1. 11 Mar, 2021 1 commit
    • Seth Brenith's avatar
      [torque] Add option for printing Torque IR · ad0e581c
      Seth Brenith authored
      While working on the Torque compiler, I've sometimes found it difficult
      to understand Torque's intermediate representation and how it
      corresponds to the output. In this change, I propose adding a build flag
      that instructs Torque to emit comments describing its IR, interspersed
      in the generated code. This is particularly useful for seeing the stack
      management instructions (Peek, Poke, and DeleteRange) which don't emit
      any corresponding C++ code.
      
      Bug: v8:7793
      Change-Id: I24bdec47da76c9bd751b928d3cd92aa513dc6593
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2748040Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
      Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      Cr-Commit-Position: refs/heads/master@{#73352}
      ad0e581c
  2. 23 Feb, 2021 1 commit
    • Seth Brenith's avatar
      [torque] Add LazyNode support · ede27407
      Seth Brenith authored
      This change adds a new abstract type Lazy<T> which can be used to
      interoperate with CSA code that uses LazyNode. This new type has special
      code-generation rules because its generated type is not TNode<...> but
      std::function<TNode<...>()>. Torque code can do nothing with this type
      except pass it around, but passing it to the CSA function RunLazy is an
      easy way to execute the std::function and get back a normal value.
      Torque code can also create Lazy<T> values using the intrinsic function
      %MakeLazy, which takes the name of a macro as its first parameter,
      followed by arguments to that macro which will be passed when the
      LazyNode is evaluated. We use the macro's name because the language
      doesn't support taking references to macros, and implementing such a
      feature would be complicated.
      
      Bug: v8:7793
      Change-Id: I09120960e3492dd51be0d4c57e14ff3826b99262
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2701752
      Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
      Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#72964}
      ede27407
  3. 19 Jan, 2021 1 commit
  4. 05 Oct, 2020 1 commit
    • Seth Brenith's avatar
      [torque] Add C++ backend for Torque compiler · c7c5d50d
      Seth Brenith authored
      This change adds a new code generator, which supports a subset of the
      instructions supported by the existing CSAGenerator, and instead of
      generating CSA it generates runtime C++ code. The new generator is used
      to generate a set of Torque macros that return slices to indexed fields.
      These new macros should be sufficient to eventually support
      Torque-generated field accessors, BodyDescriptors, verifier functions,
      and postmortem field inspection in debug_helper.
      
      Bug: v8:7793
      Change-Id: Ife2d25cfd55a08238c625a8b04aca3ff2a0f4c63
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2429566Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      Cr-Commit-Position: refs/heads/master@{#70313}
      c7c5d50d
  5. 15 Jun, 2020 1 commit
  6. 23 Apr, 2020 1 commit
  7. 22 Apr, 2020 1 commit
    • Seth Brenith's avatar
      Reland "[torque] Allow storing to bitfield structs that are stored in Smis" · a9270e2b
      Seth Brenith authored
      This is a reland of 80843eda
      
      Original change's description:
      > [torque] Allow storing to bitfield structs that are stored in Smis
      > 
      > This change:
      > 1. Updates the Torque compiler to allow direct access to bitfields that
      >    are packed within Smi values, which previously would have required a
      >    separate untagging step,
      > 2. Updates JSRegExpStringIterator to represent its flags in Torque,
      > 3. Adds reduction cases in MachineOperatorReducer for when the input to
      >    a branch or the left-hand side of a Word32Equals is based on a 64-bit
      >    shift-and-mask operation which has been truncated to 32 bits, as is
      >    the case in the code generated by step 1, and
      > 4. Adds a reduction case in MachineOperatorReducer to remove an extra
      >    Word64And operation added by step 1.
      > 
      > Bug: v8:7793
      > Change-Id: Ib4ac2def6211b3cae6be25a8b2a644be5c7d6d3f
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2119225
      > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#67290}
      
      Bug: v8:7793
      Change-Id: I783b6ec080042fec0e922927f6675dede458a072
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2159731Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67305}
      a9270e2b
  8. 21 Apr, 2020 2 commits
    • Francis McCabe's avatar
      Revert "[torque] Allow storing to bitfield structs that are stored in Smis" · db61168a
      Francis McCabe authored
      This reverts commit 80843eda.
      
