AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
a7d6bf9662
v8/test/cctest/test-feedback-vector.cc
Joyee Cheung 0d1ffe30f8 [ic] name Set/Define/Store property operations more consistently 
For background and reasoning, see
https://docs.google.com/document/d/1jvSEvXFHRkxg4JX-j6ho3nRqAF8vZI2Ai7RI8AY54gM/edit
This is the first step towards pulling the DefineNamedOwn operation out
of StoreIC.

Summary of the renamed identifiers:

Bytecodes:

- StaNamedProperty -> SetNamedProperty: calls StoreIC and emitted for
  normal named property sets like obj.x = 1.
- StaNamedOwnProperty -> DefineNamedOwnProperty: calls
  DefineNamedOwnIC (previously StoreOwnIC), and emitted for
  initialization of named properties in object literals and named
  public class fields.
- StaKeyedProperty -> SetKeyedProperty: calls KeyedStoreIC and emitted
  for keyed property sets like obj[x] = 1.
- StaKeyedPropertyAsDefine -> DefineKeyedOwnProperty: calls
  DefineKeyedOwnIC (previously KeyedDefineOwnIC) and emitted for
  initialization of private class fields and computed public class
  fields.
- StaDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral: calls
  DefineKeyedOwnPropertyInLiteral runtime function (previously
  DefineDataPropertyInLiteral) and emitted for initialization of keyed
  properties in object literals and static class initializers. (note
  that previously the StoreDataPropertyInLiteral runtime function name
  was taken by object spreads and array literal creation instead)
- LdaKeyedProperty -> GetKeyedProperty, LdaNamedProperty ->
  GetNamedProperty, LdaNamedPropertyFromSuper ->
  GetNamedPropertyFromSuper: we drop the Sta prefix for the property
  store operations since the accumulator use is implicit and to make
  the wording more natural, for symmetry the Lda prefix for the
  property load operations is also dropped.

opcodes:

- (JS)StoreNamed -> (JS)SetNamedProperty: implements set semantics for
  named properties, compiled from SetNamedProperty (previously
  StaNamedProperty) and lowers to StoreIC or Runtime::kSetNamedProperty
- (JS)StoreNamedOwn -> (JS)DefineNamedOwnProperty: implements define
  semantics for initializing named own properties in object literal and
  public class fields, compiled from DefineNamedOwnProperty (previously
  StaNamedOwnProperty) and lowers to DefineNamedOwnIC
  (previously StoreOwnIC)
- (JS)StoreProperty -> (JS)SetKeyedProperty: implements set semantics
  for keyed properties, only compiled from SetKeyedProperty(previously
  StaKeyedProperty) and lowers to KeyedStoreIC
- (JS)DefineProperty -> (JS)DefineKeyedOwnProperty: implements define
  semantics for initialization of private class fields and computed
  public class fields, compiled from DefineKeyedOwnProperty (previously
  StaKeyedPropertyAsDefine) and calls DefineKeyedOwnIC (previously
  KeyedDefineOwnIC).
- (JS)StoreDataPropertyInLiteral ->
  (JS)DefineKeyedOwnPropertyInLiteral: implements define semantics for
  initialization of keyed properties in object literals and static
  class initializers, compiled from DefineKeyedOwnPropertyInLiteral
  (previously StaDataPropertyInLiteral) and calls the
  DefineKeyedOwnPropertyInLiteral runtime function (previously
  DefineDataPropertyInLiteral).

Runtime:
- DefineDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral:
  following the bytecode/opcodes change, this is used by
  DefineKeyedOwnPropertyInLiteral (previously StaDataPropertyInLiteral)
  for object and class literal initialization.
- StoreDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral_Simple:
  it's just a simplified version of DefineDataPropertyInLiteral that
  does not update feedback or perform function name configuration.
