- 12 Apr, 2017 1 commit
-
-
bmeurer authored
The hole NaN should also have proper Type::Hole, and not silently hide in the Type::Number. This way we can remove all the special casing for the hole NaN, and we also finally get the CheckNumber right. This also allows us to remove some ducktape from the Deoptimizer, as for escape analyzed FixedDoubleArrays we always pass the hole value now to represent the actual holes. Also-By: jarin@chromium.org BUG=chromium:684208,chromium:709753,v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2814013003 Cr-Commit-Position: refs/heads/master@{#44603}
-
- 21 Mar, 2017 1 commit
-
-
bmeurer authored
For CheckBounds(index,length) we know that the length must be in Unsigned31 range. Thus there's no observable difference for index values in the range [-2^31,-1] and the range [2^31,2^32-1], both are considered out-of-bounds; also it's safe to truncate -0 to 0 wrt. CheckBounds. Thus we can safely pass Word32 truncation if the index is in Integral32 \/ MinusZero. Usually this generates the same code, but some index computations can benefit from the Word32 truncation and avoid going to double because the result would be outside the valid Signed32 or Unsigned32 ranges. R=jarin@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2760213003 Cr-Commit-Position: refs/heads/master@{#43969}
-
- 18 Feb, 2017 1 commit
-
-
vabr authored
Currently, typeof o, where o is an undetectable callable object (such as document.all), returns 'function' if optimised. It should, however, return 'undefined'. This CL excludes undetectable objects from the optimization resulting in type 'function' and renames the related code to reflect that. BUG=v8:5972 R=bmeurer@chromium.org Review-Url: https://codereview.chromium.org/2697063002 Cr-Commit-Position: refs/heads/master@{#43298}
-
- 14 Feb, 2017 1 commit
-
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43169} Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43176}
-
- 13 Feb, 2017 4 commits
-
-
franzih authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: Breaks Node integration build. Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,v8:5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Original-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43169} > Committed: https://chromium.googlesource.com/v8/v8/+/a9b59a11f1bfe069afabe5567f919727456f1f12 TBR=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,machenbach@chromium.org,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,v8:5948 Review-Url: https://codereview.chromium.org/2695653005 Cr-Commit-Position: refs/heads/master@{#43170}
-
bbudge authored
LOG=Y BUG=v8:4124,v8:5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org Review-Url: https://codereview.chromium.org/2684313003 Cr-Original-Commit-Position: refs/heads/master@{#43162} Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43169}
-
bradnelson authored
Revert of Remove SIMD.js from V8. (patchset #7 id:120001 of https://codereview.chromium.org/2684313003/ ) Reason for revert: red Original issue's description: > Remove SIMD.js from V8. > > LOG=Y > BUG=v8:4124,5948 > R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org > (notry since trybots can't patch directory deletes) > NOTRY=true > > Review-Url: https://codereview.chromium.org/2684313003 > Cr-Commit-Position: refs/heads/master@{#43162} > Committed: https://chromium.googlesource.com/v8/v8/+/d170c57ab996d00c4665a9d865bd5754a1806c6c TBR=bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org,bradnelson@google.com,bbudge@chromium.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=v8:4124,5948 Review-Url: https://codereview.chromium.org/2692933002 Cr-Commit-Position: refs/heads/master@{#43164}
-
bbudge authored
LOG=Y BUG=v8:4124,5948 R=bradnelson@chromium.org,bmeurer@chromium.org,jochen@chromium.org,hpayer@chromium.org,danno@chromium.org (notry since trybots can't patch directory deletes) NOTRY=true Review-Url: https://codereview.chromium.org/2684313003 Cr-Commit-Position: refs/heads/master@{#43162}
-
- 09 Feb, 2017 1 commit
-
-
bmeurer authored
