Version 3.25.26 (based on bleeding_edge revision r20257)
Performance and stability improvements on all platforms.
git-svn-id: http://v8.googlecode.com/svn/trunk@20258 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
diff --git a/ChangeLog b/ChangeLog
index a376aaf..a2a877c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2014-03-26: Version 3.25.26
+
+ Performance and stability improvements on all platforms.
+
+
2014-03-25: Version 3.25.25
Roll ICU 239289:258359 and add support for external ICU data tables
diff --git a/src/api.cc b/src/api.cc
index f5ae10d..f61f190 100644
--- a/src/api.cc
+++ b/src/api.cc
@@ -3731,7 +3731,7 @@
isolate->factory()->NewExternalArray(length, array_type, data);
i::Handle<i::Map> external_array_map =
- isolate->factory()->GetElementsTransitionMap(
+ i::JSObject::GetElementsTransitionMap(
object,
GetElementsKindFromExternalArrayType(array_type));
diff --git a/src/arm/code-stubs-arm.cc b/src/arm/code-stubs-arm.cc
index b3df94e..759e1b2 100644
--- a/src/arm/code-stubs-arm.cc
+++ b/src/arm/code-stubs-arm.cc
@@ -76,7 +76,7 @@
descriptor->register_param_count_ = 1;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kNumberToString)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenNumberToString)->entry;
}
@@ -141,7 +141,7 @@
descriptor->register_param_count_ = 3;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kRegExpConstructResult)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenRegExpConstructResult)->entry;
}
@@ -385,7 +385,7 @@
descriptor->register_param_count_ = 2;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kStringAdd)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenStringAdd)->entry;
}
@@ -2830,7 +2830,7 @@
// Do the runtime call to execute the regexp.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kRegExpExec, 4, 1);
+ __ TailCallRuntime(Runtime::kHiddenRegExpExec, 4, 1);
// Deferred code for string handling.
// (6) Not a long external string? If yes, go to (8).
@@ -3225,7 +3225,7 @@
call_helper.BeforeCall(masm);
__ SmiTag(index_);
__ Push(object_, index_);
- __ CallRuntime(Runtime::kStringCharCodeAt, 2);
+ __ CallRuntime(Runtime::kHiddenStringCharCodeAt, 2);
__ Move(result_, r0);
call_helper.AfterCall(masm);
__ jmp(&exit_);
@@ -3673,7 +3673,7 @@
// Just jump to runtime to create the sub string.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kSubString, 3, 1);
+ __ TailCallRuntime(Runtime::kHiddenSubString, 3, 1);
__ bind(&single_char);
// r0: original string
@@ -3831,7 +3831,7 @@
// Call the runtime; it returns -1 (less), 0 (equal), or 1 (greater)
// tagged as a small integer.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
@@ -4318,7 +4318,7 @@
if (equality) {
__ TailCallRuntime(Runtime::kStringEquals, 2, 1);
} else {
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
__ bind(&miss);
diff --git a/src/arm/full-codegen-arm.cc b/src/arm/full-codegen-arm.cc
index e2753a8..8b0a715 100644
--- a/src/arm/full-codegen-arm.cc
+++ b/src/arm/full-codegen-arm.cc
@@ -3404,7 +3404,7 @@
if (CodeGenerator::ShouldGenerateLog(isolate(), args->at(0))) {
VisitForStackValue(args->at(1));
VisitForStackValue(args->at(2));
- __ CallRuntime(Runtime::kLog, 2);
+ __ CallRuntime(Runtime::kHiddenLog, 2);
}
// Finally, we're expected to leave a value on the top of the stack.
@@ -3867,7 +3867,7 @@
__ bind(¬_found);
// Call runtime to perform the lookup.
__ Push(cache, key);
- __ CallRuntime(Runtime::kGetFromCache, 2);
+ __ CallRuntime(Runtime::kHiddenGetFromCache, 2);
__ bind(&done);
context()->Plug(r0);
@@ -4144,8 +4144,8 @@
void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
- Handle<String> name = expr->name();
- if (name->length() > 0 && name->Get(0) == '_') {
+ if (expr->function() != NULL &&
+ expr->function()->intrinsic_type == Runtime::INLINE) {
Comment cmnt(masm_, "[ InlineRuntimeCall");
EmitInlineRuntimeCall(expr);
return;
diff --git a/src/arm/lithium-codegen-arm.cc b/src/arm/lithium-codegen-arm.cc
index 0fe38a0..9f27b16 100644
--- a/src/arm/lithium-codegen-arm.cc
+++ b/src/arm/lithium-codegen-arm.cc
@@ -4463,7 +4463,7 @@
__ SmiTag(index);
__ push(index);
}
- CallRuntimeFromDeferred(Runtime::kStringCharCodeAt, 2, instr,
+ CallRuntimeFromDeferred(Runtime::kHiddenStringCharCodeAt, 2, instr,
instr->context());
__ AssertSmi(r0);
__ SmiUntag(r0);
diff --git a/src/arm64/code-stubs-arm64.cc b/src/arm64/code-stubs-arm64.cc
index b512e42..88bffe3 100644
--- a/src/arm64/code-stubs-arm64.cc
+++ b/src/arm64/code-stubs-arm64.cc
@@ -80,7 +80,7 @@
descriptor->register_param_count_ = sizeof(registers) / sizeof(registers[0]);
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kNumberToString)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenNumberToString)->entry;
}
@@ -161,7 +161,7 @@
descriptor->register_param_count_ = sizeof(registers) / sizeof(registers[0]);
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kRegExpConstructResult)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenRegExpConstructResult)->entry;
}
@@ -429,7 +429,7 @@
descriptor->register_param_count_ = sizeof(registers) / sizeof(registers[0]);
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kStringAdd)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenStringAdd)->entry;
}
@@ -3134,7 +3134,7 @@
__ Bind(&runtime);
__ PopCPURegList(used_callee_saved_registers);
- __ TailCallRuntime(Runtime::kRegExpExec, 4, 1);
+ __ TailCallRuntime(Runtime::kHiddenRegExpExec, 4, 1);
// Deferred code for string handling.
// (6) Not a long external string? If yes, go to (8).
@@ -3550,7 +3550,7 @@
call_helper.BeforeCall(masm);
__ SmiTag(index_);
__ Push(object_, index_);
- __ CallRuntime(Runtime::kStringCharCodeAt, 2);
+ __ CallRuntime(Runtime::kHiddenStringCharCodeAt, 2);
__ Mov(result_, x0);
call_helper.AfterCall(masm);
__ B(&exit_);
@@ -3832,7 +3832,7 @@
if (equality) {
__ TailCallRuntime(Runtime::kStringEquals, 2, 1);
} else {
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
__ Bind(&miss);
@@ -4222,7 +4222,7 @@
__ Ret();
__ Bind(&runtime);
- __ TailCallRuntime(Runtime::kSubString, 3, 1);
+ __ TailCallRuntime(Runtime::kHiddenSubString, 3, 1);
__ bind(&single_char);
// x1: result_length
@@ -4399,7 +4399,7 @@
// Call the runtime.
// Returns -1 (less), 0 (equal), or 1 (greater) tagged as a small integer.
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
diff --git a/src/arm64/full-codegen-arm64.cc b/src/arm64/full-codegen-arm64.cc
index 272e1c7..768a8ae 100644
--- a/src/arm64/full-codegen-arm64.cc
+++ b/src/arm64/full-codegen-arm64.cc
@@ -3137,7 +3137,7 @@
if (CodeGenerator::ShouldGenerateLog(isolate(), args->at(0))) {
VisitForStackValue(args->at(1));
VisitForStackValue(args->at(2));
- __ CallRuntime(Runtime::kLog, 2);
+ __ CallRuntime(Runtime::kHiddenLog, 2);
}
// Finally, we're expected to leave a value on the top of the stack.
@@ -3598,7 +3598,7 @@
// Call runtime to perform the lookup.
__ Push(cache, key);
- __ CallRuntime(Runtime::kGetFromCache, 2);
+ __ CallRuntime(Runtime::kHiddenGetFromCache, 2);
__ Bind(&done);
context()->Plug(x0);
@@ -3856,8 +3856,8 @@
void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
- Handle<String> name = expr->name();
- if (name->length() > 0 && name->Get(0) == '_') {
+ if (expr->function() != NULL &&
+ expr->function()->intrinsic_type == Runtime::INLINE) {
Comment cmnt(masm_, "[ InlineRuntimeCall");
EmitInlineRuntimeCall(expr);
return;
@@ -3874,6 +3874,7 @@
__ Push(x0);
// Load the function from the receiver.
+ Handle<String> name = expr->name();
__ Mov(x2, Operand(name));
CallLoadIC(NOT_CONTEXTUAL, expr->CallRuntimeFeedbackId());
diff --git a/src/arm64/lithium-codegen-arm64.cc b/src/arm64/lithium-codegen-arm64.cc
index 7fdd94f..d61151e 100644
--- a/src/arm64/lithium-codegen-arm64.cc
+++ b/src/arm64/lithium-codegen-arm64.cc
@@ -1078,18 +1078,18 @@
void LCodeGen::DeoptimizeIfNegative(Register rt, LEnvironment* environment) {
int sign_bit = rt.Is64Bits() ? kXSignBit : kWSignBit;
- DeoptimizeBranch(environment, reg_bit_set, rt, sign_bit);
+ DeoptimizeIfBitSet(rt, sign_bit, environment);
}
void LCodeGen::DeoptimizeIfSmi(Register rt,
LEnvironment* environment) {
- DeoptimizeBranch(environment, reg_bit_clear, rt, MaskToBit(kSmiTagMask));
+ DeoptimizeIfBitClear(rt, MaskToBit(kSmiTagMask), environment);
}
void LCodeGen::DeoptimizeIfNotSmi(Register rt, LEnvironment* environment) {
- DeoptimizeBranch(environment, reg_bit_set, rt, MaskToBit(kSmiTagMask));
+ DeoptimizeIfBitSet(rt, MaskToBit(kSmiTagMask), environment);
}
@@ -1116,6 +1116,20 @@
}
+void LCodeGen::DeoptimizeIfBitSet(Register rt,
+ int bit,
+ LEnvironment* environment) {
+ DeoptimizeBranch(environment, reg_bit_set, rt, bit);
+}
+
+
+void LCodeGen::DeoptimizeIfBitClear(Register rt,
+ int bit,
+ LEnvironment* environment) {
+ DeoptimizeBranch(environment, reg_bit_clear, rt, bit);
+}
+
+
void LCodeGen::EnsureSpaceForLazyDeopt(int space_needed) {
if (!info()->IsStub()) {
// Ensure that we have enough space after the previous lazy-bailout
@@ -2184,10 +2198,11 @@
if (IsPowerOf2(mask)) {
ASSERT((tag == 0) || (tag == mask));
- // TODO(all): We might be able to use tbz/tbnz if we can guarantee that
- // the deopt handler is reachable by a tbz instruction.
