js-native-context-specialization.h 11.9 KB
Newer Older
1 2 3 4
// Copyright 2015 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

5 6
#ifndef V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_
#define V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_
7 8 9

#include "src/base/flags.h"
#include "src/compiler/graph-reducer.h"
10
#include "src/compiler/js-heap-broker.h"
11
#include "src/deoptimizer/deoptimize-reason.h"
12
#include "src/objects/map.h"
13 14 15 16 17

namespace v8 {
namespace internal {

// Forward declarations.
18
class Factory;
19
class FeedbackNexus;
20 21
class JSGlobalObject;
class JSGlobalProxy;
22
class StringConstantBase;
23 24 25 26

namespace compiler {

// Forward declarations.
27
enum class AccessMode;
28
class CommonOperatorBuilder;
29
class CompilationDependencies;
30
class ElementAccessInfo;
31
class JSGraph;
32
class JSHeapBroker;
33
class JSOperatorBuilder;
34
class MachineOperatorBuilder;
35
class PropertyAccessInfo;
36
class SimplifiedOperatorBuilder;
37
class TypeCache;
38

39
// Specializes a given JSGraph to a given native context, potentially constant
40
// folding some {LoadGlobal} nodes or strength reducing some {StoreGlobal}
41 42
// nodes.  And also specializes {LoadNamed} and {StoreNamed} nodes according
// to type feedback (if available).
43 44
class V8_EXPORT_PRIVATE JSNativeContextSpecialization final
    : public AdvancedReducer {
45 46
 public:
  // Flags that control the mode of operation.
47 48 49 50
  enum Flag {
    kNoFlags = 0u,
    kBailoutOnUninitialized = 1u << 0,
  };
51
  using Flags = base::Flags<Flag>;
52

53
  JSNativeContextSpecialization(Editor* editor, JSGraph* jsgraph,
54
                                JSHeapBroker* broker, Flags flags,
55
                                CompilationDependencies* dependencies,
56
                                Zone* zone, Zone* shared_zone);
57

58 59 60 61
  const char* reducer_name() const override {
    return "JSNativeContextSpecialization";
  }

62 63
  Reduction Reduce(Node* node) final;

64 65 66
  // Utility for folding string constant concatenation.
  // Supports JSAdd nodes and nodes typed as string or number.
  // Public for the sake of unit testing.
67 68
  static base::Optional<size_t> GetMaxStringLength(JSHeapBroker* broker,
                                                   Node* node);
69

70
 private:
71
  Reduction ReduceJSAdd(Node* node);
72 73 74
  Reduction ReduceJSAsyncFunctionEnter(Node* node);
  Reduction ReduceJSAsyncFunctionReject(Node* node);
  Reduction ReduceJSAsyncFunctionResolve(Node* node);
75
  Reduction ReduceJSGetSuperConstructor(Node* node);
76
  Reduction ReduceJSInstanceOf(Node* node);
77
  Reduction ReduceJSHasInPrototypeChain(Node* node);
78
  Reduction ReduceJSOrdinaryHasInstance(Node* node);
79 80
  Reduction ReduceJSPromiseResolve(Node* node);
  Reduction ReduceJSResolvePromise(Node* node);
81 82
  Reduction ReduceJSLoadGlobal(Node* node);
  Reduction ReduceJSStoreGlobal(Node* node);
83
  Reduction ReduceJSLoadNamed(Node* node);
84
  Reduction ReduceJSGetIterator(Node* node);
85
  Reduction ReduceJSStoreNamed(Node* node);
86
  Reduction ReduceJSHasProperty(Node* node);
87 88
  Reduction ReduceJSLoadProperty(Node* node);
  Reduction ReduceJSStoreProperty(Node* node);
89
  Reduction ReduceJSStoreNamedOwn(Node* node);
90
  Reduction ReduceJSStoreDataPropertyInLiteral(Node* node);
91
  Reduction ReduceJSStoreInArrayLiteral(Node* node);
92
  Reduction ReduceJSToObject(Node* node);
93

