The RawMachineAssembler will be used to build the interpreter, so it needs
to move back to src/compiler.
This reverts commit b5b00cc031.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1221303014
Cr-Commit-Position: refs/heads/master@{#29519}
We have to reland these two commits at once, because the first breaks
some asm.js benchmarks without the second. The change was reverted
because of bogus checks in the verifier, which will not work in the
presence of OSR (and where hidden because of the type back propagation
hack in OSR so far). Original messages are below:
[turbofan] Add new JSFrameSpecialization reducer.
The JSFrameSpecialization specializes an OSR graph to the current
unoptimized frame on which we will perform the on-stack replacement.
This is used for asm.js functions, where we cannot reuse the OSR
code object anyway because of context specialization, and so we could as
well specialize to the max instead.
It works by replacing all OsrValues in the graph with their values
in the JavaScriptFrame.
The idea is that using this trick we get better performance without
doing the unsound backpropagation of types to OsrValues later. This
is the first step towards fixing OSR for TurboFan.
[turbofan] Perform OSR deconstruction early and remove type propagation.
This way we don't have to deal with dead pre-OSR code in the graph
and risk optimizing the wrong code, especially we don't make
optimistic assumptions in the dead code that leaks into the OSR code
(i.e. deopt guards are in dead code, but the types propagate to OSR
code via the OsrValue type back propagation).
BUG=v8:4273
LOG=n
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1226673005
Cr-Commit-Position: refs/heads/master@{#29486}
The JSFrameSpecialization specializes an OSR graph to the current
unoptimized frame on which we will perform the on-stack replacement.
This is used for asm.js functions, where we cannot reuse the OSR code
object anyway because of context specialization, and so we could as well
specialize to the max instead.
It works by replacing all OsrValues in the graph with their values in
the JavaScriptFrame.
The idea is that using this trick we get better performance without
doing the unsound backpropagation of types to OsrValues later. This is
the first step towards fixing OSR for TurboFan.
R=jarin@chromium.org
BUG=v8:4273
LOG=n
Review URL: https://codereview.chromium.org/1225683004
Cr-Commit-Position: refs/heads/master@{#29476}
Conditionally including Array and TypedArray methods seems to cause
a slowdown in V8 context creation, possibly due to the new code added.
BUG=chromium:504629
R=adamk@chromium.org
LOG=Y
Review URL: https://codereview.chromium.org/1215863003
Cr-Commit-Position: refs/heads/master@{#29430}
Separated core greedy allocator concepts, exposing the APIs we would want to continue working with. In particular, this change completely reworks CoalescedLiveRanges to reflect the fact that we expect more than one possible conflict, scrapping the initial design of the structure. Since this is a critical part of the design, this change may be thought of as a full rewrite of the algorithm.
Reduced all heuristics to just 2 essential ones: split "somewhere", which we'll still need when all other heuristics fail; and spill.
Introduced a simple primitive for splitting - at GapPosition::START. The goal is to use such primitives to quickly and reliably author heuristics.
I expected this primitive to "just work" for any arbitrary instruction index within a live range - e.g. its middle. That's not the case, it seems to upset execution in certain scenarios. Restricting to either before/after use positions seems to work. I'm still investigating what the source of failures is in the case of "arbitrary instruction in the range" case.
I intended to document the rationale and prove the soundness of always using START for splits, but I will postpone to after this last remaining issue is resolved.
Review URL: https://codereview.chromium.org/1205173002
Cr-Commit-Position: refs/heads/master@{#29352}
The three different concerns that the ControlReducer used to deal with
are now properly separated into
a.) DeadCodeElimination, which is a regular AdvancedReducer, that
propagates Dead via control edges,
b.) CommonOperatorReducer, which does strength reduction on common
operators (i.e. Branch, Phi, and friends), and
c.) GraphTrimming, which removes dead->live edges from the graph.
This will make it possible to run the DeadCodeElimination together with
other passes that actually introduce Dead nodes, i.e. typed lowering;
and it opens the door for general inlining without two stage fix point
iteration.
To make the DeadCodeElimination easier and more uniform, we basically
reverted the introduction of DeadValue and DeadEffect, and changed the
Dead operator to produce control, value and effect. Note however that
this is not a requirement, but merely a way to make dead propagation
easier and more uniform. We could always go back and decide to have
different Dead operators if some other change requires that.
