js-native-context-specialization.h 11.8 KB
Newer Older
1 2 3 4
// Copyright 2015 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

5 6
#ifndef V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_
#define V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_
7 8

#include "src/base/flags.h"
9
#include "src/base/optional.h"
10
#include "src/compiler/graph-reducer.h"
11
#include "src/compiler/js-heap-broker.h"
12
#include "src/deoptimizer/deoptimize-reason.h"
13
#include "src/objects/map.h"
14 15 16 17 18

namespace v8 {
namespace internal {

// Forward declarations.
19
class Factory;
20 21
class JSGlobalObject;
class JSGlobalProxy;
22
class StringConstantBase;
23 24 25 26

namespace compiler {

// Forward declarations.
27
enum class AccessMode;
28
class CommonOperatorBuilder;
29
class CompilationDependencies;
30
class ElementAccessInfo;
31
class JSGraph;
32
class JSHeapBroker;
33
class JSOperatorBuilder;
34
class MachineOperatorBuilder;
35
class PropertyAccessInfo;
36
class SimplifiedOperatorBuilder;
37
class TypeCache;
38

39
// Specializes a given JSGraph to a given native context, potentially constant
40
// folding some {LoadGlobal} nodes or strength reducing some {StoreGlobal}
41 42
// nodes.  And also specializes {LoadNamed} and {StoreNamed} nodes according
// to type feedback (if available).
43 44
class V8_EXPORT_PRIVATE JSNativeContextSpecialization final
    : public AdvancedReducer {
45 46
 public:
  // Flags that control the mode of operation.
47 48 49 50
  enum Flag {
    kNoFlags = 0u,
    kBailoutOnUninitialized = 1u << 0,
  };
51
  using Flags = base::Flags<Flag>;
52

53
  JSNativeContextSpecialization(Editor* editor, JSGraph* jsgraph,
54
                                JSHeapBroker* broker, Flags flags,
55
                                CompilationDependencies* dependencies,
56
                                Zone* zone, Zone* shared_zone);
57 58 59
  JSNativeContextSpecialization(const JSNativeContextSpecialization&) = delete;
  JSNativeContextSpecialization& operator=(
      const JSNativeContextSpecialization&) = delete;
60

61 62 63 64
  const char* reducer_name() const override {
    return "JSNativeContextSpecialization";
  }

65 66
  Reduction Reduce(Node* node) final;

67 68 69
  // Utility for folding string constant concatenation.
  // Supports JSAdd nodes and nodes typed as string or number.
  // Public for the sake of unit testing.
70 71
  static base::Optional<size_t> GetMaxStringLength(JSHeapBroker* broker,
                                                   Node* node);
72

73
 private:
74
  Reduction ReduceJSAdd(Node* node);
75 76 77
  Reduction ReduceJSAsyncFunctionEnter(Node* node);
  Reduction ReduceJSAsyncFunctionReject(Node* node);
  Reduction ReduceJSAsyncFunctionResolve(Node* node);
78
  Reduction ReduceJSGetSuperConstructor(Node* node);
79
  Reduction ReduceJSInstanceOf(Node* node);
80
  Reduction ReduceJSHasInPrototypeChain(Node* node);
81
  Reduction ReduceJSOrdinaryHasInstance(Node* node);
82 83
  Reduction ReduceJSPromiseResolve(Node* node);
  Reduction ReduceJSResolvePromise(Node* node);
84 85
  Reduction ReduceJSLoadGlobal(Node* node);
  Reduction ReduceJSStoreGlobal(Node* node);
86
  Reduction ReduceJSLoadNamed(Node* node);
87
  Reduction ReduceJSLoadNamedFromSuper(Node* node);
88
  Reduction ReduceJSGetIterator(Node* node);
89
  Reduction ReduceJSStoreNamed(Node* node);
90
  Reduction ReduceJSHasProperty(Node* node);
91 92
  Reduction ReduceJSLoadProperty(Node* node);
  Reduction ReduceJSStoreProperty(Node* node);
93
  Reduction ReduceJSDefineProperty(Node* node);
94
  Reduction ReduceJSStoreNamedOwn(Node* node);
95
  Reduction ReduceJSStoreDataPropertyInLiteral(Node* node);
96
  Reduction ReduceJSStoreInArrayLiteral(Node* node);
97
  Reduction ReduceJSToObject(Node* node);
98