- __ Tst(scratch, mask);
- DeoptimizeIf(tag == 0 ? ne : eq, instr->environment());
+ if (tag == 0) {
+ DeoptimizeIfBitSet(scratch, MaskToBit(mask), instr->environment());
+ } else {
+ DeoptimizeIfBitClear(scratch, MaskToBit(mask), instr->environment());
+ }
} else {
if (tag == 0) {
__ Tst(scratch, mask);
@@ -5374,7 +5389,7 @@
__ SmiTag(index);
__ Push(index);
- CallRuntimeFromDeferred(Runtime::kStringCharCodeAt, 2, instr,
+ CallRuntimeFromDeferred(Runtime::kHiddenStringCharCodeAt, 2, instr,
instr->context());
__ AssertSmi(x0);
__ SmiUntag(x0);
diff --git a/src/arm64/lithium-codegen-arm64.h b/src/arm64/lithium-codegen-arm64.h
index d98e89c..b1d8b70 100644
--- a/src/arm64/lithium-codegen-arm64.h
+++ b/src/arm64/lithium-codegen-arm64.h
@@ -237,6 +237,8 @@
Heap::RootListIndex index,
LEnvironment* environment);
void DeoptimizeIfMinusZero(DoubleRegister input, LEnvironment* environment);
+ void DeoptimizeIfBitSet(Register rt, int bit, LEnvironment* environment);
+ void DeoptimizeIfBitClear(Register rt, int bit, LEnvironment* environment);
void ApplyCheckIf(Condition cc, LBoundsCheck* check);
MemOperand PrepareKeyedExternalArrayOperand(Register key,
diff --git a/src/arm64/macro-assembler-arm64.h b/src/arm64/macro-assembler-arm64.h
index ad706f6..1777c38 100644
--- a/src/arm64/macro-assembler-arm64.h
+++ b/src/arm64/macro-assembler-arm64.h
@@ -2157,8 +2157,9 @@
{
// Before blocking the const pool, see if it needs to be emitted.
masm_->CheckConstPool(false, true);
+ masm_->CheckVeneerPool(false, true);
- masm_->StartBlockConstPool();
+ masm_->StartBlockPools();
#ifdef DEBUG
if (count != 0) {
masm_->bind(&start_);
@@ -2169,7 +2170,7 @@
}
~InstructionAccurateScope() {
- masm_->EndBlockConstPool();
+ masm_->EndBlockPools();
#ifdef DEBUG
if (start_.is_bound()) {
ASSERT(masm_->SizeOfCodeGeneratedSince(&start_) == size_);
diff --git a/src/elements.cc b/src/elements.cc
index c8e28c5..3949747 100644
--- a/src/elements.cc
+++ b/src/elements.cc
@@ -770,30 +770,15 @@
Handle<JSArray> array,
int capacity,
int length) V8_FINAL V8_OVERRIDE {
- CALL_HEAP_FUNCTION_VOID(
- array->GetIsolate(),
- ElementsAccessorSubclass::SetFastElementsCapacityAndLength(
- *array,
- capacity,
- length));
+ ElementsAccessorSubclass::
+ SetFastElementsCapacityAndLength(array, capacity, length);
}
- MUST_USE_RESULT static MaybeObject* SetFastElementsCapacityAndLength(
- JSObject* obj,
- int capacity,
- int length) {
- UNIMPLEMENTED();
- return obj;
- }
-
- // TODO(ishell): Temporary wrapper until handlified.
- MUST_USE_RESULT static Handle<Object> SetFastElementsCapacityAndLength(
+ static void SetFastElementsCapacityAndLength(
Handle<JSObject> obj,
int capacity,
int length) {
- CALL_HEAP_FUNCTION(obj->GetIsolate(),
- SetFastElementsCapacityAndLength(*obj, capacity, length),
- Object);
+ UNIMPLEMENTED();
}
MUST_USE_RESULT virtual Handle<Object> Delete(
@@ -1232,26 +1217,16 @@
}
- static MaybeObject* SetFastElementsCapacityAndLength(JSObject* obj,
- uint32_t capacity,
- uint32_t length) {
+ static void SetFastElementsCapacityAndLength(
+ Handle<JSObject> obj,
+ uint32_t capacity,
+ uint32_t length) {
JSObject::SetFastElementsCapacitySmiMode set_capacity_mode =
obj->HasFastSmiElements()
? JSObject::kAllowSmiElements
: JSObject::kDontAllowSmiElements;
- return obj->SetFastElementsCapacityAndLength(capacity,
- length,
- set_capacity_mode);
- }
-
- // TODO(ishell): Temporary wrapper until handlified.
- static Handle<Object> SetFastElementsCapacityAndLength(
- Handle<JSObject> obj,
- int capacity,
- int length) {
- CALL_HEAP_FUNCTION(obj->GetIsolate(),
- SetFastElementsCapacityAndLength(*obj, capacity, length),
- Object);
+ JSObject::SetFastElementsCapacityAndLength(
+ obj, capacity, length, set_capacity_mode);
}
};
@@ -1316,21 +1291,10 @@
KindTraits,
kDoubleSize>(name) {}
- static MaybeObject* SetFastElementsCapacityAndLength(JSObject* obj,
- uint32_t capacity,
- uint32_t length) {
- return obj->SetFastDoubleElementsCapacityAndLength(capacity,
- length);
- }
-
- // TODO(ishell): Temporary wrapper until handlified.
- static Handle<Object> SetFastElementsCapacityAndLength(
- Handle<JSObject> obj,
- int capacity,
- int length) {
- CALL_HEAP_FUNCTION(obj->GetIsolate(),
- SetFastElementsCapacityAndLength(*obj, capacity, length),
- Object);
+ static void SetFastElementsCapacityAndLength(Handle<JSObject> obj,
+ uint32_t capacity,
+ uint32_t length) {
+ JSObject::SetFastDoubleElementsCapacityAndLength(obj, capacity, length);
}
protected:
diff --git a/src/elements.h b/src/elements.h
index 2ee07aa..ea335aa 100644
--- a/src/elements.h
+++ b/src/elements.h
@@ -167,6 +167,15 @@
int copy_size,
FixedArrayBase* source = NULL) = 0;
+ void CopyElements(
+ Handle<JSObject> from_holder,
+ Handle<FixedArrayBase> to,
+ ElementsKind from_kind,
+ Handle<FixedArrayBase> from = Handle<FixedArrayBase>::null()) {
+ CopyElements(from_holder, 0, from_kind, to, 0,
+ kCopyToEndAndInitializeToHole, from);
+ }
+
MUST_USE_RESULT MaybeObject* CopyElements(JSObject* from_holder,
FixedArrayBase* to,
ElementsKind from_kind,
diff --git a/src/factory.cc b/src/factory.cc
index e292455..f6f6525 100644
--- a/src/factory.cc
+++ b/src/factory.cc
@@ -883,16 +883,6 @@
}
-Handle<Map> Factory::GetElementsTransitionMap(
- Handle<JSObject> src,
- ElementsKind elements_kind) {
- Isolate* i = isolate();
- CALL_HEAP_FUNCTION(i,
- src->GetElementsTransitionMap(i, elements_kind),
- Map);
-}
-
-
Handle<FixedArray> Factory::CopyFixedArray(Handle<FixedArray> array) {
CALL_HEAP_FUNCTION(isolate(), array->Copy(), FixedArray);
}
diff --git a/src/factory.h b/src/factory.h
index e57e130..e390052 100644
--- a/src/factory.h
+++ b/src/factory.h
@@ -288,9 +288,6 @@
Handle<Map> CopyMap(Handle<Map> map, int extra_inobject_props);
Handle<Map> CopyMap(Handle<Map> map);
- Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
- ElementsKind elements_kind);
-
Handle<FixedArray> CopyFixedArray(Handle<FixedArray> array);
// This method expects a COW array in new space, and creates a copy
diff --git a/src/full-codegen.cc b/src/full-codegen.cc
index 0229c74..1299023 100644
--- a/src/full-codegen.cc
+++ b/src/full-codegen.cc
@@ -952,59 +952,6 @@
}
-void FullCodeGenerator::EmitDoubleHi(CallRuntime* expr) {
- ZoneList<Expression*>* args = expr->arguments();
- ASSERT(args->length() == 1);
- VisitForStackValue(args->at(0));
- masm()->CallRuntime(Runtime::kDoubleHi, 1);
- context()->Plug(result_register());
-}
-
-
-void FullCodeGenerator::EmitDoubleLo(CallRuntime* expr) {
- ZoneList<Expression*>* args = expr->arguments();
- ASSERT(args->length() == 1);
- VisitForStackValue(args->at(0));
- masm()->CallRuntime(Runtime::kDoubleLo, 1);
- context()->Plug(result_register());
-}
-
-
-void FullCodeGenerator::EmitConstructDouble(CallRuntime* expr) {
- ZoneList<Expression*>* args = expr->arguments();
- ASSERT(args->length() == 2);
- VisitForStackValue(args->at(0));
- VisitForStackValue(args->at(1));
- masm()->CallRuntime(Runtime::kConstructDouble, 2);
- context()->Plug(result_register());
-}
-
-
-void FullCodeGenerator::EmitTypedArrayInitialize(CallRuntime* expr) {
- ZoneList<Expression*>* args = expr->arguments();
- ASSERT(args->length() == 5);
- for (int i = 0; i < 5; i++) VisitForStackValue(args->at(i));
- masm()->CallRuntime(Runtime::kTypedArrayInitialize, 5);
- context()->Plug(result_register());
-}
-
-
-void FullCodeGenerator::EmitDataViewInitialize(CallRuntime* expr) {
- ZoneList<Expression*>* args = expr->arguments();
- ASSERT(args->length() == 4);
- for (int i = 0; i < 4; i++) VisitForStackValue(args->at(i));
- masm()->CallRuntime(Runtime::kDataViewInitialize, 4);
- context()->Plug(result_register());
-}
-
-
-void FullCodeGenerator::EmitMaxSmi(CallRuntime* expr) {
- ASSERT(expr->arguments()->length() == 0);
- masm()->CallRuntime(Runtime::kMaxSmi, 0);
- context()->Plug(result_register());
-}
-
-
void FullCodeGenerator::VisitBinaryOperation(BinaryOperation* expr) {
switch (expr->op()) {
case Token::COMMA:
diff --git a/src/hydrogen-instructions.cc b/src/hydrogen-instructions.cc
index b822d84..84dcb18 100644
--- a/src/hydrogen-instructions.cc
+++ b/src/hydrogen-instructions.cc
@@ -3620,7 +3620,8 @@
void HInnerAllocatedObject::PrintDataTo(StringStream* stream) {
base_object()->PrintNameTo(stream);
- stream->Add(" offset %d", offset());
+ stream->Add(" offset ");
+ offset()->PrintTo(stream);
}
diff --git a/src/hydrogen.cc b/src/hydrogen.cc
index c669cc2..03d4ff9 100644
--- a/src/hydrogen.cc
+++ b/src/hydrogen.cc
@@ -2069,9 +2069,10 @@
// Fallback to the runtime to add the two strings.
