1. 11 Jan, 2016 1 commit
  2. 20 Nov, 2015 1 commit
    • bmeurer's avatar
      [turbofan] Initial support for Array constructor specialization. · aeb41de0
      bmeurer authored
      Introduce a JSCreateArray operator that represents the Array
      constructor, and lower call and construct calls to the Array
      constructor to JSCreateArray. Currently we don't yet replace
      that with an inline allocation, but always use the specialized
      stubs for the Array constructor.
      
      This saves a lot of unnecessary deopts and elements transitions
      because now we can actually consume the allocation site feedback
      for the transitions.
      
      R=mstarzinger@chromium.org
      BUG=v8:4470
      LOG=n
      
      Review URL: https://codereview.chromium.org/1466643002
      
      Cr-Commit-Position: refs/heads/master@{#32145}
      aeb41de0
  3. 18 Nov, 2015 1 commit
    • bmeurer's avatar
      [turbofan] Decouple inlining and native context specialization. · 9b14e5bb
      bmeurer authored
      Retrieve the native context/global object from the Node being
      specialized in the JSNativeContextSpecialization and the
      JSGlobalObjectSpecialization classes. For this we introduce two
      new methods NodeProperties::GetSpecializationNativeContext and
      NodeProperties::GetSpecializationGlobalObject, which walk up
      the context chain and might in the end take the native context
      from the outermost activation (if native context specialization
      is enabled). This allows us to run the native context specialization
      pass as part of the inlining phase without hacking some of that into
      the JSInliner.
      
      Also refactor the NodeProperties::GetSpecializationContext method
      that was previously local to the JSContextSpecialization.
      
      Also refactor two other oddities in JSNativeContextSpecialization.
      
      R=jarin@chromium.org
      BUG=v8:4470, v8:4493
      LOG=n
      
      Review URL: https://codereview.chromium.org/1451143005
      
      Cr-Commit-Position: refs/heads/master@{#32076}
      9b14e5bb
  4. 17 Nov, 2015 1 commit
    • bmeurer's avatar
      [turbofan] Move JSCallFunction specialization to JSCallReducer. · e5edd66d
      bmeurer authored
      This is the first part to refactoring the JSNativeContextSpecialization
      class, which has grown way too big recently.
      
      Also don't collect cross context feedback for the CallIC in general.
      Neither TurboFan nor Crankshaft can make any use of cross context
      JSFunction feedback that is collected by the CallIC, so there's no
      point in gathering that feedback at all (it just complicates the
      checking that is necessary in the compilers). What we should do
      instead at some point (when Crankshaft becomes less important) is
      to collect the SharedFunctionInfo as feedback for those cases.
      
      R=yangguo@chromium.org
      BUG=v8:4470
      LOG=n
      
      Review URL: https://codereview.chromium.org/1451273002
      
      Cr-Commit-Position: refs/heads/master@{#32022}
      e5edd66d
  5. 30 Oct, 2015 2 commits
    • bmeurer's avatar
      [turbofan] Add support for storing to double fields. · 0df0e254
      bmeurer authored
      Adds new Guard[Type] common operator, which takes value and control
      inputs and records a guaranty that a certain value has a certain type
      in that control path.  This is some kind of ad-hoc SSI similar to what
      we have to do in Crankshaft in some places.
      
      Also introduces an ObjectIsNumber simplified operator, which checks
      whether a certain value is a number (either a Smi or a HeapNumber).
      
      This doesn't yet support transitioning stores to double fields, which
      require support for allocating mutable heap numbers.
      
      R=jarin@chromium.org
      BUG=v8:4470
      LOG=n
      
      Review URL: https://codereview.chromium.org/1420283009
      
      Cr-Commit-Position: refs/heads/master@{#31675}
      0df0e254
    • bmeurer's avatar
      [turbofan] Fix missing bailout point before calls. · 6040d5c0
      bmeurer authored
      In order to properly (lazy) bailout when converting the receiver for
      sloppy mode functions (using the newly added JSConvertReceiver
      operator), we need to have a bailout location right before every call
      (also right before every %_Call and %_CallFunction), otherwise if the
      JSConvertReceiver just reuses the lazy bailout frame state from the
      JSCallFunction node, it will skip the whole function in case of lazy
      bailout.
      
      Note it should be impossible to trigger this currently because we do not
      yet support AllocationSite code dependencies in TurboFan, which can
      trigger this kind of lazy bailout; therefore it's not possible to write
      a regression test (yet).
      
      R=yangguo@chromium.org
      BUG=v8:4493
      LOG=n
      
      Review URL: https://codereview.chromium.org/1425883004
      
      Cr-Commit-Position: refs/heads/master@{#31668}
      6040d5c0
  6. 26 Oct, 2015 1 commit
    • bmeurer's avatar
      [turbofan] Sanitize typing rules for function calls. · 3fbbfc38
      bmeurer authored
      Currently we (mostly) infer FunctionType for JSFunction constants, and
      match the FunctionType in the typing rule for JSCallFunction. This has
      several drawbacks for JavaScript, especially we don't have Constant
      types for global functions (i.e. String, Object, Reflect and friends).
      Plus the FunctionType magic doesn't actually buy us anything. So this
      changes the typing rule for HeapConstant constant to actually infer
      Constant types for JSFunction objects and moves the recognition of
      builtin functions to the typing rule for JSCallFunction.
      
      Also adapts the specialized lowering in JSTypedLowering to Constant
      functions instead of FunctionType, which has the additional advantage
      that we can do the receiver wrapping/converting based on the (known)
      SharedFunctionInfo.
      