Note that there are several additional opportunities for cleanup now,
i.e. OSR deconstruction could be a regular reducer now, and we don't
need to use TheHole as dead value marker in the GraphReducer. And we can
actually run the dead code elimination together with the other passes
instead of using separate passes over the graph. We will do this in
follow up CLs.
R=jarin@chromium.org, mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1193833002
Cr-Commit-Position: refs/heads/master@{#29146}
Up until now that was still mixed with control reduction in the
ControlReducer. This separation allows us to remove the horrible
Reducer::Finish hack and also do graph trimming at more appropriate
places in the pipeline (i.e. trim dead nodes after generic lowering,
which can also make nodes dead).
R=jarin@chromium.org,mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1188433010
Cr-Commit-Position: refs/heads/master@{#29077}
Opportunistically removed GreedyAllocator::TryReuseSpillForPhi because it is actually unsuitable for Greedy. It was copied from Linear and it relies on hints, however, the current implementation of hints assumes linear scan.
This change doesn't aim to address performance nor correctness for Greedy.
BUG=
Review URL: https://codereview.chromium.org/1184183002
Cr-Commit-Position: refs/heads/master@{#29054}
Pushed the detection logic down to ParseAndClassifyIdentifier in
preparation to having patterns in parameter positions.
R=arv@chromium.org,rossberg@chromium.org,wingo@igalia.com
BUG=v8:811
LOG=N
Review URL: https://codereview.chromium.org/1170153003
Cr-Commit-Position: refs/heads/master@{#28876}
This was already public in a non-component build. This means that targets
dependent on the "v8" target can take the results of the snapshot as inputs.
This also renames the component mode checking from keying off of the
component_mode string to checking the is_component_build flag, which is now the
recommended way to do this check.
Review URL: https://codereview.chromium.org/1167223002
Cr-Commit-Position: refs/heads/master@{#28856}
In a nutshell: The FILTER_KEY builtin is gone, and was replaced by a
simple runtime call to ForInFilter, which does everything and is even
cheaper (because FILTER_KEY used to call into the runtime anyway).
And ForInFilter returns either the name or undefined, which makes it
possible to remove the control flow construction from the AstGraphBuilder,
and thereby make both the initialization and the per-loop code of for-in
optimizable later (in typed lowering).
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1160983004
Cr-Commit-Position: refs/heads/master@{#28711}
The SimplifiedOperatorReducer is (mostly) unused, except for the very
rough store elimination, and just eats compilation time.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1162563002
Cr-Commit-Position: refs/heads/master@{#28673}
This adds a new external type (v8::SharedArrayBuffer) that uses a JSArrayBuffer
under the hood. It can be distinguished from an ArrayBuffer by the newly-added
is_shared() bit.
Currently there is no difference in functionality between a SharedArrayBuffer
and an ArrayBuffer. However, a future CL will add the Atomics API, which is
only available on an SharedArrayBuffer. All non-atomic accesses are identical
to ArrayBuffer accesses.
LOG=N
BUG=
Review URL: https://codereview.chromium.org/1136553006
Cr-Commit-Position: refs/heads/master@{#28594}
Reason for revert:
breaks build
Original issue's description:
> Implement SharedArrayBuffer.
>
> This adds a new external type (v8::SharedArrayBuffer) that uses a JSArrayBuffer under the hood. It can be distinguished from an ArrayBuffer by the newly-added is_shared() bit.
>
> Currently there is no difference in functionality between a SharedArrayBuffer and an ArrayBuffer. However, a future CL will add the Atomics API, which is only available on an SharedArrayBuffer. All non-atomic accesses are identical to ArrayBuffer accesses.
>
> BUG=
>
> Committed: https://crrev.com/57170bff7baf341c666252a7f6a49e9c08d51263
> Cr-Commit-Position: refs/heads/master@{#28588}
TBR=jarin@chromium.org,jochen@chromium.org,binji@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1149203003
Cr-Commit-Position: refs/heads/master@{#28589}
This adds a new external type (v8::SharedArrayBuffer) that uses a JSArrayBuffer under the hood. It can be distinguished from an ArrayBuffer by the newly-added is_shared() bit.
Currently there is no difference in functionality between a SharedArrayBuffer and an ArrayBuffer. However, a future CL will add the Atomics API, which is only available on an SharedArrayBuffer. All non-atomic accesses are identical to ArrayBuffer accesses.
BUG=
Review URL: https://codereview.chromium.org/1136553006
Cr-Commit-Position: refs/heads/master@{#28588}
Adds a chain of public dependencies from the v8 target to the snapshot target.
