This introduces an AllocateMutableHeapNumberStub for the boxed double
field case, where we need to allocate a box in case of a transitioning
store first. We cannot use our inline allocations for this currently,
because mutable HeapNumber objects have certain alignment constraints,
and I don't want to mess up Allocate/AllocateInNewSpace eagerly.
Also refactor the PropertyAccessInfoFactory slightly to split the long
methods into simpler parts.
R=jarin@chromium.org
BUG=v8:4470
LOG=n
Review URL: https://codereview.chromium.org/1419173007
Cr-Commit-Position: refs/heads/master@{#31695}
Change CompareNilIC to return true/false instead of 1/0, and use the
CompareNilICStub in TurboFan for abstract equality with null/undefined.
This way we don't always run into the %Equals runtime fallback when
comparing objects with null/undefined.
R=jarin@chromium.org
Review URL: https://codereview.chromium.org/1417503008
Cr-Commit-Position: refs/heads/master@{#31596}
The LiteralsArray will soon hold a type feedback vector. Code treats it as an
ordinary fixed array, and needs to stop that.
BUG=
Review URL: https://codereview.chromium.org/1374723002
Cr-Commit-Position: refs/heads/master@{#31000}
For string wrappers (JSValue instances with [[StringData]] internal
fields), we can shortcirciut the ToPrimitive if
(a) the {input} map matches the initial map of the String function,
(b) the {input} [[Prototype]] is the unmodified %StringPrototype% (i.e.
no one monkey-patched toString, @@toPrimitive or valueOf), and
(c) the %ObjectPrototype% (i.e. the [[Prototype]] of the
%StringPrototype%) is also unmodified, that is no one sneaked a
@@toPrimitive into the %ObjectPrototype%.
If all these assumptions hold, we can just take the [[StringData]] value
and return it.
This just repairs a regression introduced by removing the
weird (and broken) intrinsic %_IsStringWrapperSafeForDefaultValue, which
was intendend to something similar to this, although less efficient and
wrong in the presence of @@toPrimitive. Long-term we might want to move
into the direction of having a ToPrimitiveStub that can do common cases
while staying in JavaScript land (i.e. not going to C++).
R=jarin@chromium.org
BUG=chromium:532524
LOG=n
Review URL: https://codereview.chromium.org/1366563002
Cr-Commit-Position: refs/heads/master@{#30890}
This CL also renames wrongly named test for v8:4173.
BUG=v8:4121
LOG=Y
Review URL: https://codereview.chromium.org/1353363002
Cr-Commit-Position: refs/heads/master@{#30879}
Now the StringAddStub can optionally convert it's parameters to strings
(following the rules for the addition operator). This could be further
optimized once we have a ToPrimitiveStub, but it should be sufficient
for the moment.
Also removed the unused Strength parameter to the HStringAdd operator,
because string addition does not depend on language mode.
R=jarin@chromium.org
BUG=v8:4307, chromium:532524
LOG=n
Committed: https://crrev.com/d261849e53fbf8c36efae42d478271f87acff70f
Cr-Commit-Position: refs/heads/master@{#30726}
Review URL: https://codereview.chromium.org/1339053002
Cr-Commit-Position: refs/heads/master@{#30858}
Reason for revert:
[Sheriff] Fails mozilla with deadcode:
http://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20deadcode/builds/5357
Original issue's description:
> [crankshaft] Re-add fast-case for string add left/right.
>
> Now the StringAddStub can optionally convert it's parameters to strings
> (following the rules for the addition operator). This could be further
> optimized once we have a ToPrimitiveStub, but it should be sufficient
> for the moment.
>
> Also removed the unused Strength parameter to the HStringAdd operator,
> because string addition does not depend on language mode.