  This is used by object spread and array literal creation. Since we
  are renaming DefineDataPropertyInLiteral to
  DefineKeyedOwnPropertyInLiteral, rename this simplified version with
  a `_Simple` suffix. We can consider merging it into
  DefineKeyedOwnPropertyInLiteral in the future. See
  https://docs.google.com/document/d/1jvSEvXFHRkxg4JX-j6ho3nRqAF8vZI2Ai7RI8AY54gM/edit?disco=AAAAQQIz6mU
- Other changes following the bytecode/IR changes

IC:

- StoreOwn -> DefineNamedOwn: used for initialization of named
  properties in object literals and named public class fields.
  - StoreOwnIC -> DefineNamedOwnIC
  - StoreMode::kStoreOwn -> StoreMode::kDefineNamedOwn
  - StoreICMode::kStoreOwn -> StoreICMode::kDefineNamedOwn
  - IsStoreOwn() -> IsDefineNamedOwn()
- DefineOwn -> DefineKeyedOwn: IsDefineOwnIC() was already just
  IsDefineKeyedOwnIC(), and IsAnyDefineOwn() includes both named and
  keyed defines so we don't need an extra generic predicate.
  - StoreMode::kDefineOwn -> StoreMode::kDefineKeyedOwn
  - StoreICMode::kDefineOwn -> StoreICMode::kDefineKeyedOwn
  - IsDefineOwn() -> IsDefineKeyedOwn()
  - IsDefineOwnIC() -> IsDefineKeyedOwnIC()
  - Removing IsKeyedDefineOwnIC() as its now a duplicate of
    IsDefineKeyedOwnIC()
- KeyedDefineOwnIC -> DefineKeyedOwnIC,
  KeyedDefineOwnGenericGenerator() -> DefineKeyedOwnGenericGenerator:
  make the ordering of terms more consistent
- IsAnyStoreOwn() -> IsAnyDefineOwn(): this includes the renamed and
  DefineNamedOwn and DefineKeyedOwn. Also is_any_store_own() is
  removed since it's just a duplicate of this.
- IsKeyedStoreOwn() -> IsDefineNamedOwn(): it's unclear where the
  "keyed" part came from, but it's only used when DefineNamedOwnIC
  (previously StoreOwnIC) reuses KeyedStoreIC, so rename it accordingly

Interpreter & compiler:
- BytecodeArrayBuilder: following bytecode changes
    - StoreNamedProperty -> SetNamedProperty
  - StoreNamedOwnProperty -> DefineNamedOwnProperty
  - StoreKeyedProperty -> SetKeyedProperty
  - DefineKeyedProperty -> DefineKeyedOwnProperty
  - StoreDataPropertyInLiteral -> DefineKeyedOwnPropertyInLiteral
- FeedbackSlotKind:
  - kDefineOwnKeyed -> kDefineKeyedOwn: make the ordering of terms more
    consistent
  - kStoreOwnNamed -> kDefineNamedOwn: following the IC change
  - kStoreNamed{Sloppy|Strict} -> kSetNamed{Sloppy|Strict}: only
    used in StoreIC for set semantics
  - kStoreKeyed{Sloppy|Strict} -> kSetKeyed{Sloppy|Strict}: only used
    in KeyedStoreIC for set semantics
  - kStoreDataPropertyInLiteral -> kDefineKeyedOwnPropertyInLiteral:
    following the IC change
- BytecodeGraphBuilder
  - StoreMode::kNormal, kOwn -> NamedStoreMode::kSet, kDefineOwn: this
    is only used by BytecodeGraphBuilder::BuildNamedStore() to tell the
    difference between SetNamedProperty and DefineNamedOwnProperty
    operations.

Not changed:

- StoreIC and KeyedStoreIC currently contain mixed logic for both Set
  and Define operations, and the paths are controlled by feedback. The
  plan is to refactor the hierarchy like this:
  ```
  - StoreIC
    - DefineNamedOwnIC
    - SetNamedIC (there could also be a NamedStoreIC if that's helpful)
    - KeyedStoreIC
      - SetKeyedIC
      - DefineKeyedOwnIC
      - DefineKeyedOwnICLiteral (could be merged into DefineKeyedOwnIC)
      - StoreInArrayLiteralIC
    - ...