Add<HPushArgument>(left);
Add<HPushArgument>(right);
- Push(Add<HCallRuntime>(isolate()->factory()->empty_string(),
- Runtime::FunctionForId(Runtime::kStringAdd),
- 2));
+ Push(Add<HCallRuntime>(
+ isolate()->factory()->empty_string(),
+ Runtime::FunctionForId(Runtime::kHiddenStringAdd),
+ 2));
}
if_sameencodingandsequential.End();
}
@@ -8400,6 +8401,7 @@
const HOptimizedGraphBuilder::InlineFunctionGenerator
HOptimizedGraphBuilder::kInlineFunctionGenerators[] = {
INLINE_FUNCTION_LIST(INLINE_FUNCTION_GENERATOR_ADDRESS)
+ INLINE_OPTIMIZED_FUNCTION_LIST(INLINE_FUNCTION_GENERATOR_ADDRESS)
};
#undef INLINE_FUNCTION_GENERATOR_ADDRESS
@@ -8602,7 +8604,8 @@
const Runtime::Function* function = expr->function();
ASSERT(function != NULL);
- if (function->intrinsic_type == Runtime::INLINE) {
+ if (function->intrinsic_type == Runtime::INLINE ||
+ function->intrinsic_type == Runtime::INLINE_OPTIMIZED) {
ASSERT(expr->name()->length() > 0);
ASSERT(expr->name()->Get(0) == '_');
// Call to an inline function.
diff --git a/src/hydrogen.h b/src/hydrogen.h
index d0bfa02..7fcadea 100644
--- a/src/hydrogen.h
+++ b/src/hydrogen.h
@@ -2120,6 +2120,7 @@
void Generate##Name(CallRuntime* call);
INLINE_FUNCTION_LIST(INLINE_FUNCTION_GENERATOR_DECLARATION)
+ INLINE_OPTIMIZED_FUNCTION_LIST(INLINE_FUNCTION_GENERATOR_DECLARATION)
#undef INLINE_FUNCTION_GENERATOR_DECLARATION
void VisitDelete(UnaryOperation* expr);
diff --git a/src/ia32/code-stubs-ia32.cc b/src/ia32/code-stubs-ia32.cc
index 02af639..e834fc0 100644
--- a/src/ia32/code-stubs-ia32.cc
+++ b/src/ia32/code-stubs-ia32.cc
@@ -81,7 +81,7 @@
descriptor->register_param_count_ = 1;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kNumberToString)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenNumberToString)->entry;
}
@@ -146,7 +146,7 @@
descriptor->register_param_count_ = 3;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kRegExpConstructResult)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenRegExpConstructResult)->entry;
}
@@ -388,7 +388,7 @@
descriptor->register_param_count_ = 2;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kStringAdd)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenStringAdd)->entry;
}
@@ -1863,7 +1863,7 @@
// Do the runtime call to execute the regexp.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kRegExpExec, 4, 1);
+ __ TailCallRuntime(Runtime::kHiddenRegExpExec, 4, 1);
// Deferred code for string handling.
// (7) Not a long external string? If yes, go to (10).
@@ -3155,7 +3155,7 @@
__ push(object_);
__ SmiTag(index_);
__ push(index_);
- __ CallRuntime(Runtime::kStringCharCodeAt, 2);
+ __ CallRuntime(Runtime::kHiddenStringCharCodeAt, 2);
if (!result_.is(eax)) {
__ mov(result_, eax);
}
@@ -3551,7 +3551,7 @@
// Just jump to runtime to create the sub string.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kSubString, 3, 1);
+ __ TailCallRuntime(Runtime::kHiddenSubString, 3, 1);
__ bind(&single_char);
// eax: string
@@ -3733,7 +3733,7 @@
// Call the runtime; it returns -1 (less), 0 (equal), or 1 (greater)
// tagged as a small integer.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
@@ -4256,7 +4256,7 @@
if (equality) {
__ TailCallRuntime(Runtime::kStringEquals, 2, 1);
} else {
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
__ bind(&miss);
diff --git a/src/ia32/full-codegen-ia32.cc b/src/ia32/full-codegen-ia32.cc
index b05b888..d51de08 100644
--- a/src/ia32/full-codegen-ia32.cc
+++ b/src/ia32/full-codegen-ia32.cc
@@ -3360,7 +3360,7 @@
if (CodeGenerator::ShouldGenerateLog(isolate(), args->at(0))) {
VisitForStackValue(args->at(1));
VisitForStackValue(args->at(2));
- __ CallRuntime(Runtime::kLog, 2);
+ __ CallRuntime(Runtime::kHiddenLog, 2);
}
// Finally, we're expected to leave a value on the top of the stack.
__ mov(eax, isolate()->factory()->undefined_value());
@@ -3835,7 +3835,7 @@
// Call runtime to perform the lookup.
__ push(cache);
__ push(key);
- __ CallRuntime(Runtime::kGetFromCache, 2);
+ __ CallRuntime(Runtime::kHiddenGetFromCache, 2);
__ bind(&done);
context()->Plug(eax);
@@ -4145,8 +4145,8 @@
void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
- Handle<String> name = expr->name();
- if (name->length() > 0 && name->Get(0) == '_') {
+ if (expr->function() != NULL &&
+ expr->function()->intrinsic_type == Runtime::INLINE) {
Comment cmnt(masm_, "[ InlineRuntimeCall");
EmitInlineRuntimeCall(expr);
return;
diff --git a/src/ia32/lithium-codegen-ia32.cc b/src/ia32/lithium-codegen-ia32.cc
index 9afde8e..aab2c96 100644
--- a/src/ia32/lithium-codegen-ia32.cc
+++ b/src/ia32/lithium-codegen-ia32.cc
@@ -4802,7 +4802,7 @@
__ SmiTag(index);
__ push(index);
}
- CallRuntimeFromDeferred(Runtime::kStringCharCodeAt, 2,
+ CallRuntimeFromDeferred(Runtime::kHiddenStringCharCodeAt, 2,
instr, instr->context());
__ AssertSmi(eax);
__ SmiUntag(eax);
diff --git a/src/ic.cc b/src/ic.cc
index 89bd87a..da8afca 100644
--- a/src/ic.cc
+++ b/src/ic.cc
@@ -564,7 +564,10 @@
if (kind() == Code::KEYED_LOAD_IC && name->AsArrayIndex(&index)) {
// Rewrite to the generic keyed load stub.
if (FLAG_use_ic) set_target(*generic_stub());
- return Runtime::GetElementOrCharAtOrFail(isolate(), object, index);
+ Handle<Object> result =
+ Runtime::GetElementOrCharAt(isolate(), object, index);
+ RETURN_IF_EMPTY_HANDLE(isolate(), result);
+ return *result;
}
bool use_ic = MigrateDeprecated(object) ? false : FLAG_use_ic;
diff --git a/src/mips/code-stubs-mips.cc b/src/mips/code-stubs-mips.cc
index 3b8e223..3dd86f7 100644
--- a/src/mips/code-stubs-mips.cc
+++ b/src/mips/code-stubs-mips.cc
@@ -77,7 +77,7 @@
descriptor->register_param_count_ = 1;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kNumberToString)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenNumberToString)->entry;
}
@@ -142,7 +142,7 @@
descriptor->register_param_count_ = 3;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kRegExpConstructResult)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenRegExpConstructResult)->entry;
}
@@ -386,7 +386,7 @@
descriptor->register_param_count_ = 2;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kStringAdd)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenStringAdd)->entry;
}
@@ -2589,7 +2589,7 @@
// time or if regexp entry in generated code is turned off runtime switch or
// at compilation.
#ifdef V8_INTERPRETED_REGEXP
- __ TailCallRuntime(Runtime::kRegExpExec, 4, 1);
+ __ TailCallRuntime(Runtime::kHiddenRegExpExec, 4, 1);
#else // V8_INTERPRETED_REGEXP
// Stack frame on entry.
@@ -2981,7 +2981,7 @@
// Do the runtime call to execute the regexp.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kRegExpExec, 4, 1);
+ __ TailCallRuntime(Runtime::kHiddenRegExpExec, 4, 1);
// Deferred code for string handling.
// (6) Not a long external string? If yes, go to (8).
@@ -3388,7 +3388,7 @@
call_helper.BeforeCall(masm);
__ sll(index_, index_, kSmiTagSize);
__ Push(object_, index_);
- __ CallRuntime(Runtime::kStringCharCodeAt, 2);
+ __ CallRuntime(Runtime::kHiddenStringCharCodeAt, 2);
__ Move(result_, v0);
@@ -3823,7 +3823,7 @@
// Just jump to runtime to create the sub string.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kSubString, 3, 1);
+ __ TailCallRuntime(Runtime::kHiddenSubString, 3, 1);
__ bind(&single_char);
// v0: original string
@@ -3988,7 +3988,7 @@
GenerateCompareFlatAsciiStrings(masm, a1, a0, a2, a3, t0, t1);
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
@@ -4499,7 +4499,7 @@
if (equality) {
__ TailCallRuntime(Runtime::kStringEquals, 2, 1);
} else {
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
__ bind(&miss);
diff --git a/src/mips/full-codegen-mips.cc b/src/mips/full-codegen-mips.cc
index 18ff8e4..a4155bc 100644
--- a/src/mips/full-codegen-mips.cc
+++ b/src/mips/full-codegen-mips.cc
@@ -3424,7 +3424,7 @@
if (CodeGenerator::ShouldGenerateLog(isolate(), args->at(0))) {
VisitForStackValue(args->at(1));
VisitForStackValue(args->at(2));
- __ CallRuntime(Runtime::kLog, 2);
+ __ CallRuntime(Runtime::kHiddenLog, 2);
}
// Finally, we're expected to leave a value on the top of the stack.
@@ -3912,7 +3912,7 @@
__ bind(¬_found);
// Call runtime to perform the lookup.
