Commit Graph

230 Commits

Author SHA1 Message Date
titzer
e4bb7ff96c [wasm] Implement an interpreter for WASM.
This interpreter directly decodes and executes WASM binary code for
the purpose of supporting low-level debugging. It is not currently
integrated into the main WASM implementation.

R=ahaas@chromium.org,clemensh@chromium.org,rossberg@chromium.org,binji@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/1972153002
Cr-Commit-Position: refs/heads/master@{#36497}
2016-05-25 08:33:10 +00:00
oth
02b7373ab1 [interpreter] Introduce bytecode generation pipeline.
This change introduces a pipeline for the final stages of
bytecode generation.

The peephole optimizer is made distinct from the BytecodeArrayBuilder.

A new BytecodeArrayWriter is responsible for writing bytecode. It
also keeps track of the maximum register seen and offers a potentially
smaller frame size.

R=rmcilroy@chromium.org
LOG=N
BUG=v8:4280

Review-Url: https://codereview.chromium.org/1947403002
Cr-Commit-Position: refs/heads/master@{#36220}
2016-05-12 19:20:04 +00:00
bmeurer
b8229ec446 [turbofan] Initial version of allocation folding and write barrier elimination.
This adds a new pass MemoryOptimizer that walks over the effect chain
from Start and lowers all Allocate, LoadField, StoreField, LoadElement,
and StoreElement nodes, trying to fold allocations into allocation
groups and eliminate write barriers on StoreField and StoreElement if
possible (i.e. if the object belongs to the current allocation group and
that group allocates in new space).

R=hpayer@chromium.org, jarin@chromium.org
BUG=v8:4931, chromium:580959
LOG=n

Review-Url: https://codereview.chromium.org/1963583004
Cr-Commit-Position: refs/heads/master@{#36128}
2016-05-10 10:12:25 +00:00
lpy
57a73e81c6 Move atomic-utils.h into base/
atomic-utils.h only uses functionality from base/, and also by moving it into
base/, code outside of v8_base can benefit from it.

BUG=v8:4991
LOG=n

Review-Url: https://codereview.chromium.org/1954603002
Cr-Commit-Position: refs/heads/master@{#36114}
2016-05-09 16:23:57 +00:00
machenbach
3bf44848c3 [gn] Move build to gypfiles
This prepares for pulling chromium's build as dependency for
gn. After this, the files in build and gypfiles need to stay
in sync until chromium is updated.

BUG=chromium:474921
LOG=n

Review-Url: https://codereview.chromium.org/1848553003
Cr-Commit-Position: refs/heads/master@{#35898}
2016-04-29 10:11:11 +00:00
machenbach
cb855fe728 [build] Prepare moving v8.gyp to src/
This will allow to pull in gyp as a deps to the same location
as chromium (tools/gyp not build/gyp), needed for gn switch.

This is the first step of a 3-way move.
1) Copy v8.gyp in v8
2) Update references in embedders (follow up)
3) Remove old v8.gyp (follow up)

BUG=chromium:474921
LOG=n
NOTRY=true

Review URL: https://codereview.chromium.org/1920793002

Cr-Commit-Position: refs/heads/master@{#35760}
2016-04-25 12:20:24 +00:00
titzer
727c7df035 [wasm] Extra LEB utilities to leb-helper.h
R=bradnelson@chromium.org,aseemgarg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1909513002

Cr-Commit-Position: refs/heads/master@{#35695}
2016-04-21 10:15:16 +00:00
jarin
b9e287c6d9 [turbofan] Effect linearization after representation inference.
This introduces a compiler pass that schedules the graph and re-wires effect chain according to the schedule. It also connects allocating representation changes to the effect chain, and removes the BeginRegion and EndRegion nodes - they should not be needed anymore because all effectful nodes should be already wired-in.

This is an intermediate CL - the next step is to move lowering of the Change*ToTaggedEffect nodes to StateEffectIntroduction so that we do not have to introduce the effectful versions of nodes.

Review URL: https://codereview.chromium.org/1849603002

Cr-Commit-Position: refs/heads/master@{#35565}
2016-04-18 08:29:51 +00:00
aseemgarg
1d37d4216b [wasm] optimized switch implementation in asm.js to wasm builder
This change implements switch as a balanced if/else tree or break table or
hybrid. A lot of asm.js modules are expected to extensively use switch
alongside function tables that can benefit from a better implementation.

BUG=v8:4203
TEST=mjsunit/asm-wasm
R=titzer@chromium.org,bradnelson@chromium.org,ahaas@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1838973002

Cr-Commit-Position: refs/heads/master@{#35455}
2016-04-13 21:56:42 +00:00
Ilija.Pavlovic
0b479e4e81 MIPS: Enable big endian testing.
Enabled big endian testing for MIPS32 and MIPS64. The tests are also
adapted for big endian variant.

TEST=cctest/test-assembler-mips[64]
BUG=

Review URL: https://codereview.chromium.org/1867503002

Cr-Commit-Position: refs/heads/master@{#35369}
2016-04-11 06:36:42 +00:00
jarin
03975befe3 [turbofan] Remove some clever-but-wrong bits from select lowering.
BUG=chromium:600593
LOG=n
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1870763003

Cr-Commit-Position: refs/heads/master@{#35347}
2016-04-08 08:26:13 +00:00
ulan
c42b2c4493 Refactor the ring buffer in GCTracer.
Now instead of saving all event details in the ring buffer,
we save only the bytes and duration.

This reduces the GCTracer size from 20K to 3K and simplifies code.

BUG=chromium:597310
LOG=NO

Review URL: https://codereview.chromium.org/1830723004

Cr-Commit-Position: refs/heads/master@{#35104}
2016-03-29 12:52:05 +00:00
oth
48d082af38 [interpreter] Add support for scalable operands.
This change introduces wide prefix bytecodes to support wide (16-bit)
and extra-wide (32-bit) operands. It retires the previous
wide-bytecodes and reduces the number of operand types.

Operands are now either scalable or fixed size. Scalable operands
increase in width when a bytecode is prefixed with wide or extra-wide.

The bytecode handler table is extended to 256*3 entries. The
first 256 entries are used for bytecodes with 8-bit operands,
the second 256 entries are used for bytecodes with operands that
scale to 16-bits, and the third group of 256 entries are used for
bytecodes with operands that scale to 32-bits.

LOG=N
BUG=v8:4747,v8:4280

Review URL: https://codereview.chromium.org/1783483002

Cr-Commit-Position: refs/heads/master@{#34955}
2016-03-21 17:09:49 +00:00
mlippautz
fdb0784d0a [heap] Remove LocalStoreBuffer and add slots in parallel
Now that we have page-local remembered sets (due to refilling in page
granularity) we can perform all updates on the sets during compaction in
parallel without caching slots locally.

BUG=chromium:524425
LOG=N
NOTRY=true

Review URL: https://codereview.chromium.org/1811573002

Cr-Commit-Position: refs/heads/master@{#34952}
2016-03-21 16:01:01 +00:00
jyan
3b5e84ab0e S390: Initial test changes and files checkin.
R=danno@chromium.org,jkummerow@chromium.org,jochen@chromium.org,joransiu@ca.ibm.com,michael_dawson@ca.ibm.com,mbrandy@us.ibm.com
BUG=

Review URL: https://codereview.chromium.org/1805533002

Cr-Commit-Position: refs/heads/master@{#34795}
2016-03-15 18:09:36 +00:00
titzer
c5b2f1536b [wasm] Add support and unittests for decoding signed LEB128.
R=bradnelson@chromium.org,ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1746653002

Cr-Commit-Position: refs/heads/master@{#34368}
2016-02-29 18:42:26 +00:00
bmeurer
d1df58e8d7 [stubs] Introduce a proper ToBooleanStub.
Rename the existing (patching) ToBooleanStub to ToBooleanICStub to match
our naming convention, and add a new TurboFan-powered ToBooleanStub,
which just does the ToBoolean conversion without any runtime call or
code patching, so we can use it for Ignition (and TurboFan).

Drive-by-fix: Add an Oddball::to_boolean field similar to the ones we
already have for to_string and to_number, so we don't need to actually
dispatch on the concrete Oddball at all.

R=epertoso@chromium.org, rmcilroy@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/1744163002

Cr-Commit-Position: refs/heads/master@{#34361}
2016-02-29 12:17:26 +00:00
ulan
01b8fc894b Reland "Replace slots buffer with remembered set. (patchset #14 id:250001 of https://codereview.chromium.org/1703823002/ )"
This reverts commit 9146bc5e20.

