This removes the checking for use-def and def-use chain links from the
graph verification. Presence of such links can only be violated by a bug
in the actual {Node} implementation itself. That container class is also
covered by unit tests.
The verification in question was useful in the early days when the graph
implementation itself was prone to bugs. By now it has stabilized and
spending O(n^2) time during graph verification is too wasteful to still
be considered a reasonable trade-off.
R=jarin@chromium.org
TEST=unittests/NodeTest.*
Review-Url: https://codereview.chromium.org/2140973003
Cr-Commit-Position: refs/heads/master@{#37670}
The PlainPrimitiveToNumber operator performs a superset of the operations
previously performed by the BooleanToNumber and StringToNumber operators,
so we can just use the special lowering rules for PlainPrimitiveToNumber
based on the input type and get rid of the specialized operators.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2139183002
Cr-Commit-Position: refs/heads/master@{#37669}
This CL separates the check whether something is tail-callable from
the computation of the size of the stack parameters that a function
takes.
In order to track this precisely, the stack parameter size calculation
uses the recently landed MachineType information that's embedded
in return and parameter value LinkageLocations.
Review-Url: https://codereview.chromium.org/2121753002
Cr-Commit-Position: refs/heads/master@{#37668}
Temporary commit to see performance data. Will be reverted
shortly after.
BUG=chromium:622332
TBR=vogelheim, jochen
NOTRY=true
Review-Url: https://codereview.chromium.org/2135313002
Cr-Commit-Position: refs/heads/master@{#37667}
Remove obsolete definitions from macros.py, and drop the now obsolete
%_ToPrimitive, %_ToPrimitive_Number, %_ToPrimitive_String, %_ToName
and the %ToPrimitive_String intrinsics/runtime entries.
R=yangguo@chromium.org
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2137203002
Cr-Commit-Position: refs/heads/master@{#37665}
Added trace printout for replacements in Turbofan reducers.
Renamed graph trimmer trace flag to avoid confusion.
Review-Url: https://codereview.chromium.org/2123283006
Cr-Commit-Position: refs/heads/master@{#37663}
Rolling v8/build to 3cd1ead0173f28d3aa6b28590495ae67340a3a5e
Rolling v8/third_party/icu to b5ecbb29a26532f72ef482569b223d5a51fd50bf
Rolling v8/tools/mb to 9a768a4d908ec89978a95e1c04c62336f5cfbcd2
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2144483002
Cr-Commit-Position: refs/heads/master@{#37662}
AllocateSpillSlot can now handle requests for 16 byte slots.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2139663002
Cr-Commit-Position: refs/heads/master@{#37661}
Instead just return undefined
A side effect of this is that it's no longer possible to compile
functions in a detached context.
BUG=chromium:541703
R=verwaest@chromium.org,bmeurer@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng
Review-Url: https://codereview.chromium.org/2034083002
Cr-Commit-Position: refs/heads/master@{#37657}
When the scanner finds a '-->', it's either part of an HTMLCloseComment
or a '--' followed by a '>'. Previously, only a preceding newline would
make it an HTMLCloseComment. Now, a preceding multiline comment also
makes it an HTMLCloseComment. The effect is that now the following is
not a SyntaxError:
x/*
*/-->this is now a comment
BUG=v8:5142
LOG=y
Review-Url: https://codereview.chromium.org/2119763003
Cr-Commit-Position: refs/heads/master@{#37656}
This patch just checks for a stack overflow and returns failure
from the cases which Clusterfuzz found. However, there may be
more locations in the parser which need similar treatment.
R=caitpotter88@gmail.com,neis
BUG=v8:4483,chromium:624300
Review-Url: https://codereview.chromium.org/2135503002
Cr-Commit-Position: refs/heads/master@{#37655}
This removes the frame state input representing the before-state from
nodes having any comparison operator. Lowering that inserts number
conversions of the inputs has to be disabled when deoptimization is
enabled, because the frame state layout is no longer known.
R=jarin@chromium.org
BUG=v8:5021
Review-Url: https://codereview.chromium.org/2134173002
Cr-Commit-Position: refs/heads/master@{#37646}
This extends pretenuring decisions based on allocation sites to heap
numbers that are allocated as part of object literals. It ensures memory
locality of a bigger enclosure of the deep copy of an object literal.
R=bmeurer@chromium.org
TEST=cctest/test-heap/OptimizedPretenuringMixedInObjectProperties
Review-Url: https://codereview.chromium.org/2135933002
Cr-Commit-Position: refs/heads/master@{#37645}
If the first input to CheckBounds is already an Unsigned32, then
we can just truncate both inputs to word32 and lower the bounds
check.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2138753002
Cr-Commit-Position: refs/heads/master@{#37643}
This unifies phases in SimplifiedLowering, and will enable
more optimizations, i.e. we can do the output representation
during typing then, which in turn should allow us to use the
feedback type even in unchecked operators (i.e. NumberAbs).
