https://codereview.chromium.org/122463004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 10:38:45 +00:00
bmeurer@chromium.org	a91499fec7	Allocation site support for monomorphic StringAdds in BinaryOps. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/106453003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 09:17:52 +00:00
rmcilroy@chromium.org	78ab4379d3	Out-of-line constant pool on Arm: Stage 3 - Set Constant Pool Pointer on Function Entry Third stage of implementing an out-of-line constant pool for Arm. This CL adds a ConstantPool field to Code objects and initializes the pp register on function entry, and saves the pp register on the stack frame. The ConstantPool object is always empty and is unused currently. R=ulan@chromium.org Review URL: https://codereview.chromium.org/88043002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18425 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-30 11:23:59 +00:00
yangguo@chromium.org	6ba6d0b4fe	Cache optimized code for OSR. BUG=v8:2637 LOG=N R=titzer@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/101853003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18410 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-23 14:42:42 +00:00
yangguo@chromium.org	2a4be7067c	Refactor the compiling pipeline. Goals: - easier to read, more suitable identifiers. - better distinction between compiling optimized/unoptimized code - compiler does not install code on the function. - easier to add features (e.g. caching optimized code for osr). - remove unnecessary code. R=titzer@chromium.org Review URL: https://codereview.chromium.org/110203002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18409 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-23 14:30:35 +00:00
yangguo@chromium.org	f7929d2a87	Reland "Handlify concat string and substring." This relands commit r17490. BUG= R=ulan@chromium.org Review URL: https://codereview.chromium.org/114943004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18408 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-23 12:37:56 +00:00
hpayer@chromium.org	7305592638	Use an allocation site scratchpad to speed up allocaton site processing during gc. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/99133017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 21:23:56 +00:00
hpayer@chromium.org	9c8d625422	Generalize AllocationMemento::FindForHeapObject and remove corresponding new space check. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/104903002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18366 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 20:08:54 +00:00
hpayer@chromium.org	7be4945c2b	Removed unused ShouldTrackAllocationInfo method. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/111723004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18341 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 10:30:31 +00:00
jkummerow@chromium.org	28cab36838	Ensure that Code objects' kind specific flags are initialized properly. Also, have the stub cache set a valid MajorKey on stubs it creates. Getting weird random bits frightens and confuses the poor simple type feedback oracle. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/108443004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18309 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-13 10:27:19 +00:00
jkummerow@chromium.org	48ff79a300	Fix polymorphic inlined calls with migrating prototypes LOG=Y R=verwaest@chromium.org Review URL: https://codereview.chromium.org/104793003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-12 14:57:00 +00:00
verwaest@chromium.org	d5787278bc	Fixed global object leak caused by overwriting the global receiver (the global proxy) in the global object with the global object itself. This CL additionally removes the API function to reattach a global proxy to a global object. BUG=324812 LOG=y R=dcarney@chromium.org, titzer@chromium.org Review URL: https://chromiumcodereview.appspot.com/101733002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-11 13:51:48 +00:00
bmeurer@chromium.org	f0cfb1cad9	Increase number of available major keys. This also adds a static assert checking that we do not exceed the available number of major keys. The safepoint table offset is now max 2^24 instead of 2^25. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/110183003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18284 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-10 09:44:44 +00:00
yangguo@chromium.org	5df90d2c74	Remove unused trigonometric code. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/104203003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18256 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-04 11:39:24 +00:00
bmeurer@chromium.org	46fbeec7ab	Remove the obsolete Code::IsPregenerated flag. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/96753003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18172 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-02 09:46:35 +00:00
mvstanton@chromium.org	e066a3667d	Move responsibility for definition of ExtraICState bits into the ICs. Currently it's in the Code object for some ICs and in ICs for other ICs. This should make it easier to alter bits as needed. 2) Recover an extra bit in the code object to give us 6 bits for the extra ic state. We'll need it soon to store contextual state. 3) Cleanup code that treated StrictMode enum and ExtraICState enum as interchangeble. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/91803003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18136 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-28 15:32:55 +00:00
rossberg@chromium.org	e943623b12	Harmony promises Based on prototype at https://github.com/rossberg-chromium/js-promise which informed the latest spec draft version at https://github.com/domenic/promises-unwrapping/blob/master/README.md Activated by --harmony-promises. Feature complete with respect to the draft spec, plus the addition of .when and .deferred methods. Final naming and other possible deviations from the current draft will hopefully be resolved soon after the next TC39 meeting. This CL also generalises the Object.observe delivery loop into a simplistic microtask loop. Currently, all observer events are delivered before invoking any promise handler in a single fixpoint iteration. It's not clear yet what the final semantics is supposed to be (should there be a global event ordering?), but it will probably require a more thorough event loop abstraction inside V8 once we get there. R=dslomov@chromium.org, yhirano@chromium.org BUG= Review URL: https://codereview.chromium.org/64223010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18113 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-27 17:21:40 +00:00
