Merge (7265, 7271] from bleeding_edge to experimental/gc branch....

src/x64/codegen-x64.cc

 // Copyright 2011 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 162 matching lines @@
   RegisterAllocator register_allocator(this);
   allocator_ = &register_allocator;
   ASSERT(frame_ == NULL);
   frame_ = new VirtualFrame();
   set_in_spilled_code(false);
 
   // Adjust for function-level loop nesting.
   ASSERT_EQ(0, loop_nesting_);
   loop_nesting_ = info->is_in_loop() ? 1 : 0;
 
-  JumpTarget::set_compiling_deferred_code(false);
+  Isolate::Current()->set_jump_target_compiling_deferred_code(false);
 
   {
     CodeGenState state(this);
     // Entry:
     // Stack: receiver, arguments, return address.
     // rbp: caller's frame pointer
     // rsp: stack pointer
     // rdi: called JS function
     // rsi: callee's context
     allocator_->Initialize();
@@ skipping 84 matching lines @@
 
     // Store the arguments object.  This must happen after context
     // initialization because the arguments object may be stored in
     // the context.
     if (ArgumentsMode() != NO_ARGUMENTS_ALLOCATION) {
       StoreArgumentsObject(true);
     }
 
     // Initialize ThisFunction reference if present.
     if (scope()->is_function_scope() && scope()->function() != NULL) {
-      frame_->Push(Factory::the_hole_value());
+      frame_->Push(FACTORY->the_hole_value());
       StoreToSlot(scope()->function()->AsSlot(), NOT_CONST_INIT);
     }
 
     // Initialize the function return target after the locals are set
     // up, because it needs the expected frame height from the frame.
     function_return_.set_direction(JumpTarget::BIDIRECTIONAL);
     function_return_is_shadowed_ = false;
 
     // Generate code to 'execute' declarations and initialize functions
     // (source elements). In case of an illegal redeclaration we need to
@@ skipping 14 matching lines @@
       // Ignore the return value.
     }
     CheckStack();
 
     // Compile the body of the function in a vanilla state. Don't
     // bother compiling all the code if the scope has an illegal
     // redeclaration.
     if (!scope()->HasIllegalRedeclaration()) {
       Comment cmnt(masm_, "[ function body");
 #ifdef DEBUG
-      bool is_builtin = Bootstrapper::IsActive();
+      bool is_builtin = Isolate::Current()->bootstrapper()->IsActive();
       bool should_trace =
           is_builtin ? FLAG_trace_builtin_calls : FLAG_trace_calls;
       if (should_trace) {
         frame_->CallRuntime(Runtime::kDebugTrace, 0);
         // Ignore the return value.
       }
 #endif
       VisitStatements(info->function()->body());
 
       // Handle the return from the function.
       if (has_valid_frame()) {
         // If there is a valid frame, control flow can fall off the end of
         // the body.  In that case there is an implicit return statement.
         ASSERT(!function_return_is_shadowed_);
         CodeForReturnPosition(info->function());
         frame_->PrepareForReturn();
-        Result undefined(Factory::undefined_value());
+        Result undefined(FACTORY->undefined_value());
         if (function_return_.is_bound()) {
           function_return_.Jump(&undefined);
         } else {
           function_return_.Bind(&undefined);
           GenerateReturnSequence(&undefined);
         }
       } else if (function_return_.is_linked()) {
         // If the return target has dangling jumps to it, then we have not
         // yet generated the return sequence.  This can happen when (a)
         // control does not flow off the end of the body so we did not
@@ skipping 11 matching lines @@
   loop_nesting_ = 0;
 
   // Code generation state must be reset.
   ASSERT(state_ == NULL);
   ASSERT(!function_return_is_shadowed_);
   function_return_.Unuse();
   DeleteFrame();
 
   // Process any deferred code using the register allocator.
   if (!HasStackOverflow()) {
-    JumpTarget::set_compiling_deferred_code(true);
+    info->isolate()->set_jump_target_compiling_deferred_code(true);
     ProcessDeferred();
-    JumpTarget::set_compiling_deferred_code(false);
+    info->isolate()->set_jump_target_compiling_deferred_code(false);
   }
 
   // There is no need to delete the register allocator, it is a
   // stack-allocated local.
   allocator_ = NULL;
 }
 
 
 Operand CodeGenerator::SlotOperand(Slot* slot, Register tmp) {
   // Currently, this assertion will fail if we try to assign to
@@ skipping 128 matching lines @@
 #endif
   ASSERT(!in_spilled_code());
   JumpTarget true_target;
   JumpTarget false_target;
   ControlDestination dest(&true_target, &false_target, true);
   LoadCondition(expr, &dest, false);
 
   if (dest.false_was_fall_through()) {
     // The false target was just bound.
     JumpTarget loaded;
-    frame_->Push(Factory::false_value());
+    frame_->Push(FACTORY->false_value());
     // There may be dangling jumps to the true target.
     if (true_target.is_linked()) {
       loaded.Jump();
       true_target.Bind();
-      frame_->Push(Factory::true_value());
+      frame_->Push(FACTORY->true_value());
       loaded.Bind();
     }
 
   } else if (dest.is_used()) {
     // There is true, and possibly false, control flow (with true as
     // the fall through).
     JumpTarget loaded;
-    frame_->Push(Factory::true_value());
+    frame_->Push(FACTORY->true_value());
     if (false_target.is_linked()) {
       loaded.Jump();
       false_target.Bind();
-      frame_->Push(Factory::false_value());
+      frame_->Push(FACTORY->false_value());
       loaded.Bind();
     }
 
   } else {
     // We have a valid value on top of the frame, but we still may
     // have dangling jumps to the true and false targets from nested
     // subexpressions (eg, the left subexpressions of the
     // short-circuited boolean operators).
     ASSERT(has_valid_frame());
     if (true_target.is_linked() || false_target.is_linked()) {
       JumpTarget loaded;
       loaded.Jump();  // Don't lose the current TOS.
       if (true_target.is_linked()) {
         true_target.Bind();
-        frame_->Push(Factory::true_value());
+        frame_->Push(FACTORY->true_value());
         if (false_target.is_linked()) {
           loaded.Jump();
         }
       }
       if (false_target.is_linked()) {
         false_target.Bind();
-        frame_->Push(Factory::false_value());
+        frame_->Push(FACTORY->false_value());
       }
       loaded.Bind();
     }
   }
 