This contains a fix for the following crash:
1. We record slots for a fixed array.
2. We trim the fixed array, so that some recorded slots are now in free space.
3. During mark-compact we sweep the page with the fixed array. Now free list items contain memory with recorded slots.
4. We evacuate a byte array using the new free list items.
5. We iterate slots that are now inside the byte array and crash.

BUG=chromium:589413,chromium:578883
LOG=NO

Review URL: https://codereview.chromium.org/1735523002

Cr-Commit-Position: refs/heads/master@{#34302}
2016-02-25 17:29:22 +00:00
vogelheim
cc40fcec6f Encode interpreter::SourcePositionTable as variable-length ints.
This reduces the memory consumption of SourcePositionTable by ca. 2/3.
Over Octane, this reduces the source position table memory consumption
from ~370kB to ~115kB, which makes it ca. 10% of the total bytecode size
(~1.1MB)

----------------

Reland CL in order to relive the glory days, and also fix memory leak w/ ENABLE_SLOW_CHECKS.

SourcePositionTableBuilder used to have a no destructor since everything
was zone allocated. But if ENABLE_SLOW_CHECKS, it has a heap allocated member
and thus needs a proper constructor. ASAN thankfully notices this, and V8 no
longer builds since this is called during mksnapshot.

Breakge example: http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN%20arm64%20-%20debug%20builder/builds/4829

R=jochen@chromium.org, yangguo@chromium.org, rmcilroy@chromium.org
BUG=v8:4690
LOG=y

Committed: https://crrev.com/a6f41f7b8226555c5900440f6e3092b3545ee0f6
Cr-Commit-Position: refs/heads/master@{#34250}

patch from issue 1704943002 at patchset 200001 (http://crrev.com/1704943002#ps200001)

Review URL: https://codereview.chromium.org/1731883003

Cr-Commit-Position: refs/heads/master@{#34256}
2016-02-24 17:13:53 +00:00
vogelheim
b38eabe845 Revert of Encode interpreter::SourcePositionTable as variable-length ints. (patchset #10 id:200001 of https://codereview.chromium.org/1704943002/ )
Reason for revert:
Build failure on Linux64 arm64 ASAN:

http://build.chromium.org/p/client.v8/builders/V8%20Linux64%20ASAN%20arm64%20-%20debug%20builder/builds/4829

(Leaks memory, somehow.)

Original issue's description:
> Encode interpreter::SourcePositionTable as variable-length ints.
>
> This reduces the memory consumption of SourcePositionTable by ca. 2/3.
> Over Octane, this reduces the source position table memory consumption
> from ~370kB to ~115kB, which makes it ca. 10% of the total bytecode size
> (~1.1MB)
>
> BUG=
>
> Committed: https://crrev.com/a6f41f7b8226555c5900440f6e3092b3545ee0f6
> Cr-Commit-Position: refs/heads/master@{#34250}

TBR=jochen@chromium.org,rmcilroy@chromium.org,yangguo@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1728193003

Cr-Commit-Position: refs/heads/master@{#34251}
2016-02-24 13:33:08 +00:00
vogelheim
a6f41f7b82 Encode interpreter::SourcePositionTable as variable-length ints.
This reduces the memory consumption of SourcePositionTable by ca. 2/3.
Over Octane, this reduces the source position table memory consumption
from ~370kB to ~115kB, which makes it ca. 10% of the total bytecode size
(~1.1MB)

BUG=

Review URL: https://codereview.chromium.org/1704943002

Cr-Commit-Position: refs/heads/master@{#34250}
2016-02-24 12:53:54 +00:00
ulan
9146bc5e20 Revert of Replace slots buffer with remembered set. (patchset #14 id:250001 of https://codereview.chromium.org/1703823002/ )
Reason for revert:
Revert because of canary crashes: crbug.com/589413

Original issue's description:
> Replace slots buffer with remembered set.
>
> Slots pointing to evacuation candidates are now recorded in the new RememberedSet<OLD_TO_OLD>.
>
> The remembered set is extended to support typed slots.
>
> During parallel evacuation all migration slots are recorded in local slots buffers.
> After evacuation all local slots are added to the remembered set.
>
> BUG=chromium:578883
> LOG=NO
>
> Committed: https://crrev.com/2285a99ef6f7d52f4f0c4d88a7db4224443ee152
> Cr-Commit-Position: refs/heads/master@{#34212}

TBR=jochen@chromium.org,hpayer@chromium.org,mlippautz@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:578883

Review URL: https://codereview.chromium.org/1725073003

Cr-Commit-Position: refs/heads/master@{#34238}
2016-02-24 09:48:21 +00:00
ahaas
4ddf252e85 [wasm] Unittest for Int64Lowering.
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1714793003

Cr-Commit-Position: refs/heads/master@{#34213}
2016-02-23 15:33:13 +00:00
ulan
2285a99ef6 Replace slots buffer with remembered set.
Slots pointing to evacuation candidates are now recorded in the new RememberedSet<OLD_TO_OLD>.

The remembered set is extended to support typed slots.

During parallel evacuation all migration slots are recorded in local slots buffers.
After evacuation all local slots are added to the remembered set.

BUG=chromium:578883
LOG=NO

Review URL: https://codereview.chromium.org/1703823002

Cr-Commit-Position: refs/heads/master@{#34212}
2016-02-23 13:53:02 +00:00
bmeurer
8a7186b87a [turbofan] Remove the JSContextRelaxation reducer.
This reducer doesn't really add value, because:

 (a) it is only concerned with JSCallFunction and JSToNumber, but when
     we get to it, all JSCallFunction nodes will have been replaced by
     Call nodes, and in the not so far future, we will also have
     replaced almost all JSToNumber nodes with better code,
 (b) and the reducer tries to be smart and use one of the outermost
     contexts, but that might not be beneficial always; actually it
     might even create longer live ranges and lead to more spilling
     in some cases.

But most importantly, the JSContextRelaxation currently blocks inlining
based on SharedFunctionInfo, because it requires the inliner to check
the native context, which in turn requires JSFunction knowledge. So I'm
removing this reducer for now to unblock the more important inliner
changes.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1715633002

Cr-Commit-Position: refs/heads/master@{#34139}
2016-02-19 07:55:48 +00:00
titzer
d8122dc73e Move RPO unittests into their own file.
R=jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1691373002

Cr-Commit-Position: refs/heads/master@{#33966}
2016-02-14 11:27:46 +00:00
rmcilroy
d1c28849c7 [Interpreter] Make InterpreterAssembler a subclass of CodeStubAssembler.
Moves InterpreterAssembler out of the compiler directory and into the
interpreter directory. Makes InterpreterAssembler as subclass of
CodeStubAssembler.

As part of this change, the special bytecode dispatch linkage type
is removed and instead we use a InterfaceDispatchDescriptor and
a normal CodeStub linkage type.

Removes a bunch of duplicated logic in InterpreterAssembler and
instead uses the CodeStubAssembler logic. Refactors Interpreter
with these changes.

Modifies CodeStubAssembler to add the extra operations required
by the Interpreter (extra call types, raw memory access and some extra
binary ops). Also adds the ability for subclasses to add extra
prologue and epilogue operations around calls, which is required
for the Interpreter.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1673333004

Cr-Commit-Position: refs/heads/master@{#33873}
2016-02-10 16:39:32 +00:00
bmeurer
07e9921f5a [turbofan] Introduce JSCreateLowering for optimizing JSCreate nodes.
This moves the JSCreate related functionality from JSTypedLowering into
a dedicated JSCreateLowering reducer. This is in preparation of landing
the support for optimized literals in TurboFan, which would blow up
JSTypedLowering quite seriously otherwise.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1678833002

Cr-Commit-Position: refs/heads/master@{#33813}
2016-02-08 12:33:59 +00:00
ulan
bb883395a8 New page local store buffer.
This replaces the global remembered set with per-page remembered sets.

Each page in the old space, map space, and large object space keeps track of
the set of slots in the page pointing to the new space.

The data structure for storing slot sets is a two-level bitmap, which allows
us to remove the store buffer overflow and SCAN_ON_SCAVENGE logic.

Design doc: https://goo.gl/sMKCf7

BUG=chromium:578883
LOG=NO

Review URL: https://codereview.chromium.org/1608583002

Cr-Commit-Position: refs/heads/master@{#33806}
2016-02-08 08:51:38 +00:00
oth
19df7a20f0 [interpreter] Wide register support.
This increases the size of register operands to be 16-bit.