>
> CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_win_nosnap_shared_rel,v8_linux_nosnap_dbg
> R=mstarzinger@chromium.org
> BUG=v8:4307
> LOG=n
>
> Committed: https://crrev.com/d261849e53fbf8c36efae42d478271f87acff70f
> Cr-Commit-Position: refs/heads/master@{#30726}
TBR=mstarzinger@chromium.org,jarin@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4307
Review URL: https://codereview.chromium.org/1347473003
Cr-Commit-Position: refs/heads/master@{#30727}
Now the StringAddStub can optionally convert it's parameters to strings
(following the rules for the addition operator). This could be further
optimized once we have a ToPrimitiveStub, but it should be sufficient
for the moment.
Also removed the unused Strength parameter to the HStringAdd operator,
because string addition does not depend on language mode.
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_win_nosnap_shared_rel,v8_linux_nosnap_dbg
R=mstarzinger@chromium.org
BUG=v8:4307
LOG=n
Review URL: https://codereview.chromium.org/1339053002
Cr-Commit-Position: refs/heads/master@{#30726}
This turns the has_instance_call_handler bit on Map into an is_callable
bit, that matches the spec definition of IsCallable (i.e. instances have
[[Call]] internal methods).
Also fix the typeof operator to properly say "function" for everything
that is callable.
Also remove the (unused) premature %_GetPrototype optimization from
Crankshaft, which just complicated the Map bit swap.
R=mstarzinger@chromium.org, rossberg@chromium.org, yangguo@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_layout_dbg
Review URL: https://codereview.chromium.org/1316933002
Cr-Commit-Position: refs/heads/master@{#30552}
Replaces all instances of the code which computed the debug
name of a stub or function with calls to CompileInfo::GetDebugName instead.
Also:
- Removes useless parameter on CodeStub::GetMajorName
- Removes FakeStubForTesting since it is no longer required
- Adds CompileInfo::ShouldEnsureSpaceForLazyDeopt() to replace unclear calls to IsStub().
Review URL: https://codereview.chromium.org/1297203002
Cr-Commit-Position: refs/heads/master@{#30324}
Use macros for factory functions, and in hydrogen code stubs.
LOG=N
BUG=v8:4124
Review URL: https://codereview.chromium.org/1293533003
Cr-Commit-Position: refs/heads/master@{#30206}
First step to simplify the TypeofStub. This is similar to the
optimization that we use for ToNumber and ToString on Oddballs already.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1272763005
Cr-Commit-Position: refs/heads/master@{#30108}
There's no need to have one InstanceType per SIMD primitive type (this
will not scale long-term). Also reduce the amount of code duplication
and make it more robust wrt adding new SIMD types.
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1273353003
Cr-Commit-Position: refs/heads/master@{#30107}
This is the initial (big) step towards a more uniform implementation of
the ToObject abstract operation (ES6 7.1.13), where we have a fallback
implementation in JSReceiver::ToObject() and a fast (hydrogen) CodeStub
to deal with the fast case (we should be able to do more cleanup on this
in a followup CL). For natives we expose the abstract operation via a
%_ToObject intrinsic, also exposed via a macro TO_OBJECT, that unifies
the previous confusion with TO_OBJECT_INLINE, ToObject, TO_OBJECT,
$toObject and %$toObject. Now the whole implementation of the abstract
operation is context independent, meaning we don't need any magic in the
builtins object nor the native context.
R=mvstanton@chromium.org,yangguo@chromium.org
Review URL: https://codereview.chromium.org/1266013006
Cr-Commit-Position: refs/heads/master@{#29953}
This is the initial round of optimizations for the
LoadGlobalViaContextStub and StoreGlobalViaContextStub, basically
turning them into platform code stubs to avoid the Crankshaft overhead
in the fast case, and making the runtime interface cheaper.
R=ishell@chromium.org
BUG=chromium:510694
LOG=n
Review URL: https://codereview.chromium.org/1238143002
Cr-Commit-Position: refs/heads/master@{#29834}
All of this is controlled by the CallDescriptor. It's simply the case
that if you specify less registers than the function arity calls for,
the rest are assumed to be on the stack.