      Reason for revert: Causes compilation failure on macs
      
      https://ci.chromium.org/p/v8/builders/ci/Mac%20V8%20FYI%20Release%20(Intel)/8934?
      
      
      Original change's description:
      > [torque] Allow storing to bitfield structs that are stored in Smis
      > 
      > This change:
      > 1. Updates the Torque compiler to allow direct access to bitfields that
      >    are packed within Smi values, which previously would have required a
      >    separate untagging step,
      > 2. Updates JSRegExpStringIterator to represent its flags in Torque,
      > 3. Adds reduction cases in MachineOperatorReducer for when the input to
      >    a branch or the left-hand side of a Word32Equals is based on a 64-bit
      >    shift-and-mask operation which has been truncated to 32 bits, as is
      >    the case in the code generated by step 1, and
      > 4. Adds a reduction case in MachineOperatorReducer to remove an extra
      >    Word64And operation added by step 1.
      > 
      > Bug: v8:7793
      > Change-Id: Ib4ac2def6211b3cae6be25a8b2a644be5c7d6d3f
      > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2119225
      > Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      > Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
      > Cr-Commit-Position: refs/heads/master@{#67290}
      
      TBR=tebbi@chromium.org,seth.brenith@microsoft.com,nicohartmann@chromium.org
      
      Change-Id: Ifa683c92631291c9437438682b6efb2e12862682
      No-Presubmit: true
      No-Tree-Checks: true
      No-Try: true
      Bug: v8:7793
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2159730Reviewed-by: 's avatarFrancis McCabe <fgm@chromium.org>
      Commit-Queue: Francis McCabe <fgm@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67291}
      db61168a
    • Seth Brenith's avatar
      [torque] Allow storing to bitfield structs that are stored in Smis · 80843eda
      Seth Brenith authored
      This change:
      1. Updates the Torque compiler to allow direct access to bitfields that
         are packed within Smi values, which previously would have required a
         separate untagging step,
      2. Updates JSRegExpStringIterator to represent its flags in Torque,
      3. Adds reduction cases in MachineOperatorReducer for when the input to
         a branch or the left-hand side of a Word32Equals is based on a 64-bit
         shift-and-mask operation which has been truncated to 32 bits, as is
         the case in the code generated by step 1, and
      4. Adds a reduction case in MachineOperatorReducer to remove an extra
         Word64And operation added by step 1.
      
      Bug: v8:7793
      Change-Id: Ib4ac2def6211b3cae6be25a8b2a644be5c7d6d3f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2119225
      Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#67290}
      80843eda
  9. 11 Feb, 2020 1 commit
    • Nico Hartmann's avatar
      [torque] Reduce generated CSA variables and labels · 89b248b6
      Nico Hartmann authored
      This CL significantly reduces the size of CSA files generated from
      torque by introducing only those Phis at block entry that are
      required and otherwise uses defined values directly.
      
      To do so it does:
      - Define a DefinitionLocation that represents where a value is
        defined.
      - For each block compute all the definitions that reach that
        block and introduce a phi iff the reaching definitions for a value
        are not the same for all predecessor blocks.
      - In CSAGenerator map all DefinitionLocations to variables, such that
        if the same value is used in multiple blocks, it is mapped to the
        same variable without the need to pass it along the jump. This
        reduces both the arguments passed to Goto, Branch, ... and the
        variables that need to be passed to Bind when the block's label is
        bound. This reduces the number of temporary variables
        significantly. Temporaries are declared outside of blocks now
        in order to be accessible from other blocks.
      
      Drive-by changes:
      - Sequences of SetSourcePosition calls are merged if no output is
        generated between them.
      - Dead blocks are no longer generated in release builds.
      
      Bug: v8:9861
      Change-Id: I5c30e5376e93c424c3ebfc5144a08592d77ae61f
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2037444
      Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#66225}
      89b248b6
  10. 20 Dec, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] multiple arrays in one object · 59e8d45a
      Tobias Tebbi authored
      This allows the definition of classes with several arrays and ports
      SmallOrderedHashTable subclasses to Torque as an example, including
      the existing CSA allocation functions for them.
      