A future version of GN will validate that any files taken as inputs to a step
were generated by public dependencies of that target. Some targets in Chrome
depend on the results of the snapshot.
Review URL: https://codereview.chromium.org/1138953007
Cr-Commit-Position: refs/heads/master@{#28478}
All the builtin iterators as well as the generator objects have an
object called %IteratorPrototype% in the spec between them and
%ObjectPrototype%.
BUG=v8:3568
LOG=N
Review URL: https://codereview.chromium.org/1128233008
Cr-Commit-Position: refs/heads/master@{#28426}
This patch:
- Refactors Parser::ParseVariableDeclarations
- Introduces Parser::PatternMatcher class
- Implements matching a single variable pattern
- Implements rudimentary matching against object literal pattern
as a proof of concept
R=arv@chromium.org,rossberg@chromium.org
BUG=v8:811
LOG=N
Review URL: https://codereview.chromium.org/1130623004
Cr-Commit-Position: refs/heads/master@{#28345}
Instead of making them an extra option that gets passed in and compiled
at the end of the natives file for a given run of js2c, we now make them a
separate run of js2c with a separate natives file output.
This natives file output is then compiled in the bootstrapper. It is not part
of the snapshot (yet), but instead is treated similar to the experimental
natives, just without any of the complexity that comes from tieing the
behavior to flags. We also don't need counterparts to
InitializeExperimentalGlobal and InstallExperimentalNativeFunctions (yet?).
This fixes the issue with https://codereview.chromium.org/1129743003 by making
the dummy file that is generated for snapshots with no extras (or no experimental
features) nonempty.
R=yangguo@chromium.org, jochen@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1130993003
Cr-Commit-Position: refs/heads/master@{#28311}
Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8-Blink%20Linux%2064%20%28dbg%29/builds/2745
Original issue's description:
> Make V8 extras a separate type of native
>
> Instead of making them an extra option that gets passed in and compiled
> at the end of the natives file for a given run of js2c, we now make them a
> separate run of js2c with a separate natives file output.
>
> This natives file output is then compiled in the bootstrapper. It is not part
> of the snapshot (yet), but instead is treated similar to the experimental
> natives, just without any of the complexity that comes from tieing the
> behavior to flags. We also don't add counterparts to
> InitializeExperimentalGlobal and InstallExperimentalNativeFunctions, yet.
>
> R=yangguo@chromium.org, jochen@chromium.org
> BUG=
>
> Committed: https://crrev.com/c93aff4ac63ad9ffb6318e750335208de32b7902
> Cr-Commit-Position: refs/heads/master@{#28296}
TBR=jochen@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1131903002
Cr-Commit-Position: refs/heads/master@{#28299}
Instead of making them an extra option that gets passed in and compiled
at the end of the natives file for a given run of js2c, we now make them a
separate run of js2c with a separate natives file output.
This natives file output is then compiled in the bootstrapper. It is not part
of the snapshot (yet), but instead is treated similar to the experimental
natives, just without any of the complexity that comes from tieing the
behavior to flags. We also don't add counterparts to
InitializeExperimentalGlobal and InstallExperimentalNativeFunctions, yet.
R=yangguo@chromium.org, jochen@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1129743003
Cr-Commit-Position: refs/heads/master@{#28296}
As part of the migration from GYP->GN, we want to make sure that we
can track when new targets are added to either the GYP or GN builds
and that we are building everything we expect to build.
In GN, unlike GYP, if a build file gets referenced from other files,
building 'all' will cause every target to be built in it. This means in
particular, that we can end up trying to build targets that are not
necessarily intended to be visible to the rest of the build. To get
around this, any target that is defined but hidden (like 'v8_snapshot',
in V8's case) should still be visible to a top-level target called
"//:gn_visibility".
R=brettw@chromium.org, machenbach@chromium.org
BUG=461019
LOG=N
Review URL: https://codereview.chromium.org/1120093005
Cr-Commit-Position: refs/heads/master@{#28243}
Tail calls are matched on the graph, with a dedicated tail call
optimization that is actually testable. The instruction selection can
still fall back to a regular if the platform constraints don't allow to
emit a tail call (i.e. the return locations of caller and callee differ
or the callee takes non-register parameters, which is a restriction that
will be removed in the future).
Also explicitly limit tail call optimization to stubs for now and drop
the global flag.
