Skip to content

Commit 4b86fea

Browse files
bmeurerCommit Bot
bmeurer
authored and
Commit Bot
committed
[typedarray] Move external/data pointer to JSTypedArray.
As the next step in supporting huge typed arrays in V8, this moves the external/data pointer from the FixedTypedArrayBase backing store to the JSTypedArray instance itself, and replaces the special backing stores with a plain ByteArray (removing all the code for the FixedTypedArrayBase class hierarchy). By doing so, we can drastically simplify the system around typed arrays. Note: Several places in the code base used to check the instance type of the elements backing store of a JSTypedArray instead of checking the elements kind on the JSTypedArray map directly. Those had to be fixed, since the backing store is now always a ByteArray. Drive-by-fix: Move all the typed elements access related code into the elements.cc file to properly encapsulate the accesses. Doc: http://doc/1Z-wM2qwvAuxH46e9ivtkYvKzzwYZg8ymm0x0wJaomow Bug: chromium:951196, chromium:965583, v8:4153, v8:7881, v8:9183 Change-Id: I8cc06b190c53e34155000b4560f5f3ef40621646 Cq-Include-Trybots: luci.chromium.try:linux-rel,win7-rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1627535 Commit-Queue: Benedikt Meurer <[email protected]> Reviewed-by: Peter Marshall <[email protected]> Reviewed-by: Ulan Degenbaev <[email protected]> Reviewed-by: Simon Zünd <[email protected]> Cr-Commit-Position: refs/heads/master@{#61855}
1 parent d365f62 commit 4b86fea

69 files changed

Lines changed: 1584 additions & 2529 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

src/api/api.cc

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7237,9 +7237,7 @@ size_t v8::ArrayBufferView::CopyContents(void* dest, size_t byte_length) {
72377237
DCHECK(self->IsJSTypedArray());
72387238
i::Handle<i::JSTypedArray> typed_array(i::JSTypedArray::cast(*self),
72397239
isolate);
7240-
i::Handle<i::FixedTypedArrayBase> fixed_array(
7241-
i::FixedTypedArrayBase::cast(typed_array->elements()), isolate);
7242-
source = reinterpret_cast<char*>(fixed_array->DataPtr());
7240+
source = reinterpret_cast<char*>(typed_array->DataPtr());
72437241
}
72447242
memcpy(dest, source + byte_offset, bytes_to_copy);
72457243
}

src/builtins/array-join.tq

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -383,31 +383,31 @@ namespace array_join {
383383

384384
if (IsElementsKindGreaterThan(kind, UINT32_ELEMENTS)) {
385385
if (kind == INT32_ELEMENTS) {
386-
loadFn = LoadJoinTypedElement<FixedInt32Array>;
386+
loadFn = LoadJoinTypedElement<typed_array::Int32Elements>;
387387
} else if (kind == FLOAT32_ELEMENTS) {
388-
loadFn = LoadJoinTypedElement<FixedFloat32Array>;
388+
loadFn = LoadJoinTypedElement<typed_array::Float32Elements>;
389389
} else if (kind == FLOAT64_ELEMENTS) {
390-
loadFn = LoadJoinTypedElement<FixedFloat64Array>;
390+
loadFn = LoadJoinTypedElement<typed_array::Float64Elements>;
391391
} else if (kind == UINT8_CLAMPED_ELEMENTS) {
392-
loadFn = LoadJoinTypedElement<FixedUint8ClampedArray>;
392+
loadFn = LoadJoinTypedElement<typed_array::Uint8ClampedElements>;
393393
} else if (kind == BIGUINT64_ELEMENTS) {
394-
loadFn = LoadJoinTypedElement<FixedBigUint64Array>;
394+
loadFn = LoadJoinTypedElement<typed_array::BigUint64Elements>;
395395
} else if (kind == BIGINT64_ELEMENTS) {
396-
loadFn = LoadJoinTypedElement<FixedBigInt64Array>;
396+
loadFn = LoadJoinTypedElement<typed_array::BigInt64Elements>;
397397
} else {
398398
unreachable;
399399
}
400400
} else {
401401
if (kind == UINT8_ELEMENTS) {
402-
loadFn = LoadJoinTypedElement<FixedUint8Array>;
402+
loadFn = LoadJoinTypedElement<typed_array::Uint8Elements>;
403403
} else if (kind == INT8_ELEMENTS) {
404-
loadFn = LoadJoinTypedElement<FixedInt8Array>;
404+
loadFn = LoadJoinTypedElement<typed_array::Int8Elements>;
405405
} else if (kind == UINT16_ELEMENTS) {
406-
loadFn = LoadJoinTypedElement<FixedUint16Array>;
406+
loadFn = LoadJoinTypedElement<typed_array::Uint16Elements>;
407407
} else if (kind == INT16_ELEMENTS) {
408-
loadFn = LoadJoinTypedElement<FixedInt16Array>;
408+
loadFn = LoadJoinTypedElement<typed_array::Int16Elements>;
409409
} else if (kind == UINT32_ELEMENTS) {
410-
loadFn = LoadJoinTypedElement<FixedUint32Array>;
410+
loadFn = LoadJoinTypedElement<typed_array::Uint32Elements>;
411411
} else {
412412
unreachable;
413413
}

