search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 1874683 - Part 6: Inline String.prototype.codePointAt in CacheIR. r=jandem
[gecko.git] / js / src / jit / CacheIRGenerator.h
blobfb51995827d824669b4cbeb5e14b8dc898c48f12
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: set ts=8 sts=2 et sw=2 tw=80:
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 #ifndef jit_CacheIRGenerator_h
8 #define jit_CacheIRGenerator_h
9
10 #include "mozilla/Assertions.h"
11 #include "mozilla/Attributes.h"
12 #include "mozilla/Maybe.h"
13
14 #include <stdint.h>
15
16 #include "jstypes.h"
17 #include "NamespaceImports.h"
18
19 #include "jit/CacheIR.h"
20 #include "jit/CacheIRWriter.h"
21 #include "jit/ICState.h"
22 #include "js/Id.h"
23 #include "js/RootingAPI.h"
24 #include "js/ScalarType.h"
25 #include "js/TypeDecls.h"
26 #include "js/Value.h"
27 #include "js/ValueArray.h"
28 #include "vm/Opcodes.h"
29
30 class JSFunction;
31
32 namespace JS {
33 struct XrayJitInfo;
34 }
35
36 namespace js {
37
38 class BoundFunctionObject;
39 class NativeObject;
40 class PropertyResult;
41 class ProxyObject;
42 enum class UnaryMathFunction : uint8_t;
43
44 namespace jit {
45
46 class BaselineFrame;
47 class Label;
48 class MacroAssembler;
49 struct Register;
50 enum class InlinableNative : uint16_t;
51
52 // Some ops refer to shapes that might be in other zones. Instead of putting
53 // cross-zone pointers in the caches themselves (which would complicate tracing
54 // enormously), these ops instead contain wrappers for objects in the target
55 // zone, which refer to the actual shape via a reserved slot.
56 void LoadShapeWrapperContents(MacroAssembler& masm, Register obj, Register dst,
57 Label* failure);
58
59 class MOZ_RAII IRGenerator {
60 protected:
61 CacheIRWriter writer;
62 JSContext* cx_;
63 HandleScript script_;
64 jsbytecode* pc_;
65 CacheKind cacheKind_;
66 ICState::Mode mode_;
67 bool isFirstStub_;
68
69 // Important: This pointer may be passed to the profiler. If this is non-null,
70 // it must point to a C string literal with static lifetime, not a heap- or
71 // stack- allocated string.
72 const char* stubName_ = nullptr;
73
74 IRGenerator(const IRGenerator&) = delete;
75 IRGenerator& operator=(const IRGenerator&) = delete;
76
77 bool maybeGuardInt32Index(const Value& index, ValOperandId indexId,
78 uint32_t* int32Index, Int32OperandId* int32IndexId);
79
80 IntPtrOperandId guardToIntPtrIndex(const Value& index, ValOperandId indexId,
81 bool supportOOB);
82
83 ObjOperandId guardDOMProxyExpandoObjectAndShape(ProxyObject* obj,
84 ObjOperandId objId,
85 const Value& expandoVal,
86 NativeObject* expandoObj);
87
88 void emitIdGuard(ValOperandId valId, const Value& idVal, jsid id);
89
90 OperandId emitNumericGuard(ValOperandId valId, Scalar::Type type);
91
92 StringOperandId emitToStringGuard(ValOperandId id, const Value& v);
93
94 void emitCalleeGuard(ObjOperandId calleeId, JSFunction* callee);
95
96 void emitOptimisticClassGuard(ObjOperandId objId, JSObject* obj,
97 GuardClassKind kind);
98
99 friend class CacheIRSpewer;
100
101 public:
102 explicit IRGenerator(JSContext* cx, HandleScript script, jsbytecode* pc,
103 CacheKind cacheKind, ICState state);
104
105 const CacheIRWriter& writerRef() const { return writer; }
106 CacheKind cacheKind() const { return cacheKind_; }
107
108 // See comment on `stubName_` above.
109 const char* stubName() const { return stubName_; }
110
111 static constexpr char* NotAttached = nullptr;
112 };
113
114 // GetPropIRGenerator generates CacheIR for a GetProp IC.
