Skip to content

V
V8
Switch branch/tag
  1. 18 Feb, 2020 1 commit
  3. 12 Feb, 2020 1 commit
  5. 11 Feb, 2020 1 commit
    • Nico Hartmann's avatar
      [torque] Reduce generated CSA variables and labels · 89b248b6
      Nico Hartmann authored 
      This CL significantly reduces the size of CSA files generated from
torque by introducing only those Phis at block entry that are
required and otherwise uses defined values directly.

To do so it does:
- Define a DefinitionLocation that represents where a value is
  defined.
- For each block compute all the definitions that reach that
  block and introduce a phi iff the reaching definitions for a value
  are not the same for all predecessor blocks.
- In CSAGenerator map all DefinitionLocations to variables, such that
  if the same value is used in multiple blocks, it is mapped to the
  same variable without the need to pass it along the jump. This
  reduces both the arguments passed to Goto, Branch, ... and the
  variables that need to be passed to Bind when the block's label is
  bound. This reduces the number of temporary variables
  significantly. Temporaries are declared outside of blocks now
  in order to be accessible from other blocks.

Drive-by changes:
- Sequences of SetSourcePosition calls are merged if no output is
  generated between them.
- Dead blocks are no longer generated in release builds.

Bug: v8:9861
Change-Id: I5c30e5376e93c424c3ebfc5144a08592d77ae61f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2037444
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#66225}
      89b248b6
  7. 10 Jan, 2020 1 commit
    • Seth Brenith's avatar
      [torque] move more bitfield definitions to Torque · 87c16da5
      Seth Brenith authored 
      This change moves the definitions of the bitfield flags used by Symbol
and Map to Torque. Symbol could directly follow the pattern established
by SharedFunctionInfo, but Map required some other changes:
- Until now, Torque bitfield definitions have required unsigned types. I
  thought that this would be the least-surprising behavior, since we
  never sign-extend when decoding bitfield values. However, I believe
  that the amount of churn involved in making ElementsKind be unsigned
  outweighs the benefit we were getting from this restriction (and
  similar difficulties are likely to arise in converting other bitfield
  structs to Torque), so this CL updates Torque to allow signed bitfield
  values.
- If we try to make Map extend from all of the generated classes that
  define its flags, we end up with class sizing problems because some
  compilers only apply empty base class optimization to the first in a
  row of empty base classes. We could work around this issue by
  generating macros instead of classes, but I took this as an
  opportunity for a minor clean-up instead: rather than having bitfield
  definitions for several different bitfield structs all jumbled
  together in Map, they can be split up. I think this makes the code a
  little easier to follow, but if others disagree I'm happy to implement
  macro generation instead.

Change-Id: Ibf339b0be97f72d740bf1daa8300b471912faeba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1988934Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarRoss McIlroy <rmcilroy@chromium.org>
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#65701}
      87c16da5
  9. 27 Dec, 2019 1 commit
    • Daniel Clifford's avatar
      Port bitfield ScopeFlags to Torque · 7e8a197c
      Daniel Clifford authored 
      In the process:

* Rework the Torque definition of ScopeInfo to enable direct
  field-style access of ScopeFlags, removing some dead code in
  the process.
* Allow implicit FromConstexpr conversion from subtypes of
  'constexpr A' to other types. This makes it possible/easy to
  convert constexpr versions of enums to other types, since the
  constexpr version of the enum isn't addressable. It's namespace
  isn't a valid namespace and is an implementation detail anyway.
* Cleanup LanguageMode: Language mode is now an enum and directly
  mirrors the C++-side definition rather than being a Smi. With
  the changes above, a new type LanguageModeSmi is introduced
  that is the Smi representation of LanguageMode that can be
  implicitly casted from constexpr LanguageMode values.

Change-Id: I190412f95e02905f445d149883fbf1f2b8ed757b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1977159
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65561}
      7e8a197c
  11. 20 Dec, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] multiple arrays in one object · 59e8d45a
      Tobias Tebbi authored 
      This allows the definition of classes with several arrays and ports
SmallOrderedHashTable subclasses to Torque as an example, including
the existing CSA allocation functions for them.

