| blob | 6e98a201bdc02b206e3e1407f5de1d77e81b9037 |
1 /*
2 +----------------------------------------------------------------------+
3 | HipHop for PHP |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 2010-2016 Facebook, Inc. (http://www.facebook.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 */
39 //////////////////////////////////////////////////////////////////////
41 const StaticString
65 //////////////////////////////////////////////////////////////////////
67 // Will turn into either an int or a double in zend_convert_scalar_to_number.
70 TDbl,
71 TInt,
72 TNull,
73 TObj,
74 TRes,
75 TStr,
76 TBool
77 );
78 }
80 //////////////////////////////////////////////////////////////////////
93 }
100 }
103 // is_a() finishes here.
106 // is_subclass_of() needs to check that the LHS doesn't have the same class as
107 // as the RHS.
109 env,
113 },
114 [&] {
116 },
117 [&] {
119 }
120 );
121 }
125 }
129 }
141 }
149 // Bail if we're trying to do a recursive count()
153 }
162 }
164 // In strict mode type mismatches won't be coerced (for legacy reasons in HH
165 // files builtins are always weak).
170 }
172 // intercept constant, non-string ord() here instead of OrdStr simplify stage.
173 // OrdStr depends on a string as input for its vasm implementation.
175 // ord((string)true)===ord("1"), ord((string)false)===ord("")
177 }
180 }
184 }
188 }
191 }
196 }
201 // Only generate the optimized version if the argument passed in is a
202 // static string with a constant literal value so we can get the string value
203 // at JIT time.
207 }
209 // We can only optimize settings that are system wide since user level
210 // settings can be overridden during the execution of a request.
211 //
212 // TODO: the above is true for settings whose value we burn directly into the
213 // TC, but for non-system settings, we can optimize them as a load from the
214 // known static address or thread-local address of where the setting lives.
215 // This might be worth doing specifically for the zend.assertions setting,
216 // for which the emitter emits an ini_get around every call to assert().
222 }
225 }
228 }
230 Variant value;
232 // All scalar values are cast to a string before being returned.
235 }
238 }
241 env,
243 );
244 }
245 // ini_get() is now enhanced to return more than strings.
246 // Get out of here if we are something else like an array.
248 }
253 // Only generate the optimized version if the argument passed in is a
254 // static string with a constant literal value so we can get the string value
255 // at JIT time.
259 }
261 // Return the directory portion of the path
264 // Make a mutable copy for dirname_helper to modify
270 }
272 /*
273 * Transforms in_array with a static haystack argument into an AKExistsArr with
274 * the haystack flipped.
275 */
279 // We will restrict this optimization to needles that are strings, and
280 // haystacks that have only non-numeric string keys. This avoids a bunch of
281 // complication around numeric-string array-index semantics.
284 }
288 // Haystack isn't statically known
290 }
295 }
307 // Numeric strings will complicate matters because the loose comparisons
308 // done with array keys are not quite the same as loose comparisons done
309 // by in_array. For example: in_array('0', array('0000')) is true, but
310 // doing array('0000' => true)['0'] will say "undefined index". This seems
311 // unlikely to affect real-world usage.
313 }
316 }
321 env,
322 AKExistsArr,
324 needle
325 );
326 }
332 };
342 }
345 }
353 }
364 }
366 }
376 }
380 }
387 }
390 }
398 // this optimization is only for 2 ints/doubles
403 env,
412 }
414 },
415 [&] {
417 },
418 [&] {
420 }
421 );
422 }
425 // max2 is only called for 2 operands
427 }
430 // min2 is only called for 2 operands
432 }
441 }
450 }
457 // compute integer absolute value ((src>>63) ^ src) - (src>>63)
461 }
467 }
481 }
483 //////////////////////////////////////////////////////////////////////
492 #define X(x) \
493 if (fname->isame(s_##x.get())) return opt_##x(env, numArgs);
516 #undef X
519 }();
523 // Decref and free args
528 }
529 }
533 }
535 //////////////////////////////////////////////////////////////////////
537 /*
538 * Return the type that a parameter to a builtin function is supposed to be
539 * coerced to. What this means depends on how the builtin is dealing with
540 * parameter coersion: new-style HNI builtins try to do a tvCoerceParamTo*,
541 * while older ones use tvCastTo* semantics.
542 *
543 * If the builtin parameter has no type hints to cause coercion, this function
544 * returns TBottom.