mvstanton@chromium.org	f3a22f965e	The goal is to discover the appropriate heap space for objects created in full code. By the time we optimize the code, we'll be able to decide on new or old space based on the number of surviving objects after one or more gcs. The mechanism is a "memento" placed behind objects in the heap. It's currently done for array and object literals, with plans to use mementos for constructed objects as well (in a later CL). The feature is behind the flag allocation_site_pretenuring, currently off. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/40063002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-27 14:03:40 +00:00
mvstanton@chromium.org	81b22bbf96	A performance regression in array literal creation was caused by refactoring that eliminated a special fast case for shallow arrays. At the same time the general case got a bit slower. This CL restores most of the performance without coding the special fast case. The virtual dispatching is unnecessary because we know what we want to do at compile time. A flag was added to Runtime::CreateArrayLiteral. The flags delivers information about shallowness but also whether or not allocation mementos should be created. This is useful for crankshafted code. BUG=v8:3008 LOG=Y R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/77293003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-25 12:41:27 +00:00
verwaest@chromium.org	016113d945	Use Type in CheckPrototypes. R=ishell@chromium.org Review URL: https://chromiumcodereview.appspot.com/78023002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 15:06:20 +00:00
ulan@chromium.org	6a4d5b4228	Invalidate embedded objects in optimized code if it was marked for deoptimization. It avoids having dead pointers in code from the time it was marked for deoptimization until it is deoptimized. BUG=320532,v8:2996 TEST=mjsunit/regress/regress-320532.js LOG=Y R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/61213012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18013 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 13:10:31 +00:00
svenpanne@chromium.org	b6b84c02b2	Reland "Implement Math.random() purely in JavaScript" plus fixes. The main change is that a bit has been added to array buffers to signal that the backing store has to be freed when the buffer dies. BUG=316359 LOG=Y R=yangguo@chromium.org Review URL: https://codereview.chromium.org/82763005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18003 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 11:35:39 +00:00
mvstanton@chromium.org	3c95790f32	Pretenuring calculation fields in AllocationSite. AllocationSite-based pretenuring needs additional fields to carry out calculations. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/43603002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17986 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 07:34:21 +00:00
danno@chromium.org	8e266c2244	Revert 17963, 17962 and 17955: Random number generator in JS changes Revert 17966, 17965 also as collateral damage: Embed trigonometric lookup table. Due to Heapcheck and valgrind failures that are not yet fixed. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/80513004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17981 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 17:21:00 +00:00
ishell@chromium.org	8537e167f2	Code object now prints its major_key when applicable. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/81043002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17980 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 16:55:16 +00:00
svenpanne@chromium.org	2b1da67263	Implement Math.random() purely in JavaScript. This removes tons of architecture-specific code and makes it easy to experiment with other pseudo-RNG algorithms. The crankshafted code is extremely good, keeping all things unboxed and doing only minimal checks, so it is basically equivalent to the handwritten code. When benchmarks are run without parallel recompilation, we get a few percent regression on SunSpider's string-validate-input and string-base64, but these benchmarks run so fast that the overall SunSpider score is hardly affected and within the usual jitter. Note that these benchmarks actually run even faster when we don't crankshaft at all on the main thread (the regression is not caused by bad code, it is caused by Crankshaft needing a few hundred microsecond for compilation of a trivial function). Luckily, when parallel recompilation is enabled, i.e. in the browser, we see no regression at all! R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/68723002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 09:55:15 +00:00
danno@chromium.org	06c7620302	Fixed crashes exposed though fuzzing. The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set. R=yangguo@chromium.org TEST=test/mjsunit/regress/regress-320948.js BUG=chromium:320948 LOG=Y Review URL: https://codereview.chromium.org/72813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 16:41:07 +00:00
verwaest@chromium.org	40d255ec82	Move template instance check from Object to FunctionTemplateInfo::IsTemplateFor BUG= R=dcarney@chromium.org Review URL: https://chromiumcodereview.appspot.com/67613005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17876 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 13:38:15 +00:00
bmeurer@chromium.org	b39db7bbf3	Remove unused StubType's, freeing 2 bits in Code objects. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/75973005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 12:04:54 +00:00
mvstanton@chromium.org	bff41483dc	Bugfix: dependent code field in AllocationSite was keeping code objects alive even after context death. BUG=320532 LOG=Y R=ulan@chromium.org Review URL: https://codereview.chromium.org/62803008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 10:17:33 +00:00
verwaest@chromium.org	38630a765f	Convert PatchCache (and related methods) to use types rather than objects/maps. R=rossberg@chromium.org Review URL: https://chromiumcodereview.appspot.com/75413002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17847 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-18 17:18:14 +00:00
danno@chromium.org	f27f2fa420	Match max property descriptor length to corresponding bit fields BUG=v8:3010 R=verwaest@chromium.org LOG=N Review URL: https://codereview.chromium.org/72333004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-18 11:44:06 +00:00
