[ext-code-space][ic] Migrate IC handlers to CodeT

Bug: v8:11880 Change-Id: I08b9eb182a42ca612a60fdafc0a059f97a3f0d87 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2968411Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#75219}

[ext-code-space][ic] Migrate IC handlers to CodeT
Bug: v8:11880 Change-Id: I08b9eb182a42ca612a60fdafc0a059f97a3f0d87 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2968411Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#75219}
4c535930 · Igor Sheludko · V8 LUCI CQ · 710b88ff · 4c535930 · 4c535930
Commit 4c535930 authored Jun 17, 2021 by Igor Sheludko Committed by V8 LUCI CQ Jun 17, 2021
9 changed files
--- a/src/builtins/builtins-handler-gen.cc
+++ b/src/builtins/builtins-handler-gen.cc
@@ -64,7 +64,7 @@ void Builtins::Generate_StoreIC_NoFeedback(
 }

 // All possible fast-to-fast transitions. Transitions to dictionary mode are not
-// handled by ElementsTransitionAndStore.
+// handled by ElementsTransitionAndStore builtins.
 #define ELEMENTS_KIND_TRANSITIONS(V)               \
  V(PACKED_SMI_ELEMENTS, HOLEY_SMI_ELEMENTS)       \
  V(PACKED_SMI_ELEMENTS, PACKED_DOUBLE_ELEMENTS)   \

--- a/src/diagnostics/objects-debug.cc
+++ b/src/diagnostics/objects-debug.cc
@@ -1659,7 +1659,7 @@ USE_TORQUE_VERIFIER(WasmIndirectFunctionTable)
 void DataHandler::DataHandlerVerify(Isolate* isolate) {
  TorqueGeneratedClassVerifiers::DataHandlerVerify(*this, isolate);
  CHECK_IMPLIES(!smi_handler().IsSmi(),
-                smi_handler().IsCode() && IsStoreHandler());
+                IsStoreHandler() && smi_handler().IsCodeT());
  int data_count = data_field_count();
  if (data_count >= 1) {
    VerifyMaybeObjectField(isolate, kData1Offset);

--- a/src/ic/accessor-assembler.cc
+++ b/src/ic/accessor-assembler.cc
@@ -202,7 +202,7 @@ void AccessorAssembler::HandleLoadICHandlerCase(

  BIND(&try_proto_handler);
  {
-    GotoIf(IsCodeMap(LoadMap(CAST(handler))), &call_handler);
+    GotoIf(IsCodeT(CAST(handler)), &call_handler);
    HandleLoadICProtoHandler(p, CAST(handler), &var_holder, &var_smi_handler,
                             &if_smi_handler, miss, exit_point, ic_mode,
                             access_mode);
@@ -219,7 +219,9 @@ void AccessorAssembler::HandleLoadICHandlerCase(

  BIND(&call_handler);
  {
-    exit_point->ReturnCallStub(LoadWithVectorDescriptor{}, CAST(handler),
+    // TODO(v8:11880): avoid roundtrips between cdc and code.
+    TNode<Code> code_handler = FromCodeT(CAST(handler));
+    exit_point->ReturnCallStub(LoadWithVectorDescriptor{}, code_handler,
                               p->context(), p->lookup_start_object(),
                               p->name(), p->slot(), p->vector());
  }
@@ -1008,8 +1010,9 @@ TNode<Object> AccessorAssembler::HandleProtoHandler(
    if (on_code_handler) {
      Label if_smi_handler(this);
      GotoIf(TaggedIsSmi(smi_or_code_handler), &if_smi_handler);
-
-      on_code_handler(CAST(smi_or_code_handler));
+      // TODO(v8:11880): avoid roundtrips between cdc and code.
+      TNode<Code> code = FromCodeT(CAST(smi_or_code_handler));
+      on_code_handler(code);

      BIND(&if_smi_handler);
    }
@@ -1331,7 +1334,7 @@ void AccessorAssembler::HandleStoreICHandlerCase(
    GotoIf(IsWeakOrCleared(handler), &store_transition_or_global);
    TNode<HeapObject> strong_handler = CAST(handler);
    TNode<Map> handler_map = LoadMap(strong_handler);
-    Branch(IsCodeMap(handler_map), &call_handler, &if_proto_handler);
+    Branch(IsCodeTMap(handler_map), &call_handler, &if_proto_handler);

    BIND(&if_proto_handler);
    {
@@ -1342,9 +1345,11 @@ void AccessorAssembler::HandleStoreICHandlerCase(
    // |handler| is a heap object. Must be code, call it.
    BIND(&call_handler);
    {
-      TailCallStub(StoreWithVectorDescriptor{}, CAST(strong_handler),
-                   p->context(), p->receiver(), p->name(), p->value(),
-                   p->slot(), p->vector());
+      // TODO(v8:11880): avoid roundtrips between cdc and code.
+      TNode<Code> code_handler = FromCodeT(CAST(strong_handler));
+      TailCallStub(StoreWithVectorDescriptor{}, code_handler, p->context(),
+                   p->receiver(), p->name(), p->value(), p->slot(),
+                   p->vector());
    }
  }

@@ -3894,10 +3899,16 @@ void AccessorAssembler::StoreInArrayLiteralIC(const StoreICParameters* p) {
      GotoIf(TaggedIsSmi(var_handler.value()), &if_smi_handler);

