Port r9977 (9aded78be4).
Note: This is the port of the reapplied patch, not the original.
Original commit message:
To support deoptimization of exception handlers, the handler address in the
stack is converted to a pair of code object and an index into a separate
table of code offsets. The index part is invariant under deoptimization.
The index is packed into the handler state field so that handler size does
not change.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8557003
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10039 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Port r10006 (4b344a03).
Original commit message:
Changes the way we do lazy deoptimization:
1. For side-effect instructions, we insert the lazy-deopt call at
the following LLazyBailout instruction.
CALL
GAP
LAZY-BAILOUT ==> lazy-deopt-call
2. For other instructions (StackCheck) we insert it right after the
instruction since the deopt targets an earlier deoptimization environment.
STACK-CHECK
GAP ==> lazy-deopt-call
The pc of the lazy-deopt call that will be patched in is recorded in the
deoptimization input data. Each Lithium instruction can have 0..n safepoints.
All safepoints get the deoptimization index of the associated LAZY-BAILOUT
instruction. On lazy deoptimization we use the return-pc to find the safepoint.
The safepoint tells us the deoptimization index, which in turn finds us the
PC where to insert the lazy-deopt-call.
Additional changes:
* RegExpLiteral marked it as having side-effects so that it
gets an explicitlazy-bailout instruction (instead of
treating it specially like stack-checks)
* Enable target recording CallFunctionStub to achieve
more inlining on optimized code.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8587008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10020 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
EmitIsObject is only called from one function, DoIsObjectAndBranch.
DoIsObjectAndBranch now passes the temp2 register to EmitIsObject
instead of simply relying on the two functions using the same
lithium scratch register.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8588004
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10017 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Changes:
-separated the two code-paths (constant power of 2 divisor similar to ARM and everything else)
-replaced a bailout condition with faster handling (negative modulo result)
-removed a possibly useless mov instruction from one path
-replaced the IsConstantOperand condition with the more meaningful HasPowerOf2Divisor (although in this specific case they're equivalent)
BUG=
TEST=
Review URL: http://codereview.chromium.org/8591002
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10016 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
r9871 (5baeaf57) changed the fill value for deleted entries in hash tables from null_value to the_hole_value.
This commit changes an assertion in MIPS code that expects this value.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8479028
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9955 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Port r9909 (56c8728aa).
Original commit message:
Test at the bottom in the unwind loop. Eliminate the possibility of a
useless move to the eax/rax/r0 register (currently impossible because
this function has two call sites). Do not explicitly zero the context
because we've already saved 0 as the context in the handler.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8507007
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9923 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Port r9847 (fc7590).
Original commit message:
Also partition side effects into observable and not observable, with only observable requiring Simulates and non-observable changes able to participate in GVN and code hoisting.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8387044
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9866 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Port r9863 (0996dc77)
Original commit message:
This was pretty heavyweight. It was kept in just for a few corner cases
that assumed it was there. We can work around them by making sure that the
expression in a reified test context is always really the expression that
was visited in that context; and by inspecting the context manually and
consing up a pair of extra AST IDs for the unusual case of unary not in a
value AST context.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8372085
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9865 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This was pretty heavyweight. It was kept in just for a few corner cases
that assumed it was there. We can work around them by making sure that the
expression in a reified test context is always really the expression that
was visited in that context; and by inspecting the context manually and
consing up a pair of extra AST IDs for the unusual case of unary not in a
value AST context.
R=fschneider@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/8386037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9863 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Port r9837 (38061af).
Port r9834 (95ac04).
Original commit message (r9834):
Also, handlify functions for loading with interceptors and callbacks.
Remove some unneeded code. Rename Foreign::address() because it
confusingly shadows HeapObject::address() which does something quite
different.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8400087
Patch from Gergely Kis <gergely@homejinni.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9844 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Previously we omitted all cases where the global eval property was shadowed,
even if by a variable holding the same value. ES5 requires us to treat these
as direct calls.
We still throw if calling indirect eval with a detached global object.
BUG=v8:994
TEST=mjsunit/eval.js
Review URL: http://codereview.chromium.org/8343054
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9838 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This ports the following list of commits to mips. It is provided in this form
so that the mips port of the new-gc can be easily tested on your end.
This must be downloaded or landed after http://codereview.chromium.org/8106002
This is based on r9585. With these two mips commits, all tests are passing.
