| blob | c71ef3c7c6ec710399b4162cee3c66ae7d676216 |
1 /*
2 +----------------------------------------------------------------------+
3 | HipHop for PHP |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 2010-present Facebook, Inc. (http://www.facebook.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 */
16 #ifndef incl_HHBBC_INTERP_STATE_H_
17 #define incl_HHBBC_INTERP_STATE_H_
19 #include <vector>
20 #include <string>
21 #include <map>
23 #include <boost/variant.hpp>
25 #include <folly/Optional.h>
34 //////////////////////////////////////////////////////////////////////
39 //////////////////////////////////////////////////////////////////////
41 /*
42 * Types of a FPI regions. (What sort of function call is being
43 * made.)
44 */
55 // we go
56 };
58 /*
59 * Information about a pre-live ActRec. Part of state tracked in
60 * State.
61 */
64 Type calledOn,
73 {}
75 FPIKind kind;
80 // Possible fallback func if we cannot determine which will be called.
82 // isCtx of context is whether it matches caller's context
83 Type context;
84 };
86 /*
87 * State of an iterator in the program.
88 *
89 * We track iterator liveness precisely, so if an iterator is DeadIter, its
90 * definitely dead and vice-versa. We only track "normal" iterators (non-weak,
91 * non-mutable), so iterators not of those type are considered "dead".
92 */
95 IterTypes types;
96 // The local that an iterator was initialized with (and which has not been
97 // changed since).
99 // The local that is known to be equivalent to the current key in the
100 // iterator. Used to detect "safe" writes.
102 // The block id where this iterator was initialized. If there's more than one
103 // such block, NoBlockId.
105 };
108 /*
109 * Tag indicating what sort of thing contains the current member base.
110 *
111 * The base is always the unboxed version of the type, and its location could be
112 * inside of a Ref. So, for example, a base with BaseLoc::Frame could be located
113 * inside of a Ref that is pointed to by the Frame. (We may want to distinguish
114 * these two cases at some point if we start trying to track real information
115 * about Refs, but not yet.)
116 *
117 * Note that if we're in an array-chain, the base location always reflects the
118 * location of the array which started the array-chain.
119 */
121 None,
123 /*
124 * Base is in a number of possible places after an Elem op. It
125 * cannot possibly be in an object property (although it certainly
126 * may alias one). See miElem for details.
127 *
128 * This is only used if its unclear if its actually in an array. If it is
129 * definitely in an array, then arrayChain will be non-empty and the base
130 * location will reflect where the array is located.
131 */
132 Elem,
134 /*
135 * Base is in possible locations after a Prop op. This means it
136 * possibly lives in a property on an object, but possibly not
137 * (e.g. it could be a null in tvScratch). See miProp for
138 * details.
139 *
140 * If it is definitely known to be a property in an object, the
141 * locTy in the Base will be a subtype of TObj.
142 */
143 Prop,
145 /*
146 * Known to be a static property on an object. This is only
147 * possible as an initial base.
148 */
149 StaticProp,
151 /*
152 * Known to be contained in the current frame as a local, as the
153 * frame $this, by the evaluation stack, or inside $GLOBALS. Only
154 * possible as initial bases.
155 */
156 Local,
157 This,
158 Stack,
159 Global,
160 };
162 /*
163 * Information about the current member base's type and location.
164 */
168 Type locTy = {},
169 SString locName = {},
179 Type type;
180 BaseLoc loc;
182 /*
183 * We also need to track effects of intermediate dims on the type of the base.
184 * So we have a type, name, and possibly associated local or stack slot for
185 * the base's container.
186 *
187 * For StaticProp, locName is the name of the property if known, or nullptr,
188 * and locTy is the type of the class containing the static property.
189 *
190 * For Prop, locName is the name of the property if it was known, and locTy
191 * gives as much information about the object type it is in. (If we actually
192 * *know* it is in an object, locTy will be a subtype of TObj.)
193 *
194 * For Local, locName is the name of the local if known, or nullptr, and
195 * locLocal is the LocalId corresponding to the local (or NoLocalId if not
196 * known).
197 *
198 * For Stack, locSlot is the stack index of the corresponding stack slot.
199 */
200 Type locTy;
201 SString locName;
202 LocalId locLocal;
204 };
206 // An element on the eval stack
210 Type type;
211 // A location which is known to have an equivalent value to this
212 // stack value. This could be a valid LocalId, the special value
213 // StackDupId to indicate that its equivalent to the stack element
214 // below it, the special value StackThisId to indicate that its the
215 // value of $this, or NoLocalId if it has no known equivalents.
216 // Note that the location may not match the stack value wrt Uninit.
217 LocalId equivLoc;
220 };
230 }
234 }
238 }
241 }
244 }
248 }
251 }
252 // very special helper for use with Add*ElemC. To prevent
253 // quadratic time/space when appending to an array, we need to
254 // ensure we're appending to an array with a single reference; but
255 // popping from an InterpStack doesn't actually remove the
256 // element. This allows us to drop the type's datatag. It means
257 // that rewinding wouldn't see the original type; but Add*ElemC is
258 // very carefully coded anyway.