      Overview of changes:
      - Introduce ResidueClass to encapsulate the modulo-arithmetic
        necessary to do alignment checks.
      - Add MachineOperatorReducer to the CSA pipeline to address now
        missing CSA ad-hoc constant folding that got blocked by a
        temporary phi.
      - Allow assignments to references to structs. This is needed to
        initialize the data_table part of SmallOrderedHashMap.
      - Make the NumberLiteralExpression AST-node store a double instead
        of a string. This is necessary to detect arrays with constant size
        used for padding.
      - Turn offsets into base::Optional<size_t> to ensure we don't use
        an invalid or statically unknown offset.
      - Remove CreateFieldReferenceInstruction since it doesn't work for
        complex offset computations and the logic can be expressed better
        in ImplementationVisitor.
      - Validate alignment of structs embedded in classes.
      
      Bug: v8:10004 v8:7793
      Change-Id: Ifa414b42278e572a0c577bf9da3d37f80771a258
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1958011
      Commit-Queue: Clemens Backes <clemensb@chromium.org>
      Reviewed-by: 's avatarClemens Backes <clemensb@chromium.org>
      Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#65538}
      59e8d45a
  11. 17 Dec, 2019 1 commit
    • Seth Brenith's avatar
      [torque] Load and store bitfields · d5f180b7
      Seth Brenith authored
      This change implements support for reading and writing bitfields from
      Torque code, and adds a couple of unit tests for this functionality. As
      Tobias suggested, the LocationReference for a bitfield access contains
      a nested LocationReference to where the bitfield struct is stored, so
      that store operations can read the original value, update part of it,
      and write it back.
      
      Bug: v8:7793
      Change-Id: I1004a5c7fcb6cf58df5ad50109b114bf89c80efc
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1957841
      Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#65487}
      d5f180b7
  12. 10 Dec, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] allow allocation of strings · 8ed9be48
      Tobias Tebbi authored
      This CL generalizes and improves how we handle allocations in Torque.
      
      Overview of the changes:
      - Remove obsolete special handling for JSObject classes, since it was
        incomplete: It breaks as soon as slack tracking is active.
      - Handle array initialization using slices.
      - Properly align allocation sizes. This enabled allocating strings.
      - Port AllocateSeq{One,Two}ByteString to Torque, which is much easier
        now than the old CSA code since allocation size alignment and
        large-object space allocation just happen out-of-the-box.
      - Remove obsolete or unnecessary intrinsics, some of them turn into
        macros in the torque_internal namespace.
      - Distinguish between header size and overall size for ClassType,
        make size optional and only defined when it is statically known.
      
      
      Bug: v8:10004 v8:7793
      Change-Id: I623db233e7fb4deed54e8039ae0c24705e9a44e8
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1932356Reviewed-by: 's avatarNico Hartmann <nicohartmann@chromium.org>
      Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#65397}
      8ed9be48
  13. 30 Aug, 2019 1 commit
    • Georg Schmid's avatar
      [torque] Add HeapSlice location references to Torque · cbf01502
      Georg Schmid authored
      This CL adds a LocationReference specifically for slices to Torque. This allows us to safely reference arrays in objects and pass around such references. For an array of T-typed elements, referencing yields a Slice<T>. In addition, the traditional element access syntax ('o.array[i]') now internally produces a slice, indexes it at 'i' and dereferences the resulting HeapReference.
      
      Bug: v8:7793
      Change-Id: I4af58e4d2feac547c55a1f6f9350a6c510383df2
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1771782
      Commit-Queue: Georg Schmid <gsps@google.com>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#63479}
      cbf01502
  14. 11 Apr, 2019 1 commit
    • Tobias Tebbi's avatar
      [torque] add references to HeapObject fields. · a9a1a3bb
      Tobias Tebbi authored
      This adds references to HeapObject fields to Torque.
      The syntax is based on Rust (which is essentially C pointer syntax).
      
      The type &T is a reference to T (which must be a scalar type for now).
      We can create references from field access expressions, using the
      addressof(&) operator:
        &obj.fieldname
      To read or assign a reference, we use the dereference(*) operator:
        *someref = *otherref
      
      This CL also uses references internally normal class field accesses,
      but only if there is no overload for field accessor functions.
      This allows to have overloaded field accessors for a subtype like
      FastJSArray. However, there is a change in behavior in that an
      operator ".fieldname" will stop reference creation and will therefore
      also stop write access to a class field of the same name. That's why
      this CL had to add a write overload ".length=" for FastJSArray.
      