rafaelw@chromium.org	bdf78a7ad3	Reland [Object.observe] Don't force normalization of elements for observed objects Original Issue: https://codereview.chromium.org/29353003/ Note that this version of the patch includes logic for bailing out of compiled ArrayPush/ArrayPop calls if the array is observed (see stub-cache-*) R=danno@chromium.org BUG=v8:2946 LOG=N Review URL: https://codereview.chromium.org/68343016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17769 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 21:47:39 +00:00
rafaelw@chromium.org	161cc3cd2a	Handlify JSObject::SetElement & brethren Because SetElement & co are interdependent, this patch handlfies all of JSObject:: -SetElement -SetFastElement -SetDictionaryElement -SetFastDoubleElement -SetElementWithInterceptor -SetElementWithoutInterceptor -SetElementWithCallbackSetterInPrototype R=mstarzinger@chromium.org LOG=N Review URL: https://codereview.chromium.org/66803002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17757 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 17:30:48 +00:00
verwaest@chromium.org	6befb8d5cd	Also support smi in load-ICs. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/68523009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 16:37:36 +00:00
verwaest@chromium.org	93f2ed48d9	Handle all object types (minus smi) in load/store ICs R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/62953007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 16:25:31 +00:00
mvstanton@chromium.org	3cf157b43b	Inline zero argument array constructor. patch from issue 54583003 (dependent code). Zero arguments - very easy 1 argument - three special cases: a) If length is a constant in valid array length range, no need to check it at runtime. b) respect DoNotInline feedback on the AllocationSite for cases that the argument is not a smi or is an integer with a length that should create a dictionary. c) if kind feedback is non-holey, and length is non-constant, we'd have to generate a lot of code to be correct. Don't inline this case. N arguments - one special case: a) If a deopt ever occurs because an input argument isn't compatible with the elements kind, then set the DoNotInline flag. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/55933002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 12:05:09 +00:00
rossberg@chromium.org	cec8383cff	Provide private symbols through internal APIs Adds a notion of private symbols, mainly intended for internal use, especially, self-hosting of built-in types that would otherwise require new C++ classes. On the JS side (i.e., in built-ins), private properties can be created and accessed through a set of macros: NEW_PRIVATE(print_name) HAS_PRIVATE(obj, sym) GET_PRIVATE(obj, sym) SET_PRIVATE(obj, sym, val) DELETE_PRIVATE(obj, sym) In the V8 API, they are accessible via a new class Private, and respective HasPrivate/Get/Private/SetPrivate/DeletePrivate methods on calss Object. These APIs are designed and restricted such that their implementation can later be replaced by whatever ES7+ will officially provide. R=yangguo@chromium.org BUG= Review URL: https://codereview.chromium.org/48923002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-13 10:34:06 +00:00
yangguo@chromium.org	e83fd01ce6	Reland "Implement Math.sin, cos and tan using table lookup and spline interpolation." This relands r17594 with necessary fixes. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/70003004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-12 14:43:18 +00:00
yangguo@chromium.org	7fd7bbdcad	Fix potential assertion failure. R=mvstanton@chromium.org BUG= Review URL: https://codereview.chromium.org/68913002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17621 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-11 15:28:47 +00:00
rafaelw@chromium.org	4bc568b77a	Revert "Reland [Object.observe] Don't force normalization of elements for observed objects" TBR=danno BUG= Review URL: https://codereview.chromium.org/67233002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17608 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 19:33:05 +00:00
rafaelw@chromium.org	ca8f947664	Reland [Object.observe] Don't force normalization of elements for observed objects Original Issue: https://codereview.chromium.org/29353003/ TBR=danno BUG=v8:2946 Review URL: https://codereview.chromium.org/66933003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17607 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 19:12:43 +00:00
rafaelw@chromium.org	c824bfb44a	Revert "[Object.observe] Don't force normalization of elements for observed objects" Broke ARM build TBR=danno BUG= Review URL: https://codereview.chromium.org/66603004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17602 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 15:36:22 +00:00
rafaelw@chromium.org	d462dca64a	[Object.observe] Don't force normalization of elements for observed objects BUG=v8:2946 R=danno@chromium.org Review URL: https://codereview.chromium.org/29353003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17601 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 14:55:13 +00:00
yangguo@chromium.org	9f104a1a3e	Revert "Implement Math.sin, cos and tan using table lookup and spline interpolation." This reverts commit r17594. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/59153007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 13:44:27 +00:00
yangguo@chromium.org	063b7c4ebb	Implement Math.sin, cos and tan using table lookup and spline interpolation. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/50563003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 13:10:39 +00:00
bmeurer@chromium.org	3f1fc2385a	Remove unused ValueInfo struct BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/46673004 Patch from Adrian Perez de Castro <aperez@igalia.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17577 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 07:45:15 +00:00
vegorov@chromium.org	adae3f77ec	Allow redirecting disassembly and deoptimization traces into a file. This is controlled by two flags: --redirect_code_traces --redirect_code_traces_to=<filename> When redirection is enabled but --redirect_code_traces_to is not specified traces are written to a file code-<pid>-<isolate>.asm. This mangling scheme matches hydrogen.cfg and allows easy discovery of compilation artifacts in a multi-V8 environment (e.g. when compilation is traced from inside Chromium). D8 defines --redirect_code_traces_to=code.asm similar to hydrogen.cfg redirection. BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/43273004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17571 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-07 16:35:27 +00:00
