AuroraMiddleware/v8 - v8 - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
dslomov@chromium.org	34eeeb8953	Revert "Implement in-heap backing store for typed arrays." This reverts commit r18649 for breaking Linux/nosnap and Win64 tests. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/140793003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 16:00:36 +00:00
dslomov@chromium.org	97040ce67b	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Committed: https://code.google.com/p/v8/source/detail?r=18646 Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18649 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 15:01:27 +00:00
dslomov@chromium.org	95f572389e	Revert "Implement in-heap backing store for typed arrays." This reverts commit r18646 for breaking Win32 build. TBR=jkummerow@chromium.org Review URL: https://codereview.chromium.org/132233012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 14:26:15 +00:00
dslomov@chromium.org	0c960c2e96	Implement in-heap backing store for typed arrays. This adds a fixed array sub-type that will represent a backing store for typed arrays allocated with TypedArray(length) construtor. R=mvstanton@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/101413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 14:18:37 +00:00
hpayer@chromium.org	e3fdf3f4e7	Refactor DeoptimizeDependentCodeGroup. BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/137783016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-16 10:00:03 +00:00
hpayer@chromium.org	f01dc250dc	Handlify AllocationSite AddDependentCompilationInfo. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/136703002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18570 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 14:54:33 +00:00
bmeurer@chromium.org	53e29e5f19	Inline AllocationMemento::FindForHeapObject() into the two call sites. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/136633002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18565 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 13:11:46 +00:00
mvstanton@chromium.org	854d085996	More efficient use of space in AllocationSite. We can eliminate one word from the object by sharing the pretenuring decision and the found memento count. R=bmeurer@chromium.org, hpayer@chromium.org Review URL: https://codereview.chromium.org/132063004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18554 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-13 10:28:01 +00:00
rossberg@chromium.org	99359d389c	Revert "Implement zone-allocated types" This reverts commit 4308974b16d1ee67d9f64d797c5ea64ffaab51df. TBR=machenbach@chromium.org BUG= Review URL: https://codereview.chromium.org/133353005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 15:33:37 +00:00
rossberg@chromium.org	d849dfa5d4	Implement zone-allocated types More template magic FTW. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/103743004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18543 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 14:43:48 +00:00
rossberg@chromium.org	cb28b7f837	Retry "Templatise type representation" after making clang happy The only thing different now is line types.h:208/236, which had a static_cast<Type*> before. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/133683002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18533 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 12:19:01 +00:00
hpayer@chromium.org	4ef951cf43	Allocation site pretenuring. Pretenuring decisions are made based on allocation site lifetime statistics. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/96783002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18532 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-10 12:11:54 +00:00
machenbach@chromium.org	8ffcd2a281	[Sheriff] Revert "Templatise type representation" and "Fix Mac warnings". This reverts commit r18521 and r18522 for breaking mac and win builders. BUG= TBR=rossberg@chromium.org Review URL: https://codereview.chromium.org/132493002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18524 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 19:52:15 +00:00
rossberg@chromium.org	713a74ca09	Fix Mac warnings R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/132263002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 17:37:48 +00:00
rossberg@chromium.org	1c33a2d840	Templatise type representation This is to support both heap- and zone-allocated types in the future (the latter not yet implemented). Also, handlify the type API some more. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/107933005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18521 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-09 17:12:48 +00:00
rmcilroy@chromium.org	687537ded3	Fix some out-of-line constant pool garbage collection bugs. This CL fixes some bugs in the out of line constant pool implementation when constant pools are GCed. Namely: - Push/Pop pp register in exit frames and VisitPointer on it to ensure it is updated if the ConstantPoolArray is moved by GC. - Mark pp as a SafePoint Register for optimized functions. - Ensure that StandardFrame::IterateExpressions also iterates over the constant pool pointer in the stackframe. - Fix calculation of last_ptr_offset in ConstantPoolArray body iterator. - Make ensure that CONSTANT_POOL_ARRAY_TYPE is a pointer object InstanceType. R=ulan@chromium.org Review URL: https://codereview.chromium.org/123263005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 15:53:54 +00:00
mvstanton@chromium.org	e3e7daf01c	We need to know if a load, store or call IC is assumed to be on the global object. Previously, this information was stored in RelocInfo. A more logical place for this kind of structural information is ExtraICState. Storing it there makes it easier for us to gather type feedback from these sites too. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/96083005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18466 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-07 14:14:34 +00:00
bmeurer@chromium.org	ad4231c495	Reland "Allocation site support for monomorphic StringAdds in BinaryOps". R=ulan@chromium.org Review URL: https://codereview.chromium.org/106313003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18444 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 15:31:27 +00:00
bmeurer@chromium.org	4d88b0b4be	Revert "Fix compilation with C++11." and "Allocation site support for monomorphic StringAdds in BinaryOps.". This reverts commit r18431 and r18432 for breaking the Linux nosnapshot build. R=ulan@chromium.org Review URL: https://codereview.chromium.org/122463004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18434 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 10:38:45 +00:00
bmeurer@chromium.org	a91499fec7	Allocation site support for monomorphic StringAdds in BinaryOps. R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/106453003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18431 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2014-01-02 09:17:52 +00:00
rmcilroy@chromium.org	78ab4379d3	Out-of-line constant pool on Arm: Stage 3 - Set Constant Pool Pointer on Function Entry Third stage of implementing an out-of-line constant pool for Arm. This CL adds a ConstantPool field to Code objects and initializes the pp register on function entry, and saves the pp register on the stack frame. The ConstantPool object is always empty and is unused currently. R=ulan@chromium.org Review URL: https://codereview.chromium.org/88043002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18425 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-30 11:23:59 +00:00
yangguo@chromium.org	6ba6d0b4fe	Cache optimized code for OSR. BUG=v8:2637 LOG=N R=titzer@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/101853003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18410 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-23 14:42:42 +00:00
yangguo@chromium.org	2a4be7067c	Refactor the compiling pipeline. Goals: - easier to read, more suitable identifiers. - better distinction between compiling optimized/unoptimized code - compiler does not install code on the function. - easier to add features (e.g. caching optimized code for osr). - remove unnecessary code. R=titzer@chromium.org Review URL: https://codereview.chromium.org/110203002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18409 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-23 14:30:35 +00:00
yangguo@chromium.org	f7929d2a87	Reland "Handlify concat string and substring." This relands commit r17490. BUG= R=ulan@chromium.org Review URL: https://codereview.chromium.org/114943004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18408 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-23 12:37:56 +00:00
hpayer@chromium.org	7305592638	Use an allocation site scratchpad to speed up allocaton site processing during gc. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/99133017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 21:23:56 +00:00
hpayer@chromium.org	9c8d625422	Generalize AllocationMemento::FindForHeapObject and remove corresponding new space check. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/104903002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18366 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 20:08:54 +00:00
hpayer@chromium.org	7be4945c2b	Removed unused ShouldTrackAllocationInfo method. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/111723004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18341 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-18 10:30:31 +00:00
jkummerow@chromium.org	28cab36838	Ensure that Code objects' kind specific flags are initialized properly. Also, have the stub cache set a valid MajorKey on stubs it creates. Getting weird random bits frightens and confuses the poor simple type feedback oracle. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/108443004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18309 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-13 10:27:19 +00:00
jkummerow@chromium.org	48ff79a300	Fix polymorphic inlined calls with migrating prototypes LOG=Y R=verwaest@chromium.org Review URL: https://codereview.chromium.org/104793003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-12 14:57:00 +00:00
verwaest@chromium.org	d5787278bc	Fixed global object leak caused by overwriting the global receiver (the global proxy) in the global object with the global object itself. This CL additionally removes the API function to reattach a global proxy to a global object. BUG=324812 LOG=y R=dcarney@chromium.org, titzer@chromium.org Review URL: https://chromiumcodereview.appspot.com/101733002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18299 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-11 13:51:48 +00:00
bmeurer@chromium.org	f0cfb1cad9	Increase number of available major keys. This also adds a static assert checking that we do not exceed the available number of major keys. The safepoint table offset is now max 2^24 instead of 2^25. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/110183003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18284 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-10 09:44:44 +00:00
yangguo@chromium.org	5df90d2c74	Remove unused trigonometric code. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/104203003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18256 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-04 11:39:24 +00:00
bmeurer@chromium.org	46fbeec7ab	Remove the obsolete Code::IsPregenerated flag. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/96753003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18172 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-12-02 09:46:35 +00:00
