AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
20,512 Commits 1 Branch 0 Tags 839 MiB
159b14172f
Commit Graph

223 Commits

Author SHA1 Message Date
titzer
159b14172f [turbofan] Implement OSR for outer loops. 
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/809333002

Cr-Commit-Position: refs/heads/master@{#26020}
 2015-01-12 11:39:58 +00:00
bmeurer
fec1bba852 [turbofan] Correctify representation changes to bit. 
TEST=cctest/test-representation-change,unittests,mjsunit/compiler/regress-bit-number-constant
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/840953003

Cr-Commit-Position: refs/heads/master@{#25987}
 2015-01-08 09:48:41 +00:00
bmeurer
d1c1a3c48f [turbofan] Fix bit representation of NumberConstant. 
TEST=mjsunit/compiler/regress-bit-number-constant

Review URL: https://codereview.chromium.org/839813002

Cr-Commit-Position: refs/heads/master@{#25979}
 2015-01-07 15:44:22 +00:00
jarin
80a7be5cd9 Restrict representation inference to avoid truncation of phi inputs. 
BUG=chromium:446778
LOG=N

Review URL: https://codereview.chromium.org/837153002

Cr-Commit-Position: refs/heads/master@{#25967}
 2015-01-07 11:38:54 +00:00
jarin
a9716d9840 Make control reducer revisit newly introduced merges. 
TEST=mjsunit/compiler/regress-445876
BUG=chromium:445876
LOG=N

Review URL: https://codereview.chromium.org/830293003

Cr-Commit-Position: refs/heads/master@{#25959}
 2015-01-05 16:35:34 +00:00
Benedikt Meurer
17a180842e [turbofan] Don't crash when typing load from a Uint8ClampedArray. 
TEST=mjsunit/compiler/regress-446156
BUG=chromium:446156
LOG=y
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/835883003

Cr-Commit-Position: refs/heads/master@{#25957}
 2015-01-05 13:43:47 +00:00
jarin
bdf446f590 Do not reduce effect phis for loops. 
This prevents eliminating effectful statements before the loop.

BUG=

Review URL: https://codereview.chromium.org/830923002

Cr-Commit-Position: refs/heads/master@{#25953}
 2015-01-03 12:46:00 +00:00
bmeurer
fb2643c858 [turbofan] Truncation of Bit/Word8/16 to Word32 is a no-op. 
TEST=mjsunit/compiler/regress-445859
BUG=chromium:445859
LOG=y
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/828313002

Cr-Commit-Position: refs/heads/master@{#25951}
 2015-01-02 10:39:10 +00:00
bmeurer
cf866b7c61 [x64] Rearrange code for OOB integer loads. 
We cannot just clear the result register optimistically, because the
register allocator might assign the same register to result and buffer.

TEST=mjsunit/compiler/regress-445858
BUG=chromium:445858
LOG=y
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/828303002

Cr-Commit-Position: refs/heads/master@{#25950}
 2015-01-02 10:15:40 +00:00
bmeurer
a64ac4575a Fix %NeverOptimizeFunction() intrinsic. 
Set a valid reason for disabling optimization when using
%NeverOptimizeFunction.

TEST=mjsunit/compiler/regress-445732
BUG=chromium:445732
LOG=y
TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/832003002

Cr-Commit-Position: refs/heads/master@{#25949}
 2015-01-02 08:18:01 +00:00
bmeurer
ef41f70684 [turbofan] Fix invalid bounds check with overflowing offset. 
TEST=mjsunit/compiler/regress-445267
BUG=chromium:445267
LOG=y

Review URL: https://codereview.chromium.org/825403002

Cr-Commit-Position: refs/heads/master@{#25945}
 2014-12-29 10:01:15 +00:00
bmeurer
b5e8dd0e12 [turbofan] Raise max virtual registers and call parameter limit. 
Change InstructionOperand to use a 64-bit field for encoding the operand
information instead of the 32-bit field that was used before. Ideally we
wouldn't use the Zone-allocated bit field at all, and use an integer
instead of the pointer; but that requires fixing the register allocator
first, which will take some time.