src/builtins/base.tq

Lines changed: 15 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -533,16 +533,9 @@ extern class JSBoundFunction extends JSObject {
533533

534534
type Callable = JSFunction | JSBoundFunction | JSProxy;
535535

536-
extern class FixedTypedArrayBase extends FixedArrayBase {
537-
base_pointer: Smi;
538-
external_pointer: RawPtr;
539-
}
540536
extern operator '.length_intptr' macro LoadAndUntagFixedArrayBaseLength(
541537
FixedArrayBase): intptr;
542538

543-
type FixedTypedArray extends FixedTypedArrayBase
544-
generates 'TNode<FixedTypedArray>';
545-
546539
type SloppyArgumentsElements extends FixedArray;
547540
type NumberDictionary extends HeapObject
548541
generates 'TNode<NumberDictionary>';
@@ -611,8 +604,7 @@ extern class JSArrayBufferView extends JSObject {
611604
}
612605

613606
extern class JSTypedArray extends JSArrayBufferView {
614-
AttachOffHeapBuffer(buffer: JSArrayBuffer, map: Map, byteOffset: uintptr):
615-
void {
607+
AttachOffHeapBuffer(buffer: JSArrayBuffer, byteOffset: uintptr): void {
616608
const basePointer: Smi = 0;
617609

618610
// The max byteOffset is 8 * MaxSmi on the particular platform. 32 bit
@@ -630,16 +622,15 @@ extern class JSTypedArray extends JSArrayBufferView {
630622
IsMockArrayBufferAllocatorFlag() ||
631623
Convert<uintptr>(externalPointer) >= Convert<uintptr>(backingStore));
632624

625+
this.elements = kEmptyByteArray;
633626
this.buffer = buffer;
634-
this.elements = new FixedTypedArrayBase{
635-
map,
636-
length: 0,
637-
base_pointer: basePointer,
638-
external_pointer: externalPointer
639-
};
627+
this.external_pointer = externalPointer;
628+
this.base_pointer = basePointer;
640629
}
641630

642631
length: uintptr;
632+
external_pointer: RawPtr;
633+
base_pointer: ByteArray | Smi;
643634
}
644635

645636
@noVerifier
@@ -746,7 +737,7 @@ extern class PropertyCell extends HeapObject {
746737
dependent_code: DependentCode;
747738
}
748739

749-
extern class JSDataView extends JSArrayBufferView {}
740+
extern class JSDataView extends JSArrayBufferView { data_pointer: RawPtr; }
750741

751742
type ElementsKind generates 'TNode<Int32T>' constexpr 'ElementsKind';
752743
type LanguageMode extends Smi constexpr 'LanguageMode';
@@ -955,18 +946,6 @@ const kWithSlackTracking: constexpr SlackTrackingMode
955946
const kNoSlackTracking: constexpr SlackTrackingMode
956947
generates 'SlackTrackingMode::kNoSlackTracking';
957948