115 class MOZ_RAII GetPropIRGenerator : public IRGenerator {
116 HandleValue val_;
117 HandleValue idVal_;
118
119 AttachDecision tryAttachNative(HandleObject obj, ObjOperandId objId,
120 HandleId id, ValOperandId receiverId);
121 AttachDecision tryAttachObjectLength(HandleObject obj, ObjOperandId objId,
122 HandleId id);
123 AttachDecision tryAttachTypedArray(HandleObject obj, ObjOperandId objId,
124 HandleId id);
125 AttachDecision tryAttachDataView(HandleObject obj, ObjOperandId objId,
126 HandleId id);
127 AttachDecision tryAttachArrayBufferMaybeShared(HandleObject obj,
128 ObjOperandId objId,
129 HandleId id);
130 AttachDecision tryAttachRegExp(HandleObject obj, ObjOperandId objId,
131 HandleId id);
132 AttachDecision tryAttachMap(HandleObject obj, ObjOperandId objId,
133 HandleId id);
134 AttachDecision tryAttachSet(HandleObject obj, ObjOperandId objId,
135 HandleId id);
136 AttachDecision tryAttachModuleNamespace(HandleObject obj, ObjOperandId objId,
137 HandleId id);
138 AttachDecision tryAttachWindowProxy(HandleObject obj, ObjOperandId objId,
139 HandleId id);
140 AttachDecision tryAttachCrossCompartmentWrapper(HandleObject obj,
141 ObjOperandId objId,
142 HandleId id);
143 AttachDecision tryAttachXrayCrossCompartmentWrapper(HandleObject obj,
144 ObjOperandId objId,
145 HandleId id,
146 ValOperandId receiverId);
147 AttachDecision tryAttachFunction(HandleObject obj, ObjOperandId objId,
148 HandleId id);
149 AttachDecision tryAttachArgumentsObjectIterator(HandleObject obj,
150 ObjOperandId objId,
151 HandleId id);
152
153 AttachDecision tryAttachGenericProxy(Handle<ProxyObject*> obj,
154 ObjOperandId objId, HandleId id,
155 bool handleDOMProxies);
156 #ifdef JS_PUNBOX64
157 AttachDecision tryAttachScriptedProxy(Handle<ProxyObject*> obj,
158 ObjOperandId objId, HandleId id);
159 #endif
160 AttachDecision tryAttachDOMProxyExpando(Handle<ProxyObject*> obj,
161 ObjOperandId objId, HandleId id,
162 ValOperandId receiverId);
163 AttachDecision tryAttachDOMProxyShadowed(Handle<ProxyObject*> obj,
164 ObjOperandId objId, HandleId id);
165 AttachDecision tryAttachDOMProxyUnshadowed(Handle<ProxyObject*> obj,
166 ObjOperandId objId, HandleId id,
167 ValOperandId receiverId);
168 AttachDecision tryAttachProxy(HandleObject obj, ObjOperandId objId,
169 HandleId id, ValOperandId receiverId);
170
171 AttachDecision tryAttachPrimitive(ValOperandId valId, HandleId id);
172 AttachDecision tryAttachStringChar(ValOperandId valId, ValOperandId indexId);
173 AttachDecision tryAttachStringLength(ValOperandId valId, HandleId id);
174
175 AttachDecision tryAttachArgumentsObjectArg(HandleObject obj,
176 ObjOperandId objId, uint32_t index,
177 Int32OperandId indexId);
178 AttachDecision tryAttachArgumentsObjectArgHole(HandleObject obj,
179 ObjOperandId objId,
180 uint32_t index,
181 Int32OperandId indexId);
182 AttachDecision tryAttachArgumentsObjectCallee(HandleObject obj,
183 ObjOperandId objId,
184 HandleId id);
185
186 AttachDecision tryAttachDenseElement(HandleObject obj, ObjOperandId objId,
187 uint32_t index, Int32OperandId indexId);
188 AttachDecision tryAttachDenseElementHole(HandleObject obj, ObjOperandId objId,
189 uint32_t index,
190 Int32OperandId indexId);
191 AttachDecision tryAttachSparseElement(HandleObject obj, ObjOperandId objId,
192 uint32_t index, Int32OperandId indexId);
193 AttachDecision tryAttachTypedArrayElement(HandleObject obj,
194 ObjOperandId objId);
195
196 AttachDecision tryAttachGenericElement(HandleObject obj, ObjOperandId objId,
197 uint32_t index, Int32OperandId indexId,
198 ValOperandId receiverId);
199
200 AttachDecision tryAttachProxyElement(HandleObject obj, ObjOperandId objId);
201
202 void attachMegamorphicNativeSlot(ObjOperandId objId, jsid id);
203
204 ValOperandId getElemKeyValueId() const {
205 MOZ_ASSERT(cacheKind_ == CacheKind::GetElem ||
206 cacheKind_ == CacheKind::GetElemSuper);
207 return ValOperandId(1);
208 }
209
210 ValOperandId getSuperReceiverValueId() const {
211 if (cacheKind_ == CacheKind::GetPropSuper) {
212 return ValOperandId(1);
213 }
214
215 MOZ_ASSERT(cacheKind_ == CacheKind::GetElemSuper);
216 return ValOperandId(2);
217 }
218
219 bool isSuper() const {
220 return (cacheKind_ == CacheKind::GetPropSuper ||
221 cacheKind_ == CacheKind::GetElemSuper);
222 }
223
224 // If this is a GetElem cache, emit instructions to guard the incoming Value
225 // matches |id|.
226 void maybeEmitIdGuard(jsid id);
227
228 void trackAttached(const char* name /* must be a C string literal */);
229
230 public:
231 GetPropIRGenerator(JSContext* cx, HandleScript script, jsbytecode* pc,
232 ICState state, CacheKind cacheKind, HandleValue val,
233 HandleValue idVal);
234
235 AttachDecision tryAttachStub();
236 };
237
238 // GetNameIRGenerator generates CacheIR for a GetName IC.