Not all bytecodes have wide register variants, so when they are
needed a register translator will copy them into a small area
reserved at the top of the 8-bit register range and these registers
are supplied as arguments to the bytecode with 8-bit operands.

This is non-intrusive for typical bytecode where the number of
registers is less than 120. For bytecodes with wide register
operands (above the window) their index needs to be translated
to avoid the reserved translation window.

Enables splay.js to run in Octane and a handful of mjsunit tests.

BUG=v8:4280,v8:4675
LOG=NO

Review URL: https://codereview.chromium.org/1613163002

Cr-Commit-Position: refs/heads/master@{#33516}
2016-01-26 13:56:17 +00:00
titzer
0ab1e56203 [wasm] Add loop assignment analysis.
This CL implements loop assignment analysis, a pass over a loop's body
to record local variables that are assigned. This pre-pass is similar
to that done on the JavaScript AST for the same reason: avoid introducing
too many phis at loop headers when building a graph.

R=bradnelson@chromium.org,ahaas@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1617723003

Cr-Commit-Position: refs/heads/master@{#33486}
2016-01-25 10:28:04 +00:00
rmcilroy
ef21fb2de6 [Interpreter] Ensure we always have an outer register allocation scope.
Split RegisterAllocationScope out of ExpressionResult and allocate one
for each statement. This ensures that we always have an outer register
allocation scope for statement code (used in CountOperation and
RegisterExecutionResult). Also refactored the register allocator code to
move it to it's own file and rename from TemporaryRegisterScope to
BytecodeRegisterAllocator.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1587033002

Cr-Commit-Position: refs/heads/master@{#33296}
2016-01-14 13:43:40 +00:00
oth
8109f63fd5 [Interpreter] Add support for jumps using constants with wide operands.
This increases the size of addressable constant pool entries for jumps
to match other bytecodes using operands indexing the constant pool.

This change also introduces reservations for constant pool entries.
Reservations are used for forward jumps to ensure a constant pool entry
will be available when the jump target (label) is bound and the jump is
patched up in the bytecode array.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1546683002

Cr-Commit-Position: refs/heads/master@{#33125}
2016-01-05 19:09:10 +00:00
bradnelson
0e8b7ec8b1 Remove wasm compile time option and enable wasm behind a runtime flag.
Deferring enabling of tests to separate per platform CLs.

R=machenbach@chromium.org,titzer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1553083003

Cr-Commit-Position: refs/heads/master@{#33123}
2016-01-05 18:06:54 +00:00
machenbach
2a09d7f9b5 Revert of Remove wasm compile time option and enable wasm behind a runtime flag. (patchset #54 id:1050001 of https://codereview.chromium.org/1516753007/ )
Reason for revert:
[Sheriff] Some build failures, e.g.:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20shared/builds/7502

Original issue's description:
> Remove wasm compile time option and enable wasm behind a runtime flag.
>
> R=titzer@chromium.org
> BUG=
>
> Committed: https://crrev.com/153f2bd47cce9d5dfa74074dda34c02731d96924
> Cr-Commit-Position: refs/heads/master@{#32955}

TBR=titzer@chromium.org,bradnelson@google.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1531073003

Cr-Commit-Position: refs/heads/master@{#32957}
2015-12-17 17:59:00 +00:00
bradnelson
153f2bd47c Remove wasm compile time option and enable wasm behind a runtime flag.
R=titzer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1516753007

Cr-Commit-Position: refs/heads/master@{#32955}
2015-12-17 16:04:57 +00:00
titzer
4c5b3609fd Initial import of v8-native WASM.
As discussed in person, this adds the code from v8-native-prototype into
V8 proper, guarded by GYP flags that do not build the code by default.
Passing wasm=on to 'make' or setting v8_wasm as a GYP flag activates
building of this code.

An additional header file is added to and exported from the compiler
directory, src/compiler/wasm-compiler.h. This exposes a limited interface
with opaque Node and Graph types to the decoder to build TF graphs, as
well as functions to compile WASM graphs.

The mjsunit tests added are blacklisted because they fail without the
WASM object exposed to JS, which is also disabled by the build config
option.

This corresponds closely to 5981e06ebc, with some formatting fixes and moving some files into src/compiler.

R=mstarzinger@chromium.org, bradnelson@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1504713014

Cr-Commit-Position: refs/heads/master@{#32794}
2015-12-11 12:27:05 +00:00
jochen
6f472db65a Disable soon to be deprecated APIs per default for v8
Embedders still can use those APIs by default

test-api.cc still has an exception to use the old APIs...

BUG=v8:4143
R=vogelheim@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1505803004

Cr-Commit-Position: refs/heads/master@{#32701}
2015-12-09 10:35:04 +00:00
sigurds
aa0ddf7db4 [turbofan] Initial support for escape analysis.
This is the first part of escape analysis for turbofan.
At the moment, there is no deopt support, and support
for loops is partial (only binary Phis are handled).

The CL includes 4 unittests.

There are also 8 new mjsunit tests, some of which are
skiped as they require features not yet implemented.

BUG=v8:4586
LOG=n

Review URL: https://codereview.chromium.org/1457683003

Cr-Commit-Position: refs/heads/master@{#32498}
2015-12-02 10:53:50 +00:00
oth
c0bc19fc7f [Interpreter] Deprecate bytecode-graph-builder-unittest.
Removing bytecode graph builder tests as they are high maintenance and
have limited use, ie they track changes in the implementation rather
than behaviour.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1477783003

Cr-Commit-Position: refs/heads/master@{#32333}
2015-11-26 11:50:20 +00:00
bmeurer
5d18e93bd6 Revert of binary-operator-reducer: reduce mul+div(shift) (patchset #11 id:200001 of https://codereview.chromium.org/1350223006/ )
Reason for revert:
This is also unsound for the reasons outlined in
https://codereview.chromium.org/1473073004/
Will help Fedor to implement a solution based on simplified operators.

Original issue's description:
> binary-operator-reducer: reduce mul+div(shift)
>
> Reduction Input:
>
>     ChangeInt32ToFloat64=>          TruncateFloat64ToInt32
>                          Float64Mul=>
>     ChangeInt32ToFloat64=>          Float64Div=>TruncateFloat64ToInt32
>
> Output:
>
>          =>  TruncateInt64ToInt32
> Int64Mul
>          =>  Int64Shr => TruncateInt64ToInt32
>
> Test code:
>
>     function mul(a, b) {
>       var l = a & 0x3ffffff;
>       var h = b & 0x3ffffff;
>       var m = l * h;
>
>       var rl = m & 0x3ffffff;
>       var rh = (m / 0x4000000) | 0;
>
>       return rl | rh;
>     }
>
>     mul(1, 2);
>     var a0 = mul(0x3ffffff, 0x3ffffff);
>     mul(0x0, 0x0);
>     %OptimizeFunctionOnNextCall(mul);
>     var a1 = mul(0x3ffffff, 0x3ffffff);
>
>     print(a0 + ' == ' + a1);
>
> BUG=
> R=mstarzinger@chromium.org
>
> Committed: https://crrev.com/461e5b49d022335a7fc4e9d172397a4bd48b93d4
> Cr-Commit-Position: refs/heads/master@{#31899}

TBR=mstarzinger@chromium.org,danno@chromium.org,titzer@chromium.org,fedor@indutny.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1478923002

Cr-Commit-Position: refs/heads/master@{#32313}
2015-11-26 06:16:01 +00:00
bmeurer
b0c179daf6 Revert of [compiler] merge binary-operator-reducer (patchset #2 id:20001 of https://codereview.chromium.org/1473073004/ )
Reason for revert:
Unsound use of types in the MachineOperatorReducer. Will work on a sound solution with Fedor.

Original issue's description:
> [compiler] merge binary-operator-reducer
>
> Merge BinaryOperatorReducer into the MachineOperatorReducer class.
> It does not need `Revisit()` calls, because the newly inserted nodes are
> visited anyway, and there are no other methods that need AdvancedReducer
> there.
>
> BUG=
> R=titzer@chromium.org
>
> Committed: https://crrev.com/993ba9d2529a6401b3040b9263f8d06db7dbb4f1
> Cr-Commit-Position: refs/heads/master@{#32298}

TBR=titzer@chromium.org,fedor@indutny.com
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1476763006

Cr-Commit-Position: refs/heads/master@{#32310}
2015-11-26 03:52:30 +00:00
fedor
993ba9d252 [compiler] merge binary-operator-reducer
Merge BinaryOperatorReducer into the MachineOperatorReducer class.
It does not need `Revisit()` calls, because the newly inserted nodes are
visited anyway, and there are no other methods that need AdvancedReducer
there.

