Commit Graph

36260 Commits

Author SHA1 Message Date
mythria
74ccda64dc [Interpreter] Transform StrictEquality with null/undefined to special bytecodes.
Transform LdaNull/LdaUndefined followed by StrictEquality to TestNull/TestUndefined.
This would avoid a call to the compare IC. In the bytecode-graph builder these are
mapped to StrictEqual javascript operator. When reducing this operator, we already
optimize the cases for null/undefined.

BUG=v8:4280

Review-Url: https://codereview.chromium.org/2554723004
Cr-Commit-Position: refs/heads/master@{#41768}
2016-12-16 15:01:08 +00:00
jochen
692ba84f4f Use idle time to make progress on scheduled compilation jobs
BUG=v8:5215
R=rmcilroy@chromium.org,marja@chromium.org,vogelheim@chromium.org

Review-Url: https://codereview.chromium.org/2573493002
Cr-Commit-Position: refs/heads/master@{#41767}
2016-12-16 14:40:32 +00:00
cbruni
c0d6939836 [runtime] Improve Object::ToNumber, ToInteger, ToInt32, ToUint32, ToString
This CL adds inlineable fast-cases for the above conversion functions in
objects-inl.h and a slower conversion function in objects.cc.

BUG=

Review-Url: https://codereview.chromium.org/2579023002
Cr-Commit-Position: refs/heads/master@{#41766}
2016-12-16 14:30:05 +00:00
yangguo
bcb73f6219 [inspector] add scope type for modules.
R=jgruber@chromium.org, kozyatinskiy@chromium.org
BUG=v8:5530

Review-Url: https://codereview.chromium.org/2568083002
Cr-Commit-Position: refs/heads/master@{#41765}
2016-12-16 14:28:56 +00:00
rossberg
16fe426320 Implement LinkError; import tweaks
- Implement new WebAssembly.LinkError exception
- Implement stricter checks for glboal imports
- Add tests
- Refactor handling of import names
- Add TODOs for empty import names

R=titzer@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2584843002
Cr-Commit-Position: refs/heads/master@{#41764}
2016-12-16 14:23:35 +00:00
clemensh
bb76432fde [wasm] Disable trap-if test on windows for now
It's failing nondeterministically.
Disable trap-if tests on windows until this issue is fixed.

R=ahaas@chromium.org, titzer@chromium.org

Review-Url: https://codereview.chromium.org/2584833002
Cr-Commit-Position: refs/heads/master@{#41763}
2016-12-16 14:20:13 +00:00
marja
f37d726435 PreParsing inner functions: Make inner functions less lazy.
Especially, make non-declaration type inner functions eagerly
parsed. Then we still have a chance to compile them eagerly if we see ()
after the function.

BUG=v8:5501

Review-Url: https://codereview.chromium.org/2583843002
Cr-Commit-Position: refs/heads/master@{#41762}
2016-12-16 13:34:30 +00:00
yangguo
d2d6da0354 [serializer] add test for snapshotting cached accessor property.
R=jochen@chromium.org, peria@chromium.org
BUG=chromium:617892

Review-Url: https://codereview.chromium.org/2582623003
Cr-Commit-Position: refs/heads/master@{#41761}
2016-12-16 13:25:19 +00:00
cbruni
89f159b042 [runtime] Port simple String.prototype.indexOf cases to TF Builtin
Many websites use simple calls to String.prototype.indexOf with either a
one character ASCII needle or needles bigger than the search string. This
CL adds a TFJ builtin for these simple cases, giving up to factor 5 speedup.

Drive-by-fix: Add default Object type to Arguments.at

BUG=

Review-Url: https://codereview.chromium.org/2539093002
Cr-Commit-Position: refs/heads/master@{#41760}
2016-12-16 13:24:07 +00:00
ishell
63279611b2 [interpreter] Avoid allocation of temporary array of Nodes when generating dispatch to bytecode handler.
BUG=

Review-Url: https://codereview.chromium.org/2576213007
Cr-Commit-Position: refs/heads/master@{#41759}
2016-12-16 12:58:19 +00:00
vegorov
686d8c8685 Move TraceInlinedFunction from Hydrogen graph builder to internal::CodeGenerator.
This allows to share source dumping infrastructure between CS and TF and opens a possibility for external tools like IRHydra to perform deoptimization to source mapping for TF generated code based on --trace-deopt --print-opt-code --code-comments output.