239 class MOZ_RAII GetNameIRGenerator : public IRGenerator {
240 HandleObject env_;
241 Handle<PropertyName*> name_;
242
243 AttachDecision tryAttachGlobalNameValue(ObjOperandId objId, HandleId id);
244 AttachDecision tryAttachGlobalNameGetter(ObjOperandId objId, HandleId id);
245 AttachDecision tryAttachEnvironmentName(ObjOperandId objId, HandleId id);
246
247 void trackAttached(const char* name /* must be a C string literal */);
248
249 public:
250 GetNameIRGenerator(JSContext* cx, HandleScript script, jsbytecode* pc,
251 ICState state, HandleObject env,
252 Handle<PropertyName*> name);
253
254 AttachDecision tryAttachStub();
255 };
256
257 // BindNameIRGenerator generates CacheIR for a BindName IC.
258 class MOZ_RAII BindNameIRGenerator : public IRGenerator {
259 HandleObject env_;
260 Handle<PropertyName*> name_;
261
262 AttachDecision tryAttachGlobalName(ObjOperandId objId, HandleId id);
263 AttachDecision tryAttachEnvironmentName(ObjOperandId objId, HandleId id);
264
265 void trackAttached(const char* name /* must be a C string literal */);
266
267 public:
268 BindNameIRGenerator(JSContext* cx, HandleScript script, jsbytecode* pc,
269 ICState state, HandleObject env,
270 Handle<PropertyName*> name);
271
272 AttachDecision tryAttachStub();
273 };
274
275 // SetPropIRGenerator generates CacheIR for a SetProp IC.
276 class MOZ_RAII SetPropIRGenerator : public IRGenerator {
277 HandleValue lhsVal_;
278 HandleValue idVal_;
279 HandleValue rhsVal_;
280
281 public:
282 enum class DeferType { None, AddSlot };
283
284 private:
285 DeferType deferType_ = DeferType::None;
286
287 ValOperandId setElemKeyValueId() const {
288 MOZ_ASSERT(cacheKind_ == CacheKind::SetElem);
289 return ValOperandId(1);
290 }
291
292 ValOperandId rhsValueId() const {
293 if (cacheKind_ == CacheKind::SetProp) {
294 return ValOperandId(1);
295 }
296 MOZ_ASSERT(cacheKind_ == CacheKind::SetElem);
297 return ValOperandId(2);
298 }
299
300 // If this is a SetElem cache, emit instructions to guard the incoming Value
301 // matches |id|.
302 void maybeEmitIdGuard(jsid id);
303
304 AttachDecision tryAttachNativeSetSlot(HandleObject obj, ObjOperandId objId,
305 HandleId id, ValOperandId rhsId);
306 AttachDecision tryAttachMegamorphicSetSlot(HandleObject obj,
307 ObjOperandId objId, HandleId id,
308 ValOperandId rhsId);
309 AttachDecision tryAttachSetter(HandleObject obj, ObjOperandId objId,
310 HandleId id, ValOperandId rhsId);
311 AttachDecision tryAttachSetArrayLength(HandleObject obj, ObjOperandId objId,
312 HandleId id, ValOperandId rhsId);
313 AttachDecision tryAttachWindowProxy(HandleObject obj, ObjOperandId objId,
314 HandleId id, ValOperandId rhsId);
315
316 AttachDecision tryAttachSetDenseElement(HandleObject obj, ObjOperandId objId,
317 uint32_t index,
318 Int32OperandId indexId,
319 ValOperandId rhsId);
320 AttachDecision tryAttachSetTypedArrayElement(HandleObject obj,
321 ObjOperandId objId,
322 ValOperandId rhsId);
323
324 AttachDecision tryAttachSetDenseElementHole(HandleObject obj,
325 ObjOperandId objId,
326 uint32_t index,
327 Int32OperandId indexId,
328 ValOperandId rhsId);
329
330 AttachDecision tryAttachAddOrUpdateSparseElement(HandleObject obj,
331 ObjOperandId objId,
332 uint32_t index,
333 Int32OperandId indexId,
334 ValOperandId rhsId);
335
336 AttachDecision tryAttachGenericProxy(Handle<ProxyObject*> obj,
337 ObjOperandId objId, HandleId id,
338 ValOperandId rhsId,
339 bool handleDOMProxies);
340 AttachDecision tryAttachDOMProxyShadowed(Handle<ProxyObject*> obj,
341 ObjOperandId objId, HandleId id,
342 ValOperandId rhsId);
343 AttachDecision tryAttachDOMProxyUnshadowed(Handle<ProxyObject*> obj,
344 ObjOperandId objId, HandleId id,
345 ValOperandId rhsId);
346 AttachDecision tryAttachDOMProxyExpando(Handle<ProxyObject*> obj,
347 ObjOperandId objId, HandleId id,
348 ValOperandId rhsId);
349 AttachDecision tryAttachProxy(HandleObject obj, ObjOperandId objId,
350 HandleId id, ValOperandId rhsId);
351 AttachDecision tryAttachProxyElement(HandleObject obj, ObjOperandId objId,
352 ValOperandId rhsId);
353 AttachDecision tryAttachMegamorphicSetElement(HandleObject obj,
354 ObjOperandId objId,
355 ValOperandId rhsId);
356
357 bool canAttachAddSlotStub(HandleObject obj, HandleId id);
358
359 public:
360 SetPropIRGenerator(JSContext* cx, HandleScript script, jsbytecode* pc,
361 CacheKind cacheKind, ICState state, HandleValue lhsVal,
362 HandleValue idVal, HandleValue rhsVal);
363
364 AttachDecision tryAttachStub();
365 AttachDecision tryAttachAddSlotStub(Handle<Shape*> oldShape);
366 void trackAttached(const char* name /* must be a C string literal */);
367
368 DeferType deferType() const { return deferType_; }
369 };
370
371 // HasPropIRGenerator generates CacheIR for a HasProp IC. Used for
372 // CacheKind::In / CacheKind::HasOwn.