BUG=
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1473073004

Cr-Commit-Position: refs/heads/master@{#32298}
2015-11-25 19:25:17 +00:00
mlippautz
6c85c14845 Add lock-based unbounded queue
...based on the 2-lock algorithm by M. Scott and M. Michael (1992).

BUG=chromium:524425
LOG=N

Review URL: https://codereview.chromium.org/1448283004

Cr-Commit-Position: refs/heads/master@{#32078}
2015-11-18 10:54:13 +00:00
mlippautz
60e7ea8a99 Add {CancelableTaskManager} to handle {Cancelable} concurrent tasks.
This change binds each {Cancelable} task to a so-called {CancelableTaskManager},
which is then used to handle concurrent cancelation as well as synchronizing
shutdown for already running tasks.  Since ownership of tasks is transferred to
the platform executing a task (destructor), handling in the manager uses integer
ids. Note that this also mitigates (modulo integer size) the ABA problem.

All handling of {Cancelable} tasks is now encapsulated into the corresponding
manager, which is instantiated for each isolate.

R=hpayer@chromium.org
BUG=chromium:524425
LOG=N
CQ_EXTRA_TRYBOTS=tryserver.v8:v8_linux_arm64_gc_stress_dbg;tryserver.v8:v8_linux_gc_stress_dbg;tryserver.v8:v8_mac_gc_stress_dbg;tryserver.v8:v8_linux64_msan_rel;tryserver.v8:v8_linux64_tsan_rel;tryserver.v8:v8_mac64_asan_rel

Review URL: https://codereview.chromium.org/1409993012

Cr-Commit-Position: refs/heads/master@{#31997}
2015-11-14 01:20:14 +00:00
fedor
461e5b49d0 binary-operator-reducer: reduce mul+div(shift)
Reduction Input:

    ChangeInt32ToFloat64=>          TruncateFloat64ToInt32
                         Float64Mul=>
    ChangeInt32ToFloat64=>          Float64Div=>TruncateFloat64ToInt32

Output:

         =>  TruncateInt64ToInt32
Int64Mul
         =>  Int64Shr => TruncateInt64ToInt32

Test code:

    function mul(a, b) {
      var l = a & 0x3ffffff;
      var h = b & 0x3ffffff;
      var m = l * h;

      var rl = m & 0x3ffffff;
      var rh = (m / 0x4000000) | 0;

      return rl | rh;
    }

    mul(1, 2);
    var a0 = mul(0x3ffffff, 0x3ffffff);
    mul(0x0, 0x0);
    %OptimizeFunctionOnNextCall(mul);
    var a1 = mul(0x3ffffff, 0x3ffffff);

    print(a0 + ' == ' + a1);

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1350223006

Cr-Commit-Position: refs/heads/master@{#31899}
2015-11-09 20:42:39 +00:00
Benedikt Meurer
71bde166b1 [turbofan] Remove obsolete JSTypeFeedbackSpecializer and JSTypeFeedbackLowering.
Both the JSTypeFeedbackSpecializer and the JSTypeFeedbackLowering is
dead code by now, since the more general JSNativeContextSpecialization
deals with the property/global load/store type feedback in a way that
also interacts properly with inlining.

BUG=v8:4470
LOG=n
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1407913003 .

Cr-Commit-Position: refs/heads/master@{#31462}
2015-10-22 10:24:27 +00:00
jarin
106aecf262 [turbofan] Redundant branch elimination.
Removes a branch that checks for a condition that has been checked on dominators of the branch.

This introduces a new reducer that propagates the list of checked conditions (and their boolean values) through the control flow graph. If it encounters a branch checking a condition with a known value, the branch is eliminated.

The analysis relies on loops being reducible: if a condition has been checked on all paths to loop entry, then it is checked in the loop (regardless what of the conditions checked inside the loop).

The implementation is fairly naive and could be improved:

- all the operation on the condition lists could be made allocation-free when revisited.

- we could try to use a map structure rather than a linked list (to make
lookups faster).

- the merging of control flow could be changed to take into account
  conditions from non-dominating paths (as long as all paths check
  the condition).

Review URL: https://codereview.chromium.org/1376293005

Cr-Commit-Position: refs/heads/master@{#31347}
2015-10-17 17:50:26 +00:00
mlippautz
3feba64470 [heap] Fix mark bits for partially compacted pages.
See bug report.

R=ulan@chromium.org
BUG=chromium:538567
LOG=N

Review URL: https://codereview.chromium.org/1393293002

Cr-Commit-Position: refs/heads/master@{#31179}
2015-10-08 13:49:30 +00:00
machenbach
e1743816d3 Reland [swarming] Isolate v8 testing.
This reverts commit 280a6f8ec8.

Reland of https://codereview.chromium.org/1380593002/

BUG=chromium:535160
LOG=n
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel;

Review URL: https://codereview.chromium.org/1390473003

Cr-Commit-Position: refs/heads/master@{#31094}
2015-10-05 09:48:42 +00:00
danno
280a6f8ec8 Revert of [swarming] Isolate v8 testing. (patchset #8 id:140001 of https://codereview.chromium.org/1380593002/ )
Reason for revert:
Prime suspect in breakage of V8 Linux -- no snap

Original issue's description:
> [swarming] Isolate v8 testing.
>
> Add gyp support and isolates for default test suites.
> Add two default isolates, one (default) for using the
> test suite collection we call "default" on the bots. One
> (developer_default) for also supporting the way developers
> call the driver (i.e. without argument, which includes
> the unittests).
>
> BUG=chromium:535160
> LOG=n
>
> Committed: https://crrev.com/9bd83f58f29ab0c7c5b71b00bcb1df3a9e641f05
> Cr-Commit-Position: refs/heads/master@{#31081}

TBR=tandrii@chromium.org,jochen@chromium.org,maruel@chromium.org,machenbach@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:535160

Review URL: https://codereview.chromium.org/1370993008

Cr-Commit-Position: refs/heads/master@{#31084}
2015-10-02 15:45:13 +00:00
machenbach
9bd83f58f2 [swarming] Isolate v8 testing.
Add gyp support and isolates for default test suites.
Add two default isolates, one (default) for using the
test suite collection we call "default" on the bots. One
(developer_default) for also supporting the way developers
call the driver (i.e. without argument, which includes
the unittests).

BUG=chromium:535160
LOG=n

Review URL: https://codereview.chromium.org/1380593002

Cr-Commit-Position: refs/heads/master@{#31081}
2015-10-02 15:15:39 +00:00
oth
17363fa4f3 [Interpreter] Add interpreter support for compare ops and ToBoolean.
The comparison operators and ToBoolean are implemented by calling into
the runtime. There are new runtime methods are prefixed with Interpreter
to make use case clear.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1369123002

Cr-Commit-Position: refs/heads/master@{#30983}
2015-09-28 18:07:05 +00:00
ulan
6256dc53cc Perform scavenge in idle tasks.
BUG=chromium:490559
LOG=NO

Review URL: https://codereview.chromium.org/1352453004

Cr-Commit-Position: refs/heads/master@{#30944}
2015-09-25 14:49:23 +00:00
oth
8df7b4f6b5 [Interpreter] Skeleton bytecode graph builder
Add skeleton version bytecode-graph-builder.{h,cc} for existing
bytecodes.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1291693004

Cr-Commit-Position: refs/heads/master@{#30687}
2015-09-10 16:21:40 +00:00
mlippautz
cd6631ade9 Add template parameter and unittests to atomic utils.
BUG=

Review URL: https://codereview.chromium.org/1324153003

Cr-Commit-Position: refs/heads/master@{#30589}
2015-09-04 14:02:20 +00:00
oth
22983f71f9 [Intepreter] Extend and move Register class.
Add methods for converting parameter index to a register and vice-versa.

Move Register class into bytecodes.h.

Update Bytecodes::Decode to pretty print parameters.

BUG=v8:4280
LOG=NO

Review URL: https://codereview.chromium.org/1325983002

Cr-Commit-Position: refs/heads/master@{#30549}
2015-09-02 17:48:24 +00:00
mtrofin
d940690bb5 [turbofan] Live Range unit tests.
Unit tests for split/splinter/merge.