545 */
553 }
556 }
561 }
563 }
565 //////////////////////////////////////////////////////////////////////
575 };
586 // if set, coerceFailure determines the target of a failed coercion;
587 // if not set, we side-exit to the next byte-code instruction (only
588 // applies to an inlined NativeImpl, or an FCallBuiltin).
591 };
593 /*
594 * Collect parameters for a call to a builtin. Also determine which ones will
595 * need to be passed through the eval stack, and which ones will need
596 * conversions.
597 */
606 LoadParam loadParam) {
613 // Fill in in reverse order, since they may come from popC's (depending on
614 // what loadParam wants to do).
622 // If ty > TBottom, it had some kind of type hint.
623 // A by-reference parameter thats defaulted will get a plain
624 // value (typically null), rather than a BoxedCell; so we still
625 // need to apply a conversion there.
628 // We do actually mean exact type equality here. We're only capable of
629 // passing the following primitives through registers; everything else goes
630 // by address unless its flagged "nativeArg".
633 }
637 }
640 }
642 //////////////////////////////////////////////////////////////////////
644 /*
645 * CatchMaker makes catch blocks for calling builtins. There's a fair bit of
646 * complexity here right now, for these reasons:
647 *
648 * o Sometimes we're 'logically' inlining a php-level call to a function
649 * that contains a NativeImpl opcode.
650 *
651 * But we implement this by generating all the relevant NativeImpl code
652 * after the InlineReturn for the callee, to make it easier for DCE to
653 * eliminate the code that constructs the callee's activation record.
654 * This means the unwinder is going to see our PC as equal to the FCallD
655 * for the call to the function, which will be inside the FPI region for
656 * the call, so it'll try to pop an ActRec, so we'll need to reconstruct
657 * one for it during unwinding.
658 *
659 * o HNI-style param coerce modes can force the entire function to return
660 * false or null if the coersions fail. This is implemented via a
661 * TVCoercionException, which is not a user-visible exception. So our
662 * catch blocks are sometimes handling a PHP exception, and sometimes a
663 * failure to coerce.
664 *
665 * o Both of these things may be relevant to the same catch block.
666 *
667 * Also, note that the CatchMaker keeps a pointer to the builtin call's
668 * ParamPrep, which will have its values mutated by realize_params as it's
669 * making coersions, so that we can see what's changed so far (and what to
670 * clean up on the offramps). Some values that were refcounted may become
671 * non-refcounted after conversions, and we can't DecRef things twice.
672 */
677 Kind kind,
684 {
686 }
695 }
697 }
708 }
716 // Determine whether we're dealing with a TVCoercionException or a php
717 // exception. If it's a php-exception, we'll go to the taken block.
719 env,
722 },
723 [&] {
730 }
731 );
733 // prepareForCatch() in the ifThen() above messed with irb's marker, so we
734 // have to update it on the fallthru path here.
740 // From here on we're on the side-exit path, due to a failure to coerce.
741 // We need to push the unwinder value and then side-exit to the next
742 // instruction.
747 }
752 }
755 }
759 }
769 }
770 /*
771 * We're potentially spilling to a different depth than the unwinder
772 * would've expected, so we need an eager sync. Even if we aren't inlining
773 * this can happen, because before doing the CallBuiltin we set the marker
774 * stack offset to only include the passed-through-stack args.
775 *
776 * So before we leave, update the marker to placate EndCatch assertions,
777 * which is trying to detect failure to do this properly.
778 */
782 }
784 /*
785 * For consistency with the interpreter, we need to decref things in a
786 * different order depending on whether we are unwinding, or planning to side
787 * exit.
788 *
789 * In either case, parameters that are not being passed through the stack
790 * still may need to be decref'd, because they may have been a reference
791 * counted type that was going to be converted to a non-reference counted
792 * type that we'd pass in a register. As we do the coersions, params.value
793 * gets updated so whenever we call these catch block creation functions it
794 * will only decref things that weren't yet converted.
795 */
805 }
806 }
807 }
809 // Same work as above, but opposite order.
814 // Make sure we have loads for all of the stack elements. We need to do
815 // this in forward order before we decref in backward order because
816 // extendStack will end up with values that are of type StkElem
817 // TODO(#6156498).