This CL also restores an old TraceInlinedFunction behavior which was lost during source positions refactoring - originally TraceInlinedFunction dumped source code only once per-SFI to avoid large traces whenever some helper function is inlined multiple times.

This CL also adds --print-opt-source flag that would in the future replace obsolete --hydrogen-track-positions.

BUG=

Review-Url: https://codereview.chromium.org/2575703003
Cr-Commit-Position: refs/heads/master@{#41758}
2016-12-16 12:57:10 +00:00
verwaest
3238b337c7 [builtins] Compare sloppy arguments length with the correct backing store length
BUG=

Review-Url: https://codereview.chromium.org/2579983002
Cr-Commit-Position: refs/heads/master@{#41757}
2016-12-16 12:41:47 +00:00
yangguo
55e8c2e4d3 [serializer] allocate global proxy with the expected size.
If a context snapshot includes the global proxy constructor function, we
expect the incoming global proxy to have the correct instance size so
that we can reinitialize it with said constructor. However, when the
bootstrapper allocates a new global proxy, we need to know the expected
size.

We solve this by storing the size on the to-be-serialized isolate.

R=jochen@chromium.org, peria@chromium.org
BUG=chromium:617892

Review-Url: https://codereview.chromium.org/2585693002
Cr-Commit-Position: refs/heads/master@{#41756}
2016-12-16 12:40:38 +00:00
ishell
a492ab3819 [turbofan] Combine family of TailCallStub() methods into single implementation.
.. by using variadic templates in CodeAssembler.

BUG=

Review-Url: https://codereview.chromium.org/2584743003
Cr-Commit-Position: refs/heads/master@{#41755}
2016-12-16 12:39:27 +00:00
jochen
87bf033799 Don't compile inner functions when compiling via the dispatcher
BUG=v8:5394
R=mstarzinger@chromium.org,rmcilroy@chromium.org

Review-Url: https://codereview.chromium.org/2579973002
Cr-Commit-Position: refs/heads/master@{#41754}
2016-12-16 12:38:17 +00:00
ishell
01408ea653 [turbofan] Combine family of CallJS() methods into single implementation.
... by using variadic templates in CodeAssembler.

BUG=

Review-Url: https://codereview.chromium.org/2579163003
Cr-Commit-Position: refs/heads/master@{#41753}
2016-12-16 11:34:48 +00:00
mstarzinger
92b370ee64 Introduce {ConstantElementsPair} struct for type safety.
This introduces an explicit struct for the communication channel between
the {ArrayLiteral} AST node and the corresponding runtime methods. Those
methods take a pair of {ElementsKind} as well as an array (can either be
a FixedArray or a FixedDoubleArray) of constant values.

For bonus points it also reduces the size of the involved heap object by
one word (i.e. length field of FixedArray not needed anymore).

R=mvstanton@chromium.org

Review-Url: https://codereview.chromium.org/2581683003
Cr-Commit-Position: refs/heads/master@{#41752}
2016-12-16 10:57:06 +00:00
rmcilroy
cb9d0fe7f4 [Complier] Only optimize a function marked for tier-up if it is compiled.
When mark-shared-funtion-for-tier-up is enabled, a function could be marked for
optimization, then the baseline (FCG) code is flushed by the GC. The next time
the function is executed, we shouldn't optimize the code if there isn't
baseline code.

BUG=chromium:673242

Review-Url: https://codereview.chromium.org/2575333003
Cr-Commit-Position: refs/heads/master@{#41751}
2016-12-16 10:44:50 +00:00
ishell
d4a7c4bf66 [turbofan] Remove arguments order independent versions of [Tail]CallStub() from CodeAssembler.
... as they are no longer needed.

BUG=

Review-Url: https://codereview.chromium.org/2582593005
Cr-Commit-Position: refs/heads/master@{#41750}
2016-12-16 10:43:41 +00:00
ishell
6eeab12414 [turbofan] Combine family of CallStub() methods into single implementation.
.. by using variadic templates in CodeAssembler.

BUG=

Review-Url: https://codereview.chromium.org/2577913003
Cr-Commit-Position: refs/heads/master@{#41749}
2016-12-16 10:40:16 +00:00
jarin
c5ea51259c Revert of [turbofan] Remove value numbering from late optimization pass. (patchset #1 id:1 of https://codereview.chromium.org/2570813002/ )
Reason for revert:
Tanks Kraken astar benchmark.