263 }
268 }
272 }
276 }
282 }
286 };
302 }
307 }
312 }
316 }
319 }
325 }
331 }
339 }
341 }
343 }
344 // rewind the stack to the state it was in before the last
345 // instruction ran (which is known to have popped numPop items and
346 // pushed numPush items).
356 };
358 /*
359 * A program state at a position in a php::Block.
360 *
361 * The `initialized' flag indicates whether the state knows anything. All
362 * other fields are invalid if a state is not initialized, and notably, after
363 * all analysis has run, any blocks that still don't have initialized input
364 * states are not reachable.
365 *
366 * The `unreachable' flag means we've produced this state from analysis, but
367 * the program cannot reach this program position. This flag has two uses:
368 *
369 * o It allows us to determine arbitrary mid-block positions where code
370 * becomes unreachable, and eliminate that code in optimize.cpp.
371 *
372 * o HHBC invariants can complicate removing unreachable code in FPI
373 * regions---see the rules in bytecode.specification. Inside FPI regions,
374 * we still do abstract interpretation of the unreachable code, but this
375 * flag is used when merging states to allow the interpreter to analyze
376 * blocks that are unreachable without pessimizing states for reachable
377 * blocks that would've been their successors.
378 *
379 * One other note: having the interpreter visit blocks when they are
380 * unreachable still potentially merges types into object properties that
381 * aren't possible at runtime. We're only doing this to handle FPI regions for
382 * now, but it's not ideal.
383 *
384 * We split off a base class from State as a convenience to enable the use
385 * default copy construction and assignment.
386 *
387 */
391 };
401 Type thisType;
407 /*
408 * Mapping of a local to other locals which are known to have
409 * equivalent values. This equivalence ignores Uninit; users should
410 * compare types if they care.
411 */
413 };
424 }
425 }
427 // delete assignment operator, so we have to explicitly choose what
428 // we want to do from amongst the various copies.
435 }
440 }
447 }
448 }
453 }
455 InterpStack stack;
456 };
458 /*
459 * States are EqualityComparable (provided they are in-states for the
460 * same block).
461 */
465 /*
466 * Return a copy of a State without copying either the evaluation
467 * stack or FPI stack, pushing Throwable on the stack.
468 */
471 //////////////////////////////////////////////////////////////////////
473 /*
474 * PropertiesInfo packages the PropState for private instance and
475 * static properties, which is cross-block information collected in
476 * CollectedInfo.
477 *
478 * During analysis the ClassAnalysis* is available and the PropState is
479 * retrieved from there. However during optimization the ClassAnalysis is
480 * not available and the PropState has to be retrieved off the Class in
481 * the Index. In that case cls is nullptr and the PropState fields are
482 * populated.
483 */
496 PropState m_privateProperties;
497 PropState m_privateStatics;
498 };
500 //////////////////////////////////////////////////////////////////////
502 /*
503 * Map from closure classes to types for each of their used vars.
504 * Shows up in a few different interpreter structures.
505 */
509 >;
511 /*
512 * Merge the types in the vector as possible use vars for the closure
513 * `clo' into the destination map.
514 */
519 //////////////////////////////////////////////////////////////////////
526 };
531 );
532 }
537 );
538 }
543 );
544 }
548 /*
549 * Area used for writing down any information that is collected across
550 * a series of step operations (possibly cross block).
551 */
554 Context ctx,
556 CollectionOpts opts,
559 ClosureUseVarMap closureUseTypes;
560 PropertiesInfo props;
561 ConstantMap cnsMap;
563 unfoldableFuncs;
568 CollectionOpts opts{};
571 /*
572 * See FuncAnalysisResult for details.
573 */
576 PublicSPropMutations publicSPropMutations;
579 /*
580 * The current member base. Updated as we move through bytecodes
581 * representing the operation.
582 */
583 Base base{};
588 /*
589 * Chains of member operations on array elements will affect the type of
590 * something further back in the member instruction. This vector tracks the
591 * base,key type pair that was used at each stage. See
592 * interp-minstr.cpp:resolveArrayChain().
593 */
595 Type base;
596 Type key;
597 LocalId keyLoc;
598 };
600 ArrayChain arrayChain;
605 }
606 };
607 MInstrState mInstrState;
608 };
610 //////////////////////////////////////////////////////////////////////
612 /*
613 * State merging functions, based on the union_of operation for types.
614 *
615 * These return true if the destination state changed.
616 */
620 /*
621 * State merging functions, based on the widening_union operation.
622 * See analyze.cpp for details on when this is needed.
623 */
627 //////////////////////////////////////////////////////////////////////
629 /*
630 * Functions to show various aspects of interpreter state as strings.
631 */
639 //////////////////////////////////////////////////////////////////////
641 }}
642 #endif