   ASSERT(has_valid_frame());
   ASSERT(frame_->height() == original_height + 1);
 }
 
 
@@ skipping 56 matching lines @@
 
 Result CodeGenerator::StoreArgumentsObject(bool initial) {
   ArgumentsAllocationMode mode = ArgumentsMode();
   ASSERT(mode != NO_ARGUMENTS_ALLOCATION);
 
   Comment cmnt(masm_, "[ store arguments object");
   if (mode == LAZY_ARGUMENTS_ALLOCATION && initial) {
     // When using lazy arguments allocation, we store the arguments marker value
     // as a sentinel indicating that the arguments object hasn't been
     // allocated yet.
-    frame_->Push(Factory::arguments_marker());
+    frame_->Push(FACTORY->arguments_marker());
   } else {
     ArgumentsAccessStub stub(is_strict_mode()
         ? ArgumentsAccessStub::NEW_STRICT
         : ArgumentsAccessStub::NEW_NON_STRICT);
     frame_->PushFunction();
     frame_->PushReceiverSlotAddress();
     frame_->Push(Smi::FromInt(scope()->num_parameters()));
     Result result = frame_->CallStub(&stub, 3);
     frame_->Push(&result);
   }
@@ skipping 409 matching lines @@
       answer = GenerateGenericBinaryOpStubCall(&stub, &left, &right);
     }
   }
 
   answer.set_type_info(result_type);
   frame_->Push(&answer);
 }
 
 
 bool CodeGenerator::FoldConstantSmis(Token::Value op, int left, int right) {
-  Object* answer_object = Heap::undefined_value();
+  Object* answer_object = HEAP->undefined_value();
   switch (op) {
     case Token::ADD:
       // Use intptr_t to detect overflow of 32-bit int.
       if (Smi::IsValid(static_cast<intptr_t>(left) + right)) {
         answer_object = Smi::FromInt(left + right);
       }
       break;
     case Token::SUB:
       // Use intptr_t to detect overflow of 32-bit int.
       if (Smi::IsValid(static_cast<intptr_t>(left) - right)) {
@@ skipping 53 matching lines @@
           unsigned_left >>= shift_amount;
         }
         ASSERT(Smi::IsValid(static_cast<int32_t>(unsigned_left)));
         answer_object = Smi::FromInt(static_cast<int32_t>(unsigned_left));
         break;
       }
     default:
       UNREACHABLE();
       break;
   }
-  if (answer_object == Heap::undefined_value()) {
+  if (answer_object->IsUndefined()) {
     return false;
   }
   frame_->Push(Handle<Object>(answer_object));
   return true;
 }
 
 
 void CodeGenerator::JumpIfBothSmiUsingTypeInfo(Result* left,
                                                Result* right,
                                                JumpTarget* both_smi) {
@@ skipping 214 matching lines @@
         __ AbortIfNotSmi(right->reg());
       }
       // If left is not known to be a smi, check if it is.
       // If left is not known to be a number, and it isn't a smi, check if
       // it is a HeapNumber.
       if (!left_type_info.IsSmi()) {
         __ JumpIfSmi(answer.reg(), &do_op);
         if (!left_type_info.IsNumber()) {
           // Branch if not a heapnumber.
           __ Cmp(FieldOperand(answer.reg(), HeapObject::kMapOffset),
-                 Factory::heap_number_map());
+                 FACTORY->heap_number_map());
           deferred->Branch(not_equal);
         }
         // Load integer value into answer register using truncation.
         __ cvttsd2si(answer.reg(),
                      FieldOperand(answer.reg(), HeapNumber::kValueOffset));
         // Branch if we might have overflowed.
         // (False negative for Smi::kMinValue)
         __ cmpl(answer.reg(), Immediate(0x80000000));
         deferred->Branch(equal);
         // TODO(lrn): Inline shifts on int32 here instead of first smi-tagging.
@@ skipping 941 matching lines @@
       }
 
       // Jump or fall through to here if we are comparing a non-smi to a
       // constant smi.  If the non-smi is a heap number and this is not
       // a loop condition, inline the floating point code.
       if (!is_loop_condition) {
         // Right side is a constant smi and left side has been checked
         // not to be a smi.
         JumpTarget not_number;
         __ Cmp(FieldOperand(left_reg, HeapObject::kMapOffset),
-               Factory::heap_number_map());
+               FACTORY->heap_number_map());
         not_number.Branch(not_equal, left_side);
         __ movsd(xmm1,
                  FieldOperand(left_reg, HeapNumber::kValueOffset));
         int value = constant_smi->value();
         if (value == 0) {
           __ xorpd(xmm0, xmm0);
         } else {
           Result temp = allocator()->Allocate();
           __ movl(temp.reg(), Immediate(value));
           __ cvtlsi2sd(xmm0, temp.reg());
@@ skipping 139 matching lines @@
   // stack, as receiver and arguments, and calls x.
   // In the implementation comments, we call x the applicand
   // and y the receiver.
   ASSERT(ArgumentsMode() == LAZY_ARGUMENTS_ALLOCATION);
   ASSERT(arguments->IsArguments());
 
   // Load applicand.apply onto the stack. This will usually
   // give us a megamorphic load site. Not super, but it works.
   Load(applicand);
   frame()->Dup();
-  Handle<String> name = Factory::LookupAsciiSymbol("apply");
+  Handle<String> name = FACTORY->LookupAsciiSymbol("apply");
   frame()->Push(name);
   Result answer = frame()->CallLoadIC(RelocInfo::CODE_TARGET);
   __ nop();
   frame()->Push(&answer);
 
   // Load the receiver and the existing arguments object onto the
   // expression stack. Avoid allocating the arguments object here.
   Load(receiver);
   LoadFromSlot(scope()->arguments()->AsSlot(), NOT_INSIDE_TYPEOF);
 