      References desugar to a pair of a tagged HeapObject pointer and an
      untagged offset into this HeapObject. On the CSA-side, they are
      represented by the C++ struct
      
      struct TorqueReference {
        TNode<HeapObject> object;
        TNode<IntPtrT> offset;
      };
      
      Bug: v8:7793
      Change-Id: Ica6468d47847bd68fb6b85f731cf8fbe142fa401
      Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1557151
      Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
      Reviewed-by: 's avatarSigurd Schneider <sigurds@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#60780}
      a9a1a3bb
  15. 25 Jan, 2019 1 commit
  16. 24 Jan, 2019 1 commit
    • Daniel Clifford's avatar
      [torque] Correctly support JSObject allocation with 'new' · 32a92cf5
      Daniel Clifford authored
      This requires honoring the instance size of the object stored in the
      map for JSObject. To do this, allocation is now split into two
      instrinsics, one that calculates the base size of the allocated object
      (%GetAllocationBaseSize) and one that actually allocates (%Allocate).
      
      In the process, remove objects.tq, which only existed to contain a
      macro to fetch the default JSObject map, which is functionality that
      is now in the JSObject class constructor.
      
      Bug: v8:7793
      Change-Id: I426a7943aac67eacad46d4ff39f5c821489a04bc
      Reviewed-on: https://chromium-review.googlesource.com/c/1426959
      Commit-Queue: Daniel Clifford <danno@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#59052}
      32a92cf5
  17. 23 Jan, 2019 1 commit
  18. 22 Jan, 2019 1 commit
  19. 16 Jan, 2019 1 commit
    • Daniel Clifford's avatar
      [torque] Implement methods and constructors for structs and classes · b615dfa5
      Daniel Clifford authored
      With the changes in this patch,	it is now possible to add methods to
      both Torque's class and struct types. As a special case, "constructor"
      methods are used to initialize the values of classes and structs when
      they are constructed.
      
      The functionality in this patch	includes:
      
      - The refactoring of class- and struct-handling code to share field
        and method declaration code between both.
      
      - Addition of the "%Allocate" intrinsic that allocates raw bytes to be
        allocated from the V8 GC's NewSpace heap as the basis for freshly
        created, initialized class objects.
      
      - An implementation of a CallMethodExpression AST node that enables
        calling methods and constructors, including special handling of
        passing through the "this" pointer for method calls on structs by
        reference. The syntax for struct construction using "{}" remains as
        before, but now calls the struct's matching constructor rather than
        implicitly initializing the struct fields with the initialization
        arguments. A new syntax for allocation classes is introduced: "new
        ClassName{constructor_param1, constructor_param1, ...}", which
        de-sugars to an %Allocate call followed by a call to the matching
        constructor.
      
      - class	constructors can use the "super" keyword to initialize	their
        super class.
      
      - If classes and struct do not have a constructor, Torque creates a
        default constructor for them based on their field declarations,
        where each field's initial value is assigned to a same-typed
        parameter to the the default constructor. The default constructor's
        parameters are in field-declaration order, and for derived classes,
        the default constructor automatically uses a "super" initialization
        call to initialize inherited fields.
      
      - Class field declarations now automatically create ".field" and
        ".field=" operators that create CSA-compatible object accessors.
      
      - Addition of a no-argument constructor for JSArrays that creates an
        empty, PACKED_SMI_ELEMENTS JSArray using the machinery added
        elsewhere in this patch.
      
      Bug: v8:7793
      Change-Id: I31ce5f4b444656ab999555d780aeeba605666bfa
      Reviewed-on: https://chromium-review.googlesource.com/c/1392192
      Commit-Queue: Daniel Clifford <danno@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58860}
      b615dfa5
  20. 10 Jan, 2019 1 commit
    • Daniel Clifford's avatar
      [torque]: Class declarations · d0e95c7a
      Daniel Clifford authored
      Class declarations support structured heap data that is a subtype of
      HeapObject. Only fields of Object subtypes (both strong and weak)
      are currently supported (no scalar fields yet).
      