Overview of changes:
- Introduce ResidueClass to encapsulate the modulo-arithmetic
  necessary to do alignment checks.
- Add MachineOperatorReducer to the CSA pipeline to address now
  missing CSA ad-hoc constant folding that got blocked by a
  temporary phi.
- Allow assignments to references to structs. This is needed to
  initialize the data_table part of SmallOrderedHashMap.
- Make the NumberLiteralExpression AST-node store a double instead
  of a string. This is necessary to detect arrays with constant size
  used for padding.
- Turn offsets into base::Optional<size_t> to ensure we don't use
  an invalid or statically unknown offset.
- Remove CreateFieldReferenceInstruction since it doesn't work for
  complex offset computations and the logic can be expressed better
  in ImplementationVisitor.
- Validate alignment of structs embedded in classes.

Bug: v8:10004 v8:7793
Change-Id: Ifa414b42278e572a0c577bf9da3d37f80771a258
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1958011
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65538}
      59e8d45a
  13. 17 Dec, 2019 1 commit
    • Seth Brenith's avatar
      [torque] Load and store bitfields · d5f180b7
      Seth Brenith authored 
      This change implements support for reading and writing bitfields from
Torque code, and adds a couple of unit tests for this functionality. As
Tobias suggested, the LocationReference for a bitfield access contains
a nested LocationReference to where the bitfield struct is stored, so
that store operations can read the original value, update part of it,
and write it back.

Bug: v8:7793
Change-Id: I1004a5c7fcb6cf58df5ad50109b114bf89c80efc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1957841
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65487}
      d5f180b7
  15. 10 Dec, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] allow allocation of strings · 8ed9be48
      Tobias Tebbi authored 
      This CL generalizes and improves how we handle allocations in Torque.

Overview of the changes:
- Remove obsolete special handling for JSObject classes, since it was
  incomplete: It breaks as soon as slack tracking is active.
- Handle array initialization using slices.
- Properly align allocation sizes. This enabled allocating strings.
- Port AllocateSeq{One,Two}ByteString to Torque, which is much easier
  now than the old CSA code since allocation size alignment and
  large-object space allocation just happen out-of-the-box.
- Remove obsolete or unnecessary intrinsics, some of them turn into
  macros in the torque_internal namespace.
- Distinguish between header size and overall size for ClassType,
  make size optional and only defined when it is statically known.


Bug: v8:10004 v8:7793
Change-Id: I623db233e7fb4deed54e8039ae0c24705e9a44e8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1932356Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65397}
      8ed9be48
  17. 21 Nov, 2019 2 commits
    • Tobias Tebbi's avatar
      [torque] shape: define in-object properties properly · cfab6505
      Tobias Tebbi authored 
      This introduces a new keyword "shape" in addition to "class",
which allows the definition of a type that extends a JSObject
subclass and specifies one or several maps with statically
known in-object properties.
Differences compared to normal classes:
- Shapes are transient since they specify maps instead of
  instance types.
- Shapes have a known size.
- Fields of shapes are always in-object properties. In particular,
  this means that their offset is after kHeaderSize.
- It's forbidden to inherited from shapes.
- Since shapes usually specify NativeContext-dependent maps, it's
  not possible to write runtime type-checks for them. Thus this CL
  avoids mapping them to their own TNode type, as the CAST macro
  won't work properly. We had runtime-checks for some of them
  nevertheless, some of them scarily confusing like
  IsJSSloppyArgumentsObject, that actually just checked the instance
  type.

Drive-by cleanups and simplifications:
- Allow subclassing from non-abstract classes and remove
  @dirtyInstantiatedAbstractClass. This attribute stems from a mis-
  conception of how instance types work, and with this change it
  ceases to have semantic influence.
- Replace the existing JSArgumentsObject subclasses into two shapes.
  JSArgumentsObjectWithLength had to be removed since shapes don't
  support subclassing.
- Place kHeaderSize correctly for objects with indexed fields.