373 class MOZ_RAII HasPropIRGenerator : public IRGenerator {
374 HandleValue val_;
375 HandleValue idVal_;
376
377 AttachDecision tryAttachDense(HandleObject obj, ObjOperandId objId,
378 uint32_t index, Int32OperandId indexId);
379 AttachDecision tryAttachDenseHole(HandleObject obj, ObjOperandId objId,
380 uint32_t index, Int32OperandId indexId);
381 AttachDecision tryAttachTypedArray(HandleObject obj, ObjOperandId objId,
382 ValOperandId keyId);
383 AttachDecision tryAttachSparse(HandleObject obj, ObjOperandId objId,
384 Int32OperandId indexId);
385 AttachDecision tryAttachArgumentsObjectArg(HandleObject obj,
386 ObjOperandId objId,
387 Int32OperandId indexId);
388 AttachDecision tryAttachNamedProp(HandleObject obj, ObjOperandId objId,
389 HandleId key, ValOperandId keyId);
390 AttachDecision tryAttachMegamorphic(ObjOperandId objId, ValOperandId keyId);
391 AttachDecision tryAttachNative(NativeObject* obj, ObjOperandId objId,
392 jsid key, ValOperandId keyId,
393 PropertyResult prop, NativeObject* holder);
394 AttachDecision tryAttachSlotDoesNotExist(NativeObject* obj,
395 ObjOperandId objId, jsid key,
396 ValOperandId keyId);
397 AttachDecision tryAttachDoesNotExist(HandleObject obj, ObjOperandId objId,
398 HandleId key, ValOperandId keyId);
399 AttachDecision tryAttachProxyElement(HandleObject obj, ObjOperandId objId,
400 ValOperandId keyId);
401
402 void trackAttached(const char* name /* must be a C string literal */);
403
404 public:
405 // NOTE: Argument order is PROPERTY, OBJECT
406 HasPropIRGenerator(JSContext* cx, HandleScript script, jsbytecode* pc,
407 ICState state, CacheKind cacheKind, HandleValue idVal,
408 HandleValue val);
409
410 AttachDecision tryAttachStub();
411 };
412
413 class MOZ_RAII CheckPrivateFieldIRGenerator : public IRGenerator {
414 HandleValue val_;
415 HandleValue idVal_;
416
417 AttachDecision tryAttachNative(NativeObject* obj, ObjOperandId objId,
418 jsid key, ValOperandId keyId,
419 PropertyResult prop);
420
421 void trackAttached(const char* name /* must be a C string literal */);
422
423 public:
424 CheckPrivateFieldIRGenerator(JSContext* cx, HandleScript script,
425 jsbytecode* pc, ICState state,
426 CacheKind cacheKind, HandleValue idVal,
427 HandleValue val);
428 AttachDecision tryAttachStub();
429 };
430
431 class MOZ_RAII InstanceOfIRGenerator : public IRGenerator {
432 HandleValue lhsVal_;
433 HandleObject rhsObj_;
434
435 void trackAttached(const char* name /* must be a C string literal */);
436
437 public:
438 InstanceOfIRGenerator(JSContext*, HandleScript, jsbytecode*, ICState,
439 HandleValue, HandleObject);
440
441 AttachDecision tryAttachStub();
442 };
443
444 class MOZ_RAII TypeOfIRGenerator : public IRGenerator {
445 HandleValue val_;
446
447 AttachDecision tryAttachPrimitive(ValOperandId valId);
448 AttachDecision tryAttachObject(ValOperandId valId);
449 void trackAttached(const char* name /* must be a C string literal */);
450
451 public:
452 TypeOfIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc, ICState state,
453 HandleValue value);
454
455 AttachDecision tryAttachStub();
456 };
457
458 class MOZ_RAII GetIteratorIRGenerator : public IRGenerator {
459 HandleValue val_;
460
461 AttachDecision tryAttachObject(ValOperandId valId);
462 AttachDecision tryAttachNullOrUndefined(ValOperandId valId);
463 AttachDecision tryAttachGeneric(ValOperandId valId);
464
465 public:
466 GetIteratorIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
467 ICState state, HandleValue value);
468
469 AttachDecision tryAttachStub();
470
471 void trackAttached(const char* name /* must be a C string literal */);
472 };
473
474 class MOZ_RAII OptimizeSpreadCallIRGenerator : public IRGenerator {