Original issue's description:
> [turbofan] Remove value numbering from late optimization pass.
>
> Committed: https://crrev.com/e32535af5a5f4776a58ef434ea77d56528ded427
> Cr-Commit-Position: refs/heads/master@{#41672}

TBR=bmeurer@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2579273002
Cr-Commit-Position: refs/heads/master@{#41748}
2016-12-16 10:20:46 +00:00
clemensh
6709edd7f6 [wasm] Make WasmRunner the central test structure
The WasmRunner now always holds a TestingModule, and allows to add
several functions to it. The prepares a change to always run wasm code
with a full module behind it, removing the special handling for "no wasm
instance" at runtime (http://crrev.com/2551053002).
This CL here also templatizes the WasmRunner such that the Call method must
be called with the same signature specified for the WasmRunner. This
already catched several mismatches there.

R=titzer@chromium.org, ahaas@chromium.org
BUG=v8:5620

Review-Url: https://codereview.chromium.org/2551043002
Cr-Original-Commit-Position: refs/heads/master@{#41728}
Committed: 2ff5906231
Review-Url: https://codereview.chromium.org/2551043002
Cr-Commit-Position: refs/heads/master@{#41747}
2016-12-16 10:13:11 +00:00
ishell
4bd0cbdd5f [turbofan] Combine family of TailCallRuntime() methods into single implementation.
.. by using variadic templates in CodeAssembler.

BUG=

Review-Url: https://codereview.chromium.org/2577013003
Cr-Commit-Position: refs/heads/master@{#41746}
2016-12-16 09:58:51 +00:00
neis
e3ad4f131b [modules] Remove @@iterator on namespace objects.
TC39 decided at their last meeting to remove this feature.

R=adamk@chromium.org
TBR=ulan@chromium.org
BUG=v8:1569

Review-Url: https://codereview.chromium.org/2578053003
Cr-Commit-Position: refs/heads/master@{#41745}
2016-12-16 08:57:29 +00:00
machenbach
6932ea5904 Revert of Disallow passing a SharedArrayBuffer in the transfer list. (patchset #4 id:60001 of https://codereview.chromium.org/2570433005/ )
Reason for revert:
Breaks layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/12098

See:
https://github.com/v8/v8/wiki/Blink-layout-tests

Original issue's description:
> Disallow passing a SharedArrayBuffer in the transfer list.
>
> This behavior changed recently. SharedArrayBuffers should not be put in the
> transfer list, because they are not detached, and that is the meaning of being
> in the transfer list.
>
> This is the V8 side of the change, the Blink side will come next.
>
> Review-Url: https://codereview.chromium.org/2570433005
> Cr-Commit-Position: refs/heads/master@{#41740}
> Committed: 1c5e1504e0

TBR=jbroman@chromium.org,jkummerow@chromium.org,binji@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review-Url: https://codereview.chromium.org/2579963002
Cr-Commit-Position: refs/heads/master@{#41744}
2016-12-16 07:34:40 +00:00
mtrofin
93e53da4c8 [wasm] simpler detection if we compiled asm-wasm
BUG=643595

Review-Url: https://codereview.chromium.org/2582583002
Cr-Original-Commit-Position: refs/heads/master@{#41738}
Committed: cb433bed0b
Review-Url: https://codereview.chromium.org/2582583002
Cr-Commit-Position: refs/heads/master@{#41743}
2016-12-16 06:13:30 +00:00
v8-autoroll
7333663dc9 Update V8 DEPS.
Rolling v8/build: d4ca00b..3983535

Rolling v8/third_party/catapult: ab73453..eb5390d

TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org

Review-Url: https://codereview.chromium.org/2578413002
Cr-Commit-Position: refs/heads/master@{#41742}
2016-12-16 04:23:53 +00:00
jyan
efd92a1659 s390x: implement vector support on s390
Add vfa/vfs/vfm/vfd support on s390

R=joransiu@ca.ibm.com, bjaideep@ca.ibm.com, danno@chromium.org, jkummerow@chromium.org, jochen@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2582683002
Cr-Commit-Position: refs/heads/master@{#41741}
2016-12-16 04:08:34 +00:00
binji
1c5e1504e0 Disallow passing a SharedArrayBuffer in the transfer list.
This behavior changed recently. SharedArrayBuffers should not be put in the
transfer list, because they are not detached, and that is the meaning of being
in the transfer list.

This is the V8 side of the change, the Blink side will come next.