mvstanton@chromium.org	e066a3667d	Move responsibility for definition of ExtraICState bits into the ICs. Currently it's in the Code object for some ICs and in ICs for other ICs. This should make it easier to alter bits as needed. 2) Recover an extra bit in the code object to give us 6 bits for the extra ic state. We'll need it soon to store contextual state. 3) Cleanup code that treated StrictMode enum and ExtraICState enum as interchangeble. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/91803003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18136 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-28 15:32:55 +00:00
rossberg@chromium.org	e943623b12	Harmony promises Based on prototype at https://github.com/rossberg-chromium/js-promise which informed the latest spec draft version at https://github.com/domenic/promises-unwrapping/blob/master/README.md Activated by --harmony-promises. Feature complete with respect to the draft spec, plus the addition of .when and .deferred methods. Final naming and other possible deviations from the current draft will hopefully be resolved soon after the next TC39 meeting. This CL also generalises the Object.observe delivery loop into a simplistic microtask loop. Currently, all observer events are delivered before invoking any promise handler in a single fixpoint iteration. It's not clear yet what the final semantics is supposed to be (should there be a global event ordering?), but it will probably require a more thorough event loop abstraction inside V8 once we get there. R=dslomov@chromium.org, yhirano@chromium.org BUG= Review URL: https://codereview.chromium.org/64223010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18113 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-27 17:21:40 +00:00
mvstanton@chromium.org	f3a22f965e	The goal is to discover the appropriate heap space for objects created in full code. By the time we optimize the code, we'll be able to decide on new or old space based on the number of surviving objects after one or more gcs. The mechanism is a "memento" placed behind objects in the heap. It's currently done for array and object literals, with plans to use mementos for constructed objects as well (in a later CL). The feature is behind the flag allocation_site_pretenuring, currently off. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/40063002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-27 14:03:40 +00:00
mvstanton@chromium.org	81b22bbf96	A performance regression in array literal creation was caused by refactoring that eliminated a special fast case for shallow arrays. At the same time the general case got a bit slower. This CL restores most of the performance without coding the special fast case. The virtual dispatching is unnecessary because we know what we want to do at compile time. A flag was added to Runtime::CreateArrayLiteral. The flags delivers information about shallowness but also whether or not allocation mementos should be created. This is useful for crankshafted code. BUG=v8:3008 LOG=Y R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/77293003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-25 12:41:27 +00:00
verwaest@chromium.org	016113d945	Use Type in CheckPrototypes. R=ishell@chromium.org Review URL: https://chromiumcodereview.appspot.com/78023002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 15:06:20 +00:00
ulan@chromium.org	6a4d5b4228	Invalidate embedded objects in optimized code if it was marked for deoptimization. It avoids having dead pointers in code from the time it was marked for deoptimization until it is deoptimized. BUG=320532,v8:2996 TEST=mjsunit/regress/regress-320532.js LOG=Y R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/61213012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18013 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 13:10:31 +00:00
svenpanne@chromium.org	b6b84c02b2	Reland "Implement Math.random() purely in JavaScript" plus fixes. The main change is that a bit has been added to array buffers to signal that the backing store has to be freed when the buffer dies. BUG=316359 LOG=Y R=yangguo@chromium.org Review URL: https://codereview.chromium.org/82763005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18003 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 11:35:39 +00:00
mvstanton@chromium.org	3c95790f32	Pretenuring calculation fields in AllocationSite. AllocationSite-based pretenuring needs additional fields to carry out calculations. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/43603002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17986 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-22 07:34:21 +00:00
danno@chromium.org	8e266c2244	Revert 17963, 17962 and 17955: Random number generator in JS changes Revert 17966, 17965 also as collateral damage: Embed trigonometric lookup table. Due to Heapcheck and valgrind failures that are not yet fixed. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/80513004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17981 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 17:21:00 +00:00
ishell@chromium.org	8537e167f2	Code object now prints its major_key when applicable. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/81043002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17980 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 16:55:16 +00:00
svenpanne@chromium.org	2b1da67263	Implement Math.random() purely in JavaScript. This removes tons of architecture-specific code and makes it easy to experiment with other pseudo-RNG algorithms. The crankshafted code is extremely good, keeping all things unboxed and doing only minimal checks, so it is basically equivalent to the handwritten code. When benchmarks are run without parallel recompilation, we get a few percent regression on SunSpider's string-validate-input and string-base64, but these benchmarks run so fast that the overall SunSpider score is hardly affected and within the usual jitter. Note that these benchmarks actually run even faster when we don't crankshaft at all on the main thread (the regression is not caused by bad code, it is caused by Crankshaft needing a few hundred microsecond for compilation of a trivial function). Luckily, when parallel recompilation is enabled, i.e. in the browser, we see no regression at all! R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/68723002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-21 09:55:15 +00:00
danno@chromium.org	06c7620302	Fixed crashes exposed though fuzzing. The %_OneByteSeqStringSetChar intrinsic expects its arguments to be checked before being called for efficiency reasons, but the fuzzer provided no such checks. Now the intrinsic is robust to bad input if FLAG_debug_code is set. R=yangguo@chromium.org TEST=test/mjsunit/regress/regress-320948.js BUG=chromium:320948 LOG=Y Review URL: https://codereview.chromium.org/72813004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17886 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 16:41:07 +00:00
verwaest@chromium.org	40d255ec82	Move template instance check from Object to FunctionTemplateInfo::IsTemplateFor BUG= R=dcarney@chromium.org Review URL: https://chromiumcodereview.appspot.com/67613005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17876 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 13:38:15 +00:00
bmeurer@chromium.org	b39db7bbf3	Remove unused StubType's, freeing 2 bits in Code objects. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/75973005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17867 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 12:04:54 +00:00
mvstanton@chromium.org	bff41483dc	Bugfix: dependent code field in AllocationSite was keeping code objects alive even after context death. BUG=320532 LOG=Y R=ulan@chromium.org Review URL: https://codereview.chromium.org/62803008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17856 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-19 10:17:33 +00:00
verwaest@chromium.org	38630a765f	Convert PatchCache (and related methods) to use types rather than objects/maps. R=rossberg@chromium.org Review URL: https://chromiumcodereview.appspot.com/75413002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17847 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-18 17:18:14 +00:00
danno@chromium.org	f27f2fa420	Match max property descriptor length to corresponding bit fields BUG=v8:3010 R=verwaest@chromium.org LOG=N Review URL: https://codereview.chromium.org/72333004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-18 11:44:06 +00:00
rafaelw@chromium.org	bdf78a7ad3	Reland [Object.observe] Don't force normalization of elements for observed objects Original Issue: https://codereview.chromium.org/29353003/ Note that this version of the patch includes logic for bailing out of compiled ArrayPush/ArrayPop calls if the array is observed (see stub-cache-*) R=danno@chromium.org BUG=v8:2946 LOG=N Review URL: https://codereview.chromium.org/68343016 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17769 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 21:47:39 +00:00
rafaelw@chromium.org	161cc3cd2a	Handlify JSObject::SetElement & brethren Because SetElement & co are interdependent, this patch handlfies all of JSObject:: -SetElement -SetFastElement -SetDictionaryElement -SetFastDoubleElement -SetElementWithInterceptor -SetElementWithoutInterceptor -SetElementWithCallbackSetterInPrototype R=mstarzinger@chromium.org LOG=N Review URL: https://codereview.chromium.org/66803002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17757 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 17:30:48 +00:00
verwaest@chromium.org	6befb8d5cd	Also support smi in load-ICs. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/68523009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17756 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 16:37:36 +00:00
verwaest@chromium.org	93f2ed48d9	Handle all object types (minus smi) in load/store ICs R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/62953007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 16:25:31 +00:00
mvstanton@chromium.org	3cf157b43b	Inline zero argument array constructor. patch from issue 54583003 (dependent code). Zero arguments - very easy 1 argument - three special cases: a) If length is a constant in valid array length range, no need to check it at runtime. b) respect DoNotInline feedback on the AllocationSite for cases that the argument is not a smi or is an integer with a length that should create a dictionary. c) if kind feedback is non-holey, and length is non-constant, we'd have to generate a lot of code to be correct. Don't inline this case. N arguments - one special case: a) If a deopt ever occurs because an input argument isn't compatible with the elements kind, then set the DoNotInline flag. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/55933002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17741 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-14 12:05:09 +00:00
rossberg@chromium.org	cec8383cff	Provide private symbols through internal APIs Adds a notion of private symbols, mainly intended for internal use, especially, self-hosting of built-in types that would otherwise require new C++ classes. On the JS side (i.e., in built-ins), private properties can be created and accessed through a set of macros: NEW_PRIVATE(print_name) HAS_PRIVATE(obj, sym) GET_PRIVATE(obj, sym) SET_PRIVATE(obj, sym, val) DELETE_PRIVATE(obj, sym) In the V8 API, they are accessible via a new class Private, and respective HasPrivate/Get/Private/SetPrivate/DeletePrivate methods on calss Object. These APIs are designed and restricted such that their implementation can later be replaced by whatever ES7+ will officially provide. R=yangguo@chromium.org BUG= Review URL: https://codereview.chromium.org/48923002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17683 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-13 10:34:06 +00:00