99
  Reduction ReduceElementAccess(Node* node, Node* index, Node* value,
100
                                ElementAccessFeedback const& feedback);
101 102
  // In the case of non-keyed (named) accesses, pass the name as {static_name}
  // and use {nullptr} for {key} (load/store modes are irrelevant).
103 104 105 106
  Reduction ReducePropertyAccess(Node* node, Node* key,
                                 base::Optional<NameRef> static_name,
                                 Node* value, FeedbackSource const& source,
                                 AccessMode access_mode);
107
  Reduction ReduceNamedAccess(Node* node, Node* value,
108
                              NamedAccessFeedback const& feedback,
109
                              AccessMode access_mode, Node* key = nullptr);
110 111 112 113
  Reduction ReduceMinimorphicPropertyAccess(
      Node* node, Node* value,
      MinimorphicLoadPropertyAccessFeedback const& feedback,
      FeedbackSource const& source);
114 115 116 117 118
  Reduction ReduceGlobalAccess(Node* node, Node* lookup_start_object,
                               Node* receiver, Node* value, NameRef const& name,
                               AccessMode access_mode, Node* key,
                               PropertyCellRef const& property_cell,
                               Node* effect = nullptr);
119 120 121
  Reduction ReduceElementLoadFromHeapConstant(Node* node, Node* key,
                                              AccessMode access_mode,
                                              KeyedAccessLoadMode load_mode);
122
  Reduction ReduceElementAccessOnString(Node* node, Node* index, Node* value,
123
                                        KeyedAccessMode const& keyed_mode);
124

125
  Reduction ReduceSoftDeoptimize(Node* node, DeoptimizeReason reason);
126
  Reduction ReduceJSToString(Node* node);
127

128 129
  Reduction ReduceJSLoadPropertyWithEnumeratedKey(Node* node);

130 131
  base::Optional<const StringConstantBase*> CreateDelayedStringConstant(
      Node* node);
132

133 134 135
  // A triple of nodes that represents a continuation.
  class ValueEffectControl final {
   public:
136 137
    ValueEffectControl()
        : value_(nullptr), effect_(nullptr), control_(nullptr) {}
138 139 140 141 142 143 144 145
    ValueEffectControl(Node* value, Node* effect, Node* control)
        : value_(value), effect_(effect), control_(control) {}

    Node* value() const { return value_; }
    Node* effect() const { return effect_; }
    Node* control() const { return control_; }

   private:
146 147 148
    Node* value_;
    Node* effect_;
    Node* control_;
149 150
  };

151 152 153
  // Construct the appropriate subgraph for property access. Return {} if the
  // property access couldn't be built.
  base::Optional<ValueEffectControl> BuildPropertyAccess(
154 155 156 157
      Node* lookup_start_object, Node* receiver, Node* value, Node* context,
      Node* frame_state, Node* effect, Node* control, NameRef const& name,
      ZoneVector<Node*>* if_exceptions, PropertyAccessInfo const& access_info,
      AccessMode access_mode);
158 159 160 161
  base::Optional<ValueEffectControl> BuildPropertyLoad(
      Node* lookup_start_object, Node* receiver, Node* context,
      Node* frame_state, Node* effect, Node* control, NameRef const& name,
      ZoneVector<Node*>* if_exceptions, PropertyAccessInfo const& access_info);
162 163 164 165

  ValueEffectControl BuildPropertyStore(Node* receiver, Node* value,
                                        Node* context, Node* frame_state,
                                        Node* effect, Node* control,
166
                                        NameRef const& name,
167 168 169
                                        ZoneVector<Node*>* if_exceptions,
                                        PropertyAccessInfo const& access_info,
                                        AccessMode access_mode);
170

171 172 173
  ValueEffectControl BuildPropertyTest(Node* effect, Node* control,
                                       PropertyAccessInfo const& access_info);

174
  // Helpers for accessor inlining.
175 176 177 178
  Node* InlinePropertyGetterCall(Node* receiver,
                                 ConvertReceiverMode receiver_mode,
                                 Node* context, Node* frame_state,
                                 Node** effect, Node** control,
179 180
                                 ZoneVector<Node*>* if_exceptions,
                                 PropertyAccessInfo const& access_info);
181 182 183 184 185
  void InlinePropertySetterCall(Node* receiver, Node* value, Node* context,
                                Node* frame_state, Node** effect,
                                Node** control,
                                ZoneVector<Node*>* if_exceptions,
                                PropertyAccessInfo const& access_info);
186 187
  Node* InlineApiCall(Node* receiver, Node* holder, Node* frame_state,
                      Node* value, Node** effect, Node** control,
188
                      FunctionTemplateInfoRef const& function_template_info);
189 190