      With this CL, both the field list macro used with the C++
      DEFINE_FIELD_OFFSET_CONSTANTS macro (to make field offset constants) as
      well as the Torque "operator '.field'" macros are generated for the
      classes declared in Torque. This is a first step to removing the
      substantial amount of duplication and boilerplate code
      needed to declare heap object classes.
      
      As a proof of concept, and handful of class field definitions,
      including those for non trivial classes like JSFunction, have been
      moved to Torque.
      
      Bug: v8:7793
      Change-Id: I2fa0b53db65fa6f5fe078fb94e1db3418f908753
      Reviewed-on: https://chromium-review.googlesource.com/c/1373971
      Commit-Queue: Daniel Clifford <danno@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58704}
      d0e95c7a
  21. 17 Dec, 2018 1 commit
    • Jakob Gruber's avatar
      [nojit] Add a kCallBuiltinPointer call kind · f323a5f4
      Jakob Gruber authored
      Currently, Torque's builtin pointers store a Code target underneath and
      callsites generate a kArchCallCodeObject opcode. When embedded builtins
      are enabled, the call thus first calls the on-heap trampoline, which
      finally jumps to the target off-heap builtin code.
      
      This will no longer be possible in jitless mode, since on-heap code must
      not be executable.
      
      As a step towards changing the way builtin pointers are called
      (function pointers will hold the builtin index as a Smi, and callsites
      look up the off-heap target address and jump there), this CL adds a
      dedicated opcode for builtin pointer calls to the compiler pipeline.
      
      The calling mechanism itself is unchanged, changes there will happen
      in a follow-up.
      
      Drive-by: rename 'FunctionPointer' in torque/ to 'BuiltinPointer'.
      
      Bug: v8:7777
      Change-Id: Ic999a1cd7c3172425dd4a1513ae2f50c774faddb
      Reviewed-on: https://chromium-review.googlesource.com/c/1378175Reviewed-by: 's avatarLeszek Swirski <leszeks@chromium.org>
      Reviewed-by: 's avatarTobias Tebbi <tebbi@chromium.org>
      Commit-Queue: Jakob Gruber <jgruber@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#58281}
      f323a5f4
  22. 22 Nov, 2018 1 commit
  23. 21 Nov, 2018 2 commits
  24. 13 Nov, 2018 1 commit
  25. 05 Nov, 2018 1 commit
    • Tobias Tebbi's avatar
      [torque] cleanup generics and scopes · 06c8ce59
      Tobias Tebbi authored
      - Name lookup in module scopes has namespace semantics now: All
        overloads from all parent modules are combined before overload
        resolution.
      - Allow overloads of different callables: runtime-functions,
        macros, builtins, and generics.
      - The duplication between the DeclarationVisitor and the
        ImplementationVisitor is removed: The DeclarationVisitor creates
        declarables for everything except for implicit generic specializations.
        The ImplementationVisitor iterates over declarables.
        The DeclarationVisitor only looks at the header of declarations, not
        at the body.
      - Modules become Declarable's, which will enable them to be nested.
      - Modules replace the existing Scope chain mechanism, which will make it
        easier to inline macros.
      - The DeclarationVisitor and Declarations become stateless. All state is
        moved to contextual variables and the GlobalContext.
      - Implicit specializations are created directly from the
        ImplementationVisitor. This will enable template parameter inference.
      - As a consequence, the list of all builtins is only available after the
        ImplementationVisitor has run. Thus GenerateBuiltinDefinitions has to
        move to the ImplementationVisitor. Also, this makes it necessary to
        resolve the link from function pointer types to example builtins only
        at this point.
      
      
      Bug: v8:7793
      Change-Id: I61cef2fd3e954ab148c252974344a6e38ee2d01d
      Reviewed-on: https://chromium-review.googlesource.com/c/1304294
      Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
      Reviewed-by: 's avatarDaniel Clifford <danno@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#57231}
      06c8ce59
  26. 02 Nov, 2018 1 commit
  27. 31 Oct, 2018 3 commits
  28. 29 Oct, 2018 1 commit
  29. 16 Oct, 2018 1 commit
  30. 04 Oct, 2018 1 commit