Design doc:
https://docs.google.com/document/d/1zPy2ZYfNFjeEuw6Mz3YJA-GaPGbdcSYam3SrS7ETzRU

Bug: v8:8944

Change-Id: Iabf185ccd27d0900e0890539a7fe9eaa8bf2d50e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1917140
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65108}
      cfab6505
    • Tobias Tebbi's avatar
      [torque] add %SizeOf intrinsic · dddc6a90
      Tobias Tebbi authored 
      This replaces the fragile hand-coded SizeOf function.

Bug: v8:7793
Change-Id: I6bd84f367182b947486192f8968c56723f29efaa
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1924265Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#65089}
      dddc6a90
  19. 28 Oct, 2019 1 commit
  21. 12 Sep, 2019 1 commit
  23. 30 Aug, 2019 1 commit
    • Georg Schmid's avatar
      [torque] Add HeapSlice location references to Torque · cbf01502
      Georg Schmid authored 
      This CL adds a LocationReference specifically for slices to Torque. This allows us to safely reference arrays in objects and pass around such references. For an array of T-typed elements, referencing yields a Slice<T>. In addition, the traditional element access syntax ('o.array[i]') now internally produces a slice, indexes it at 'i' and dereferences the resulting HeapReference.

Bug: v8:7793
Change-Id: I4af58e4d2feac547c55a1f6f9350a6c510383df2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771782
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63479}
      cbf01502
  25. 26 Jul, 2019 1 commit
  27. 21 Jun, 2019 1 commit
    • Sigurd Schneider's avatar
      [torque] Support 'real' internal classes · 76c1e829
      Sigurd Schneider authored 
      Rework the implementation of non-external Torque classes to use
Struct machinery rather than FixedArray machinery. This allows
Torque-only defined 'internal' classes to the automatically generate
class verifiers and printers.

As part of this change, generate C++ boilerplate accessors for
internal Torque classes, since this is a pre-requisite for the
verifiers, printers and other Struct-based functionality.

Moreover, augment the header-generating functionality in Torque
to create separate header files for field offset definitions,
internal class C++ definitions and instance types.

Bug: v8:7793
Change-Id: I47d5f1570040c2b44d378f23b6cf95d3d132dacc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1607645
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62317}
      76c1e829
  29. 19 Jun, 2019 1 commit
  31. 06 Jun, 2019 1 commit
    • Simon Zünd's avatar
      [torque] Add lint errors for unused variable and label bindings · 0e53739c
      Simon Zünd authored 
      This CL adds lint errors when 'let' bindings, arguments and labels
are not used. Note that errors for 'const' bindings will be added
later.

In cases where arguments are actually needed to match the signature,
the warning can be silenced by prefixing identifiers with "_". This
might be needed for generic specializations or builtins called from
TurboFan. Trying to use a variable or label that was marked with
"_" results in a compilation error.

Implicit arguments are not linted. They are implemented using exact
string matching. Prefixing an implicit argument with "_" in a callee
would break all callers as the names would no longer match.

Drive-by: Fix all new lint errors in the existing Torque code.

Bug: v8:7793
Change-Id: I68b3c59c76b956e9f88709e9388a40a19546ce52
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1645092
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62027}
      0e53739c
  33. 05 Jun, 2019 1 commit
  35. 27 May, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] no longer generate assemblers per namespace · 19d8bfa5
      Tobias Tebbi authored 
      Instead of generating one CodeStubAssembler-like class per namespace,
Torque-generated macros are now free-standing functions not included
from CSA code, and explicitly exported macros become part of the new
TorqueGeneratedExportedMacrosAssembler, which CodeStubAssembler
inherits from, thus making them available to all CSA code.

Structs are now defined in a new header csa-types-tq.h as free-standing
types with the prefix "TorqueStruct".

This is a preparation for generating per Torque-file instead of per
namespace.

Change-Id: I60fadc493a63f85d1d340768ec6f11ae47be0cb8
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1628787
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61865}
      19d8bfa5
  37. 24 May, 2019 1 commit
  39. 24 Apr, 2019 1 commit
  41. 11 Apr, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] add references to HeapObject fields. · a9a1a3bb
      Tobias Tebbi authored 
      This adds references to HeapObject fields to Torque.
The syntax is based on Rust (which is essentially C pointer syntax).