yangguo@chromium.org	e83fd01ce6	Reland "Implement Math.sin, cos and tan using table lookup and spline interpolation." This relands r17594 with necessary fixes. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/70003004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17654 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-12 14:43:18 +00:00
yangguo@chromium.org	7fd7bbdcad	Fix potential assertion failure. R=mvstanton@chromium.org BUG= Review URL: https://codereview.chromium.org/68913002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17621 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-11 15:28:47 +00:00
rafaelw@chromium.org	4bc568b77a	Revert "Reland [Object.observe] Don't force normalization of elements for observed objects" TBR=danno BUG= Review URL: https://codereview.chromium.org/67233002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17608 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 19:33:05 +00:00
rafaelw@chromium.org	ca8f947664	Reland [Object.observe] Don't force normalization of elements for observed objects Original Issue: https://codereview.chromium.org/29353003/ TBR=danno BUG=v8:2946 Review URL: https://codereview.chromium.org/66933003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17607 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 19:12:43 +00:00
rafaelw@chromium.org	c824bfb44a	Revert "[Object.observe] Don't force normalization of elements for observed objects" Broke ARM build TBR=danno BUG= Review URL: https://codereview.chromium.org/66603004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17602 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 15:36:22 +00:00
rafaelw@chromium.org	d462dca64a	[Object.observe] Don't force normalization of elements for observed objects BUG=v8:2946 R=danno@chromium.org Review URL: https://codereview.chromium.org/29353003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17601 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 14:55:13 +00:00
yangguo@chromium.org	9f104a1a3e	Revert "Implement Math.sin, cos and tan using table lookup and spline interpolation." This reverts commit r17594. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/59153007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17596 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 13:44:27 +00:00
yangguo@chromium.org	063b7c4ebb	Implement Math.sin, cos and tan using table lookup and spline interpolation. R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/50563003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17594 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 13:10:39 +00:00
bmeurer@chromium.org	3f1fc2385a	Remove unused ValueInfo struct BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/46673004 Patch from Adrian Perez de Castro <aperez@igalia.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17577 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-08 07:45:15 +00:00
vegorov@chromium.org	adae3f77ec	Allow redirecting disassembly and deoptimization traces into a file. This is controlled by two flags: --redirect_code_traces --redirect_code_traces_to=<filename> When redirection is enabled but --redirect_code_traces_to is not specified traces are written to a file code-<pid>-<isolate>.asm. This mangling scheme matches hydrogen.cfg and allows easy discovery of compilation artifacts in a multi-V8 environment (e.g. when compilation is traced from inside Chromium). D8 defines --redirect_code_traces_to=code.asm similar to hydrogen.cfg redirection. BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/43273004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17571 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-07 16:35:27 +00:00
rafaelw@chromium.org	1a74e27994	Handlify ForceSetObjectProperty Note that I've left the layering as is to make the diffs clear. Is it worth moving ForceSetObjectProperty to objects.cc? This code is clearly implementing part of the DefineOrRedefine steps from the spec, but it's still odd that it lives in Runtime. Note that handles.cc exposes a ForceSetProperty which just performs a CALL_HEAP_FUNCTION on the Runtime::ForceSetObjectProperty -- which is exposed to the api as v8::Object::ForceSet BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/61883002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17529 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-06 16:32:47 +00:00
mvstanton@chromium.org	cec8548d0e	Correct handling of arrays with callbacks in the prototype chain. Our generic KeyedStoreIC doesn't handle the case when a callback is set on array elements in the prototype chain of the object, nor do we recognize that we need to avoid the monomorphic case if these callbacks exist. This CL addresses the issue by looking for dictionary elements in the prototype chain on IC misses and crankshaft element store instructions. When found, the generic IC is used. The generic IC is changed to go to the runtime in this case too. In general, keyed loads are immune from this problem because they won't return the hole: discovery of the hole goes to the runtime where the callback will be found in the prototype chain. Double array loads in crankshaft can return the hole but only if the prototype chain is unaltered (we will catch such alterations). Includes the following patch as well (already reviewed by bmeurer): Performance regression found in test regress-2185-2.js. The problem was that the bailout method for TransitionAndStoreStub was not performing the appropriate transition. (Review URL for the ElementsTransitionAndStoreIC_Miss change: https://codereview.chromium.org/26911007) R=danno@chromium.org Review URL: https://codereview.chromium.org/35413006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17525 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-06 15:45:43 +00:00
mstarzinger@chromium.org	88be0606cf	Add support for tracking NotExectuted/ExecutedOnceCodeAge's when --track_gc_object_stats flag is set. BUG=None R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/40003002 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-06 09:29:09 +00:00
yangguo@chromium.org	371265eec4	Revert "Handlify concat string and substring." This reverts r17490. R=verwaest@chromium.org BUG= Review URL: https://codereview.chromium.org/59973004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17497 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 15:36:15 +00:00
rafaelw@chromium.org	b9883beaba	Remove SetLocalPropertiesIgnoreAttributesTrampoline BUG=v8:2877 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/59343003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17496 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 15:33:14 +00:00
yangguo@chromium.org	23d085c691	Handlify concat string and substring. R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/50073005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17490 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 14:07:07 +00:00
mstarzinger@chromium.org	5267d7b884	Introduce JSFunction::EnsureHasInitialMap method. This change enforces explicit allocation of the initial map for each JSFunction to introduce a proper layering between the JSFunction class and the Heap class. A follow-up change will then handlify the two functions AllocateInitialMap and AllocateFunctionPrototype. R=rossberg@chromium.org BUG=v8:2877 Review URL: https://codereview.chromium.org/32323013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17480 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 12:11:27 +00:00
rafaelw@chromium.org	ada13dfc3f	Remove calls to JSObject::SetLocalPropertyIgnoreAttributesTrampoline within objects.cc This includes handlifing: -SetHiddenPropertiesHashTable -ObjectHashSet::Add/Remove -ObjectHashTable::Put And splitting the following methods which previously took "allow creation" enum arguments to into side-effect-free getters and GetOrCreate*-handlfied getters. -GetHash (now GetHash & handlified GetOrCreateHash) -GetIdentityHash (now GetIdentityHash & handlified GetOrCreateIdentityHash) -GetHiddenPropertiesHashTable (now GetHiddenPropertiesHashTable & handlified GetOrCreateaHiddenPropertiesHashTable) BUG=v8:2877 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/48913008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 11:47:11 +00:00
jkummerow@chromium.org	d0c5614f9d	Proper fix for the issue exposed by r17459 This reverts r17462 and instead fixes StubCache::ComputeLoadNonexistent by replacing s/IsGlobalObject/IsJSGlobalObject/ there. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/59103005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 11:01:31 +00:00
svenpanne@chromium.org	dc8c314084	Make snapshots reproducible. To keep the structure of the serializer more or less untouched, we use some ingenious Corry-approved(TM) 3-step technology (a.k.a. "hack"): * Create copies of code objects. * Wipe out all absolute addresses in these copies. * Write out the cleaned copies instead of the originals. In conjunction with --random-seed, our snapshots are reproducible now. BUG=v8:2885 R=bmeurer@chromium.org, erik.corry@gmail.com Review URL: https://codereview.chromium.org/54823002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 10:14:48 +00:00
svenpanne@chromium.org	82b8e23bc1	Introduce raw accessors for type_feedback_info. This pure refactoring is needed for another upcoming CL. Note that the actual names are still a bit confusing, because this is still a kind of swiss-army-knife-field. :-/ R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/52633003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17472 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-11-05 10:05:03 +00:00
mvstanton@chromium.org	31865699ac	Function ElementsAreSafeToExamine was undefined in release heap verify. R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/48963006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17422 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-29 07:56:47 +00:00
rafaelw@chromium.org	523851b337	Handlify JSObject::PrepareElementsForSort BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/32523008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17402 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-25 20:42:51 +00:00
mvstanton@chromium.org	a85c825bb9	The Elements pointer in a JSObject can have a filler map instead of a valid fixed array, iff a gc occurred while allocating a fixed array as part of array construction. Heap verification needs protection against examining the elements object in this case. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/43383004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-25 12:26:47 +00:00
hpayer@chromium.org	2dfaf2aab5	Add code age subtype tracking to --track-gc-object-stats Adds counters which track the age of code in the heap during a gc if --track-gc-object-stats is enabled. - Splits RecordObjectStats into RecordObjectStats, RecordCodeSubTypeStats and RecordFixedArraySubTypeStats. - Renames kNoAge to kNoAgeCodeAge to follow other code age enums and enable the name to be used in Macro based initialization of the counters. BUG=None R=hpayer@chromium.org Review URL: https://codereview.chromium.org/26179004 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17369 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-24 10:50:35 +00:00
rafaelw@chromium.org	f719a45f18	Handlify Map::CopyInstallDescriptors BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/34603008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 22:02:14 +00:00
rafaelw@chromium.org	91fa96bf6b	Handlify Map::CopyNormalized R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/32483006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17349 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 19:47:38 +00:00
danno@chromium.org	bdeaf7514a	Enable preaging of code objects when --optimize-for-size. This change means that code which is never executed is garbage collected immediately, and code which is only executed once is collected more quickly (limiting heap growth), however, code which is re-executed is reset to the young age, thus being kept around for the same number of GC generations as currently. BUG=280984 R=danno@chromium.org, hpayer@chromium.org Review URL: https://codereview.chromium.org/23480031 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17343 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 13:48:04 +00:00
