Commit Graph

25 Commits

Author SHA1 Message Date
mstarzinger
b7990793cf [turbofan] Move SimplifiedOperatorBuilder into JSGraph.
This fixes the lifetime of nodes created by JSGlobalSpecialization that
contain a simplified operator. In the case where this reducer runs as
part of the inliner, the SimplifiedOperatorBuilder was instantiated with
the wrong zone. This led to use-after-free of simplified operators.

To avoid such situations in the future, we decided to move this operator
builder into the JSGraph and make the situation uniform with all other
operator builders.

R=bmeurer@chromium.org
BUG=chromium:543528
LOG=n

Review URL: https://codereview.chromium.org/1409993002

Cr-Commit-Position: refs/heads/master@{#31334}
2015-10-16 12:38:52 +00:00
mstarzinger
c87bd340af [turbofan] Remove obsolete unique.h includes in TurboFan.
Now that it is no longer needed, this also removes the invalid inclusion
of "object-inl.h" within the "unique.h" header file.

Note that this change still leaves 2 violations of that rule in the
code, checked with the "tools/check-inline-includes.sh" tool.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1321223002

Cr-Commit-Position: refs/heads/master@{#30503}
2015-09-01 10:30:57 +00:00
bmeurer
5056c8219a [turbofan] Revive the useful parts of the SimplifiedOperatorReducer.
This partially reverts https://codereview.chromium.org/1162563002
because we might actually be able to optimize certain combinations
now due to dead code elimination.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1202263006

Cr-Commit-Position: refs/heads/master@{#29277}
2015-06-25 04:47:16 +00:00
bmeurer
19482d29e5 [turbofan] Remove the useless SimplifiedOperatorReducer.
The SimplifiedOperatorReducer is (mostly) unused, except for the very
rough store elimination, and just eats compilation time.

R=jarin@chromium.org

Review URL: https://codereview.chromium.org/1162563002

Cr-Commit-Position: refs/heads/master@{#28673}
2015-05-28 08:38:13 +00:00
Ross McIlroy
063fc25122 Replace OVERRIDE->override and FINAL->final since we now require C++11.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1088993003

Cr-Commit-Position: refs/heads/master@{#27937}
2015-04-20 13:08:14 +00:00
Benedikt Meurer
a75e4cea8f [turbofan] Remove indirection in JSToBoolean/JSUnaryNot lowering.
This reduces the overhead of typed lowering, because we lower
JSToBoolean/JSUnaryNot directly if possible, instead of first lowering
to AnyToBoolean, and then letting the SimplifiedOperatorReducer do the
further lowering.

Also remove some obsolete tests from the cctest suite that have since
been removed by proper unittests. And improve unitttest coverage for the
typed lowering cases.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/999173003

Cr-Commit-Position: refs/heads/master@{#27295}
2015-03-19 10:13:12 +00:00
bmeurer
1df5fed50a [turbofan] Cleanup the NodeProperties.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/883613006

Cr-Commit-Position: refs/heads/master@{#26316}
2015-01-29 09:18:09 +00:00
danno
c7b09aac31 Remove the dependency of Zone on Isolate
Along the way:
- Thread isolate parameter explicitly through code that used to
  rely on getting it from the zone.
- Canonicalize the parameter position of isolate and zone for
  affected code
- Change Hydrogen New<> instruction templates to automatically
  pass isolate

R=mstarzinger@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/868883002

Cr-Commit-Position: refs/heads/master@{#26252}
2015-01-23 15:20:00 +00:00
bmeurer
4b31a97da3 Remove deprecated v8::base::OS::nan_value().
Use std::numeric_limits<double>::quiet_NaN() and
std::numeric_limits<float>::quiet_NaN() instead.

Review URL: https://codereview.chromium.org/864803002

Cr-Commit-Position: refs/heads/master@{#26195}
2015-01-21 14:38:58 +00:00
bmeurer
70b32e4b8a [turbofan] Fix truncation/representation sloppiness wrt. bool/bit.
TEST=cctest,mjsunit,unittests
BUG=v8:3812
LOG=y

Review URL: https://codereview.chromium.org/850013003

Cr-Commit-Position: refs/heads/master@{#26051}
2015-01-14 12:06:56 +00:00
bmeurer
fec1bba852 [turbofan] Correctify representation changes to bit.
TEST=cctest/test-representation-change,unittests,mjsunit/compiler/regress-bit-number-constant
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/840953003

Cr-Commit-Position: refs/heads/master@{#25987}
2015-01-08 09:48:41 +00:00
Benedikt Meurer
9def087efc [turbofan] Correctify JSToBoolean lowering.
Introduce a new AnyToBoolean simplified operator to handle the later
lowering of boolean conversions. Previously we tried to hack that with
the generic JSToBoolean, having its context set to zero, but that lead
to various problems/bugs and did not handle all cases.