  ```
  StoreIC and KeyedStoreIC would then contain helpers shared by their
  subclasses, therefore it still makes sense to keep the word "Store"
  in their names since they would be generic base classes for both set
  and define operations.
- The Lda and Sta prefixes of bytecodes not involving object properties
  (e.g. Ldar, Star, LdaZero) are kept, since this patch focuses on
  property operations, and distinction between Set and Define might be
  less relevant or nonexistent for bytecodes not involving object
  properties. We could consider rename some of them in future patches
  if that's helpful though.

Bug: v8:12548
Change-Id: Ia36997b02f59a87da3247f20e0560a7eb13077f3
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3481475
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Shu-yu Guo <syg@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#79409}
2022-03-08 18:48:16 +00:00

827 lines
27 KiB
C++
Raw Blame History

// Copyright 2014 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/init/v8.h"
#include "test/cctest/cctest.h"
#include "src/api/api-inl.h"
#include "src/codegen/macro-assembler.h"
#include "src/debug/debug.h"
#include "src/execution/execution.h"
#include "src/handles/global-handles.h"
#include "src/heap/factory.h"
#include "src/objects/feedback-cell-inl.h"
#include "src/objects/objects-inl.h"
#include "test/cctest/test-feedback-vector.h"
namespace v8 {
namespace internal {
namespace {
#define CHECK_SLOT_KIND(helper, index, expected_kind) \
CHECK_EQ(expected_kind, helper.vector()->GetKind(helper.slot(index)));
static Handle<JSFunction> GetFunction(const char* name) {
v8::MaybeLocal<v8::Value> v8_f = CcTest::global()->Get(
CcTest::isolate()->GetCurrentContext(), v8_str(name));
Handle<JSFunction> f =
Handle<JSFunction>::cast(v8::Utils::OpenHandle(*v8_f.ToLocalChecked()));
return f;
}
TEST(VectorStructure) {
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
Factory* factory = isolate->factory();
Zone zone(isolate->allocator(), ZONE_NAME);
Handle<FeedbackVector> vector;
{
FeedbackVectorSpec one_slot(&zone);
one_slot.AddForInSlot();
vector = NewFeedbackVector(isolate, &one_slot);
FeedbackVectorHelper helper(vector);
CHECK_EQ(1, helper.slot_count());
}
{
FeedbackVectorSpec one_icslot(&zone);
one_icslot.AddCallICSlot();
vector = NewFeedbackVector(isolate, &one_icslot);
FeedbackVectorHelper helper(vector);
CHECK_EQ(1, helper.slot_count());
}
{
FeedbackVectorSpec spec(&zone);
for (int i = 0; i < 3; i++) {
spec.AddForInSlot();
}
for (int i = 0; i < 5; i++) {
spec.AddCallICSlot();
}
vector = NewFeedbackVector(isolate, &spec);
FeedbackVectorHelper helper(vector);
CHECK_EQ(8, helper.slot_count());
int index = vector->GetIndex(helper.slot(0));
CHECK_EQ(helper.slot(0), vector->ToSlot(index));
index = vector->GetIndex(helper.slot(3));
CHECK_EQ(helper.slot(3), vector->ToSlot(index));
index = vector->GetIndex(helper.slot(7));
CHECK_EQ(3 + 4 * FeedbackMetadata::GetSlotSize(FeedbackSlotKind::kCall),
index);
CHECK_EQ(helper.slot(7), vector->ToSlot(index));
CHECK_EQ(3 + 5 * FeedbackMetadata::GetSlotSize(FeedbackSlotKind::kCall),
vector->length());
}
{
FeedbackVectorSpec spec(&zone);
spec.AddForInSlot();
spec.AddCreateClosureSlot();
spec.AddForInSlot();
vector = NewFeedbackVector(isolate, &spec);
FeedbackVectorHelper helper(vector);
FeedbackCell cell = *vector->GetClosureFeedbackCell(0);
CHECK_EQ(cell.value(), *factory->undefined_value());
}
}
// IC slots need an encoding to recognize what is in there.