Review-Url: https://codereview.chromium.org/2570433005
Cr-Commit-Position: refs/heads/master@{#41740}
2016-12-15 23:55:03 +00:00
mtrofin
635edafaa6 Revert of [wasm] simpler detection if we compiled asm-wasm (patchset #1 id:1 of https://codereview.chromium.org/2582583002/ )
Reason for revert:
https://build.chromium.org/p/client.v8/builders/V8%20Mac%20GC%20Stress/builds/10384

Original issue's description:
> [wasm] simpler detection if we compiled asm-wasm
>
> BUG=643595
>
> Review-Url: https://codereview.chromium.org/2582583002
> Cr-Commit-Position: refs/heads/master@{#41738}
> Committed: cb433bed0b

TBR=yangguo@chromium.org,bradnelson@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=643595

Review-Url: https://codereview.chromium.org/2582623002
Cr-Commit-Position: refs/heads/master@{#41739}
2016-12-15 19:35:57 +00:00
mtrofin
cb433bed0b [wasm] simpler detection if we compiled asm-wasm
BUG=643595

Review-Url: https://codereview.chromium.org/2582583002
Cr-Commit-Position: refs/heads/master@{#41738}
2016-12-15 19:18:42 +00:00
bbudge
03f33f2e68 [Turbofan] Add ARM NEON instructions for implementing SIMD.
- Adds NEON instructions to assembler, disassembler, simulator.
- Adds ExtractLane, ReplaceLane functions to macro assembler.

LOG=N
BUG=v8:4124

Review-Url: https://codereview.chromium.org/2546933002
Cr-Commit-Position: refs/heads/master@{#41737}
2016-12-15 18:15:23 +00:00
alph
250e85f84a [tracing] Make TracedValue accept const char* strings
This should speed up trace generation for cpu profile as it eliminates
creation of temporary std::string objects.

Review-Url: https://codereview.chromium.org/2555043003
Cr-Commit-Position: refs/heads/master@{#41736}
2016-12-15 18:03:45 +00:00
ahaas
f435d6222f [wasm] TrapIf and TrapUnless TurboFan operators implemented on ia32.
Original commit message:
[wasm] Introduce the TrapIf and TrapUnless operators to generate trap code.

Some instructions in WebAssembly trap for some inputs, which means that the
execution is terminated and (at least at the moment) a JavaScript exception is
thrown. Examples for traps are out-of-bounds memory accesses, or integer
divisions by zero.

Without the TrapIf and TrapUnless operators trap check in WebAssembly introduces 5
TurboFan nodes (branch, if_true, if_false, trap-reason constant, trap-position
constant), in addition to the trap condition itself. Additionally, each
WebAssembly function has four TurboFan nodes (merge, effect_phi, 2 phis) whose
number of inputs is linear to the number of trap checks in the function.
Especially for functions with high numbers of trap checks we observe a
significant slowdown in compilation time, down to 0.22 MiB/s in the sqlite
benchmark instead of the average of 3 MiB/s in other benchmarks. By introducing
a TrapIf common operator only a single node is necessary per trap check, in
addition to the trap condition. Also the nodes which are shared between trap
checks (merge, effect_phi, 2 phis) would disappear. First measurements suggest a
speedup of 30-50% on average.

This CL only implements TrapIf and TrapUnless on x64. The implementation is also
hidden behind the --wasm-trap-if flag.

Please take a special look at how the source position is transfered from the
instruction selector to the code generator, and at the context that is used for
the runtime call.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2571813002
Cr-Commit-Position: refs/heads/master@{#41735}
2016-12-15 17:41:03 +00:00
jochen
4f2cb8fe82 Reland of "Store SharedFunctionInfos of a Script in a FixedArray indexed by their ID"
Original CL description:
> Store SharedFunctionInfos of a Script in a FixedArray indexed by their ID
>
> Now that SharedFunctionInfos have a unique ID (and the IDs are dense),
> we can use them as an index into an array, instead of using a
> WeakFixedArray where we have to do a linear scan.
>
> Hooking up liveedit is a bit more involved, see
> https://docs.google.com/presentation/d/1FtNa3U7WsF5bPhY9uGoJG5Y9hnz5VBDabfOWpb4unWI/edit
> for an overview
>
> BUG=v8:5589
> R=verwaest@chromium.org,jgruber@chromium.org
>
> Review-Url: https://codereview.chromium.org/2547483002

BUG=v8:5589
TBR=verwaest@chromium.org,jgruber@chromium.org

Review-Url: https://codereview.chromium.org/2577063002
Cr-Commit-Position: refs/heads/master@{#41734}
2016-12-15 17:19:55 +00:00
ishell
c131dd9561 [turbofan] Combine family of CallRuntime() methods into single imeplementation.
.. by using variadic templates in CodeAssembler and RawMachineAssembler.

