ic.h 11.3 KB
Newer Older
1
// Copyright 2012 the V8 project authors. All rights reserved.
2 3
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
4

5 6
#ifndef V8_IC_IC_H_
#define V8_IC_IC_H_
7

8 9
#include <vector>

10
#include "src/common/message-template.h"
11
#include "src/execution/isolate.h"
12
#include "src/heap/factory.h"
13
#include "src/ic/stub-cache.h"
14
#include "src/objects/feedback-vector.h"
15
#include "src/objects/map.h"
16
#include "src/objects/maybe-object.h"
17
#include "src/objects/smi.h"
18

19 20
namespace v8 {
namespace internal {
21

22 23
enum class NamedPropertyType : bool { kNotOwn, kOwn };

24
//
verwaest@chromium.org's avatar
verwaest@chromium.org committed
25
// IC is the base class for LoadIC, StoreIC, KeyedLoadIC, and KeyedStoreIC.
26 27 28 29
//
class IC {
 public:
  // Alias the inline cache state type to make the IC code more readable.
30
  using State = InlineCacheState;
31 32 33

  // Construct the IC structure with the given number of extra
  // JavaScript frames on the stack.
34 35
  IC(Isolate* isolate, Handle<FeedbackVector> vector, FeedbackSlot slot,
     FeedbackSlotKind kind);
36
  virtual ~IC() = default;
37

38
  State state() const { return state_; }
39

40 41 42
  // Compute the current IC state based on the target stub, lookup_start_object
  // and name.
  void UpdateState(Handle<Object> lookup_start_object, Handle<Object> name);
43

44 45 46
  bool RecomputeHandlerForName(Handle<Object> name);
  void MarkRecomputeHandler(Handle<Object> name) {
    DCHECK(RecomputeHandlerForName(name));
47
    old_state_ = state_;
48
    state_ = RECOMPUTE_HANDLER;
49
  }
50

51
  bool IsAnyHas() const { return IsKeyedHasIC(); }
52 53
  bool IsAnyLoad() const {
    return IsLoadIC() || IsLoadGlobalIC() || IsKeyedLoadIC();
54
  }
55
  bool IsAnyStore() const {
56
    return IsStoreIC() || IsStoreOwnIC() || IsStoreGlobalIC() ||
57
           IsKeyedStoreIC() || IsStoreInArrayLiteralICKind(kind());
58
  }
59

60
  static inline bool IsHandler(MaybeObject object);
61

62
  // Nofity the IC system that a feedback has changed.
63
  static void OnFeedbackChanged(Isolate* isolate, FeedbackVector vector,
64
                                FeedbackSlot slot, const char* reason);
65

66
  void OnFeedbackChanged(const char* reason);
67

68
 protected:
69 70
  void set_slow_stub_reason(const char* reason) { slow_stub_reason_ = reason; }

71
  Isolate* isolate() const { return isolate_; }
72

73
  bool is_vector_set() { return vector_set_; }
Clemens Hammacher's avatar
Clemens Hammacher committed
74
  inline bool vector_needs_update();
75

76
  // Configure for most states.
77
  bool ConfigureVectorState(IC::State new_state, Handle<Object> key);
78
  // Configure the vector for MONOMORPHIC.
79
  void ConfigureVectorState(Handle<Name> name, Handle<Map> map,
80
                            Handle<Object> handler);
81 82
  void ConfigureVectorState(Handle<Name> name, Handle<Map> map,
                            const MaybeObjectHandle& handler);
83
  // Configure the vector for POLYMORPHIC.
84
  void ConfigureVectorState(Handle<Name> name, MapHandles const& maps,
85
                            MaybeObjectHandles* handlers);
86 87
  void ConfigureVectorState(
      Handle<Name> name, std::vector<MapAndHandler> const& maps_and_handlers);
88

89
  char TransitionMarkFromState(IC::State state);
90
  void TraceIC(const char* type, Handle<Object> name);
91 92
  void TraceIC(const char* type, Handle<Object> name, State old_state,
               State new_state);
93

94 95
  MaybeHandle<Object> TypeError(MessageTemplate, Handle<Object> object,
                                Handle<Object> key);
96
  MaybeHandle<Object> ReferenceError(Handle<Name> name);
97

98 99
  void UpdateMonomorphicIC(const MaybeObjectHandle& handler, Handle<Name> name);
  bool UpdatePolymorphicIC(Handle<Name> name, const MaybeObjectHandle& handler);
100
  void UpdateMegamorphicCache(Handle<Map> map, Handle<Name> name,
101
                              const MaybeObjectHandle& handler);
102

103 104
  StubCache* stub_cache();