@@ skipping 47 matching lines @@
       __ j(below, &build_args);
 
       // Check that applicand.apply is Function.prototype.apply.
       __ movq(rax, Operand(rsp, kPointerSize));
       is_smi = masm_->CheckSmi(rax);
       __ j(is_smi, &build_args);
       __ CmpObjectType(rax, JS_FUNCTION_TYPE, rcx);
       __ j(not_equal, &build_args);
       __ movq(rcx, FieldOperand(rax, JSFunction::kCodeEntryOffset));
       __ subq(rcx, Immediate(Code::kHeaderSize - kHeapObjectTag));
-      Handle<Code> apply_code(Builtins::builtin(Builtins::FunctionApply));
+      Handle<Code> apply_code(Isolate::Current()->builtins()->builtin(
+          Builtins::FunctionApply));
       __ Cmp(rcx, apply_code);
       __ j(not_equal, &build_args);
 
       // Check that applicand is a function.
       __ movq(rdi, Operand(rsp, 2 * kPointerSize));
       is_smi = masm_->CheckSmi(rdi);
       __ j(is_smi, &build_args);
       __ CmpObjectType(rdi, JS_FUNCTION_TYPE, rcx);
       __ j(not_equal, &build_args);
 
@@ skipping 222 matching lines @@
     Result ignored = frame_->CallRuntime(Runtime::kDeclareContextSlot, 4);
     // Ignore the return value (declarations are statements).
     return;
   }
 
   ASSERT(!var->is_global());
 
   // If we have a function or a constant, we need to initialize the variable.
   Expression* val = NULL;
   if (node->mode() == Variable::CONST) {
-    val = new Literal(Factory::the_hole_value());
+    val = new Literal(FACTORY->the_hole_value());
   } else {
     val = node->fun();  // NULL if we don't have a function
   }
 
   if (val != NULL) {
     {
       // Set the initial value.
       Reference target(this, node->proxy());
       Load(val);
       target.SetValue(NOT_CONST_INIT);
@@ skipping 1155 matching lines @@
   // After shadowing stops, the original targets are unshadowed and the
   // ShadowTargets represent the formerly shadowing targets.
   bool has_unlinks = false;
   for (int i = 0; i < shadows.length(); i++) {
     shadows[i]->StopShadowing();
     has_unlinks = has_unlinks || shadows[i]->is_linked();
   }
   function_return_is_shadowed_ = function_return_was_shadowed;
 
   // Get an external reference to the handler address.
-  ExternalReference handler_address(Top::k_handler_address);
+  ExternalReference handler_address(Isolate::k_handler_address);
 
   // Make sure that there's nothing left on the stack above the
   // handler structure.
   if (FLAG_debug_code) {
     __ movq(kScratchRegister, handler_address);
     __ cmpq(rsp, Operand(kScratchRegister, 0));
     __ Assert(equal, "stack pointer should point to top handler");
   }
 
   // If we can fall off the end of the try block, unlink from try chain.
@@ skipping 108 matching lines @@
   // After shadowing stops, the original targets are unshadowed and the
   // ShadowTargets represent the formerly shadowing targets.
   int nof_unlinks = 0;
   for (int i = 0; i < shadows.length(); i++) {
     shadows[i]->StopShadowing();
     if (shadows[i]->is_linked()) nof_unlinks++;
   }
   function_return_is_shadowed_ = function_return_was_shadowed;
 
   // Get an external reference to the handler address.
-  ExternalReference handler_address(Top::k_handler_address);
+  ExternalReference handler_address(Isolate::k_handler_address);
 
   // If we can fall off the end of the try block, unlink from the try
   // chain and set the state on the frame to FALLING.
   if (has_valid_frame()) {
     // The next handler address is on top of the frame.
     STATIC_ASSERT(StackHandlerConstants::kNextOffset == 0);
     __ movq(kScratchRegister, handler_address);
     frame_->EmitPop(Operand(kScratchRegister, 0));
     frame_->Drop(StackHandlerConstants::kSize / kPointerSize - 1);
 
@@ skipping 146 matching lines @@
         function_info->strict_mode() ? kStrictMode : kNonStrictMode);
     frame_->Push(function_info);
     Result answer = frame_->CallStub(&stub, 1);
     frame_->Push(&answer);
   } else {
     // Call the runtime to instantiate the function based on the
     // shared function info.
     frame_->EmitPush(rsi);
     frame_->EmitPush(function_info);
     frame_->EmitPush(pretenure
-                     ? Factory::true_value()
-                     : Factory::false_value());
+                     ? FACTORY->true_value()
+                     : FACTORY->false_value());
     Result result = frame_->CallRuntime(Runtime::kNewClosure, 3);
     frame_->Push(&result);
   }
 }
 
 
 void CodeGenerator::VisitFunctionLiteral(FunctionLiteral* node) {
   Comment cmnt(masm_, "[ FunctionLiteral");
 
   // Build the function info and instantiate it.
@@ skipping 468 matching lines @@
   if (!boilerplate_.is(rax)) __ movq(boilerplate_, rax);
 }
 
 
 class DeferredAllocateInNewSpace: public DeferredCode {
  public:
   DeferredAllocateInNewSpace(int size,
                              Register target,
                              int registers_to_save = 0)
     : size_(size), target_(target), registers_to_save_(registers_to_save) {
-    ASSERT(size >= kPointerSize && size <= Heap::MaxObjectSizeInNewSpace());
+    ASSERT(size >= kPointerSize && size <= HEAP->MaxObjectSizeInNewSpace());
     set_comment("[ DeferredAllocateInNewSpace");
   }
   void Generate();
 
  private:
   int size_;
   Register target_;
   int registers_to_save_;
 };
 
