1 // Copyright 2017 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "src/builtins/builtins-call-gen.h"
6 
7 #include "src/builtins/builtins-utils-gen.h"
8 #include "src/builtins/builtins.h"
9 #include "src/globals.h"
10 #include "src/heap/heap-inl.h"
11 #include "src/isolate.h"
12 #include "src/macro-assembler.h"
13 #include "src/objects/arguments.h"
14 
15 namespace v8 {
16 namespace internal {
17 
Generate_CallFunction_ReceiverIsNullOrUndefined(MacroAssembler * masm)18 void Builtins::Generate_CallFunction_ReceiverIsNullOrUndefined(
19     MacroAssembler* masm) {
20   Generate_CallFunction(masm, ConvertReceiverMode::kNullOrUndefined);
21 }
22 
Generate_CallFunction_ReceiverIsNotNullOrUndefined(MacroAssembler * masm)23 void Builtins::Generate_CallFunction_ReceiverIsNotNullOrUndefined(
24     MacroAssembler* masm) {
25   Generate_CallFunction(masm, ConvertReceiverMode::kNotNullOrUndefined);
26 }
27 
Generate_CallFunction_ReceiverIsAny(MacroAssembler * masm)28 void Builtins::Generate_CallFunction_ReceiverIsAny(MacroAssembler* masm) {
29   Generate_CallFunction(masm, ConvertReceiverMode::kAny);
30 }
31 
Generate_CallBoundFunction(MacroAssembler * masm)32 void Builtins::Generate_CallBoundFunction(MacroAssembler* masm) {
33   Generate_CallBoundFunctionImpl(masm);
34 }
35 
Generate_Call_ReceiverIsNullOrUndefined(MacroAssembler * masm)36 void Builtins::Generate_Call_ReceiverIsNullOrUndefined(MacroAssembler* masm) {
37   Generate_Call(masm, ConvertReceiverMode::kNullOrUndefined);
38 }
39 
Generate_Call_ReceiverIsNotNullOrUndefined(MacroAssembler * masm)40 void Builtins::Generate_Call_ReceiverIsNotNullOrUndefined(
41     MacroAssembler* masm) {
42   Generate_Call(masm, ConvertReceiverMode::kNotNullOrUndefined);
43 }
44 
Generate_Call_ReceiverIsAny(MacroAssembler * masm)45 void Builtins::Generate_Call_ReceiverIsAny(MacroAssembler* masm) {
46   Generate_Call(masm, ConvertReceiverMode::kAny);
47 }
48 
Generate_CallVarargs(MacroAssembler * masm)49 void Builtins::Generate_CallVarargs(MacroAssembler* masm) {
50   Generate_CallOrConstructVarargs(masm, masm->isolate()->builtins()->Call());
51 }
52 
Generate_CallForwardVarargs(MacroAssembler * masm)53 void Builtins::Generate_CallForwardVarargs(MacroAssembler* masm) {
54   Generate_CallOrConstructForwardVarargs(masm, CallOrConstructMode::kCall,
55                                          masm->isolate()->builtins()->Call());
56 }
57 
Generate_CallFunctionForwardVarargs(MacroAssembler * masm)58 void Builtins::Generate_CallFunctionForwardVarargs(MacroAssembler* masm) {
59   Generate_CallOrConstructForwardVarargs(
60       masm, CallOrConstructMode::kCall,
61       masm->isolate()->builtins()->CallFunction());
62 }
63 
CallOrConstructWithArrayLike(TNode<Object> target,SloppyTNode<Object> new_target,TNode<Object> arguments_list,TNode<Context> context)64 void CallOrConstructBuiltinsAssembler::CallOrConstructWithArrayLike(
65     TNode<Object> target, SloppyTNode<Object> new_target,
66     TNode<Object> arguments_list, TNode<Context> context) {
67   Label if_done(this), if_arguments(this), if_array(this),
68       if_holey_array(this, Label::kDeferred),
69       if_runtime(this, Label::kDeferred);
70 
71   // Perform appropriate checks on {target} (and {new_target} first).
