Commit Graph

38 Commits

Author SHA1 Message Date
bmeurer
dd609a5d3d [turbofan] Remove the EmptyFrameState caching on JSGraph.
Caching nodes with mutable inputs is a bad idea and already blew up
twice now, so in order to avoid further breakage, let's kill the
EmptyFrameState caching on JSGraph completely and only cache the empty
state values there.

We can remove the hacking from JSTypedLowering completely once we have
the PlainPrimitiveToNumber in action.

R=jarin@chromium.org

Review-Url: https://codereview.chromium.org/2006423003
Cr-Commit-Position: refs/heads/master@{#36511}
2016-05-25 11:05:13 +00:00
mstarzinger
1150092b29 Remove strong mode support from binary operations.
R=bmeurer@chromium.org
BUG=v8:3956
LOG=n

Review URL: https://codereview.chromium.org/1693833002

Cr-Commit-Position: refs/heads/master@{#34036}
2016-02-16 13:55:29 +00:00
jochen
6f472db65a Disable soon to be deprecated APIs per default for v8
Embedders still can use those APIs by default

test-api.cc still has an exception to use the old APIs...

BUG=v8:4143
R=vogelheim@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1505803004

Cr-Commit-Position: refs/heads/master@{#32701}
2015-12-09 10:35:04 +00:00
bmeurer
5af6017d4b [turbofan] Add binary operation hints for javascript operators.
This is the initial support for binary operation hints on javascript
binary operators, i.e. JSAdd, JSSubtract and so on. The hints are
extracted from the fullcodegen code object before graph building and the
AstGraphBuilder puts those hints on the operators if available.

R=jarin@chromium.org
BUG=v8:4583
LOG=n

Review URL: https://codereview.chromium.org/1487973002

Cr-Commit-Position: refs/heads/master@{#32443}
2015-12-01 09:03:32 +00:00
bmeurer
47502a238b [runtime] Replace global object link with native context link in all contexts.
Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.

This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.

Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.

CQ_INCLUDE_TRYBOTS=tryserver.v8:v8_linux_nosnap_rel
R=yangguo@chromium.org,mstarzinger@chromium.org

Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
Cr-Commit-Position: refs/heads/master@{#32375}

Review URL: https://codereview.chromium.org/1480003002

Cr-Commit-Position: refs/heads/master@{#32381}
2015-11-27 17:00:11 +00:00
machenbach
673108d000 Revert of [runtime] Replace global object link with native context link in all contexts. (patchset #3 id:40001 of https://codereview.chromium.org/1480003002/ )
Reason for revert:
[Sheriff] Breaks:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/5472

Original issue's description:
> [runtime] Replace global object link with native context link in all contexts.
>
> Previously all contexts had a link to the global object, but what is
> required in most cases (except for the global load, store and delete
> case) is the native context.
>
> This also removes the second dummy global object that was still linked
> to every native context. We will add a different mechanism to ensure
> that builtins do not pollute the actual global object during
> bootstrapping.
>
> Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/d290f204938295bfecc5c8e645ccfcff6e80ddb8
> Cr-Commit-Position: refs/heads/master@{#32375}

TBR=yangguo@chromium.org,mstarzinger@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1478303002

Cr-Commit-Position: refs/heads/master@{#32377}
2015-11-27 14:30:23 +00:00
bmeurer
d290f20493 [runtime] Replace global object link with native context link in all contexts.
Previously all contexts had a link to the global object, but what is
required in most cases (except for the global load, store and delete
case) is the native context.

This also removes the second dummy global object that was still linked
to every native context. We will add a different mechanism to ensure
that builtins do not pollute the actual global object during
bootstrapping.

Drive-by-fix: Unify some MacroAssembler magic and drop obsolete stuff.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1480003002

Cr-Commit-Position: refs/heads/master@{#32375}
2015-11-27 13:32:20 +00:00
mstarzinger
16f133001f Move compiler cctests into v8::internal::compiler namespace.
This moves all cctest files for the compiler to live in the same
namespace as the components they are testing. Hence we can avoid the
forbidden using directives pulling in entire namespaces.

From the Google C++ style guide: "You may not use a using-directive to
make all names from a namespace available". This would be covered by
presubmit linter checks if build/namespaces were not blacklisted.