@@ skipping 194 matching lines @@
 
   // Load the literals array of the function.
   __ movq(literals.reg(),
           FieldOperand(literals.reg(), JSFunction::kLiteralsOffset));
 
   frame_->Push(&literals);
   frame_->Push(Smi::FromInt(node->literal_index()));
   frame_->Push(node->constant_elements());
   int length = node->values()->length();
   Result clone;
-  if (node->constant_elements()->map() == Heap::fixed_cow_array_map()) {
+  if (node->constant_elements()->map() == HEAP->fixed_cow_array_map()) {
     FastCloneShallowArrayStub stub(
         FastCloneShallowArrayStub::COPY_ON_WRITE_ELEMENTS, length);
     clone = frame_->CallStub(&stub, 3);
-    __ IncrementCounter(&Counters::cow_arrays_created_stub, 1);
+    __ IncrementCounter(COUNTERS->cow_arrays_created_stub(), 1);
   } else if (node->depth() > 1) {
     clone = frame_->CallRuntime(Runtime::kCreateArrayLiteral, 3);
   } else if (length > FastCloneShallowArrayStub::kMaximumClonedLength) {
     clone = frame_->CallRuntime(Runtime::kCreateArrayLiteralShallow, 3);
   } else {
     FastCloneShallowArrayStub stub(
         FastCloneShallowArrayStub::CLONE_ELEMENTS, length);
     clone = frame_->CallStub(&stub, 3);
   }
   frame_->Push(&clone);
@@ skipping 381 matching lines @@
 
     // In a call to eval, we first call %ResolvePossiblyDirectEval to
     // resolve the function we need to call and the receiver of the
     // call.  Then we call the resolved function using the given
     // arguments.
 
     // Prepare the stack for the call to the resolved function.
     Load(function);
 
     // Allocate a frame slot for the receiver.
-    frame_->Push(Factory::undefined_value());
+    frame_->Push(FACTORY->undefined_value());
 
     // Load the arguments.
     int arg_count = args->length();
     for (int i = 0; i < arg_count; i++) {
       Load(args->at(i));
       frame_->SpillTop();
     }
 
     // Result to hold the result of the function resolution and the
     // final result of the eval call.
@@ skipping 11 matching lines @@
       // ResolvePossiblyDirectEvalNoLookup by pushing the loaded
       // function, the first argument to the eval call and the
       // receiver.
       Result fun = LoadFromGlobalSlotCheckExtensions(var->AsSlot(),
                                                      NOT_INSIDE_TYPEOF,
                                                      &slow);
       frame_->Push(&fun);
       if (arg_count > 0) {
         frame_->PushElementAt(arg_count);
       } else {
-        frame_->Push(Factory::undefined_value());
+        frame_->Push(FACTORY->undefined_value());
       }
       frame_->PushParameterAt(-1);
 
       // Push the strict mode flag.
       frame_->Push(Smi::FromInt(strict_mode_flag()));
 
       // Resolve the call.
       result =
           frame_->CallRuntime(Runtime::kResolvePossiblyDirectEvalNoLookup, 4);
 
       done.Jump(&result);
       slow.Bind();
     }
 
     // Prepare the stack for the call to ResolvePossiblyDirectEval by
     // pushing the loaded function, the first argument to the eval
     // call and the receiver.
     frame_->PushElementAt(arg_count + 1);
     if (arg_count > 0) {
       frame_->PushElementAt(arg_count);
     } else {
-      frame_->Push(Factory::undefined_value());
+      frame_->Push(FACTORY->undefined_value());
     }
     frame_->PushParameterAt(-1);
 
     // Push the strict mode flag.
     frame_->Push(Smi::FromInt(strict_mode_flag()));
 
     // Resolve the call.
     result = frame_->CallRuntime(Runtime::kResolvePossiblyDirectEval, 4);
 
     // If we generated fast-case code bind the jump-target where fast
@@ skipping 268 matching lines @@
   //   2 (array): Arguments to the format string.
   ASSERT_EQ(args->length(), 3);
 #ifdef ENABLE_LOGGING_AND_PROFILING
   if (ShouldGenerateLog(args->at(0))) {
     Load(args->at(1));
     Load(args->at(2));
     frame_->CallRuntime(Runtime::kLog, 2);
   }
 #endif
   // Finally, we're expected to leave a value on the top of the stack.
-  frame_->Push(Factory::undefined_value());
+  frame_->Push(FACTORY->undefined_value());
 }
 
 
 void CodeGenerator::GenerateIsNonNegativeSmi(ZoneList<Expression*>* args) {
   ASSERT(args->length() == 1);
   Load(args->at(0));
   Result value = frame_->Pop();
   value.ToRegister();
   ASSERT(value.is_valid());
   Condition non_negative_smi = masm_->CheckNonNegativeSmi(value.reg());
@@ skipping 242 matching lines @@
 void CodeGenerator::GenerateIsObject(ZoneList<Expression*>* args) {
   // This generates a fast version of:
   // (typeof(arg) === 'object' || %_ClassOf(arg) == 'RegExp')
   ASSERT(args->length() == 1);
   Load(args->at(0));
   Result obj = frame_->Pop();
   obj.ToRegister();
   Condition is_smi = masm_->CheckSmi(obj.reg());
   destination()->false_target()->Branch(is_smi);
 
-  __ Move(kScratchRegister, Factory::null_value());
+  __ Move(kScratchRegister, FACTORY->null_value());
   __ cmpq(obj.reg(), kScratchRegister);
   destination()->true_target()->Branch(equal);
 
   __ movq(kScratchRegister, FieldOperand(obj.reg(), HeapObject::kMapOffset));
   // Undetectable objects behave like undefined when tested with typeof.
   __ testb(FieldOperand(kScratchRegister, Map::kBitFieldOffset),
           Immediate(1 << Map::kIsUndetectable));
   destination()->false_target()->Branch(not_zero);
   __ movzxbq(kScratchRegister,
              FieldOperand(kScratchRegister, Map::kInstanceTypeOffset));
@@ skipping 71 matching lines @@
     // Calculate location of the first key name.
     __ addq(map_result_,
             Immediate(FixedArray::kHeaderSize +
                       DescriptorArray::kFirstIndex * kPointerSize));
     // Loop through all the keys in the descriptor array. If one of these is the
     // symbol valueOf the result is false.
     Label entry, loop;
     __ jmp(&entry);
     __ bind(&loop);
     __ movq(scratch2_, FieldOperand(map_result_, 0));
-    __ Cmp(scratch2_, Factory::value_of_symbol());
+    __ Cmp(scratch2_, FACTORY->value_of_symbol());
     __ j(equal, &false_result);
     __ addq(map_result_, Immediate(kPointerSize));
     __ bind(&entry);
     __ cmpq(map_result_, scratch1_);
     __ j(not_equal, &loop);
 