72   if (new_target == nullptr) {
73     // Check that {target} is Callable.
74     Label if_target_callable(this),
75         if_target_not_callable(this, Label::kDeferred);
76     GotoIf(TaggedIsSmi(target), &if_target_not_callable);
77     Branch(IsCallable(CAST(target)), &if_target_callable,
78            &if_target_not_callable);
79     BIND(&if_target_not_callable);
80     {
81       CallRuntime(Runtime::kThrowApplyNonFunction, context, target);
82       Unreachable();
83     }
84     BIND(&if_target_callable);
85   } else {
86     // Check that {target} is a Constructor.
87     Label if_target_constructor(this),
88         if_target_not_constructor(this, Label::kDeferred);
89     GotoIf(TaggedIsSmi(target), &if_target_not_constructor);
90     Branch(IsConstructor(CAST(target)), &if_target_constructor,
91            &if_target_not_constructor);
92     BIND(&if_target_not_constructor);
93     {
94       CallRuntime(Runtime::kThrowNotConstructor, context, target);
95       Unreachable();
96     }
97     BIND(&if_target_constructor);
98 
99     // Check that {new_target} is a Constructor.
100     Label if_new_target_constructor(this),
101         if_new_target_not_constructor(this, Label::kDeferred);
102     GotoIf(TaggedIsSmi(new_target), &if_new_target_not_constructor);
103     Branch(IsConstructor(CAST(new_target)), &if_new_target_constructor,
104            &if_new_target_not_constructor);
105     BIND(&if_new_target_not_constructor);
106     {
107       CallRuntime(Runtime::kThrowNotConstructor, context, new_target);
108       Unreachable();
109     }
110     BIND(&if_new_target_constructor);
111   }
112 
113   GotoIf(TaggedIsSmi(arguments_list), &if_runtime);
114 
115   TNode<Map> arguments_list_map = LoadMap(CAST(arguments_list));
116   TNode<Context> native_context = LoadNativeContext(context);
117 
118   // Check if {arguments_list} is an (unmodified) arguments object.
119   TNode<Map> sloppy_arguments_map = CAST(
120       LoadContextElement(native_context, Context::SLOPPY_ARGUMENTS_MAP_INDEX));
121   GotoIf(WordEqual(arguments_list_map, sloppy_arguments_map), &if_arguments);
122   TNode<Map> strict_arguments_map = CAST(
123       LoadContextElement(native_context, Context::STRICT_ARGUMENTS_MAP_INDEX));
124   GotoIf(WordEqual(arguments_list_map, strict_arguments_map), &if_arguments);
125 
126   // Check if {arguments_list} is a fast JSArray.
127   Branch(IsJSArrayMap(arguments_list_map), &if_array, &if_runtime);
128 
129   TVARIABLE(FixedArrayBase, var_elements);
130   TVARIABLE(Int32T, var_length);
131   BIND(&if_array);
132   {
133     // Try to extract the elements from a JSArray object.
134     var_elements = LoadElements(CAST(arguments_list));
135     var_length =
136         LoadAndUntagToWord32ObjectField(arguments_list, JSArray::kLengthOffset);
137 
138     // Holey arrays and double backing stores need special treatment.
139     STATIC_ASSERT(PACKED_SMI_ELEMENTS == 0);
140     STATIC_ASSERT(HOLEY_SMI_ELEMENTS == 1);
141     STATIC_ASSERT(PACKED_ELEMENTS == 2);
142     STATIC_ASSERT(HOLEY_ELEMENTS == 3);
143     STATIC_ASSERT(PACKED_DOUBLE_ELEMENTS == 4);
144     STATIC_ASSERT(HOLEY_DOUBLE_ELEMENTS == 5);
145     STATIC_ASSERT(LAST_FAST_ELEMENTS_KIND == HOLEY_DOUBLE_ELEMENTS);
146 
147     TNode<Int32T> kind = LoadMapElementsKind(arguments_list_map);
148 
149     GotoIf(Int32GreaterThan(kind, Int32Constant(LAST_FAST_ELEMENTS_KIND)),
150            &if_runtime);
151     Branch(Word32And(kind, Int32Constant(1)), &if_holey_array, &if_done);
152   }
153 
154   BIND(&if_holey_array);
155   {
156     // For holey JSArrays we need to check that the array prototype chain
157     // protector is intact and our prototype is the Array.prototype actually.
