%_IsObject(foo) is equivalent to typeof foo === 'object' and has
exactly the same optimizations, so there's zero need for %_IsObject
in our code base.
R=mstarzinger@chromium.org
Review URL: https://codereview.chromium.org/1313903003
Cr-Commit-Position: refs/heads/master@{#30380}
For vector-based keyed store ics, we need to know the current
KeyedAccessStore mode on ic MISS, and to produce optimized code.
We can't store this mode, which can change on any MISS in the IC
without patching. Therefore, this CL makes sure that the information is
redundantly available in the handlers embedded in the IC. This way,
when --vector-stores is turned on, we'll be able to extract that
information from the vector which maintains a list of these handlers.
BUG=
Review URL: https://codereview.chromium.org/1312693004
Cr-Commit-Position: refs/heads/master@{#30378}
port 5d875a57fa (r30342).
original commit message:
The previous hack with HInstanceOfKnownGlobal was not only slower,
but also very brittle and required a lot of weird hacks to support it. And
what's even more important it wasn't even correct (because a map check
on the lhs is never enough for instanceof).
The new implementation provides a sane runtime implementation
for InstanceOf plus a fast case in the InstanceOfStub, combined with
a proper specialization in the case of a known global in CrankShaft,
which does only the prototype chain walk (coupled with a code
dependency on the known global).
As a drive-by-fix: Also fix the incorrect Object.prototype.isPrototypeOf
implementation.
R=weiliang.lin@intel.com
BUG=
Review URL: https://codereview.chromium.org/1318663003
Cr-Commit-Position: refs/heads/master@{#30376}
This fixes broken dynamic hole-checks for the temporal dead zone of
non-initializing assignments to {let} and {const} declared variables.
Also note that this exemplifies a case where the dynamic check for such
assignments to {let} declared variables can no longer be elided as the
comment suggested.
R=rossberg@chromium.org
TEST=mjsunit/regress/regress-4388
BUG=v8:4388
LOG=n
Review URL: https://codereview.chromium.org/1318693002
Cr-Commit-Position: refs/heads/master@{#30375}
A TopLevelLiveRange is the live range of a virtual register. Through
register allocation, it may end up being split in a succession of child
live ranges, where data flow is handled through moves from
predecessor to successor child.
Today, the concepts of "top level" and "child" live ranges are conflated
under the LiveRange class. However, a good few APIs pertain solely
to TopLevelLiveRanges. This was communicated through comments or
DCHECKs - but this makes for poor code comprehensibility and maintainability.
For example, the worklist of the register allocator (live_ranges()) needs
to only contain TopLevelLiveRanges; spill range concerns are associated
only with the top range; phi-ness; certain phases in the allocation pipeline;
APIs on LiveRange used for initial construction - before splitting;
splintering - these are all responsibilities associated to TopLevelLiveRanges,
and not child live ranges.
This change separates the concepts.
An effect of this change is that child live range allocation need not involve
RegisterAllocationData. That's "a good thing" (lower coupling), but it has
the side-effect of not having a good way to construct unique identifiers for
child live ranges, relative to a given InstructionSequence.
LiveRange Id are used primarily for tracing/output-ing, and debugging.
I propose a 2-component identifier: a virtual register (vreg) number,
uniquely identifying TopLevelLiveRanges; and a relative identifier, which
uniquely identifies children of a given TopLevelLiveRange. "0" is reserved
for the TopLevel range. The relative identifier does not necessarily
indicate order in the child chain, which is no worse than the current state
of affairs.
I believe this change should make it easier to understand a trace output
(because the virtual register number is readily available). I plan to formalize
with a small structure the notion of live range id, and consolidate tracing
around that, as part of a separate CL. (there are seemingly disparate ways
to trace - printf or stream-based APIs - so this seems like an opportune
change to consolidate that)
Review URL: https://codereview.chromium.org/1311983002
Cr-Commit-Position: refs/heads/master@{#30370}
For X87 platform, it has the same general register as ia32 and it will spill the
context to the stack too.
port bfdc22d7fc (r29325).
original commit message:
Passes the current context to bytecode interpreter handlers. This is held in the
context register on all architectures except for ia32 where there are too few
registers and it is instead spilled to the stack.