The type &T is a reference to T (which must be a scalar type for now).
We can create references from field access expressions, using the
addressof(&) operator:
  &obj.fieldname
To read or assign a reference, we use the dereference(*) operator:
  *someref = *otherref

This CL also uses references internally normal class field accesses,
but only if there is no overload for field accessor functions.
This allows to have overloaded field accessors for a subtype like
FastJSArray. However, there is a change in behavior in that an
operator ".fieldname" will stop reference creation and will therefore
also stop write access to a class field of the same name. That's why
this CL had to add a write overload ".length=" for FastJSArray.

References desugar to a pair of a tagged HeapObject pointer and an
untagged offset into this HeapObject. On the CSA-side, they are
represented by the C++ struct

struct TorqueReference {
  TNode<HeapObject> object;
  TNode<IntPtrT> offset;
};

Bug: v8:7793
Change-Id: Ica6468d47847bd68fb6b85f731cf8fbe142fa401
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1557151
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60780}
      a9a1a3bb
  43. 03 Apr, 2019 1 commit
  45. 01 Mar, 2019 1 commit
  47. 25 Feb, 2019 1 commit
  49. 19 Feb, 2019 1 commit
  51. 18 Feb, 2019 1 commit
    • Mike Stanton's avatar
      Reland "[Torque] Add source positions for Torque files" · b08c6947
      Mike Stanton authored 
      Reason for revert/reland: UBSan complained of unaligned reads.

To improve the Torque debugging experience, we can add source positions
for each line. This information is carried through the generated
CSA code (in <output directory>/gen/torque-generated/*.cc) and
embedded as SourcePositions in the Code object.

At snapshot time, these SourcePositions are stripped from the Code
object and turned into platform-appropriate line number debug
information.

At this time on Linux, you'll need to build with "is_clang=false"
in order to use GCC, because crucial steps are missing in Clang's
ability to convey the information into the binary successfully.

This CL also introduces a flag to control the existing source
information in CSA code. --enable-source-at-csa-bind is now set
to false by default because it's a bit confusing to "hop" between
source lines in .TQ files and in .CC files. I expect to continue
making adjustments there, as I want to provide helpful
debugging aids at the CSA level as well as the Torque level.
The current configuration prioritizes Torque.

TBR=tebbi@chromium.org

Bug: v8:8418
Change-Id: Idb80467d3679ec2361386fe9b67597b93d7f72cf
Reviewed-on: https://chromium-review.googlesource.com/c/1475763Reviewed-by: 's avatarMichael Stanton <mvstanton@chromium.org>
Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59657}
      b08c6947
  53. 15 Feb, 2019 3 commits
    • Michael Stanton's avatar
      Revert "[Torque] Add source positions for Torque files" · 9542fd8f
      Michael Stanton authored 
      This reverts commit 0a24e67a.

Reason for revert: Broke Linux 64 UBSan build with unaligned read in the snapshot. Will investigate...

Original change's description:
> [Torque] Add source positions for Torque files
> 
> To improve the Torque debugging experience, we can add source positions
> for each line. This information is carried through the generated
> CSA code (in <output directory>/gen/torque-generated/*.cc) and
> embedded as SourcePositions in the Code object.
> 
> At snapshot time, these SourcePositions are stripped from the Code
> object and turned into platform-appropriate line number debug
> information.
> 
> At this time on Linux, you'll need to build with "is_clang=false"
> in order to use GCC, because crucial steps are missing in Clang's
> ability to convey the information into the binary successfully.
> 
> This CL also introduces a flag to control the existing source
> information in CSA code. --enable-source-at-csa-bind is now set
> to false by default because it's a bit confusing to "hop" between
> source lines in .TQ files and in .CC files. I expect to continue
> making adjustments there, as I want to provide helpful
> debugging aids at the CSA level as well as the Torque level.
> The current configuration prioritizes Torque.
> 
> A detailed guide on usage to follow (also on v8.dev).
> 
> Bug: v8:8418
> Change-Id: Ib4226877ce4cae451bb4d0c546927e89f4e66b58
> Reviewed-on: https://chromium-review.googlesource.com/c/1475473
> Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
> Commit-Queue: Michael Stanton <mvstanton@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#59636}