R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1424943004

Cr-Commit-Position: refs/heads/master@{#31671}
2015-10-30 09:16:39 +00:00
mstarzinger
4a2bb8903b Remove deprecated API usage from compiler cctests.
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1408283006

Cr-Commit-Position: refs/heads/master@{#31630}
2015-10-28 13:09:55 +00:00
mstarzinger
b7990793cf [turbofan] Move SimplifiedOperatorBuilder into JSGraph.
This fixes the lifetime of nodes created by JSGlobalSpecialization that
contain a simplified operator. In the case where this reducer runs as
part of the inliner, the SimplifiedOperatorBuilder was instantiated with
the wrong zone. This led to use-after-free of simplified operators.

To avoid such situations in the future, we decided to move this operator
builder into the JSGraph and make the situation uniform with all other
operator builders.

R=bmeurer@chromium.org
BUG=chromium:543528
LOG=n

Review URL: https://codereview.chromium.org/1409993002

Cr-Commit-Position: refs/heads/master@{#31334}
2015-10-16 12:38:52 +00:00
jarin
205d85affc Reland "[turbofan] Checking of input counts on node creation"
(Original CL: https://codereview.chromium.org/1347353003/)

Unfortunately, the mips gcc gets confused by arraysize on
variadic templated arguments, so we use sizeof... instead.

Review URL: https://codereview.chromium.org/1366543003

Cr-Commit-Position: refs/heads/master@{#30880}
2015-09-23 09:08:34 +00:00
machenbach
c602a91c1d Revert of [turbofan] Checking of input counts on node creation (patchset #4 id:60001 of https://codereview.chromium.org/1347353003/ )
Reason for revert:
[Sheriff] Breaks mips cross-compile:
http://build.chromium.org/p/client.v8/builders/V8%20Mips%20-%20builder/builds/4315

Original issue's description:
> [turbofan] Checking of input counts on node creation
>
> This required fixing bunch of tests with wrong input counts.
>
> Committed: https://crrev.com/260ec46efd74c45cdc4b156d95086b7de06621ad
> Cr-Commit-Position: refs/heads/master@{#30877}

TBR=bmeurer@chromium.org,mstarzinger@chromium.org,jarin@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1362783004

Cr-Commit-Position: refs/heads/master@{#30878}
2015-09-23 08:02:41 +00:00
jarin
260ec46efd [turbofan] Checking of input counts on node creation
This required fixing bunch of tests with wrong input counts.

Review URL: https://codereview.chromium.org/1347353003

Cr-Commit-Position: refs/heads/master@{#30877}
2015-09-23 07:53:53 +00:00
mstarzinger
6e65e6db6c [turbofan] Remove usage of Unique<T> from graph.
The usage of Unique<T> throughout the TurboFan IR does not have any
advantage. There is no single point in time when they are initialized
and most use-sites looked through to the underlying Handle<T> anyways.
Also there already was a mixture of Handle<T> versus Unique<T> in the
graph and this unifies the situation to use Handle<T> everywhere.

R=bmeurer@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/1314473007

Cr-Commit-Position: refs/heads/master@{#30458}
2015-08-31 08:25:05 +00:00
bmeurer
069a47f6e5 [turbofan] Context specialization is the job of the JSContextSpecialization.
Remove the context specialization hack from the AstGraphBuilder, and
properly specialize to the function context in the context specialization.
And replace the correct context in the JSInliner.

R=mstarzinger@chromium.org
BUG=v8:4273
LOG=n

Review URL: https://codereview.chromium.org/1218873005

Cr-Commit-Position: refs/heads/master@{#29493}
2015-07-06 12:56:28 +00:00
bmeurer
1021ed85cb [ubsan] Fix HeapObjectMatcher to avoid invalid casts.
BUG=v8:3809
LOG=n
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/1196623002

Cr-Commit-Position: refs/heads/master@{#29147}
2015-06-19 12:49:13 +00:00
mstarzinger
ed13ea1e32 [turbofan] Turn JSContextSpecializer into an AdvancedReducer.
This in turn allows usage of AdvancedReducer::ReplaceWithValue which
has access to the underlying graph reducer.