      TNode<HeapObject> handler = CAST(var_handler.value());
-      GotoIfNot(IsCode(handler), &if_transitioning_element_store);
-      TailCallStub(StoreWithVectorDescriptor{}, CAST(handler), p->context(),
-                   p->receiver(), p->name(), p->value(), p->slot(),
-                   p->vector());
+      GotoIfNot(IsCodeT(handler), &if_transitioning_element_store);
+
+      {
+        // Call the handler.
+        // TODO(v8:11880): avoid roundtrips between cdc and code.
+        TNode<Code> code_handler = FromCodeT(CAST(handler));
+        TailCallStub(StoreWithVectorDescriptor{}, code_handler, p->context(),
+                     p->receiver(), p->name(), p->value(), p->slot(),
+                     p->vector());
+      }

      BIND(&if_transitioning_element_store);
      {
@@ -3906,8 +3917,9 @@ void AccessorAssembler::StoreInArrayLiteralIC(const StoreICParameters* p) {
        TNode<Map> transition_map =
            CAST(GetHeapObjectAssumeWeak(maybe_transition_map, &miss));
        GotoIf(IsDeprecatedMap(transition_map), &miss);
-        TNode<Code> code =
-            CAST(LoadObjectField(handler, StoreHandler::kSmiHandlerOffset));
+        // TODO(v8:11880): avoid roundtrips between cdc and code.
+        TNode<Code> code = FromCodeT(
+            CAST(LoadObjectField(handler, StoreHandler::kSmiHandlerOffset)));
        TailCallStub(StoreTransitionDescriptor{}, code, p->context(),
                     p->receiver(), p->name(), transition_map, p->value(),
                     p->slot(), p->vector());

--- a/src/ic/handler-configuration-inl.h
+++ b/src/ic/handler-configuration-inl.h
@@ -21,7 +21,12 @@ namespace v8 {
 namespace internal {

 inline Handle<Object> MakeCodeHandler(Isolate* isolate, Builtin builtin) {
-  return isolate->builtins()->code_handle(builtin);
+  if (V8_EXTERNAL_CODE_SPACE_BOOL) {
+    Code code = isolate->builtins()->code(builtin);
+    return handle(code.code_data_container(kAcquireLoad), isolate);
+  } else {
+    return isolate->builtins()->code_handle(builtin);
+  }
 }

 OBJECT_CONSTRUCTORS_IMPL(LoadHandler, DataHandler)

--- a/src/ic/ic-inl.h
+++ b/src/ic/ic-inl.h
@@ -31,7 +31,7 @@ bool IC::IsHandler(MaybeObject object) {
         (object->GetHeapObjectIfWeak(&heap_object) &&
          (heap_object.IsMap() || heap_object.IsPropertyCell())) ||
         (object->GetHeapObjectIfStrong(&heap_object) &&
-          (heap_object.IsDataHandler() || heap_object.IsCode()));
+          (heap_object.IsDataHandler() || heap_object.IsCodeT()));
 }

 bool IC::vector_needs_update() {

--- a/src/ic/ic.cc
+++ b/src/ic/ic.cc
@@ -145,8 +145,7 @@ void IC::TraceIC(const char* type, Handle<Object> name, State old_state,
  if (function.ActiveTierIsIgnition()) {
    code_offset = InterpretedFrame::GetBytecodeOffset(frame->fp());
  } else {
-    code_offset =
-        static_cast<int>(frame->pc() - function.code().InstructionStart());
+    code_offset = static_cast<int>(frame->pc() - function.code_entry_point());
  }
  JavaScriptFrame::CollectFunctionAndOffsetForICStats(
      function, function.abstract_code(isolate_), code_offset);

--- a/src/objects/data-handler.tq
+++ b/src/objects/data-handler.tq
@@ -4,7 +4,8 @@

 @abstract
 extern class DataHandler extends Struct {
-  smi_handler: Smi|Code;
+  @if(V8_EXTERNAL_CODE_SPACE) smi_handler: Smi|CodeDataContainer;
+  @ifnot(V8_EXTERNAL_CODE_SPACE) smi_handler: Smi|Code;
  validity_cell: Smi|Cell;

  // Space for the following fields may or may not be allocated.

--- a/src/objects/feedback-vector.cc
+++ b/src/objects/feedback-vector.cc
@@ -1243,8 +1243,8 @@ KeyedAccessStoreMode FeedbackNexus::GetKeyedAccessStoreMode() const {
        if (mode != STANDARD_STORE) return mode;
        continue;
      } else {
-        handler = handle(Code::cast(data_handler->smi_handler()),
-                         vector().GetIsolate());
+        Code code = FromCodeT(CodeT::cast(data_handler->smi_handler()));
+        handler = handle(code, vector().GetIsolate());
      }

    } else if (maybe_code_handler.object()->IsSmi()) {
@@ -1258,7 +1258,12 @@ KeyedAccessStoreMode FeedbackNexus::GetKeyedAccessStoreMode() const {
      continue;
    } else {
      // Element store without prototype chain check.
-      handler = Handle<Code>::cast(maybe_code_handler.object());
+      if (V8_EXTERNAL_CODE_SPACE_BOOL) {
+        Code code = FromCodeT(CodeT::cast(*maybe_code_handler.object()));
+        handler = handle(code, vector().GetIsolate());
+      } else {
+        handler = Handle<Code>::cast(maybe_code_handler.object());
+      }
    }

    if (handler->is_builtin()) {

--- a/test/cctest/test-accessor-assembler.cc
+++ b/test/cctest/test-accessor-assembler.cc
@@ -217,7 +217,8 @@ TEST(TryProbeStubCache) {
    Handle<Name> name = names[index % names.size()];
    Handle<JSObject> receiver = receivers[index % receivers.size()];
    Handle<Code> handler = handlers[index % handlers.size()];
-    stub_cache.Set(*name, receiver->map(), MaybeObject::FromObject(*handler));
+    stub_cache.Set(*name, receiver->map(),
+                   MaybeObject::FromObject(ToCodeT(*handler)));
  }

  // Perform some queries.