__ Push(cache, key);
- __ CallRuntime(Runtime::kGetFromCache, 2);
+ __ CallRuntime(Runtime::kHiddenGetFromCache, 2);
__ bind(&done);
context()->Plug(v0);
@@ -4193,8 +4193,8 @@
void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
- Handle<String> name = expr->name();
- if (name->length() > 0 && name->Get(0) == '_') {
+ if (expr->function() != NULL &&
+ expr->function()->intrinsic_type == Runtime::INLINE) {
Comment cmnt(masm_, "[ InlineRuntimeCall");
EmitInlineRuntimeCall(expr);
return;
diff --git a/src/mips/lithium-codegen-mips.cc b/src/mips/lithium-codegen-mips.cc
index ee70f67..900ccd5 100644
--- a/src/mips/lithium-codegen-mips.cc
+++ b/src/mips/lithium-codegen-mips.cc
@@ -4484,7 +4484,7 @@
__ SmiTag(index);
__ push(index);
}
- CallRuntimeFromDeferred(Runtime::kStringCharCodeAt, 2, instr,
+ CallRuntimeFromDeferred(Runtime::kHiddenStringCharCodeAt, 2, instr,
instr->context());
__ AssertSmi(v0);
__ SmiUntag(v0);
diff --git a/src/mirror-debugger.js b/src/mirror-debugger.js
index b07d1fe..d413b09 100644
--- a/src/mirror-debugger.js
+++ b/src/mirror-debugger.js
@@ -538,7 +538,7 @@
NumberMirror.prototype.toText = function() {
- return %NumberToString(this.value_);
+ return %_NumberToString(this.value_);
};
diff --git a/src/objects.cc b/src/objects.cc
index 11f53b9..b5e78d3 100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -1532,17 +1532,18 @@
void JSObject::PrintElementsTransition(
- FILE* file, ElementsKind from_kind, FixedArrayBase* from_elements,
- ElementsKind to_kind, FixedArrayBase* to_elements) {
+ FILE* file, Handle<JSObject> object,
+ ElementsKind from_kind, Handle<FixedArrayBase> from_elements,
+ ElementsKind to_kind, Handle<FixedArrayBase> to_elements) {
if (from_kind != to_kind) {
PrintF(file, "elements transition [");
PrintElementsKind(file, from_kind);
PrintF(file, " -> ");
PrintElementsKind(file, to_kind);
PrintF(file, "] in ");
- JavaScriptFrame::PrintTop(GetIsolate(), file, false, true);
+ JavaScriptFrame::PrintTop(object->GetIsolate(), file, false, true);
PrintF(file, " for ");
- ShortPrint(file);
+ object->ShortPrint(file);
PrintF(file, " from ");
from_elements->ShortPrint(file);
PrintF(file, " to ");
@@ -11139,33 +11140,20 @@
int capacity,
int length,
SetFastElementsCapacitySmiMode smi_mode) {
- CALL_HEAP_FUNCTION(
- object->GetIsolate(),
- object->SetFastElementsCapacityAndLength(capacity, length, smi_mode),
- FixedArray);
-}
-
-
-MaybeObject* JSObject::SetFastElementsCapacityAndLength(
- int capacity,
- int length,
- SetFastElementsCapacitySmiMode smi_mode) {
- Heap* heap = GetHeap();
// We should never end in here with a pixel or external array.
- ASSERT(!HasExternalArrayElements());
+ ASSERT(!object->HasExternalArrayElements());
// Allocate a new fast elements backing store.
- FixedArray* new_elements;
- MaybeObject* maybe = heap->AllocateUninitializedFixedArray(capacity);
- if (!maybe->To(&new_elements)) return maybe;
+ Handle<FixedArray> new_elements =
+ object->GetIsolate()->factory()->NewUninitializedFixedArray(capacity);
- ElementsKind elements_kind = GetElementsKind();
+ ElementsKind elements_kind = object->GetElementsKind();
ElementsKind new_elements_kind;
// The resized array has FAST_*_SMI_ELEMENTS if the capacity mode forces it,
// or if it's allowed and the old elements array contained only SMIs.
bool has_fast_smi_elements =
(smi_mode == kForceSmiElements) ||
- ((smi_mode == kAllowSmiElements) && HasFastSmiElements());
+ ((smi_mode == kAllowSmiElements) && object->HasFastSmiElements());
if (has_fast_smi_elements) {
if (IsHoleyElementsKind(elements_kind)) {
new_elements_kind = FAST_HOLEY_SMI_ELEMENTS;
@@ -11179,37 +11167,31 @@
new_elements_kind = FAST_ELEMENTS;
}
}
- FixedArrayBase* old_elements = elements();
+ Handle<FixedArrayBase> old_elements(object->elements());
ElementsAccessor* accessor = ElementsAccessor::ForKind(new_elements_kind);
- MaybeObject* maybe_obj =
- accessor->CopyElements(this, new_elements, elements_kind);
- if (maybe_obj->IsFailure()) return maybe_obj;
+ accessor->CopyElements(object, new_elements, elements_kind);
if (elements_kind != SLOPPY_ARGUMENTS_ELEMENTS) {
- Map* new_map = map();
- if (new_elements_kind != elements_kind) {
- MaybeObject* maybe =
- GetElementsTransitionMap(GetIsolate(), new_elements_kind);
- if (!maybe->To(&new_map)) return maybe;
- }
- ValidateElements();
- set_map_and_elements(new_map, new_elements);
+ Handle<Map> new_map = (new_elements_kind != elements_kind)
+ ? GetElementsTransitionMap(object, new_elements_kind)
+ : handle(object->map());
+ object->ValidateElements();
+ object->set_map_and_elements(*new_map, *new_elements);
// Transition through the allocation site as well if present.
- maybe_obj = UpdateAllocationSite(new_elements_kind);
- if (maybe_obj->IsFailure()) return maybe_obj;
+ JSObject::UpdateAllocationSite(object, new_elements_kind);
} else {
- FixedArray* parameter_map = FixedArray::cast(old_elements);
- parameter_map->set(1, new_elements);
+ Handle<FixedArray> parameter_map = Handle<FixedArray>::cast(old_elements);
+ parameter_map->set(1, *new_elements);
}
if (FLAG_trace_elements_transitions) {
- PrintElementsTransition(stdout, elements_kind, old_elements,
- GetElementsKind(), new_elements);
+ PrintElementsTransition(stdout, object, elements_kind, old_elements,
+ object->GetElementsKind(), new_elements);
}
- if (IsJSArray()) {
- JSArray::cast(this)->set_length(Smi::FromInt(length));
+ if (object->IsJSArray()) {
+ Handle<JSArray>::cast(object)->set_length(Smi::FromInt(length));
}
return new_elements;
}
@@ -11218,26 +11200,14 @@
void JSObject::SetFastDoubleElementsCapacityAndLength(Handle<JSObject> object,
int capacity,
int length) {
- CALL_HEAP_FUNCTION_VOID(
- object->GetIsolate(),
- object->SetFastDoubleElementsCapacityAndLength(capacity, length));
-}
-
-
-MaybeObject* JSObject::SetFastDoubleElementsCapacityAndLength(
- int capacity,
- int length) {
- Heap* heap = GetHeap();
// We should never end in here with a pixel or external array.
- ASSERT(!HasExternalArrayElements());
+ ASSERT(!object->HasExternalArrayElements());
- FixedArrayBase* elems;
- { MaybeObject* maybe_obj =
- heap->AllocateUninitializedFixedDoubleArray(capacity);
- if (!maybe_obj->To(&elems)) return maybe_obj;
- }
+ Handle<FixedArrayBase> elems =
+ object->GetIsolate()->factory()->NewFixedDoubleArray(capacity);
- ElementsKind elements_kind = GetElementsKind();
+ ElementsKind elements_kind = object->GetElementsKind();
+ CHECK(elements_kind != SLOPPY_ARGUMENTS_ELEMENTS);
ElementsKind new_elements_kind = elements_kind;
if (IsHoleyElementsKind(elements_kind)) {
new_elements_kind = FAST_HOLEY_DOUBLE_ELEMENTS;
@@ -11245,36 +11215,23 @@
new_elements_kind = FAST_DOUBLE_ELEMENTS;
}
- Map* new_map;
- { MaybeObject* maybe_obj =
- GetElementsTransitionMap(heap->isolate(), new_elements_kind);
- if (!maybe_obj->To(&new_map)) return maybe_obj;
- }
+ Handle<Map> new_map = GetElementsTransitionMap(object, new_elements_kind);
- FixedArrayBase* old_elements = elements();
+ Handle<FixedArrayBase> old_elements(object->elements());
ElementsAccessor* accessor = ElementsAccessor::ForKind(FAST_DOUBLE_ELEMENTS);
- { MaybeObject* maybe_obj =
- accessor->CopyElements(this, elems, elements_kind);
- if (maybe_obj->IsFailure()) return maybe_obj;
- }
- if (elements_kind != SLOPPY_ARGUMENTS_ELEMENTS) {
- ValidateElements();
- set_map_and_elements(new_map, elems);
- } else {
- FixedArray* parameter_map = FixedArray::cast(old_elements);
- parameter_map->set(1, elems);
- }
+ accessor->CopyElements(object, elems, elements_kind);
+
+ object->ValidateElements();
+ object->set_map_and_elements(*new_map, *elems);
if (FLAG_trace_elements_transitions) {
- PrintElementsTransition(stdout, elements_kind, old_elements,
- GetElementsKind(), elems);
+ PrintElementsTransition(stdout, object, elements_kind, old_elements,
+ object->GetElementsKind(), elems);
}
- if (IsJSArray()) {
- JSArray::cast(this)->set_length(Smi::FromInt(length));
+ if (object->IsJSArray()) {
+ Handle<JSArray>::cast(object)->set_length(Smi::FromInt(length));
}
-
- return this;
}
@@ -12666,13 +12623,6 @@
}
-void JSObject::TransitionElementsKind(Handle<JSObject> object,
- ElementsKind to_kind) {
- CALL_HEAP_FUNCTION_VOID(object->GetIsolate(),
- object->TransitionElementsKind(to_kind));
-}
-
-
const double AllocationSite::kPretenureRatio = 0.85;
@@ -12704,11 +12654,13 @@
}
-MaybeObject* AllocationSite::DigestTransitionFeedback(ElementsKind to_kind) {
- Isolate* isolate = GetIsolate();
+void AllocationSite::DigestTransitionFeedback(Handle<AllocationSite> site,
+ ElementsKind to_kind) {
+ Isolate* isolate = site->GetIsolate();
- if (SitePointsToLiteral() && transition_info()->IsJSArray()) {
- JSArray* transition_info = JSArray::cast(this->transition_info());
+ if (site->SitePointsToLiteral() && site->transition_info()->IsJSArray()) {
+ Handle<JSArray> transition_info =
+ handle(JSArray::cast(site->transition_info()));
ElementsKind kind = transition_info->GetElementsKind();
// if kind is holey ensure that to_kind is as well.