Bailout handlers accept these constant stack arguments too.
BUG=
Review URL: https://codereview.chromium.org/1250563004
Cr-Commit-Position: refs/heads/master@{#29813}
This allows the optimized code map to contain no context-dependent
entries, but still hold one context-independent entry. This is a
precursor to extending the lifetime of the context-independent entry.
R=mvstanton@chromium.org
Review URL: https://codereview.chromium.org/1249543005
Cr-Commit-Position: refs/heads/master@{#29788}
This CL exposes the constructor function, defines type related
information, and implements value type semantics.
It also refactors test/mjsunit/samevalue.js to test SameValue and SameValueZero.
TEST=test/mjsunit/harmony/simd.js, test/cctest/test-simd.cc
LOG=Y
BUG=v8:4124
Committed: https://crrev.com/e5ed3bee99807c502fa7d7a367ec401e16d3f773
Cr-Commit-Position: refs/heads/master@{#29689}
Review URL: https://codereview.chromium.org/1219943002
Cr-Commit-Position: refs/heads/master@{#29712}
This CL exposes the constructor function, defines type related
information, and implements value type semantics.
It also refactors test/mjsunit/samevalue.js to test SameValue and SameValueZero.
TEST=test/mjsunit/harmony/simd.js, test/cctest/test-simd.cc
LOG=Y
BUG=v8:4124
Review URL: https://codereview.chromium.org/1219943002
Cr-Commit-Position: refs/heads/master@{#29689}
This CL also adds hydrogen stubs for global loads and global stores, full-codegen and TurboFan now uses this machinery.
Review URL: https://codereview.chromium.org/1224793002
Cr-Commit-Position: refs/heads/master@{#29592}
Up until now the context register was listed explicitly in each stub's
CallInterfaceDescriptor. This was problematic, because it was listed
first in the list of register parameters--which is fine for Crankshaft,
which is more or less built to handle the context as the first
parameter-- but not ideal for TurboFan, which adds the context at
the end of all function parameters. Now the context register is no
longer in the register list and can be handled appropriately by both
compilers. Specifically, this allows the FunctionType specified for
each CallInterfaceDescriptor to exactly match the parameter register
list.
Review URL: https://codereview.chromium.org/1211333003
Cr-Commit-Position: refs/heads/master@{#29402}
Revert "Revert relanded strong property access CL"
Regression issues should be solved. Initial patchset is the original, subsequent patchsets are the fixing modifications.
This reverts commit 4ac7be5656.
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/1199983002
Cr-Commit-Position: refs/heads/master@{#29384}
This allows context-independent code generated by TurboFan to be cached
in the optimized code map and reused across native contexts. Note that
currently this cache is still flushed at GC time.
R=bmeurer@chromium.org,mvstanton@chromium.org
TEST=cctest/test-compiler/OptimizedCodeSharing
Review URL: https://codereview.chromium.org/1208013002
Cr-Commit-Position: refs/heads/master@{#29313}
- Thread Type::FunctionType through stubs and the TF pipeline.
- Augment Typer to decorate parameter nodes with types from
a Type::FunctionType associated with interface descriptors.
- Factor interface descriptors into platform-specific and
platform-independent components so that all descriptors share
a common Type::FunctionType for all platforms.
Review URL: https://codereview.chromium.org/1197703002
Cr-Commit-Position: refs/heads/master@{#29248}
Reason:
Regressions in various benchmarks.
Revert "Revert of Revert of [strong] Implement strong mode restrictions on property access (patchset #1 id:1 of https://codereview.chromium.org/1189153002/)"
This reverts commit 41405c0470.
Revert "X87: Revert of Revert of [strong] Implement strong mode restrictions on property access."
This reverts commit 48de5f4d6b.
Revert "Fix overlapping KeyedLoadIC bitfield."
This reverts commit 4e6c956abf.
Revert "MIPS64: Fix 'Revert of Revert of [strong] Implement strong mode restrictions on property access'."