820 }
829 }
830 }
832 }
839 };
841 //////////////////////////////////////////////////////////////////////
853 }
856 }
859 }
862 }
866 CoerceCellToInt,
869 oldVal);
870 }
873 CoerceCellToDbl,
876 oldVal);
877 }
880 CoerceCellToBool,
883 oldVal);
884 }
887 }();
892 }
903 }
909 BCSPOffset offset,
914 CoerceStk,
915 ty,
922 CastStk,
923 ty,
927 }
929 /*
930 * We can throw after writing to the stack above; inform IRBuilder about it.
931 * This is basically just for assertions right now.
932 */
934 }
936 /*
937 * Take the value in param, apply any needed conversions
938 * and return the value to be passed to CallBuiltin.
939 *
940 * checkType(ty, fail):
941 * verify that the param is of type ty, and branch to fail
942 * if not. If it results in a new SSATmp*, (as eg CheckType
943 * would), then that should be returned; otherwise it should
944 * return nullptr;
945 * convertParam(ty):
946 * convert the param to ty; failure should be handled by
947 * CatchMaker::makeParamCoerceCatch, and it should return
948 * a new SSATmp* (if appropriate) or nullptr.
949 * realize():
950 * return the SSATmp* needed by CallBuiltin for this parameter.
951 * if checkType and convertParam returned non-null values,
952 * param.value will have been updated with a phi of their results.
953 */
958 Type targetTy,
959 V checkType,
960 C convertParam,
961 R realize) {
970 env,
975 }
977 env,
980 [&] {
982 });
983 },
987 }
988 )) {
989 // Heads up on non-local state here: we have to update
990 // the values inside ParamPrep so that the CatchMaker
991 // functions know about new potentially refcounted types
992 // to decref, or values that were already decref'd and
993 // replaced with things like ints.
995 }
996 }
999 }
1001 /*
1002 * Prepare the actual arguments to the CallBuiltin instruction, by converting a
1003 * ParamPrep into a vector of SSATmps to pass to CallBuiltin. If any of the
1004 * parameters needed type conversions, we need to do that here too.
1005 */
1034 },
1039 }
1042 CoerceMem,
1043 ty,
1049 CastMem,
1050 ty,
1053 }
1055 },
1056 [&] {
1066 }
1068 });
1070 }
1080 },
1084 env,
1085 ty,
1086 callee,
1087 oldVal,
1088 paramIdx,
1089 maker
1090 );
1091 },
1092 [&] {
1093 /*
1094 * This gets tricky:
1095 * - if we had a ref-counted type, and it was converted
1096 * to a Bool, Int or Dbl above, we explicitly DecReffed it
1097 * (in coerce_value).
1098 * - if we had a non-RefData nativeArg, we did a CoerceMem
1099 * which implicitly DecReffed the old value
1100 * In either case, the old value is taken care of, and any future
1101 * DecRefs (from exceptions, or after the call on the normal flow
1102 * of execution) should DecRef param.value (ie the post-coercion
1103 * value).
1104 *
1105 * But if we had an OutputArg, we did not DecRef the old value,
1106 * and the post-coercion value is a RefData* or nullptr.
1107 * If its a RefData*, we need to DecRef that - but in that case
1108 * the new value is the same as the old.
1109 * If its Nullptr, we need to DecRef the old value.
1110 *
1111 * So in both cases we actually want to DecRef the *old* value, so
1112 * we have to restore it here (because realize_param replaced it
1113 * with the new value).
1114 */
1118 }
1120 });
1122 }
1137 },
1141 },
1142 [&] {
1144 });
1146 }
1152 }
1154 //////////////////////////////////////////////////////////////////////
1162 /*
1163 * Everything that needs to be on the stack gets spilled now.
1164 *
1165 * If we're not inlining, the reason we do this even when numByAddr is
1166 * zero is to make it so that in either case the stack depth when we enter
1167 * our catch blocks is always the same as the numByAddr value, in all
1168 * situations. If we didn't do this, then when we aren't inlining, and
1169 * numByAddr is zero, we'd have the stack depth be the total num
1170 * params (the depth before the FCallBuiltin), which would add more cases
1171 * to handle in the catch blocks.
1172 */
1177 }
1178 }
1179 /*
1180 * This marker update is to make sure rbx points to the bottom of our
1181 * stack if we enter a catch trace. It's also necessary because we might
1182 * run destructors as part of parameter coersions, which we don't want to
1183 * clobber our spilled stack.