958-
type FixedUint8Array extends FixedTypedArray;
959-
type FixedInt8Array extends FixedTypedArray;
960-
type FixedUint16Array extends FixedTypedArray;
961-
type FixedInt16Array extends FixedTypedArray;
962-
type FixedUint32Array extends FixedTypedArray;
963-
type FixedInt32Array extends FixedTypedArray;
964-
type FixedFloat32Array extends FixedTypedArray;
965-
type FixedFloat64Array extends FixedTypedArray;
966-
type FixedUint8ClampedArray extends FixedTypedArray;
967-
type FixedBigUint64Array extends FixedTypedArray;
968-
type FixedBigInt64Array extends FixedTypedArray;
969-
970949
const kFixedDoubleArrays: constexpr ExtractFixedArrayFlags
971950
generates 'CodeStubAssembler::ExtractFixedArrayFlag::kFixedDoubleArrays';
972951
const kAllFixedArrays: constexpr ExtractFixedArrayFlags
@@ -978,6 +957,8 @@ const kFixedArrayMapRootIndex:
978957
constexpr RootIndex generates 'RootIndex::kFixedArrayMap';
979958
const kFixedCOWArrayMapRootIndex:
980959
constexpr RootIndex generates 'RootIndex::kFixedCOWArrayMap';
960+
const kEmptyByteArrayRootIndex:
961+
constexpr RootIndex generates 'RootIndex::kEmptyByteArray';
981962
const kEmptyFixedArrayRootIndex:
982963
constexpr RootIndex generates 'RootIndex::kEmptyFixedArray';
983964
const kTheHoleValueRootIndex:
@@ -1020,8 +1001,8 @@ const kPropertyNotFunction: constexpr MessageTemplate
10201001

10211002
const kMaxArrayIndex:
10221003
constexpr uint32 generates 'JSArray::kMaxArrayIndex';
1023-
const kTypedArrayMaxByteLength:
1024-
constexpr uintptr generates 'FixedTypedArrayBase::kMaxByteLength';
1004+
const kArrayBufferMaxByteLength:
1005+
constexpr uintptr generates 'JSArrayBuffer::kMaxByteLength';
10251006
const V8_TYPED_ARRAY_MAX_SIZE_IN_HEAP:
10261007
constexpr int31 generates 'V8_TYPED_ARRAY_MAX_SIZE_IN_HEAP';
10271008
const kMaxSafeInteger: constexpr float64 generates 'kMaxSafeInteger';
@@ -1030,8 +1011,6 @@ const kSmiMax: uintptr = kSmiMaxValue;
10301011
const kStringMaxLength: constexpr int31 generates 'String::kMaxLength';
10311012
const kFixedArrayMaxLength:
10321013
constexpr int31 generates 'FixedArray::kMaxLength';
1033-
const kFixedTypedArrayBaseHeaderSize: constexpr intptr
1034-
generates 'FixedTypedArrayBase::kHeaderSize';
10351014
const kObjectAlignmentMask: constexpr intptr
10361015
generates 'kObjectAlignmentMask';
10371016
const kMinAddedElementsCapacity:
@@ -1438,7 +1417,6 @@ extern transitioning runtime TransitionElementsKindWithKind(
14381417
extern macro LoadBufferObject(RawPtr, constexpr int32): Object;
14391418
extern macro LoadBufferPointer(RawPtr, constexpr int32): RawPtr;
14401419
extern macro LoadBufferSmi(RawPtr, constexpr int32): Smi;
1441-
extern macro LoadFixedTypedArrayOnHeapBackingStore(FixedTypedArrayBase): RawPtr;
14421420

14431421
extern macro LoadRoot(constexpr RootIndex): Object;
14441422
extern macro StoreRoot(constexpr RootIndex, Object): Object;
@@ -1821,12 +1799,6 @@ Cast<NumberDictionary>(o: HeapObject): NumberDictionary
18211799
goto CastError;
18221800
}
18231801

1824-
Cast<FixedTypedArrayBase>(o: HeapObject): FixedTypedArrayBase
1825-
labels CastError {
1826-
if (IsFixedTypedArray(o)) return %RawDownCast<FixedTypedArrayBase>(o);
1827-
goto CastError;
1828-
}
1829-
18301802
Cast<String>(o: HeapObject): String
18311803
labels CastError {
18321804
return HeapObjectToString(o) otherwise CastError;
@@ -2282,6 +2254,8 @@ UnsafeCast<Object>(o: Object): Object {
22822254
const kFixedArrayMap: Map =
22832255
%RawDownCast<Map>(LoadRoot(kFixedArrayMapRootIndex));
22842256
const kCOWMap: Map = %RawDownCast<Map>(LoadRoot(kFixedCOWArrayMapRootIndex));
2257+
const kEmptyByteArray: ByteArray =
2258+
%RawDownCast<ByteArray>(LoadRoot(kEmptyByteArrayRootIndex));
22852259
const kEmptyFixedArray: FixedArray =
22862260
%RawDownCast<FixedArray>(LoadRoot(kEmptyFixedArrayRootIndex));
22872261