rafaelw@chromium.org	1a74e27994	Handlify ForceSetObjectProperty Note that I've left the layering as is to make the diffs clear. Is it worth moving ForceSetObjectProperty to objects.cc? This code is clearly implementing part of the DefineOrRedefine steps from the spec, but it's still odd that it lives in Runtime. Note that handles.cc exposes a ForceSetProperty which just performs a CALL_HEAP_FUNCTION on the Runtime::ForceSetObjectProperty -- which is exposed to the api as v8::Object::ForceSet BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/61883002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17529 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-06 16:32:47 +00:00
mvstanton@chromium.org	cec8548d0e	Correct handling of arrays with callbacks in the prototype chain. Our generic KeyedStoreIC doesn't handle the case when a callback is set on array elements in the prototype chain of the object, nor do we recognize that we need to avoid the monomorphic case if these callbacks exist. This CL addresses the issue by looking for dictionary elements in the prototype chain on IC misses and crankshaft element store instructions. When found, the generic IC is used. The generic IC is changed to go to the runtime in this case too. In general, keyed loads are immune from this problem because they won't return the hole: discovery of the hole goes to the runtime where the callback will be found in the prototype chain. Double array loads in crankshaft can return the hole but only if the prototype chain is unaltered (we will catch such alterations). Includes the following patch as well (already reviewed by bmeurer): Performance regression found in test regress-2185-2.js. The problem was that the bailout method for TransitionAndStoreStub was not performing the appropriate transition. (Review URL for the ElementsTransitionAndStoreIC_Miss change: https://codereview.chromium.org/26911007) R=danno@chromium.org Review URL: https://codereview.chromium.org/35413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-06 15:45:43 +00:00
mstarzinger@chromium.org	88be0606cf	Add support for tracking NotExectuted/ExecutedOnceCodeAge's when --track_gc_object_stats flag is set. BUG=None R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/40003002 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-06 09:29:09 +00:00
yangguo@chromium.org	371265eec4	Revert "Handlify concat string and substring." This reverts r17490. R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/59973004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17497 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 15:36:15 +00:00
rafaelw@chromium.org	b9883beaba	Remove SetLocalPropertiesIgnoreAttributesTrampoline BUG=v8:2877 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/59343003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17496 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 15:33:14 +00:00
yangguo@chromium.org	23d085c691	Handlify concat string and substring. R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/50073005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17490 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 14:07:07 +00:00
mstarzinger@chromium.org	5267d7b884	Introduce JSFunction::EnsureHasInitialMap method. This change enforces explicit allocation of the initial map for each JSFunction to introduce a proper layering between the JSFunction class and the Heap class. A follow-up change will then handlify the two functions AllocateInitialMap and AllocateFunctionPrototype. R=rossberg@chromium.org BUG=v8:2877 Review URL: https://codereview.chromium.org/32323013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17480 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 12:11:27 +00:00
rafaelw@chromium.org	ada13dfc3f	Remove calls to JSObject::SetLocalPropertyIgnoreAttributesTrampoline within objects.cc This includes handlifing: -SetHiddenPropertiesHashTable -ObjectHashSet::Add/Remove -ObjectHashTable::Put And splitting the following methods which previously took "allow creation" enum arguments to into side-effect-free getters and GetOrCreate*-handlfied getters. -GetHash (now GetHash & handlified GetOrCreateHash) -GetIdentityHash (now GetIdentityHash & handlified GetOrCreateIdentityHash) -GetHiddenPropertiesHashTable (now GetHiddenPropertiesHashTable & handlified GetOrCreateaHiddenPropertiesHashTable) BUG=v8:2877 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/48913008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 11:47:11 +00:00
jkummerow@chromium.org	d0c5614f9d	Proper fix for the issue exposed by r17459 This reverts r17462 and instead fixes StubCache::ComputeLoadNonexistent by replacing s/IsGlobalObject/IsJSGlobalObject/ there. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/59103005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 11:01:31 +00:00
svenpanne@chromium.org	dc8c314084	Make snapshots reproducible. To keep the structure of the serializer more or less untouched, we use some ingenious Corry-approved(TM) 3-step technology (a.k.a. "hack"): * Create copies of code objects. * Wipe out all absolute addresses in these copies. * Write out the cleaned copies instead of the originals. In conjunction with --random-seed, our snapshots are reproducible now. BUG=v8:2885 R=bmeurer@chromium.org, erik.corry@gmail.com Review URL: https://codereview.chromium.org/54823002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 10:14:48 +00:00
svenpanne@chromium.org	82b8e23bc1	Introduce raw accessors for type_feedback_info. This pure refactoring is needed for another upcoming CL. Note that the actual names are still a bit confusing, because this is still a kind of swiss-army-knife-field. :-/ R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/52633003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17472 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 10:05:03 +00:00
mvstanton@chromium.org	31865699ac	Function ElementsAreSafeToExamine was undefined in release heap verify. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/48963006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17422 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-29 07:56:47 +00:00
rafaelw@chromium.org	523851b337	Handlify JSObject::PrepareElementsForSort BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/32523008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17402 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-25 20:42:51 +00:00
mvstanton@chromium.org	a85c825bb9	The Elements pointer in a JSObject can have a filler map instead of a valid fixed array, iff a gc occurred while allocating a fixed array as part of array construction. Heap verification needs protection against examining the elements object in this case. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/43383004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-25 12:26:47 +00:00