if (IsHoleyElementsKind(kind)) {
@@ -12721,22 +12673,21 @@
CHECK(transition_info->length()->ToArrayIndex(&length));
if (length <= kMaximumArrayBytesToPretransition) {
if (FLAG_trace_track_allocation_sites) {
- bool is_nested = IsNestedSite();
+ bool is_nested = site->IsNestedSite();
PrintF(
"AllocationSite: JSArray %p boilerplate %s updated %s->%s\n",
- reinterpret_cast<void*>(this),
+ reinterpret_cast<void*>(*site),
is_nested ? "(nested)" : "",
ElementsKindToString(kind),
ElementsKindToString(to_kind));
}
- MaybeObject* result = transition_info->TransitionElementsKind(to_kind);
- if (result->IsFailure()) return result;
- dependent_code()->DeoptimizeDependentCodeGroup(
+ JSObject::TransitionElementsKind(transition_info, to_kind);
+ site->dependent_code()->DeoptimizeDependentCodeGroup(
isolate, DependentCode::kAllocationSiteTransitionChangedGroup);
}
}
} else {
- ElementsKind kind = GetElementsKind();
+ ElementsKind kind = site->GetElementsKind();
// if kind is holey ensure that to_kind is as well.
if (IsHoleyElementsKind(kind)) {
to_kind = GetHoleyElementsKind(to_kind);
@@ -12744,16 +12695,15 @@
if (IsMoreGeneralElementsKindTransition(kind, to_kind)) {
if (FLAG_trace_track_allocation_sites) {
PrintF("AllocationSite: JSArray %p site updated %s->%s\n",
- reinterpret_cast<void*>(this),
+ reinterpret_cast<void*>(*site),
ElementsKindToString(kind),
ElementsKindToString(to_kind));
}
- SetElementsKind(to_kind);
- dependent_code()->DeoptimizeDependentCodeGroup(
+ site->SetElementsKind(to_kind);
+ site->dependent_code()->DeoptimizeDependentCodeGroup(
isolate, DependentCode::kAllocationSiteTransitionChangedGroup);
}
}
- return this;
}
@@ -12772,64 +12722,62 @@
void JSObject::UpdateAllocationSite(Handle<JSObject> object,
ElementsKind to_kind) {
- CALL_HEAP_FUNCTION_VOID(object->GetIsolate(),
- object->UpdateAllocationSite(to_kind));
-}
+ if (!object->IsJSArray()) return;
+ Heap* heap = object->GetHeap();
+ if (!heap->InNewSpace(*object)) return;
-MaybeObject* JSObject::UpdateAllocationSite(ElementsKind to_kind) {
- if (!IsJSArray()) return this;
+ Handle<AllocationSite> site;
+ {
+ DisallowHeapAllocation no_allocation;
+ // Check if there is potentially a memento behind the object. If
+ // the last word of the momento is on another page we return
+ // immediatelly.
+ Address object_address = object->address();
+ Address memento_address = object_address + JSArray::kSize;
+ Address last_memento_word_address = memento_address + kPointerSize;
+ if (!NewSpacePage::OnSamePage(object_address,
+ last_memento_word_address)) {
+ return;
+ }
- Heap* heap = GetHeap();
- if (!heap->InNewSpace(this)) return this;
+ // Either object is the last object in the new space, or there is another
+ // object of at least word size (the header map word) following it, so
+ // suffices to compare ptr and top here.
+ Address top = heap->NewSpaceTop();
+ ASSERT(memento_address == top ||
+ memento_address + HeapObject::kHeaderSize <= top);
+ if (memento_address == top) return;
- // Check if there is potentially a memento behind the object. If
- // the last word of the momento is on another page we return
- // immediatelly.
- Address object_address = address();
- Address memento_address = object_address + JSArray::kSize;
- Address last_memento_word_address = memento_address + kPointerSize;
- if (!NewSpacePage::OnSamePage(object_address,
- last_memento_word_address)) {
- return this;
+ HeapObject* candidate = HeapObject::FromAddress(memento_address);
+ if (candidate->map() != heap->allocation_memento_map()) return;
+
+ AllocationMemento* memento = AllocationMemento::cast(candidate);
+ if (!memento->IsValid()) return;
+
+ // Walk through to the Allocation Site
+ site = handle(memento->GetAllocationSite());
}
-
- // Either object is the last object in the new space, or there is another
- // object of at least word size (the header map word) following it, so
- // suffices to compare ptr and top here.
- Address top = heap->NewSpaceTop();
- ASSERT(memento_address == top ||
- memento_address + HeapObject::kHeaderSize <= top);
- if (memento_address == top) return this;
-
- HeapObject* candidate = HeapObject::FromAddress(memento_address);
- if (candidate->map() != heap->allocation_memento_map()) return this;
-
- AllocationMemento* memento = AllocationMemento::cast(candidate);
- if (!memento->IsValid()) return this;
-
- // Walk through to the Allocation Site
- AllocationSite* site = memento->GetAllocationSite();
- return site->DigestTransitionFeedback(to_kind);
+ AllocationSite::DigestTransitionFeedback(site, to_kind);
}
-MaybeObject* JSObject::TransitionElementsKind(ElementsKind to_kind) {
- ElementsKind from_kind = map()->elements_kind();
+void JSObject::TransitionElementsKind(Handle<JSObject> object,
+ ElementsKind to_kind) {
+ ElementsKind from_kind = object->map()->elements_kind();
if (IsFastHoleyElementsKind(from_kind)) {
to_kind = GetHoleyElementsKind(to_kind);
}
- if (from_kind == to_kind) return this;
+ if (from_kind == to_kind) return;
// Don't update the site if to_kind isn't fast
if (IsFastElementsKind(to_kind)) {
- MaybeObject* maybe_failure = UpdateAllocationSite(to_kind);
- if (maybe_failure->IsFailure()) return maybe_failure;
+ UpdateAllocationSite(object, to_kind);
}
- Isolate* isolate = GetIsolate();
- if (elements() == isolate->heap()->empty_fixed_array() ||
+ Isolate* isolate = object->GetIsolate();
+ if (object->elements() == isolate->heap()->empty_fixed_array() ||
(IsFastSmiOrObjectElementsKind(from_kind) &&
IsFastSmiOrObjectElementsKind(to_kind)) ||
(from_kind == FAST_DOUBLE_ELEMENTS &&
@@ -12837,55 +12785,48 @@
ASSERT(from_kind != TERMINAL_FAST_ELEMENTS_KIND);
// No change is needed to the elements() buffer, the transition
// only requires a map change.
- MaybeObject* maybe_new_map = GetElementsTransitionMap(isolate, to_kind);
- Map* new_map;
- if (!maybe_new_map->To(&new_map)) return maybe_new_map;
- // TODO(verwaest): Replace by MigrateToMap.
- set_map(new_map);
+ Handle<Map> new_map = GetElementsTransitionMap(object, to_kind);
+ MigrateToMap(object, new_map);
if (FLAG_trace_elements_transitions) {
- FixedArrayBase* elms = FixedArrayBase::cast(elements());
- PrintElementsTransition(stdout, from_kind, elms, to_kind, elms);
+ Handle<FixedArrayBase> elms(object->elements());
+ PrintElementsTransition(stdout, object, from_kind, elms, to_kind, elms);
}
- return this;
+ return;
}
- FixedArrayBase* elms = FixedArrayBase::cast(elements());
+ Handle<FixedArrayBase> elms(object->elements());
uint32_t capacity = static_cast<uint32_t>(elms->length());
uint32_t length = capacity;
- if (IsJSArray()) {
- Object* raw_length = JSArray::cast(this)->length();
+ if (object->IsJSArray()) {
+ Object* raw_length = Handle<JSArray>::cast(object)->length();
if (raw_length->IsUndefined()) {
// If length is undefined, then JSArray is being initialized and has no
// elements, assume a length of zero.
length = 0;
} else {
- CHECK(JSArray::cast(this)->length()->ToArrayIndex(&length));
+ CHECK(raw_length->ToArrayIndex(&length));
}
}
if (IsFastSmiElementsKind(from_kind) &&
IsFastDoubleElementsKind(to_kind)) {
- MaybeObject* maybe_result =
- SetFastDoubleElementsCapacityAndLength(capacity, length);
- if (maybe_result->IsFailure()) return maybe_result;
- ValidateElements();
- return this;
+ SetFastDoubleElementsCapacityAndLength(object, capacity, length);
+ object->ValidateElements();
+ return;
}
if (IsFastDoubleElementsKind(from_kind) &&
IsFastObjectElementsKind(to_kind)) {
- MaybeObject* maybe_result = SetFastElementsCapacityAndLength(
- capacity, length, kDontAllowSmiElements);
- if (maybe_result->IsFailure()) return maybe_result;
- ValidateElements();
- return this;
+ SetFastElementsCapacityAndLength(object, capacity, length,
+ kDontAllowSmiElements);
+ object->ValidateElements();
+ return;
}
// This method should never be called for any other case than the ones
// handled above.
UNREACHABLE();
- return GetIsolate()->heap()->null_value();
}
@@ -13124,6 +13065,7 @@
bool JSObject::ShouldConvertToFastDoubleElements(
bool* has_smi_only_elements) {
*has_smi_only_elements = false;
+ if (HasSloppyArgumentsElements()) return false;
if (FLAG_unbox_double_arrays) {
ASSERT(HasDictionaryElements());
SeededNumberDictionary* dictionary = element_dictionary();
diff --git a/src/objects.h b/src/objects.h
index 762892c..edb7903 100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -2492,15 +2492,11 @@
kDontAllowSmiElements
};
- static Handle<FixedArray> SetFastElementsCapacityAndLength(
- Handle<JSObject> object,
- int capacity,
- int length,
- SetFastElementsCapacitySmiMode smi_mode);
// Replace the elements' backing store with fast elements of the given
// capacity. Update the length for JSArrays. Returns the new backing
// store.