     // Reload map as register map_result_ was used as temporary above.
     __ movq(map_result_, FieldOperand(object_, HeapObject::kMapOffset));
 
     // If a valueOf property is not found on the object check that it's
@@ skipping 191 matching lines @@
   __ movq(obj.reg(),
           FieldOperand(obj.reg(), JSFunction::kSharedFunctionInfoOffset));
   __ movq(obj.reg(),
           FieldOperand(obj.reg(),
                        SharedFunctionInfo::kInstanceClassNameOffset));
   frame_->Push(&obj);
   leave.Jump();
 
   // Functions have class 'Function'.
   function.Bind();
-  frame_->Push(Factory::function_class_symbol());
+  frame_->Push(FACTORY->function_class_symbol());
   leave.Jump();
 
   // Objects with a non-function constructor have class 'Object'.
   non_function_constructor.Bind();
-  frame_->Push(Factory::Object_symbol());
+  frame_->Push(FACTORY->Object_symbol());
   leave.Jump();
 
   // Non-JS objects have class null.
   null.Bind();
-  frame_->Push(Factory::null_value());
+  frame_->Push(FACTORY->null_value());
 
   // All done.
   leave.Bind();
 }
 
 
 void CodeGenerator::GenerateValueOf(ZoneList<Expression*>* args) {
   ASSERT(args->length() == 1);
   JumpTarget leave;
   Load(args->at(0));  // Load the object.
@@ skipping 351 matching lines @@
 }
 
 
 void CodeGenerator::GenerateGetFromCache(ZoneList<Expression*>* args) {
   ASSERT_EQ(2, args->length());
 
   ASSERT_NE(NULL, args->at(0)->AsLiteral());
   int cache_id = Smi::cast(*(args->at(0)->AsLiteral()->handle()))->value();
 
   Handle<FixedArray> jsfunction_result_caches(
-      Top::global_context()->jsfunction_result_caches());
+      Isolate::Current()->global_context()->jsfunction_result_caches());
   if (jsfunction_result_caches->length() <= cache_id) {
     __ Abort("Attempt to use undefined cache.");
-    frame_->Push(Factory::undefined_value());
+    frame_->Push(FACTORY->undefined_value());
     return;
   }
 
   Load(args->at(1));
   Result key = frame_->Pop();
   key.ToRegister();
 
   Result cache = allocator()->Allocate();
   ASSERT(cache.is_valid());
   __ movq(cache.reg(), ContextOperand(rsi, Context::GLOBAL_INDEX));
@@ skipping 145 matching lines @@
   __ InNewSpace(tmp1.reg(), tmp2.reg(), equal, &done);
   // Possible optimization: do a check that both values are smis
   // (or them and test against Smi mask.)
 
   __ movq(tmp2.reg(), tmp1.reg());
   __ RecordWriteHelper(tmp1.reg(), index1.reg(), object.reg(), kDontSaveFPRegs);
   __ RecordWriteHelper(tmp2.reg(), index2.reg(), object.reg(), kDontSaveFPRegs);
   __ bind(&done);
 
   deferred->BindExit();
-  frame_->Push(Factory::undefined_value());
+  frame_->Push(FACTORY->undefined_value());
 }
 
 
 void CodeGenerator::GenerateCallFunction(ZoneList<Expression*>* args) {
   Comment cmnt(masm_, "[ GenerateCallFunction");
 
   ASSERT(args->length() >= 2);
 
   int n_args = args->length() - 2;  // for receiver and function.
   Load(args->at(0));  // receiver
@@ skipping 323 matching lines @@
   Result number = allocator()->Allocate();
   ASSERT(number.is_valid());
   __ movl(number.reg(), FieldOperand(string.reg(), String::kHashFieldOffset));
   __ IndexFromHash(number.reg(), number.reg());
   string.Unuse();
   frame_->Push(&number);
 }
 
 
 void CodeGenerator::GenerateFastAsciiArrayJoin(ZoneList<Expression*>* args) {
-  frame_->Push(Factory::undefined_value());
+  frame_->Push(FACTORY->undefined_value());
 }
 
 
 void CodeGenerator::VisitCallRuntime(CallRuntime* node) {
   if (CheckForInlineRuntimeCall(node)) {
     return;
   }
 
   ZoneList<Expression*>* args = node->arguments();
   Comment cmnt(masm_, "[ CallRuntime");
-  Runtime::Function* function = node->function();
+  const Runtime::Function* function = node->function();
 
   if (function == NULL) {
     // Push the builtins object found in the current global object.
     Result temp = allocator()->Allocate();
     ASSERT(temp.is_valid());
     __ movq(temp.reg(), GlobalObjectOperand());
     __ movq(temp.reg(),
             FieldOperand(temp.reg(), GlobalObject::kBuiltinsOffset));
     frame_->Push(&temp);
   }
@@ skipping 63 matching lines @@
         // variable.  Sync the virtual frame eagerly so we can push the
         // arguments directly into place.
         frame_->SyncRange(0, frame_->element_count() - 1);
         frame_->EmitPush(rsi);
         frame_->EmitPush(variable->name());
         Result answer = frame_->CallRuntime(Runtime::kDeleteContextSlot, 2);
         frame_->Push(&answer);
       } else {
         // Default: Result of deleting non-global, not dynamically
         // introduced variables is false.
-        frame_->Push(Factory::false_value());
+        frame_->Push(FACTORY->false_value());
       }
     } else {
       // Default: Result of deleting expressions is true.
       Load(node->expression());  // may have side-effects
-      frame_->SetElementAt(0, Factory::true_value());
+      frame_->SetElementAt(0, FACTORY->true_value());
     }
 
   } else if (op == Token::TYPEOF) {
     // Special case for loading the typeof expression; see comment on
     // LoadTypeofExpression().
     LoadTypeofExpression(node->expression());
     Result answer = frame_->CallRuntime(Runtime::kTypeof, 1);
     frame_->Push(&answer);
 