TEST=mjsunit/compiler/regress-3786
BUG=v8:3786
LOG=y

Review URL: https://codereview.chromium.org/826673002

Cr-Commit-Position: refs/heads/master@{#25941}
 2014-12-25 18:18:04 +00:00
Benedikt Meurer
3f00ce2d59 [turbofan] Fix missing ChangeUint32ToUint64 in lowering of LoadBuffer. 
TEST=mjsunit/compiler/regress-444695
BUG=chromium:444695
LOG=y
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/824843002

Cr-Commit-Position: refs/heads/master@{#25932}
 2014-12-23 06:54:00 +00:00
Benedikt Meurer
65e69497ab [turbofan] Correctify lowering of Uint8ClampedArray buffer access. 
TEST=mjsunit/compiler/regress-444508.js
BUG=chromium:444508
LOG=y
R=machenbach@chromium.org

Review URL: https://codereview.chromium.org/794013004

Cr-Commit-Position: refs/heads/master@{#25916}
 2014-12-22 08:27:59 +00:00
Benedikt Meurer
f7e4689061 [turbofan] Fix unsafe out-of-bounds check for checked loads/stores. 
BUG=chromium:443744
LOG=y
TEST=mjsunit/compiler/regress-443744
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/804993004

Cr-Commit-Position: refs/heads/master@{#25901}
 2014-12-19 12:53:29 +00:00
Benedikt Meurer
14409abc22 [turbofan] Quickfix for invalid number truncation of typed array loads. 
TEST=mjsunit/compiler/regress-int32array-outofbounds-nan
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/803483002

Cr-Commit-Position: refs/heads/master@{#25793}
 2014-12-12 10:45:38 +00:00
Benedikt Meurer
19418d76df [x64] Fix optimization for certain checked load/stores. 
BUG=chromium:439743
LOG=y
TEST=mjsunit
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/733893008

Cr-Commit-Position: refs/heads/master@{#25731}
 2014-12-10 07:49:12 +00:00
Benedikt Meurer
48a6766e78 [x86] Disable invalid checked load/store optimization. 
TEST=mjsunit/compiler/regress-lena
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/784153006

Cr-Commit-Position: refs/heads/master@{#25722}
 2014-12-09 14:16:34 +00:00
jarin
322bb23e82 [turbofan] Insert appropriate conversions for typed array stores. 
BUG=

Review URL: https://codereview.chromium.org/758643003

Cr-Commit-Position: refs/heads/master@{#25496}
 2014-11-25 08:40:29 +00:00
svenpanne
be0fcaa2bc Added test cases for truncating stores. 
Review URL: https://codereview.chromium.org/741643003

Cr-Commit-Position: refs/heads/master@{#25474}
 2014-11-24 10:42:26 +00:00
yangguo
61bee5c898 Correctly escape RegExp source. 
R=ulan@chromium.org
BUG=v8:3229
LOG=N

Review URL: https://codereview.chromium.org/736003002

Cr-Commit-Position: refs/heads/master@{#25457}
 2014-11-21 10:50:24 +00:00
danno@chromium.org
9a58807030 [turbofan] Optimize add operations to use 'leal' instruction on x64 
Add MemoryOperandMatcher that recognizes node clusters in the form
[%r1 + %r2*SCALE + OFFSET] and explicit support in the x64 Int32Add
selector to use it to translate complex adds to 'leal' instructions.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/704713003

Cr-Commit-Position: refs/heads/master@{#25223}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25223 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-11-07 16:47:45 +00:00
jarin@chromium.org
364cec0034 [turbofan] Fix deoptimization of uint8, uint16 inputs. 
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/707443003

Cr-Commit-Position: refs/heads/master@{#25214}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25214 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-11-07 14:07:45 +00:00
dcarney@chromium.org
a350f0d608 [turbofan] phis cannot take registers as inputs 
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/704153002

Cr-Commit-Position: refs/heads/master@{#25191}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25191 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-11-06 12:56:44 +00:00
bmeurer@chromium.org
017c518321 [x86] Fix register constraints for multiply high and modulus. 
R=jarin@chromium.org
TEST=mjsunit/compiler/regress-register-allocator2