mstarzinger@chromium.org	701749c4ec	Simplify ObjectVisitor for external references. R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/36853003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-23 10:47:51 +00:00
rafaelw@chromium.org	146eb9e0ee	Handlify Map::CopyForObserved R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/34023002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17327 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 17:41:08 +00:00
mstarzinger@chromium.org	be3ed75ff3	Fix materialization of captured objects with field tracking. R=titzer@chromium.org BUG=chromium:298990 TEST=mjsunit/compiler/escape-analysis-representation Review URL: https://codereview.chromium.org/35133003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 13:48:54 +00:00
mstarzinger@chromium.org	b47dd2b58c	Make PropertyCell::UpdatedType return a handle. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/31933003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17312 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-22 08:24:35 +00:00
mstarzinger@chromium.org	19b2ee1c40	Handlify PropertyCell::SetValueInferType and friends. This finally gets rid of the pesky trampoline in SetValueInferType and enforces the layering between PropertyCell and Heap. It requires full handlification of NewGlobalObject as well, which is only used when the snapshot is created at compile-time. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/28783002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17297 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-21 13:55:24 +00:00
yangguo@chromium.org	a428465819	Handlify JSObject::HasReal*Property. R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/27518002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17272 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-18 12:52:07 +00:00
yangguo@chromium.org	1eeebd2b6b	Handlify GetPropertyWithCallback. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/27335002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17234 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-16 09:13:31 +00:00
mvstanton@chromium.org	8f9f192f6e	AllocationSites for all literals R=hpayer@chromium.org Review URL: https://codereview.chromium.org/24250005 Review URL: https://codereview.chromium.org/27366003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17228 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-16 08:10:36 +00:00
rafaelw@chromium.org	2268defb84	Handlify JSObject::SetObserved BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/27070002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17224 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 19:28:11 +00:00
mvstanton@chromium.org	f4edc076d8	Revert "AllocationSites for all literals" This reverts commit r17219 due to WebKit failures. R=mstarzinger@chromium.org TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/26539010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17222 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 15:35:23 +00:00
mvstanton@chromium.org	362c0cfbca	AllocationSites for all literals BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/24250005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-15 14:52:58 +00:00
ulan@chromium.org	83c63cf555	Out-of-line constant pool on Arm: Stage 2 - Introduce ConstantPoolArray object. Second stage of implementing an out-of-line constant pool on Arm. This CL Introduces the ConstantPoolArray object which will be used as the backing store of out-of-line constant pools. Nothing uses this object yet. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/22601003 Patch from Ross McIlroy <rmcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17197 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-14 13:35:06 +00:00
verwaest@chromium.org	04e1462f9e	Centralize handler caching and probing in ic.cc. Also purge invalid POLYMORPHIC stubs. In a next step the compilers should probably be merged and the "Compute*" on the stub-cache removed. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25548009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17161 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-11 13:48:14 +00:00
yangguo@chromium.org	907f079d25	Handlify GetPropertyWithFailedAccessCheck. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/25732002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17146 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-10 15:38:52 +00:00
yangguo@chromium.org	995ea2bd82	Handlify JSObject::GetProperty????Interceptor. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/25669004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17145 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-10 15:27:02 +00:00
ulan@chromium.org	f9fbe4fcfb	Enable weak embedded objects in optimized code with a fix for heap verifier. BUG=v8:2073 R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/25702008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17141 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-10 13:14:37 +00:00
olivf@chromium.org	66c610398f	Reland "Hydrogenisation of binops" BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/25494007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-04 08:17:11 +00:00
ulan@chromium.org	52c421956a	Make objects embedded in optimized code weak. This introduces a global weak hash table that maps objects embedded in optimized code to dependent code lists. Using this table we can deoptimize optimized code whenever a weak object embedded in the code dies. BUG=v8:2073 R=hpayer@chromium.org, mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23477061 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17102 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-04 07:25:24 +00:00
hpayer@chromium.org	9d732d6594	Print out how many AllocationMementos were found during mark-sweep. Moreover use the right memory boundary for AllocationMemento lookup during gc. BUG= R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/25655004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17069 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 11:04:54 +00:00
yangguo@chromium.org	72f93382bc	Correctly handlify CopyContextLocalsToScopeObject. Handlified functions that expect allocation must be static, i.e. not allow to use 'this', since 'this' is not relocated by potential GC. R=ulan@chromium.org BUG= Review URL: https://codereview.chromium.org/25704002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17068 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 10:51:10 +00:00
mstarzinger@chromium.org	3ee9b84609	Remove deprecated JSObject::GetLocalPropertyType method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/25453003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17061 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-02 08:27:33 +00:00
olivf@chromium.org	9459ed3ab4	Revert "Hydrogenisation of binops" This reverts r17052-17054 for various build breaks. TBR=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/25571002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17055 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 18:00:02 +00:00
olivf@chromium.org	7873f35eb2	Hydrogenisation of binops BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/24072013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17052 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 15:24:56 +00:00
mstarzinger@chromium.org	d67ffdaa52	Handlify JSObject::LookupAccessor method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/25508002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17048 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 14:26:15 +00:00
verwaest@chromium.org	d4cbf02afc	Allow code to be cached in shared maps. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25486002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17045 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 13:13:39 +00:00
mstarzinger@chromium.org	b9b528e030	Defer allocation of native function literals. R=dcarney@chromium.org Review URL: https://codereview.chromium.org/25473002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17038 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 09:47:37 +00:00
verwaest@chromium.org	14422a698f	Cleanup in IC patching. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25001005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17036 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 09:44:35 +00:00
verwaest@chromium.org	63b584474f	Reduce code duplication in IC updating. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25033003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17034 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 09:30:07 +00:00
yangguo@chromium.org	62e4d0671d	Fixed debuggersupport=off build after r16521 BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/25108007 Patch from Weiliang Lin <weiliang.lin@intel.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17025 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-10-01 07:53:37 +00:00
jkummerow@chromium.org	85ae341b09	Revert "Defer allocation of native function literals." This reverts r17017 for breaking LayoutTests. R=mstarzinger@chromium.org TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/25315002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 17:42:58 +00:00
verwaest@chromium.org	aa4eaeebee	Revert "Allow code to be cached in shared maps." due to GC stress crashes. TBR=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25084005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17022 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 16:34:37 +00:00
verwaest@chromium.org	fa742f84a4	Allow code to be cached in shared maps. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25058004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17020 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 15:28:52 +00:00
mstarzinger@chromium.org	c624141bf3	Defer allocation of native function literals. R=dcarney@chromium.org BUG= Review URL: https://codereview.chromium.org/25164003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 14:49:11 +00:00
verwaest@chromium.org	f1fe1f95f5	Tag normal as handlers, and make code handler-specific. BUG= R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25049003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17013 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 13:58:44 +00:00
verwaest@chromium.org	0f715540a2	Tag handlers as HANDLER rather than STUB. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/25044002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17012 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-30 13:53:21 +00:00
yangguo@chromium.org	6eb8691846	Remove unused kFirstMathFunctionId Review URL: https://codereview.chromium.org/24537002 Patch from Haitao Feng <haitao.feng@intel.com>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16935 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-25 09:10:45 +00:00
mvstanton@chromium.org	f26bcd9fef	Add field nested_sites to AllocationSite. This field is used to maintain allocation site information for nested array and object literals. It's not used productively in this CL, merely maintained in a minimal way. (that comes next :)). BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/23463047 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16912 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-24 10:30:41 +00:00
mstarzinger@chromium.org	8cbb4dcb49	Handlify JSObject::MigrateInstance and friends. This relands the original change from r16899 together with a bugfix for two unhandlified values which became stale. R=verwaest@chromium.org TEST=mjsunit/debug-evaluate-locals-optimized (in GC stress mode) Review URL: https://codereview.chromium.org/24210011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16905 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 19:56:36 +00:00