R=titzer@chromium.org

Review URL: https://codereview.chromium.org/1162903006

Cr-Commit-Position: refs/heads/master@{#28838}
2015-06-08 12:10:10 +00:00
mstarzinger
8f4d9a0a1e [turbofan] Allow ReplaceWithValue to kill control.
This allows any AdvancedReducer to remove exception projections from
graphs. This is the common case when JS-operators are being replaced
with pure values. The old NodeProperties::ReplaceWithValue is being
deprecated in favor of AdvancedReducer::ReplaceWithValue.

R=titzer@chromium.org
TEST=unittests/AdvancedReducerTest

Review URL: https://codereview.chromium.org/1168693002

Cr-Commit-Position: refs/heads/master@{#28810}
2015-06-05 12:02:09 +00:00
bmeurer
2b93b8aa41 [turbofan] Change End to take a variable number of inputs.
This simplifies the handling of the End node. Based on this CL we will
finally fix terminating every loop from the beginning (via Terminate
nodes) and fix inlining of Throw, Deoptimize and Terminate.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/1157023002

Cr-Commit-Position: refs/heads/master@{#28620}
2015-05-26 10:32:10 +00:00
mstarzinger
00639c7511 [test] Remove DirectGraphBuilder helper.
R=bmeurer@chromium.org
TEST=cctest/test-js-context-specialization

Review URL: https://codereview.chromium.org/1112343002

Cr-Commit-Position: refs/heads/master@{#28160}
2015-04-30 12:06:24 +00:00
conradw
ae7ce701ae [strong] Disallow implicit conversions for binary arithmetic operations
Implements the strong mode proposal's restrictions on
implicit conversions for binary arithmetic operations, not
including the + special case. Adds some infrastructure
for future implementation of the restrictions for other
operators.

BUG=v8:3956
LOG=N

Review URL: https://codereview.chromium.org/1092353002

Cr-Commit-Position: refs/heads/master@{#28045}
2015-04-24 12:32:41 +00:00
titzer
d050c331eb [turbofan] Simplify context specialization and fix for OSR.
AstGraphBuilder puts a constant context in from the beginning.
Also fix bug in merging contexts in environment.

R=mstarzinger@chromium.org
BUG=

Review URL: https://codereview.chromium.org/934293002

Cr-Commit-Position: refs/heads/master@{#26745}
2015-02-19 11:36:50 +00:00
svenpanne
d1b5aa0716 Removed most of the bogus CompilationInfo constructor calls.
A CompilationInfo constructed from just an Isolate* and a Zone* is in
weird an inconsistent state (calling e.g. flags() on it will crash),
so we need to avoid them. This CL removes almost all of them, the
remaining 2 call sites in (for testing only) will be handled in a
separate CL. Things which have been changed:

  * Linkage is basically a decorator for CallDescriptor now.

  * ChangeLowering doesn't need Linkage at all.

  * JSGenericLowering doesn't need a full CompilationInfo*, just a
    single flag.

  * JSContextSpecializer doesn't need the full CompilationInfo, just a
    Context.

  * Removed unused CompilationInfo from SimplifiedLoweringTester.

This nicely decouples things already a bit more, but there's still
work to do...

Review URL: https://codereview.chromium.org/899803003

Cr-Commit-Position: refs/heads/master@{#26580}
2015-02-11 14:12:15 +00:00
bmeurer
1df5fed50a [turbofan] Cleanup the NodeProperties.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/883613006

Cr-Commit-Position: refs/heads/master@{#26316}
2015-01-29 09:18:09 +00:00
danno
c7b09aac31 Remove the dependency of Zone on Isolate
Along the way:
- Thread isolate parameter explicitly through code that used to
  rely on getting it from the zone.
- Canonicalize the parameter position of isolate and zone for
  affected code
- Change Hydrogen New<> instruction templates to automatically
  pass isolate

R=mstarzinger@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/868883002

Cr-Commit-Position: refs/heads/master@{#26252}
2015-01-23 15:20:00 +00:00
titzer
77c6ee0c04 [turbofan] Make context specialization into a reducer.
R=bmeurer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/771713002

Cr-Commit-Position: refs/heads/master@{#25600}
2014-12-02 10:02:46 +00:00
titzer@chromium.org
b9886ae9ff Fix bugs in simplified lowering relating to int32/uint32 signs.
Lowering of NumberToUint32 and NumberToInt32 was not correctly accounting for the sign of the input and the sign of the output, emitting the wrong representation changes.