TEST(VectorICMetadata) {
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
Zone zone(isolate->allocator(), ZONE_NAME);
FeedbackVectorSpec spec(&zone);
// Set metadata.
for (int i = 0; i < 40; i++) {
switch (i % 4) {
case 0:
spec.AddForInSlot();
break;
case 1:
spec.AddCallICSlot();
break;
case 2:
spec.AddLoadICSlot();
break;
case 3:
spec.AddKeyedLoadICSlot();
break;
}
}
Handle<FeedbackVector> vector = NewFeedbackVector(isolate, &spec);
FeedbackVectorHelper helper(vector);
CHECK_EQ(40, helper.slot_count());
// Meanwhile set some feedback values and type feedback values to
// verify the data structure remains intact.
vector->SynchronizedSet(FeedbackSlot(0), MaybeObject::FromObject(*vector));
// Verify the metadata is correctly set up from the spec.
for (int i = 0; i < 40; i++) {
FeedbackSlotKind kind = vector->GetKind(helper.slot(i));
switch (i % 4) {
case 0:
CHECK_EQ(FeedbackSlotKind::kForIn, kind);
break;
case 1:
CHECK_EQ(FeedbackSlotKind::kCall, kind);
break;
case 2:
CHECK_EQ(FeedbackSlotKind::kLoadProperty, kind);
break;
case 3:
CHECK_EQ(FeedbackSlotKind::kLoadKeyed, kind);
break;
}
}
}
TEST(VectorCallICStates) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"function foo() { return 17; };"
"%EnsureFeedbackVectorForFunction(f);"
"function f(a) { a(); } f(foo);");
Handle<JSFunction> f = GetFunction("f");
// There should be one IC.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CompileRun("f(function() { return 16; })");
CHECK_EQ(InlineCacheState::GENERIC, nexus.ic_state());
// After a collection, state should remain GENERIC.
CcTest::CollectAllGarbage();
CHECK_EQ(InlineCacheState::GENERIC, nexus.ic_state());
}
// Test the Call IC states transfer with Function.prototype.apply
TEST(VectorCallICStateApply) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"var F;"
"%EnsureFeedbackVectorForFunction(foo);"
"function foo() { return F.apply(null, arguments); }"
"F = Math.min;"
"foo();");
Handle<JSFunction> foo = GetFunction("foo");
Handle<JSFunction> F = GetFunction("F");
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(foo->feedback_vector(), isolate);
FeedbackSlot slot(4);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK_EQ(CallFeedbackContent::kReceiver, nexus.GetCallFeedbackContent());
HeapObject heap_object;
CHECK(nexus.GetFeedback()->GetHeapObjectIfWeak(&heap_object));
CHECK_EQ(*F, heap_object);
CompileRun(
"F = Math.max;"
"foo();");
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK_EQ(CallFeedbackContent::kTarget, nexus.GetCallFeedbackContent());
CHECK(nexus.GetFeedback()->GetHeapObjectIfWeak(&heap_object));
CHECK_EQ(*isolate->function_prototype_apply(), heap_object);
CompileRun(
"F.apply = (function () { return; });"
"foo();");
CHECK_EQ(InlineCacheState::GENERIC, nexus.ic_state());
}
TEST(VectorCallFeedback) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"function foo() { return 17; }"
"%EnsureFeedbackVectorForFunction(f);"
"function f(a) { a(); } f(foo);");
Handle<JSFunction> f = GetFunction("f");
Handle<JSFunction> foo = GetFunction("foo");
// There should be one IC.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
HeapObject heap_object;
CHECK(nexus.GetFeedback()->GetHeapObjectIfWeak(&heap_object));
CHECK_EQ(*foo, heap_object);
CcTest::CollectAllGarbage();
// It should stay monomorphic even after a GC.
