| blob | ccf4e57299864c5672b693cde8b6dc88eb42f83c |
1 /*
2 +----------------------------------------------------------------------+
3 | HipHop for PHP |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 2010-present Facebook, Inc. (http://www.facebook.com) |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 */
16 #ifndef incl_HHBBC_INTERP_STATE_H_
17 #define incl_HHBBC_INTERP_STATE_H_
19 #include <vector>
20 #include <string>
21 #include <map>
23 #include <boost/variant.hpp>
25 #include <folly/Optional.h>
34 //////////////////////////////////////////////////////////////////////
39 //////////////////////////////////////////////////////////////////////
41 /*
42 * State of an iterator in the program.
43 *
44 * We track iterator liveness precisely, so if an iterator is DeadIter, its
45 * definitely dead and vice-versa. We only track "normal" iterators (non-weak,
46 * non-mutable), so iterators not of those type are considered "dead".
47 *
48 * We use this state to check if the "local iterator" optimization is valid.
49 * In this optimization, we leave the iterator base in a local slot instead of
50 * inc-ref-ing it and storing it in the iter.
51 *
52 * Local iteration is only possible if the positions of the keys of the base
53 * iterator are unchanged. We call an update that leaves these key positions
54 * unchanged a "safe" update; the only one that we can account for is updating
55 * the value of the current iteration key, as in:
56 *
57 * foreach ($base as $key => $value) {
58 * $base[$key] = $value + 1;
59 * }
60 *
61 * Finally, we also track a flag that is set whenever we see *any* update to
62 * the base (including "safe" updates). If we know the base is unchanged during
63 * iteration, we can further optimize the iterator in HHIR.
64 */
67 IterTypes types;
68 // If the base came from a local, and all updates to it have been "safe",
69 // this field will be the id of that local. Otherwise, it will be NoLocalId.
71 // The local that is known to be equivalent to the current key in the iter.
72 // Used to detect "safe" updates to the base.
74 // The block id where this iterator was initialized. If there's more than one
75 // such block, it will be NoBlockId.
77 // Set whenever we see any mutation, even "safe" ones that don't affect keys.
79 // Set whenever the base of the iterator cannot be an iterator
81 };
84 /*
85 * Tag indicating what sort of thing contains the current member base.
86 *
87 * Note that if we're in an array-chain, the base location always reflects the
88 * location of the array which started the array-chain.
89 */
91 None,
93 /*
94 * Base is in a number of possible places after an Elem op. It
95 * cannot possibly be in an object property (although it certainly
96 * may alias one). See miElem for details.
97 *
98 * This is only used if its unclear if its actually in an array. If it is
99 * definitely in an array, then arrayChain will be non-empty and the base
100 * location will reflect where the array is located.
101 */
102 Elem,
104 /*
105 * Base is in possible locations after a Prop op. This means it
106 * possibly lives in a property on an object, but possibly not
107 * (e.g. it could be a null in tvScratch). See miProp for
108 * details.
109 *
110 * If it is definitely known to be a property in an object, the
111 * locTy in the Base will be a subtype of TObj.
112 */
113 Prop,
115 /*
116 * Known to be a static property on an object. This is only
117 * possible as an initial base.
118 */
119 StaticProp,
121 /*
122 * Known to be contained in the current frame as a local, as the
123 * frame $this, by the evaluation stack, or inside $GLOBALS. Only
124 * possible as initial bases.
125 */
126 Local,
127 This,
128 Stack,
129 Global,
130 };
132 /*
133 * Information about the current member base's type and location.
134 */
138 Type locTy = {},
139 SString locName = {},
149 Type type;
150 BaseLoc loc;
152 /*
153 * We also need to track effects of intermediate dims on the type of the base.
154 * So we have a type, name, and possibly associated local or stack slot for
155 * the base's container.
156 *
157 * For StaticProp, locName is the name of the property if known, or nullptr,
158 * and locTy is the type of the class containing the static property.
159 *
160 * For Prop, locName is the name of the property if it was known, and locTy
161 * gives as much information about the object type it is in. (If we actually
162 * *know* it is in an object, locTy will be a subtype of TObj.)
163 *
164 * For Local, locName is the name of the local if known, or nullptr, and
165 * locLocal is the LocalId corresponding to the local (or NoLocalId if not
166 * known).
167 *
168 * For Stack, locSlot is the stack index of the corresponding stack slot.
169 */
170 Type locTy;
171 SString locName;
172 LocalId locLocal;
174 };
176 // An element on the eval stack
180 Type type;
181 // A location which is known to have an equivalent value to this
182 // stack value. This could be a valid LocalId, the special value
183 // StackDupId to indicate that its equivalent to the stack element
184 // below it, the special value StackThisId to indicate that its the
185 // value of $this, or NoLocalId if it has no known equivalents.
186 // Note that the location may not match the stack value wrt Uninit.
