1. 15 Oct, 2018 1 commit
  2. 18 Sep, 2018 1 commit
    • Georg Neis's avatar
      [turbofan] Get rid of HeapObjectType-related heap reads. · 253c2469
      Georg Neis authored
      This removes the last unconditional read accesses to the heap, but
      required a significant refactoring.
      
      - Remove HeapObjectRef::type().
      - Change HeapObjectData::Is* testers to look at the instance type
        in HeapObjectData::map().
      
      - Remove ObjectRef::oddball_type()
      - Add MapRef::oddball_type()
      - Add MapRef::is_undetectable().
      - Add MapRef::is_callable().
      
      - Remove JSHeapBroker::HeapObjectTypeFromMap()
      - Remove Type::For(JSHeapBroker*, Handle<Map>)
      - Add BitsetType::Lub(MapRef).
      - Add Type::For(MapRef).
      - Add Type::For(HeapObjectType).
      
      - Add HeapObjectRef::GetHeapObjectType(). THIS IS TEMPORARY.
      
      As the last item suggests, I couldn't actually remove the
      HeapObjectType class yet. See the explanation in the code.
      
      Bug: v8:7790
      Change-Id: I508e4bd5337277b0050f2204392fc36f41032fe9
      Reviewed-on: https://chromium-review.googlesource.com/1228033Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
      Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
      Commit-Queue: Georg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#55994}
      253c2469
  3. 14 Sep, 2018 1 commit
  4. 16 Aug, 2018 1 commit
  5. 23 Jul, 2018 1 commit
  6. 17 Jul, 2018 1 commit
  7. 10 Jul, 2018 1 commit
  8. 26 Jun, 2018 1 commit
  9. 20 Jun, 2018 1 commit
  10. 18 Jun, 2018 1 commit
  11. 15 Jun, 2018 1 commit
  12. 05 Mar, 2018 2 commits
  13. 15 Dec, 2017 1 commit
    • Georg Neis's avatar
      [compiler] Don't assume a HeapConstant context input is a Context. · 649ab060
      Georg Neis authored
      In a generator containing loops, there are always certain control flow
      paths that are impossible, due to the way we represent generators at the
      bytecode level.  Unfortunately, the graph builder can't tell that these
      paths are impossible.  In combination with dead code, it can then happen
      that we build a subgraph (for unreachable code) whose incoming context
      is the undefined oddball.  JSContextSpecialization did not expect that.
      
      Bug: chromium:794822
      Change-Id: I259be5ae6c5f5adc8fca19c64bf71285ee922b7a
      Reviewed-on: https://chromium-review.googlesource.com/828954Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Commit-Queue: Georg Neis <neis@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#50129}
      649ab060
  14. 13 Sep, 2017 1 commit
  15. 07 Sep, 2017 1 commit
  16. 26 Jun, 2017 1 commit
  17. 04 May, 2017 1 commit
    • neis's avatar
      [compiler][modules] Constant-fold loads of module cells. · 24d78901
      neis authored
      1. Generalize context specialization such that the provided context
         can be any outer context of the function, not necessarily the
         immediate outer context.
      
      2. Based on this: if function specialization is disabled, then
         specialize for the module context if there is one.
      
      3. Extend typed lowering of module loads and stores such that if
         the operand is a Module constant, we constant-fold the cell load.
         That is, a JSLoadModule with a Module HeapConstant input becomes
         a LoadField with a Cell HeapConstant input, and similarly for
         JSStoreModule.
      
      BUG=v8:1569
      
      Review-Url: https://codereview.chromium.org/2841613002
      Cr-Commit-Position: refs/heads/master@{#45083}
      24d78901
  18. 31 Mar, 2017 1 commit
  19. 13 Jan, 2017 1 commit
    • neis's avatar
      [compiler] Generalize JSContextSpecialization. · fd8cebb1
      neis authored
      With this CL, context loads and stores are "strengthened" by reducing
      the incoming context chain and decreasing the depth accordingly,
      whenever possible.  This enables more opportunities for specialization
      and will let us easily add module context specialization later.
      