Since the empty string is canonical HeapObject now, we can use this fact to optimize - strict equality comparisons with the empty string to a simple ReferenceEqual operation, and - optimize ToBoolean to avoid instance type checks completely. Drive-by-fix: Allow InternalizedString for Type::HeapConstant in the type system. This is safe, since InternalizedStrings can be compared to other heap constants by reference (except for non-InternalizedStrings, which are excluded from the HeapConstant type). BUG=v8:5267 R=yangguo@chromium.org Review-Url: https://codereview.chromium.org/2681273002 Cr-Commit-Position: refs/heads/master@{#43050}
-
- 20 Jan, 2017 1 commit
-
-
bmeurer authored
The %_ClassOf intrinsic roughly corresponds to the deprecated ES5 [[Class]] internal property, and should not be used anymore ideally. However since we still have quite a couple of uses of this intrinsic in the self hosted JavaScript builtins, we would tank some builtins like Map, Set, WeakMap, WeakSet, etc. quite significantly unless we also support this intrinsic until the builtins are all migrated to C++/CSA builtins. R=yangguo@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2647833004 Cr-Commit-Position: refs/heads/master@{#42530}
-
- 19 Jan, 2017 1 commit
-
-
bmeurer authored
Especially support constant-folding typeof for detectable and undetectable receivers. BUG=v8:5267,v8:5270 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2646743002 Cr-Commit-Position: refs/heads/master@{#42494}
-
- 09 Jan, 2017 1 commit
-
-
bmeurer authored
If one input to JSStrictEqual/JSNotStrictEqual is Unique (except InternalizedString) or the hole, then we can turn that into a direct pointer comparison, as such values are only equal to exactly the same unique value. BUG=v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2611363002 Cr-Commit-Position: refs/heads/master@{#42122}
-
- 22 Dec, 2016 1 commit
-
-
bmeurer authored
Also support inlining the builtins String.prototype.charCodeAt and String.prototype.charAt if the index type is not statically known to be in the Unsigned32 range, but in anything in Integral32 plus minus zero and NaN. R=yangguo@chromium.org Review-Url: https://codereview.chromium.org/2597913002 Cr-Commit-Position: refs/heads/master@{#41913}
-
- 29 Nov, 2016 1 commit
-
-
bmeurer authored
This introduces three new types OtherCallable, CallableProxy (and OtherProxy), and BoundFunction to make it possible to express Callable in the Type system. It also forces all undetectable receivers to be Callable, which matches the use case for undetectable, namely document.all (guarded by proper checks and tests). It also uses these new types to properly optimize instanceof (indirectly via OrdinaryHasInstance) based on the type of the constructor and the object. So we are able to constant-fold certain instanceof expressions based on types and completely avoid the builtin call. R=jarin@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2535753004 Cr-Commit-Position: refs/heads/master@{#41345}
-
- 24 Nov, 2016 1 commit
-
-
bmeurer authored
Also lower JSToBoolean(x) where x is either some detectable receiver or null, or any kind of receiver, null or undefined. Also fix a couple of minor issues with the JSToBoolean lowering and tests. R=yangguo@chromium.org BUG=v8:5267 Review-Url: https://codereview.chromium.org/2530773002 Cr-Commit-Position: refs/heads/master@{#41241}
-
- 14 Nov, 2016 1 commit
-
-
caitp authored
Adds a protector cell to prevent inlining (which will likely lead to deopt loops) when a JSArrayIterator's array transitions from a fast JSArray to a slow JSArray (such as, when the array is touched during iteration in a way which triggers a map transition). Also adds TODO comments relating to the spec update proposed by Dan at https://github.com/tc39/ecma262/pull/724 BUG=v8:5388 R=bmeurer@chromium.org, mstarzinger@chromium.org TBR=hpayer@chromium.org, ulan@chromium.org Review-Url: https://codereview.chromium.org/2484003002 Cr-Commit-Position: refs/heads/master@{#40970}
-
- 11 Nov, 2016 1 commit
-
-
bmeurer authored
