js-native-context-specialization.h 12.1 KB
Newer Older
1 2 3 4
// Copyright 2015 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

5 6
#ifndef V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_
#define V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_
7 8 9

#include "src/base/flags.h"
#include "src/compiler/graph-reducer.h"
10
#include "src/compiler/js-heap-broker.h"
11
#include "src/deoptimizer/deoptimize-reason.h"
12
#include "src/objects/map.h"
13 14 15 16 17

namespace v8 {
namespace internal {

// Forward declarations.
18
class Factory;
19 20
class JSGlobalObject;
class JSGlobalProxy;
21
class StringConstantBase;
22 23 24 25

namespace compiler {

// Forward declarations.
26
enum class AccessMode;
27
class CommonOperatorBuilder;
28
class CompilationDependencies;
29
class ElementAccessInfo;
30
class JSGraph;
31
class JSHeapBroker;
32
class JSOperatorBuilder;
33
class MachineOperatorBuilder;
34
class PropertyAccessInfo;
35
class SimplifiedOperatorBuilder;
36
class TypeCache;
37

38
// Specializes a given JSGraph to a given native context, potentially constant
39
// folding some {LoadGlobal} nodes or strength reducing some {StoreGlobal}
40 41
// nodes.  And also specializes {LoadNamed} and {StoreNamed} nodes according
// to type feedback (if available).
42 43
class V8_EXPORT_PRIVATE JSNativeContextSpecialization final
    : public AdvancedReducer {
44 45
 public:
  // Flags that control the mode of operation.
46 47 48 49
  enum Flag {
    kNoFlags = 0u,
    kBailoutOnUninitialized = 1u << 0,
  };
50
  using Flags = base::Flags<Flag>;
51

52
  JSNativeContextSpecialization(Editor* editor, JSGraph* jsgraph,
53
                                JSHeapBroker* broker, Flags flags,
54
                                CompilationDependencies* dependencies,
55
                                Zone* zone, Zone* shared_zone);
56 57 58
  JSNativeContextSpecialization(const JSNativeContextSpecialization&) = delete;
  JSNativeContextSpecialization& operator=(
      const JSNativeContextSpecialization&) = delete;
59

60 61 62 63
  const char* reducer_name() const override {
    return "JSNativeContextSpecialization";
  }

64 65
  Reduction Reduce(Node* node) final;

66 67 68
  // Utility for folding string constant concatenation.
  // Supports JSAdd nodes and nodes typed as string or number.
  // Public for the sake of unit testing.
69 70
  static base::Optional<size_t> GetMaxStringLength(JSHeapBroker* broker,
                                                   Node* node);
71

72
 private:
73
  Reduction ReduceJSAdd(Node* node);
74 75 76
  Reduction ReduceJSAsyncFunctionEnter(Node* node);
  Reduction ReduceJSAsyncFunctionReject(Node* node);
  Reduction ReduceJSAsyncFunctionResolve(Node* node);
77
  Reduction ReduceJSGetSuperConstructor(Node* node);
78
  Reduction ReduceJSInstanceOf(Node* node);
79
  Reduction ReduceJSHasInPrototypeChain(Node* node);
80
  Reduction ReduceJSOrdinaryHasInstance(Node* node);
81 82
  Reduction ReduceJSPromiseResolve(Node* node);
  Reduction ReduceJSResolvePromise(Node* node);
83 84
  Reduction ReduceJSLoadGlobal(Node* node);
  Reduction ReduceJSStoreGlobal(Node* node);
85
  Reduction ReduceJSLoadNamed(Node* node);
86
  Reduction ReduceJSLoadNamedFromSuper(Node* node);
87
  Reduction ReduceJSGetIterator(Node* node);
88
  Reduction ReduceJSStoreNamed(Node* node);
89
  Reduction ReduceJSHasProperty(Node* node);
90 91
  Reduction ReduceJSLoadProperty(Node* node);
  Reduction ReduceJSStoreProperty(Node* node);
92
  Reduction ReduceJSStoreNamedOwn(Node* node);
93
  Reduction ReduceJSStoreDataPropertyInLiteral(Node* node);
94
  Reduction ReduceJSStoreInArrayLiteral(Node* node);
95
  Reduction ReduceJSToObject(Node* node);
96