mstarzinger@chromium.org	40decafa84	Revert "Handlify JSObject::MigrateInstance and friends." This is reverted due to mozilla/ecma/Date/15.9.5.9 failing on Windows. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/24374002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16900 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 16:53:59 +00:00
mstarzinger@chromium.org	1279103806	Handlify JSObject::MigrateInstance and friends. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23583052 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16899 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 15:02:25 +00:00
mstarzinger@chromium.org	4d64bf9737	Handlify JSObject::AllocateStorageForMap method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23464089 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16883 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-23 11:57:34 +00:00
mstarzinger@chromium.org	d87c0679dd	Hanldify JSObject::PreventExtensions method. R=ulan@chromium.org Review URL: https://codereview.chromium.org/24200005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 12:54:02 +00:00
mstarzinger@chromium.org	35142b817f	Handlify JSObject::NormalizeProperties method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23976010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16862 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 11:37:02 +00:00
verwaest@chromium.org	0bff3fa74b	Remove duplicate way of encoding the holder in the flags. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/24316002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16859 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-20 11:22:23 +00:00
mstarzinger@chromium.org	220c40542b	Handlify JSObject::Freeze method. R=adamk@chromium.org Review URL: https://codereview.chromium.org/24256004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16846 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-19 21:26:01 +00:00
mstarzinger@chromium.org	cd4dba243c	Handlify JSReceiver::SetPropertyWithDefinedSetter method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/24176002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16844 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-19 17:03:32 +00:00
mvstanton@chromium.org	137b43c9a3	Added a DependentCode field to AllocationSite. It's not currently used, this initial CL is just to get the object layout correct. BUG= R=hpayer@chromium.org, mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23567003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16833 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-19 14:13:34 +00:00
mstarzinger@chromium.org	137029a756	Handlify JSObject::AddFastPropertyUsingMap method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/24195003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16801 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-18 16:41:12 +00:00
mstarzinger@chromium.org	83cb6a6351	Handlify JSObject::SetNormalizedProperty methods. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/24096017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16799 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-18 16:25:52 +00:00
mstarzinger@chromium.org	4c85efb597	Handlify JSReceiver::HasProperty and friends. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23496058 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-17 11:34:20 +00:00
mstarzinger@chromium.org	16a22a96c3	Handlify JSReceiver::SetProperty and friends. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23601031 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16758 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-17 11:01:43 +00:00
verwaest@chromium.org	223ac69ff6	Rename StubType MAP_TRANSITION to TRANSITION. R=mvstanton@chromium.org Review URL: https://chromiumcodereview.appspot.com/24120007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16726 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-16 09:30:43 +00:00
dcarney@chromium.org	564a9a68b8	remove getcurrent from stubs R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23756009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16710 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-13 10:23:04 +00:00
mstarzinger@chromium.org	50b0567640	Handlify JSObject::DeepCopy method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/22934006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16708 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-13 09:51:11 +00:00
verwaest@chromium.org	e9c4a49866	Reland Handle non-JSObject heap objects using slow-path IC stub guarded by the map. R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23578030 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 22:04:04 +00:00
mvstanton@chromium.org	5521e2e825	Bugfix: array constructors that expect a type feedback cell that points to an AllocationSite were being passed the undefined object in some cases. Clearly separate the cases where we have an AllocationSite and where we don't in the general ArrayConstructorStub. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23477071 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 17:59:41 +00:00
verwaest@chromium.org	ff412d8c37	Revert "Handle non-JSObject heap objects using slow-path IC stub guarded by the map." TBR=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23475039 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16692 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 16:57:37 +00:00
verwaest@chromium.org	f375e0514b	Handle non-JSObject heap objects using slow-path IC stub guarded by the map. BUG=chromium:280632 R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23691056 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 16:12:04 +00:00
mstarzinger@chromium.org	6c18fbc229	Use trampoline or handlified JSObject::SetLocalPropertyIgnoreAttributes. R=verwaest@chromium.org Committed: http://code.google.com/p/v8/source/detail?r=16642 Review URL: https://codereview.chromium.org/24093002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16686 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 13:27:42 +00:00
yangguo@chromium.org	151e514930	Simplify installing concurrently recompiled code. Instead of overwriting the code entry of the function, we trigger an interrupt to install the code on the main thread. R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23542029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 11:30:56 +00:00
ulan@chromium.org	0e8e003077	Implement in-place rehashing of HashTable. The algorithm puts elements into correct positions in multiple iterations. On the first iteration it tries to put elements at entries specified by their first hash probe. On the second iteration -- by the second hash probe, and so on. Overall it does O(k*n) memory accesses, where k is the maximum number of probes required for an element and n is the capacity of the hash table. The expectation is that k will be small. R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23658031 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16678 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-12 11:03:27 +00:00
mstarzinger@chromium.org	8bf91ffe71	Revert "Use trampoline or handlified JSObject::SetLocalPropertyIgnoreAttributes". This was reverted due to performance regressions on Sunspider and other benchmarks due to double GCs caused by the trampoline. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23435006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 15:16:56 +00:00
mstarzinger@chromium.org	5dc202d274	Revert "Handlify JSObject::AddProperty method" for performance. TBR=verwaest@chromium.org Review URL: https://codereview.chromium.org/23464069 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 13:42:57 +00:00
mstarzinger@chromium.org	c570640334	Handlify JSObject::AddProperty method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23883007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 11:00:36 +00:00
mstarzinger@chromium.org	ae7813cacf	Use trampoline or handlified JSObject::SetLocalPropertyIgnoreAttributes. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/24093002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16642 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 10:46:49 +00:00
dcarney@chromium.org	cc2257b92a	move HEAP to /test R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23468021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16631 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-11 07:14:41 +00:00
mstarzinger@chromium.org	448d98e19d	Use raw-to-handle trampoline in [Get/Set]HiddenPropertiesHashTable. R=danno@chromium.org Review URL: https://codereview.chromium.org/23629040 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16623 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-10 14:33:06 +00:00
titzer@chromium.org	49d9555a97	Generate a custom OSR entrypoint for OSR compiles on all platforms, and transition to optimized code using the special entrypoint, instead of through the deoptimizer. Do not install the OSR compiled code as _the_ optimized code for a function. Remove OSR-related stuff from deoptimizer. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/21340002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16599 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 16:34:40 +00:00
mstarzinger@chromium.org	1a26455d22	Handlify JSObject::EnsureCanContainHeapObjectElements method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23818005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 14:29:47 +00:00
dcarney@chromium.org	c20f87a654	add uncached Function::New TBR=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/24071002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16586 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 07:52:52 +00:00
dcarney@chromium.org	5b0a281604	revert 16584 for breaking build TBR=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23680014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 07:16:24 +00:00
dcarney@chromium.org	ddc5d437bb	add uncached Function::New R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23561007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-09 07:08:34 +00:00
loislo@chromium.org	bbd26abedb	Functions may not be optimized and we would like to know in cpu profiler what was the reason. Current v8 implementation may disable optimization for a particular function or block it with help of dont_optimize flag. The patch propagates the reason of that to the SharedFunctionInfo where cpu profiler can get it. SharedFunctionInfo is a heap object so I extracted 8 bits from OptsCount for handling bailout reason code. BUG=none TEST=test-profile-generator/BailoutReason R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23817003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16555 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-05 13:20:51 +00:00
dcarney@chromium.org	d208d048ac	remove most Isolate::Current asserts R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23493019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16552 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-05 11:27:22 +00:00
titzer@chromium.org	35490d82a9	Add OptimizedCodeList and DeoptimizedCodeList to native contexts. Both lists are weak. This makes it possible to find optimized code that is not referred to by any function, but still needs to be deoptimized. It obsoletes the weak deoptimizing code list in the deoptimizer data and generally simplifies the process of deoptimizing code. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23444029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16530 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 13:53:24 +00:00