   } else if (op == Token::VOID) {
     Expression* expression = node->expression();
     if (expression && expression->AsLiteral() && (
         expression->AsLiteral()->IsTrue() ||
         expression->AsLiteral()->IsFalse() ||
         expression->AsLiteral()->handle()->IsNumber() ||
         expression->AsLiteral()->handle()->IsString() ||
         expression->AsLiteral()->handle()->IsJSRegExp() ||
         expression->AsLiteral()->IsNull())) {
       // Omit evaluating the value of the primitive literal.
       // It will be discarded anyway, and can have no side effect.
-      frame_->Push(Factory::undefined_value());
+      frame_->Push(FACTORY->undefined_value());
     } else {
       Load(node->expression());
-      frame_->SetElementAt(0, Factory::undefined_value());
+      frame_->SetElementAt(0, FACTORY->undefined_value());
     }
 
   } else {
     bool can_overwrite = node->expression()->ResultOverwriteAllowed();
     UnaryOverwriteMode overwrite =
         can_overwrite ? UNARY_OVERWRITE : UNARY_NO_OVERWRITE;
     bool no_negative_zero = node->expression()->no_negative_zero();
     Load(node->expression());
     switch (op) {
       case Token::NOT:
@@ skipping 451 matching lines @@
       (operation != NULL && operation->op() == Token::TYPEOF) &&
       (right->AsLiteral() != NULL &&
        right->AsLiteral()->handle()->IsString())) {
     Handle<String> check(Handle<String>::cast(right->AsLiteral()->handle()));
 
     // Load the operand and move it to a register.
     LoadTypeofExpression(operation->expression());
     Result answer = frame_->Pop();
     answer.ToRegister();
 
-    if (check->Equals(Heap::number_symbol())) {
+    if (check->Equals(HEAP->number_symbol())) {
       Condition is_smi = masm_->CheckSmi(answer.reg());
       destination()->true_target()->Branch(is_smi);
       frame_->Spill(answer.reg());
       __ movq(answer.reg(), FieldOperand(answer.reg(), HeapObject::kMapOffset));
       __ CompareRoot(answer.reg(), Heap::kHeapNumberMapRootIndex);
       answer.Unuse();
       destination()->Split(equal);
 
-    } else if (check->Equals(Heap::string_symbol())) {
+    } else if (check->Equals(HEAP->string_symbol())) {
       Condition is_smi = masm_->CheckSmi(answer.reg());
       destination()->false_target()->Branch(is_smi);
 
       // It can be an undetectable string object.
       __ movq(kScratchRegister,
               FieldOperand(answer.reg(), HeapObject::kMapOffset));
       __ testb(FieldOperand(kScratchRegister, Map::kBitFieldOffset),
                Immediate(1 << Map::kIsUndetectable));
       destination()->false_target()->Branch(not_zero);
       __ CmpInstanceType(kScratchRegister, FIRST_NONSTRING_TYPE);
       answer.Unuse();
       destination()->Split(below);  // Unsigned byte comparison needed.
 
-    } else if (check->Equals(Heap::boolean_symbol())) {
+    } else if (check->Equals(HEAP->boolean_symbol())) {
       __ CompareRoot(answer.reg(), Heap::kTrueValueRootIndex);
       destination()->true_target()->Branch(equal);
       __ CompareRoot(answer.reg(), Heap::kFalseValueRootIndex);
       answer.Unuse();
       destination()->Split(equal);
 
-    } else if (check->Equals(Heap::undefined_symbol())) {
+    } else if (check->Equals(HEAP->undefined_symbol())) {
       __ CompareRoot(answer.reg(), Heap::kUndefinedValueRootIndex);
       destination()->true_target()->Branch(equal);
 
       Condition is_smi = masm_->CheckSmi(answer.reg());
       destination()->false_target()->Branch(is_smi);
 
       // It can be an undetectable object.
       __ movq(kScratchRegister,
               FieldOperand(answer.reg(), HeapObject::kMapOffset));
       __ testb(FieldOperand(kScratchRegister, Map::kBitFieldOffset),
                Immediate(1 << Map::kIsUndetectable));
       answer.Unuse();
       destination()->Split(not_zero);
 
-    } else if (check->Equals(Heap::function_symbol())) {
+    } else if (check->Equals(HEAP->function_symbol())) {
       Condition is_smi = masm_->CheckSmi(answer.reg());
       destination()->false_target()->Branch(is_smi);
       frame_->Spill(answer.reg());
       __ CmpObjectType(answer.reg(), JS_FUNCTION_TYPE, answer.reg());
       destination()->true_target()->Branch(equal);
       // Regular expressions are callable so typeof == 'function'.
       __ CmpInstanceType(answer.reg(), JS_REGEXP_TYPE);
       answer.Unuse();
       destination()->Split(equal);
 
-    } else if (check->Equals(Heap::object_symbol())) {
+    } else if (check->Equals(HEAP->object_symbol())) {
       Condition is_smi = masm_->CheckSmi(answer.reg());
       destination()->false_target()->Branch(is_smi);
       __ CompareRoot(answer.reg(), Heap::kNullValueRootIndex);
       destination()->true_target()->Branch(equal);
 
       // Regular expressions are typeof == 'function', not 'object'.
       __ CmpObjectType(answer.reg(), JS_REGEXP_TYPE, kScratchRegister);
       destination()->false_target()->Branch(equal);
 
