The int64-lowering only lowered store instructions with a word64 store
representation. For all other stores the default lowering applied. The
default lowering replaces all input nodes with both their replacement
nodes, which can change the number of input nodes of the lowered node.
In WebAssembly there exist stores which take an I64 input and store it
with a different representation, e.g. I32. In TurboFan this translates
to a store node with word32 store representation and a word64 value
input. The default lowering replaces the word64 value input to become
two word32 value inputs, which makes the number of inputs of the store
node invalid. This CL discards the high word replacement of the value
input so that the number of input nodes of a store node does not change
in the default lowering.
R=titzer@chromium.orgCC=rossberg@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2668023004
Cr-Commit-Position: refs/heads/master@{#42860}
This is a step towards encoding all the necessary information in
the feedback slot kind instead of storing it in the IC dispatcher's
code object flags.
BUG=v8:5849, v8:5917
Review-Url: https://codereview.chromium.org/2662113005
Cr-Commit-Position: refs/heads/master@{#42859}
Using .caller, one can get access to the internal function that invokes the
handler passed to Promise.prototype.then. This internal function is a TF
builtin that was set up as non-native and without an argument adaptor. As a
consequence of this, when accessing .arguments on it, the frame-walking logic in
the .arguments accessor thinks the number of arguments is -1 and we try to
allocate an array of size -1.
This CL marks the builtin function as native (making its .arguments be null),
along with a few others that may have been incorrect in the same way.
BUG=chromium:682349
Review-Url: https://codereview.chromium.org/2672453002
Cr-Commit-Position: refs/heads/master@{#42855}
Move set_native(true) from InstallFunction into CreateFunction in order to
emphasize the places where we create non-native functions.
No change in semantics overall.
BUG=
Review-Url: https://codereview.chromium.org/2667993005
Cr-Commit-Position: refs/heads/master@{#42854}
This is the first step to reduce the size of the out-of-line code of
TrapIf. Instead of passing the context to the runtime call as a
parameter, we pass Smi::kZero to the runtime call and then get the
actual context from the WasmFrame on the stack.
BUG=v8:5908
R=titzer@chromium.org, clemensh@chromium.org
Review-Url: https://codereview.chromium.org/2664273002
Cr-Commit-Position: refs/heads/master@{#42853}
Reason for revert:
AAAAAHHHHHHH
Original issue's description:
> [tools] Fix RegExp for ticksprocessor.
>
> Properly attribute all builtins, bytecode handlers and other stubs to
> the calling function unless --separate-ic is passed.
>
> R=jarin@chromium.org
> NOTRY=true
>
> Review-Url: https://codereview.chromium.org/2668953002
> Cr-Commit-Position: refs/heads/master@{#42849}
> Committed: 42011d2997TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
Review-Url: https://codereview.chromium.org/2664033005
Cr-Commit-Position: refs/heads/master@{#42851}
I removed some constant folding optimizations for float instruction in
https://codereview.chromium.org/2647353007 because they were incorrect
if the input was a signalling NaN. Removing these optimizations, however
had an unexpectedly big impact on asm.js performance. With this CL I
restore the optimizations again when the source origin is not wasm. In
JavaScript signalling NaNs are not observable and therefore the
optimizations are correct.
R=titzer@chromium.org
BUG=chromium:686654
Review-Url: https://codereview.chromium.org/2666903002
Cr-Commit-Position: refs/heads/master@{#42850}
Properly attribute all builtins, bytecode handlers and other stubs to
the calling function unless --separate-ic is passed.
R=jarin@chromium.org
NOTRY=true
Review-Url: https://codereview.chromium.org/2668953002
Cr-Commit-Position: refs/heads/master@{#42849}
Reason for revert:
Breaks win64 it seems.
Original issue's description:
> [turbofan] Constant propagation for JumpIfFalse/JumpIfTrue.
>
> The JumpIfFalse and JumpIfTrue bytecodes test the accumulator, and
> branch based on whether the accumulator is true or false (no other
> value allowed, and in fact TurboFan would blow up if you would pass
> anything else, since Branch operator can only deal with Boolean).
> So for either branch we know exactly the value of the accumulator,
> and we can update the environment to this constant value instead.
>
> This helps to avoid the useless bit materialization that currently
> happens when || or && is being used in a value context.
>
> R=jarin@chromium.org
> BUG=v8:5267
>
> Review-Url: https://codereview.chromium.org/2666283002
> Cr-Commit-Position: refs/heads/master@{#42843}
> Committed: 158ac92871TBR=jarin@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2668933002
Cr-Commit-Position: refs/heads/master@{#42845}
The function being tested is forced to go through Turbofan anyway (since it references a module variable).
Adding --turbo explicitly just to make a check happy.