hpayer@chromium.org	2dfaf2aab5	Add code age subtype tracking to --track-gc-object-stats Adds counters which track the age of code in the heap during a gc if --track-gc-object-stats is enabled. - Splits RecordObjectStats into RecordObjectStats, RecordCodeSubTypeStats and RecordFixedArraySubTypeStats. - Renames kNoAge to kNoAgeCodeAge to follow other code age enums and enable the name to be used in Macro based initialization of the counters. BUG=None R=hpayer@chromium.org Review URL: https://codereview.chromium.org/26179004 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17369 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-24 10:50:35 +00:00
rafaelw@chromium.org	f719a45f18	Handlify Map::CopyInstallDescriptors BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/34603008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 22:02:14 +00:00
rafaelw@chromium.org	91fa96bf6b	Handlify Map::CopyNormalized R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/32483006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17349 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 19:47:38 +00:00
danno@chromium.org	bdeaf7514a	Enable preaging of code objects when --optimize-for-size. This change means that code which is never executed is garbage collected immediately, and code which is only executed once is collected more quickly (limiting heap growth), however, code which is re-executed is reset to the young age, thus being kept around for the same number of GC generations as currently. BUG=280984 R=danno@chromium.org, hpayer@chromium.org Review URL: https://codereview.chromium.org/23480031 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17343 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 13:48:04 +00:00
mstarzinger@chromium.org	701749c4ec	Simplify ObjectVisitor for external references. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/36853003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 10:47:51 +00:00
rafaelw@chromium.org	146eb9e0ee	Handlify Map::CopyForObserved R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/34023002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17327 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 17:41:08 +00:00
mstarzinger@chromium.org	be3ed75ff3	Fix materialization of captured objects with field tracking. R=titzer@chromium.org BUG=chromium:298990 TEST=mjsunit/compiler/escape-analysis-representation Review URL: https://codereview.chromium.org/35133003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 13:48:54 +00:00
mstarzinger@chromium.org	b47dd2b58c	Make PropertyCell::UpdatedType return a handle. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/31933003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 08:24:35 +00:00
mstarzinger@chromium.org	19b2ee1c40	Handlify PropertyCell::SetValueInferType and friends. This finally gets rid of the pesky trampoline in SetValueInferType and enforces the layering between PropertyCell and Heap. It requires full handlification of NewGlobalObject as well, which is only used when the snapshot is created at compile-time. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/28783002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17297 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-21 13:55:24 +00:00
yangguo@chromium.org	a428465819	Handlify JSObject::HasReal*Property. R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/27518002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17272 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-18 12:52:07 +00:00
yangguo@chromium.org	1eeebd2b6b	Handlify GetPropertyWithCallback. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/27335002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17234 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-16 09:13:31 +00:00
mvstanton@chromium.org	8f9f192f6e	AllocationSites for all literals R=hpayer@chromium.org Review URL: https://codereview.chromium.org/24250005 Review URL: https://codereview.chromium.org/27366003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-16 08:10:36 +00:00
rafaelw@chromium.org	2268defb84	Handlify JSObject::SetObserved BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/27070002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17224 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 19:28:11 +00:00
mvstanton@chromium.org	f4edc076d8	Revert "AllocationSites for all literals" This reverts commit r17219 due to WebKit failures. R=mstarzinger@chromium.org TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/26539010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17222 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 15:35:23 +00:00
mvstanton@chromium.org	362c0cfbca	AllocationSites for all literals BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/24250005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 14:52:58 +00:00
ulan@chromium.org	83c63cf555	Out-of-line constant pool on Arm: Stage 2 - Introduce ConstantPoolArray object. Second stage of implementing an out-of-line constant pool on Arm. This CL Introduces the ConstantPoolArray object which will be used as the backing store of out-of-line constant pools. Nothing uses this object yet. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/22601003 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17197 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-14 13:35:06 +00:00
verwaest@chromium.org	04e1462f9e	Centralize handler caching and probing in ic.cc. Also purge invalid POLYMORPHIC stubs. In a next step the compilers should probably be merged and the "Compute*" on the stub-cache removed. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25548009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17161 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-11 13:48:14 +00:00
yangguo@chromium.org	907f079d25	Handlify GetPropertyWithFailedAccessCheck. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/25732002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17146 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-10 15:38:52 +00:00
yangguo@chromium.org	995ea2bd82	Handlify JSObject::GetProperty????Interceptor. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/25669004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17145 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-10 15:27:02 +00:00
ulan@chromium.org	f9fbe4fcfb	Enable weak embedded objects in optimized code with a fix for heap verifier. BUG=v8:2073 R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/25702008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17141 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-10 13:14:37 +00:00