BUG=

Review URL: https://codereview.chromium.org/1315113003

Cr-Commit-Position: refs/heads/master@{#30475}
2015-08-31 13:27:12 +00:00
bradnelson
a2462683b7 Allowing optional build of a WASM prototype behind a gyp define.
Place a copy of the v8-native-prototype in third_party/wasm.
GYP_DEFINES='v8_wasm=1' gclient runhooks

BUG=None
TEST=None
R=titzer@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/1294543006

Cr-Commit-Position: refs/heads/master@{#30225}
2015-08-18 15:04:11 +00:00
vogelheim
c69e2eae54 Rework startup-data-util.
- Make the API look like v8::V8::InitializeICU.
  (That is: A static method call, not an object to be created on the stack.)
- Fix path separator on Windows, by calling base::OS::isPathSeparator.
- Move into API, so that it can be called by hello-world & friends.
- Actually call it from hello-world and friends.

R=jochen@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1292053002

Cr-Commit-Position: refs/heads/master@{#30174}
2015-08-14 12:11:46 +00:00
rmcilroy
9b56924df2 [interpreter]: Update BytecodeArrayBuilder register handling.
Modifies the BytecodeArrayBuilder to create register operands which are
negative. This reduces the number of instructions to access registers
by the interpreter and allows us to use positive register operands to
access parameter values.

Adds a Register class to keep register usage typesafe and simplify the
convertion to bytecode operand values.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1283313003

Cr-Commit-Position: refs/heads/master@{#30151}
2015-08-13 11:28:00 +00:00
rmcilroy
7877c4e0c7 [interpreter] Add basic framework for bytecode handler code generation.
Adds basic support for generation of interpreter bytecode handler code
snippets. The InterpreterAssembler class exposes a set of low level,
interpreter specific operations which can be used to build a Turbofan
graph. The Interpreter class generates a bytecode handler snippet for
each bytecode by assembling operations using an InterpreterAssembler.

Currently only two simple bytecodes are supported: LoadLiteral0 and Return.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1239793002

Cr-Commit-Position: refs/heads/master@{#29814}
2015-07-23 14:21:39 +00:00
danno
d1a6dfaf4d [turbofan]: Fix tail calls edge cases and add tests
Review URL: https://codereview.chromium.org/1245523002

Cr-Commit-Position: refs/heads/master@{#29791}
2015-07-22 18:27:35 +00:00
mtrofin
3e3608cdd5 Unit tests for the live range conflict detection mechanism (CoalescedLiveRanges) in the Greedy Allocator.
Consolidated conflict detection and traversal logic in CoalescedLiveRanges to avoid duplication in both code and testing. In addition, this change achieves better separation between CoalescedLiveRanges and other register allocator components, improving testability and maintainability.

BUG=

Review URL: https://codereview.chromium.org/1219063017

Cr-Commit-Position: refs/heads/master@{#29783}
2015-07-22 04:50:22 +00:00
danno
cca5e74a58 [turbofan]: Add a context relaxation Reducer
In many cases, the context that TurboFan's ASTGraphBuilder or subsequent
reduction operations attaches to nodes does not need to be that exact
context, but rather only needs to be one with the same native context,
because it is used internally only to fetch the native context, e.g. for
creating and throwing exceptions.

This reducer recognizes common cases where the context that is specified
for a node can be relaxed to a canonical, less specific one. This
relaxed context can either be the enclosing function's context or a specific
Module or Script context that is explicitly created within the function.

This optimization is especially important for TurboFan-generated code stubs
which use context specialization and inlining to generate optimal code.
Without context relaxation, many extraneous moves are generated to pass
exactly the right context to internal functions like ToNumber and
AllocateHeapNumber, which only need the native context. By turning context
relaxation on, these moves disappear because all these common internal
context uses are unified to the context passed into the stub function, which
is typically already in the correct context register and remains there for
short stubs. It also eliminates the explicit use of a specialized context
constant in the code stub in these cases, which could cause memory leaks.

Review URL: https://codereview.chromium.org/1244583003

Cr-Commit-Position: refs/heads/master@{#29763}
2015-07-20 17:16:14 +00:00
jochen
b8a4978110 Unittests don't use deprecated APIs. Yay!
Make sure it stays that way

BUG=v8:4134
R=yangguo@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1242563003

Cr-Commit-Position: refs/heads/master@{#29741}
2015-07-20 06:55:06 +00:00
rmcilroy
ea560a9be9 [turbofan] Move RawMachineAssembler back to src/compiler.
The RawMachineAssembler will be used to build the interpreter, so it needs
to move back to src/compiler.

This reverts commit b5b00cc031.

BUG=v8:4280
LOG=N

Review URL: https://codereview.chromium.org/1221303014

Cr-Commit-Position: refs/heads/master@{#29519}
2015-07-07 15:02:51 +00:00
ulan
a7f62edb71 Reland "Replace reduce-memory mode in idle notification with delayed clean-up GC."
This reverts commit 269918927a.
This reverts commit 435b3c873a.

The failing test is fixing in chromium.

BUG=chromium:490559
LOG=NO
TBR=hpayer@chromium.org

Review URL: https://codereview.chromium.org/1208993009

Cr-Commit-Position: refs/heads/master@{#29512}
2015-07-07 11:37:53 +00:00
machenbach
269918927a Revert of Replace reduce-memory mode in idle notification with delayed clean-up GC. (patchset #17 id:320001 of https://codereview.chromium.org/1218863002/)
Reason for revert:
[Sheriff] Looks like it blocks the roll (bisected). Speculative revert.
https://codereview.chromium.org/1210293003/

Original issue's description:
> Replace reduce-memory mode in idle notification with delayed clean-up GC.
>
> BUG=490559
> LOG=NO
>
> Committed: https://crrev.com/0ecd9e1bd2c6b519d4e7285f46cb7e844bc2235c
> Cr-Commit-Position: refs/heads/master@{#29451}

TBR=hpayer@chromium.org,ulan@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=490559

Review URL: https://codereview.chromium.org/1226703002

Cr-Commit-Position: refs/heads/master@{#29470}
2015-07-05 18:19:03 +00:00
ulan
0ecd9e1bd2 Replace reduce-memory mode in idle notification with delayed clean-up GC.
BUG=490559
LOG=NO

Review URL: https://codereview.chromium.org/1218863002

Cr-Commit-Position: refs/heads/master@{#29451}
2015-07-02 15:41:36 +00:00
bmeurer
5056c8219a [turbofan] Revive the useful parts of the SimplifiedOperatorReducer.
This partially reverts https://codereview.chromium.org/1162563002
because we might actually be able to optimize certain combinations
now due to dead code elimination.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1202263006

Cr-Commit-Position: refs/heads/master@{#29277}
2015-06-25 04:47:16 +00:00
bmeurer
733a246386 [turbofan] Proper dead code elimination as regular reducer.
The three different concerns that the ControlReducer used to deal with
are now properly separated into

  a.) DeadCodeElimination, which is a regular AdvancedReducer, that
      propagates Dead via control edges,
  b.) CommonOperatorReducer, which does strength reduction on common
      operators (i.e. Branch, Phi, and friends), and
  c.) GraphTrimming, which removes dead->live edges from the graph.

This will make it possible to run the DeadCodeElimination together with
other passes that actually introduce Dead nodes, i.e. typed lowering;
and it opens the door for general inlining without two stage fix point
iteration.

To make the DeadCodeElimination easier and more uniform, we basically
reverted the introduction of DeadValue and DeadEffect, and changed the
Dead operator to produce control, value and effect. Note however that
this is not a requirement, but merely a way to make dead propagation
easier and more uniform. We could always go back and decide to have
different Dead operators if some other change requires that.

Note that there are several additional opportunities for cleanup now,
i.e. OSR deconstruction could be a regular reducer now, and we don't
need to use TheHole as dead value marker in the GraphReducer. And we can
actually run the dead code elimination together with the other passes
instead of using separate passes over the graph.  We will do this in
follow up CLs.

R=jarin@chromium.org, mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1193833002

Cr-Commit-Position: refs/heads/master@{#29146}
2015-06-19 12:07:26 +00:00
bmeurer
80a6e53935 [turbofan] Move graph trimming functionality to dedicated GraphTrimmer.
Up until now that was still mixed with control reduction in the
ControlReducer. This separation allows us to remove the horrible
Reducer::Finish hack and also do graph trimming at more appropriate
places in the pipeline (i.e. trim dead nodes after generic lowering,
which can also make nodes dead).