      R=jarin@chromium.org
      
      Review URL: https://codereview.chromium.org/1420093005
      
      Cr-Commit-Position: refs/heads/master@{#31553}
      3fbbfc38
  7. 15 Oct, 2015 1 commit
  8. 28 Sep, 2015 1 commit
  9. 25 Sep, 2015 1 commit
    • jarin's avatar
      [turbofan] Check node input/use consistency for changed operators and new nodes. · 1c2867c0
      jarin authored
      Verifies consistency of node inputs and uses:
      - node inputs should agree with the input count computed from the node's operator.
      - effect inputs should have effect outputs (or be a sentinel).
      - control inputs should have control outputs (or be a sentinel).
      - frame state inputs should be frame states (or be a sentinel).
      - if the node has control uses, it should produce control.
      - if the node has effect uses, it should produce effect.
      - if the node has frame state uses, it must be a frame state.
      
      I also removed some tests, either because they did not seem to be useful (scheduler) or they tested dead functionality (diamond effect phi).
      
      Review URL: https://codereview.chromium.org/1368913002
      
      Cr-Commit-Position: refs/heads/master@{#30927}
      1c2867c0
  10. 24 Sep, 2015 1 commit
    • mstarzinger's avatar
      [turbofan] Make Node::set_op safer via wrapper. · da9c42dd
      mstarzinger authored
      This introduces the NodeProperties::ChangeOp helper which guards node
      operator changes so that additional checking can be done without any
      additional dependencies being pulled into the Node class. For now only
      the input count is checked, but additional checking might follow.
      
      R=jarin@chromium.org
      
      Review URL: https://codereview.chromium.org/1366753003
      
      Cr-Commit-Position: refs/heads/master@{#30916}
      da9c42dd
  11. 16 Sep, 2015 1 commit
  12. 10 Jun, 2015 1 commit
  13. 30 Apr, 2015 1 commit
    • svenpanne's avatar
      Detect simple tail calls · 4b122b75
      svenpanne authored
      This CL contains the first steps towards tail call optimization:
      
        * Structurally detect tail calls during instruction selection,
          looking for special return/call combinations.
      
        * Added new architecture-specific instructions for tail calls which
          jump instead of call and take care of frame adjustment.
      
        * Moved some code around.
      
      Currently we restrict tail calls to callees which only use registers
      for arguments/return value and to call sites which are explicitly
      marked as being OK for tail calls. This excludes, among other things,
      call sites in sloppy JS functions and our IC machinery (both need in
      general to be able to access the caller's frame).
      
      All this is behind a flag --turbo-tail-calls, which is currently off
      by default, so it can easily be toggled.
      
      Review URL: https://codereview.chromium.org/1108563002
      
      Cr-Commit-Position: refs/heads/master@{#28150}
      4b122b75
  14. 20 Apr, 2015 1 commit
  15. 26 Mar, 2015 1 commit
  16. 09 Mar, 2015 1 commit
  17. 04 Mar, 2015 1 commit
  18. 20 Feb, 2015 1 commit
  19. 18 Feb, 2015 1 commit
  20. 29 Jan, 2015 1 commit
  21. 16 Jan, 2015 1 commit
  22. 14 Jan, 2015 1 commit
  23. 03 Dec, 2014 3 commits
  24. 02 Dec, 2014 1 commit
    • danno's avatar
      Clean up node iteration · f6e5bc16
      danno authored
      - Create a first-class Edge type.
      - Separate node and edge iterators
      - Make iterators only responsible for iteration
      - Make it possible to modify the use edge iterator while iterating.
      - Add the ability to update inputs to Edges directly.
      
      Review URL: https://codereview.chromium.org/765983002
      
      Cr-Commit-Position: refs/heads/master@{#25616}
      f6e5bc16
  25. 15 Oct, 2014 1 commit
    • rossberg@chromium.org's avatar
      Better typing and type verification · 0e16150d
      rossberg@chromium.org authored
      - Extend verifier to check types of JS and Simplified nodes.
      - Untyped nodes now contain NULL as types, enforcing hard failure.
      - Typer immediately installs itself as a decorator; remove explicit decorator installation.
      - Decorator eagerly types all nodes that have typed inputs
        (subsumes typing of constant cache, removing its typing
        side-channel and various spurious dependencies on the typer).
      - Cut down typer interface to prevent inconsistently typed graphs.
      - Remove verification from start, since it caused too much trouble
        with semi-wellformed nodes.
      - Fix a couple of bugs on the way that got uncovered.
      
      To do: verifying machine operators. Also, various conditions in the
      verifier are currently commented out, because they don't yet hold.
      
      BUG=
      R=jarin@chromium.org,titzer@chromium.org
      
      Review URL: https://codereview.chromium.org/658543002
      
      git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
      0e16150d
  26. 18 Sep, 2014 1 commit
  27. 17 Sep, 2014 2 commits
  28. 26 Aug, 2014 1 commit
    • titzer@chromium.org's avatar
      Schedule floating control. · 6bbf6c5c
      titzer@chromium.org authored
      This CL makes several changes to the scheduling algorithm to handle control
      flow that is not connected to End. Such control nodes constitute "floating
      control islands" that must be linearized by the schedule. This is done
      by considering such nodes to be schedulable, and then editing the control
      dependencies after a first pass of scheduling. Then a subsequent pass of
      scheduling will place all nodes correctly into the fully connected graph.
      
      R=mstarzinger@chromium.org, rossberg@chromium.org
      BUG=
      
      Review URL: https://codereview.chromium.org/499363002
      
      git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23411 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
      6bbf6c5c
  29. 21 Aug, 2014 1 commit
  30. 20 Aug, 2014 1 commit
  31. 19 Aug, 2014 2 commits
  32. 12 Aug, 2014 2 commits
  33. 11 Aug, 2014 1 commit
  34. 07 Aug, 2014 1 commit