Also changes Load/StoreRegister to use kMachAnyTagged representation since they
should only ever hold tagged values.
BUG=
Review URL: https://codereview.chromium.org/1316583003
Cr-Commit-Position: refs/heads/master@{#30368}
The lack of marking this dependency led to a ClusterFuzz crash when
sloppy-function was on but not sloppy. This case does not make sense.
R=adamk
LOG=N
BUG=chromium:520891
Review URL: https://codereview.chromium.org/1316773004
Cr-Commit-Position: refs/heads/master@{#30364}
Make ObjectLiteral::is_simple() false for literals containing computed
property names, which causes IsCompileTimeValue() to return false and
thus force code to be generated for setting up such properties. This
mirrors the handling of '__proto__' in literals.
BUG=v8:4387
LOG=y
Review URL: https://codereview.chromium.org/1307943007
Cr-Commit-Position: refs/heads/master@{#30362}
This change encompasses what is necessary to enable stack checks in loops without suffering large regressions.
Primarily, it consists of a new mechanism for dealing with deferred blocks by "splintering", rather than splitting, inside deferred blocks.
My initial change was splitting along deferred block boundaries, but the regression introduced by stackchecks wasn't resolved conclusively. After investigation, it appears that just splitting ranges along cold block boundaries leads to a greater opportunity for moves on the hot path, hence the suboptimal outcome.
The alternative "splinters" ranges rather than splitting them. While splitting creates 2 ranges and links them (parent-child), in contrast, splintering creates a new independent range with no parent-child relation to the original. The original range appears as if it has a liveness hole in the place of the splintered one. All thus obtained ranges are then register allocated with no change to the register allocator.
The splinters (cold blocks) do not conflict with the hot path ranges, by construction. The hot path ones have less pressure to split, because we remove a source of conflicts. After allocation, we merge the splinters back to their original ranges and continue the pipeline. We leverage the previous changes made for deferred blocks (determining where to spill, for example).
Review URL: https://codereview.chromium.org/1305393003
Cr-Commit-Position: refs/heads/master@{#30357}
Adds implementations and tests for the following bytecodes:
- Add
- Sub
- Mul
- Div
- Mod
Also adds the Mod bytecode and adds support to BytecodeGenerator and
BytecodeArrayBuilder to enable it's use.
The current bytecodes always call through to the JS builtins. This also adds
LoadObjectField and CallJSBuiltin operators to the InterpreterAssembler.
BUG=v8:4280
LOG=N
Review URL: https://codereview.chromium.org/1300813005
Cr-Commit-Position: refs/heads/master@{#30352}
Reason for revert:
https://codereview.chromium.org/1315823004/
Original issue's description:
> Array.prototype.unshift builtin improvements
>
> Moving unshift to ElementAccessor and increasing the range of arguments
> handled directly in C++, namely directly supporting FastDoubleElementsKind.
> This should yield a factor 19 speedup for unshift on fast double arrays.
>
> BUG=
>
> Committed: https://crrev.com/bf6764e6c1197e50ae148755488307a423b1d9b4
> Cr-Commit-Position: refs/heads/master@{#30347}
TBR=yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=
Review URL: https://codereview.chromium.org/1311363003
Cr-Commit-Position: refs/heads/master@{#30350}
Moves the GCCallbackflags where they belong, i.e., {Heap}, and gets rid of
IncrementalMarking::Start() callsites.
BUG=
Review URL: https://codereview.chromium.org/1314853002
Cr-Commit-Position: refs/heads/master@{#30349}
The PLACEHOLDER code kind is used when compiling a code object that has
direct calls to other code objects, but those other code objects do not
yet exist because they have not yet been compiled. It serves as a
placeholder to break the cycle, e.g. in WASM.