R=jarin@chromium.org,mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1188433010

Cr-Commit-Position: refs/heads/master@{#29077}
2015-06-17 10:56:37 +00:00
ulan
143a9e0431 Compute the heap growing factor based on mutator utilization and allocation throughput.
Doc: https://goo.gl/LLGvBs

BUG=

Review URL: https://codereview.chromium.org/1163143009

Cr-Commit-Position: refs/heads/master@{#29015}
2015-06-15 08:32:59 +00:00
bmeurer
b5b00cc031 [turbofan] Move RawMachineAssembler to unittests.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1177353003

Cr-Commit-Position: refs/heads/master@{#28993}
2015-06-12 10:33:19 +00:00
bmeurer
19482d29e5 [turbofan] Remove the useless SimplifiedOperatorReducer.
The SimplifiedOperatorReducer is (mostly) unused, except for the very
rough store elimination, and just eats compilation time.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1162563002

Cr-Commit-Position: refs/heads/master@{#28673}
2015-05-28 08:38:13 +00:00
ulan
d77839fd01 Add aggregated memory histograms.
This introduces V8.MemoryHeapCommitted and V8.MemoryHeapUsed histograms.

In contrast to the existing memory histograms, the new histograms are uniform in time, i.e. their samples happen at regular time intervals. The --histogram-interval specifies the length of the interval.

We implement this by linearly interpolating memory stats between GC and idle notification events.

BUG=chromium:485472
LOG=NO

Review URL: https://codereview.chromium.org/1125683004

Cr-Commit-Position: refs/heads/master@{#28292}
2015-05-07 10:03:41 +00:00
bmeurer
7b33409ba3 [turbofan] Add support for advanced reducers.
An AdvancedReducer is basically a regular Reducer with an editor
that can perform graph editing operations beyond changing or
replacing the node that is currently being reduced. The GraphReducer
is the default implementation of the AdvancedReducer::Editor interface.

The ControlReducerImpl is now just an AdvancedReducer, which
temporarily requires a Finish method in the reducer to implement
the dead node trimming until we move that to the GraphReducer
(which in turn requires that all loops are connected to End).

Review URL: https://codereview.chromium.org/1122423003

Cr-Commit-Position: refs/heads/master@{#28251}
2015-05-06 10:12:52 +00:00
bmeurer
d21de2a48b [turbofan] Fix tail call optimization.
Tail calls are matched on the graph, with a dedicated tail call
optimization that is actually testable. The instruction selection can
still fall back to a regular if the platform constraints don't allow to
emit a tail call (i.e. the return locations of caller and callee differ
or the callee takes non-register parameters, which is a restriction that
will be removed in the future).

Also explicitly limit tail call optimization to stubs for now and drop
the global flag.

BUG=v8:4076
LOG=n

Review URL: https://codereview.chromium.org/1114163005

Cr-Commit-Position: refs/heads/master@{#28219}
2015-05-05 09:43:02 +00:00
michael_dawson
41cb1e51b9 Switch to larger TOC on AIX for unitttests
Switch to larger TOC on AIX for unitttests as the size has grown
such that it no longer compiles with the default TOC size

	modified:   unittests.gyp

R=danno@chromium.org, svenpanne@chromium.org, mbrandy@us.ibm.com

BUG=

Review URL: https://codereview.chromium.org/1115763003

Cr-Commit-Position: refs/heads/master@{#28144}
2015-04-30 07:50:27 +00:00
mstarzinger
4bc2beab97 [test] Turn compiler/test-node-cache into a unit test.
R=jarin@chromium.org
TEST=unittests/NodeCacheTest

Review URL: https://codereview.chromium.org/1114903002

Cr-Commit-Position: refs/heads/master@{#28136}
2015-04-29 14:40:05 +00:00
titzer
6e82fbfbaf [turbofan] Reland: Optimize loads from the global object in JSTypeFeedbackSpecializer.
R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1110503002

Cr-Commit-Position: refs/heads/master@{#28073}
2015-04-27 12:15:06 +00:00
machenbach
fbf300802f Revert of [turbofan] Optimize loads from the global object in JSTypeFeedbackSpecializer. (patchset #10 id:180001 of https://codereview.chromium.org/1063513003/)
Reason for revert:
[sheriff] Breaks nosnap debug:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap%20-%20debug%20-%201/builds/156

Original issue's description:
> [turbofan] Optimize loads from the global object in JSTypeFeedbackSpecializer.
>
> Uses lazy deoptimization and code dependencies to introduce loads
> from property cells and also to promote globals to constants.
>
> R=mstarzinger@chromium.org
> BUG=
>
> Committed: https://crrev.com/aae4a62d07e839455b1d0ad4fa512cc5d48a1a68
> Cr-Commit-Position: refs/heads/master@{#28057}

TBR=mstarzinger@chromium.org,titzer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=

Review URL: https://codereview.chromium.org/1084533003

Cr-Commit-Position: refs/heads/master@{#28063}
2015-04-27 10:07:08 +00:00
titzer
aae4a62d07 [turbofan] Optimize loads from the global object in JSTypeFeedbackSpecializer.
Uses lazy deoptimization and code dependencies to introduce loads
from property cells and also to promote globals to constants.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1063513003

Cr-Commit-Position: refs/heads/master@{#28057}
2015-04-27 09:06:41 +00:00
vogelheim
ee9c738929 Re-work the 'external snapshot' related build rules.
This prepares for re-landing crrev.com/956373002

This pulls all decision about the snapshot [no|internal|external] into one rule. Previously, this logic was in separate places and not /quite/ the same, which causes build problems.

BUG=

Review URL: https://codereview.chromium.org/1016603004

Cr-Commit-Position: refs/heads/master@{#27523}
2015-03-30 14:54:27 +00:00
jarin
ca3abde2fa [turbofan] Variable liveness analysis for deopt.
This change introduces a liveness analyzer for local variables in frame states.

The main idea is to use the AstGraphBuilder::Environment class to build the control flow graph, and record local variable loads, stores and checkpoints in the CFG basic blocks (LivenessAnalyzerBlock class).

After the graph building finishes, we run a simple data flow analysis over the CFG to figure out liveness of each local variable at each checkpoint. Finally, we run a pass over all the checkpoints and replace dead local variables in the frame states with the 'undefined' value.

Performance numbers for Embenchen are below.

----------- box2d.js
Current --turbo-deoptimization: EmbenchenBox2d(RunTime): 11265 ms.
d8-master --turbo-deoptimization: EmbenchenBox2d(RunTime): 11768 ms.
d8-master: EmbenchenBox2d(RunTime): 10996 ms.
----------- bullet.js
Current --turbo-deoptimization: EmbenchenBullet(RunTime): 17049 ms.
d8-master --turbo-deoptimization: EmbenchenBullet(RunTime): 17384 ms.
d8-master: EmbenchenBullet(RunTime): 16153 ms.
----------- copy.js
Current --turbo-deoptimization: EmbenchenCopy(RunTime): 4877 ms.
d8-master --turbo-deoptimization: EmbenchenCopy(RunTime): 4938 ms.
d8-master: EmbenchenCopy(RunTime): 4940 ms.
----------- corrections.js
Current --turbo-deoptimization: EmbenchenCorrections(RunTime): 7068 ms.
d8-master --turbo-deoptimization: EmbenchenCorrections(RunTime): 6718 ms.
d8-master: EmbenchenCorrections(RunTime): 6858 ms.
----------- fannkuch.js
Current --turbo-deoptimization: EmbenchenFannkuch(RunTime): 4167 ms.
d8-master --turbo-deoptimization: EmbenchenFannkuch(RunTime): 4608 ms.
d8-master: EmbenchenFannkuch(RunTime): 4149 ms.
----------- fasta.js
Current --turbo-deoptimization: EmbenchenFasta(RunTime): 9981 ms.
d8-master --turbo-deoptimization: EmbenchenFasta(RunTime): 9848 ms.
d8-master: EmbenchenFasta(RunTime): 9640 ms.
----------- lua_binarytrees.js
Current --turbo-deoptimization: EmbenchenLuaBinaryTrees(RunTime): 11571 ms.
d8-master --turbo-deoptimization: EmbenchenLuaBinaryTrees(RunTime): 13089 ms.
d8-master: EmbenchenLuaBinaryTrees(RunTime): 10957 ms.
----------- memops.js
Current --turbo-deoptimization: EmbenchenMemOps(RunTime): 7766 ms.
d8-master --turbo-deoptimization: EmbenchenMemOps(RunTime): 7346 ms.
d8-master: EmbenchenMemOps(RunTime): 7738 ms.
----------- primes.js
Current --turbo-deoptimization: EmbenchenPrimes(RunTime): 7459 ms.
d8-master --turbo-deoptimization: EmbenchenPrimes(RunTime): 7453 ms.
d8-master: EmbenchenPrimes(RunTime): 7451 ms.
----------- skinning.js
Current --turbo-deoptimization: EmbenchenSkinning(RunTime): 15564 ms.
d8-master --turbo-deoptimization: EmbenchenSkinning(RunTime): 15611 ms.
d8-master: EmbenchenSkinning(RunTime): 15583 ms.
----------- zlib.js
Current --turbo-deoptimization: EmbenchenZLib(RunTime): 10825 ms.
d8-master --turbo-deoptimization: EmbenchenZLib(RunTime): 11180 ms.
d8-master: EmbenchenZLib(RunTime): 10823 ms.