9319 Fix a harmless assert and a genuine bug in the GC-safety of stub generation ...
9329 ARM: Pregenerate some stubs that we call from other stubs.
9335 Initialize pre-allocated fields of JSObject with undefined.
9344 Put back the asserts in RememberedSetHelper, but correct this time
9370 Reorganize object type enum, such that proxies are no longer in the middle...
9392 Basic support for tracking smi-only arrays on ia32.
9402 Notify collector about lazily deoptimized code objects.
9411 Porting r9392 to arm (smi-only arrays).
9418 Small refactor to KeyedStoreIC::GenerateGeneric to make it slightly faster.
9447 Tighten up assertions checking GC-safety of stub calls.
9449 Record function call targets, use them for inlining.
9459 Make sure we don't flush the pregenerated stubs, since they need to b
9461 Fix the build on ARM
9466 Move the is_pregenerated flag so it does not overlap other flags....
9468 Fix the no-VFP3 build on ARM.
9475 Pass correct anchor_slot for EMBEDDED_OBJECT pointers from
9490 Adjust assertions in UpdateSlot to match UpdatePointer in PointersUpdatingVisitor.
9511 Clean list of external references from internal objects like the hole value.
9514 Simplify compares in KeyedStoreIC::GenerateGeneric.
9531 Porting r9456 to arm (Optimize KeyedStoreGeneric for Smi arrays).
9541 Fix load of potentially eval-shadowed let bindings.
9542 Fast allocation of block contexts.
9553 Activate smi-only optimizations for large array literals.
9575 Move declaration of SerializedScopeInfo from variables.h to objects.h
9577 Track elements_kind transitions in KeyedStoreICs.
9583 Fixing a bug in arm as pointed out in issue 1759.
9584 Refactor and fix polymorphic KeyedStoreIC creation.
BUG=
TEST=
Review URL: http://codereview.chromium.org/8112008
Patch from Paul Lind <pling44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9601 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This prevents potential misuse of SeqString::kHeaderSize as in the
case of live byte counting in incremental marking stub. All stubs
picked up the undefined size constant SeqString::kHeaderSize, thus
the computed size of all strings was off by two pointers slots.
R=lrn@chromium.org
BUG=v8:1672
TEST=mjsunit/object-seal.js,...
Review URL: http://codereview.chromium.org/7971009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9349 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Although this patch is not small, most parts of it are rather mechanical:
* First of all, the concept of a 'nil-like' value is introduced, which can be
null or undefined. They are treated symmetrically regarding comparisons, so
it makes sense to handle them in a uniform manner. It is a mystery why
JavaScript defines two of those beasts, when even *one* is a design wart...
* Extended and renamed a few things which now handle undefined in addition to
null.
* Made the parts of the full code generator and the hydrogen generation which
deal with comparisons a bit more similar regarding their handling of special
cases.
* Refactored the syntactical detection of special cases for comparisons,
hopefully making them a bit more readable and less copy-n-paste-oriented.
Things like this should really be a one-liner in any sane programming
language... :-P
* Cut down the length of the argument lists of a few functions to something
less insane, making them more easily understandable locally. This involves
minor code duplication, but this was a good tradeoff and can be remedied
later if necessary.
* Replaced some boolean arguments with more readable enums.
* Fixed a TODO: Values which are definitely a Smi or unboxed can never be equal
to null or undefined.
Review URL: http://codereview.chromium.org/7918012
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9323 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
port r9258 (c8709a9)
Note on mips implementation: Arm reg r4 (call type) normally maps to mips
reg t0. We had already used t0 as a temp in Generate_FunctionCall() and
Generate_FunctionApply(), so I replaced that existing t0 usage with t3, and
now use t0 only for call type.
Original commit message:
Introduce new %Apply native.
Extend Execution::Call to optionally handle receiver rewriting (needed for %Apply).
Fix Function.prototype.bind for functions that have .apply modified.
Landing http://codereview.chromium.org/7891033/ for Paul Lind.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9316 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Highlights:
- code-stubs-mips.cc
-- use EmitFPUTruncate in place of inline code in several places.
-- use BranchF macro rather than lower-level FP cmp and branch for readability.
-- Port of Sven's r8859 (Implement type recording for ToBoolean) and r8886
(Simplify and optimize ToBoolean handling.)
-- Fix bug in TranscendentalCacheStub::Generate where some regs were not
saved across CFunction call.
-- use updated xxxCFunction macros.
-- update InstanceOfStub to support crankshaft
DoDeferredLInstanceOfKnownGlobal
-- Provide code-patching and I-cache flushing support for generated
code, used for InstanceOfStub under crankshaft (not submitted here).