olivf@chromium.org	66c610398f	Reland "Hydrogenisation of binops" BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/25494007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-04 08:17:11 +00:00
ulan@chromium.org	52c421956a	Make objects embedded in optimized code weak. This introduces a global weak hash table that maps objects embedded in optimized code to dependent code lists. Using this table we can deoptimize optimized code whenever a weak object embedded in the code dies. BUG=v8:2073 R=hpayer@chromium.org, mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23477061 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17102 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-04 07:25:24 +00:00
hpayer@chromium.org	9d732d6594	Print out how many AllocationMementos were found during mark-sweep. Moreover use the right memory boundary for AllocationMemento lookup during gc. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/25655004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17069 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 11:04:54 +00:00
yangguo@chromium.org	72f93382bc	Correctly handlify CopyContextLocalsToScopeObject. Handlified functions that expect allocation must be static, i.e. not allow to use 'this', since 'this' is not relocated by potential GC. R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/25704002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17068 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 10:51:10 +00:00
mstarzinger@chromium.org	3ee9b84609	Remove deprecated JSObject::GetLocalPropertyType method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/25453003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17061 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 08:27:33 +00:00
olivf@chromium.org	9459ed3ab4	Revert "Hydrogenisation of binops" This reverts r17052-17054 for various build breaks. TBR=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/25571002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17055 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 18:00:02 +00:00
olivf@chromium.org	7873f35eb2	Hydrogenisation of binops BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/24072013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17052 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 15:24:56 +00:00
mstarzinger@chromium.org	d67ffdaa52	Handlify JSObject::LookupAccessor method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/25508002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17048 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 14:26:15 +00:00
verwaest@chromium.org	d4cbf02afc	Allow code to be cached in shared maps. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25486002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17045 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 13:13:39 +00:00
mstarzinger@chromium.org	b9b528e030	Defer allocation of native function literals. R=dcarney@chromium.org Review URL: https://codereview.chromium.org/25473002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17038 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 09:47:37 +00:00
verwaest@chromium.org	14422a698f	Cleanup in IC patching. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25001005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17036 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 09:44:35 +00:00
verwaest@chromium.org	63b584474f	Reduce code duplication in IC updating. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25033003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17034 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 09:30:07 +00:00
yangguo@chromium.org	62e4d0671d	Fixed debuggersupport=off build after r16521 BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/25108007 Patch from Weiliang Lin <weiliang.lin@intel.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 07:53:37 +00:00
jkummerow@chromium.org	85ae341b09	Revert "Defer allocation of native function literals." This reverts r17017 for breaking LayoutTests. R=mstarzinger@chromium.org TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/25315002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 17:42:58 +00:00
verwaest@chromium.org	aa4eaeebee	Revert "Allow code to be cached in shared maps." due to GC stress crashes. TBR=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25084005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17022 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 16:34:37 +00:00
verwaest@chromium.org	fa742f84a4	Allow code to be cached in shared maps. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25058004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17020 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 15:28:52 +00:00
mstarzinger@chromium.org	c624141bf3	Defer allocation of native function literals. R=dcarney@chromium.org BUG= Review URL: https://codereview.chromium.org/25164003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 14:49:11 +00:00
verwaest@chromium.org	f1fe1f95f5	Tag normal as handlers, and make code handler-specific. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25049003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17013 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 13:58:44 +00:00
verwaest@chromium.org	0f715540a2	Tag handlers as HANDLER rather than STUB. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25044002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17012 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 13:53:21 +00:00
yangguo@chromium.org	6eb8691846	Remove unused kFirstMathFunctionId Review URL: https://codereview.chromium.org/24537002 Patch from Haitao Feng <haitao.feng@intel.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16935 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-25 09:10:45 +00:00
mvstanton@chromium.org	f26bcd9fef	Add field nested_sites to AllocationSite. This field is used to maintain allocation site information for nested array and object literals. It's not used productively in this CL, merely maintained in a minimal way. (that comes next :)). BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/23463047 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-24 10:30:41 +00:00
mstarzinger@chromium.org	8cbb4dcb49	Handlify JSObject::MigrateInstance and friends. This relands the original change from r16899 together with a bugfix for two unhandlified values which became stale. R=verwaest@chromium.org TEST=mjsunit/debug-evaluate-locals-optimized (in GC stress mode) Review URL: https://codereview.chromium.org/24210011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 19:56:36 +00:00