      BUG=
      
      Review-Url: https://codereview.chromium.org/2559173003
      Cr-Commit-Position: refs/heads/master@{#42334}
      fd8cebb1
  20. 30 Nov, 2016 1 commit
  21. 06 Jun, 2016 1 commit
  22. 16 Dec, 2015 1 commit
  23. 18 Nov, 2015 1 commit
    • bmeurer's avatar
      [turbofan] Decouple inlining and native context specialization. · 9b14e5bb
      bmeurer authored
      Retrieve the native context/global object from the Node being
      specialized in the JSNativeContextSpecialization and the
      JSGlobalObjectSpecialization classes. For this we introduce two
      new methods NodeProperties::GetSpecializationNativeContext and
      NodeProperties::GetSpecializationGlobalObject, which walk up
      the context chain and might in the end take the native context
      from the outermost activation (if native context specialization
      is enabled). This allows us to run the native context specialization
      pass as part of the inlining phase without hacking some of that into
      the JSInliner.
      
      Also refactor the NodeProperties::GetSpecializationContext method
      that was previously local to the JSContextSpecialization.
      
      Also refactor two other oddities in JSNativeContextSpecialization.
      
      R=jarin@chromium.org
      BUG=v8:4470, v8:4493
      LOG=n
      
      Review URL: https://codereview.chromium.org/1451143005
      
      Cr-Commit-Position: refs/heads/master@{#32076}
      9b14e5bb
  24. 07 Oct, 2015 3 commits
    • bmeurer's avatar
      [turbofan] Add initial support for global specialization. · e16dd13d
      bmeurer authored
      Introduce a new JSGlobalSpecialization advanced reducer that runs
      during the initial inlining and context specialization, and specializes
      the graph to the globals of the native context.  Currently we assume
      that we do not inline cross native context, but long-term we will grab
      the global object from the JSLoadGlobal/JSStoreGlobal feedback (with the
      new global load/store ICs that are currently in the workings), and then
      this whole specialization will be fully compositional even across
      cross-context inlining.
      
      Note that we cannot really handle most of the stores to global object
      property cells because TurboFan doesn't have a mechanism to enforce
      certain representations.  Also note that we cannot yet fully benefit
      from the type feedback collected on the global object property cells,
      because the type system cannot deal with maps in a reasonable way.
      
      CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
      R=jarin@chromium.org
      BUG=v8:4470
      LOG=n
      
      Committed: https://crrev.com/6fbf7903f94924ea066af481719898bd9667b6eb
      Cr-Commit-Position: refs/heads/master@{#31139}
      
      Review URL: https://codereview.chromium.org/1387393002
      
      Cr-Commit-Position: refs/heads/master@{#31148}
      e16dd13d
    • bmeurer's avatar
      Revert of [turbofan] Add initial support for global specialization. (patchset... · 84065c5f
      bmeurer authored
      Revert of [turbofan] Add initial support for global specialization. (patchset #4 id:60001 of https://codereview.chromium.org/1387393002/ )
      
      Reason for revert:
      Breaks GC stress: http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/1984/steps/Bisect%20c5528ac1.Retry/logs/regress-crbug-450960
      
      Original issue's description:
      > [turbofan] Add initial support for global specialization.
      >
      > Introduce a new JSGlobalSpecialization advanced reducer that runs
      > during the initial inlining and context specialization, and specializes
      > the graph to the globals of the native context.  Currently we assume
      > that we do not inline cross native context, but long-term we will grab
      > the global object from the JSLoadGlobal/JSStoreGlobal feedback (with the
      > new global load/store ICs that are currently in the workings), and then
      > this whole specialization will be fully compositional even across
      > cross-context inlining.
      >
      > Note that we cannot really handle most of the stores to global object
      > property cells because TurboFan doesn't have a mechanism to enforce
      > certain representations.  Also note that we cannot yet fully benefit
      > from the type feedback collected on the global object property cells,
      > because the type system cannot deal with maps in a reasonable way.
      >
      > CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
      > R=jarin@chromium.org
      > BUG=v8:4470
      > LOG=n
      >
      > Committed: https://crrev.com/6fbf7903f94924ea066af481719898bd9667b6eb
      > Cr-Commit-Position: refs/heads/master@{#31139}
      
      TBR=jarin@chromium.org
      NOPRESUBMIT=true
      NOTREECHECKS=true
      NOTRY=true
      BUG=v8:4470
      
      Review URL: https://codereview.chromium.org/1390073004
      
      Cr-Commit-Position: refs/heads/master@{#31144}
      84065c5f
    • bmeurer's avatar
      [turbofan] Add initial support for global specialization. · 6fbf7903
      bmeurer authored
      Introduce a new JSGlobalSpecialization advanced reducer that runs
      during the initial inlining and context specialization, and specializes
      the graph to the globals of the native context.  Currently we assume
      that we do not inline cross native context, but long-term we will grab
      the global object from the JSLoadGlobal/JSStoreGlobal feedback (with the
      new global load/store ICs that are currently in the workings), and then
      this whole specialization will be fully compositional even across
      cross-context inlining.
      
