Add support to collect feedback about oddballs in Add, Mul, Div and Modulus stubs.
Turbofan uses NumberOrOddball feedback to reduce the number of deoptimizations.
BUG=v8:4280, v8:5400
LOG=N
Review-Url: https://codereview.chromium.org/2406263002
Cr-Commit-Position: refs/heads/master@{#40407}
BranchIf and helpers were introduced when exporting the schedule from the RawMachineAssembler was not ensuring that the CFG was well-form. These methods, that were used to introduce blocks to ensure edge-split form, are now unnecessary.
BUG=
Review-Url: https://codereview.chromium.org/2426923002
Cr-Commit-Position: refs/heads/master@{#40402}
These intrinsics are unused now, and so we can drop all the code in
fullcodegen and Crankshaft that deals with those. TurboFan and Ignition
never tried to optimize those.
R=mstarzinger@chromium.org
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2427673004
Cr-Commit-Position: refs/heads/master@{#40401}
MIPS64 doesn't support Word32 compare instructions. Instead it relies
that the values in registers are correctly sign-extended and uses
Word64 comparison instead. This behavior is correct in most cases,
but doesn't work when comparing signed with unsigned operands.
The solution proposed here tries to match a comparison of signed
with unsigned operand, and perform Word32Compare simulation only
in those cases. Unfortunately, the solution is not complete because
it might skip cases where Word32 compare simulation is needed, so
basically it is a hack.
BUG=
TEST=mjsunit/compiler/uint32
Review-Url: https://codereview.chromium.org/2391393003
Cr-Commit-Position: refs/heads/master@{#40398}
Consistently collect CallIC feedback in fullcodegen and Ignition, even
for possibly direct eval calls, that were treated specially so far, for
no apparent reason. With the upcoming SharedFunctionInfo based CallIC
feedback, we might be able to even inline certain direct eval calls, if
they manage to hit the eval cache. More importantly, this patch
simplifies the collection and dealing with CallIC feedback (and as a
side effect fixes an inconsistency with feedback for super constructor
calls).
R=mvstanton@chromium.org, mythria@chromium.org
BUG=v8:2206,v8:4280,v8:5267
Review-Url: https://codereview.chromium.org/2426693002
Cr-Commit-Position: refs/heads/master@{#40397}
When inlining JSCallConstruct in turbofan, receiver is initialized to model
the behaviour of constructor. When an implicit receiver is not required the
receiver value should be set to the hole value instead of undefined value.
When initializing the receiver via super calls, we check that the receiver
is the hole value.
BUG=chromium:653407
Review-Url: https://codereview.chromium.org/2424123002
Cr-Commit-Position: refs/heads/master@{#40396}
The CL #40373 (https://codereview.chromium.org/2405253006 ) caused a Gcc compilation error.
The error message was:
../src/code-stub-assembler.cc: In member function ‘v8::internal::compiler::Node* v8::internal::CodeStubAssembler::CreateArrayIterator(v8::internal::compiler::Node*, v8::internal::compiler::Node*, v8::internal::compiler::Node*, v8::internal::compiler::Node*, v8::internal::IterationKind)’:
../src/code-stub-assembler.cc:7909:7: error: ‘kBaseMapIndex’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
int kBaseMapIndex;
^
cc1plus: all warnings being treated as errors
make[1]: *** [/home/zxli/work/google-v8/v8/out/x87.release/obj.target/v8_base/src/code-stub-assembler.o] Error 1
This CL fixed this issue by initalizing kBaseMapIndex to 0.
BUG=
Review-Url: https://codereview.chromium.org/2423343002
Cr-Commit-Position: refs/heads/master@{#40390}
port 77419488a9 (r40377)
original commit message:
This slot is completely unused and always undefined anyways, so there's
no need to maintain the slot during object construction.