BUG=

Review-Url: https://codereview.chromium.org/2580823002
Cr-Commit-Position: refs/heads/master@{#41733}
2016-12-15 17:18:42 +00:00
clemensh
5993a1161b Revert of [wasm] Make WasmRunner the central test structure (patchset #5 id:80001 of https://codereview.chromium.org/2551043002/ )
Reason for revert:
Win64 dbg failures

Original issue's description:
> [wasm] Make WasmRunner the central test structure
>
> The WasmRunner now always holds a TestingModule, and allows to add
> several functions to it. The prepares a change to always run wasm code
> with a full module behind it, removing the special handling for "no wasm
> instance" at runtime (http://crrev.com/2551053002).
> This CL here also templatizes the WasmRunner such that the Call method must
> be called with the same signature specified for the WasmRunner. This
> already catched several mismatches there.
>
> R=titzer@chromium.org, ahaas@chromium.org
> BUG=v8:5620
>
> Review-Url: https://codereview.chromium.org/2551043002
> Cr-Commit-Position: refs/heads/master@{#41728}
> Committed: 2ff5906231

TBR=ahaas@chromium.org,titzer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5620

Review-Url: https://codereview.chromium.org/2583543002
Cr-Commit-Position: refs/heads/master@{#41732}
2016-12-15 16:51:11 +00:00
neis
7ca7229283 [parsing] Be less pessimistic about maybe_assigned of parameters.
Instead of unconditionally setting maybe_assigned for parameters, treat
parameters like other variables except that at the end we set maybe_assigned if
the function has a sloppy arguments object.

R=adamk@chromium.org, mstarzinger@chromium.org
BUG=v8:5636

Review-Url: https://codereview.chromium.org/2578103002
Cr-Commit-Position: refs/heads/master@{#41731}
2016-12-15 16:04:44 +00:00
gsathya
b4aadaec1e [promisehook] Store promise in PromiseReactionJob
This will be used in PromiseHook.

BUG=v8:4643

Review-Url: https://codereview.chromium.org/2581503003
Cr-Commit-Position: refs/heads/master@{#41730}
2016-12-15 15:50:54 +00:00
titzer
80b8a3c1a5 Add --dump-counters-nvp option for easier parsing of counter output.
R=jochen@chromium.org, hpayer@chromium.org, verwaest@chromium.org
BUG=

Review-Url: https://codereview.chromium.org/2584563002
Cr-Commit-Position: refs/heads/master@{#41729}
2016-12-15 15:38:59 +00:00
clemensh
2ff5906231 [wasm] Make WasmRunner the central test structure
The WasmRunner now always holds a TestingModule, and allows to add
several functions to it. The prepares a change to always run wasm code
with a full module behind it, removing the special handling for "no wasm
instance" at runtime (http://crrev.com/2551053002).
This CL here also templatizes the WasmRunner such that the Call method must
be called with the same signature specified for the WasmRunner. This
already catched several mismatches there.

R=titzer@chromium.org, ahaas@chromium.org
BUG=v8:5620

Review-Url: https://codereview.chromium.org/2551043002
Cr-Commit-Position: refs/heads/master@{#41728}
2016-12-15 15:37:29 +00:00
petermarshall
c911517f0d Refactor IterationHasObservableEffects to be more readable.
This was kind of hard to read due to the nesting. Refactor it using short-circuit
a bit more and add some comments to each bit.

Review-Url: https://codereview.chromium.org/2573283003
Cr-Commit-Position: refs/heads/master@{#41727}
2016-12-15 15:31:56 +00:00
adamk
45d51734c9 Include temporary variables in --print-scopes output
R=neis@chromium.org
BUG=v8:5743

Review-Url: https://codereview.chromium.org/2577043004
Cr-Commit-Position: refs/heads/master@{#41726}
2016-12-15 15:12:48 +00:00
franzih
0e7a2ca0d7 [runtime] Throw if re-declaring a non-configurable accessor.
If an accessor property is non-configurable, one should not be able
to re-declare it as a function. This specifically applies to special properties like window.location.

