Port c019d7f498
Original commit message:
- Thread Type::FunctionType through stubs and the TF pipeline.
- Augment Typer to decorate parameter nodes with types from
a Type::FunctionType associated with interface descriptors.
- Factor interface descriptors into platform-specific and
platform-independent components so that all descriptors share
a common Type::FunctionType for all platforms.
R=danno@chromium.org, dstence@us.ibm.com, michael_dawson@ca.ibm.com
BUG=
Review URL: https://codereview.chromium.org/1206893002
Cr-Commit-Position: refs/heads/master@{#29257}
If we do not clear next links during serialization, the
serializer would simply follow those links and serialize
arbitrary objects held by weak cells. This breaks the
invariant in the code serializer, which crashes if it
sees context-dependent objects.
R=ulan@chromium.org
BUG=chromium:503552
LOG=Y
Review URL: https://codereview.chromium.org/1203973002
Cr-Commit-Position: refs/heads/master@{#29255}
This way we need the common types only once per process and we don't
need to recreate them for every compilation. It uses the same pattern
that we already apply to caching operators. This simplifies the type
cache a lot.
R=svenpanne@chromium.org
Review URL: https://codereview.chromium.org/1209513002
Cr-Commit-Position: refs/heads/master@{#29251}
This fixes a slight inconsistency in the InstructionSelector that
basically disabled the optimization for things like ObjectIsSmi.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1206773002
Cr-Commit-Position: refs/heads/master@{#29250}
The original implementation assumed that LPushArguments and
LInvoke/Call* could be assumed to be exclusively sequential. However,
this isn't always the case. For example, GenerateCallFunction pushes
some arguments and then selects between HInvokeFunction and
HCallFunction.
This fixed implementation resets a pushed_arguments_ counter based on
the argument_count() of the preceeding basic block, then tracks it
per-instruction as before (except that now we maintain a count rather
than a boolean flag).
At the same time, since we now track exactly how many arguments have
been pushed onto the stack, I was able to adjust the offset accordingly
and use jssp for stack slots even when arguments have been pushed.
BUG=
Review URL: https://codereview.chromium.org/1038363002
Cr-Commit-Position: refs/heads/master@{#29249}
- Thread Type::FunctionType through stubs and the TF pipeline.
- Augment Typer to decorate parameter nodes with types from
a Type::FunctionType associated with interface descriptors.
- Factor interface descriptors into platform-specific and
platform-independent components so that all descriptors share
a common Type::FunctionType for all platforms.
Review URL: https://codereview.chromium.org/1197703002
Cr-Commit-Position: refs/heads/master@{#29248}
SIMD values will require their own type code for conversion to boolean.
LOG=N
BUG=v8:4124
Review URL: https://codereview.chromium.org/1202973003
Cr-Commit-Position: refs/heads/master@{#29247}
We used to call toString as a method which is not safe.
BUG=v8:4225
LOG=Y
R=adamk, littledan
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng;tryserver.blink:linux_blink_rel
Review URL: https://codereview.chromium.org/1200033003
Cr-Commit-Position: refs/heads/master@{#29242}
Speculative revert in the hopes of fixing serializer crashes seen in canary.
This reverts commit c166945083, as well as
followup change "Do not look for existing shared function info when compiling a new script."
(commit 7c43967bb7).
BUG=chromium:503552,v8:4132
TBR=yangguo@chromium.org
LOG=n
Review URL: https://codereview.chromium.org/1207583002
Cr-Commit-Position: refs/heads/master@{#29241}
JSConstructStub for subclass constructors instead locates new.target in
a known location on the stack.
R=arv@chromium.org,adamk@chromium.org
BUG=v8:3886
LOG=N
Review URL: https://codereview.chromium.org/1196193014
Cr-Commit-Position: refs/heads/master@{#29238}
Map: get, set, has, delete, clear
Set: add, has, delete, clear
All except clear are implemented as calls into collection.js.
Note that some of these shadow methods of v8::Object. It's unclear
how confusing that's going to be: on the one hand, it seems likely
that most operations you would want to do on a Map or Set are these.
On the other, generic code could get confused if it somehow gets
ahold of a variable that happens to be C++-typed as a v8::Map or v8::Set.
BUG=v8:3340
LOG=y
Review URL: https://codereview.chromium.org/1204623002
Cr-Commit-Position: refs/heads/master@{#29237}
This is a precursor to using specialized LoadIC and StoreIC stubs for
global variable access. It also removes the need to keep track of the
global object in the type system, hence freeing up one bit.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1205473004
Cr-Commit-Position: refs/heads/master@{#29231}
ARM64's `fmin` and `fmax` instructions don't have the same behaviour as
TurboFan's Float(32|64)(Min|Max) functions.
BUG=4206
LOG=N
Review URL: https://codereview.chromium.org/1200123004
Cr-Commit-Position: refs/heads/master@{#29229}
This makes usage of the MachineOperatorBuilder more robust, as it will be
an error to request an unsupported operator.
Along the way, I noticed that all 7 platforms support Float32Abs and
Float64Abs. Should make them non-optional in another CL?
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1128133003
Cr-Commit-Position: refs/heads/master@{#29223}
Reason for revert:
Looks like this breaks Tests262.
Original issue's description:
> [turbofan] Run DeadCodeElimination together with the advanced reducers.
>
> This will immediately remove dead code from the graph once any of
> the advanced reducers inserts it. Also changes the GraphReducer to
> use the canonical Dead node for ReplaceWithValue.
>
> R=jarin@chromium.org
>
> Committed: https://crrev.com/88a40c5fb381924b1c0b2403dc582bceb2abe5da
> Cr-Commit-Position: refs/heads/master@{#29217}
TBR=jarin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review URL: https://codereview.chromium.org/1200983004
Cr-Commit-Position: refs/heads/master@{#29220}
Lowering of stores need the vector and slot if --vector-stores is true.
BUG=
Review URL: https://codereview.chromium.org/1193313002
Cr-Commit-Position: refs/heads/master@{#29219}
This will immediately remove dead code from the graph once any of
the advanced reducers inserts it. Also changes the GraphReducer to
use the canonical Dead node for ReplaceWithValue.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1206533002
Cr-Commit-Position: refs/heads/master@{#29217}
This also threads through the parameter count and local count to the instruction selector. This will be later used to allow merging of various StateValues vector (and prepare for differential encoding which will not distinguish between parameters, locals and expression stack).
BUG=
Review URL: https://codereview.chromium.org/1191243003
Cr-Commit-Position: refs/heads/master@{#29214}
port 2a3b057587 (r29175).
original commit message:
Built-in apply() performance benefits from an uninitialized IC.
BUG=
Review URL: https://codereview.chromium.org/1199913007
Cr-Commit-Position: refs/heads/master@{#29213}
port 17c8ffeaa3 (r29173)
original commit message:
Vector ICs: Turbofan vector store ic support
Turbofan needs to pass vector slots around for named and keyed stores.
Also, the CL addresses a missing slot for ClassLiterals.
BUG=
Review URL: https://codereview.chromium.org/1195793007
Cr-Commit-Position: refs/heads/master@{#29212}