Review URL: https://codereview.chromium.org/697053002

Cr-Commit-Position: refs/heads/master@{#25054}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25054 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-11-03 06:28:12 +00:00
bmeurer@chromium.org
548fb46331 [x86] Fix register constraints for multiply-high. 
TEST=mjsunit/compiler,unittests
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/671393002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24862 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-10-24 09:36:40 +00:00
verwaest@chromium.org
23868b419c Optimize Function.prototype.call 
BUG=
R=verwaest@chromium.org, jarin@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/588573002

Patch from Petka Antonov <p.antonov@partner.samsung.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24631 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-10-15 12:22:15 +00:00
jkummerow@chromium.org
b6f82c734c Remove FLAG_opt_safe_uint32_operations. 
It has been turned on by default for a long time, and hydrogenized BinaryOpStubs actually depend on it being turned on.

BUG=v8:3487
LOG=n
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/630023002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24415 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-10-06 13:15:23 +00:00
titzer@chromium.org
cbf66711af Minor compiler pipeline refactoring. Inline UpdateSharedFunctionInfo and make Parser::Parse responsible for setting the strict mode of the CompilationInfo. 
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/555553003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-09-17 12:34:46 +00:00
titzer@chromium.org
4c53bb086e Fix more fallout from making OptimizeFunctionOnNextCall work as advertised. 
R=jarin@chromium.org
BUG=411262

Review URL: https://codereview.chromium.org/544213002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-09-05 15:31:33 +00:00
titzer@chromium.org
67b89f9db6 Fix %OptimizeFunctionOnNextCall to actually work when the function has not yet been compiled. 
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/543643002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23687 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-09-04 11:27:20 +00:00
Jacob.Bramley@arm.com
da48f1246c ARM64: Fix SHR logic error. 
The `right == 0` checks only worked for `0 <= right < 32`. This patch
replaces the checks with simple tests for negative results.

The attached test can detect this error, but the test relies on a broken
flag (--noopt-safe-uint32-operations), so it is skipped for now. See
issue 3487 for details.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/487913005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23243 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-08-20 14:58:18 +00:00
mstarzinger@chromium.org
7a4054b7d7 Allow inlining of functions containing %_Arguments. 
R=svenpanne@chromium.org
TEST=mjsunit/compiler/inline-arguments

Review URL: https://codereview.chromium.org/356773002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22060 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-06-27 11:04:35 +00:00
dcarney@chromium.org
bd3f8a524e Revert "Optimize Function.prototype.call" 
This reverts commit r21840.

R=danno@chromium.org
LOG=y
BUG=chromium:385565

Review URL: https://codereview.chromium.org/347573002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21887 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-06-18 14:04:41 +00:00
verwaest@chromium.org
7005abf03b Optimize Function.prototype.call 
- May inline the function, or call it directly, instead of going through call
- Supports arguments object escaping when it escapes to builtins (preparation for slice.call(arguments, ...) optimization)
- Both .call and .apply now support inlining when calling builtins indirectly

BUG=
R=verwaest@chromium.org, rossberg@chromium.org

Review URL: https://codereview.chromium.org/335683002

Patch from Petka Antonov <p.antonov@partner.samsung.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21840 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-06-13 12:52:23 +00:00
hpayer@chromium.org
de21c8a245 Simplify ConfigureHeap and change --max_new_space_size to --max_semi_space_size. 
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/271843005

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21204 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-05-09 08:38:27 +00:00
hpayer@chromium.org
dde49c9dc3 Set max new space size in tests to proper MB value. 
Revert "Limit old space size in test which require a large new space."

This reverts commit r21103.

Revert "Remove max space limits in tests."

This reverts commit r21104.

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/263103006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21149 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-05-05 16:48:33 +00:00
hpayer@chromium.org
56d0b9757e Remove max space limits in tests. 
BUG=

Review URL: https://codereview.chromium.org/263703003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21104 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-30 19:32:47 +00:00
hpayer@chromium.org
3dd05f8fc7 Limit old space size in test which require a large new space. 
BUG=

Review URL: https://codereview.chromium.org/265673003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21103 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-04-30 18:57:25 +00:00
dslomov@chromium.org
f66af4feb4 Refactor optimized in hydrogen only runtime functions. 
This splits all runtime function into 3 categories:
1) RUNTIME: implemented in runtime and called from both full and optimized code.
2) RUNTIME_HIDDEN: implemented in runtime, never called directly from JS builtins.
3) INLINE: inlined in both full and optimized code
4) INLINE_OPTIMIZED: inlined in optimized code, implemented in runtime for full code.