BUG=chromium:670596

Review-Url: https://codereview.chromium.org/2582493002
Cr-Commit-Position: refs/heads/master@{#41725}
2016-12-15 14:41:07 +00:00
mlippautz
af6d01a168 [heap] Do not trace through blink after making weak roots strong for finalizers
Similar to object grouping, we cannot trace through blink (and back to V8) after
making weak roots strong because phantom callbacks have already been scheduled
and the handles been zapped.

This is a short-term solution (mimicing what object grouping currently does). It
is not correct in general because we should fully process the subgraph that was
discovered by making some of the weak roots strong.  In long term we need  a
separate handle type on the API level for traced references that have their
handles zapped at a different stage.

Reproduction:
- Initial marking is done, i.e., both marking deques are empty.
- We make weak roots needed for regular finalizers strong.
- We collect phantom callback data and zap handles that are not reachable so far.
- Through new roots we discover wrappables on the blink side that would also keep
  objects that were already scheduled for phantom callbacks alive.
- Since the handle was already zapped we crash during dereferencing.

BUG=chromium:668060,chromium:468240

Review-Url: https://codereview.chromium.org/2580813002
Cr-Commit-Position: refs/heads/master@{#41724}
2016-12-15 14:39:59 +00:00
marja
ed080e6966 Disable lazy parsing inside eval (see bug).
If the eval contains a let, we need to know whether an inner function
refers to the variable to be able to decide its context allocation
status.

The added test needs https://codereview.chromium.org/2435023002/ too
in order to pass.

BUG=v8:5736

Review-Url: https://codereview.chromium.org/2574753002
Cr-Commit-Position: refs/heads/master@{#41723}
2016-12-15 14:26:58 +00:00
ishell
f1441384ff [stubs] Remove CSA::INTEGER_PARAMETERS in favor of CSA::INTPTR_PARAMETERS.
BUG=

Review-Url: https://codereview.chromium.org/2580533002
Cr-Commit-Position: refs/heads/master@{#41722}
2016-12-15 14:01:07 +00:00
ishell
1805315470 [turbofan] Added --csa-trap-on-node option that helps debugging graph verification issues.
The error reported by the graph verifier looks like:

#
# Fatal error in ../src/compiler/machine-graph-verifier.cc, line 638
# TypeError: node #54:ChangeInt32ToInt64 uses node #53:ChangeUint32ToUint64 which doesn't have an int32-compatible representation.
#
# Specify option --csa-trap-on-node=test,54 for debugging.
#

BUG=

Review-Url: https://codereview.chromium.org/2574353002
Cr-Commit-Position: refs/heads/master@{#41721}
2016-12-15 13:32:27 +00:00
ahaas
7bd61b601c [wasm] Introduce the TrapIf and TrapUnless operators to generate trap code.
Some instructions in WebAssembly trap for some inputs, which means that the
execution is terminated and (at least at the moment) a JavaScript exception is
thrown. Examples for traps are out-of-bounds memory accesses, or integer
divisions by zero.

Without the TrapIf and TrapUnless operators trap check in WebAssembly introduces 5
TurboFan nodes (branch, if_true, if_false, trap-reason constant, trap-position
constant), in addition to the trap condition itself. Additionally, each
WebAssembly function has four TurboFan nodes (merge, effect_phi, 2 phis) whose
number of inputs is linear to the number of trap checks in the function.
Especially for functions with high numbers of trap checks we observe a
significant slowdown in compilation time, down to 0.22 MiB/s in the sqlite
benchmark instead of the average of 3 MiB/s in other benchmarks. By introducing
a TrapIf common operator only a single node is necessary per trap check, in
addition to the trap condition. Also the nodes which are shared between trap
checks (merge, effect_phi, 2 phis) would disappear. First measurements suggest a
speedup of 30-50% on average.

This CL only implements TrapIf and TrapUnless on x64. The implementation is also
hidden behind the --wasm-trap-if flag.

Please take a special look at how the source position is transfered from the
instruction selector to the code generator, and at the context that is used for
the runtime call.

R=titzer@chromium.org

Review-Url: https://codereview.chromium.org/2562393002
Cr-Commit-Position: refs/heads/master@{#41720}
2016-12-15 13:31:29 +00:00
leszeks
bcb38979f7 [turbofan] Add and use bytecode loop assigment analysis
Adds assignment tracking to the bytecode analysis pass, and updates
bytecode graph builder to only create LoopExitValues for assigned
values.

Review-Url: https://codereview.chromium.org/2558093005
Cr-Commit-Position: refs/heads/master@{#41719}
2016-12-15 13:24:19 +00:00