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
}
TEST(VectorPolymorphicCallFeedback) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
FLAG_lazy_feedback_allocation = false;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure the call feedback of a() in f() becomes polymorphic.
CompileRun(
"function foo_maker() { return () => { return 17; } }"
"a_foo = foo_maker();"
"function f(a) { a(); } f(foo_maker());"
"f(foo_maker());");
Handle<JSFunction> f = GetFunction("f");
Handle<JSFunction> a_foo = GetFunction("a_foo");
// There should be one IC.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::POLYMORPHIC, nexus.ic_state());
HeapObject heap_object;
CHECK(nexus.GetFeedback()->GetHeapObjectIfWeak(&heap_object));
CHECK(heap_object.IsFeedbackCell(isolate));
// Ensure this is the feedback cell for the closure returned by
// foo_maker.
CHECK_EQ(heap_object, a_foo->raw_feedback_cell());
}
TEST(VectorCallFeedbackForArray) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"function f(a) { a(); };"
"%EnsureFeedbackVectorForFunction(f);"
"f(Array);");
Handle<JSFunction> f = GetFunction("f");
// There should be one IC.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
HeapObject heap_object;
CHECK(nexus.GetFeedback()->GetHeapObjectIfWeak(&heap_object));
CHECK_EQ(*isolate->array_function(), heap_object);
CcTest::CollectAllGarbage();
// It should stay monomorphic even after a GC.
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
}
TEST(VectorCallCounts) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"function foo() { return 17; }"
"%EnsureFeedbackVectorForFunction(f);"
"function f(a) { a(); } f(foo);");
Handle<JSFunction> f = GetFunction("f");
// There should be one IC.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CompileRun("f(foo); f(foo);");
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK_EQ(3, nexus.GetCallCount());
// Send the IC megamorphic, but we should still have incrementing counts.
CompileRun("f(function() { return 12; });");
CHECK_EQ(InlineCacheState::GENERIC, nexus.ic_state());
CHECK_EQ(4, nexus.GetCallCount());
}
TEST(VectorConstructCounts) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"function Foo() {}"
"%EnsureFeedbackVectorForFunction(f);"
"function f(a) { new a(); } f(Foo);");
Handle<JSFunction> f = GetFunction("f");
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK(feedback_vector->Get(slot)->IsWeak());
CompileRun("f(Foo); f(Foo);");
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK_EQ(3, nexus.GetCallCount());
// Send the IC megamorphic, but we should still have incrementing counts.
CompileRun("f(function() {});");
CHECK_EQ(InlineCacheState::GENERIC, nexus.ic_state());
CHECK_EQ(4, nexus.GetCallCount());
}
TEST(VectorSpeculationMode) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"function Foo() {}"
"%EnsureFeedbackVectorForFunction(f);"
"function f(a) { new a(); } f(Foo);");
Handle<JSFunction> f = GetFunction("f");
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(SpeculationMode::kAllowSpeculation, nexus.GetSpeculationMode());
CompileRun("f(Foo); f(Foo);");
CHECK_EQ(3, nexus.GetCallCount());
CHECK_EQ(SpeculationMode::kAllowSpeculation, nexus.GetSpeculationMode());
nexus.SetSpeculationMode(SpeculationMode::kDisallowSpeculation);
CHECK_EQ(SpeculationMode::kDisallowSpeculation, nexus.GetSpeculationMode());
CHECK_EQ(3, nexus.GetCallCount());
nexus.SetSpeculationMode(SpeculationMode::kAllowSpeculation);
CHECK_EQ(SpeculationMode::kAllowSpeculation, nexus.GetSpeculationMode());
CHECK_EQ(3, nexus.GetCallCount());
}
TEST(VectorCallSpeculationModeAndFeedbackContent) {
if (!i::FLAG_use_ic) return;
if (!i::FLAG_opt) return;
if (i::FLAG_always_opt) return;
if (i::FLAG_jitless) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
CompileRun(
"function min() { return Math.min.apply(null, arguments); }"
"function f(x) { return min(x, 0); }"
"%PrepareFunctionForOptimization(min);"
"%PrepareFunctionForOptimization(f);"
"f(1);");
Handle<JSFunction> min = GetFunction("min");
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(min->feedback_vector(), isolate);
FeedbackSlot slot(6);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK_EQ(SpeculationMode::kAllowSpeculation, nexus.GetSpeculationMode());
CHECK_EQ(CallFeedbackContent::kReceiver, nexus.GetCallFeedbackContent());
CompileRun("%OptimizeFunctionOnNextCall(f); f(1);");
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK_EQ(SpeculationMode::kAllowSpeculation, nexus.GetSpeculationMode());
CHECK_EQ(CallFeedbackContent::kReceiver, nexus.GetCallFeedbackContent());
CompileRun("f({});"); // Deoptimizes.