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2137003002
Cr-Commit-Position: refs/heads/master@{#37639}
By adding MachineType to LinkageLocation, it is possible not only to reason
about the location of a LinkageLocation on the stack, but also about it's
size. This will be useful in follow-on CLs that attempt to merge some of the
parameter passing logic of tail calls and normal (non-tail) calls.
As a nice side-effect, it is no longer necessary to separately keep a
MachineSignature in a CallDescriptor, because the MachineTypes contianed in
LinkageLocation for all of the Descriptor's parameters and return types are
sufficient. This CL therefore removes the MachineSignature from the
CallDescriptor and adjusts all the calling code accordingly, simplifying and
de-duplicating code in a bunch of places.
R=titzer@chromium.org, bmeurer@chromium.org
LOG=N
Review-Url: https://codereview.chromium.org/2124023003
Cr-Commit-Position: refs/heads/master@{#37633}
Reason for revert:
crashes: crbug.com/626719
Original issue's description:
> Avoid Context::Enter and Context::Exit if we're reentering the active and last entered context
>
> A bit of browsing around indicates that the new fast-path is taken most of the time:
> 3496 Entering new
> 152295 Reentering same
>
> BUG=
>
> Committed: https://crrev.com/1829eb661ef1cf432fb551bcb193f521a219d490
> Cr-Commit-Position: refs/heads/master@{#37570}
TBR=jochen@chromium.org,verwaest@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=
Review-Url: https://codereview.chromium.org/2140563002
Cr-Commit-Position: refs/heads/master@{#37632}
CallSite::IsConstructor() was unable to recognize builtin construct stubs
(NumberConstructor_ConstructStub and StringConstructor_ConstructStub) as
constructors, and thus these frames were not formatted correctly in stack
traces.
Fix this by explicitly marking their Code objects as construct stubs and
passing along a special receiver value when we encounter such cases in
CaptureSimpleStackTrace.
R=mstarzinger@chromium.org, yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2125163004
Cr-Commit-Position: refs/heads/master@{#37631}
If a Smi field load is truncated to Word32, we can just load the upper
32 bits on 64-bit architectures (with 32-bit Smis), which avoids the
nasty shift right that we'd have to perform otherwise to untag it.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2140553002
Cr-Commit-Position: refs/heads/master@{#37630}
Usually loops run from 0 to some array length l, which means the
induction variable i will probably have type Unsigned32, just like
the length l. The CheckBounds operation lowers to an Uint32LessThan
comparison, so if we also lower the user level i < l comparison to
Uint32LessThan (whenever possible), we get some bounds check elimination
for free (via value numbering plus branch condition elimination).
This merges the branch condition elimination phase with the late
optimization phase to make this magic happen.
R=jarin@chromium.org
BUG=v8:4930,v8:5141
Review-Url: https://codereview.chromium.org/2135123002
Cr-Commit-Position: refs/heads/master@{#37629}
This enables tests which verify allocation site feedback is used and
influences pretenuring decisions. By now TurboFan is respecting such
feedback. Ignition however doesn't provide such feedback yet.
R=mvstanton@chromium.org
Review-Url: https://codereview.chromium.org/2135563003
Cr-Commit-Position: refs/heads/master@{#37628}
This change analyzes and links the output of --code-comments in the disassembly view within turbolizer with the other views, such that selecting these comments will also select the respective blocks/lines/nodes within the other views. The block start comments (e.g. -- B4 start --) are linked with the blocks in the schedule phase view and vice versa. The source position comments (e.g. -- primes.js:3:10 --) select the respective spans, lines, and nodes in the JavaScript code view, the schedule phase view, and the other compilation phase views respectively, and vice versa. It also modifies the display of the line and column numbers in the source position comments to be offset from 1 instead of 0 and ignore the initial source position of the first line of code (from removal of the function name in the compiler).
Also fixed the bug where previous selections weren't being cleared properly across multiple views, adding appropriate clear calls when using the selection broker.
Review-Url: https://codereview.chromium.org/2133663002
Cr-Commit-Position: refs/heads/master@{#37627}
Enable the same checks for builtin exit frames as are used for all other
standard (i.e. non-wasm) types, and refactor them into a single helper
class.
R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2135593002
Cr-Commit-Position: refs/heads/master@{#37625}
Consume Smi/Signed32 feedback for division and modulus and introduce
appropriate checked operators. This is especially important for modulus
where the Float64Mod operator is significantly slower than Int32Mod on
most platforms. For division it's mostly important to propagate
integerness, i.e. to avoid follow-up conversions between float and
int32.
Drive-by-fix: Use Int32Mod for the ModulusStub (and the bytecode handler)
when the inputs are both Smi.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2138633002
Cr-Commit-Position: refs/heads/master@{#37621}