BUG=
Review-Url: https://codereview.chromium.org/2664393003
Cr-Commit-Position: refs/heads/master@{#42844}
The JumpIfFalse and JumpIfTrue bytecodes test the accumulator, and
branch based on whether the accumulator is true or false (no other
value allowed, and in fact TurboFan would blow up if you would pass
anything else, since Branch operator can only deal with Boolean).
So for either branch we know exactly the value of the accumulator,
and we can update the environment to this constant value instead.
This helps to avoid the useless bit materialization that currently
happens when || or && is being used in a value context.
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2666283002
Cr-Commit-Position: refs/heads/master@{#42843}
The String.prototype was altered after snapshot time (during
experimental natives setup), invalidating the stored map used for
fast-path checks.
BUG=
Review-Url: https://codereview.chromium.org/2663303003
Cr-Commit-Position: refs/heads/master@{#42842}
The InstructionSelector on x64 didn't properly implement
VisitWord32Equal via VisitWordCompareZero, and thus it didn't
properly combined useless Word32Equal comparisons with zero
(which we use to implement bit negation).
R=jarin@chromium.org
BUG=v8:5267
Review-Url: https://codereview.chromium.org/2662123004
Cr-Commit-Position: refs/heads/master@{#42841}
Rename to Construct and ConstructWithSpread, to match the names of
the JSOperators used.
Unfortunately, I can't find a way for auto-formatting to stay happy unless we
change the indentation for the whole BYTECODE_LIST macro.
Review-Url: https://codereview.chromium.org/2663963003
Cr-Commit-Position: refs/heads/master@{#42840}
We already had an optimization in the CommonOperatorReducer that would
duplicate a Return with Phi, EffectPhi and Merge inputs into the
respective branches. But we can also do the same if the effect input of
the Return dominates all branches, i.e. if the Return and Phi nodes are
the only users of the Merge node.
This helps with the awkward code generation that we currently observe
for || and && in return position.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2668903002
Cr-Commit-Position: refs/heads/master@{#42839}
Previously we allowed unreachable returns to be skipped.
This won't work if we strictly follow the spec.
BUG=None
TEST=Manual against more strict wasm validation
R=titzer@chromium.org,rossberg@chromium.org
Review-Url: https://codereview.chromium.org/2668873003
Cr-Commit-Position: refs/heads/master@{#42833}
Throw a syntax error on "new import(1)" expression. Adds a new error msg as well.
BUG=v8:5785
Review-Url: https://codereview.chromium.org/2661113002
Cr-Commit-Position: refs/heads/master@{#42827}
Also updated some tests due to the change. The general pattern is when a
trailing comma is expected to cause a SyntaxError, an additional comma was
added.
BUG=v8:5051
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel
Review-Url: https://codereview.chromium.org/2638513002
Cr-Commit-Position: refs/heads/master@{#42826}
If hidden scopes are ignored, the scopes and variable produced by the PreParser
already matched the scopes and variables produced by the Parser.
BUG=v8:5516
R=vogelheim@chromium.org
Review-Url: https://codereview.chromium.org/2663043003
Cr-Commit-Position: refs/heads/master@{#42824}
Rewrites import expression into a runtime call. Uses peekahead to
determine if parsing an import declaration or import expression.
The runtime call doesn't actually do the import yet, will be added in
follow on patch.
Adds a new --harmony-dynamic-import flag.
Adds a ignore_error_msg parameter to the test runner to ignore the
discrepancy in the error messages while parsing import expression with
parser and pre parser. This discrepancy will actually never happen in
real code.
BUG=v8:5785
Review-Url: https://codereview.chromium.org/2661933003
Cr-Commit-Position: refs/heads/master@{#42820}
Port 56429fc146
Original Commit Message:
Introduced MachineType::TaggedSigned() and TaggedPointer().
The idea is to quit using the representational dimension of Type, and
instead encode this information in the MachineRepresentation (itself
lightly wrapped in MachineType, along with MachineSemantic).
There are three parts to the whole change:
1) Places that set the machine representation - constant nodes, loads nad
stores, global object and native context specialization.
2) Places that propagate type/representation - this is representation
inference (aka simplified lowering). At the end of this process we
expect to have a MachineRepresentation for every node. An interesting
part of this is phi merging.
3) Places that examine representation - WriteBarrier elimination does this.
Currently it's looking at the Type representation dimension, but as
a part of this change (or in a soon-to-follow change) it can simply
examine the MachineRepresentation.
R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2662223003
Cr-Commit-Position: refs/heads/master@{#42817}
Reason for revert:
Causes test timeouts.
Original issue's description:
> [Test] Do a set number of runs to trigger optimisation for SuperSpread.
>
> BUG=v8:5895
>
> Review-Url: https://codereview.chromium.org/2669523002
> Cr-Commit-Position: refs/heads/master@{#42811}
> Committed: d4c22c3084TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5895
Review-Url: https://codereview.chromium.org/2669553002
Cr-Commit-Position: refs/heads/master@{#42812}