This requires adding new ExternalReference to src/assember.cc,h
- stub-cache-mips.cc
-- port Danno's r8901 (Create a common base class for Fixed-, FixedDouble-
and ExternalArrays) to mips crankshaft branch.
BUG=
TEST=
Review URL: http://codereview.chromium.org/7890001
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9308 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Highlights:
- Better support for FP compares and branches (BranchF macro)
- Add EmitFPUTruncate() macro, similar to EmitVFPTruncate on Arm.
- Some improvements to long-branch mechanism for mips.
- Add ClampUint8() and ClampDoubleToUint8()
- Minor changes to ic-mips, full-codegen-mips mostly, for improved
code-patching with BinaryOpStub.
- Small changes to stack checking in full-codegen-mips and
regexp-macro-assembler-mips
BUG=
TEST=
Review URL: http://codereview.chromium.org/7888004
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9307 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
1) Don't make a call to C without having a valid frame on the stack.
2) Don't generate a call to a stub while generating a stub, unless we can be
sure that the stub we are calling has already been generated (the stub
generation code is not reentrant wrt. GC).
Review URL: http://codereview.chromium.org/7891042
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9297 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The Great Master Plan is to move the recognition of special cases for
comparisons further down the compilation pipeline where more information is
available. This is a first step into this direction: The special handling of
equality comparisons involving null is pushed from the parser to the code
generators, removing the need for a special AST node. (There are rumors from
usually well-informed sources that this node type is actually a relic of ancient
crankshaft days...)
The next steps will be the unification of null/undefined handling and pushing
the special case handling in crankshaft even further down the pipeline, enabling
the recognition of cases like "var foo=null; if (foo === bar) ...", but these
will be in separate CLs.
Review URL: http://codereview.chromium.org/7887037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9293 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
port r9260 (af9cfd83).
Original commit message:
We passed this flag around in a lot of places and had differenc call
ICs based on it, but never did any real specialization based on its
value.
BUG=
TEST=
Review URL: http://codereview.chromium.org/7886028
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9269 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Highlights:
- assembler.h adds FPU definitions used for Crankshaft.
- Support optimization of mips call: jalr->jal
- includes changes to set_target_address_at(), support routines.
- Add 2nd use of Apply() to update target addresses.
- Minor debugging improvement in simulator.
BUG=
TEST=
Review URL: http://codereview.chromium.org/7888003
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9259 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Use the BitField helper class for the code flags, so that we do not have to
define both a shift and a mask explicitly. This makes changing the flags
layout simpler.
Also, make the 'mask' and 'max' members of BitField into constants, because
they are constant and so that they can be used as constant expressions.
E.g., so they can be used in declaring other const members or in static
asserts.
R=fschneider@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/7787028
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9232 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
We have to emit code for declarations later into the body block
(and not into the start block) so that the environment contains
the correct values.
In order to capture the environment effect of the declarations
that generate code (function declarations) I inserted a separate
AST id and a HSimulate after the declarations are visited.
Also fixes handling deopt in named function expressions:
BUG=v8:1647
TEST=test/mjsunit/regress/regress-fundecl.js, test/mjsunit/regress/regress-1647.js
Review URL: http://codereview.chromium.org/7776009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9083 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The ARM and MIPS assemblers had a bug where they did not handle the last element
in the list of code positions correctly during the fixup of offsets for forward
jumps. This happened when the first instruction contained a forward jump to a
label, and that label was used in a forward jump later, too.
Unified the code for Assembler::next on ARM and MIPS while we were there.
Added test cases, even for ia32/x64, which seem to be correct, even I don't
fully understand why... %-}
BUG=v8:1644
Review URL: http://codereview.chromium.org/7786001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9063 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Test regress-91013.js (to ensure that the stored value was returned) passed on mips
without this fix, since the input value (in value_reg, a0) also happens to be in
mips return value register v0 at the time of call.
But it is fragile to depend on that behavior, so an explicit move from a0 to v0
is warranted. This fix puts that move in the delay slot of the Ret().
Patch by Paul Lind.
BUG=
TEST=
Review URL: http://codereview.chromium.org/7779006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9035 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Changes GetGlobalReceiver() to GetDefaultReceiver(func) that returns undefined
for strict and native functions, and the function's context's global proxy
for "normal" functions.
BUG=v8:1547
TEST=cctest/api-test/ForeignFunctionReceiver
Review URL: http://codereview.chromium.org/7741042
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9030 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Port r8876 (2aeeae7)
Original commit message:
Harmony is intended to make typeof null === "null". This may
break existing programs. Implementing it will allow us to run
some tests on the actual web.