- MUST_USE_RESULT MaybeObject* SetFastElementsCapacityAndLength(
+ static Handle<FixedArray> SetFastElementsCapacityAndLength(
+ Handle<JSObject> object,
int capacity,
int length,
SetFastElementsCapacitySmiMode smi_mode);
@@ -2576,8 +2572,6 @@
static void TransitionElementsKind(Handle<JSObject> object,
ElementsKind to_kind);
- MUST_USE_RESULT MaybeObject* TransitionElementsKind(ElementsKind to_kind);
-
// TODO(mstarzinger): Both public because of ConvertAnsSetLocalProperty().
static void MigrateToMap(Handle<JSObject> object, Handle<Map> new_map);
static void GeneralizeFieldRepresentation(Handle<JSObject> object,
@@ -2669,9 +2663,10 @@
void PrintTransitions(FILE* out = stdout);
#endif
- void PrintElementsTransition(
- FILE* file, ElementsKind from_kind, FixedArrayBase* from_elements,
- ElementsKind to_kind, FixedArrayBase* to_elements);
+ static void PrintElementsTransition(
+ FILE* file, Handle<JSObject> object,
+ ElementsKind from_kind, Handle<FixedArrayBase> from_elements,
+ ElementsKind to_kind, Handle<FixedArrayBase> to_elements);
void PrintInstanceMigration(FILE* file, Map* original_map, Map* new_map);
@@ -2768,7 +2763,6 @@
static void UpdateAllocationSite(Handle<JSObject> object,
ElementsKind to_kind);
- MUST_USE_RESULT MaybeObject* UpdateAllocationSite(ElementsKind to_kind);
// Used from Object::GetProperty().
static Handle<Object> GetPropertyWithFailedAccessCheck(
@@ -8369,7 +8363,8 @@
return transition_info()->IsJSArray() || transition_info()->IsJSObject();
}
- MaybeObject* DigestTransitionFeedback(ElementsKind to_kind);
+ static void DigestTransitionFeedback(Handle<AllocationSite> site,
+ ElementsKind to_kind);
enum Reason {
TENURING,
diff --git a/src/runtime.cc b/src/runtime.cc
index a5f6f26..cfa427c 100644
--- a/src/runtime.cc
+++ b/src/runtime.cc
@@ -911,6 +911,10 @@
RUNTIME_FUNCTION(MaybeObject*, Runtime_ArrayBufferNeuter) {
HandleScope scope(isolate);
CONVERT_ARG_HANDLE_CHECKED(JSArrayBuffer, array_buffer, 0);
+ if (array_buffer->backing_store() == NULL) {
+ CHECK(Smi::FromInt(0) == array_buffer->byte_length());
+ return isolate->heap()->undefined_value();
+ }
ASSERT(!array_buffer->is_external());
void* backing_store = array_buffer->backing_store();
size_t byte_length = NumberToSize(isolate, array_buffer->byte_length());
@@ -2540,7 +2544,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_RegExpExec) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_RegExpExec) {
HandleScope scope(isolate);
ASSERT(args.length() == 4);
CONVERT_ARG_HANDLE_CHECKED(JSRegExp, regexp, 0);
@@ -2561,7 +2565,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_RegExpConstructResult) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_RegExpConstructResult) {
SealHandleScope shs(isolate);
ASSERT(args.length() == 3);
CONVERT_SMI_ARG_CHECKED(elements_count, 0);
@@ -3223,7 +3227,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_StringCharCodeAt) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_StringCharCodeAt) {
SealHandleScope shs(isolate);
ASSERT(args.length() == 2);
@@ -4493,7 +4497,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_SubString) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_SubString) {
HandleScope scope(isolate);
ASSERT(args.length() == 3);
@@ -4861,21 +4865,13 @@
}
-MaybeObject* Runtime::GetElementOrCharAtOrFail(Isolate* isolate,
- Handle<Object> object,
- uint32_t index) {
- CALL_HEAP_FUNCTION_PASS_EXCEPTION(isolate,
- GetElementOrCharAt(isolate, object, index));
-}
-
-
-MaybeObject* Runtime::GetElementOrCharAt(Isolate* isolate,
- Handle<Object> object,
- uint32_t index) {
+Handle<Object> Runtime::GetElementOrCharAt(Isolate* isolate,
+ Handle<Object> object,
+ uint32_t index) {
// Handle [] indexing on Strings
if (object->IsString()) {
Handle<Object> result = GetCharAt(Handle<String>::cast(object), index);
- if (!result->IsUndefined()) return *result;
+ if (!result->IsUndefined()) return result;
}
// Handle [] indexing on String objects
@@ -4883,18 +4879,16 @@
Handle<JSValue> js_value = Handle<JSValue>::cast(object);
Handle<Object> result =
GetCharAt(Handle<String>(String::cast(js_value->value())), index);
- if (!result->IsUndefined()) return *result;
+ if (!result->IsUndefined()) return result;
}
Handle<Object> result;
if (object->IsString() || object->IsNumber() || object->IsBoolean()) {
Handle<Object> proto(object->GetPrototype(isolate), isolate);
- result = Object::GetElement(isolate, proto, index);
+ return Object::GetElement(isolate, proto, index);
} else {
- result = Object::GetElement(isolate, object, index);
+ return Object::GetElement(isolate, object, index);
}
- RETURN_IF_EMPTY_HANDLE(isolate, result);
- return *result;
}
@@ -4953,7 +4947,9 @@
// Check if the given key is an array index.
uint32_t index;
if (key->ToArrayIndex(&index)) {
- return GetElementOrCharAt(isolate, object, index);
+ Handle<Object> result = GetElementOrCharAt(isolate, object, index);
+ RETURN_IF_EMPTY_HANDLE(isolate, result);
+ return *result;
}
// Convert the key to a name - possibly by calling back into JavaScript.
@@ -4963,7 +4959,9 @@
// Check if the name is trivially convertible to an index and get
// the element if so.
if (name->AsArrayIndex(&index)) {
- return GetElementOrCharAt(isolate, object, index);
+ Handle<Object> result = GetElementOrCharAt(isolate, object, index);
+ RETURN_IF_EMPTY_HANDLE(isolate, result);
+ return *result;
} else {
return object->GetProperty(*name);
}
@@ -6863,7 +6861,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_NumberToString) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_NumberToString) {
SealHandleScope shs(isolate);
ASSERT(args.length() == 1);
@@ -7067,7 +7065,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_StringAdd) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_StringAdd) {
HandleScope scope(isolate);
ASSERT(args.length() == 2);
CONVERT_ARG_HANDLE_CHECKED(String, str1, 0);
@@ -7690,7 +7688,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_StringCompare) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_StringCompare) {
SealHandleScope shs(isolate);
ASSERT(args.length() == 2);
@@ -10027,11 +10025,9 @@
isolate_->factory()->NewNumber(static_cast<double>(index_offset_));
Handle<Map> map;
if (fast_elements_) {
- map = isolate_->factory()->GetElementsTransitionMap(array,
- FAST_HOLEY_ELEMENTS);
+ map = JSObject::GetElementsTransitionMap(array, FAST_HOLEY_ELEMENTS);
} else {
- map = isolate_->factory()->GetElementsTransitionMap(array,
- DICTIONARY_ELEMENTS);
+ map = JSObject::GetElementsTransitionMap(array, DICTIONARY_ELEMENTS);
}
array->set_map(*map);
array->set_length(*length);
@@ -10565,7 +10561,7 @@
Handle<JSArray> array = isolate->factory()->NewJSArray(0);
Smi* length = Smi::FromInt(j);
Handle<Map> map;
- map = isolate->factory()->GetElementsTransitionMap(array, kind);
+ map = JSObject::GetElementsTransitionMap(array, kind);
array->set_map(*map);
array->set_length(length);
array->set_elements(*double_storage);
@@ -10890,14 +10886,10 @@
uint32_t index;
if (name->AsArrayIndex(&index)) {
Handle<FixedArray> details = isolate->factory()->NewFixedArray(2);
- Object* element_or_char;
- { MaybeObject* maybe_element_or_char =
- Runtime::GetElementOrCharAt(isolate, obj, index);
- if (!maybe_element_or_char->ToObject(&element_or_char)) {
- return maybe_element_or_char;
- }
- }
- details->set(0, element_or_char);
+ Handle<Object> element_or_char =
+ Runtime::GetElementOrCharAt(isolate, obj, index);
+ RETURN_IF_EMPTY_HANDLE(isolate, element_or_char);
+ details->set(0, *element_or_char);
details->set(
1, PropertyDetails(NONE, NORMAL, Representation::None()).AsSmi());
return *isolate->factory()->NewJSArrayWithElements(details);
@@ -14536,7 +14528,7 @@
}
-RUNTIME_FUNCTION(MaybeObject*, Runtime_GetFromCache) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_GetFromCache) {
SealHandleScope shs(isolate);
// This is only called from codegen, so checks might be more lax.
CONVERT_ARG_CHECKED(JSFunctionResultCache, cache, 0);
@@ -14658,6 +14650,7 @@
#define COUNT_ENTRY(Name, argc, ressize) + 1
int entry_count = 0
RUNTIME_FUNCTION_LIST(COUNT_ENTRY)
+ RUNTIME_HIDDEN_FUNCTION_LIST(COUNT_ENTRY)
INLINE_FUNCTION_LIST(COUNT_ENTRY);
#undef COUNT_ENTRY
Factory* factory = isolate->factory();
@@ -14684,6 +14677,8 @@
}
inline_runtime_functions = false;
RUNTIME_FUNCTION_LIST(ADD_ENTRY)
+ // Calling hidden runtime functions should just throw.
+ RUNTIME_HIDDEN_FUNCTION_LIST(ADD_ENTRY)
inline_runtime_functions = true;
INLINE_FUNCTION_LIST(ADD_ENTRY)
#undef ADD_ENTRY
@@ -14694,7 +14689,7 @@
#endif
-RUNTIME_FUNCTION(MaybeObject*, Runtime_Log) {
+RUNTIME_FUNCTION(MaybeObject*, RuntimeHidden_Log) {
HandleScope handle_scope(isolate);
ASSERT(args.length() == 2);
CONVERT_ARG_HANDLE_CHECKED(String, format, 0);
@@ -15039,16 +15034,31 @@
FUNCTION_ADDR(Runtime_##name), number_of_args, result_size },
+#define FH(name, number_of_args, result_size) \
+ { Runtime::kHidden##name, Runtime::RUNTIME_HIDDEN, NULL, \
+ FUNCTION_ADDR(RuntimeHidden_##name), number_of_args, result_size },
+
+
#define I(name, number_of_args, result_size) \
{ Runtime::kInline##name, Runtime::INLINE, \
"_" #name, NULL, number_of_args, result_size },
+
+#define IO(name, number_of_args, result_size) \
+ { Runtime::kInlineOptimized##name, Runtime::INLINE_OPTIMIZED, \
+ "_" #name, FUNCTION_ADDR(Runtime_##name), number_of_args, result_size },
+
+
static const Runtime::Function kIntrinsicFunctions[] = {
RUNTIME_FUNCTION_LIST(F)
+ RUNTIME_HIDDEN_FUNCTION_LIST(FH)
INLINE_FUNCTION_LIST(I)
+ INLINE_OPTIMIZED_FUNCTION_LIST(IO)
};
+#undef IO
#undef I
+#undef FH
#undef F
@@ -15057,9 +15067,11 @@
ASSERT(dictionary != NULL);
ASSERT(NameDictionary::cast(dictionary)->NumberOfElements() == 0);
for (int i = 0; i < kNumFunctions; ++i) {
+ const char* name = kIntrinsicFunctions[i].name;
+ if (name == NULL) continue;
Object* name_string;
{ MaybeObject* maybe_name_string =
- heap->InternalizeUtf8String(kIntrinsicFunctions[i].name);
+ heap->InternalizeUtf8String(name);
if (!maybe_name_string->ToObject(&name_string)) return maybe_name_string;
}
NameDictionary* name_dictionary = NameDictionary::cast(dictionary);
diff --git a/src/runtime.h b/src/runtime.h
index e66403e..7c74999 100644
--- a/src/runtime.h
+++ b/src/runtime.h
@@ -594,14 +594,28 @@
// RUNTIME_FUNCTION_LIST defines all runtime functions accessed
// either directly by id (via the code generator), or indirectly
// via a native call by name (from within JS code).