105
  void CopyICToMegamorphicCache(Handle<Name> name);
106
  bool IsTransitionOfMonomorphicTarget(Map source_map, Map target_map);
107 108
  void SetCache(Handle<Name> name, Handle<Object> handler);
  void SetCache(Handle<Name> name, const MaybeObjectHandle& handler);
109
  FeedbackSlotKind kind() const { return kind_; }
110
  bool IsGlobalIC() const { return IsLoadGlobalIC() || IsStoreGlobalIC(); }
111 112 113
  bool IsLoadIC() const { return IsLoadICKind(kind_); }
  bool IsLoadGlobalIC() const { return IsLoadGlobalICKind(kind_); }
  bool IsKeyedLoadIC() const { return IsKeyedLoadICKind(kind_); }
114
  bool IsStoreGlobalIC() const { return IsStoreGlobalICKind(kind_); }
115
  bool IsStoreIC() const { return IsStoreICKind(kind_); }
116
  bool IsStoreOwnIC() const { return IsStoreOwnICKind(kind_); }
117
  bool IsKeyedStoreIC() const { return IsKeyedStoreICKind(kind_); }
118
  bool IsKeyedHasIC() const { return IsKeyedHasICKind(kind_); }
119 120
  bool is_keyed() const {
    return IsKeyedLoadIC() || IsKeyedStoreIC() ||
121
           IsStoreInArrayLiteralICKind(kind_) || IsKeyedHasIC();
122
  }
123
  bool ShouldRecomputeHandler(Handle<String> name);
124

125 126
  Handle<Map> lookup_start_object_map() { return lookup_start_object_map_; }
  inline void update_lookup_start_object_map(Handle<Object> object);
127

128
  void TargetMaps(MapHandles* list) {
129
    FindTargetMaps();
130 131
    for (Handle<Map> map : target_maps_) {
      list->push_back(map);
132 133 134
    }
  }

135
  Map FirstTargetMap() {
136
    FindTargetMaps();
137
    return !target_maps_.empty() ? *target_maps_[0] : Map();
138 139
  }

140 141
  const FeedbackNexus* nexus() const { return &nexus_; }
  FeedbackNexus* nexus() { return &nexus_; }
142

143
 private:
144 145 146
  void FindTargetMaps() {
    if (target_maps_set_) return;
    target_maps_set_ = true;
verwaest's avatar
verwaest committed
147
    nexus()->ExtractMaps(&target_maps_);
148 149
  }

150
  Isolate* isolate_;
151

152
  bool vector_set_;
153
  State old_state_;  // For saving if we marked as prototype failure.
154
  State state_;
155
  FeedbackSlotKind kind_;
156
  Handle<Map> lookup_start_object_map_;
157

158
  MapHandles target_maps_;
159
  bool target_maps_set_;
160

161 162
  const char* slow_stub_reason_;

163
  FeedbackNexus nexus_;
164

165
  DISALLOW_IMPLICIT_CONSTRUCTORS(IC);
166 167
};

168
class LoadIC : public IC {
169
 public:
170 171 172
  LoadIC(Isolate* isolate, Handle<FeedbackVector> vector, FeedbackSlot slot,
         FeedbackSlotKind kind)
      : IC(isolate, vector, slot, kind) {
173
    DCHECK(IsAnyLoad() || IsAnyHas());
174 175
  }

176
  static bool ShouldThrowReferenceError(FeedbackSlotKind kind) {
177
    return kind == FeedbackSlotKind::kLoadGlobalNotInsideTypeof;
178 179
  }

180
  bool ShouldThrowReferenceError() const {
181
    return ShouldThrowReferenceError(kind());
182 183
  }

184 185 186 187
  // If receiver is empty, use object as the receiver.
  V8_WARN_UNUSED_RESULT MaybeHandle<Object> Load(
      Handle<Object> object, Handle<Name> name, bool update_feedback = true,
      Handle<Object> receiver = Handle<Object>());
188

189
 protected:
190 191
  // Update the inline cache and the global stub cache based on the
  // lookup result.
192
  void UpdateCaches(LookupIterator* lookup);
193

194
 private:
195
  Handle<Object> ComputeHandler(LookupIterator* lookup);
196

197
  friend class IC;
198
  friend class NamedLoadHandlerCompiler;
199 200
};

201 202
class LoadGlobalIC : public LoadIC {
 public:
203
  LoadGlobalIC(Isolate* isolate, Handle<FeedbackVector> vector,
204 205
               FeedbackSlot slot, FeedbackSlotKind kind)
      : LoadIC(isolate, vector, slot, kind) {}
206

207 208
  V8_WARN_UNUSED_RESULT MaybeHandle<Object> Load(Handle<Name> name,
                                                 bool update_feedback = true);
209
};
210

211
class KeyedLoadIC : public LoadIC {
danno@chromium.org's avatar
danno@chromium.org committed
212
 public:
213
  KeyedLoadIC(Isolate* isolate, Handle<FeedbackVector> vector,
214 215
              FeedbackSlot slot, FeedbackSlotKind kind)
      : LoadIC(isolate, vector, slot, kind) {}
216

217 218
  V8_WARN_UNUSED_RESULT MaybeHandle<Object> Load(Handle<Object> object,
                                                 Handle<Object> key);
219

220
 protected:
221 222 223
  V8_WARN_UNUSED_RESULT MaybeHandle<Object> RuntimeLoad(Handle<Object> object,
                                                        Handle<Object> key);