This adds a new ExternalPointer type, which is an Internal type that is used for ExternalReferences and other pointer values, like the pointers into the asm.js heap. It also adds a PointerConstant operator, which we use to represents these raw constants (we can probably remove that particular operator again once WebAssembly ships with the validator). R=mvstanton@chromium.org BUG=v8:5267,v8:5270 Review-Url: https://codereview.chromium.org/2494753003 Cr-Commit-Position: refs/heads/master@{#40923}
-
- 17 Oct, 2016 1 commit
-
-
jochen authored
R=machenbach@chromium.org,titzer@chromium.org,bmeurer@chromium.org,jgruber@chromium.org BUG= CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_win_dbg,v8_mac_dbg;master.tryserver.chromium.android:android_arm64_dbg_recipe Review-Url: https://codereview.chromium.org/2416243002 Cr-Commit-Position: refs/heads/master@{#40350}
-
- 08 Oct, 2016 1 commit
-
-
mvstanton authored
And not by pointer address. BUG= Review-Url: https://codereview.chromium.org/2390823011 Cr-Commit-Position: refs/heads/master@{#40106}
-
- 06 Oct, 2016 1 commit
-
-
mvstanton authored
With this CL, we devolve all Constants introduced as they are with an object handle into * Range - for integers * Nan * MinusZero * OtherNumberConstant - for doubles * HeapConstant We reduce the amount we have to inspect an object handle during optimization. Also, simplifications result. For example, you never have to check if a Range contains a HeapConstant. BUG= Review-Url: https://codereview.chromium.org/2381523002 Cr-Commit-Position: refs/heads/master@{#40041}
-
- 28 Sep, 2016 1 commit
-
-
mvstanton authored
Cleanup. BUG= Review-Url: https://codereview.chromium.org/2379573002 Cr-Commit-Position: refs/heads/master@{#39830}
-
- 27 Sep, 2016 1 commit
-
-
mvstanton authored
Adding this back in because it's not part of the stability issue. BUG=chromium:649967 TBR=jarin@chromium.org Review-Url: https://codereview.chromium.org/2365373004 Cr-Commit-Position: refs/heads/master@{#39761}
-
- 26 Sep, 2016 2 commits
-
-
mvstanton authored
Reverted for stability reasons. BUG=chromium:649967 TBR=jarin@chromium.org Review-Url: https://codereview.chromium.org/2370763002 Cr-Commit-Position: refs/heads/master@{#39720}
-
mvstanton authored
Reverted for stability reasons. BUG=chromium:649967 TBR=jarin@chromium.org Review-Url: https://codereview.chromium.org/2366313002 Cr-Commit-Position: refs/heads/master@{#39716}
-
- 23 Sep, 2016 1 commit
-
-
mvstanton authored
BUG= Review-Url: https://codereview.chromium.org/2366433003 Cr-Commit-Position: refs/heads/master@{#39666}
-
- 22 Sep, 2016 1 commit
-
-
mvstanton authored
BUG= Review-Url: https://codereview.chromium.org/2359153002 Cr-Commit-Position: refs/heads/master@{#39641}
-
- 12 Sep, 2016 1 commit
-
-
mstarzinger authored
R=mvstanton@chromium.org Review-Url: https://codereview.chromium.org/2326493002 Cr-Commit-Position: refs/heads/master@{#39334}
-
- 05 Sep, 2016 4 commits
-
-
mvstanton authored
BUG= Review-Url: https://codereview.chromium.org/2309823002 Cr-Commit-Position: refs/heads/master@{#39181}
-
bmeurer authored
We used to have Array types for typed arrays in asm.js at some point, but had to change that quite some time ago already. And Function types were mostly used for the CallInterfaceDescriptor (and the code-stub.js experiment), but are also unusedn nowadays. R=mvstanton@chromium.org BUG=v8:5267,v8:5270 Review-Url: https://codereview.chromium.org/2310923002 Cr-Commit-Position: refs/heads/master@{#39168}
-
bmeurer authored
Those have been effectively unused for quite a while now, and we don't see any use in having them around. Actually it'd be way more consistent and simpler to just use OtherInternal as type for contexts instead. R=mvstanton@chromium.org BUG=v8:5267,v8:5270 Review-Url: https://codereview.chromium.org/2305383002 Cr-Commit-Position: refs/heads/master@{#39166}
-
bmeurer authored
There are no users of class types left inside TurboFan, so we can nuke them and thereby simplify the type system quite a bit. R=mvstanton@chromium.org BUG=v8:5267,v8:5270 Review-Url: https://codereview.chromium.org/2309753002 Cr-Commit-Position: refs/heads/master@{#39152}
-
- 02 Sep, 2016 1 commit
-
-
mvstanton authored