475 HandleValue val_;
476
477 AttachDecision tryAttachArray();
478 AttachDecision tryAttachArguments();
479 AttachDecision tryAttachNotOptimizable();
480
481 public:
482 OptimizeSpreadCallIRGenerator(JSContext* cx, HandleScript script,
483 jsbytecode* pc, ICState state,
484 HandleValue value);
485
486 AttachDecision tryAttachStub();
487
488 void trackAttached(const char* name /* must be a C string literal */);
489 };
490
491 class MOZ_RAII OptimizeGetIteratorIRGenerator : public IRGenerator {
492 HandleValue val_;
493
494 AttachDecision tryAttachArray();
495 AttachDecision tryAttachNotOptimizable();
496
497 public:
498 OptimizeGetIteratorIRGenerator(JSContext* cx, HandleScript script,
499 jsbytecode* pc, ICState state,
500 HandleValue value);
501
502 AttachDecision tryAttachStub();
503
504 void trackAttached(const char* name /* must be a C string literal */);
505 };
506
507 enum class StringChar { CharCodeAt, CodePointAt, CharAt };
508 enum class ScriptedThisResult { NoAction, UninitializedThis, PlainObjectShape };
509
510 class MOZ_RAII CallIRGenerator : public IRGenerator {
511 private:
512 JSOp op_;
513 uint32_t argc_;
514 HandleValue callee_;
515 HandleValue thisval_;
516 HandleValue newTarget_;
517 HandleValueArray args_;
518
519 friend class InlinableNativeIRGenerator;
520
521 ScriptedThisResult getThisShapeForScripted(HandleFunction calleeFunc,
522 Handle<JSObject*> newTarget,
523 MutableHandle<Shape*> result);
524
525 ObjOperandId emitFunCallOrApplyGuard(Int32OperandId argcId);
526 ObjOperandId emitFunCallGuard(Int32OperandId argcId);
527 ObjOperandId emitFunApplyGuard(Int32OperandId argcId);
528 mozilla::Maybe<ObjOperandId> emitFunApplyArgsGuard(
529 CallFlags::ArgFormat format);
530
531 void emitCallScriptedGuards(ObjOperandId calleeObjId, JSFunction* calleeFunc,
532 Int32OperandId argcId, CallFlags flags,
533 Shape* thisShape, bool isBoundFunction);
534
535 AttachDecision tryAttachFunCall(HandleFunction calleeFunc);
536 AttachDecision tryAttachFunApply(HandleFunction calleeFunc);
537 AttachDecision tryAttachCallScripted(HandleFunction calleeFunc);
538 AttachDecision tryAttachInlinableNative(HandleFunction calleeFunc,
539 CallFlags flags);
540 AttachDecision tryAttachWasmCall(HandleFunction calleeFunc);
541 AttachDecision tryAttachCallNative(HandleFunction calleeFunc);
542 AttachDecision tryAttachCallHook(HandleObject calleeObj);
543 AttachDecision tryAttachBoundFunction(Handle<BoundFunctionObject*> calleeObj);
544
545 void trackAttached(const char* name /* must be a C string literal */);
546
547 public:
548 CallIRGenerator(JSContext* cx, HandleScript script, jsbytecode* pc, JSOp op,
549 ICState state, uint32_t argc, HandleValue callee,
550 HandleValue thisval, HandleValue newTarget,
551 HandleValueArray args);
552
553 AttachDecision tryAttachStub();
554 };
555
556 class MOZ_RAII InlinableNativeIRGenerator {
557 CallIRGenerator& generator_;
558 CacheIRWriter& writer;
559 JSContext* cx_;
560
561 HandleFunction callee_;
562 HandleValue newTarget_;
563 HandleValue thisval_;
564 HandleValueArray args_;
565 uint32_t argc_;
566 CallFlags flags_;
567
568 HandleScript script() const { return generator_.script_; }
569 bool isFirstStub() const { return generator_.isFirstStub_; }
570 bool ignoresResult() const { return generator_.op_ == JSOp::CallIgnoresRv; }
571
572 void emitNativeCalleeGuard();
573 void emitOptimisticClassGuard(ObjOperandId objId, JSObject* obj,
574 GuardClassKind kind) {
575 generator_.emitOptimisticClassGuard(objId, obj, kind);
576 }
577
578 ObjOperandId emitLoadArgsArray();
579
580 void initializeInputOperand() {
581 // The input operand is already initialized for FunCall and FunApplyArray.