mstarzinger@chromium.org	40decafa84	Revert "Handlify JSObject::MigrateInstance and friends." This is reverted due to mozilla/ecma/Date/15.9.5.9 failing on Windows. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/24374002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 16:53:59 +00:00
mstarzinger@chromium.org	1279103806	Handlify JSObject::MigrateInstance and friends. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23583052 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16899 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 15:02:25 +00:00
mstarzinger@chromium.org	4d64bf9737	Handlify JSObject::AllocateStorageForMap method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23464089 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16883 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 11:57:34 +00:00
mstarzinger@chromium.org	d87c0679dd	Hanldify JSObject::PreventExtensions method. R=ulan@chromium.org Review URL: https://codereview.chromium.org/24200005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 12:54:02 +00:00
mstarzinger@chromium.org	35142b817f	Handlify JSObject::NormalizeProperties method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23976010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16862 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 11:37:02 +00:00
verwaest@chromium.org	0bff3fa74b	Remove duplicate way of encoding the holder in the flags. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/24316002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16859 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 11:22:23 +00:00
mstarzinger@chromium.org	220c40542b	Handlify JSObject::Freeze method. R=adamk@chromium.org Review URL: https://codereview.chromium.org/24256004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16846 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-19 21:26:01 +00:00
mstarzinger@chromium.org	cd4dba243c	Handlify JSReceiver::SetPropertyWithDefinedSetter method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/24176002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16844 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-19 17:03:32 +00:00
mvstanton@chromium.org	137b43c9a3	Added a DependentCode field to AllocationSite. It's not currently used, this initial CL is just to get the object layout correct. BUG= R=hpayer@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23567003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16833 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-19 14:13:34 +00:00
mstarzinger@chromium.org	137029a756	Handlify JSObject::AddFastPropertyUsingMap method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/24195003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16801 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-18 16:41:12 +00:00
mstarzinger@chromium.org	83cb6a6351	Handlify JSObject::SetNormalizedProperty methods. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/24096017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-18 16:25:52 +00:00
mstarzinger@chromium.org	4c85efb597	Handlify JSReceiver::HasProperty and friends. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23496058 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-17 11:34:20 +00:00
mstarzinger@chromium.org	16a22a96c3	Handlify JSReceiver::SetProperty and friends. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23601031 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16758 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-17 11:01:43 +00:00
verwaest@chromium.org	223ac69ff6	Rename StubType MAP_TRANSITION to TRANSITION. R=mvstanton@chromium.org Review URL: https://chromiumcodereview.appspot.com/24120007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16726 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-16 09:30:43 +00:00
dcarney@chromium.org	564a9a68b8	remove getcurrent from stubs R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23756009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-13 10:23:04 +00:00
mstarzinger@chromium.org	50b0567640	Handlify JSObject::DeepCopy method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/22934006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-13 09:51:11 +00:00
verwaest@chromium.org	e9c4a49866	Reland Handle non-JSObject heap objects using slow-path IC stub guarded by the map. R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23578030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 22:04:04 +00:00
mvstanton@chromium.org	5521e2e825	Bugfix: array constructors that expect a type feedback cell that points to an AllocationSite were being passed the undefined object in some cases. Clearly separate the cases where we have an AllocationSite and where we don't in the general ArrayConstructorStub. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23477071 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 17:59:41 +00:00
verwaest@chromium.org	ff412d8c37	Revert "Handle non-JSObject heap objects using slow-path IC stub guarded by the map." TBR=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23475039 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 16:57:37 +00:00
verwaest@chromium.org	f375e0514b	Handle non-JSObject heap objects using slow-path IC stub guarded by the map. BUG=chromium:280632 R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23691056 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 16:12:04 +00:00
mstarzinger@chromium.org	6c18fbc229	Use trampoline or handlified JSObject::SetLocalPropertyIgnoreAttributes. R=verwaest@chromium.org Committed: http://code.google.com/p/v8/source/detail?r=16642 Review URL: https://codereview.chromium.org/24093002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 13:27:42 +00:00
yangguo@chromium.org	151e514930	Simplify installing concurrently recompiled code. Instead of overwriting the code entry of the function, we trigger an interrupt to install the code on the main thread. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23542029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 11:30:56 +00:00
ulan@chromium.org	0e8e003077	Implement in-place rehashing of HashTable. The algorithm puts elements into correct positions in multiple iterations. On the first iteration it tries to put elements at entries specified by their first hash probe. On the second iteration -- by the second hash probe, and so on. Overall it does O(k*n) memory accesses, where k is the maximum number of probes required for an element and n is the capacity of the hash table. The expectation is that k will be small. R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23658031 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16678 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 11:03:27 +00:00