158     GotoIfNot(IsPrototypeInitialArrayPrototype(context, arguments_list_map),
159               &if_runtime);
160     Branch(IsNoElementsProtectorCellInvalid(), &if_runtime, &if_done);
161   }
162 
163   BIND(&if_arguments);
164   {
165     TNode<JSArgumentsObject> js_arguments = CAST(arguments_list);
166     // Try to extract the elements from an JSArgumentsObject.
167     TNode<Object> length =
168         LoadObjectField(js_arguments, JSArgumentsObject::kLengthOffset);
169     TNode<FixedArrayBase> elements = LoadElements(js_arguments);
170     TNode<Smi> elements_length = LoadFixedArrayBaseLength(elements);
171     GotoIfNot(WordEqual(length, elements_length), &if_runtime);
172     var_elements = elements;
173     var_length = SmiToInt32(CAST(length));
174     Goto(&if_done);
175   }
176 
177   BIND(&if_runtime);
178   {
179     // Ask the runtime to create the list (actually a FixedArray).
180     var_elements = CAST(CallRuntime(Runtime::kCreateListFromArrayLike, context,
181                                     arguments_list));
182     var_length = LoadAndUntagToWord32ObjectField(var_elements.value(),
183                                                  FixedArray::kLengthOffset);
184     Goto(&if_done);
185   }
186 
187   // Tail call to the appropriate builtin (depending on whether we have
188   // a {new_target} passed).
189   BIND(&if_done);
190   {
191     Label if_not_double(this), if_double(this);
192     TNode<Int32T> args_count = Int32Constant(0);  // args already on the stack
193 
194     TNode<Int32T> length = var_length.value();
195     {
196       Label normalize_done(this);
197       GotoIfNot(Word32Equal(length, Int32Constant(0)), &normalize_done);
198       // Make sure we don't accidentally pass along the
199       // empty_fixed_double_array since the tailed-called stubs cannot handle
200       // the normalization yet.
201       var_elements = EmptyFixedArrayConstant();
202       Goto(&normalize_done);
203 
204       BIND(&normalize_done);
205     }
206 
207     TNode<FixedArrayBase> elements = var_elements.value();
208     Branch(IsFixedDoubleArray(elements), &if_double, &if_not_double);
209 
210     BIND(&if_not_double);
211     {
212       if (new_target == nullptr) {
213         Callable callable = CodeFactory::CallVarargs(isolate());
214         TailCallStub(callable, context, target, args_count, elements, length);
215       } else {
216         Callable callable = CodeFactory::ConstructVarargs(isolate());
217         TailCallStub(callable, context, target, new_target, args_count,
218                      elements, length);
219       }
220     }
221 
222     BIND(&if_double);
223     {
224       // Kind is hardcoded here because CreateListFromArrayLike will only
225       // produce holey double arrays.
226       CallOrConstructDoubleVarargs(target, new_target, CAST(elements), length,
227                                    args_count, context,
228                                    Int32Constant(HOLEY_DOUBLE_ELEMENTS));
229     }
230   }
231 }
232 
233 // Takes a FixedArray of doubles and creates a new FixedArray with those doubles
234 // boxed as HeapNumbers, then tail calls CallVarargs/ConstructVarargs depending
235 // on whether {new_target} was passed.