yangguo@chromium.org	070e3b0af4	Introduce concurrent on-stack replacement. Currently disabled behind --concurrent-osr. R=titzer@chromium.org BUG= Review URL: https://codereview.chromium.org/23710014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16527 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 12:55:59 +00:00
dcarney@chromium.org	7dcc12abf6	build fix for 16520 TBR=bmeurer@chromium.org BUG= Review URL: https://codereview.chromium.org/23874010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16523 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 11:09:55 +00:00
dcarney@chromium.org	2b7efe05ae	remove Isolate::Current from most files starting with 'j' through 'o' R=bmeurer@chromium.org BUG= Review URL: https://codereview.chromium.org/23578012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16520 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 10:34:42 +00:00
dcarney@chromium.org	615c34869c	Push SetAccessor to Template R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/23182003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16515 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 07:45:36 +00:00
dcarney@chromium.org	3e76d8b870	remove Isolate::Current from most files starting with 'o' through 'r' R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/23757017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-04 07:05:11 +00:00
verwaest@chromium.org	3f70c3b07b	Allow uncacheable identifiers to go generic. BUG=v8:2867 R=jkummerow@chromium.org Review URL: https://chromiumcodereview.appspot.com/23453019 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16481 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 16:32:11 +00:00
jkummerow@chromium.org	6e4bec8f88	Bump MaxRegularSpaceAllocationSize to InitialSemiSpaceSize() * 4/5 to allow allocation of large packed arrays in paged spaces. BUG=v8:2790 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23604023 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16475 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 13:36:49 +00:00
titzer@chromium.org	7bd61f8ca4	Remove OptimizedCodeEntry sigh. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23584004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16465 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-09-02 10:35:34 +00:00
mstarzinger@chromium.org	28fbc630d3	Handlify JSObject::SetAccessor method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23819003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16455 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-30 14:08:15 +00:00
mstarzinger@chromium.org	756a99bdba	Handlify JSObject::SetIdentityHash method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23495011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16454 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-30 13:42:16 +00:00
mstarzinger@chromium.org	5d87a6c8e0	Handlify JSObject::DeleteHiddenProperty method. R=yangguo@chromium.org Review URL: https://codereview.chromium.org/23600011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16453 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-30 13:28:52 +00:00
verwaest@chromium.org	8b97a1c5d2	Handlify JSProxy::Fix R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/23707007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16452 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-30 12:52:25 +00:00
mstarzinger@chromium.org	25d86eacbd	Handlify JSReceiver::SetElement method. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/23541006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16448 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-30 11:44:39 +00:00
mstarzinger@chromium.org	72826fc892	Simplify object printer declarations. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/23619010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16439 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-30 07:41:24 +00:00
mstarzinger@chromium.org	5e5ea8d494	Handlify JSObject::DeleteElement method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/23766003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16438 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-29 18:01:45 +00:00
titzer@chromium.org	22b70b0508	Add OptimizedCodeEntry as a new heap object type. An optimized code entry represents an association between the native context, a function, optimized code, and the literals. Such associations are needed by the deoptimizer and optimized code cache to efficiently find related optimized code and functions for a given context or shared function info. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23691002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16407 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 16:48:40 +00:00
mstarzinger@chromium.org	3fb53cf83a	Remove obsolete Oddball setters in FixedArray. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/23705002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16404 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 14:26:22 +00:00
hpayer@chromium.org	4d7375ca98	Clear next map word when folding allocations into js arrays. BUG= R=mstarzinger@chromium.org, mvstanton@chromium.org Review URL: https://codereview.chromium.org/22915007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16381 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-28 08:39:43 +00:00
mstarzinger@chromium.org	fc68cb74e5	Add RemovePrototype to FunctionTemplate This allows functions created from a FunctionTemplate to not have a prototype property, which is required by DOM methods. R=mstarzinger@chromium.org BUG=chromium:272440 Review URL: https://codereview.chromium.org/22990003 Patch from Erik Arvidsson <arv@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16341 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 17:40:03 +00:00
verwaest@chromium.org	67b6605c5e	Get rid of ConvertFieldToDescriptor. This CL additionally fixes up the attributes for FIELD and CONSTANT in SetLocalPropertyIgnoreAttributes. R=rossberg@chromium.org Review URL: https://chromiumcodereview.appspot.com/23252008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16333 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 15:30:30 +00:00
jkummerow@chromium.org	11fd577261	Lower kInitialMaxFastElementArray constant to 95K to work around erroneous "illegal access" error on x64. BUG=v8:2790 R=hpayer@chromium.org Review URL: https://codereview.chromium.org/22877039 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16324 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 13:04:05 +00:00
dcarney@chromium.org	ad9cc8e716	js accessor creation on Template R=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/22903012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-26 11:59:14 +00:00
jkummerow@chromium.org	7557ca80ba	Add --trace-hydrogen-filter flag. The flag restricts hydrogen.cfg output to functions passing the filter, similar to what --hydrogen-filter does for optimization in general. This is useful for investigating large repro cases where tracing all functions would lead to an impractically large hydrogen.cfg file, but restricting optimization using --hydrogen-filter is undesirable (e.g. because it might cause the issue to no longer reproduce). R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/22926025 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16302 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-23 13:30:02 +00:00
verwaest@chromium.org	cd9be4139c	Revert "Get rid of ConvertFieldToDescriptor and simplify related code." R=rossberg@chromium.org Review URL: https://chromiumcodereview.appspot.com/22999048 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16297 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-23 13:21:01 +00:00
verwaest@chromium.org	f457809c08	Get rid of ConvertFieldToDescriptor and simplify related code. R=rossberg@chromium.org Review URL: https://chromiumcodereview.appspot.com/22861025 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16295 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-23 11:52:59 +00:00
yangguo@chromium.org	be48c5ae26	Rename "parallel recompilation" to "concurrent recompilation". Also introduced macros for flag aliases for temporary backwards compatibility. R=hpayer@chromium.org BUG= Review URL: https://codereview.chromium.org/23014007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16280 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 16:14:37 +00:00
mstarzinger@chromium.org	0ecd03ab4c	Fix hidden properties on object with frozen prototype. This fixes a corner-case where a frozen prototype with existing hidden properties might prevent setting hidden properties on another object. R=rossberg@chromium.org BUG=v8:2829 Review URL: https://codereview.chromium.org/22799021 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16276 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 13:51:32 +00:00
verwaest@chromium.org	22942716db	Remove special case code for generalizing constants to fields. R=bmeurer@chromium.org Review URL: https://chromiumcodereview.appspot.com/22911018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16275 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 13:43:06 +00:00
verwaest@chromium.org	eb6cbe1486	Never clear debug-stub call ICs. Make a clear distinction between is_debug_stub used everywhere but the debugger, and IsDebugBreak, used by the debugger. R=yangguo@chromium.org Review URL: https://chromiumcodereview.appspot.com/23361014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16269 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-22 12:16:00 +00:00
bmeurer@chromium.org	60e7d4b1e3	Revert "Use V8_FINAL and V8_OVERRIDE in various places, fixing bugs revealed by them." This reverts commit r16232 for breaking the tools/gen-postmortem-metadata.py script. Will reland without the objects.{cc,h} changes. TBR=svenpanne@chromium.org Review URL: https://codereview.chromium.org/23143007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16243 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-20 10:52:23 +00:00
bmeurer@chromium.org	9929a9cd12	Use V8_FINAL and V8_OVERRIDE in various places, fixing bugs revealed by them. - Use V8_FINAL and V8_OVERRIDE in objects. - Use V8_FINAL and V8_OVERRIDE in Ast classes. - Use V8_FINAL and V8_OVERRIDE in Lithium mips backend. - Use V8_FINAL and V8_OVERRIDE in Lithium arm backend. - Use V8_FINAL and V8_OVERRIDE in Lithium x64 backend. - Use V8_FINAL and V8_OVERRIDE in Lithium ia32 backend. - Use V8_FINAL and V8_OVERRIDE in Lithium classes. - Use V8_FINAL and V8_OVERRIDE in Hydrogen classes. R=dslomov@chromium.org Review URL: https://codereview.chromium.org/23064017 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16232 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-20 07:27:06 +00:00
verwaest@chromium.org	20ca26f494	Improve generalization / migration tracing. R=yangguo@chromium.org Review URL: https://chromiumcodereview.appspot.com/23047002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-19 12:32:50 +00:00
yangguo@chromium.org	c52b7bba05	Fix regressions triggered by map invalidation during graph creation. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/22807003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16150 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-12 14:10:25 +00:00
svenpanne@chromium.org	f0305bd83e	Instance-type-related fixes and cleanup. Things got quite a bit out of sync (don't we all love copy-n-paste?): * TypeToString didn't handle SLICED_STRING_TYPE, SLICED_ASCII_STRING_TYPE, FIXED_DOUBLE_ARRAY_TYPE, JS_FUNCTION_PROXY_TYPE and JS_DATE_TYPE. * INSTANCE_TYPE_LIST was missing entries for SLICED_ASCII_STRING_TYPE, JS_SET_TYPE, and JS_MAP_TYPE. To improve this maintenance nightmare a little bit, the missing instance types were added to the INSTANCE_TYPE_LIST macro and this list is now used via our beloved 2nd order macro technique in TypeToString. As a side-effect, the strings returned by TypeToString have a "_TYPE" suffix now, but this doesn't really matter and is a small price to pay for consistency. Removed INVALID_TYPE on the way, it had no real use. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/22681004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16120 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-09 08:22:46 +00:00