+// Entries have the form F(name, number of arguments, number of return values).
#define RUNTIME_FUNCTION_LIST(F) \
RUNTIME_FUNCTION_LIST_ALWAYS_1(F) \
RUNTIME_FUNCTION_LIST_ALWAYS_2(F) \
RUNTIME_FUNCTION_LIST_DEBUG(F) \
RUNTIME_FUNCTION_LIST_DEBUGGER_SUPPORT(F) \
- RUNTIME_FUNCTION_LIST_I18N_SUPPORT(F) \
- INLINE_RUNTIME_FUNCTION_LIST(F)
+ RUNTIME_FUNCTION_LIST_I18N_SUPPORT(F)
+
+// RUNTIME_HIDDEN_FUNCTION_LIST defines all runtime functions accessed
+// by id from code generator, but not via native call by name.
+// Entries have the form F(name, number of arguments, number of return values).
+#define RUNTIME_HIDDEN_FUNCTION_LIST(F) \
+ F(NumberToString, 1, 1) \
+ F(RegExpConstructResult, 3, 1) \
+ F(RegExpExec, 4, 1) \
+ F(StringAdd, 2, 1) \
+ F(SubString, 3, 1) \
+ F(StringCompare, 2, 1) \
+ F(StringCharCodeAt, 2, 1) \
+ F(Log, 3, 1) \
+ F(GetFromCache, 2, 1)
// ----------------------------------------------------------------------------
// INLINE_FUNCTION_LIST defines all inlined functions accessed
@@ -639,15 +653,6 @@
F(GeneratorNext, 2, 1) \
F(GeneratorThrow, 2, 1) \
F(DebugBreakInOptimizedCode, 0, 1) \
- INLINE_RUNTIME_FUNCTION_LIST(F)
-
-
-// ----------------------------------------------------------------------------
-// INLINE_RUNTIME_FUNCTION_LIST defines all inlined functions accessed
-// with a native call of the form %_name from within JS code that also have
-// a corresponding runtime function, that is called for slow cases.
-// Entries have the form F(name, number of arguments, number of return values).
-#define INLINE_RUNTIME_FUNCTION_LIST(F) \
F(ClassOf, 1, 1) \
F(StringCharCodeAt, 2, 1) \
F(Log, 3, 1) \
@@ -657,7 +662,15 @@
F(RegExpExec, 4, 1) \
F(RegExpConstructResult, 3, 1) \
F(GetFromCache, 2, 1) \
- F(NumberToString, 1, 1) \
+ F(NumberToString, 1, 1)
+
+
+// ----------------------------------------------------------------------------
+// INLINE_OPTIMIZED_FUNCTION_LIST defines all inlined functions accessed
+// with a native call of the form %_name from within JS code that also have
+// a corresponding runtime function, that is called from non-optimized code.
+// Entries have the form F(name, number of arguments, number of return values).
+#define INLINE_OPTIMIZED_FUNCTION_LIST(F) \
F(DoubleHi, 1, 1) \
F(DoubleLo, 1, 1) \
F(ConstructDouble, 2, 1) \
@@ -717,16 +730,24 @@
#define F(name, nargs, ressize) k##name,
RUNTIME_FUNCTION_LIST(F)
#undef F
+#define F(name, nargs, ressize) kHidden##name,
+ RUNTIME_HIDDEN_FUNCTION_LIST(F)
+#undef F
#define F(name, nargs, ressize) kInline##name,
INLINE_FUNCTION_LIST(F)
#undef F
+#define F(name, nargs, ressize) kInlineOptimized##name,
+ INLINE_OPTIMIZED_FUNCTION_LIST(F)
+#undef F
kNumFunctions,
kFirstInlineFunction = kInlineIsSmi
};
enum IntrinsicType {
RUNTIME,
- INLINE
+ RUNTIME_HIDDEN,
+ INLINE,
+ INLINE_OPTIMIZED
};
// Intrinsic function descriptor.
@@ -775,14 +796,9 @@
// Support getting the characters in a string using [] notation as
// in Firefox/SpiderMonkey, Safari and Opera.
- MUST_USE_RESULT static MaybeObject* GetElementOrCharAt(Isolate* isolate,
- Handle<Object> object,
- uint32_t index);
-
- MUST_USE_RESULT static MaybeObject* GetElementOrCharAtOrFail(
- Isolate* isolate,
- Handle<Object> object,
- uint32_t index);
+ static Handle<Object> GetElementOrCharAt(Isolate* isolate,
+ Handle<Object> object,
+ uint32_t index);
static Handle<Object> SetObjectProperty(
Isolate* isolate,
diff --git a/src/serialize.cc b/src/serialize.cc
index 7e9f4f5..219761e 100644
--- a/src/serialize.cc
+++ b/src/serialize.cc
@@ -175,6 +175,22 @@
RUNTIME_FUNCTION_LIST(RUNTIME_ENTRY)
#undef RUNTIME_ENTRY
+#define RUNTIME_HIDDEN_ENTRY(name, nargs, ressize) \
+ { RUNTIME_FUNCTION, \
+ Runtime::kHidden##name, \
+ "Runtime::Hidden" #name },
+
+ RUNTIME_HIDDEN_FUNCTION_LIST(RUNTIME_HIDDEN_ENTRY)
+#undef RUNTIME_HIDDEN_ENTRY
+
+#define INLINE_OPTIMIZED_ENTRY(name, nargs, ressize) \
+ { RUNTIME_FUNCTION, \
+ Runtime::kInlineOptimized##name, \
+ "Runtime::" #name },
+
+ INLINE_OPTIMIZED_FUNCTION_LIST(INLINE_OPTIMIZED_ENTRY)
+#undef INLINE_OPTIMIZED_ENTRY
+
// IC utilities
#define IC_ENTRY(name) \
{ IC_UTILITY, \
diff --git a/src/typedarray.js b/src/typedarray.js
index a7a6d87..d13ee61 100644
--- a/src/typedarray.js
+++ b/src/typedarray.js
@@ -257,7 +257,7 @@
throw MakeTypeError("typed_array_set_negative_offset");
}
- if (intOffset > %MaxSmi()) {
+ if (intOffset > %_MaxSmi()) {
throw MakeRangeError("typed_array_set_source_too_large");
}
switch (%TypedArraySetFastCases(this, obj, intOffset)) {
diff --git a/src/version.cc b/src/version.cc
index e606e70..3b76339 100644
--- a/src/version.cc
+++ b/src/version.cc
@@ -34,7 +34,7 @@
// system so their names cannot be changed without changing the scripts.
#define MAJOR_VERSION 3
#define MINOR_VERSION 25
-#define BUILD_NUMBER 25
+#define BUILD_NUMBER 26
#define PATCH_LEVEL 0
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
diff --git a/src/x64/code-stubs-x64.cc b/src/x64/code-stubs-x64.cc
index 17bdc42..37c7415 100644
--- a/src/x64/code-stubs-x64.cc
+++ b/src/x64/code-stubs-x64.cc
@@ -77,7 +77,7 @@
descriptor->register_param_count_ = 1;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kNumberToString)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenNumberToString)->entry;
}
@@ -142,7 +142,7 @@
descriptor->register_param_count_ = 3;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kRegExpConstructResult)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenRegExpConstructResult)->entry;
}
@@ -385,7 +385,7 @@
descriptor->register_param_count_ = 2;
descriptor->register_params_ = registers;
descriptor->deoptimization_handler_ =
- Runtime::FunctionForId(Runtime::kStringAdd)->entry;
+ Runtime::FunctionForId(Runtime::kHiddenStringAdd)->entry;
}
@@ -1734,7 +1734,7 @@
// Do the runtime call to execute the regexp.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kRegExpExec, 4, 1);
+ __ TailCallRuntime(Runtime::kHiddenRegExpExec, 4, 1);
// Deferred code for string handling.
// (7) Not a long external string? If yes, go to (10).
@@ -3034,7 +3034,7 @@
__ Push(object_);
__ Integer32ToSmi(index_, index_);
__ Push(index_);
- __ CallRuntime(Runtime::kStringCharCodeAt, 2);
+ __ CallRuntime(Runtime::kHiddenStringCharCodeAt, 2);
if (!result_.is(rax)) {
__ movp(result_, rax);
}
@@ -3409,7 +3409,7 @@
// Just jump to runtime to create the sub string.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kSubString, 3, 1);
+ __ TailCallRuntime(Runtime::kHiddenSubString, 3, 1);
__ bind(&single_char);
// rax: string
@@ -3606,7 +3606,7 @@
// Call the runtime; it returns -1 (less), 0 (equal), or 1 (greater)
// tagged as a small integer.
__ bind(&runtime);
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
@@ -4101,7 +4101,7 @@
if (equality) {
__ TailCallRuntime(Runtime::kStringEquals, 2, 1);
} else {
- __ TailCallRuntime(Runtime::kStringCompare, 2, 1);
+ __ TailCallRuntime(Runtime::kHiddenStringCompare, 2, 1);
}
__ bind(&miss);
diff --git a/src/x64/full-codegen-x64.cc b/src/x64/full-codegen-x64.cc
index 8eb6092..a5ac4e6 100644
--- a/src/x64/full-codegen-x64.cc
+++ b/src/x64/full-codegen-x64.cc
@@ -3339,7 +3339,7 @@
if (CodeGenerator::ShouldGenerateLog(isolate(), args->at(0))) {
VisitForStackValue(args->at(1));
VisitForStackValue(args->at(2));
- __ CallRuntime(Runtime::kLog, 2);
+ __ CallRuntime(Runtime::kHiddenLog, 2);
}
// Finally, we're expected to leave a value on the top of the stack.