      Note that we cannot really handle most of the stores to global object
      property cells because TurboFan doesn't have a mechanism to enforce
      certain representations.  Also note that we cannot yet fully benefit
      from the type feedback collected on the global object property cells,
      because the type system cannot deal with maps in a reasonable way.
      
      CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
      R=jarin@chromium.org
      BUG=v8:4470
      LOG=n
      
      Review URL: https://codereview.chromium.org/1387393002
      
      Cr-Commit-Position: refs/heads/master@{#31139}
      6fbf7903
  25. 24 Sep, 2015 1 commit
    • mstarzinger's avatar
      [turbofan] Make Node::set_op safer via wrapper. · da9c42dd
      mstarzinger authored
      This introduces the NodeProperties::ChangeOp helper which guards node
      operator changes so that additional checking can be done without any
      additional dependencies being pulled into the Node class. For now only
      the input count is checked, but additional checking might follow.
      
      R=jarin@chromium.org
      
      Review URL: https://codereview.chromium.org/1366753003
      
      Cr-Commit-Position: refs/heads/master@{#30916}
      da9c42dd
  26. 01 Sep, 2015 1 commit
  27. 31 Aug, 2015 1 commit
    • mstarzinger's avatar
      [turbofan] Remove usage of Unique<T> from graph. · 6e65e6db
      mstarzinger authored
      The usage of Unique<T> throughout the TurboFan IR does not have any
      advantage. There is no single point in time when they are initialized
      and most use-sites looked through to the underlying Handle<T> anyways.
      Also there already was a mixture of Handle<T> versus Unique<T> in the
      graph and this unifies the situation to use Handle<T> everywhere.
      
      R=bmeurer@chromium.org,titzer@chromium.org
      
      Review URL: https://codereview.chromium.org/1314473007
      
      Cr-Commit-Position: refs/heads/master@{#30458}
      6e65e6db
  28. 13 Jul, 2015 1 commit
    • bmeurer's avatar
      [turbofan] Context specialization should only specialize loads/stores. · 443b071a
      bmeurer authored
      The JSContextSpecialization should only care about loads from the
      context and stores to the context, where the context is either a
      HeapConstant or the special context Parameter (and a context for the
      outer most function is provided). This way we don't eagerly embed
      arbitrary context constants for no benefit, but we still specialize the
      loads and store which we actually care about.
      
      R=mstarzinger@chromium.org
      
      Review URL: https://codereview.chromium.org/1227963005
      
      Cr-Commit-Position: refs/heads/master@{#29602}
      443b071a
  29. 06 Jul, 2015 1 commit
  30. 19 Jun, 2015 1 commit
  31. 08 Jun, 2015 1 commit
  32. 19 Feb, 2015 1 commit
  33. 11 Feb, 2015 2 commits
    • titzer's avatar
      Reduce the number of #includes of compiler.h. · 02fc74ea
      titzer authored
      R=mstarzinger@chromium.org
      BUG=
      
      Review URL: https://codereview.chromium.org/917583004
      
      Cr-Commit-Position: refs/heads/master@{#26589}
      02fc74ea
    • svenpanne's avatar
      Removed most of the bogus CompilationInfo constructor calls. · d1b5aa07
      svenpanne authored
      A CompilationInfo constructed from just an Isolate* and a Zone* is in
      weird an inconsistent state (calling e.g. flags() on it will crash),
      so we need to avoid them. This CL removes almost all of them, the
      remaining 2 call sites in (for testing only) will be handled in a
      separate CL. Things which have been changed:
      
        * Linkage is basically a decorator for CallDescriptor now.
      
        * ChangeLowering doesn't need Linkage at all.
      
        * JSGenericLowering doesn't need a full CompilationInfo*, just a
          single flag.
      
        * JSContextSpecializer doesn't need the full CompilationInfo, just a
          Context.
      
        * Removed unused CompilationInfo from SimplifiedLoweringTester.
      
      This nicely decouples things already a bit more, but there's still
      work to do...
      
      Review URL: https://codereview.chromium.org/899803003
      
      Cr-Commit-Position: refs/heads/master@{#26580}
      d1b5aa07
  34. 29 Jan, 2015 1 commit
  35. 26 Jan, 2015 1 commit
  36. 23 Dec, 2014 1 commit