224
  // receiver is HeapObject because it could be a String or a JSObject
225 226
  void UpdateLoadElement(Handle<HeapObject> receiver,
                         KeyedAccessLoadMode load_mode);
227

228
 private:
229
  friend class IC;
230

231 232
  Handle<Object> LoadElementHandler(Handle<Map> receiver_map,
                                    KeyedAccessLoadMode load_mode);
233

234
  void LoadElementPolymorphicHandlers(MapHandles* receiver_maps,
235
                                      MaybeObjectHandles* handlers,
236
                                      KeyedAccessLoadMode load_mode);
237 238 239 240 241

  // Returns true if the receiver_map has a kElement or kIndexedString
  // handler in the nexus currently but didn't yet allow out of bounds
  // accesses.
  bool CanChangeToAllowOutOfBounds(Handle<Map> receiver_map);
242 243
};

244
class StoreIC : public IC {
245
 public:
246
  StoreIC(Isolate* isolate, Handle<FeedbackVector> vector, FeedbackSlot slot,
247 248
          FeedbackSlotKind kind)
      : IC(isolate, vector, slot, kind) {
249
    DCHECK(IsAnyStore());
250
  }
251

252
  V8_WARN_UNUSED_RESULT MaybeHandle<Object> Store(
253
      Handle<Object> object, Handle<Name> name, Handle<Object> value,
254
      StoreOrigin store_origin = StoreOrigin::kNamed);
255

256
  bool LookupForWrite(LookupIterator* it, Handle<Object> value,
257
                      StoreOrigin store_origin);
258

259
 protected:
260
  // Stub accessors.
261 262
  // Update the inline cache and the global stub cache based on the
  // lookup result.
263
  void UpdateCaches(LookupIterator* lookup, Handle<Object> value,
264
                    StoreOrigin store_origin);
265

266
 private:
267
  MaybeObjectHandle ComputeHandler(LookupIterator* lookup);
268

269 270 271
  friend class IC;
};

272 273
class StoreGlobalIC : public StoreIC {
 public:
274
  StoreGlobalIC(Isolate* isolate, Handle<FeedbackVector> vector,
275 276
                FeedbackSlot slot, FeedbackSlotKind kind)
      : StoreIC(isolate, vector, slot, kind) {}
277

278 279
  V8_WARN_UNUSED_RESULT MaybeHandle<Object> Store(Handle<Name> name,
                                                  Handle<Object> value);
280
};
281

282
enum KeyedStoreCheckMap { kDontCheckMap, kCheckMap };
283

284
enum KeyedStoreIncrementLength { kDontIncrementLength, kIncrementLength };
285

286 287 288 289 290 291
enum class TransitionMode {
  kNoTransition,
  kTransitionToDouble,
  kTransitionToObject
};

292
class KeyedStoreIC : public StoreIC {
293
 public:
294
  KeyedAccessStoreMode GetKeyedAccessStoreMode() {
295
    return nexus()->GetKeyedAccessStoreMode();
296 297
  }

298
  KeyedStoreIC(Isolate* isolate, Handle<FeedbackVector> vector,
299 300
               FeedbackSlot slot, FeedbackSlotKind kind)
      : StoreIC(isolate, vector, slot, kind) {}
301

302 303 304
  V8_WARN_UNUSED_RESULT MaybeHandle<Object> Store(Handle<Object> object,
                                                  Handle<Object> name,
                                                  Handle<Object> value);
305

danno@chromium.org's avatar
danno@chromium.org committed
306
 protected:
307
  void UpdateStoreElement(Handle<Map> receiver_map,
308
                          KeyedAccessStoreMode store_mode,
309
                          Handle<Map> new_receiver_map);
310

311
 private:
312
  Handle<Map> ComputeTransitionedMap(Handle<Map> map,
313
                                     TransitionMode transition_mode);
314

315 316 317
  Handle<Object> StoreElementHandler(
      Handle<Map> receiver_map, KeyedAccessStoreMode store_mode,
      MaybeHandle<Object> prev_validity_cell = MaybeHandle<Object>());
318

319 320 321
  void StoreElementPolymorphicHandlers(
      std::vector<MapAndHandler>* receiver_maps_and_handlers,
      KeyedAccessStoreMode store_mode);
322

323 324 325
  friend class IC;
};

326 327 328 329
class StoreInArrayLiteralIC : public KeyedStoreIC {
 public:
  StoreInArrayLiteralIC(Isolate* isolate, Handle<FeedbackVector> vector,
                        FeedbackSlot slot)
330
      : KeyedStoreIC(isolate, vector, slot,
331
                     FeedbackSlotKind::kStoreInArrayLiteral) {
332 333 334 335 336 337
    DCHECK(IsStoreInArrayLiteralICKind(kind()));
  }

  void Store(Handle<JSArray> array, Handle<Object> index, Handle<Object> value);
};

338 339
}  // namespace internal
}  // namespace v8
340

341
#endif  // V8_IC_IC_H_