BUG=

Review URL: https://codereview.chromium.org/949743002

Cr-Commit-Position: refs/heads/master@{#27232}
2015-03-17 09:38:43 +00:00
jarin
cd67e97a7e [turbofan] Cache for reusing parts of value vector nodes in frame states.
Instead of the current approach of storing flat vectors in frame states (and possibly reusing the last vector in AST graph builder), this change list builds a tree for the values and tries to reuse the nodes for different frame states. At the moment, we only use this for the local variable part of frame state, but nothing prevents us from using this for all parts.

This change provides two new classes: one for creating the tree (StateValuesCache) and one for iterating the trees (StateValuesAccess).

BUG=

Review URL: https://codereview.chromium.org/1008213002

Cr-Commit-Position: refs/heads/master@{#27222}
2015-03-16 13:43:13 +00:00
bmeurer
acd9c46ca7 [turbofan] Optimize certain chains of Branch into a Switch.
This adds a new ControlFlowOptimizer that - for now - recognizes chains
of Branches generated by the SwitchBuilder for a subset of javascript
switches into Switch nodes. Those Switch nodes are then lowered to
either table or lookup switches.

Also rename Case to IfValue (and introduce IfDefault) for consistency.

BUG=v8:3872
LOG=n

Review URL: https://codereview.chromium.org/931623002

Cr-Commit-Position: refs/heads/master@{#26691}
2015-02-17 13:29:46 +00:00
jarin
8bd0bd522e [turbofan] Make the representation type component independent of the semantic component.
R=rossberg@chromium.org
BUG=

Review URL: https://codereview.chromium.org/904863002

Cr-Commit-Position: refs/heads/master@{#26621}
2015-02-12 15:21:33 +00:00
vogelheim
2ea8df76ba Fix cctest + unittest to work with an external snapshot.
To do so, extract startup_data_util from d8 and use it those executables.

BUG=

Review URL: https://codereview.chromium.org/913703002

Cr-Commit-Position: refs/heads/master@{#26547}
2015-02-10 15:38:09 +00:00
Benedikt Meurer
9dff8185dd Revert "[turbofan] Make Factory::NewNumber() always return the minus_zero_value."
This reverts commit f578d35ba8 because
(immutable) heap numbers are surprisingly mutable in V8. Someone else
might want to cleanup the mess, otherwise we'll just keep it this way.

TBR=jkummerow@chromium.org
BUG=chromium:454894
LOG=y

Review URL: https://codereview.chromium.org/898973003

Cr-Commit-Position: refs/heads/master@{#26447}
2015-02-05 04:58:49 +00:00
bmeurer
c65ae4f10c Reland "Initial switch to Chromium-style CHECK_* and DCHECK_* macros.".
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/877753007

Cr-Commit-Position: refs/heads/master@{#26346}
2015-01-30 09:29:41 +00:00
Benedikt Meurer
883852293a Revert "Make GCC happy again." and "Initial switch to Chromium-style CHECK_* and DCHECK_* macros.".
This reverts commit 6a4c0a3bae and commit
0deaa4b629 for breaking GCC bots.

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/893533003

Cr-Commit-Position: refs/heads/master@{#26342}
2015-01-30 07:19:57 +00:00
bmeurer
0deaa4b629 Initial switch to Chromium-style CHECK_* and DCHECK_* macros.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/888613002

Cr-Commit-Position: refs/heads/master@{#26340}
2015-01-30 06:25:36 +00:00
bmeurer
59a02ebdbe [turbofan] Ensure that NTLs are always properly connected to the end.
Up until now we used a special Terminate node to artifically connect non
terminating loops to the End node, but this was kind of adhoc and didn't
work for the CFG. So without all kinds of weird hacks, the end block in
the CFG will not be connected to NTLs, which makes it impossible to
compute post dominance / control dependence in the current setting.

So instead of Terminate, we add a special Branch to NTLs, whose
condition is the special Always node, which corresponds to True, except
that it cannot be folded away. This way we don't need any special
machinery in the scheduler, since it's just a regular Branch.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/875263004

Cr-Commit-Position: refs/heads/master@{#26294}
2015-01-27 14:02:28 +00:00
danno
c6ae373335 Convert compiler cctest to unittests: SchedulerTest
R=mstarzinger@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/863213003

Cr-Commit-Position: refs/heads/master@{#26267}
2015-01-26 11:21:24 +00:00
bmeurer
4f1597a92d [turbofan] Add new JSIntrinsicsLowering reducer.
The lowering of intrinsics is therefore now decoupled from the general
inlining logic.

TEST=cctest,unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/872363002

Cr-Commit-Position: refs/heads/master@{#26263}
2015-01-26 09:06:03 +00:00
bmeurer
c9283148d1 [turbofan] Cleanup Schedule and related classes.
- Move unit tests to schedule-unittests.cc.
- Remove pre-C++11 cruft.
- Fix some include weirdness.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/864293002

Cr-Commit-Position: refs/heads/master@{#26220}
2015-01-22 13:01:13 +00:00
titzer
3442a5f9e0 [turbofan] First version of loop peeling.
BUG=

Review URL: https://codereview.chromium.org/816053002

Cr-Commit-Position: refs/heads/master@{#26149}
2015-01-20 09:45:17 +00:00
bmeurer
f578d35ba8 [turbofan] Make Factory::NewNumber() always return the minus_zero_value.
TEST=unittests

Review URL: https://codereview.chromium.org/857783002

Cr-Commit-Position: refs/heads/master@{#26124}
2015-01-19 08:07:37 +00:00
bmeurer
835cc463a8 [turbofan] Initial attempt to cleanup Node and related classes.
- Make Node::Inputs and Node::Uses mostly STL compliant.
- Get rid of some pre-C++11 crappiness.
- Start moving unit tests from cctest to unittests.
- TrimInputCount() now tries to reserve inputs slots for
  later appending.
- Fix numerous style guide violations.

TEST=cctest,unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/851263002

Cr-Commit-Position: refs/heads/master@{#26098}
2015-01-16 11:04:22 +00:00
Sven Panne
e4c5b84652 Contribution of PowerPC port (continuation of 422063005)
Contribution of PowerPC port (continuation of 422063005). The inital patch
covers the core changes to the common files.  Subsequent patches will cover
changes to common files to support AIX and to update the ppc directories so
they are current with the changes in the rest of the project.