@@ -2296,8 +2270,8 @@ extern macro IsMockArrayBufferAllocatorFlag(): bool;
22962270
extern macro IsPrototypeTypedArrayPrototype(implicit context: Context)(Map):
22972271
bool;
22982272

2299-
extern operator '.data_ptr' macro TypedArrayBuiltinsAssembler::LoadDataPtr(
2300-
JSTypedArray): RawPtr;
2273+
extern operator '.data_ptr' macro LoadJSTypedArrayBackingStore(JSTypedArray):
2274+
RawPtr;
23012275

23022276
extern operator '.elements_kind' macro LoadMapElementsKind(Map): ElementsKind;
23032277
extern operator '.elements_kind' macro LoadElementsKind(JSTypedArray):
@@ -2701,7 +2675,6 @@ extern macro IsJSFunction(HeapObject): bool;
27012675
extern macro IsJSObject(HeapObject): bool;
27022676
extern macro IsJSTypedArray(HeapObject): bool;
27032677
extern macro IsNumberDictionary(HeapObject): bool;
2704-
extern macro IsFixedTypedArray(HeapObject): bool;
27052678
extern macro IsContext(HeapObject): bool;
27062679
extern macro IsJSReceiver(HeapObject): bool;
27072680
extern macro TaggedIsCallable(Object): bool;

src/builtins/builtins-array-gen.cc

Lines changed: 13 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -46,8 +46,7 @@ ArrayBuiltinsAssembler::ArrayBuiltinsAssembler(
4646
CSA_ASSERT(this, UintPtrLessThanOrEqual(SmiUntag(CAST(len_)),
4747
LoadJSTypedArrayLength(a)));
4848
fast_typed_array_target_ =
49-
Word32Equal(LoadInstanceType(LoadElements(original_array)),
50-
LoadInstanceType(LoadElements(a)));
49+
Word32Equal(LoadElementsKind(original_array), LoadElementsKind(a));
5150
a_.Bind(a);
5251
}
5352

@@ -151,8 +150,8 @@ ArrayBuiltinsAssembler::ArrayBuiltinsAssembler(
151150
Label throw_not_typed_array(this, Label::kDeferred);
152151

153152
GotoIf(TaggedIsSmi(receiver_), &throw_not_typed_array);
154-
GotoIfNot(HasInstanceType(CAST(receiver_), JS_TYPED_ARRAY_TYPE),
155-
&throw_not_typed_array);
153+
TNode<Map> typed_array_map = LoadMap(CAST(receiver_));
154+
GotoIfNot(IsJSTypedArrayMap(typed_array_map), &throw_not_typed_array);
156155

157156
TNode<JSTypedArray> typed_array = CAST(receiver_);
158157
o_ = typed_array;
@@ -179,13 +178,13 @@ ArrayBuiltinsAssembler::ArrayBuiltinsAssembler(
179178
BIND(&unexpected_instance_type);
180179
Unreachable();
181180

182-
std::vector<int32_t> instance_types = {
183-
#define INSTANCE_TYPE(Type, type, TYPE, ctype) FIXED_##TYPE##_ARRAY_TYPE,
184-
TYPED_ARRAYS(INSTANCE_TYPE)
185-
#undef INSTANCE_TYPE
181+
std::vector<int32_t> elements_kinds = {
182+
#define ELEMENTS_KIND(Type, type, TYPE, ctype) TYPE##_ELEMENTS,
183+
TYPED_ARRAYS(ELEMENTS_KIND)
184+
#undef ELEMENTS_KIND
186185
};
187186
std::list<Label> labels;
188-
for (size_t i = 0; i < instance_types.size(); ++i) {
187+
for (size_t i = 0; i < elements_kinds.size(); ++i) {
189188
labels.emplace_back(this);
190189
}
191190
std::vector<Label*> label_ptrs;
@@ -203,16 +202,15 @@ ArrayBuiltinsAssembler::ArrayBuiltinsAssembler(
203202
k_.Bind(NumberDec(len()));
204203
}
205204
CSA_ASSERT(this, IsSafeInteger(k()));
206-
Node* instance_type = LoadInstanceType(LoadElements(typed_array));
207-
Switch(instance_type, &unexpected_instance_type, instance_types.data(),
205+
TNode<Int32T> elements_kind = LoadMapElementsKind(typed_array_map);
206+
Switch(elements_kind, &unexpected_instance_type, elements_kinds.data(),
208207
label_ptrs.data(), labels.size());
209208