97
  Reduction ReduceElementAccess(Node* node, Node* index, Node* value,
98
                                ElementAccessFeedback const& feedback);
99 100
  // In the case of non-keyed (named) accesses, pass the name as {static_name}
  // and use {nullptr} for {key} (load/store modes are irrelevant).
101 102 103 104
  Reduction ReducePropertyAccess(Node* node, Node* key,
                                 base::Optional<NameRef> static_name,
                                 Node* value, FeedbackSource const& source,
                                 AccessMode access_mode);
105
  Reduction ReduceNamedAccess(Node* node, Node* value,
106
                              NamedAccessFeedback const& feedback,
107
                              AccessMode access_mode, Node* key = nullptr);
108 109 110 111
  Reduction ReduceMinimorphicPropertyAccess(
      Node* node, Node* value,
      MinimorphicLoadPropertyAccessFeedback const& feedback,
      FeedbackSource const& source);
112 113 114 115 116 117 118 119 120
  Reduction ReduceGlobalAccess(Node* node, Node* lookup_start_object,
                               Node* receiver, Node* value, NameRef const& name,
                               AccessMode access_mode, Node* key = nullptr,
                               Node* effect = nullptr);
  Reduction ReduceGlobalAccess(Node* node, Node* lookup_start_object,
                               Node* receiver, Node* value, NameRef const& name,
                               AccessMode access_mode, Node* key,
                               PropertyCellRef const& property_cell,
                               Node* effect = nullptr);
121 122 123
  Reduction ReduceElementLoadFromHeapConstant(Node* node, Node* key,
                                              AccessMode access_mode,
                                              KeyedAccessLoadMode load_mode);
124
  Reduction ReduceElementAccessOnString(Node* node, Node* index, Node* value,
125
                                        KeyedAccessMode const& keyed_mode);
126

127
  Reduction ReduceSoftDeoptimize(Node* node, DeoptimizeReason reason);
128
  Reduction ReduceJSToString(Node* node);
129

130 131
  Reduction ReduceJSLoadPropertyWithEnumeratedKey(Node* node);

132 133
  base::Optional<const StringConstantBase*> CreateDelayedStringConstant(
      Node* node);
134

135 136 137
  // A triple of nodes that represents a continuation.
  class ValueEffectControl final {
   public:
138 139
    ValueEffectControl()
        : value_(nullptr), effect_(nullptr), control_(nullptr) {}
140 141 142 143 144 145 146 147
    ValueEffectControl(Node* value, Node* effect, Node* control)
        : value_(value), effect_(effect), control_(control) {}

    Node* value() const { return value_; }
    Node* effect() const { return effect_; }
    Node* control() const { return control_; }

   private:
148 149 150
    Node* value_;
    Node* effect_;
    Node* control_;
151 152 153
  };

  // Construct the appropriate subgraph for property access.
154 155 156 157 158 159 160
  ValueEffectControl BuildPropertyAccess(
      Node* lookup_start_object, Node* receiver, Node* value, Node* context,
      Node* frame_state, Node* effect, Node* control, NameRef const& name,
      ZoneVector<Node*>* if_exceptions, PropertyAccessInfo const& access_info,
      AccessMode access_mode);
  ValueEffectControl BuildPropertyLoad(Node* lookup_start_object,
                                       Node* receiver, Node* context,
161
                                       Node* frame_state, Node* effect,
162
                                       Node* control, NameRef const& name,
163
                                       ZoneVector<Node*>* if_exceptions,
164 165 166 167 168
                                       PropertyAccessInfo const& access_info);

  ValueEffectControl BuildPropertyStore(Node* receiver, Node* value,
                                        Node* context, Node* frame_state,
                                        Node* effect, Node* control,
169
                                        NameRef const& name,
170 171 172
                                        ZoneVector<Node*>* if_exceptions,
                                        PropertyAccessInfo const& access_info,
                                        AccessMode access_mode);
173

174 175 176
  ValueEffectControl BuildPropertyTest(Node* effect, Node* control,
                                       PropertyAccessInfo const& access_info);

177
  // Helpers for accessor inlining.
178 179 180 181
  Node* InlinePropertyGetterCall(Node* receiver,
                                 ConvertReceiverMode receiver_mode,
                                 Node* context, Node* frame_state,
                                 Node** effect, Node** control,
182 183
                                 ZoneVector<Node*>* if_exceptions,
                                 PropertyAccessInfo const& access_info);
184 185 186 187 188
  void InlinePropertySetterCall(Node* receiver, Node* value, Node* context,
                                Node* frame_state, Node** effect,
                                Node** control,
                                ZoneVector<Node*>* if_exceptions,
                                PropertyAccessInfo const& access_info);
189 190
  Node* InlineApiCall(Node* receiver, Node* holder, Node* frame_state,
                      Node* value, Node** effect, Node** control,
191 192
                      SharedFunctionInfoRef const& shared_info,
                      FunctionTemplateInfoRef const& function_template_info);
193 194

