In DevTools we need one more flag for script origin - is debugger script. We already have "is shared origin" flag. The new flag added by analogy with the old but new has accessor in script object.
R=yurys@chromium.org
Review URL: https://codereview.chromium.org/879553002
Cr-Commit-Position: refs/heads/master@{#26324}
This solves an issue with the custom startup snapshot, in cases where
deserializing the isolate requires more than one page per space.
R=hpayer@chromium.org
Review URL: https://codereview.chromium.org/876613002
Cr-Commit-Position: refs/heads/master@{#26285}
Along the way:
- Thread isolate parameter explicitly through code that used to
rely on getting it from the zone.
- Canonicalize the parameter position of isolate and zone for
affected code
- Change Hydrogen New<> instruction templates to automatically
pass isolate
R=mstarzinger@chromium.org
LOG=N
Review URL: https://codereview.chromium.org/868883002
Cr-Commit-Position: refs/heads/master@{#26252}
This method circumvented JS semantics, and should not be used.
BUG=
Review URL: https://codereview.chromium.org/854493004
Cr-Commit-Position: refs/heads/master@{#26157}
This is not needed anymore since all ICs use weak cells to embed maps.
BUG=v8:3629
LOG=N
Review URL: https://codereview.chromium.org/817223003
Cr-Commit-Position: refs/heads/master@{#25928}
There are no users of this infrastructure yet, so it's behind an off-by-default flag.
Review URL: https://codereview.chromium.org/768633002
Cr-Commit-Position: refs/heads/master@{#25829}
This completes the first round of optimizations for Map and Set.
All non-key-dependent methods now have a Hydrogen version, and
for keyed methods, string versions are optimized.
Review URL: https://codereview.chromium.org/796503002
Cr-Commit-Position: refs/heads/master@{#25763}
They both now run fast (due to utilizing transitions instead of always
creating new maps) and sealed or non-extensible objects can stay in
fast mode after transitioning.
This almost entirely reuses the code for transitioning objects
frozen by Object.freeze(), with the added benefit of freeing
up a bit on the map (we no longer keep track of frozen-ness,
as that bit wasn't used for anything interesting).
BUG=v8:3662,chromium:115960
LOG=y
Review URL: https://codereview.chromium.org/776143005
Cr-Commit-Position: refs/heads/master@{#25759}
This was previously landed in commit 8599f5f, but failed the
collections mjsunit test on ia32 with --deopt-every-n=1. The fixed
patch adds a ClearFlag(HValue::kCanOverflow) call after every
arithmetic operation, which should remove all the deopt points in these
intrinsics.
Ideally, it seems like there should be a way to verify that there are
no deopt points for these inline optimized functions, since there's
nothing to deopt to. But I don't currently know of such a thing.
Review URL: https://codereview.chromium.org/782073002
Cr-Commit-Position: refs/heads/master@{#25715}
When compiling with the macro DCHECK_ALWAYS_ON defined, DCHECKs and
supporting code gets compiled and enabled.
This increases test coverage for chromium release buildbots
BUG=v8:3731
R=jkummerow@chromium.org
LOG=y
Review URL: https://codereview.chromium.org/760213005
Cr-Commit-Position: refs/heads/master@{#25701}
Reason for revert:
Deopt fuzzer reports that something's still broken, reverting until
I can create a minimal repro.
Original issue's description:
> Optimize add/set/delete operations for string keys in Maps and Sets
>
> This was previously landed in commit 66e2f60, but failed the
> collections mjsunit test with --deopt-every-n=1 due to a typo
> in the shrinking code. This patch corrects and simplifies the
> shrinking logic, and the tests now pass.
>
> R=dslomov@chromium.org
>
> Committed: 8599f5f047TBR=dslomov@chromium.org
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/742353006
Cr-Commit-Position: refs/heads/master@{#25696}
This was previously landed in commit 66e2f60, but failed the
collections mjsunit test with --deopt-every-n=1 due to a typo
in the shrinking code. This patch corrects and simplifies the
shrinking logic, and the tests now pass.
R=dslomov@chromium.org
Review URL: https://codereview.chromium.org/777663003
Cr-Commit-Position: refs/heads/master@{#25695}
This combines Map::DoneInobjectSlackTracking and Map::ConstructionCount into one more generic 4-bit counter.
Counter values from 15 down to 8 are used for in-object slack tracking, values from 7 down to 0 are free to be used for a new counter when in-object slack tracking is inactive.
Review URL: https://codereview.chromium.org/767253002
Cr-Commit-Position: refs/heads/master@{#25689}
Reason for revert:
Caused test failures in mjsunit/es6/collections with --deopt-every-n-times=1
Original issue's description:
> Optimize add/set/delete operations for string keys in Maps and Sets
TBR=dslomov@chromium.org,arv@chromium.org
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/777233003
Cr-Commit-Position: refs/heads/master@{#25670}
This relands macroassembler instructions and weak cell caching and
does not include parts that caused "Linux ASan LSan" test failures.