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
CHECK_EQ(SpeculationMode::kDisallowSpeculation, nexus.GetSpeculationMode());
CHECK_EQ(CallFeedbackContent::kReceiver, nexus.GetCallFeedbackContent());
}
TEST(VectorLoadICStates) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"var o = { foo: 3 };"
"%EnsureFeedbackVectorForFunction(f);"
"function f(a) { return a.foo; } f(o);");
Handle<JSFunction> f = GetFunction("f");
// There should be one IC.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
// Verify that the monomorphic map is the one we expect.
v8::MaybeLocal<v8::Value> v8_o =
CcTest::global()->Get(context.local(), v8_str("o"));
Handle<JSObject> o =
Handle<JSObject>::cast(v8::Utils::OpenHandle(*v8_o.ToLocalChecked()));
CHECK_EQ(o->map(), nexus.GetFirstMap());
// Now go polymorphic.
CompileRun("f({ blarg: 3, foo: 2 })");
CHECK_EQ(InlineCacheState::POLYMORPHIC, nexus.ic_state());
CompileRun(
"delete o.foo;"
"f(o)");
CHECK_EQ(InlineCacheState::POLYMORPHIC, nexus.ic_state());
CompileRun("f({ blarg: 3, torino: 10, foo: 2 })");
CHECK_EQ(InlineCacheState::POLYMORPHIC, nexus.ic_state());
MapHandles maps;
nexus.ExtractMaps(&maps);
CHECK_EQ(4, maps.size());
// Finally driven megamorphic.
CompileRun("f({ blarg: 3, gran: 3, torino: 10, foo: 2 })");
CHECK_EQ(InlineCacheState::MEGAMORPHIC, nexus.ic_state());
CHECK(nexus.GetFirstMap().is_null());
// After a collection, state should not be reset to PREMONOMORPHIC.
CcTest::CollectAllGarbage();
CHECK_EQ(InlineCacheState::MEGAMORPHIC, nexus.ic_state());
}
TEST(VectorLoadGlobalICSlotSharing) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
// Function f has 5 LoadGlobalICs: 3 for {o} references outside of "typeof"
// operator and 2 for {o} references inside "typeof" operator.
CompileRun(
"o = 10;"
"function f() {"
" var x = o || 10;"
" var y = typeof o;"
" return o , typeof o, x , y, o;"
"}"
"%EnsureFeedbackVectorForFunction(f);"
"f();");
Handle<JSFunction> f = GetFunction("f");
// There should be two IC slots for {o} references outside and inside
// typeof operator respectively.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(2, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kLoadGlobalInsideTypeof);
FeedbackSlot slot1 = helper.slot(0);
FeedbackSlot slot2 = helper.slot(1);
CHECK_EQ(InlineCacheState::MONOMORPHIC,
FeedbackNexus(feedback_vector, slot1).ic_state());
CHECK_EQ(InlineCacheState::MONOMORPHIC,
FeedbackNexus(feedback_vector, slot2).ic_state());
}
TEST(VectorLoadICOnSmi) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
Heap* heap = isolate->heap();
// Make sure function f has a call that uses a type feedback slot.