BUG=
Review-Url: https://codereview.chromium.org/2425183002
Cr-Commit-Position: refs/heads/master@{#40389}
The inlined version of Array.prototype.push returned the value that was
pushed instead of the new "length" property value.
R=jarin@chromium.org
BUG=chromium:656037
Review-Url: https://codereview.chromium.org/2425903002
Cr-Commit-Position: refs/heads/master@{#40384}
This CL adds two new fast-paths for RegExp.prototype.replace in the case
that the regexp itself is an unmodified JSRegExp instance and the
replace argument is callable. Such cases call directly into runtime.
This could be improved even further by turning the relevant runtime
functions into inline TurboFan.
BUG=v8:5339
Review-Url: https://codereview.chromium.org/2415663007
Cr-Commit-Position: refs/heads/master@{#40381}
In the process:
- Add ToString to the CodeStubAssembler and use it where appropriate
- Add constant-folding versions of IntPtrAdd/IntPtrSub to simplify code
in element offset computation, especially for strings.
BUG=chromium:608675
LOG=N
Review-Url: https://codereview.chromium.org/2407813002
Cr-Commit-Position: refs/heads/master@{#40379}
EffectPhis can cause a cycle in a TurboFan graph. We delay the
processing of EffectPhis in the Int64Lowering to break these cycles. We
do the same already for Phis.
R=titzer@chromium.org
BUG=v8:5518
TEST=unittests/Int64LoweringTest.EffectPhiLoop
Review-Url: https://codereview.chromium.org/2428583002
Cr-Commit-Position: refs/heads/master@{#40378}
This slot is completely unused and always undefined anyways, so there's
no need to maintain the slot during object construction.
R=yangguo@chromium.org
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2423323002
Cr-Commit-Position: refs/heads/master@{#40377}
Implements the variations of CreateArrayIterator() in TFJ builtins
(ArrayPrototypeValues, ArrayPrototypeEntries and ArrayPrototypeKeys), and
provides two new Object types with numerous maps which identify certain
behaviours, which will be useful for inlining.
Removes src/js/array-iterator.js entirely
Also adds support for printing Symbol literals inserted by the Parser during
desugaring when FLAG_print_builtin_ast is set to true.
BUG=v8:5388
R=bmeurer@chromium.org, cbruni@chromium.orgTBR=ulan@chromium.org
Review-Url: https://codereview.chromium.org/2405253006
Cr-Commit-Position: refs/heads/master@{#40373}
Using a global proxy (e.g. 'window.f', 'w.f' or 'this.f') is considerably slower than evaluating just 'f'. This CL aims to perform the necessary checks at compile time and inline the accesses.
This is a follow-on CL to crrev.com/2369933005:
- The initial upload is crrev.com/2369933005 + a rebase.
- The remaining issues are the fixes requested by the reviewers on that CL.
BUG=chromium:634276, chromium:654716
Committed: https://crrev.com/8f43d748272536117008aa6a1b53ea52126261c1
Review-Url: https://codereview.chromium.org/2403003002
Cr-Original-Commit-Position: refs/heads/master@{#40153}
Cr-Commit-Position: refs/heads/master@{#40365}
This makes the character escaping in the graph visualizer less generic
but correct against the JSON spec. The spec has the following definition
for valid characters within a double quoted string:
char ::
any-Unicode-character-except-"-or-\-or-control-character
\"
\\
\/
\b
\f
\n
\r
\t
\u four-hex-digits
R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2421313002
Cr-Commit-Position: refs/heads/master@{#40364}
We don't have an Isolate, so we cannot use it for retrieving data or
calling the embedder's OOM handler. So just crash.
BUG=5525
Review-Url: https://codereview.chromium.org/2427623002
Cr-Commit-Position: refs/heads/master@{#40363}
This adds more useful information to the v8-heap-stats tool.
BUG=v8:5489
Review-Url: https://codereview.chromium.org/2394213003
Cr-Commit-Position: refs/heads/master@{#40361}