This reverts commit 74f97b0d2a.
BUG=
Review URL: https://codereview.chromium.org/1199493002
Cr-Commit-Position: refs/heads/master@{#29166}
Implements the strong mode proposal's restrictions on property access.
To be fully explored in a followup: proxies, interceptors, access checks, load from super
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/1168093002
Cr-Commit-Position: refs/heads/master@{#29109}
We use an alignment prefix for unusual alignment kinds (not kWordAligned).
This will cause new objects to be aligned in ReadObject, and back references
to be aligned to skip padding.
The motivation to change the undefined next sentinel in WeakCell is this:
When the deserializer aligns an object, it requires filler maps to already
exist to create filler objects as padding. However, deserializing the
filler map leads to deserializing NaN, which as heap number is aligned:
filler map > meta map > weak cell cache > undefined > NaN
If we use the-hole instead of undefined as sentinel, it works.
R=jochen@chromium.org,bbudge@chromium.org
BUG=v8:4178
LOG=N
Committed: https://crrev.com/2146ab75387d47eef6582bd8c2d0cfc6c42b68b6
Cr-Commit-Position: refs/heads/master@{#29044}
Review URL: https://codereview.chromium.org/1179873003
Cr-Commit-Position: refs/heads/master@{#29047}
Reason for revert:
[Sheriff] Breaks arm debug compile:
http://build.chromium.org/p/client.v8/builders/V8%20Arm%20-%20debug%20builder/builds/4308
Original issue's description:
> Serializer: support all alignment kinds.
>
> We use an alignment prefix for unusual alignment kinds (not kWordAligned).
> This will cause new objects to be aligned in ReadObject, and back references
> to be aligned to skip padding.
>
> The motivation to change the undefined next sentinel in WeakCell is this:
> When the deserializer aligns an object, it requires filler maps to already
> exist to create filler objects as padding. However, deserializing the
> filler map leads to deserializing NaN, which as heap number is aligned:
> filler map > meta map > weak cell cache > undefined > NaN
> If we use the-hole instead of undefined as sentinel, it works.
>
> R=jochen@chromium.org,bbudge@chromium.org
> BUG=v8:4178
> LOG=N
>
> Committed: https://crrev.com/2146ab75387d47eef6582bd8c2d0cfc6c42b68b6
> Cr-Commit-Position: refs/heads/master@{#29044}
TBR=jochen@chromium.org,bbudge@chromium.org,yangguo@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4178
Review URL: https://codereview.chromium.org/1173253006
Cr-Commit-Position: refs/heads/master@{#29045}
We use an alignment prefix for unusual alignment kinds (not kWordAligned).
This will cause new objects to be aligned in ReadObject, and back references
to be aligned to skip padding.
The motivation to change the undefined next sentinel in WeakCell is this:
When the deserializer aligns an object, it requires filler maps to already
exist to create filler objects as padding. However, deserializing the
filler map leads to deserializing NaN, which as heap number is aligned:
filler map > meta map > weak cell cache > undefined > NaN
If we use the-hole instead of undefined as sentinel, it works.
R=jochen@chromium.org,bbudge@chromium.org
BUG=v8:4178
LOG=N
Review URL: https://codereview.chromium.org/1179873003
Cr-Commit-Position: refs/heads/master@{#29044}
Boolean "is_strong" parameters have begun to proliferate across areas where
strong mode semantics are different. This CL repurposes the existing
ObjectStrength enum as a replacement for them.
BUG=v8:3956
LOG=N
Review URL: https://codereview.chromium.org/1144183004
Cr-Commit-Position: refs/heads/master@{#28839}
When compiling on a laptop I like to concatenate the small test files.
This makes a big difference to compile times. These changes make that
easier.
R=ulan@chromium.org
BUG=
Review URL: https://codereview.chromium.org/1163803002
Cr-Commit-Position: refs/heads/master@{#28742}