582 if (flags_.getArgFormat() == CallFlags::FunCall ||
583 flags_.getArgFormat() == CallFlags::FunApplyArray) {
584 return;
585 }
586 (void)writer.setInputOperandId(0);
587 }
588
589 auto emitToStringGuard(ValOperandId id, const Value& v) {
590 return generator_.emitToStringGuard(id, v);
591 }
592
593 auto emitNumericGuard(ValOperandId valId, Scalar::Type type) {
594 return generator_.emitNumericGuard(valId, type);
595 }
596
597 auto guardToIntPtrIndex(const Value& index, ValOperandId indexId,
598 bool supportOOB) {
599 return generator_.guardToIntPtrIndex(index, indexId, supportOOB);
600 }
601
602 bool canAttachAtomicsReadWriteModify();
603
604 struct AtomicsReadWriteModifyOperands {
605 ObjOperandId objId;
606 IntPtrOperandId intPtrIndexId;
607 OperandId numericValueId;
608 };
609
610 AtomicsReadWriteModifyOperands emitAtomicsReadWriteModifyOperands();
611
612 AttachDecision tryAttachArrayPush();
613 AttachDecision tryAttachArrayPopShift(InlinableNative native);
614 AttachDecision tryAttachArrayJoin();
615 AttachDecision tryAttachArraySlice();
616 AttachDecision tryAttachArrayIsArray();
617 AttachDecision tryAttachDataViewGet(Scalar::Type type);
618 AttachDecision tryAttachDataViewSet(Scalar::Type type);
619 AttachDecision tryAttachFunctionBind();
620 AttachDecision tryAttachSpecializedFunctionBind(
621 Handle<JSObject*> target, Handle<BoundFunctionObject*> templateObj);
622 AttachDecision tryAttachUnsafeGetReservedSlot(InlinableNative native);
623 AttachDecision tryAttachUnsafeSetReservedSlot();
624 AttachDecision tryAttachIsSuspendedGenerator();
625 AttachDecision tryAttachToObject();
626 AttachDecision tryAttachToInteger();
627 AttachDecision tryAttachToLength();
628 AttachDecision tryAttachIsObject();
629 AttachDecision tryAttachIsPackedArray();
630 AttachDecision tryAttachIsCallable();
631 AttachDecision tryAttachIsConstructor();
632 AttachDecision tryAttachIsCrossRealmArrayConstructor();
633 AttachDecision tryAttachGuardToClass(InlinableNative native);
634 AttachDecision tryAttachHasClass(const JSClass* clasp,
635 bool isPossiblyWrapped);
636 AttachDecision tryAttachRegExpMatcherSearcher(InlinableNative native);
637 AttachDecision tryAttachRegExpSearcherLastLimit();
638 AttachDecision tryAttachRegExpHasCaptureGroups();
639 AttachDecision tryAttachRegExpPrototypeOptimizable();
640 AttachDecision tryAttachRegExpInstanceOptimizable();
641 AttachDecision tryAttachIntrinsicRegExpBuiltinExec(InlinableNative native);
642 AttachDecision tryAttachIntrinsicRegExpExec(InlinableNative native);
643 AttachDecision tryAttachGetFirstDollarIndex();
644 AttachDecision tryAttachSubstringKernel();
645 AttachDecision tryAttachObjectHasPrototype();
646 AttachDecision tryAttachString();
647 AttachDecision tryAttachStringConstructor();
648 AttachDecision tryAttachStringToStringValueOf();
649 AttachDecision tryAttachStringChar(StringChar kind);
650 AttachDecision tryAttachStringCharCodeAt();
651 AttachDecision tryAttachStringCodePointAt();
652 AttachDecision tryAttachStringCharAt();
653 AttachDecision tryAttachStringFromCharCode();
654 AttachDecision tryAttachStringFromCodePoint();
655 AttachDecision tryAttachStringIncludes();
656 AttachDecision tryAttachStringIndexOf();
657 AttachDecision tryAttachStringLastIndexOf();
658 AttachDecision tryAttachStringStartsWith();
659 AttachDecision tryAttachStringEndsWith();
660 AttachDecision tryAttachStringToLowerCase();
661 AttachDecision tryAttachStringToUpperCase();
662 AttachDecision tryAttachStringTrim();
663 AttachDecision tryAttachStringTrimStart();
664 AttachDecision tryAttachStringTrimEnd();
665 AttachDecision tryAttachStringReplaceString();
666 AttachDecision tryAttachStringSplitString();
667 AttachDecision tryAttachMathRandom();
668 AttachDecision tryAttachMathAbs();
669 AttachDecision tryAttachMathClz32();
670 AttachDecision tryAttachMathSign();
671 AttachDecision tryAttachMathImul();
672 AttachDecision tryAttachMathFloor();
673 AttachDecision tryAttachMathCeil();
674 AttachDecision tryAttachMathTrunc();
675 AttachDecision tryAttachMathRound();
676 AttachDecision tryAttachMathSqrt();
677 AttachDecision tryAttachMathFRound();
678 AttachDecision tryAttachMathHypot();
679 AttachDecision tryAttachMathATan2();
680 AttachDecision tryAttachMathFunction(UnaryMathFunction fun);
681 AttachDecision tryAttachMathPow();
682 AttachDecision tryAttachMathMinMax(bool isMax);
683 AttachDecision tryAttachSpreadMathMinMax(bool isMax);
684 AttachDecision tryAttachIsTypedArray(bool isPossiblyWrapped);