1184 */
1186 }
1188 // If we are inlining, we've done various DefInlineFP-type stuff that can
1189 // affect stack depth.
1191 }
1198 }
1200 }();
1202 // Make the actual call.
1206 env,
1207 CallBuiltin,
1208 retType,
1209 CallBuiltinData {
1211 callee,
1215 },
1218 );
1223 }
1225 }
1228 }
1230 /*
1231 * When we're inlining a NativeImpl opcode, we know this is the only opcode in
1232 * the callee method body aside from AssertRATs (bytecode invariant). So in
1233 * order to make sure we can eliminate the SpillFrame, we do the CallBuiltin
1234 * instruction after we've left the inlined frame.
1235 *
1236 * We may need to pass some arguments to the builtin through the stack (e.g. if
1237 * it takes const Variant&'s)---these are spilled to the stack after leaving
1238 * the callee.
1239 *
1240 * To make this work, we need to do some weird things in the catch trace. ;)
1241 */
1253 }();
1257 env,
1258 callee,
1259 paramThis,
1261 numArgs,
1262 numNonDefault,
1266 // These IncRefs must be 'inside' the callee: it may own the only
1267 // reference to the parameters. Normally they will cancel with the
1268 // DecRefs that we'll do in endInlinedCommon.
1271 }
1272 );
1274 // For the same reason that we have to IncRef the locals above, we
1275 // need to grab one on the $this.
1281 env,
1283 callee,
1284 ¶ms
1285 };
1288 }
1290 //////////////////////////////////////////////////////////////////////
1292 }
1294 //////////////////////////////////////////////////////////////////////
1300 // If we know the class without having to specialize a guard
1301 // any further, use it.
1303 }
1304 }
1308 }
1315 };
1318 env,
1322 },
1326 },
1329 }
1330 );
1331 }
1333 //////////////////////////////////////////////////////////////////////
1344 env,
1345 callee,
1348 numArgs,
1349 numNonDefault,
1355 }
1356 );
1359 env,
1361 callee,
1362 ¶ms
1363 };
1366 }
1375 };
1381 }
1383 // CallBuiltin doesn't understand IDL instance methods that have variable
1384 // arguments.
1390 }
1391 }
1398 env,
1406 }
1407 }
1415 }
1417 }
1422 }
1432 }
1435 }
1436 }
1437 },
1438 [&] {
1440 env,
1443 env,
1444 callee,
1445 thiz,
1449 fail,
1452 }
1453 );
1455 env,
1457 callee,
1458 ¶ms
1459 };
1463 },
1465 [&] {
1468 });
1471 },
1472 [&] {
1475 }
1476 );
1477 }
1479 //////////////////////////////////////////////////////////////////////
1483 // Helper for doing array-style Idx translations, even if we're dealing with a
1484 // collection. The stack will still contain the collection in that case, and
1485 // loaded_collection_array will be non-nullptr. If we're really doing
1486 // ArrayIdx, it's nullptr.
1488 // These types are just used to decide what to do; once we know what we're
1489 // actually doing we constrain the values with the popC()s later on in this
1490 // function.
1498 // if the key is null it will not be found so just return the default
1503 }
1507 }
1510 // the translated code doesn't
1511 // care about the type
1515 ? loaded_collection_array
1522 }
1533 }
1545 }
1552 // To use ArrayIdx, we require either constant non-int keys or known
1553 // integer keys for Map, because integer-like strings behave differently.
1566 }();
1567 // Similarly, Vector is only usable with int keys, so we can only do this
1568 // for Vector if it's an Int.
1574 // If it's a map with a non-static string key, we can do a map-specific
1575 // optimization.
1579 }
1583 }
1585 //////////////////////////////////////////////////////////////////////
1587 }
1592 }
1597 // raise fatal
1600 }
1603 }
1619 }
1627 }
1632 }
1645 }
1647 }
1650 }
1663 }
1666 }
1675 }
1680 // An int is already a valid key. No-op.
1682 }
1688 }
1694 }
1697 // We can't generate direct StLoc and LdLocs in pseudomains (violates an IR
1698 // invariant).
1703 // We assume that whatever is in the local is dead and doesn't need to be
1704 // refcounted before being overwritten.
1709 {
1713 }
1715 }
1716 }
1718 //////////////////////////////////////////////////////////////////////
1720 }}}