vegorov@chromium.org
e27d8fcbdc
RegExpMacroAssembler::CheckStackGuardState should update input string pointer when it is moved or changed by GC.
...
If input string was cons-string it might undergo short-circuiting during GC. This does not change input start if underlying seq-string (first element of cons-string) does not move but this makes input-string pointer on the native regexp's frame invalid.
R=lrn@chromium.org
Review URL: http://codereview.chromium.org/8343001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9697 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-19 11:01:02 +00:00
fschneider@chromium.org
e8a26d1eb1
Add write barrier helper for code patching and refactor stack check patching.
...
The new helper avoids expensive FindCodeForInnerPointer invocation when we have
the host code object available. It is used when patching stack checks.
Also some comments on the ARM platform are corrected.
Review URL: http://codereview.chromium.org/8330021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 15:07:42 +00:00
kmillikin@chromium.org
56c763f023
Make the GC aware of JSReceiver pointers in LookupResults.
...
The LookupResult utility class is used in handlified code, but it can
contain a raw pointer to the lookup's holder object. Create a per-thread
stack of live LookupResults and iterate all the live ones on GC.
R=vegorov@chromium.org ,erik.corry@gmail.com
BUG=
TEST=
Review URL: http://codereview.chromium.org/8341009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9676 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-18 11:18:55 +00:00
keuchel@chromium.org
7d89f0f3c8
Replace calls_eval() by calls_non_strict_eval() where possible.
...
Review URL: http://codereview.chromium.org/8321002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9666 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 15:19:34 +00:00
lrn@chromium.org
5152d2e0da
Reimplement Function.prototype.bind.
...
Make instanceof work correctly.
BUG=v8:893
Review URL: http://codereview.chromium.org/8199004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 12:44:16 +00:00
yangguo@chromium.org
92fdeff125
Porting r9605 to x64 (elements kind conversion in generated code).
...
Review URL: http://codereview.chromium.org/8271007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9655 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 10:44:47 +00:00
keuchel@chromium.org
0706a98b2a
Introduce with scope and rework variable resolution.
...
Review URL: http://codereview.chromium.org/7904008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9650 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 09:29:37 +00:00
mstarzinger@chromium.org
ac712f13c3
Fix evaluation order of GT and LTE operators.
...
According to the ES5 spec all ">" and "<=" expressions should be be
evaluated left-to-right. This obsoletes old hacks for reversing the
order to be ES3 compliant.
R=lrn@chromium.org
BUG=v8:1752
Review URL: http://codereview.chromium.org/8275035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9641 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-17 07:43:40 +00:00
fschneider@chromium.org
948a323819
Revert r9619.
...
It causes an assertion with deoptimizing from inlined code.
Review URL: http://codereview.chromium.org/8277034
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9636 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 12:26:29 +00:00
fschneider@chromium.org
c68fc4126f
Revert last revert.
...
TBR=whesse@chromium.org
Review URL: http://codereview.chromium.org/8286023
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9635 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 12:03:53 +00:00
fschneider@chromium.org
85ab75df50
Revert r9619.
...
TBR=whesse@chromium.org
Review URL: http://codereview.chromium.org/8286022
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9633 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 11:56:07 +00:00
fschneider@chromium.org
34534588fb
Fix a number of bugs with inlining calls as function.
...
1. Record AST id for CallFunctionStub.
2. Correctly extract cached target from CallFunctionStub inline cache.
3. Fix a bug when inling call as a function in effect or value context:
Handle abnormal exits correcty.
4. Fix a bug when inlining call as a function in test context: drop function
correctly from true and false block.
5. Avoid inlining mutually recursive functions by checking the stack of function
states before inlining. This was not a bug, but is just a more general
check to avoid recursive inlining.
Review URL: http://codereview.chromium.org/8258012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9619 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 08:43:27 +00:00
fschneider@chromium.org
212e4ae7d4
Eliminate write barrier for global stores at compile time if value stored is a smi.
...
Omit smi check inside write barriers if the value is known to be a heap object.
Refine inferred types of some instructions.
Review URL: http://codereview.chromium.org/8256016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9618 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-14 07:45:18 +00:00
yangguo@chromium.org
fae807b3bb
Elements kind conversion in generated code (ia32).
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8241003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9605 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-13 10:53:31 +00:00
mstarzinger@chromium.org
1da890af54
Refactor how embedded pointers are visited.
...
This refactoring (almost) gets rid of the requirement to get the target
object address for an object pointer embedded in code objects. This is
not possible on MIPS as pointers are encoded using two instructions. All
usages of RelocInfo::target_object_address() are (almost) obsoleted by
this change. The serializer still uses it, so MIPS will not yet work
with snapshots turned on.
R=danno@chromium.org ,vegorov@chromium.org
Review URL: http://codereview.chromium.org/8245007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9597 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-12 15:43:41 +00:00
rossberg@chromium.org
1abf3ed0a4
Introduce collective --harmony flag.
...