CallOrConstructDoubleVarargs(TNode<Object> target,SloppyTNode<Object> new_target,TNode<FixedDoubleArray> elements,TNode<Int32T> length,TNode<Int32T> args_count,TNode<Context> context,TNode<Int32T> kind)236 void CallOrConstructBuiltinsAssembler::CallOrConstructDoubleVarargs(
237     TNode<Object> target, SloppyTNode<Object> new_target,
238     TNode<FixedDoubleArray> elements, TNode<Int32T> length,
239     TNode<Int32T> args_count, TNode<Context> context, TNode<Int32T> kind) {
240   Label if_done(this);
241 
242   const ElementsKind new_kind = PACKED_ELEMENTS;
243   const WriteBarrierMode barrier_mode = UPDATE_WRITE_BARRIER;
244   TNode<IntPtrT> intptr_length = ChangeInt32ToIntPtr(length);
245   CSA_ASSERT(this, WordNotEqual(intptr_length, IntPtrConstant(0)));
246 
247   // Allocate a new FixedArray of Objects.
248   TNode<FixedArray> new_elements = CAST(AllocateFixedArray(
249       new_kind, intptr_length, CodeStubAssembler::kAllowLargeObjectAllocation));
250   Branch(Word32Equal(kind, Int32Constant(HOLEY_DOUBLE_ELEMENTS)),
251          [&] {
252            // Fill the FixedArray with pointers to HeapObjects.
253            CopyFixedArrayElements(HOLEY_DOUBLE_ELEMENTS, elements, new_kind,
254                                   new_elements, intptr_length, intptr_length,
255                                   barrier_mode);
256            Goto(&if_done);
257          },
258          [&] {
259            CopyFixedArrayElements(PACKED_DOUBLE_ELEMENTS, elements, new_kind,
260                                   new_elements, intptr_length, intptr_length,
261                                   barrier_mode);
262            Goto(&if_done);
263          });
264 
265   BIND(&if_done);
266   {
267     if (new_target == nullptr) {
268       Callable callable = CodeFactory::CallVarargs(isolate());
269       TailCallStub(callable, context, target, args_count, new_elements, length);
270     } else {
271       Callable callable = CodeFactory::ConstructVarargs(isolate());
272       TailCallStub(callable, context, target, new_target, args_count,
273                    new_elements, length);
274     }
275   }
276 }
277 
CallOrConstructWithSpread(TNode<Object> target,TNode<Object> new_target,TNode<Object> spread,TNode<Int32T> args_count,TNode<Context> context)278 void CallOrConstructBuiltinsAssembler::CallOrConstructWithSpread(
279     TNode<Object> target, TNode<Object> new_target, TNode<Object> spread,
280     TNode<Int32T> args_count, TNode<Context> context) {
281   Label if_smiorobject(this), if_double(this),
282       if_generic(this, Label::kDeferred);
283 
284   TVARIABLE(Int32T, var_length);
285   TVARIABLE(FixedArrayBase, var_elements);
286   TVARIABLE(Int32T, var_elements_kind);
287 
288   GotoIf(TaggedIsSmi(spread), &if_generic);
289   TNode<Map> spread_map = LoadMap(CAST(spread));
290   GotoIfNot(IsJSArrayMap(spread_map), &if_generic);
291   TNode<JSArray> spread_array = CAST(spread);
292 
293   // Check that we have the original Array.prototype.
294   GotoIfNot(IsPrototypeInitialArrayPrototype(context, spread_map), &if_generic);
295 
296   // Check that there are no elements on the Array.prototype chain.
297   GotoIf(IsNoElementsProtectorCellInvalid(), &if_generic);
298 
299   // Check that the Array.prototype hasn't been modified in a way that would
300   // affect iteration.
301   TNode<PropertyCell> protector_cell =
302       CAST(LoadRoot(Heap::kArrayIteratorProtectorRootIndex));
303   GotoIf(WordEqual(LoadObjectField(protector_cell, PropertyCell::kValueOffset),
304                    SmiConstant(Isolate::kProtectorInvalid)),
305          &if_generic);
306   {
307     // The fast-path accesses the {spread} elements directly.