Along the way, I've found cases where MachineOperatorBuilder would break if fed a machine type for loads or stores that was not cached, requiring MachineOperatorBuilder to take zone to allocate operators for these cases.

R=bmeurer@chromium.org, jarin@chromium.org
BUG=

Review URL: https://codereview.chromium.org/714613002

Cr-Commit-Position: refs/heads/master@{#25247}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25247 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-11-10 14:28:42 +00:00
rossberg@chromium.org
0e16150d33 Better typing and type verification
- Extend verifier to check types of JS and Simplified nodes.
- Untyped nodes now contain NULL as types, enforcing hard failure.
- Typer immediately installs itself as a decorator; remove explicit decorator installation.
- Decorator eagerly types all nodes that have typed inputs
  (subsumes typing of constant cache, removing its typing
  side-channel and various spurious dependencies on the typer).
- Cut down typer interface to prevent inconsistently typed graphs.
- Remove verification from start, since it caused too much trouble
  with semi-wellformed nodes.
- Fix a couple of bugs on the way that got uncovered.

To do: verifying machine operators. Also, various conditions in the
verifier are currently commented out, because they don't yet hold.

BUG=
R=jarin@chromium.org,titzer@chromium.org

Review URL: https://codereview.chromium.org/658543002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24626 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-10-15 11:38:04 +00:00
bmeurer@chromium.org
c1ee6247ca [turbofan] Some javascript operators are globally shared singletons.
Also cleanup the interface, and make the parameter class/accessors
explicit to work-around the type-unsafety of OpParameter<T>.

TEST=compiler-unittests,cctest,mjsunit
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/613683002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24322 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-09-30 10:42:44 +00:00
sigurds@chromium.org
4ec63ff97e Reland
- "Switch inlining to use simplified instead of machine loads."
- "Add copy support in inliner."

Reland fixes:
 - size_t conversion for 64bit arches
 - Don't call front() on empty vector
   (triggers assertion on windows)
 - turbo_inlining now implies turbo_types, as
   it requires simplified lowering.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/559843004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23911 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-09-12 11:06:37 +00:00
bmeurer@chromium.org
4f5b0911db Revert "Switch inlining to use simplified instead of machine loads.", "Fix size_t to int conversion compile error." and "Add copy support in inliner.".
This reverts commits r23813, r23805 and r23804 for Windows breakage.

TBR=mstarzinger@chromium.org,sigurds@chromium.org

Review URL: https://codereview.chromium.org/562543002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23816 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-09-10 06:39:25 +00:00
sigurds@chromium.org
1f9215ba8d Add copy support in inliner.
Refactors JSGraph to ensure that the zone operators are created in
can be different from the Graph's zone.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/553873002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23804 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-09-09 13:20:09 +00:00
bmeurer@chromium.org
2bbeb652ee [turbofan] Fix the node matchers.
E.g. make sure that Int32Matcher matches only int32 constants, and
Float64Matcher matches only float64 constants.

Also remove the confusing CommonOperatorTraits, which are too easy
to use in a wrong way.

TEST=compiler-unittests,cctest
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/552653003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23768 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-09-08 09:16:11 +00:00
mstarzinger@chromium.org
51894ec36c Move StructuredMachineAssembler into cctest suite.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/539903002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23681 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-09-04 10:23:51 +00:00
bmeurer@chromium.org
c8ffed8879 [turbofan] Make sure Operator is really immutable.
Make Operator const-correct in preparation for allocating sharing
Operators across different isolates (using LazyInstance).

TEST=cctest,compiler-unittests,mjsunit
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/539933002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23677 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-09-04 09:37:25 +00:00
sigurds@chromium.org
055fe8c3e9 Update and extend context specialization.
* Add store-chain folding to context specialization.
* Replace all uses of context with constant and then use
  a visitor to find the places to optimize.

BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/440053002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22993 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-08-08 11:05:31 +00:00
sigurds@chromium.org
8322577eeb Make start node a value input to parameter nodes.
BUG=
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/437183002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22851 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-08-05 08:47:39 +00:00
danno@chromium.org
a1383e2250 Land the Fan (disabled)
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/426233002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22709 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-07-30 13:54:45 +00:00