mstarzinger@chromium.org	8bf91ffe71	Revert "Use trampoline or handlified JSObject::SetLocalPropertyIgnoreAttributes". This was reverted due to performance regressions on Sunspider and other benchmarks due to double GCs caused by the trampoline. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23435006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 15:16:56 +00:00
mstarzinger@chromium.org	5dc202d274	Revert "Handlify JSObject::AddProperty method" for performance. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/23464069 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 13:42:57 +00:00
mstarzinger@chromium.org	c570640334	Handlify JSObject::AddProperty method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23883007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 11:00:36 +00:00
mstarzinger@chromium.org	ae7813cacf	Use trampoline or handlified JSObject::SetLocalPropertyIgnoreAttributes. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/24093002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16642 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 10:46:49 +00:00
dcarney@chromium.org	cc2257b92a	move HEAP to /test R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23468021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16631 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 07:14:41 +00:00
mstarzinger@chromium.org	448d98e19d	Use raw-to-handle trampoline in [Get/Set]HiddenPropertiesHashTable. R=danno@chromium.org Review URL: https://codereview.chromium.org/23629040 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16623 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-10 14:33:06 +00:00
titzer@chromium.org	49d9555a97	Generate a custom OSR entrypoint for OSR compiles on all platforms, and transition to optimized code using the special entrypoint, instead of through the deoptimizer. Do not install the OSR compiled code as _the_ optimized code for a function. Remove OSR-related stuff from deoptimizer. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/21340002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16599 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 16:34:40 +00:00
mstarzinger@chromium.org	1a26455d22	Handlify JSObject::EnsureCanContainHeapObjectElements method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23818005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 14:29:47 +00:00
dcarney@chromium.org	c20f87a654	add uncached Function::New TBR=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/24071002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16586 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 07:52:52 +00:00
dcarney@chromium.org	5b0a281604	revert 16584 for breaking build TBR=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23680014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 07:16:24 +00:00
dcarney@chromium.org	ddc5d437bb	add uncached Function::New R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23561007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 07:08:34 +00:00
loislo@chromium.org	bbd26abedb	Functions may not be optimized and we would like to know in cpu profiler what was the reason. Current v8 implementation may disable optimization for a particular function or block it with help of dont_optimize flag. The patch propagates the reason of that to the SharedFunctionInfo where cpu profiler can get it. SharedFunctionInfo is a heap object so I extracted 8 bits from OptsCount for handling bailout reason code. BUG=none TEST=test-profile-generator/BailoutReason R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23817003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16555 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-05 13:20:51 +00:00
dcarney@chromium.org	d208d048ac	remove most Isolate::Current asserts R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23493019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16552 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-05 11:27:22 +00:00
titzer@chromium.org	35490d82a9	Add OptimizedCodeList and DeoptimizedCodeList to native contexts. Both lists are weak. This makes it possible to find optimized code that is not referred to by any function, but still needs to be deoptimized. It obsoletes the weak deoptimizing code list in the deoptimizer data and generally simplifies the process of deoptimizing code. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23444029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16530 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 13:53:24 +00:00
yangguo@chromium.org	070e3b0af4	Introduce concurrent on-stack replacement. Currently disabled behind --concurrent-osr. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/23710014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16527 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 12:55:59 +00:00
dcarney@chromium.org	7dcc12abf6	build fix for 16520 TBR=bmeurer@chromium.org BUG= Review URL: https://codereview.chromium.org/23874010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16523 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 11:09:55 +00:00
dcarney@chromium.org	2b7efe05ae	remove Isolate::Current from most files starting with 'j' through 'o' R=bmeurer@chromium.org BUG= Review URL: https://codereview.chromium.org/23578012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16520 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 10:34:42 +00:00
dcarney@chromium.org	615c34869c	Push SetAccessor to Template R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23182003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16515 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 07:45:36 +00:00
dcarney@chromium.org	3e76d8b870	remove Isolate::Current from most files starting with 'o' through 'r' R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23757017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 07:05:11 +00:00
verwaest@chromium.org	3f70c3b07b	Allow uncacheable identifiers to go generic. BUG=v8:2867 R=jkummerow@chromium.org Review URL: https://chromiumcodereview.appspot.com/23453019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16481 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 16:32:11 +00:00
jkummerow@chromium.org	6e4bec8f88	Bump MaxRegularSpaceAllocationSize to InitialSemiSpaceSize() * 4/5 to allow allocation of large packed arrays in paged spaces. BUG=v8:2790 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23604023 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16475 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 13:36:49 +00:00

... 4 5 6 7 8 ...

1566 Commits