685 AttachDecision tryAttachIsTypedArrayConstructor();
686 AttachDecision tryAttachTypedArrayByteOffset();
687 AttachDecision tryAttachTypedArrayElementSize();
688 AttachDecision tryAttachTypedArrayLength(bool isPossiblyWrapped);
689 AttachDecision tryAttachArrayBufferByteLength(bool isPossiblyWrapped);
690 AttachDecision tryAttachIsConstructing();
691 AttachDecision tryAttachGetNextMapSetEntryForIterator(bool isMap);
692 AttachDecision tryAttachNewArrayIterator();
693 AttachDecision tryAttachNewStringIterator();
694 AttachDecision tryAttachNewRegExpStringIterator();
695 AttachDecision tryAttachArrayIteratorPrototypeOptimizable();
696 AttachDecision tryAttachObjectCreate();
697 AttachDecision tryAttachObjectConstructor();
698 AttachDecision tryAttachArrayConstructor();
699 AttachDecision tryAttachTypedArrayConstructor();
700 AttachDecision tryAttachNumber();
701 AttachDecision tryAttachNumberParseInt();
702 AttachDecision tryAttachNumberToString();
703 AttachDecision tryAttachReflectGetPrototypeOf();
704 AttachDecision tryAttachAtomicsCompareExchange();
705 AttachDecision tryAttachAtomicsExchange();
706 AttachDecision tryAttachAtomicsAdd();
707 AttachDecision tryAttachAtomicsSub();
708 AttachDecision tryAttachAtomicsAnd();
709 AttachDecision tryAttachAtomicsOr();
710 AttachDecision tryAttachAtomicsXor();
711 AttachDecision tryAttachAtomicsLoad();
712 AttachDecision tryAttachAtomicsStore();
713 AttachDecision tryAttachAtomicsIsLockFree();
714 AttachDecision tryAttachBoolean();
715 AttachDecision tryAttachBailout();
716 AttachDecision tryAttachAssertFloat32();
717 AttachDecision tryAttachAssertRecoveredOnBailout();
718 AttachDecision tryAttachObjectIs();
719 AttachDecision tryAttachObjectIsPrototypeOf();
720 AttachDecision tryAttachObjectKeys();
721 AttachDecision tryAttachObjectToString();
722 AttachDecision tryAttachBigIntAsIntN();
723 AttachDecision tryAttachBigIntAsUintN();
724 AttachDecision tryAttachSetHas();
725 AttachDecision tryAttachSetSize();
726 AttachDecision tryAttachMapHas();
727 AttachDecision tryAttachMapGet();
728 #ifdef FUZZING_JS_FUZZILLI
729 AttachDecision tryAttachFuzzilliHash();
730 #endif
731
732 void trackAttached(const char* name /* must be a C string literal */) {
733 return generator_.trackAttached(name);
734 }
735
736 public:
737 InlinableNativeIRGenerator(CallIRGenerator& generator, HandleFunction callee,
738 HandleValue newTarget, HandleValue thisValue,
739 HandleValueArray args, CallFlags flags)
740 : generator_(generator),
741 writer(generator.writer),
742 cx_(generator.cx_),
743 callee_(callee),
744 newTarget_(newTarget),
745 thisval_(thisValue),
746 args_(args),
747 argc_(args.length()),
748 flags_(flags) {}
749
750 AttachDecision tryAttachStub();
751 };
752
753 class MOZ_RAII CompareIRGenerator : public IRGenerator {
754 JSOp op_;
755 HandleValue lhsVal_;
756 HandleValue rhsVal_;
757
758 AttachDecision tryAttachString(ValOperandId lhsId, ValOperandId rhsId);
759 AttachDecision tryAttachObject(ValOperandId lhsId, ValOperandId rhsId);
760 AttachDecision tryAttachSymbol(ValOperandId lhsId, ValOperandId rhsId);
761 AttachDecision tryAttachStrictDifferentTypes(ValOperandId lhsId,
762 ValOperandId rhsId);
763 AttachDecision tryAttachInt32(ValOperandId lhsId, ValOperandId rhsId);
764 AttachDecision tryAttachNumber(ValOperandId lhsId, ValOperandId rhsId);
765 AttachDecision tryAttachBigInt(ValOperandId lhsId, ValOperandId rhsId);
766 AttachDecision tryAttachAnyNullUndefined(ValOperandId lhsId,
767 ValOperandId rhsId);
768 AttachDecision tryAttachNullUndefined(ValOperandId lhsId, ValOperandId rhsId);
769 AttachDecision tryAttachStringNumber(ValOperandId lhsId, ValOperandId rhsId);
770 AttachDecision tryAttachPrimitiveSymbol(ValOperandId lhsId,
771 ValOperandId rhsId);
772 AttachDecision tryAttachBigIntInt32(ValOperandId lhsId, ValOperandId rhsId);
773 AttachDecision tryAttachBigIntNumber(ValOperandId lhsId, ValOperandId rhsId);
774 AttachDecision tryAttachBigIntString(ValOperandId lhsId, ValOperandId rhsId);
775
776 void trackAttached(const char* name /* must be a C string literal */);
777
778 public:
779 CompareIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc, ICState state,
780 JSOp op, HandleValue lhsVal, HandleValue rhsVal);
781
782 AttachDecision tryAttachStub();
783 };
784
785 class MOZ_RAII ToBoolIRGenerator : public IRGenerator {
786 HandleValue val_;
787
788 AttachDecision tryAttachBool();
789 AttachDecision tryAttachInt32();
790 AttachDecision tryAttachNumber();
791 AttachDecision tryAttachString();