Shorten --harmony-block-scoping to --harmony-scoping.
R=keuchel@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8226017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9589 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-12 12:23:06 +00:00
jkummerow@chromium.org
312c534a6c
Refactor and fix polymorphic KeyedStoreIC creation
...
Review URL: http://codereview.chromium.org/8233011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9584 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 16:02:45 +00:00
jkummerow@chromium.org
184fdcf28b
Track elements_kind transitions in KeyedStoreICs.
...
Review URL: http://codereview.chromium.org/8166017
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9577 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 09:33:00 +00:00
erik.corry@gmail.com
f900fc9d80
Remove some unused and unneeded flags.
...
Review URL: http://codereview.chromium.org/8228004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9576 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 09:28:06 +00:00
fschneider@chromium.org
876fa09feb
Move declaration of SerializedScopeInfo from variables.h to objects.h
...
This eliminates compile-errors when assigning Handle<SerializedScopeInfo> to
Handle<Object> in a place where the declaration was not available because
variables.h was not included.
As a result I had to also move the enum Variable::Mode to v8globals.h and
rename it to VariableMode.
Review URL: http://codereview.chromium.org/8221004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9575 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-11 08:41:19 +00:00
yangguo@chromium.org
3249530ef0
Fixing issue 1757 (string slices of external strings).
...
BUG=v8:1757
TEST=regress-1757.js
Review URL: http://codereview.chromium.org/8217011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9573 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-10 16:09:03 +00:00
danno@chromium.org
3b07abbdbe
Activate smi-only optimizations for large array literals.
...
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/8177005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9553 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-10 08:31:06 +00:00
keuchel@chromium.org
c1cf622fe9
Fast allocation of block contexts.
...
Review URL: http://codereview.chromium.org/8066002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9542 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-06 15:59:02 +00:00
keuchel@chromium.org
80048c14b1
Fix load of potentially eval-shadowed let bindings.
...
BUG=
TEST=test/mjsunit/harmony/block-let-semantics.js
Review URL: http://codereview.chromium.org/8118032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9541 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-06 15:24:20 +00:00
yangguo@chromium.org
3c812247aa
Simplify compares in KeyedStoreIC::GenerateGeneric.
...
Review URL: http://codereview.chromium.org/8068024
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9514 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-04 12:17:08 +00:00
vegorov@chromium.org
777df2d878
Adjust contents of kAheadOfTime to match write-barrier stub called from CompileArrayPushCall.
...
R=erik.corry@gmail.com
BUG=v8:1729
Review URL: http://codereview.chromium.org/8113034
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-04 11:38:12 +00:00
fschneider@chromium.org
976d5f3797
Clean list of external references from internal objects like the hole value.
...
Review URL: http://codereview.chromium.org/8114032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9511 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-04 09:07:50 +00:00
kmillikin@chromium.org
a4e0103708
Clean up the x86 assembler API.
...
The API is inconsistent about when a register must be coerced to an operand
and when it can be used as a register. Simplify usage by never requiring it
to be wrapped.
R=fschneider@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8086021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9507 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-10-03 11:44:39 +00:00
yangguo@chromium.org
5ed752de96
Porting r9456 to x64 (Optimize KeyedStoreGeneric for Smi arrays).
...
Review URL: http://codereview.chromium.org/8054043
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9486 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-29 14:08:21 +00:00
vegorov@chromium.org
36ae5f3811
Pass correct anchor_slot for EMBEDDED_OBJECT pointers from code objects.
...
Correctly initialize newly created large-object pages when incremental marking with compaction is in progress.
R=erik.corry@gmail.com
BUG=v8:1737
Review URL: http://codereview.chromium.org/8070002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9475 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-28 17:45:58 +00:00
erik.corry@gmail.com
07ba7ad073
Move the is_pregenerated flag so it does not overlap other flags.
...
Remove the before-or-after InstanceOf stub rule, which was too
subtle and lacked checking ssertions.
Unify the way the CEntry stub is pregenerated so that it is done
in the same way.
Review URL: http://codereview.chromium.org/8065006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9466 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-28 12:23:40 +00:00
erik.corry@gmail.com
bbcafaa2d5
Make sure we don't flush the pregenerated stubs, since they need
...
to be always present, so that we can call them from other stubs
without trying to generate stubs while we are generating stubs.
Review URL: http://codereview.chromium.org/8052029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9459 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-28 10:32:12 +00:00
danno@chromium.org
1b5a2381ec
Optimize KeyedStoreGeneric for Smi arrays.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/8022002
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9456 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-27 16:15:29 +00:00
vegorov@chromium.org
f2ff85ad71
CallFunctionStub was missing a write-barrier for write into the global cell.
...
R=fschneider@chromium.org
BUG=v8:1733
Review URL: http://codereview.chromium.org/8054012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9455 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-27 13:45:13 +00:00
fschneider@chromium.org
27e1a8d414
Improve our simple elimination of hole checks.
...