svenpanne@chromium.org	bc6fe88030	Desugar bitwise negation into XOR and kill all UnaryOp stuff. R=mstarzinger@chromium.org, verwaest@chromium.org Review URL: https://codereview.chromium.org/22184004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16073 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-06 13:34:51 +00:00
verwaest@chromium.org	9d9930ce99	Migrate instance of deprecated maps in HCheckMaps. Currently only direct map checks are supported. Otherwise only polymorphic cases with a generic fallback behave properly, regular polymorphic cases still need to be adapted. R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/21536003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16057 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-05 16:42:39 +00:00
verwaest@chromium.org	04b5e7fa63	Replace HCheckPrototypeMaps by explicit map checks of constant values. R=danno@chromium.org Review URL: https://chromiumcodereview.appspot.com/21065006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16055 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-05 13:45:16 +00:00
dcarney@chromium.org	207396101f	introduce eternal handles R=mstarzinger@chromium.org BUG= Review URL: https://codereview.chromium.org/21133006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16045 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-05 09:46:23 +00:00
loislo@chromium.org	d2c443b774	Extract hardcoded error strings into a single place and replace them with enum. I'd like to propagate bailout reason to cpu profiler. So I need to save it into heap object SharedFunctionInfo. But: 1) all bailout reason strings spread across all the sources. 2) they are native strings and if I convert them into String then I may have a performance issue. 3) one byte is enough for 184 bailout reasons. Otherwise we need 8 bytes for the pointer. Also I think it would be nice to have error strings collected in one place. In that case we will get additional benefits: It allows us to keep this set of messages under control. It gives us a chance to internationalize them. It slightly reduces the binary footprint. From the other hand the developers have to add new strings into that enum. BUG= R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/20843012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16024 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-08-02 09:53:11 +00:00
mstarzinger@chromium.org	96fc677d25	Pipe a script's CORS status through V8 during compilation. In order to properly sanitize exception data during a 'window.onerror' handler, we need to know whether a script was served with proper CORS headers at the time it was loaded into V8. This patch adds a single bool to ScriptOrigin, and pipes that through the compiler to land on the Script object. We can then retrieve the parameter when calling the embedder's exception callback. BUG=crbug.com/159566 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/20646006 Patch from Mike West <mkwst@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15963 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 17:05:50 +00:00
mstarzinger@chromium.org	8a019050ff	Reland "Compilation type and state allocate an unnecessary Smi on v8::Script" (r15940). It turns out that this change is not related to the test failures. TBR=danno@chromium.org Review URL: https://codereview.chromium.org/21256003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15962 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 17:00:05 +00:00
verwaest@chromium.org	2af164f4d9	Mark maps as unstable if their instances potentially transition away. Use this as a prerequisite for adding code dependencies. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/21095005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15961 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 16:33:58 +00:00
danno@chromium.org	f3fff3c2f4	Revert 15940: "Compilation type and state allocate an unnecessary Smi on v8::Script." Due to Mozilla test failures on Win32 debug TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/21062004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15957 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-30 11:24:11 +00:00
mstarzinger@chromium.org	9f4fc77e1e	Compilation type and state allocate an unnecessary Smi on v8::Script. This patch combines them into a single field, and adjusts the accessors and setters to take the enum type directly, rather than converting to and from a Smi value. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/20758002 Patch from Mike West <mkwst@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15940 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-29 17:59:02 +00:00
verwaest@chromium.org	6b83c868f0	Convert CONSTANT_FUNCTION to CONSTANT R=yangguo@chromium.org Review URL: https://chromiumcodereview.appspot.com/19485008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15858 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-24 12:34:50 +00:00
titzer@chromium.org	f612a29f8c	Factor out common code from platform-specific deoptimization. Fix Deoptimizer not to need to partition functions, but revoke their code before patching, allowing deoptimizing_code_list to be removed from Code; Add DeoptimizeCodeList API to deoptimizer, which works on a ZoneList<Code*>. BUG= R=mstarzinger@chromium.org, ulan@chromium.org Review URL: https://codereview.chromium.org/19638014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15854 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-24 11:12:17 +00:00
hpayer@chromium.org	3c0483af52	Fix TargetSpace() method for box type. BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/19978003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15838 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-23 19:05:00 +00:00
verwaest@chromium.org	babce318d1	Eliminate map checks of constant values. R=ulan@chromium.org Review URL: https://chromiumcodereview.appspot.com/19954005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15819 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-23 09:18:42 +00:00
mstarzinger@chromium.org	ce81b0d3a8	ES6: Implement WeakSet WeakSets work similar to ordinary Sets but the value (which must be an object) is held weakly. This is available under --harmony-collections BUG=v8:2785 R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/19678023 Patch from Erik Arvidsson <arv@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15792 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-22 08:32:24 +00:00
mvstanton@chromium.org	ec8c6f4692	Rename AllocationSiteInfo to AllocationMemento This is just a rename change with the exception of a bug found along the way in CodeStubGraphBuilder<FastCloneShallowArrayStub>::BuildCodeStub(). There, the intent is to get the boilerplate object from an AllocationSite. But the wrong HObjectAccess was used. It only succeeds because it happened to be the same offset :). BUG= R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/19595004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15778 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-19 13:30:49 +00:00
mvstanton@chromium.org	3761e0388d	With >= 64 non-string instance types, I removed an optimization that allowed us to detect internalized strings with a single bit test. (https://code.google.com/p/v8/source/detail?r=15358 ) But that change caused a regression, so here is an improvement: Put the internalized string types in the lower 64 entries of INSTANCE_TYPE, and non-internalized string types in the next 64 entries. This way we can restore the single bit check. BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/19749004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15773 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-19 11:29:11 +00:00
svenpanne@chromium.org	607a531435	Do not inline printing functions typically used via GDB. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/19722005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15755 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-18 14:40:59 +00:00
danno@chromium.org	05ec5921be	Fix --track_gc_object_stats option. - Update ObjectStatsVisitTracker::Visit function to check if CodeCache is of CodeCache type, and extract the FixedArray from the struct if so - Fix typo in v8-counters.h where count_of_FIXED_ARRAY_XXX fields weren't being initialized. BUG=v8:2780 R=danno@chromium.org, hpayer@chromium.org Review URL: https://codereview.chromium.org/19257002 Patch from Ross McIlroy <mcilroy@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15748 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-18 13:00:40 +00:00
machenbach@chromium.org	f24997c1c7	Make deoptimization stress count global. Store the deopt stress counter per isolate instead of per shared function info. The old field is removed. Enable output of the counter value with a new flag. R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/19383002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15739 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-18 08:12:01 +00:00
mstarzinger@chromium.org	13f7c56e05	Handlify JSFunction::SetPrototype method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/19594002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15738 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-18 07:59:48 +00:00
mstarzinger@chromium.org	dfc945d594	Handlify JSReceiver/JSObject::DeleteProperty method. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/18774002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15730 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-17 16:38:49 +00:00
mvstanton@chromium.org	b9f0c06ab2	The gc should be able to traverse all AllocationSites for decision making. The sites are threaded into a weak list. Special problems include: * Allocations of AllocationSites occur in generated code, so generated code needs to be able to add to the list. For now I have a special hydrogen instruction, though it would be nice to use general purpose instructions. * The snapshot contains AllocationSites, and these need to be re-threaded into the list on deserialization. Something nice is that the AllocationSites are only created in old space, so a special new space visitor isn't required. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/18173013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15715 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-17 11:50:24 +00:00
mstarzinger@chromium.org	35052bc2ea	Reland deprecation of HAllocateObject in favor of HAllocate. This essentially relands r14930 and r14935 with adaptions to the current code base. It models the instantiation of an implicit receiver for CallNew nodes in hydrogen using HAllocate together with generic stores instead of one specialized HAllocateObject instruction, hence creating a single choking point for inlined allocation in optimized code. R=hpayer@chromium.org Review URL: https://codereview.chromium.org/19207002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-15 15:12:16 +00:00
adamk@chromium.org	625a0e9759	Add map transition for observed objects This patch enables objects to undergo a single transition when they become observed, avoiding the need to create a new map for every observed objects. Observed objects which become unobserved does not cause another map transition and unobserved does not clear the observed bit on the map. The unobserved object. R=verwaest@chromium.org Review URL: https://codereview.chromium.org/18221006 Patch from Rafael Weinstein <rafaelw@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-13 00:20:40 +00:00