TBR=mvstanton@chromium.org,tebbi@chromium.org

Change-Id: I4ccf94dfdb8b2ba238a60db9ecc8e3ceebef2699
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:8418
Reviewed-on: https://chromium-review.googlesource.com/c/1475757Reviewed-by: 's avatarMichael Stanton <mvstanton@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59637}
      9542fd8f
    • Mike Stanton's avatar
      [Torque] Add source positions for Torque files · 0a24e67a
      Mike Stanton authored 
      To improve the Torque debugging experience, we can add source positions
for each line. This information is carried through the generated
CSA code (in <output directory>/gen/torque-generated/*.cc) and
embedded as SourcePositions in the Code object.

At snapshot time, these SourcePositions are stripped from the Code
object and turned into platform-appropriate line number debug
information.

At this time on Linux, you'll need to build with "is_clang=false"
in order to use GCC, because crucial steps are missing in Clang's
ability to convey the information into the binary successfully.

This CL also introduces a flag to control the existing source
information in CSA code. --enable-source-at-csa-bind is now set
to false by default because it's a bit confusing to "hop" between
source lines in .TQ files and in .CC files. I expect to continue
making adjustments there, as I want to provide helpful
debugging aids at the CSA level as well as the Torque level.
The current configuration prioritizes Torque.

A detailed guide on usage to follow (also on v8.dev).

Bug: v8:8418
Change-Id: Ib4226877ce4cae451bb4d0c546927e89f4e66b58
Reviewed-on: https://chromium-review.googlesource.com/c/1475473Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59636}
      0a24e67a
    • Tobias Tebbi's avatar
      [csa] re-enable release build FixedArray bounds checks · 722f7139
      Tobias Tebbi authored 
      To address previously observed regressions, this CL also introduces
unchecked FixedArray accessors and uses them to access collections.

Bug: v8:8029
Change-Id: I6bcd8db2b89b29b7acb3b8431ec5405b737bcef2
Reviewed-on: https://chromium-review.googlesource.com/c/1473033
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: 's avatarJaroslav Sevcik <jarin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59631}
      722f7139
  55. 06 Feb, 2019 2 commits
  57. 05 Feb, 2019 1 commit
  59. 04 Feb, 2019 1 commit
  61. 25 Jan, 2019 1 commit
  63. 24 Jan, 2019 1 commit
    • Daniel Clifford's avatar
      [torque] Correctly support JSObject allocation with 'new' · 32a92cf5
      Daniel Clifford authored 
      This requires honoring the instance size of the object stored in the
map for JSObject. To do this, allocation is now split into two
instrinsics, one that calculates the base size of the allocated object
(%GetAllocationBaseSize) and one that actually allocates (%Allocate).

In the process, remove objects.tq, which only existed to contain a
macro to fetch the default JSObject map, which is functionality that
is now in the JSObject class constructor.

Bug: v8:7793
Change-Id: I426a7943aac67eacad46d4ff39f5c821489a04bc
Reviewed-on: https://chromium-review.googlesource.com/c/1426959
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#59052}
      32a92cf5
  65. 16 Jan, 2019 1 commit
    • Daniel Clifford's avatar
      [torque] Implement methods and constructors for structs and classes · b615dfa5
      Daniel Clifford authored 
      With the changes in this patch,	it is now possible to add methods to
both Torque's class and struct types. As a special case, "constructor"
methods are used to initialize the values of classes and structs when
they are constructed.

The functionality in this patch	includes:

- The refactoring of class- and struct-handling code to share field
  and method declaration code between both.

- Addition of the "%Allocate" intrinsic that allocates raw bytes to be
  allocated from the V8 GC's NewSpace heap as the basis for freshly
  created, initialized class objects.