Currently we avoid checking for the hole value after array loads, if the
result is only used by instructions that definitely deoptimize in case
of the hole value (HChange instructions).
This change performs the same procedure for loading from deleteable/read-only
global variable where we can also avoid the check in the same cases.
Review URL: http://codereview.chromium.org/8054008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9453 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-27 13:03:19 +00:00
kmillikin@chromium.org
bcb781d76a
Record function call targets, use them for inlining.
...
Introduce a version of the CallFunctionStub that records monomorphic
call targets in a one-element cache in the instruction stream. Use
the cache for inlining attempts in the optimizing backend.
R=fschneider@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/7966038
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9449 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-27 11:42:02 +00:00
vegorov@chromium.org
0df7441668
Tighten up assertions checking GC-safety of stub calls.
...
Ensure that stubs are properly pregenerated on all platforms.
R=erik.corry@gmail.com
BUG=v8:1729
Review URL: http://codereview.chromium.org/8041035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9447 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-27 10:53:22 +00:00
jkummerow@chromium.org
0455aadbeb
Add Crankshaft support for smi-only elements
...
Review URL: http://codereview.chromium.org/8002019
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9426 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 12:09:04 +00:00
fschneider@chromium.org
ba6cd937ff
Add code comments to deferred code objects to make debugging easier.
...
Review URL: http://codereview.chromium.org/8046003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9422 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 09:32:10 +00:00
kmillikin@chromium.org
883f32695b
Enable inlining functions with contexts different than their caller.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/7925007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9421 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 09:17:56 +00:00
yangguo@chromium.org
e6509e77d2
Small refactor to KeyedStoreIC::GenerateGeneric to make it slightly faster.
...
Review URL: http://codereview.chromium.org/8008016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9418 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-26 07:36:44 +00:00
yangguo@chromium.org
65b1ea22fe
Porting r9392 to x64 (smi-only arrays).
...
Review URL: http://codereview.chromium.org/7992003
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9416 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-23 14:19:04 +00:00
whesse@chromium.org
2e40bc244a
Add dynamic stack frame alignment to optimized functions with untagged doubles on the stack.
...
BUG=
TEST=
Review URL: http://codereview.chromium.org/7976024
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9415 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-23 13:28:17 +00:00
vegorov@chromium.org
bfd048173f
Notify collector about lazily deoptimized code objects.
...
All slots that were recorded on these objects during incremental marking should be ignored as they are no longer valid.
To filter such invalidated slots out during slots buffers iteration we set all markbits under the invalidated code object to 1 after the code space was swept and before slots buffers are processed.
R=erik.corry@gmail.com
BUG=v8:1713
TEST=test/mjsunit/regress/regress-1713.js
Review URL: http://codereview.chromium.org/7983045
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9402 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 16:01:35 +00:00
danno@chromium.org
f48c9f6557
Basic support for tracking smi-only arrays on ia32.
...
Activated by the flag --smi-only-arrays
Currently not crankshaft support, using flag on non-ia32 platforms will lead to write barrier misses and crashes.
BUG=none
TEST=elements_kind.js
Review URL: http://codereview.chromium.org/7901016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9392 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-22 11:30:04 +00:00
rossberg@chromium.org
fdade92c20
Reorganize object type enum, such that proxies are no longer in the middle
...
of the range of proper JS objects.
Unfortunately, callable types no longer form a range now. However, there
are only two anyway. We put them at either end of the range of JS object
types so that certain compares can be combined.
R=erik.corry@gmail.com ,kmillikin@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/7737036
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9370 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-21 14:46:54 +00:00
erik.corry@gmail.com
c8fe713986
Put back the asserts in RememberedSetHelper, but correct this time.
...
Fix some incorrect comments.
Review URL: http://codereview.chromium.org/7977005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9344 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 13:32:27 +00:00
vegorov@chromium.org
867bb733af
Remove incorrect debug-code assertion.
...
We should not use slot address to find out the page. This does not work for large pages.
Also this assertion is not always true (violated during incremental marking).
R=erik.corry@gmail.com
TEST=mozilla/js1_5/extensions/regress-371636
Review URL: http://codereview.chromium.org/7981001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9339 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 11:30:18 +00:00
lrn@chromium.org
610281f4ee
Fix calculation of live-bytes in pages.
...
The "live bytes" count is *really* a "marked black" count - i.e., the count of bytes *known* to be live.
Fix aggravating bug on X64 where assembler code used a value that was off
by a factor of 2^31.
Ensure that sweeping clears live-bytes. Added other missing increments.
Added print statements to trace live-byte modifications, under a flag.
Still a few cases of undercounting left.
(New issue to merge from GC branch to bleeding_edge)
Review URL: http://codereview.chromium.org/7970009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9338 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 11:20:00 +00:00
yangguo@chromium.org
fdffe67205
Initialize pre-allocated fields of JSObject with undefined.
...
BUG=94873
Review URL: http://codereview.chromium.org/7929001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-09-20 10:06:23 +00:00