308     TNode<Int32T> spread_kind = LoadMapElementsKind(spread_map);
309     var_elements_kind = spread_kind;
310     var_length =
311         LoadAndUntagToWord32ObjectField(spread_array, JSArray::kLengthOffset);
312     var_elements = LoadElements(spread_array);
313 
314     // Check elements kind of {spread}.
315     GotoIf(Int32LessThan(spread_kind, Int32Constant(PACKED_DOUBLE_ELEMENTS)),
316            &if_smiorobject);
317     Branch(
318         Int32GreaterThan(spread_kind, Int32Constant(LAST_FAST_ELEMENTS_KIND)),
319         &if_generic, &if_double);
320   }
321 
322   BIND(&if_generic);
323   {
324     Label if_iterator_fn_not_callable(this, Label::kDeferred);
325     TNode<Object> iterator_fn =
326         GetProperty(context, spread, IteratorSymbolConstant());
327     GotoIfNot(TaggedIsCallable(iterator_fn), &if_iterator_fn_not_callable);
328     TNode<JSArray> list = CAST(
329         CallBuiltin(Builtins::kIterableToList, context, spread, iterator_fn));
330     var_length = LoadAndUntagToWord32ObjectField(list, JSArray::kLengthOffset);
331 
332     var_elements = LoadElements(list);
333     var_elements_kind = LoadElementsKind(list);
334     Branch(Int32LessThan(var_elements_kind.value(),
335                          Int32Constant(PACKED_DOUBLE_ELEMENTS)),
336            &if_smiorobject, &if_double);
337 
338     BIND(&if_iterator_fn_not_callable);
339     ThrowTypeError(context, MessageTemplate::kIteratorSymbolNonCallable);
340   }
341 
342   BIND(&if_smiorobject);
343   {
344     TNode<FixedArrayBase> elements = var_elements.value();
345     TNode<Int32T> length = var_length.value();
346 
347     if (new_target == nullptr) {
348       Callable callable = CodeFactory::CallVarargs(isolate());
349       TailCallStub(callable, context, target, args_count, elements, length);
350     } else {
351       Callable callable = CodeFactory::ConstructVarargs(isolate());
352       TailCallStub(callable, context, target, new_target, args_count, elements,
353                    length);
354     }
355   }
356 
357   BIND(&if_double);
358   {
359     GotoIf(Word32Equal(var_length.value(), Int32Constant(0)), &if_smiorobject);
360     CallOrConstructDoubleVarargs(target, new_target, CAST(var_elements.value()),
361                                  var_length.value(), args_count, context,
362                                  var_elements_kind.value());
363   }
364 }
365 
TF_BUILTIN(CallWithArrayLike,CallOrConstructBuiltinsAssembler)366 TF_BUILTIN(CallWithArrayLike, CallOrConstructBuiltinsAssembler) {
367   TNode<Object> target = CAST(Parameter(Descriptor::kTarget));
368   SloppyTNode<Object> new_target = nullptr;
369   TNode<Object> arguments_list = CAST(Parameter(Descriptor::kArgumentsList));
370   TNode<Context> context = CAST(Parameter(Descriptor::kContext));
371   CallOrConstructWithArrayLike(target, new_target, arguments_list, context);
372 }
373 
TF_BUILTIN(CallWithSpread,CallOrConstructBuiltinsAssembler)374 TF_BUILTIN(CallWithSpread, CallOrConstructBuiltinsAssembler) {
375   TNode<Object> target = CAST(Parameter(Descriptor::kTarget));
376   SloppyTNode<Object> new_target = nullptr;
377   TNode<Object> spread = CAST(Parameter(Descriptor::kSpread));
378   TNode<Int32T> args_count =
379       UncheckedCast<Int32T>(Parameter(Descriptor::kArgumentsCount));
380   TNode<Context> context = CAST(Parameter(Descriptor::kContext));
381   CallOrConstructWithSpread(target, new_target, spread, args_count, context);
382 }
383 
384 }  // namespace internal
385 }  // namespace v8
386