TEST=cctest,unittests
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/800833003

Cr-Commit-Position: refs/heads/master@{#25958}
2015-01-05 13:44:31 +00:00
bmeurer
c329a49d69 [turbofan] Fix incorrect minus zero handling in the unit tests.
TEST=unittests
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/831203003

Cr-Commit-Position: refs/heads/master@{#25956}
2015-01-05 12:29:27 +00:00
bmeurer
00013a5692 [turbofan] Minor cleanup to reduce code duplication.
TEST=unittests
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/819103002

Cr-Commit-Position: refs/heads/master@{#25927}
2014-12-22 14:37:22 +00:00
machenbach
7d478d9621 Revert of Remove obsolete V8_INFINITY macro. (patchset #3 id:40001 of https://codereview.chromium.org/798413003/)
Reason for revert:
Speculative revert. This seems to block the current roll: https://codereview.chromium.org/819653003/

I retried several times, also with a new roll. The error is internal - but that doesn't make much of a difference.

Original issue's description:
> Remove obsolete V8_INFINITY macro.
>
> Use std::numeric_limits consistently.
>
> R=svenpanne@chromium.org
>
> Committed: https://crrev.com/31c66e2d53569c4e229d55483d28208491e73612
> Cr-Commit-Position: refs/heads/master@{#25897}

TBR=svenpanne@chromium.org,bmeurer@chromium.org
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/813813003

Cr-Commit-Position: refs/heads/master@{#25912}
2014-12-20 13:17:35 +00:00
bmeurer
31c66e2d53 Remove obsolete V8_INFINITY macro.
Use std::numeric_limits consistently.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/798413003

Cr-Commit-Position: refs/heads/master@{#25897}
2014-12-19 07:18:00 +00:00
Benedikt Meurer
c516d4f094 [turbofan] Add checked load/store operators.
TEST=mjsunit,cctest,unittests
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/763963002

Cr-Commit-Position: refs/heads/master@{#25591}
2014-12-02 04:49:11 +00:00
titzer@chromium.org
b9886ae9ff Fix bugs in simplified lowering relating to int32/uint32 signs.
Lowering of NumberToUint32 and NumberToInt32 was not correctly accounting for the sign of the input and the sign of the output, emitting the wrong representation changes.

Along the way, I've found cases where MachineOperatorBuilder would break if fed a machine type for loads or stores that was not cached, requiring MachineOperatorBuilder to take zone to allocate operators for these cases.

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/714613002

Cr-Commit-Position: refs/heads/master@{#25247}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25247 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-11-10 14:28:42 +00:00
bmeurer@chromium.org
2c78a23c56 [turbofan] LoadElement should not have a control input.
TEST=unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/685723002

Cr-Commit-Position: refs/heads/master@{#24935}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24935 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-28 13:00:42 +00:00
bmeurer@chromium.org
1e96221bbb [turbofan] Minor cleanups to lowering of typed array loads/stores.
TEST=unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/680063004

Cr-Commit-Position: refs/heads/master@{#24917}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24917 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-28 08:29:19 +00:00
bmeurer@chromium.org
cc60a45d78 [turbofan] Move node matchers to separate file.
TEST=unittests
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/639293006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24729 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 11:26:23 +00:00
bmeurer@chromium.org
d029d76120 [turbofan] Skip bounds checks for positive indices only.
TEST=unittests,mjsunit/asm/int32array-constant-key
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/647773004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24716 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-20 06:25:41 +00:00
bmeurer@chromium.org
a779150260 [turbofan] Eliminate typed array bounds checks if both key and length are constant.
TEST=mjsunit,unittests
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/638853004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-17 09:35:45 +00:00
rossberg@chromium.org
0e16150d33 Better typing and type verification
- Extend verifier to check types of JS and Simplified nodes.
- Untyped nodes now contain NULL as types, enforcing hard failure.
- Typer immediately installs itself as a decorator; remove explicit decorator installation.
- Decorator eagerly types all nodes that have typed inputs
  (subsumes typing of constant cache, removing its typing
  side-channel and various spurious dependencies on the typer).
- Cut down typer interface to prevent inconsistently typed graphs.
- Remove verification from start, since it caused too much trouble
  with semi-wellformed nodes.
- Fix a couple of bugs on the way that got uncovered.

To do: verifying machine operators. Also, various conditions in the
verifier are currently commented out, because they don't yet hold.

BUG=
R=jarin@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/658543002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 11:38:04 +00:00
bmeurer@chromium.org
bfd37ab267 Move unit tests to test/unittests.
As per discussion on the V8 team, this is the place we want them to live,
not following the Chrome Style Guide for this.

BUG=v8:3489
LOG=y
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/615393002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-01 08:34:25 +00:00