BUG=v8:3663
LOG=N
Review URL: https://codereview.chromium.org/764003003
Cr-Commit-Position: refs/heads/master@{#25615}
Previously, a separate string to be hashed (in order to help determine the need to
use a cached Template Call Site) was built up by joining UTF8 spans within a template.
Now, the hash key is generated from the original spans, removing the need to allocate a new
buffer and copy bytes into it.
BUG=
Review URL: https://codereview.chromium.org/765473006
Cr-Commit-Position: refs/heads/master@{#25549}
This is needed for 64bit alignment sensitive platforms (PowerPC)
Exposed bugs with new GC compare and swap changes updating the
field.
Example failing test:
out/ppc64.debug/cctest test-decls/ExistsInPrototype
BUG=
Review URL: https://codereview.chromium.org/740443002
Cr-Commit-Position: refs/heads/master@{#25472}
This generalization caused unnecessary map deprecation when the transition tree of the split map is full.
BUG=chromium:431807
LOG=N
Review URL: https://codereview.chromium.org/736953003
Cr-Commit-Position: refs/heads/master@{#25427}
Revert "Fix for an assertion failure in Map::FindTransitionToField(...). Appeared after r25136."
This revert is made in order to revert r25099 which potentially causes renderer hangs.
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/722873004
Cr-Commit-Position: refs/heads/master@{#25332}
This implements correct semantics for "extensible" top level lexical scope.
The entire lexical scope is represented at runtime by GlobalContextTable, reachable from native context and accumulating global contexts from every script loaded into the context.
When the new script starts executing, it does the following validation:
- checks the GlobalContextTable and global object (non-configurable own) properties against the set of declarations it introduces and reports potential conflicts.
- invalidates the conflicting PropertyCells on global object, so that any code depending on them will miss/deopt causing any contextual lookups to be reexecuted under the new bindings
- adds the lexical bindings it introduces to the GlobalContextTable
Loads and stores for contextual lookups are modified so that they check the GlobalContextTable before looking up properties on global object, thus implementing the shadowing of global object properties by lexical declarations.
R=adamk@chromium.org, rossberg@chromium.org
Review URL: https://codereview.chromium.org/705663004
Cr-Commit-Position: refs/heads/master@{#25220}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25220 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
After r24737 pointer updating is done by atomic operations which strictly
require target address to be 8-byte alignment on MIPS64.
The alignment is broken on 64-bit arches because InstructionSize is first field
and has Int size.
Order of fields in object layout are changed to make kNextCodeLinkOffset
divisible by 8. The size of code object header remains the same.
TEST=cctest/test-debug/* on MIPS64
BUG=
R=jkummerow@chromium.org, paul.lind@imgtec.com
Review URL: https://codereview.chromium.org/682673002
Cr-Commit-Position: refs/heads/master@{#24914}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24914 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Private symbols we create in the heap don't have names, but we can
resolve them to a constant string.
This gives handy debugger output like:
(gdb) job 0x2020c67d
0x2020c67d: [Symbol]
- hash: 547385396
- name: 0x20208091 <undefined> (uninitialized_symbol)
- private: 1
- own: 1
$7 = void
(gdb)
or with ShortPrint() in an array:
...
[5]: 0x2020c67d <Symbol: 547385396 (uninitialized_symbol)>
...
Printing help for internal symbols
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/677633003
Cr-Commit-Position: refs/heads/master@{#24869}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24869 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Each time a transition is added to a hidden class, the whole
transitions array must be copied, which causes poor performance
in some circumstances. This change limits the maximum size of
the transition array, avoiding this behavior in the pathological
case. For example, this improves the performance of the EtchMark
benchmark by nearly 60%.
BUG=v8:3616
LOG=
R=verwaest@chromium.org, svenpanne@chromium.org
Review URL: https://codereview.chromium.org/635883003
Patch from Kevin M. McCormick <mckev@amazon.com>.
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24857 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Added a new %HasComplexElements runtime function (meaning elements that are
non-writable, non-configurable, or have getters and setters) and use it
in UseSparseVariant to filter out cases where the sparse optimizations
can cause V8 to fall out of spec compliance.
Renamed SmartMove/SmartSlice to SparseMove/SparseSlice and guarded them
with the new and improved UseSparseVariant.
These two changes combine let us pass nearly every test in bug-2615.js,
as well as fixing reverse and join on sparse arrays.
Note that there are various test changes in this patch that correct existing
tests to match the correct-by-spec behavior.
This patch depends on https://codereview.chromium.org/666883009, which
better-aligns the behavior of SmartMove with SimpleMove.
BUG=v8:2615,v8:3612,v8:3621
LOG=y
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/656423004
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