210209
size_t i = 0;
211210
for (auto it = labels.begin(); it != labels.end(); ++i, ++it) {
212211
BIND(&*it);
213212
Label done(this);
214-
source_elements_kind_ = ElementsKindForInstanceType(
215-
static_cast<InstanceType>(instance_types[i]));
213+
source_elements_kind_ = static_cast<ElementsKind>(elements_kinds[i]);
216214
// TODO(tebbi): Silently cancelling the loop on buffer detachment is a
217215
// spec violation. Should go to &throw_detached and throw a TypeError
218216
// instead.
@@ -226,35 +224,14 @@ ArrayBuiltinsAssembler::ArrayBuiltinsAssembler(
226224
}
227225
}
228226

229-
ElementsKind ArrayBuiltinsAssembler::ElementsKindForInstanceType(
230-
InstanceType type) {
231-
switch (type) {
232-
#define INSTANCE_TYPE_TO_ELEMENTS_KIND(Type, type, TYPE, ctype) \
233-
case FIXED_##TYPE##_ARRAY_TYPE: \
234-
return TYPE##_ELEMENTS;
235-
236-
TYPED_ARRAYS(INSTANCE_TYPE_TO_ELEMENTS_KIND)
237-
#undef INSTANCE_TYPE_TO_ELEMENTS_KIND
238-
239-
default:
240-
UNREACHABLE();
241-
}
242-
}
243-
244227
void ArrayBuiltinsAssembler::VisitAllTypedArrayElements(
245228
Node* array_buffer, const CallResultProcessor& processor, Label* detached,
246229
ForEachDirection direction, TNode<JSTypedArray> typed_array) {
247230
VariableList list({&a_, &k_, &to_}, zone());
248231

249232
FastLoopBody body = [&](Node* index) {
250233
GotoIf(IsDetachedBuffer(array_buffer), detached);
251-
Node* elements = LoadElements(typed_array);
252-
Node* base_ptr =
253-
LoadObjectField(elements, FixedTypedArrayBase::kBasePointerOffset);
254-
Node* external_ptr =
255-
LoadObjectField(elements, FixedTypedArrayBase::kExternalPointerOffset,
256-
MachineType::Pointer());
257-
Node* data_ptr = IntPtrAdd(BitcastTaggedToWord(base_ptr), external_ptr);
234+
TNode<RawPtrT> data_ptr = LoadJSTypedArrayBackingStore(typed_array);
258235
Node* value = LoadFixedTypedArrayElementAsTagged(
259236
data_ptr, index, source_elements_kind_, SMI_PARAMETERS);
260237
k_.Bind(index);
@@ -1668,14 +1645,7 @@ TF_BUILTIN(ArrayIteratorPrototypeNext, CodeStubAssembler) {
16681645
&allocate_iterator_result);
16691646

16701647
TNode<Int32T> elements_kind = LoadMapElementsKind(array_map);
1671-
Node* elements = LoadElements(CAST(array));
1672-
Node* base_ptr =
1673-
LoadObjectField(elements, FixedTypedArrayBase::kBasePointerOffset);
1674-
Node* external_ptr =
1675-
LoadObjectField(elements, FixedTypedArrayBase::kExternalPointerOffset,
1676-
MachineType::Pointer());
1677-
TNode<WordT> data_ptr =
1678-
IntPtrAdd(BitcastTaggedToWord(base_ptr), external_ptr);
1648+
TNode<RawPtrT> data_ptr = LoadJSTypedArrayBackingStore(CAST(array));
16791649
var_value.Bind(LoadFixedTypedArrayElementAsTagged(data_ptr, CAST(index),
16801650
elements_kind));
16811651
Goto(&allocate_entry_if_needed);

0 commit comments

Comments
 (0)