94
  Reduction ReduceElementAccess(Node* node, Node* index, Node* value,
95
                                ElementAccessFeedback const& processed);
96 97
  // In the case of non-keyed (named) accesses, pass the name as {static_name}
  // and use {nullptr} for {key} (load/store modes are irrelevant).
98 99 100 101
  Reduction ReducePropertyAccess(Node* node, Node* key,
                                 base::Optional<NameRef> static_name,
                                 Node* value, FeedbackSource const& source,
                                 AccessMode access_mode);
102 103 104
  Reduction ReduceNamedAccess(Node* node, Node* value,
                              NamedAccessFeedback const& processed,
                              AccessMode access_mode, Node* key = nullptr);
105 106 107 108
  Reduction ReduceMinimorphicPropertyAccess(
      Node* node, Node* value,
      MinimorphicLoadPropertyAccessFeedback const& feedback,
      FeedbackSource const& source);
109
  Reduction ReduceGlobalAccess(Node* node, Node* receiver, Node* value,
110
                               NameRef const& name, AccessMode access_mode,
111
                               Node* key = nullptr);
112
  Reduction ReduceGlobalAccess(Node* node, Node* receiver, Node* value,
113
                               NameRef const& name, AccessMode access_mode,
114
                               Node* key, PropertyCellRef const& property_cell);
115 116 117
  Reduction ReduceElementLoadFromHeapConstant(Node* node, Node* key,
                                              AccessMode access_mode,
                                              KeyedAccessLoadMode load_mode);
118
  Reduction ReduceElementAccessOnString(Node* node, Node* index, Node* value,
119
                                        KeyedAccessMode const& keyed_mode);
120

121
  Reduction ReduceSoftDeoptimize(Node* node, DeoptimizeReason reason);
122
  Reduction ReduceJSToString(Node* node);
123

124 125
  Reduction ReduceJSLoadPropertyWithEnumeratedKey(Node* node);

126 127
  const StringConstantBase* CreateDelayedStringConstant(Node* node);

128 129 130
  // A triple of nodes that represents a continuation.
  class ValueEffectControl final {
   public:
131 132
    ValueEffectControl()
        : value_(nullptr), effect_(nullptr), control_(nullptr) {}
133 134 135 136 137 138 139 140
    ValueEffectControl(Node* value, Node* effect, Node* control)
        : value_(value), effect_(effect), control_(control) {}

    Node* value() const { return value_; }
    Node* effect() const { return effect_; }
    Node* control() const { return control_; }

   private:
141 142 143
    Node* value_;
    Node* effect_;
    Node* control_;
144 145 146
  };

  // Construct the appropriate subgraph for property access.
147 148 149
  ValueEffectControl BuildPropertyAccess(Node* receiver, Node* value,
                                         Node* context, Node* frame_state,
                                         Node* effect, Node* control,
150
                                         NameRef const& name,
151 152 153
                                         ZoneVector<Node*>* if_exceptions,
                                         PropertyAccessInfo const& access_info,
                                         AccessMode access_mode);
154 155
  ValueEffectControl BuildPropertyLoad(Node* receiver, Node* context,
                                       Node* frame_state, Node* effect,
156
                                       Node* control, NameRef const& name,
157
                                       ZoneVector<Node*>* if_exceptions,
158 159 160 161 162
                                       PropertyAccessInfo const& access_info);

  ValueEffectControl BuildPropertyStore(Node* receiver, Node* value,
                                        Node* context, Node* frame_state,
                                        Node* effect, Node* control,
163
                                        NameRef const& name,
164 165 166
                                        ZoneVector<Node*>* if_exceptions,
                                        PropertyAccessInfo const& access_info,
                                        AccessMode access_mode);
167

168 169 170
  ValueEffectControl BuildPropertyTest(Node* effect, Node* control,
                                       PropertyAccessInfo const& access_info);

171 172 173 174 175 176
  // Helpers for accessor inlining.
  Node* InlinePropertyGetterCall(Node* receiver, Node* context,
                                 Node* frame_state, Node** effect,
                                 Node** control,
                                 ZoneVector<Node*>* if_exceptions,
                                 PropertyAccessInfo const& access_info);
177 178 179 180 181
  void InlinePropertySetterCall(Node* receiver, Node* value, Node* context,
                                Node* frame_state, Node** effect,
                                Node** control,
                                ZoneVector<Node*>* if_exceptions,
                                PropertyAccessInfo const& access_info);
182 183
  Node* InlineApiCall(Node* receiver, Node* holder, Node* frame_state,
                      Node* value, Node** effect, Node** control,
184 185
                      SharedFunctionInfoRef const& shared_info,
                      FunctionTemplateInfoRef const& function_template_info);
186 187