CompileRun(
"var o = { foo: 3 };"
"%EnsureFeedbackVectorForFunction(f);"
"function f(a) { return a.foo; } f(34);");
Handle<JSFunction> f = GetFunction("f");
// There should be one IC.
Handle<FeedbackVector> feedback_vector =
Handle<FeedbackVector>(f->feedback_vector(), isolate);
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
// Verify that the monomorphic map is the one we expect.
Map number_map = ReadOnlyRoots(heap).heap_number_map();
CHECK_EQ(number_map, nexus.GetFirstMap());
// Now go polymorphic on o.
CompileRun("f(o)");
CHECK_EQ(InlineCacheState::POLYMORPHIC, nexus.ic_state());
MapHandles maps;
nexus.ExtractMaps(&maps);
CHECK_EQ(2, maps.size());
// One of the maps should be the o map.
v8::MaybeLocal<v8::Value> v8_o =
CcTest::global()->Get(context.local(), v8_str("o"));
Handle<JSObject> o =
Handle<JSObject>::cast(v8::Utils::OpenHandle(*v8_o.ToLocalChecked()));
bool number_map_found = false;
bool o_map_found = false;
for (Handle<Map> current : maps) {
if (*current == number_map)
number_map_found = true;
else if (*current == o->map())
o_map_found = true;
}
CHECK(number_map_found && o_map_found);
// The degree of polymorphism doesn't change.
CompileRun("f(100)");
CHECK_EQ(InlineCacheState::POLYMORPHIC, nexus.ic_state());
MapHandles maps2;
nexus.ExtractMaps(&maps2);
CHECK_EQ(2, maps2.size());
}
TEST(ReferenceContextAllocatesNoSlots) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
Isolate* isolate = CcTest::i_isolate();
{
CompileRun(
"function testvar(x) {"
" y = x;"
" y = a;"
" return y;"
"}"
"%EnsureFeedbackVectorForFunction(testvar);"
"a = 3;"
"testvar({});");
Handle<JSFunction> f = GetFunction("testvar");
// There should be two LOAD_ICs, one for a and one for y at the end.
Handle<FeedbackVector> feedback_vector =
handle(f->feedback_vector(), isolate);
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(3, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kStoreGlobalSloppy);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
CHECK_SLOT_KIND(helper, 2, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
}
{
CompileRun(
"function testprop(x) {"
" 'use strict';"
" x.blue = a;"
"}"
"%EnsureFeedbackVectorForFunction(testprop);"
"testprop({ blue: 3 });");
Handle<JSFunction> f = GetFunction("testprop");
// There should be one LOAD_IC, for the load of a.
Handle<FeedbackVector> feedback_vector(f->feedback_vector(), isolate);
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(2, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kSetNamedStrict);
}
{
CompileRun(
"function testpropfunc(x) {"
" x().blue = a;"
" return x().blue;"
"}"
"%EnsureFeedbackVectorForFunction(testpropfunc);"
"function makeresult() { return { blue: 3 }; }"
"testpropfunc(makeresult);");
Handle<JSFunction> f = GetFunction("testpropfunc");
// There should be 1 LOAD_GLOBAL_IC to load x (in both cases), 2 CALL_ICs
// to call x and a LOAD_IC to load blue.
Handle<FeedbackVector> feedback_vector(f->feedback_vector(), isolate);
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(5, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kCall);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
CHECK_SLOT_KIND(helper, 2, FeedbackSlotKind::kSetNamedSloppy);
CHECK_SLOT_KIND(helper, 3, FeedbackSlotKind::kCall);
CHECK_SLOT_KIND(helper, 4, FeedbackSlotKind::kLoadProperty);
}
{
CompileRun(
"function testkeyedprop(x) {"
" x[0] = a;"
" return x[0];"
"}"
"%EnsureFeedbackVectorForFunction(testkeyedprop);"
"testkeyedprop([0, 1, 2]);");
Handle<JSFunction> f = GetFunction("testkeyedprop");
// There should be 1 LOAD_GLOBAL_ICs for the load of a, and one
// KEYED_LOAD_IC for the load of x[0] in the return statement.