yangguo@chromium.org	bd04a838a7	Check for scheduled exceptions after a failed-access-check callback. R=verwaest@chromium.org BUG=v8:2524 Review URL: https://codereview.chromium.org/18298012 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15643 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-12 11:42:07 +00:00
olivf@chromium.org	bdf4fc96b0	Encapsulate compare nil ic_state. BUG= R=rossberg@chromium.org Review URL: https://codereview.chromium.org/18602003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15639 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-11 17:20:57 +00:00
mvstanton@chromium.org	23695eb86e	Rename AllocationSite::payload to AllocationSite::transition_info BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/18749004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-08 15:00:12 +00:00
mvstanton@chromium.org	67d9051bcd	Create AllocationSite objects, pointed to by AllocationSiteInfo. This creates a platform where we can do additional things with allocation sites, other than just aid in reducing array transitions. BUG= R=hpayer@chromium.org Review URL: https://codereview.chromium.org/15094018 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-08 10:02:16 +00:00
danno@chromium.org	345cc98a25	Generate StoreGlobal stubs with Hydrogen - Constants globals are inlined into Hydrogen code using code dependencies that invalidate the Crankshafted code when global PropertyCells or the global object change. - The more general case generates code that is just as good as the hand-written assembly stubs on all platforms. R=rossberg@chromium.org, ulan@chromium.org Committed: http://code.google.com/p/v8/source/detail?r=15419 Review URL: https://codereview.chromium.org/16925008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15512 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-05 10:34:02 +00:00
dslomov@chromium.org	7e0ee5301e	Add internal fields to JSArrayBufferViews (JSTypedArray and JSDataView) In Blink, JSTypedArray and JSDataView objects act as "wrappers" for C++ objects. Wrapping protocol in Blink requires all wrapper JavaScript objects to have a certain amount of internal fields that Blink uses for book-keeping (essentially a pointer to C++ object and some type information). This change adds those internal fields to JSTypedArray and JSDataView, in a similiar way to how it is done for JSArrayBuffer. R=titzer@chromium.org Review URL: https://codereview.chromium.org/18695004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-05 10:12:36 +00:00
mstarzinger@chromium.org	328191d093	Handlify GlobalObject::EnsurePropertyCell method. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/18348013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15508 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-05 09:38:29 +00:00
olivf@chromium.org	240c7aced9	Convert UnaryOpStub to a HydrogenCodeStub BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/18712002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15506 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-05 09:26:22 +00:00
olivf@chromium.org	950a372834	Revert "Convert UnaryOpStub to a HydrogenCodeStub" The problem is the HCallConstantFunction which is not context sensitive, so we leak the builtin. We first need a Hydrogen version of __ IvokeBuiltin. BUG= R=danno@chromium.org, machenbach@chromium.org Review URL: https://codereview.chromium.org/18650003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15486 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-03 19:57:25 +00:00
yurys@chromium.org	678c9dc940	Remove #include "cpu-profiler-inl.h" from v8.h This significantly reduces amount of files to be recompiled after changes in cpu-profiler.h and its dependencies. BUG=None R=loislo@chromium.org, yangguo@chromium.org Review URL: https://codereview.chromium.org/18522004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15482 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-03 15:39:18 +00:00
olivf@chromium.org	0d2fed8f26	Convert UnaryOpStub to a HydrogenCodeStub BUG= R=danno@chromium.org Review URL: https://codereview.chromium.org/17229005 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-03 14:56:53 +00:00
mstarzinger@chromium.org	e67fb1e1fe	Handlify JSObject::DefineAccessor method. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/18497003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15458 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-02 16:24:23 +00:00
mstarzinger@chromium.org	6bde251534	Handlify JSObject::SetPrototype method. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/18089024 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15455 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-02 15:32:46 +00:00
ulan@chromium.org	74d147a25d	Enable weak embedded maps in optimized code. If the top optimized code in call stack is at the point that does not support deoptimization, then treat the maps in the code as strong pointers. Note that other optimized code in call stack must support deoptimization because of the call instruction with side-effects. BUG=217858,v8:2073 R=mstarzinger@chromium.org Review URL: https://chromiumcodereview.appspot.com/16955008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15452 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-02 15:15:58 +00:00
danno@chromium.org	77c20c30a3	Revert r15419: "Generate StoreGlobal stubs with Hydrogen" TBR=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/18357004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15427 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-01 15:12:21 +00:00
danno@chromium.org	a3bce19868	Generate StoreGlobal stubs with Hydrogen - Constants globals are inlined into Hydrogen code using code dependencies that invalidate the Crankshafted code when global PropertyCells or the global object change. - The more general case generates code that is just as good as the hand-written assembly stubs on all platforms. R=ulan@chromium.org Review URL: https://codereview.chromium.org/16925008 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15419 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-07-01 13:22:13 +00:00
mvstanton@chromium.org	6aed526733	The check for internalized strings relied on the fact that we had less than 64 distinct InstanceTypes. We are hitting that boundary, so this check needs to be more comprehensive. In fact, two bits need to be tested: verify that kNotStringTag isn't set, and that kInternalizedTag is set. BUG= R=yangguo@chromium.org Review URL: https://codereview.chromium.org/17895002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-27 13:39:44 +00:00
danno@chromium.org	c35dbc30cb	Generalize utilities to allow code templatization R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/17853004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15357 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-27 13:36:15 +00:00
danno@chromium.org	00709075ea	Add DependentCode to PropertyCells R=mstarzinger@chromium.org, ulan@chromium.org Review URL: https://codereview.chromium.org/17895004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15341 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-26 16:17:12 +00:00
mstarzinger@chromium.org	bd0deb9443	Remove obsolete unchecked accessors in JSFunction. R=hpayer@chromium.org BUG=v8:1490 Review URL: https://codereview.chromium.org/17833002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-26 14:04:25 +00:00
svenpanne@chromium.org	a92d237948	Allow users of the V8 API to distinguish between unset and undefined HiddenValues BUG=v8:2746 R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/17781002 Patch from Adam Klein <adamk@chromium.org>. git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15329 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-26 08:00:05 +00:00
loislo@chromium.org	53eb53f4af	CPUProfiler: It is not clear why we are using Handle<Object> for scriptId. Lets flip it into Smi/int. By the nature it is integer. So we can work with it as with Smi internaly and use int in the external API. BUG=none TEST=existing tests R=jkummerow@chromium.org Review URL: https://codereview.chromium.org/17600006 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15327 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-25 14:57:47 +00:00
bmeurer@chromium.org	477f872c34	Fix GCC error about comma at end of enumerator list. TBR=svenpanne@chromium.org BUG= Review URL: https://codereview.chromium.org/17612007 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15316 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-25 09:34:22 +00:00
bmeurer@chromium.org	66efb96621	Fix compilation error introduced with r15287. REGEXP was added to Code::Kind after TO_BOOLEAN_IC, but NUMBER_OF_KINDS, which is used as array size for table[] in ReportCodeKindStatistics, was still TO_BOOLEAN_IC + 1 (indirectly via LAST_IC_KIND). BUG= R=svenpanne@chromium.org Review URL: https://codereview.chromium.org/17636003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15315 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-25 09:09:25 +00:00
loislo@chromium.org	1a15f8f768	CPUProfiler: Simplify logging part of CreateCodeEvent functions. We have 5 overloaded functions with name CreateCodeEvent. All these functions have many common parts. I'd like to eliminate the difference between them. TEST=existing tests R=yangguo@chromium.org, yurys@chromium.org Review URL: https://codereview.chromium.org/16901014 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15287 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-24 12:55:19 +00:00
dslomov@chromium.org	91eb5f8d25	DataView implementation. R=rossberg@chromium.org Review URL: https://codereview.chromium.org/17153011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15269 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-21 13:02:38 +00:00
rossberg@chromium.org	0977c60984	Use AST's type field and merge types for unary, binary & compare ICs R=jkummerow@chromium.org BUG= Review URL: https://codereview.chromium.org/17468003 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15264 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-21 11:10:06 +00:00
mstarzinger@chromium.org	ea87d08557	Revert r14930 and r14935 temporarily. This is a temporary revert to track down a potential perf regression introduced in r14930. The following two changes were reverted: - "Deprecate HAllocateObject in favor of HAllocate." - "Added pretenuring support for call new." R=danno@chromium.org BUG=chromium:247504 Review URL: https://codereview.chromium.org/17491002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15229 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-20 10:48:14 +00:00
mstarzinger@chromium.org	a527f451bc	Deprecate old code aging mechanism. The old code aging mechanism is too agressive with flushing as it leads to many functions being flushed and recompiled over and over again. By now the new code aging mechanism has stabilized enough to deprecate the old fallback mechanism. R=danno@chromium.org Review URL: https://codereview.chromium.org/17061004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15209 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-19 17:00:01 +00:00
mvstanton@chromium.org	c70b41684d	Use type feedback for Array (non-constructor) call sites. BUG= R=verwaest@chromium.org Review URL: https://codereview.chromium.org/17155010 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15201 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-19 09:25:24 +00:00
danno@chromium.org	61a23ceb4d	Refactor only: Rename JSGlobaPropertyCell to PropertyCell R=mvstanton@chromium.org Review URL: https://codereview.chromium.org/17064002 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15165 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-14 16:06:12 +00:00
mstarzinger@chromium.org	fede5231bc	Deprecate several unchecked accessors. R=hpayer@google.com BUG=v8:1490 Review URL: https://codereview.chromium.org/16663009 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15123 ce2b1a6d-e550-0410-aec6-3dcde31c8c00	2013-06-13 15:00:30 +00:00

... 3 4 5 6 7 ...

1382 Commits