R=yangguo@chromium.org, yannguo@chromium.org

Review URL: https://codereview.chromium.org/209353006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20252 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 14:26:55 +00:00
titzer@chromium.org
3c31102025 First implementation of store elimination. 
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/100253004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20224 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-25 09:06:16 +00:00
ulan@chromium.org
2cb4e78e74 Fix mjsunit/compiler/concurrent-invalidate-transition-map.js test. 
BUG=v8:3156
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/180053003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20009 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-17 17:00:48 +00:00
svenpanne@chromium.org
be328fd4ce Disable special handling of flooring division by constant until it is fixed for real. 
Added a test to check the various division-like operations more exhaustively.

R=bmeurer@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/194863002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19852 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-03-12 14:28:59 +00:00
ishell@chromium.org
6bb57517c0 Restore of compare-objeq-elim test accidentally removed in r19229. 
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/162903005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-13 12:22:24 +00:00
ulan@chromium.org
e95bc7eec8 Merge experimental/a64 to bleeding_edge. 
BUG=v8:3113
LOG=Y
R=jochen@chromium.org, rmcilroy@chromium.org, rodolph.perfetta@arm.com

Review URL: https://codereview.chromium.org/148293020

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19311 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-12 09:19:30 +00:00
ishell@chromium.org
994f0f6dda Fix for a smi stores optimization on x64 with a test case. 
BUG=338425
LOG=N
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/152923006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19288 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-11 16:02:18 +00:00
ishell@chromium.org
f46da9d43b Reland of r19102: Check elimination improvement: propagation of state through phis is supported, CheckMap narrowing implemented with tests. 
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/146623006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19229 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-02-10 15:32:54 +00:00
ishell@chromium.org
2aa17c6e62 Load elimination fix: load should not be replaced with another load if the former is not dominated by the latter. 
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/151333003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-31 12:03:32 +00:00
jarin@chromium.org
99ce5a2484 The current 
version is passing all the existing test + a bunch of new tests
(packaged in the change list, too).

The patch extends the SlotRef object to describe captured and duplicated
objects. Since the SlotRefs are not independent of each other anymore,
there is a new SlotRefValueBuilder class that stores the SlotRefs and
later materializes the objects from the SlotRefs.

Note that unlike the previous implementation of SlotRefs, we now build
the SlotRef entries for the entire frame, not just the particular
function.  This is because duplicate objects might refer to previous
captured objects (that might live inside other inlined function's part
of the frame).

We also need to store the materialized objects between other potential
invocations of the same arguments object so that we materialize each
captured object at most once.  The materialized objects of frames live
in the new MaterielizedObjectStore object (contained in Isolate),
indexed by the frame's FP address.  Each argument materialization (and
deoptimization) tries to lookup its captured objects in the store before
building new ones.  Deoptimization also removes the materialized objects
from the store. We also schedule a lazy deopt to be sure that we always
get rid of the materialized objects and that the optmized function
adopts the materialized objects (instead of happily computing with its
captured representations).

Concerns:

- Is the FP address the right key for a frame? (Note that deoptimizer's
representation of frame is different from the argument object
materializer's one - it is not easy to find common ground.)

- Performance is suboptimal in several places, but a quick local run of
benchmarks does not seem to show a perf hit. Examples of possible
improvements: smarter generation of SlotRefs (build other functions'
SlotRefs only for captured objects and only if necessary), smarter
lookup of stored materialized objects.

- Ideally, we would like to share the code for argument materialization
with deoptimizer's materializer.  However, the supporting data structures
(mainly the frame descriptor) are quite different in each case, so it
looks more like a separate project.

Thanks for any feedback.

R=danno@chromium.org, mstarzinger@chromium.org
LOG=N
BUG=

Committed: https://code.google.com/p/v8/source/detail?r=18918

Review URL: https://codereview.chromium.org/103243005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18936 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-30 10:33:53 +00:00
jarin@chromium.org
ec51f26b9e Revert "Captured arguments object materialization" 
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/130803009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18923 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
 2014-01-29 15:49:48 +00:00