BUG=v8:4076
LOG=n
Review URL: https://codereview.chromium.org/1114163005
Cr-Commit-Position: refs/heads/master@{#28219}
Split interface and implementation of ControlEquivalence and add a
dedicated trace flag --trace-turbo-ceq to make it reusable outside the
scheduler.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1056093005
Cr-Commit-Position: refs/heads/master@{#27862}
This fixes the d8 target which previously was getting both USING_V8_SHARED
and BUILDING_V8_SHARED defined at the same time.
Renames direct_dependent_configs to public_configs (new name, same thing).
Review URL: https://codereview.chromium.org/1065403002
Cr-Commit-Position: refs/heads/master@{#27713}
This commit is to fix the linking error:
../../v8/src/base/platform/platform-posix.cc:418: error: undefined reference to '__android_log_vprint'
Review URL: https://codereview.chromium.org/1037193003
Cr-Commit-Position: refs/heads/master@{#27559}
The libdl library is already included on target builds of Android and needs
to be added to the build command line with a particular order to avoid
undefined references in other libraries. Fix this by only explicitly including
it in host builds and relying on the implicit inclusion on target builds.
Also remove the librt hack which is not longer necessary due to the AOSP build
bot having been removed.
BUG=chromium:469973
LOG=Y
Review URL: https://codereview.chromium.org/1036133005
Cr-Commit-Position: refs/heads/master@{#27535}
Define V8_TARGET_ARCH_MIPS or V8_TARGET_ARCH_MIPS64 if the target
arch is mipsel or mips64el.
R=dpranke@chromium.org,jochen@chromium.org,machenbach@chromium.org
BUG=v8:3972
LOG=N
Review URL: https://codereview.chromium.org/1016923002
Cr-Commit-Position: refs/heads/master@{#27249}
This change introduces a liveness analyzer for local variables in frame states.
The main idea is to use the AstGraphBuilder::Environment class to build the control flow graph, and record local variable loads, stores and checkpoints in the CFG basic blocks (LivenessAnalyzerBlock class).
After the graph building finishes, we run a simple data flow analysis over the CFG to figure out liveness of each local variable at each checkpoint. Finally, we run a pass over all the checkpoints and replace dead local variables in the frame states with the 'undefined' value.
Performance numbers for Embenchen are below.
----------- box2d.js
Current --turbo-deoptimization: EmbenchenBox2d(RunTime): 11265 ms.
d8-master --turbo-deoptimization: EmbenchenBox2d(RunTime): 11768 ms.
d8-master: EmbenchenBox2d(RunTime): 10996 ms.
----------- bullet.js
Current --turbo-deoptimization: EmbenchenBullet(RunTime): 17049 ms.
d8-master --turbo-deoptimization: EmbenchenBullet(RunTime): 17384 ms.
d8-master: EmbenchenBullet(RunTime): 16153 ms.
----------- copy.js
Current --turbo-deoptimization: EmbenchenCopy(RunTime): 4877 ms.
d8-master --turbo-deoptimization: EmbenchenCopy(RunTime): 4938 ms.
d8-master: EmbenchenCopy(RunTime): 4940 ms.
----------- corrections.js
Current --turbo-deoptimization: EmbenchenCorrections(RunTime): 7068 ms.
d8-master --turbo-deoptimization: EmbenchenCorrections(RunTime): 6718 ms.
d8-master: EmbenchenCorrections(RunTime): 6858 ms.
----------- fannkuch.js
Current --turbo-deoptimization: EmbenchenFannkuch(RunTime): 4167 ms.
d8-master --turbo-deoptimization: EmbenchenFannkuch(RunTime): 4608 ms.
d8-master: EmbenchenFannkuch(RunTime): 4149 ms.
----------- fasta.js
Current --turbo-deoptimization: EmbenchenFasta(RunTime): 9981 ms.
d8-master --turbo-deoptimization: EmbenchenFasta(RunTime): 9848 ms.
d8-master: EmbenchenFasta(RunTime): 9640 ms.
----------- lua_binarytrees.js
Current --turbo-deoptimization: EmbenchenLuaBinaryTrees(RunTime): 11571 ms.
d8-master --turbo-deoptimization: EmbenchenLuaBinaryTrees(RunTime): 13089 ms.
d8-master: EmbenchenLuaBinaryTrees(RunTime): 10957 ms.