792 AttachDecision tryAttachSymbol();
793 AttachDecision tryAttachNullOrUndefined();
794 AttachDecision tryAttachObject();
795 AttachDecision tryAttachBigInt();
796
797 void trackAttached(const char* name /* must be a C string literal */);
798
799 public:
800 ToBoolIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc, ICState state,
801 HandleValue val);
802
803 AttachDecision tryAttachStub();
804 };
805
806 class MOZ_RAII GetIntrinsicIRGenerator : public IRGenerator {
807 HandleValue val_;
808
809 void trackAttached(const char* name /* must be a C string literal */);
810
811 public:
812 GetIntrinsicIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
813 ICState state, HandleValue val);
814
815 AttachDecision tryAttachStub();
816 };
817
818 class MOZ_RAII UnaryArithIRGenerator : public IRGenerator {
819 JSOp op_;
820 HandleValue val_;
821 HandleValue res_;
822
823 AttachDecision tryAttachInt32();
824 AttachDecision tryAttachNumber();
825 AttachDecision tryAttachBitwise();
826 AttachDecision tryAttachBigInt();
827 AttachDecision tryAttachStringInt32();
828 AttachDecision tryAttachStringNumber();
829
830 void trackAttached(const char* name /* must be a C string literal */);
831
832 public:
833 UnaryArithIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
834 ICState state, JSOp op, HandleValue val,
835 HandleValue res);
836
837 AttachDecision tryAttachStub();
838 };
839
840 class MOZ_RAII ToPropertyKeyIRGenerator : public IRGenerator {
841 HandleValue val_;
842
843 AttachDecision tryAttachInt32();
844 AttachDecision tryAttachNumber();
845 AttachDecision tryAttachString();
846 AttachDecision tryAttachSymbol();
847
848 void trackAttached(const char* name /* must be a C string literal */);
849
850 public:
851 ToPropertyKeyIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
852 ICState state, HandleValue val);
853
854 AttachDecision tryAttachStub();
855 };
856
857 class MOZ_RAII BinaryArithIRGenerator : public IRGenerator {
858 JSOp op_;
859 HandleValue lhs_;
860 HandleValue rhs_;
861 HandleValue res_;
862
863 void trackAttached(const char* name /* must be a C string literal */);
864
865 AttachDecision tryAttachInt32();
866 AttachDecision tryAttachDouble();
867 AttachDecision tryAttachBitwise();
868 AttachDecision tryAttachStringConcat();
869 AttachDecision tryAttachStringObjectConcat();
870 AttachDecision tryAttachBigInt();
871 AttachDecision tryAttachStringInt32Arith();
872 AttachDecision tryAttachStringNumberArith();
873
874 public:
875 BinaryArithIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
876 ICState state, JSOp op, HandleValue lhs,
877 HandleValue rhs, HandleValue res);
878
879 AttachDecision tryAttachStub();
880 };
881
882 class MOZ_RAII NewArrayIRGenerator : public IRGenerator {
883 #ifdef JS_CACHEIR_SPEW
884 JSOp op_;
885 #endif
886 HandleObject templateObject_;
887 BaselineFrame* frame_;
888
889 void trackAttached(const char* name /* must be a C string literal */);
890
891 public:
892 NewArrayIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
893 ICState state, JSOp op, HandleObject templateObj,
894 BaselineFrame* frame);
895
896 AttachDecision tryAttachStub();
897 AttachDecision tryAttachArrayObject();
898 };
899
900 class MOZ_RAII NewObjectIRGenerator : public IRGenerator {
901 #ifdef JS_CACHEIR_SPEW
902 JSOp op_;
903 #endif
904 HandleObject templateObject_;
905 BaselineFrame* frame_;
906
907 void trackAttached(const char* name /* must be a C string literal */);
908
909 public:
910 NewObjectIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
911 ICState state, JSOp op, HandleObject templateObj,
912 BaselineFrame* frame);
913
914 AttachDecision tryAttachStub();
915 AttachDecision tryAttachPlainObject();
916 };
917
918 inline bool BytecodeOpCanHaveAllocSite(JSOp op) {
919 return op == JSOp::NewArray || op == JSOp::NewObject || op == JSOp::NewInit;
920 }
921
922 class MOZ_RAII CloseIterIRGenerator : public IRGenerator {
923 HandleObject iter_;
924 CompletionKind kind_;
925
926 void trackAttached(const char* name /* must be a C string literal */);
927
928 public:
929 CloseIterIRGenerator(JSContext* cx, HandleScript, jsbytecode* pc,
930 ICState state, HandleObject iter, CompletionKind kind);
931
932 AttachDecision tryAttachStub();
933 AttachDecision tryAttachNoReturnMethod();
934 AttachDecision tryAttachScriptedReturn();
935 };
936
937 // Retrieve Xray JIT info set by the embedder.
938 extern JS::XrayJitInfo* GetXrayJitInfo();
939
940 } // namespace jit
941 } // namespace js
942
943 #endif /* jit_CacheIRGenerator_h */