__ LoadRoot(rax, Heap::kUndefinedValueRootIndex);
@@ -3814,7 +3814,7 @@
// Call runtime to perform the lookup.
__ Push(cache);
__ Push(key);
- __ CallRuntime(Runtime::kGetFromCache, 2);
+ __ CallRuntime(Runtime::kHiddenGetFromCache, 2);
__ bind(&done);
context()->Plug(rax);
@@ -4145,8 +4145,8 @@
void FullCodeGenerator::VisitCallRuntime(CallRuntime* expr) {
- Handle<String> name = expr->name();
- if (name->length() > 0 && name->Get(0) == '_') {
+ if (expr->function() != NULL &&
+ expr->function()->intrinsic_type == Runtime::INLINE) {
Comment cmnt(masm_, "[ InlineRuntimeCall");
EmitInlineRuntimeCall(expr);
return;
diff --git a/src/x64/lithium-codegen-x64.cc b/src/x64/lithium-codegen-x64.cc
index a6be271..5773fd5 100644
--- a/src/x64/lithium-codegen-x64.cc
+++ b/src/x64/lithium-codegen-x64.cc
@@ -2910,9 +2910,13 @@
instr->index()->IsConstantOperand()) {
int32_t const_index = ToInteger32(LConstantOperand::cast(instr->index()));
int32_t const_length = ToInteger32(LConstantOperand::cast(instr->length()));
- StackArgumentsAccessor args(arguments, const_length,
- ARGUMENTS_DONT_CONTAIN_RECEIVER);
- __ movp(result, args.GetArgumentOperand(const_index));
+ if (const_index >= 0 && const_index < const_length) {
+ StackArgumentsAccessor args(arguments, const_length,
+ ARGUMENTS_DONT_CONTAIN_RECEIVER);
+ __ movp(result, args.GetArgumentOperand(const_index));
+ } else if (FLAG_debug_code) {
+ __ int3();
+ }
} else {
Register length = ToRegister(instr->length());
// There are two words between the frame pointer and the last argument.
@@ -4457,7 +4461,7 @@
__ Push(index);
}
CallRuntimeFromDeferred(
- Runtime::kStringCharCodeAt, 2, instr, instr->context());
+ Runtime::kHiddenStringCharCodeAt, 2, instr, instr->context());
__ AssertSmi(rax);
__ SmiToInteger32(rax, rax);
__ StoreToSafepointRegisterSlot(result, rax);
diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc
index 12f846e..f1cda62 100644
--- a/test/cctest/test-api.cc
+++ b/test/cctest/test-api.cc
@@ -16424,7 +16424,7 @@
v8::Handle<v8::Object> obj = v8::Object::New(CcTest::isolate());
i::Handle<i::JSObject> jsobj = v8::Utils::OpenHandle(*obj);
i::Handle<i::Map> fixed_array_map =
- isolate->factory()->GetElementsTransitionMap(jsobj, elements_kind);
+ i::JSObject::GetElementsTransitionMap(jsobj, elements_kind);
jsobj->set_map(*fixed_array_map);
jsobj->set_elements(*fixed_array);
diff --git a/test/mjsunit/compiler/dead-string-char-code-at.js b/test/mjsunit/compiler/dead-string-char-code-at.js
index 56835ce..9f01541 100644
--- a/test/mjsunit/compiler/dead-string-char-code-at.js
+++ b/test/mjsunit/compiler/dead-string-char-code-at.js
@@ -31,21 +31,21 @@
var S2 = "@@string2";
function dead1(a, b) {
- var x = %StringCharCodeAt(a, 4);
+ var x = %_StringCharCodeAt(a, 4);
return a; // x is dead code
}
function dead2(a, b) {
- var x = %StringCharCodeAt(a, 3);
- var y = %StringCharCodeAt(b, 1);
+ var x = %_StringCharCodeAt(a, 3);
+ var y = %_StringCharCodeAt(b, 1);
return a; // x and y are both dead
}
function dead3(a, b) {
a = a ? "11" : "12";
b = b ? "13" : "14";
- var x = %StringCharCodeAt(a, 2);
- var y = %StringCharCodeAt(b, 0);
+ var x = %_StringCharCodeAt(a, 2);
+ var y = %_StringCharCodeAt(b, 0);
return a; // x and y are both dead
}
diff --git a/test/mjsunit/fuzz-natives-part1.js b/test/mjsunit/fuzz-natives-part1.js
index 1bbe49e..63aca1b 100644
--- a/test/mjsunit/fuzz-natives-part1.js
+++ b/test/mjsunit/fuzz-natives-part1.js
@@ -161,7 +161,6 @@
"CreateArrayLiteralBoilerplate": true,
"IS_VAR": true,
"ResolvePossiblyDirectEval": true,
- "Log": true,
"DeclareGlobals": true,
"ArrayConstructor": true,
"InternalArrayConstructor": true,
diff --git a/test/mjsunit/fuzz-natives-part2.js b/test/mjsunit/fuzz-natives-part2.js
index 394c2d7..35d843f 100644
--- a/test/mjsunit/fuzz-natives-part2.js
+++ b/test/mjsunit/fuzz-natives-part2.js
@@ -161,7 +161,6 @@
"CreateArrayLiteralBoilerplate": true,
"IS_VAR": true,
"ResolvePossiblyDirectEval": true,
- "Log": true,
"DeclareGlobals": true,
"ArrayConstructor": true,
"InternalArrayConstructor": true,
diff --git a/test/mjsunit/fuzz-natives-part3.js b/test/mjsunit/fuzz-natives-part3.js
index 28c24b0..c9ece59 100644
--- a/test/mjsunit/fuzz-natives-part3.js
+++ b/test/mjsunit/fuzz-natives-part3.js
@@ -161,7 +161,6 @@
"CreateArrayLiteralBoilerplate": true,
"IS_VAR": true,
"ResolvePossiblyDirectEval": true,
- "Log": true,
"DeclareGlobals": true,
"ArrayConstructor": true,
"InternalArrayConstructor": true,
diff --git a/test/mjsunit/fuzz-natives-part4.js b/test/mjsunit/fuzz-natives-part4.js
index 2a336ca..97d08bd 100644
--- a/test/mjsunit/fuzz-natives-part4.js
+++ b/test/mjsunit/fuzz-natives-part4.js
@@ -161,7 +161,6 @@
"CreateArrayLiteralBoilerplate": true,
"IS_VAR": true,
"ResolvePossiblyDirectEval": true,
- "Log": true,
"DeclareGlobals": true,
"ArrayConstructor": true,
"InternalArrayConstructor": true,
diff --git a/test/mjsunit/harmony/generators-objects.js b/test/mjsunit/harmony/generators-objects.js
index bb29bed..c1cda07 100644
--- a/test/mjsunit/harmony/generators-objects.js
+++ b/test/mjsunit/harmony/generators-objects.js
@@ -55,7 +55,7 @@
var iter = g();
assertSame(g.prototype, Object.getPrototypeOf(iter));
assertTrue(iter instanceof g);
- assertEquals("Generator", %ClassOf(iter));
+ assertEquals("Generator", %_ClassOf(iter));
assertEquals("[object Generator]", String(iter));
assertEquals([], Object.getOwnPropertyNames(iter));
assertTrue(iter !== g());
@@ -64,7 +64,7 @@
iter = new g();
assertSame(g.prototype, Object.getPrototypeOf(iter));
assertTrue(iter instanceof g);
- assertEquals("Generator", %ClassOf(iter));
+ assertEquals("Generator", %_ClassOf(iter));
assertEquals("[object Generator]", String(iter));
assertEquals([], Object.getOwnPropertyNames(iter));
assertTrue(iter !== new g());
diff --git a/test/mjsunit/neuter-twice.js b/test/mjsunit/neuter-twice.js
new file mode 100644
index 0000000..3501cee
--- /dev/null
+++ b/test/mjsunit/neuter-twice.js
@@ -0,0 +1,9 @@
+// Copyright 2014 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+//
+// Flags: --allow-natives-syntax
+
+var ab = new ArrayBuffer(100);
+%ArrayBufferNeuter(ab);
+%ArrayBufferNeuter(ab);
diff --git a/test/mjsunit/regress/regress-319722-ArrayBuffer.js b/test/mjsunit/regress/regress-319722-ArrayBuffer.js
index 4a48a61..9a24fc5 100644
--- a/test/mjsunit/regress/regress-319722-ArrayBuffer.js
+++ b/test/mjsunit/regress/regress-319722-ArrayBuffer.js
@@ -26,7 +26,7 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Flags: --nostress-opt --allow-natives-syntax --mock-arraybuffer-allocator
-var maxSize = %MaxSmi() + 1;
+var maxSize = %_MaxSmi() + 1;
var ab;
// Allocate the largest ArrayBuffer we can on this architecture.
diff --git a/test/mjsunit/regress/regress-319722-TypedArrays.js b/test/mjsunit/regress/regress-319722-TypedArrays.js
index 0445e2d..e497aec 100644
--- a/test/mjsunit/regress/regress-319722-TypedArrays.js
+++ b/test/mjsunit/regress/regress-319722-TypedArrays.js
@@ -27,7 +27,7 @@
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Flags: --nostress-opt --allow-natives-syntax
-var maxSize = %MaxSmi() + 1;
+var maxSize = %_MaxSmi() + 1;
function TestArray(constr) {
assertThrows(function() {
new constr(maxSize);
diff --git a/test/mjsunit/regress/regress-355523.js b/test/mjsunit/regress/regress-355523.js
new file mode 100644
index 0000000..d61fe84
--- /dev/null
+++ b/test/mjsunit/regress/regress-355523.js
@@ -0,0 +1,37 @@
+// Copyright 2013 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Flags: --allow-natives-syntax
+// This test requires ASAN.
+
+function __f_4(a, b) { }
+function __f_8(n) { return __f_4(arguments[13], arguments[-10]); }
+function __f_6(a) { return __f_8(0, a); }
+__f_8(0);
+__f_8(0);
+%OptimizeFunctionOnNextCall(__f_8);
+__f_8(0);
diff --git a/test/mjsunit/regress/regress-dictionary-to-fast-arguments.js b/test/mjsunit/regress/regress-dictionary-to-fast-arguments.js
new file mode 100644
index 0000000..f12679a
--- /dev/null
+++ b/test/mjsunit/regress/regress-dictionary-to-fast-arguments.js
@@ -0,0 +1,11 @@
+// Copyright 2014 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+function f(a, b) {
+ for (var i = 10000; i > 0; i--) {
+ arguments[i] = 0;
+ }
+}
+
+f(1.5, 2.5);