- An implementation of a CallMethodExpression AST node that enables
  calling methods and constructors, including special handling of
  passing through the "this" pointer for method calls on structs by
  reference. The syntax for struct construction using "{}" remains as
  before, but now calls the struct's matching constructor rather than
  implicitly initializing the struct fields with the initialization
  arguments. A new syntax for allocation classes is introduced: "new
  ClassName{constructor_param1, constructor_param1, ...}", which
  de-sugars to an %Allocate call followed by a call to the matching
  constructor.

- class	constructors can use the "super" keyword to initialize	their
  super class.

- If classes and struct do not have a constructor, Torque creates a
  default constructor for them based on their field declarations,
  where each field's initial value is assigned to a same-typed
  parameter to the the default constructor. The default constructor's
  parameters are in field-declaration order, and for derived classes,
  the default constructor automatically uses a "super" initialization
  call to initialize inherited fields.

- Class field declarations now automatically create ".field" and
  ".field=" operators that create CSA-compatible object accessors.

- Addition of a no-argument constructor for JSArrays that creates an
  empty, PACKED_SMI_ELEMENTS JSArray using the machinery added
  elsewhere in this patch.

Bug: v8:7793
Change-Id: I31ce5f4b444656ab999555d780aeeba605666bfa
Reviewed-on: https://chromium-review.googlesource.com/c/1392192
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58860}
      b615dfa5
  67. 10 Jan, 2019 1 commit
    • Daniel Clifford's avatar
      [torque]: Class declarations · d0e95c7a
      Daniel Clifford authored 
      Class declarations support structured heap data that is a subtype of
HeapObject. Only fields of Object subtypes (both strong and weak)
are currently supported (no scalar fields yet).

With this CL, both the field list macro used with the C++
DEFINE_FIELD_OFFSET_CONSTANTS macro (to make field offset constants) as
well as the Torque "operator '.field'" macros are generated for the
classes declared in Torque. This is a first step to removing the
substantial amount of duplication and boilerplate code
needed to declare heap object classes.

As a proof of concept, and handful of class field definitions,
including those for non trivial classes like JSFunction, have been
moved to Torque.

Bug: v8:7793
Change-Id: I2fa0b53db65fa6f5fe078fb94e1db3418f908753
Reviewed-on: https://chromium-review.googlesource.com/c/1373971
Commit-Queue: Daniel Clifford <danno@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58704}
      d0e95c7a
  69. 17 Dec, 2018 2 commits
    • Jakob Gruber's avatar
      [nojit] Change builtin pointers to use Smis underneath · fa3cbf60
      Jakob Gruber authored 
      This changes Torque's builtin pointers to use a Smi representation
underneath instead of storing the Code target object. Callsites look
up the target entry point through IsolateData::builtin_entry_table.

The notable effect of this CL is that builtin pointer calls no longer
call any on-heap Code.

Bug: v8:7777
Change-Id: Ibf6c749dd46cae7aba51494b09921229dd436f63
Reviewed-on: https://chromium-review.googlesource.com/c/1379880
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58286}
      fa3cbf60
    • Jakob Gruber's avatar
      [nojit] Add a kCallBuiltinPointer call kind · f323a5f4
      Jakob Gruber authored 
      Currently, Torque's builtin pointers store a Code target underneath and
callsites generate a kArchCallCodeObject opcode. When embedded builtins
are enabled, the call thus first calls the on-heap trampoline, which
finally jumps to the target off-heap builtin code.

This will no longer be possible in jitless mode, since on-heap code must
not be executable.

As a step towards changing the way builtin pointers are called
(function pointers will hold the builtin index as a Smi, and callsites
look up the off-heap target address and jump there), this CL adds a
dedicated opcode for builtin pointer calls to the compiler pipeline.

The calling mechanism itself is unchanged, changes there will happen
in a follow-up.

Drive-by: rename 'FunctionPointer' in torque/ to 'BuiltinPointer'.

Bug: v8:7777
Change-Id: Ic999a1cd7c3172425dd4a1513ae2f50c774faddb
Reviewed-on: https://chromium-review.googlesource.com/c/1378175Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#58281}
      f323a5f4