Handle<FeedbackVector> feedback_vector(f->feedback_vector(), isolate);
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(3, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kSetKeyedSloppy);
CHECK_SLOT_KIND(helper, 2, FeedbackSlotKind::kLoadKeyed);
}
{
CompileRun(
"function testkeyedprop(x) {"
" 'use strict';"
" x[0] = a;"
" return x[0];"
"}"
"%EnsureFeedbackVectorForFunction(testkeyedprop);"
"testkeyedprop([0, 1, 2]);");
Handle<JSFunction> f = GetFunction("testkeyedprop");
// There should be 1 LOAD_GLOBAL_ICs for the load of a, and one
// KEYED_LOAD_IC for the load of x[0] in the return statement.
Handle<FeedbackVector> feedback_vector(f->feedback_vector(), isolate);
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(3, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kSetKeyedStrict);
CHECK_SLOT_KIND(helper, 2, FeedbackSlotKind::kLoadKeyed);
}
{
CompileRun(
"function testcompound(x) {"
" 'use strict';"
" x.old = x.young = x.in_between = a;"
" return x.old + x.young;"
"}"
"%EnsureFeedbackVectorForFunction(testcompound);"
"testcompound({ old: 3, young: 3, in_between: 3 });");
Handle<JSFunction> f = GetFunction("testcompound");
// There should be 1 LOAD_GLOBAL_IC for load of a and 2 LOAD_ICs, for load
// of x.old and x.young.
Handle<FeedbackVector> feedback_vector(f->feedback_vector(), isolate);
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(7, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kLoadGlobalNotInsideTypeof);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kSetNamedStrict);
CHECK_SLOT_KIND(helper, 2, FeedbackSlotKind::kSetNamedStrict);
CHECK_SLOT_KIND(helper, 3, FeedbackSlotKind::kSetNamedStrict);
CHECK_SLOT_KIND(helper, 4, FeedbackSlotKind::kBinaryOp);
CHECK_SLOT_KIND(helper, 5, FeedbackSlotKind::kLoadProperty);
CHECK_SLOT_KIND(helper, 6, FeedbackSlotKind::kLoadProperty);
}
}
TEST(VectorStoreICBasic) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
CompileRun(
"function f(a) {"
" a.foo = 5;"
"};"
"%EnsureFeedbackVectorForFunction(f);"
"var a = { foo: 3 };"
"f(a);"
"f(a);"
"f(a);");
Handle<JSFunction> f = GetFunction("f");
// There should be one IC slot.
Handle<FeedbackVector> feedback_vector(f->feedback_vector(), f->GetIsolate());
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(1, helper.slot_count());
FeedbackSlot slot(0);
FeedbackNexus nexus(feedback_vector, slot);
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
}
TEST(DefineNamedOwnIC) {
if (!i::FLAG_use_ic) return;
if (i::FLAG_always_opt) return;
FLAG_allow_natives_syntax = true;
CcTest::InitializeVM();
LocalContext context;
v8::HandleScope scope(context->GetIsolate());
CompileRun(
"function f(v) {"
" return {a: 0, b: v, c: 0};"
"}"
"%EnsureFeedbackVectorForFunction(f);"
"f(1);"
"f(2);"
"f(3);");
Handle<JSFunction> f = GetFunction("f");
// There should be one IC slot.
Handle<FeedbackVector> feedback_vector(f->feedback_vector(), f->GetIsolate());
FeedbackVectorHelper helper(feedback_vector);
CHECK_EQ(2, helper.slot_count());
CHECK_SLOT_KIND(helper, 0, FeedbackSlotKind::kLiteral);
CHECK_SLOT_KIND(helper, 1, FeedbackSlotKind::kDefineNamedOwn);
FeedbackNexus nexus(feedback_vector, helper.slot(1));
CHECK_EQ(InlineCacheState::MONOMORPHIC, nexus.ic_state());
}
} // namespace
} // namespace internal
} // namespace v8
Reference in New Issue View Git Blame Copy Permalink