Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(199)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1410953006: [turbofan] Properly type field access to stable heap object maps. (Closed)

Created:
5 years, 1 month ago by Benedikt Meurer
Modified:
5 years, 1 month ago
Reviewers:
Jarin, rossberg
CC:
v8-reviews_googlegroups.com
Base URL:
https://chromium.googlesource.com/v8/v8.git@master
Target Ref:
refs/pending/heads/master
Project:
v8
Visibility:
Public.

Description

[turbofan] Properly type field access to stable heap object maps. Introduce new typing rules for LoadField[Map], which try to take into account stable map information if the object either has type Constant or type Class. If the map of the object is stable but can transition we have to introduce a code dependency in the Typer to make sure that the information (the Constant type we infer for LoadField[Map]) is valid (and stays valid). This also settles the policy for depending on map stability: The definition can introduce any number of maps, without having to pay attention to stability (i.e. you can always use Type::Class to introduce a map that is propagated along the value edges), and the use site is responsible for checking that the type information is valid before using it. I.e. if you use stable map information, you'll have to add a stability dependency (or make sure the map cannot transition). Drive-by-improvement: Add ReferenceEqualTyper which takes input types into account for improved constant folding. Drive-by-fix: Apply policy mentioned above to JSNativeContextSpecialization. R=jarin@chromium.org, rossberg@chromium.org BUG=v8:4470 LOG=n Committed: https://crrev.com/44b9122d9f66e746f8f2126b04f30d0eac83fceb Cr-Commit-Position: refs/heads/master@{#31567}

Patch Set 1 #

Total comments: 2

Patch Set 2 : Slightly improve field type extraction. #

Patch Set 3 : Fix Andreas' comment. #

Patch Set 4 : Fixes #

Patch Set 5 : Make GCC happy #

Patch Set 6 : Final workarounds. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+98 lines, -16 lines) Patch
M src/compiler/js-native-context-specialization.cc View 1 2 chunks +7 lines, -11 lines 0 comments Download
M src/compiler/pipeline.cc View 1 chunk +5 lines, -1 line 0 comments Download
M src/compiler/typer.h View 1 2 3 4 5 chunks +17 lines, -1 line 0 comments Download
M src/compiler/typer.cc View 1 2 3 4 5 6 chunks +68 lines, -3 lines 0 comments Download
M test/cctest/compiler/function-tester.h View 1 2 3 1 chunk +1 line, -0 lines 0 comments Download

Messages

Total messages: 23 (8 generated)
Benedikt Meurer
5 years, 1 month ago (2015-10-26 11:37:24 UTC) #1
Benedikt Meurer
Hey Jaro, Andreas, As discussed offline, take map feedback into account for LoadField[map] typing. Please ...
5 years, 1 month ago (2015-10-26 11:38:12 UTC) #2
rossberg
https://codereview.chromium.org/1410953006/diff/1/src/compiler/typer.cc File src/compiler/typer.cc (right): https://codereview.chromium.org/1410953006/diff/1/src/compiler/typer.cc#newcode1591 src/compiler/typer.cc:1591: if (lhs->Is(rhs) && rhs->Is(lhs)) return t->singleton_true_; I don't understand. ...
5 years, 1 month ago (2015-10-26 11:44:19 UTC) #3
Jarin
lgtm
5 years, 1 month ago (2015-10-26 11:44:21 UTC) #4
Benedikt Meurer
https://codereview.chromium.org/1410953006/diff/1/src/compiler/typer.cc File src/compiler/typer.cc (right): https://codereview.chromium.org/1410953006/diff/1/src/compiler/typer.cc#newcode1591 src/compiler/typer.cc:1591: if (lhs->Is(rhs) && rhs->Is(lhs)) return t->singleton_true_; Of course (similar ...
5 years, 1 month ago (2015-10-26 11:46:40 UTC) #5
Jarin
ah, andreas is right, the reference equality needs fixing.
5 years, 1 month ago (2015-10-26 11:47:32 UTC) #6
Benedikt Meurer
On 2015/10/26 11:47:32, Jarin wrote: > ah, andreas is right, the reference equality needs fixing. ...
5 years, 1 month ago (2015-10-26 11:47:56 UTC) #7
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1410953006/40001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1410953006/40001
5 years, 1 month ago (2015-10-26 11:48:07 UTC) #10
rossberg
lgtm
5 years, 1 month ago (2015-10-26 11:49:12 UTC) #11
commit-bot: I haz the power
Try jobs failed on following builders: v8_mac_rel on tryserver.v8 (JOB_FAILED, http://build.chromium.org/p/tryserver.v8/builders/v8_mac_rel/builds/11102)
5 years, 1 month ago (2015-10-26 11:56:38 UTC) #13
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1410953006/60001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1410953006/60001
5 years, 1 month ago (2015-10-26 12:04:38 UTC) #16
commit-bot: I haz the power
Try jobs failed on following builders: v8_linux_gcc_compile_rel on tryserver.v8 (JOB_FAILED, http://build.chromium.org/p/tryserver.v8/builders/v8_linux_gcc_compile_rel/builds/7682)
5 years, 1 month ago (2015-10-26 12:13:10 UTC) #18
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1410953006/100001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1410953006/100001
5 years, 1 month ago (2015-10-26 13:09:44 UTC) #21
commit-bot: I haz the power
Committed patchset #6 (id:100001)
5 years, 1 month ago (2015-10-26 14:04:06 UTC) #22
commit-bot: I haz the power
5 years, 1 month ago (2015-10-26 14:04:42 UTC) #23
Message was sent while issue was closed. 
Patchset 6 (id:??) landed as
https://crrev.com/44b9122d9f66e746f8f2126b04f30d0eac83fceb
Cr-Commit-Position: refs/heads/master@{#31567}

Powered by Google App Engine
This is Rietveld 408576698