Our Type class has a semantic and representational dimension. Much code in src/ast, Crankshaft and Turbofan is based on it. Going forward in Turbofan we'd like to remove representational information entirely. To that end, new type AstType has been created to preserve existing behavior for the benefit of Crankshaft and the AST. BUG= Review-Url: https://codereview.chromium.org/2302283002 Cr-Commit-Position: refs/heads/master@{#39135}
-
- 31 Aug, 2016 1 commit
-
-
bmeurer authored
We (mis)used Type::Class to track stable field maps in the past. But that always more or less unsupport and wrong for various reasons, mostly because the class types do not really present static information and thus it is possible to violate fundamental assumptions of the type system (i.e. intersecting class types and other types produces "interesting" results). Now it is possible to finally nuke the class types completely and thus simplify (and ideally correctify) the type system further. Note to performance sheriff: We do expect to see some performance regressions from this change. This is because we do not yet have a sane replacement mechanism to track known field maps and utilize them during LoadElimination. This will be accomplished in a follow up CL. BUG=v8:5270,v8:5267 R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2293343002 Cr-Commit-Position: refs/heads/master@{#39031}
-
- 17 Aug, 2016 1 commit
-
-
mstarzinger authored
This removes the representation axis from the type of {Load/StoreField} operators representing a property load/store. The representation would be narrowed to {None} which causes problems for all places where we use the type to reason about the value representation. Instead we should fully switch to {MachineRepresentation}. This is just a stop-gap fix. R=jarin@chromium.org BUG=chromium:636716 Review-Url: https://codereview.chromium.org/2255533003 Cr-Commit-Position: refs/heads/master@{#38678}
-
- 10 Aug, 2016 1 commit
-
-
bmeurer authored
Separate ConvertTaggedHoleToUndefined and CheckTaggedHole into two separate operators, where the former is pure and just turns into trivial control flow in the EffectControlLinearizer. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2236443004 Cr-Commit-Position: refs/heads/master@{#38559}
-
- 03 Aug, 2016 2 commits
-
-
bmeurer authored
Move all the typing rules for unary and binary number operations to the OperationTyper and use them for both the regular Typer as well as the retyper that runs as part of SimplifiedLowering. R=epertoso@chromium.org Review-Url: https://codereview.chromium.org/2202883005 Cr-Commit-Position: refs/heads/master@{#38283}
-
bmeurer authored
Infer a more precise type even in case where NaN and/or -0 is a possible outcome of the operation, and use this more precise type to improve code generation for the modulus itself by trying harder to stick to Word32 operations instead of going to Float64, and also optimize the pattern where we compare the output of x % y to some non-zero integer constant K, in which case we can truncate the output of x % y to Word32 if the type of x % y is Signed32/Unsigned32 \/ NaN \/ MinusZero, as NaN and MinusZero will both be truncated to zero, which cannot match the non zero constant K. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2202413002 Cr-Commit-Position: refs/heads/master@{#38267}
-
- 15 Jun, 2016 2 commits
-
-
bmeurer authored
These simplified operators are used to perform the hole checks when loading elements from a holey array. Depending on the CheckHoleMode, they either return the hole as undefined or some NaN, or deoptimize if the value is the hole or the hole NaN. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2066223002 Cr-Commit-Position: refs/heads/master@{#37001}
-
bmeurer authored
Now that we have the PlainPrimitiveToNumber operator(s), we can unify all the places where we expect a number, but can also safely handle any plain-primitive (via ToNumber truncation). Drive-by-fix: Also handle Math.min consistently with Math.max. R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2064953004 Cr-Commit-Position: refs/heads/master@{#36984}
-
- 01 Jun, 2016 1 commit
-
-
bmeurer authored
R=jarin@chromium.org Review-Url: https://codereview.chromium.org/2024853002 Cr-Commit-Position: refs/heads/master@{#36627}
-