This is based off of the GitHub repository
https://github.com/andrewlow/v8ppc

BUG=
R=svenpanne@chromium.org, danno@chromium.org, sevnpanne@chromium.org

Review URL: https://codereview.chromium.org/817143002

Cr-Commit-Position: refs/heads/master@{#26091}
2015-01-16 07:42:15 +00:00
bmeurer
a9d0d23405 Revert of [turbofan] Make Factory::NewNumber() always return the minus_zero_value. (patchset #1 id:1 of https://codereview.chromium.org/838263006/)
Reason for revert:
Breaks the tree

Original issue's description:
> [turbofan] Make Factory::NewNumber() always return the minus_zero_value.
>
> TEST=unittests
> R=mstarzinger@chromium.org, dcarney@chromium.org
>
> Committed: https://crrev.com/55b3e268b2895e2c09230d39669a75b6ab4e7e4d
> Cr-Commit-Position: refs/heads/master@{#26080}

TBR=dcarney@chromium.org,mstarzinger@chromium.org
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/853683009

Cr-Commit-Position: refs/heads/master@{#26081}
2015-01-15 15:29:42 +00:00
Benedikt Meurer
55b3e268b2 [turbofan] Make Factory::NewNumber() always return the minus_zero_value.
TEST=unittests
R=mstarzinger@chromium.org, dcarney@chromium.org

Review URL: https://codereview.chromium.org/838263006

Cr-Commit-Position: refs/heads/master@{#26080}
2015-01-15 15:10:05 +00:00
bmeurer
b6c7e11c10 [turbofan] Fix typo in IrOpcode::Mnemonic.
TEST=unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/843043002

Cr-Commit-Position: refs/heads/master@{#26014}
2015-01-09 14:20:03 +00:00
bmeurer
643ed5b8be [turbofan] Fix missing MachineOperator unittest.
The machine-operator-unittest.cc file was missing from unittests.gyp.
Fixed the compiler errors and added it back.

TBR=machenbach@chromium.org

Review URL: https://codereview.chromium.org/824243003

Cr-Commit-Position: refs/heads/master@{#25948}
2015-01-02 07:44:52 +00:00
Benedikt Meurer
ee98a1d760 [turbofan] Introduce CommonOperatorReducer.
The CommonOperatorReducer currently takes care of redundant Phis,
EffectPhis and Selects. This functionality overlaps with ControlReducer,
but is required to make certain optimizations effective, since the
ControlReducer only runs really early and really late in the pipeline
and therefore other reducers aren't reapplied properly after redundant
phi/select elimination.

TEST=unittests
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/817243003

Cr-Commit-Position: refs/heads/master@{#25922}
2014-12-22 13:06:43 +00:00
Benedikt Meurer
54a31b628d [base] Add iterator_range helper class.
TEST=unittests
R=titzer@chromium.org

Review URL: https://codereview.chromium.org/810683003

Cr-Commit-Position: refs/heads/master@{#25834}
2014-12-16 07:32:03 +00:00
vogelheim
efdb6c8de1 Fix builds w/ component=="shared_library" and v8_use_external_startup_data==1.
R=machenbach@chromium.org
BUG=

Review URL: https://codereview.chromium.org/794213002

Cr-Commit-Position: refs/heads/master@{#25784}
2014-12-11 16:41:56 +00:00
Benedikt Meurer
b3ace35209 [turbofan] Redundant load elimination.
This is an initial version of redundant load elimination, currently
limited to LoadField operators, and implemented by walking the effect
chain.

TEST=unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/782473002

Cr-Commit-Position: refs/heads/master@{#25673}
2014-12-05 07:59:18 +00:00
mstarzinger
f9e4527f32 Restrict floating control to minimal control-connected component.
R=jarin@chromium.org
TEST=cctest/test-scheduler/NestedFloatingDiamondWithChain

Review URL: https://codereview.chromium.org/738613005

Cr-Commit-Position: refs/heads/master@{#25621}
2014-12-02 15:56:30 +00:00
dcarney
60af073ad8 [turbofan] add initial move optimizer
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/750813004

Cr-Commit-Position: refs/heads/master@{#25533}
2014-11-27 09:21:06 +00:00
Dusan Milosavljevic
ae9130ebbb MIPS64: Add turbofan support for mips64.
TEST=
BUG=
R=danno@chromium.org, paul.lind@imgtec.com

Review URL: https://codereview.chromium.org/732403002

Cr-Commit-Position: refs/heads/master@{#25424}
2014-11-19 15:44:46 +00:00
danno@chromium.org
9a58807030 [turbofan] Optimize add operations to use 'leal' instruction on x64
Add MemoryOperandMatcher that recognizes node clusters in the form
[%r1 + %r2*SCALE + OFFSET] and explicit support in the x64 Int32Add
selector to use it to translate complex adds to 'leal' instructions.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/704713003

Cr-Commit-Position: refs/heads/master@{#25223}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25223 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-11-07 16:47:45 +00:00
titzer@chromium.org
faa71f966a Introduce Diamond, a helper for building diamond-shaped control patterns.
R=mstarzinger@chromium.org, bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/694063005

Cr-Commit-Position: refs/heads/master@{#25110}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25110 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-11-04 14:37:44 +00:00
bmeurer@chromium.org
744c66bc29 [turbofan] Introduce separate SelectLowering reducer.
Split lowering of Select nodes into a separate graph reducer and be more
clever when lowering to diamonds, i.e. reuse diamonds that have the same
condition and only add more phis to it.

TEST=unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/702463002

Cr-Commit-Position: refs/heads/master@{#25078}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25078 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-11-03 15:17:47 +00:00
dcarney@chromium.org
0d1cdebad2 [turbofan] initial framework for unittesting of register allocator
BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/683133005

Cr-Commit-Position: refs/heads/master@{#25071}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25071 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-11-03 13:27:23 +00:00
dcarney@chromium.org
54fef44df3 [turbofan] add ZonePool to correctly track compiler phase memory usage
R=bmeurer@chromium.org

BUG=

Review URL: https://codereview.chromium.org/665893006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24771 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-21 12:38:46 +00:00
bmeurer@chromium.org
cc60a45d78 [turbofan] Move node matchers to separate file.
TEST=unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/639293006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24729 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 11:26:23 +00:00
yangguo@chromium.org
889d1e540c Conform to the unittest naming convention.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/644973002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-10 08:06:21 +00:00
yangguo@chromium.org
8659e50723 Update unicode to 7.0.0.
And do not use code points with PATTERN_* property for identifier start.
Maintain that \u180E is a white space character.

BUG=v8:2892
LOG=Y
R=dpino@igalia.com, mathias@qiwi.be

Review URL: https://codereview.chromium.org/638643002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24473 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-08 14:55:03 +00:00
bmeurer@chromium.org
e3294b1f09 [turbofan] Fix lowering of typed loads/stores.
Only JSLoadProperty/JSStoreProperty nodes with external typed arrays can
be lowered to LoadElement/StoreElement, because lowering of non-external
typed arrays would require a map check.

TEST=cctest,unittests,mjsunit
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/631093003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24426 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-07 07:36:21 +00:00
bmeurer@chromium.org
9440b885ae Add C++11 compatible base::hash function object.
Implement NodeCache in terms of base::hash and std::equal_to in preparation
for HeapConstant caching.

TEST=cctest,unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/624153003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24412 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-06 12:27:24 +00:00
jarin@chromium.org
f40d582cf1 Revert "[turbofan] Fix lowering of typed loads/stores."
This reverts commit r24386 for tanking asm.js benchmarks.

BUG=
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/634473002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24406 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-06 08:54:24 +00:00
paul.lind@imgtec.com
f9b39f29fb MIPS: Add turbofan support for mips32.
BUG=
R=bmeurer@chromium.org, dusan.milosavljevic@imgtec.com

Review URL: https://codereview.chromium.org/601723002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24397 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-02 15:48:48 +00:00
bmeurer@chromium.org
5899cc8ca7 [turbofan] Fix lowering of typed loads/stores.
We can only access to external typed arrays; lowering of internal
typed arrays would require a map check plus eager deoptimization.
Also embed the array buffer reference directly instead of embedding
the typed array.

TEST=cctest,mjsunit,unittests
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/621863002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24386 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-02 08:38:37 +00:00
bmeurer@chromium.org
26b181f4d0 Fix unittests.gyp for cross compiling.
TBR=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/615243003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24351 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-01 08:54:21 +00:00
bmeurer@chromium.org
bfd37ab267 Move unit tests to test/unittests.
As per discussion on the V8 team, this is the place we want them to live,
not following the Chrome Style Guide for this.

BUG=v8:3489
LOG=y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/615393002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-01 08:34:25 +00:00
bmeurer@chromium.org
ecec301571 Revert "Initial import of unittests using GTest/GMock."
This reverts commit r22847 and r22848. Isolate initialization/shutdown
still broken (so certain debug builds just crash), and our compiler flags
do not work with other Google projects (i.e. GTest/GMock).

TBR=jochen@chromium.org

Review URL: https://codereview.chromium.org/438243003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22855 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-08-05 10:16:47 +00:00
bmeurer@chromium.org
62ac0d1050 Initial import of unittests using GTest/GMock.
R=jochen@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/439863004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22847 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-08-05 08:07:25 +00:00