       // It can be an undetectable object.
@@ skipping 143 matching lines @@
   Register receiver_;
   Handle<String> name_;
 };
 
 
 void DeferredReferenceGetNamedValue::Generate() {
   if (!receiver_.is(rax)) {
     __ movq(rax, receiver_);
   }
   __ Move(rcx, name_);
-  Handle<Code> ic(Builtins::builtin(Builtins::LoadIC_Initialize));
+  Handle<Code> ic(Isolate::Current()->builtins()->builtin(
+      Builtins::LoadIC_Initialize));
   __ Call(ic, RelocInfo::CODE_TARGET);
   // The call must be followed by a test rax instruction to indicate
   // that the inobject property case was inlined.
   //
   // Store the delta to the map check instruction here in the test
   // instruction.  Use masm_-> instead of the __ macro since the
   // latter can't return a value.
   int delta_to_patch_site = masm_->SizeOfCodeGeneratedSince(patch_site());
   // Here we use masm_-> instead of the __ macro because this is the
   // instruction that gets patched and coverage code gets in the way.
   masm_->testl(rax, Immediate(-delta_to_patch_site));
-  __ IncrementCounter(&Counters::named_load_inline_miss, 1);
+  __ IncrementCounter(COUNTERS->named_load_inline_miss(), 1);
 
   if (!dst_.is(rax)) __ movq(dst_, rax);
 }
 
 
 class DeferredReferenceGetKeyedValue: public DeferredCode {
  public:
   explicit DeferredReferenceGetKeyedValue(Register dst,
                                           Register receiver,
                                           Register key)
@@ skipping 32 matching lines @@
   } else {
     __ movq(rax, key_);
     __ movq(rdx, receiver_);
   }
   // Calculate the delta from the IC call instruction to the map check
   // movq instruction in the inlined version.  This delta is stored in
   // a test(rax, delta) instruction after the call so that we can find
   // it in the IC initialization code and patch the movq instruction.
   // This means that we cannot allow test instructions after calls to
   // KeyedLoadIC stubs in other places.
-  Handle<Code> ic(Builtins::builtin(Builtins::KeyedLoadIC_Initialize));
+  Handle<Code> ic(Isolate::Current()->builtins()->builtin(
+      Builtins::KeyedLoadIC_Initialize));
   __ Call(ic, RelocInfo::CODE_TARGET);
   // The delta from the start of the map-compare instruction to the
   // test instruction.  We use masm_-> directly here instead of the __
   // macro because the macro sometimes uses macro expansion to turn
   // into something that can't return a value.  This is encountered
   // when doing generated code coverage tests.
   int delta_to_patch_site = masm_->SizeOfCodeGeneratedSince(patch_site());
   // Here we use masm_-> instead of the __ macro because this is the
   // instruction that gets patched and coverage code gets in the way.
   // TODO(X64): Consider whether it's worth switching the test to a
   // 7-byte NOP with non-zero immediate (0f 1f 80 xxxxxxxx) which won't
   // be generated normally.
   masm_->testl(rax, Immediate(-delta_to_patch_site));
-  __ IncrementCounter(&Counters::keyed_load_inline_miss, 1);
+  __ IncrementCounter(COUNTERS->keyed_load_inline_miss(), 1);
 
   if (!dst_.is(rax)) __ movq(dst_, rax);
 }
 
 
 class DeferredReferenceSetKeyedValue: public DeferredCode {
  public:
   DeferredReferenceSetKeyedValue(Register value,
                                  Register key,
                                  Register receiver,
@@ skipping 12 matching lines @@
  private:
   Register value_;
   Register key_;
   Register receiver_;
   Label patch_site_;
   StrictModeFlag strict_mode_;
 };
 
 
 void DeferredReferenceSetKeyedValue::Generate() {
-  __ IncrementCounter(&Counters::keyed_store_inline_miss, 1);
+  __ IncrementCounter(COUNTERS->keyed_store_inline_miss(), 1);
   // Move value, receiver, and key to registers rax, rdx, and rcx, as
   // the IC stub expects.
   // Move value to rax, using xchg if the receiver or key is in rax.
   if (!value_.is(rax)) {
     if (!receiver_.is(rax) && !key_.is(rax)) {
       __ movq(rax, value_);
     } else {
       __ xchg(rax, value_);
       // Update receiver_ and key_ if they are affected by the swap.
       if (receiver_.is(rax)) {
@@ skipping 26 matching lines @@
       __ movq(rcx, key_);
     }
   } else if (key_.is(rcx)) {
     __ movq(rdx, receiver_);
   } else {
     __ movq(rcx, key_);
     __ movq(rdx, receiver_);
   }
 
   // Call the IC stub.
-  Handle<Code> ic(Builtins::builtin(
+  Handle<Code> ic(Isolate::Current()->builtins()->builtin(
       (strict_mode_ == kStrictMode) ? Builtins::KeyedStoreIC_Initialize_Strict
                                     : Builtins::KeyedStoreIC_Initialize));
   __ Call(ic, RelocInfo::CODE_TARGET);
   // The delta from the start of the map-compare instructions (initial movq)
   // to the test instruction.  We use masm_-> directly here instead of the
   // __ macro because the macro sometimes uses macro expansion to turn
   // into something that can't return a value.  This is encountered
   // when doing generated code coverage tests.
   int delta_to_patch_site = masm_->SizeOfCodeGeneratedSince(patch_site());
   // Here we use masm_-> instead of the __ macro because this is the
@@ skipping 48 matching lines @@
     DeferredReferenceGetNamedValue* deferred =
         new DeferredReferenceGetNamedValue(result.reg(), receiver.reg(), name);
 
     // Check that the receiver is a heap object.
     __ JumpIfSmi(receiver.reg(), deferred->entry_label());
 
     __ bind(deferred->patch_site());
     // This is the map check instruction that will be patched (so we can't
     // use the double underscore macro that may insert instructions).
     // Initially use an invalid map to force a failure.
-    masm()->movq(kScratchRegister, Factory::null_value(),
+    masm()->movq(kScratchRegister, FACTORY->null_value(),
                  RelocInfo::EMBEDDED_OBJECT);
     masm()->cmpq(FieldOperand(receiver.reg(), HeapObject::kMapOffset),
                  kScratchRegister);
     // This branch is always a forwards branch so it's always a fixed
     // size which allows the assert below to succeed and patching to work.
     // Don't use deferred->Branch(...), since that might add coverage code.
     masm()->j(not_equal, deferred->entry_label());
 