BUG=
TEST=
Review URL: http://codereview.chromium.org/7650009
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8939 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Ported r8922 (5ea2fb5)
Original commit message:
Remove the try/finally used for with and catch. Instead of using
try/finally to handle break and continue from with or catch,
statically track nesting dept and clean up when compiling break or
continue.
And instead of using try/finally to handle throw to handler in a frame
whose pc is inside a with or catch, store the context that the handler
should run in in the handler itself.
BUG=
TEST=
Review URL: http://codereview.chromium.org/7648026
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8936 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
When creating a CompilationInfo we always have the script and can
determine if it is a natives script.
Now that all natives functions are recognized as such, many of them
are called with undefined as the receiver. We have to use different
filtering for builtins functions when printing stack traces.
Also, fixed one call of CALL_NON_FUNCTION to be correctly marked as a
method call (with fixed receiver). Now that CALL_NON_FUNCTION is
marked as a native function this caused the receiver to be undefined.
R=svenpanne@chromium.org
BUG=
TEST=
Review URL: http://codereview.chromium.org/7395030
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Using a C++-style method PrintName (a.k.a. << ;-), things get a lot easier when
two unrelated concerns are separated. Stubs don't need a name cache anymore,
simpler code while generating the stub name, memory allocation is centralized,
etc.
Review URL: http://codereview.chromium.org/7342042
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8627 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The preprocessor defines ENABLE_LOGGING_AND_PROFILING and ENABLE_VMSTATE_TRACKING has been removed as these where required to be turned on for Crankshaft to work. To re-enable reducing the binary size by leaving out heap and CPU profiler a new set of defines needs to be created.
R=ager@chromium.org
BUG=v8:1271
TEST=all
Review URL: http://codereview.chromium.org//7350014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8622 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
architecture-independent.
jsregexp.h is itself included transitively quite a lot, and by getting rid of 19
of its dependencies (which even included things like src/cpu.h, the various
assemblers, etc.), the recompilation behaviour is a bit less funny than it was.
Review URL: http://codereview.chromium.org/7331014
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8589 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Patterned after r8482, Cleaned up calling-related methods in the ARM assembler.
On MIPS I completely refactored the Jump and Call methods.
All the Jump and Call macro helpers have been replaced with overloaded functions
(matching the ARM version) and using default parameter values where possible.
The previously mostly-unused CallSize function is utilized as well (same as on ARM).
The unused Jump(Operand, ...) and Call(Operand, ...) versions have been completely removed.
I also removed the Jump(BranchDelaySlot, ...) and Call(BranchDelaySlot,...) methods as
they were unused and declaring them would either result in a lot of unused code or the
previously experienced macro-hell. The only exception to this is for Ret() where the
branch delay slot is often used.
This fixes the failing debug tests for example cctest test-debug/DebugStepFor.
Ported r8482 (41cb9ed)
Patch by Daniel Kalmar <kalmard@homejinni.com>
BUG=
TEST=
Review URL: http://codereview.chromium.org//7328013
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8585 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Ported r8532 (c9db503)
Original commit message:
Due to issues relating mostly to chrome extensions we have lately been
running into OOMs that are caused by our executable space running
out. This change introduces flushing of code from regexps if we have
not used the code for 5 mark sweeps.
The approach is different from the normal function code flusing. Here
we make a copy of the code inside the data array, and exchange the
original code with a smi determined by the sweep_generation (a new
heap variable increased everytime we do mark sweep/compact). If we
encounter a smi in EnsureCompiled we simply reinstate the code
object. If, in the marking phase of mark sweep, we find a regexp that
already have a smi in the code field, and this is more than 5
generations old we flush the code from the saved index.
BUG=
TEST=
Review URL: http://codereview.chromium.org//7324018
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8568 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Port r8496 (b7d5ecf0).
Original commit message:
Introduce scopes to keep track of catch blocks at compile time.
The catch variable is bound in the catch scope. For simplicity in this
initial implementation, it is always allocated even if unused and always
allocated to a catch context even if it doesn't escape. The presence of
catch is no longer treated as a with.
In this change, care must be taken to distinguish between the scope where a
var declaration is hoisted to and the scope where the initialization occurs.
BUG=
TEST=
Review URL: http://codereview.chromium.org//7212020
Patch from Paul Lind <plind44@gmail.com>.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8522 ce2b1a6d-e550-0410-aec6-3dcde31c8c00