  // Construct the appropriate subgraph for element access.
195 196 197 198 199
  ValueEffectControl BuildElementAccess(Node* receiver, Node* index,
                                        Node* value, Node* effect,
                                        Node* control,
                                        ElementAccessInfo const& access_info,
                                        KeyedAccessMode const& keyed_mode);
200

201 202 203 204 205
  // Construct appropriate subgraph to load from a String.
  Node* BuildIndexedStringLoad(Node* receiver, Node* index, Node* length,
                               Node** effect, Node** control,
                               KeyedAccessLoadMode load_mode);

206
  // Construct appropriate subgraph to extend properties backing store.
207
  Node* BuildExtendPropertiesBackingStore(const MapRef& map, Node* properties,
208 209
                                          Node* effect, Node* control);

210 211
  // Construct appropriate subgraph to check that the {value} matches
  // the previously recorded {name} feedback.
212
  Node* BuildCheckEqualsName(NameRef const& name, Node* value, Node* effect,
213 214
                             Node* control);

215 216 217
  // Checks if we can turn the hole into undefined when loading an element
  // from an object with one of the {receiver_maps}; sets up appropriate
  // code dependencies and might use the array protector cell.
218
  bool CanTreatHoleAsUndefined(ZoneVector<Handle<Map>> const& receiver_maps);
219

220
  void RemoveImpossibleMaps(Node* object, ZoneVector<Handle<Map>>* maps) const;
221 222 223 224 225

  ElementAccessFeedback const& TryRefineElementAccessFeedback(
      ElementAccessFeedback const& feedback, Node* receiver,
      Node* effect) const;

226 227 228
  // Try to infer maps for the given {object} at the current {effect}.
  bool InferMaps(Node* object, Node* effect,
                 ZoneVector<Handle<Map>>* maps) const;
229

230 231 232
  // Try to infer a root map for the {object} independent of the current program
  // location.
  base::Optional<MapRef> InferRootMap(Node* object) const;
233

234 235 236 237 238 239 240 241 242
  // Checks if we know at compile time that the {receiver} either definitely
  // has the {prototype} in it's prototype chain, or the {receiver} definitely
  // doesn't have the {prototype} in it's prototype chain.
  enum InferHasInPrototypeChainResult {
    kIsInPrototypeChain,
    kIsNotInPrototypeChain,
    kMayBeInPrototypeChain
  };
  InferHasInPrototypeChainResult InferHasInPrototypeChain(
243
      Node* receiver, Node* effect, HeapObjectRef const& prototype);
244

245 246
  Node* BuildLoadPrototypeFromObject(Node* object, Node* effect, Node* control);

247 248
  Graph* graph() const;
  JSGraph* jsgraph() const { return jsgraph_; }
249

250
  JSHeapBroker* broker() const { return broker_; }
251
  Isolate* isolate() const;
252
  Factory* factory() const;
253
  CommonOperatorBuilder* common() const;
254
  JSOperatorBuilder* javascript() const;
255
  SimplifiedOperatorBuilder* simplified() const;
256
  Flags flags() const { return flags_; }
257 258
  Handle<JSGlobalObject> global_object() const { return global_object_; }
  Handle<JSGlobalProxy> global_proxy() const { return global_proxy_; }
259 260 261
  NativeContextRef native_context() const {
    return broker()->target_native_context();
  }
262
  CompilationDependencies* dependencies() const { return dependencies_; }
263
  Zone* zone() const { return zone_; }
264
  Zone* shared_zone() const { return shared_zone_; }
265

266
  JSGraph* const jsgraph_;
267
  JSHeapBroker* const broker_;
268
  Flags const flags_;
269 270
  Handle<JSGlobalObject> global_object_;
  Handle<JSGlobalProxy> global_proxy_;
271
  CompilationDependencies* const dependencies_;
272
  Zone* const zone_;
273
  Zone* const shared_zone_;
274
  TypeCache const* type_cache_;
275 276
};

277
DEFINE_OPERATORS_FOR_FLAGS(JSNativeContextSpecialization::Flags)
278

279 280 281 282
}  // namespace compiler
}  // namespace internal
}  // namespace v8

283
#endif  // V8_COMPILER_JS_NATIVE_CONTEXT_SPECIALIZATION_H_