     // The delta from the patch label to the load offset must be
     // statically known.
     ASSERT(masm()->SizeOfCodeGeneratedSince(deferred->patch_site()) ==
            LoadIC::kOffsetToLoadInstruction);
     // The initial (invalid) offset has to be large enough to force
     // a 32-bit instruction encoding to allow patching with an
     // arbitrary offset.  Use kMaxInt (minus kHeapObjectTag).
     int offset = kMaxInt;
     masm()->movq(result.reg(), FieldOperand(receiver.reg(), offset));
 
-    __ IncrementCounter(&Counters::named_load_inline, 1);
+    __ IncrementCounter(COUNTERS->named_load_inline(), 1);
     deferred->BindExit();
   }
   ASSERT(frame()->height() == original_height - 1);
   return result;
 }
 
 
 Result CodeGenerator::EmitNamedStore(Handle<String> name, bool is_contextual) {
 #ifdef DEBUG
   int expected_height = frame()->height() - (is_contextual ? 1 : 2);
@@ skipping 37 matching lines @@
     Condition is_smi = masm()->CheckSmi(receiver.reg());
     slow.Branch(is_smi, &value, &receiver);
 
     // This is the map check instruction that will be patched.
     // Initially use an invalid map to force a failure. The exact
     // instruction sequence is important because we use the
     // kOffsetToStoreInstruction constant for patching. We avoid using
     // the __ macro for the following two instructions because it
     // might introduce extra instructions.
     __ bind(&patch_site);
-    masm()->movq(kScratchRegister, Factory::null_value(),
+    masm()->movq(kScratchRegister, FACTORY->null_value(),
                  RelocInfo::EMBEDDED_OBJECT);
     masm()->cmpq(FieldOperand(receiver.reg(), HeapObject::kMapOffset),
                  kScratchRegister);
     // This branch is always a forwards branch so it's always a fixed size
     // which allows the assert below to succeed and patching to work.
     slow.Branch(not_equal, &value, &receiver);
 
     // The delta from the patch label to the store offset must be
     // statically known.
     ASSERT(masm()->SizeOfCodeGeneratedSince(&patch_site) ==
@@ skipping 96 matching lines @@
     __ JumpIfSmi(receiver.reg(), deferred->entry_label());
 
     // Check that the receiver has the expected map.
     // Initially, use an invalid map. The map is patched in the IC
     // initialization code.
     __ bind(deferred->patch_site());
     // Use masm-> here instead of the double underscore macro since extra
     // coverage code can interfere with the patching.  Do not use a load
     // from the root array to load null_value, since the load must be patched
     // with the expected receiver map, which is not in the root array.
-    masm_->movq(kScratchRegister, Factory::null_value(),
+    masm_->movq(kScratchRegister, FACTORY->null_value(),
                 RelocInfo::EMBEDDED_OBJECT);
     masm_->cmpq(FieldOperand(receiver.reg(), HeapObject::kMapOffset),
                 kScratchRegister);
     deferred->Branch(not_equal);
 
     __ JumpUnlessNonNegativeSmi(key.reg(), deferred->entry_label());
 
     // Get the elements array from the receiver.
     __ movq(elements.reg(),
             FieldOperand(receiver.reg(), JSObject::kElementsOffset));
@@ skipping 14 matching lines @@
     SmiIndex index =
         masm_->SmiToIndex(kScratchRegister, key.reg(), kPointerSizeLog2);
     __ movq(elements.reg(),
             FieldOperand(elements.reg(),
                          index.reg,
                          index.scale,
                          FixedArray::kHeaderSize));
     result = elements;
     __ CompareRoot(result.reg(), Heap::kTheHoleValueRootIndex);
     deferred->Branch(equal);
-    __ IncrementCounter(&Counters::keyed_load_inline, 1);
+    __ IncrementCounter(COUNTERS->keyed_load_inline(), 1);
 
     deferred->BindExit();
   } else {
     Comment cmnt(masm_, "[ Load from keyed Property");
     result = frame_->CallKeyedLoadIC(RelocInfo::CODE_TARGET);
     // Make sure that we do not have a test instruction after the
     // call.  A test instruction after the call is used to
     // indicate that we have generated an inline version of the
     // keyed load.  The explicit nop instruction is here because
     // the push that follows might be peep-hole optimized away.
@@ skipping 69 matching lines @@
 
     __ bind(&in_new_space);
 
     // Bind the deferred code patch site to be able to locate the fixed
     // array map comparison.  When debugging, we patch this comparison to
     // always fail so that we will hit the IC call in the deferred code
     // which will allow the debugger to break for fast case stores.
     __ bind(deferred->patch_site());
     // Avoid using __ to ensure the distance from patch_site
     // to the map address is always the same.
-    masm()->movq(kScratchRegister, Factory::fixed_array_map(),
+    masm()->movq(kScratchRegister, FACTORY->fixed_array_map(),
                RelocInfo::EMBEDDED_OBJECT);
     __ cmpq(FieldOperand(tmp.reg(), HeapObject::kMapOffset),
             kScratchRegister);
     deferred->Branch(not_equal);
 
     // Check that the key is within bounds.  Both the key and the length of
     // the JSArray are smis (because the fixed array check above ensures the
     // elements are in fast case). Use unsigned comparison to handle negative
     // keys.
     __ SmiCompare(FieldOperand(receiver.reg(), JSArray::kLengthOffset),
                   key.reg());
     deferred->Branch(below_equal);
 
     // Store the value.
     SmiIndex index =
         masm()->SmiToIndex(kScratchRegister, key.reg(), kPointerSizeLog2);
     __ movq(FieldOperand(tmp.reg(),
                          index.reg,
                          index.scale,
                          FixedArray::kHeaderSize),
             result.reg());
-    __ IncrementCounter(&Counters::keyed_store_inline, 1);
+    __ IncrementCounter(COUNTERS->keyed_store_inline(), 1);
 
     deferred->BindExit();
   } else {
     result = frame()->CallKeyedStoreIC(strict_mode_flag());
     // Make sure that we do not have a test instruction after the
     // call.  A test instruction after the call is used to
     // indicate that we have generated an inline version of the
     // keyed store.
     __ nop();
   }
@@ skipping 262 matching lines @@
 }
 
 #endif
 
 
 #undef __
 
 } }  // namespace v8::internal
 
 #endif  // V8_TARGET_ARCH_X64