R=yangguo@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1308393003
Cr-Commit-Position: refs/heads/master@{#30348}
Moving unshift to ElementAccessor and increasing the range of arguments
handled directly in C++, namely directly supporting FastDoubleElementsKind.
This should yield a factor 19 speedup for unshift on fast double arrays.
BUG=
Review URL: https://codereview.chromium.org/1311343002
Cr-Commit-Position: refs/heads/master@{#30347}
The HUnaryMathOperation cannot be eliminated in general, because the
spec requires a ToNumber conversion on the input, which is observable
of course.
BUG=v8:4389
LOG=y
Review URL: https://codereview.chromium.org/1307413003
Cr-Commit-Position: refs/heads/master@{#30343}
The previous hack with HInstanceOfKnownGlobal was not only slower,
but also very brittle and required a lot of weird hacks to support it. And
what's even more important it wasn't even correct (because a map check
on the lhs is never enough for instanceof).
The new implementation provides a sane runtime implementation
for InstanceOf plus a fast case in the InstanceOfStub, combined with
a proper specialization in the case of a known global in CrankShaft,
which does only the prototype chain walk (coupled with a code
dependency on the known global).
As a drive-by-fix: Also fix the incorrect Object.prototype.isPrototypeOf
implementation.
BUG=v8:4376
LOG=y
Review URL: https://codereview.chromium.org/1304633002
Cr-Commit-Position: refs/heads/master@{#30342}
Adds the flag to the test configuration so we aren't just testing the
polyfill.
Fixes some number conversion in native fromFloat32x4 function that now
fails.
LOG=N
BUG=v8:4124
Review URL: https://codereview.chromium.org/1312703003
Cr-Commit-Position: refs/heads/master@{#30341}
The ES2015 specification for switch statements 13.12.11 specifies that
they get their own lexical scope. This patch introduces such a scope
through a complex desugaring in terms of blocks, done so that Crankshaft
does not have to be updated to support multiple constructs providing
scopes.
Recommitting this patch after a bug fix in Crankshaft to allow a
desugaring with certain elements missing a source location:
https://codereview.chromium.org/1313443002
BUG=v8:4377
LOG=Y
R=adamk
Review URL: https://codereview.chromium.org/1309163003
Cr-Commit-Position: refs/heads/master@{#30340}
This patch translates RelocInfo::kNoPosition to SourcePosition::Unknown()
in constructing the Hydrogen graph from the parser's output. The translation
is done to increase the flexibility of the parser to desugar more things
that don't have natural locations.
R=bmeurer@chromium.org
BUG=v8:4377
LOG=N
Review URL: https://codereview.chromium.org/1313443002
Cr-Commit-Position: refs/heads/master@{#30337}
Adding an AstExpressionVisitor to touch each expression node in
an AST.
Adding TypingReseter to clear the slate after a failed asm.js
validation that has set partial typing information.
Adding a ExpressionTypeCollector to walk the expressions
in an AST and emit them as a string for testing.
Adding tests of the above.
LOG=N
BUG= https://code.google.com/p/v8/issues/detail?id=4203
TEST=test-typing-reset,test-ast-expression-visitor
R=rossberg@chromium.org,titzer@chromium.org
Review URL: https://codereview.chromium.org/1288773007
Cr-Commit-Position: refs/heads/master@{#30336}
The simulator uses a separate JS stack, exhaustion of the C stack
however is not caught by JS limit checks. This change now lowers the
limit of the JS stack accordingly on function calls.
R=mvstanton@chromium.org
BUG=chromium:522380
TEST=mjsunit/regress/regress-crbug-522380
LOG=n
Review URL: https://codereview.chromium.org/1314623002
Cr-Commit-Position: refs/heads/master@{#30334}