----------- memops.js
Current --turbo-deoptimization: EmbenchenMemOps(RunTime): 7766 ms.
d8-master --turbo-deoptimization: EmbenchenMemOps(RunTime): 7346 ms.
d8-master: EmbenchenMemOps(RunTime): 7738 ms.
----------- primes.js
Current --turbo-deoptimization: EmbenchenPrimes(RunTime): 7459 ms.
d8-master --turbo-deoptimization: EmbenchenPrimes(RunTime): 7453 ms.
d8-master: EmbenchenPrimes(RunTime): 7451 ms.
----------- skinning.js
Current --turbo-deoptimization: EmbenchenSkinning(RunTime): 15564 ms.
d8-master --turbo-deoptimization: EmbenchenSkinning(RunTime): 15611 ms.
d8-master: EmbenchenSkinning(RunTime): 15583 ms.
----------- zlib.js
Current --turbo-deoptimization: EmbenchenZLib(RunTime): 10825 ms.
d8-master --turbo-deoptimization: EmbenchenZLib(RunTime): 11180 ms.
d8-master: EmbenchenZLib(RunTime): 10823 ms.
BUG=
Review URL: https://codereview.chromium.org/949743002
Cr-Commit-Position: refs/heads/master@{#27232}
Instead of the current approach of storing flat vectors in frame states (and possibly reusing the last vector in AST graph builder), this change list builds a tree for the values and tries to reuse the nodes for different frame states. At the moment, we only use this for the local variable part of frame state, but nothing prevents us from using this for all parts.
This change provides two new classes: one for creating the tree (StateValuesCache) and one for iterating the trees (StateValuesAccess).
BUG=
Review URL: https://codereview.chromium.org/1008213002
Cr-Commit-Position: refs/heads/master@{#27222}
We need the v8 snapshot to be compiled on the host cpu (the
machine doing the build), but using generated code that has the
same pointer size as the target_arch; i.e., for 32-bit arm builds,
we need to use a 32-bit x86 host binary, not a 64-bit host binary.
The easiest way to ensure that this happens is to just specify
a custom toolchain in GN to use to build the snapshot.
R=jochen@chromium.org, cjhopman@chromium.org
BUG=465456, 395249
LOG=Y
Review URL: https://codereview.chromium.org/993173003
Cr-Commit-Position: refs/heads/master@{#27142}
Mechanical change.
This will break dependency between profiler-generator and heap-profiler-generator.
Later this will help us to reuse SourcePosition in cpu-profiler.
BUG=452067
LOG=n
Review URL: https://codereview.chromium.org/945873002
Cr-Commit-Position: refs/heads/master@{#26780}
ModuleDescriptor will end up holding the set of data described in the
spec as a "Module record". This introduces a little bit of confusion
with ModuleInfo, but I hope that'll become clearer over time.
Also removed the interface-printing flags. We probably want
Module-printing flags, but that can wait until we have more
Module-related structures.
BUG=v8:1569
LOG=n
Review URL: https://codereview.chromium.org/935723004
Cr-Commit-Position: refs/heads/master@{#26728}
This adds a new ControlFlowOptimizer that - for now - recognizes chains
of Branches generated by the SwitchBuilder for a subset of javascript
switches into Switch nodes. Those Switch nodes are then lowered to
either table or lookup switches.
Also rename Case to IfValue (and introduce IfDefault) for consistency.
BUG=v8:3872
LOG=n
Review URL: https://codereview.chromium.org/931623002
Cr-Commit-Position: refs/heads/master@{#26691}
Function.prototype.toMethod was removed from ES6.
This removes the function and updates the tests to either
use %ToMethod or a dedicated syntax (using concise method
or a class).
BUG=v8:3330
LOG=N
R=dslomov@chromium.org, adamk
Review URL: https://codereview.chromium.org/914713002
Cr-Commit-Position: refs/heads/master@{#26559}
To do so, extract startup_data_util from d8 and use it those executables.
BUG=
Review URL: https://codereview.chromium.org/913703002
Cr-Commit-Position: refs/heads/master@{#26547}
This relands the CL
https://codereview.chromium.org/797503007/.
It runs the version generation two times. First during
runhooks as a fallback for recipes that loose git context
(e.g. android_aosp). Second during compilation like in the
original CL. In case of failures, the result from the
runhooks call will be reused.
BUG=chromium:446166
LOG=n
Review URL: https://codereview.chromium.org/843913009
Cr-Commit-Position: refs/heads/master@{#26120}