  // Construct the appropriate subgraph for element access.
188 189 190 191 192
  ValueEffectControl BuildElementAccess(Node* receiver, Node* index,
                                        Node* value, Node* effect,
                                        Node* control,
                                        ElementAccessInfo const& access_info,
                                        KeyedAccessMode const& keyed_mode);
193

194 195 196 197 198
  // Construct appropriate subgraph to load from a String.
  Node* BuildIndexedStringLoad(Node* receiver, Node* index, Node* length,
                               Node** effect, Node** control,
                               KeyedAccessLoadMode load_mode);

199
  // Construct appropriate subgraph to extend properties backing store.
200
  Node* BuildExtendPropertiesBackingStore(const MapRef& map, Node* properties,
201 202
                                          Node* effect, Node* control);

203 204
  // Construct appropriate subgraph to check that the {value} matches
  // the previously recorded {name} feedback.
205
  Node* BuildCheckEqualsName(NameRef const& name, Node* value, Node* effect,
206 207
                             Node* control);

208 209 210
  // Checks if we can turn the hole into undefined when loading an element
  // from an object with one of the {receiver_maps}; sets up appropriate
  // code dependencies and might use the array protector cell.
211
  bool CanTreatHoleAsUndefined(ZoneVector<Handle<Map>> const& receiver_maps);
212

213 214 215 216 217 218 219
  void RemoveImpossibleReceiverMaps(
      Node* receiver, ZoneVector<Handle<Map>>* receiver_maps) const;

  ElementAccessFeedback const& TryRefineElementAccessFeedback(
      ElementAccessFeedback const& feedback, Node* receiver,
      Node* effect) const;

220 221
  // Try to infer maps for the given {receiver} at the current {effect}.
  bool InferReceiverMaps(Node* receiver, Node* effect,
222 223
                         ZoneVector<Handle<Map>>* receiver_maps) const;

224 225
  // Try to infer a root map for the {receiver} independent of the current
  // program location.
226
  base::Optional<MapRef> InferReceiverRootMap(Node* receiver) const;
227

228 229 230 231 232 233 234 235 236
  // Checks if we know at compile time that the {receiver} either definitely
  // has the {prototype} in it's prototype chain, or the {receiver} definitely
  // doesn't have the {prototype} in it's prototype chain.
  enum InferHasInPrototypeChainResult {
    kIsInPrototypeChain,
    kIsNotInPrototypeChain,
    kMayBeInPrototypeChain
  };
  InferHasInPrototypeChainResult InferHasInPrototypeChain(
237
      Node* receiver, Node* effect, HeapObjectRef const& prototype);
238

239 240
  Graph* graph() const;
  JSGraph* jsgraph() const { return jsgraph_; }
241

242
  JSHeapBroker* broker() const { return broker_; }
243
  Isolate* isolate() const;
244
  Factory* factory() const;
245
  CommonOperatorBuilder* common() const;
246
  JSOperatorBuilder* javascript() const;
247
  SimplifiedOperatorBuilder* simplified() const;
248
  Flags flags() const { return flags_; }
249 250
  Handle<JSGlobalObject> global_object() const { return global_object_; }
  Handle<JSGlobalProxy> global_proxy() const { return global_proxy_; }
251 252 253
  NativeContextRef native_context() const {
    return broker()->target_native_context();
  }
254
  CompilationDependencies* dependencies() const { return dependencies_; }
255
  Zone* zone() const { return zone_; }
256
  Zone* shared_zone() const { return shared_zone_; }
257
  bool should_disallow_heap_access() const;
258

259
  JSGraph* const jsgraph_;
260
  JSHeapBroker* const broker_;
261
  Flags const flags_;
262 263
  Handle<JSGlobalObject> global_object_;
  Handle<JSGlobalProxy> global_proxy_;
264
  CompilationDependencies* const dependencies_;
265
  Zone* const zone_;
266
  Zone* const shared_zone_;
267
  TypeCache const* type_cache_;
268

269
  DISALLOW_COPY_AND_ASSIGN(JSNativeContextSpecialization);
270 271
};

272
DEFINE_OPERATORS_FOR_FLAGS(JSNativeContextSpecialization::Flags)
273

274 275 276 277
}  // namespace compiler
}  // namespace internal
}  // namespace v8

278
#endif  // V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_