  // Construct the appropriate subgraph for element access.
191 192 193 194 195
  ValueEffectControl BuildElementAccess(Node* receiver, Node* index,
                                        Node* value, Node* effect,
                                        Node* control,
                                        ElementAccessInfo const& access_info,
                                        KeyedAccessMode const& keyed_mode);
196

197 198 199 200 201
  // Construct appropriate subgraph to load from a String.
  Node* BuildIndexedStringLoad(Node* receiver, Node* index, Node* length,
                               Node** effect, Node** control,
                               KeyedAccessLoadMode load_mode);

202
  // Construct appropriate subgraph to extend properties backing store.
203
  Node* BuildExtendPropertiesBackingStore(const MapRef& map, Node* properties,
204 205
                                          Node* effect, Node* control);

206 207
  // Construct appropriate subgraph to check that the {value} matches
  // the previously recorded {name} feedback.
208
  Node* BuildCheckEqualsName(NameRef const& name, Node* value, Node* effect,
209 210
                             Node* control);

211 212 213
  // Checks if we can turn the hole into undefined when loading an element
  // from an object with one of the {receiver_maps}; sets up appropriate
  // code dependencies and might use the array protector cell.
214
  bool CanTreatHoleAsUndefined(ZoneVector<MapRef> const& receiver_maps);
215

216
  void RemoveImpossibleMaps(Node* object, ZoneVector<MapRef>* maps) const;
217 218 219

  ElementAccessFeedback const& TryRefineElementAccessFeedback(
      ElementAccessFeedback const& feedback, Node* receiver,
220
      Effect effect) const;
221

222
  // Try to infer maps for the given {object} at the current {effect}.
223
  bool InferMaps(Node* object, Effect effect, ZoneVector<MapRef>* maps) const;
224

225 226 227
  // Try to infer a root map for the {object} independent of the current program
  // location.
  base::Optional<MapRef> InferRootMap(Node* object) const;
228

229 230 231 232 233 234 235 236 237
  // Checks if we know at compile time that the {receiver} either definitely
  // has the {prototype} in it's prototype chain, or the {receiver} definitely
  // doesn't have the {prototype} in it's prototype chain.
  enum InferHasInPrototypeChainResult {
    kIsInPrototypeChain,
    kIsNotInPrototypeChain,
    kMayBeInPrototypeChain
  };
  InferHasInPrototypeChainResult InferHasInPrototypeChain(
238
      Node* receiver, Effect effect, HeapObjectRef const& prototype);
239

240 241
  Node* BuildLoadPrototypeFromObject(Node* object, Node* effect, Node* control);

242 243
  Graph* graph() const;
  JSGraph* jsgraph() const { return jsgraph_; }
244

245
  JSHeapBroker* broker() const { return broker_; }
246
  Isolate* isolate() const;
247
  Factory* factory() const;
248
  CommonOperatorBuilder* common() const;
249
  JSOperatorBuilder* javascript() const;
250
  SimplifiedOperatorBuilder* simplified() const;
251
  Flags flags() const { return flags_; }
252 253
  Handle<JSGlobalObject> global_object() const { return global_object_; }
  Handle<JSGlobalProxy> global_proxy() const { return global_proxy_; }
254 255 256
  NativeContextRef native_context() const {
    return broker()->target_native_context();
  }
257
  CompilationDependencies* dependencies() const { return dependencies_; }
258
  Zone* zone() const { return zone_; }
259
  Zone* shared_zone() const { return shared_zone_; }
260

261
  JSGraph* const jsgraph_;
262
  JSHeapBroker* const broker_;
263
  Flags const flags_;
264 265
  Handle<JSGlobalObject> global_object_;
  Handle<JSGlobalProxy> global_proxy_;
266
  CompilationDependencies* const dependencies_;
267
  Zone* const zone_;
268
  Zone* const shared_zone_;
269
  TypeCache const* type_cache_;
270 271
};

272
DEFINE_OPERATORS_FOR_FLAGS(JSNativeContextSpecialization::Flags)
273

274 275 276 277
}  // namespace compiler
}  // namespace internal
}  // namespace v8

278
#endif  // V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_