187 LocalId equivLoc;
190 };
200 }
204 }
208 }
211 }
214 }
218 }
221 }
222 // very special helper for use with Add*ElemC. To prevent
223 // quadratic time/space when appending to an array, we need to
224 // ensure we're appending to an array with a single reference; but
225 // popping from an InterpStack doesn't actually remove the
226 // element. This allows us to drop the type's datatag. It means
227 // that rewinding wouldn't see the original type; but Add*ElemC is
228 // very carefully coded anyway.
233 }
238 }
242 }
246 }
252 }
256 };
272 }
277 }
282 }
286 }
289 }
295 }
301 }
309 }
311 }
313 }
314 // rewind the stack to the state it was in before the last
315 // instruction ran (which is known to have popped numPop items and
316 // pushed numPush items).
326 };
328 /*
329 * A program state at a position in a php::Block.
330 *
331 * The `initialized' flag indicates whether the state knows anything. All
332 * other fields are invalid if a state is not initialized, and notably, after
333 * all analysis has run, any blocks that still don't have initialized input
334 * states are not reachable.
335 *
336 * The `unreachable' flag means we've produced this state from analysis, but
337 * the program cannot reach this program position. This flag has two uses:
338 *
339 * o It allows us to determine arbitrary mid-block positions where code
340 * becomes unreachable, and eliminate that code in optimize.cpp.
341 *
342 * o We may still do abstract interpretation of the unreachable code, but
343 * this flag is used when merging states to allow the interpreter to
344 * analyze blocks that are unreachable without pessimizing states for
345 * reachable blocks that would've been their successors.
346 *
347 * TODO: having the interpreter visit blocks when they are unreachable still
348 * potentially merges types into object properties that aren't possible at
349 * runtime.
350 *
351 * We split off a base class from State as a convenience to enable the use
352 * default copy construction and assignment.
353 *
354 */
358 };
368 Type thisType;
372 /*
373 * Mapping of a local to other locals which are known to have
374 * equivalent values. This equivalence ignores Uninit; users should
375 * compare types if they care.
376 */
378 };
389 }
390 }
392 // delete assignment operator, so we have to explicitly choose what
393 // we want to do from amongst the various copies.
400 }
405 }
412 }
413 }
418 }
420 InterpStack stack;
421 };
423 /*
424 * Return a copy of a State without copying the evaluation stack, pushing
425 * Throwable on the stack.
426 */
429 //////////////////////////////////////////////////////////////////////
431 /*
432 * PropertiesInfo packages the PropState for private instance and
433 * static properties, which is cross-block information collected in
434 * CollectedInfo.
435 *
436 * During analysis the ClassAnalysis* is available and the PropState is
437 * retrieved from there. However during optimization the ClassAnalysis is
438 * not available and the PropState has to be retrieved off the Class in
439 * the Index. In that case cls is nullptr and the PropState fields are
440 * populated.
441 */
454 PropState m_privateProperties;
455 PropState m_privateStatics;
456 };
458 //////////////////////////////////////////////////////////////////////
460 /*
461 * Map from closure classes to types for each of their used vars.
462 * Shows up in a few different interpreter structures.
463 */
467 >;
469 /*
470 * Merge the types in the vector as possible use vars for the closure
471 * `clo' into the destination map.
472 */
477 //////////////////////////////////////////////////////////////////////
484 };
489 );
490 }
495 );
496 }
501 );
502 }
506 /*
507 * Area used for writing down any information that is collected across
508 * a series of step operations (possibly cross block).
509 */
512 Context ctx,
514 CollectionOpts opts,
517 ClosureUseVarMap closureUseTypes;
518 PropertiesInfo props;
520 unfoldableFuncs;
524 CollectionOpts opts{};
527 /*
528 * See FuncAnalysisResult for details.
529 */
532 PublicSPropMutations publicSPropMutations;
535 /*
536 * The current member base. Updated as we move through bytecodes
537 * representing the operation.
538 */
539 Base base{};
544 /*
545 * Chains of member operations on array elements will affect the type of
546 * something further back in the member instruction. This vector tracks the
547 * base,key type pair that was used at each stage. See
548 * interp-minstr.cpp:resolveArrayChain().
549 */
551 Type base;
552 Type key;
553 LocalId keyLoc;
554 };
556 ArrayChain arrayChain;
561 }
562 };
563 MInstrState mInstrState;
564 };
566 //////////////////////////////////////////////////////////////////////
568 /*
569 * State merging functions, based on the union_of operation for types.
570 *
571 * These return true if the destination state changed.
572 */
575 /*
576 * State merging functions, based on the widening_union operation.
577 * See analyze.cpp for details on when this is needed.
578 */
582 //////////////////////////////////////////////////////////////////////
584 /*
585 * Functions to show various aspects of interpreter state as strings.
586 */
593 //////////////////////////////////////////////////////////////////////
595 }}
596 #endif