blob: 4ac519c39728eaf5e5c16f84cee6026cc3a8b12a [file] [log] [blame]
// Copyright 2014 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/ast/ast.h"
#include "src/common/globals.h"
#include "src/execution/arguments-inl.h"
#include "src/execution/isolate-inl.h"
#include "src/logging/counters.h"
#include "src/objects/allocation-site-scopes-inl.h"
#include "src/objects/hash-table-inl.h"
#include "src/objects/heap-number-inl.h"
#include "src/objects/heap-object-inl.h"
#include "src/objects/js-regexp-inl.h"
#include "src/objects/literal-objects-inl.h"
#include "src/runtime/runtime-utils.h"
#include "src/runtime/runtime.h"
namespace v8 {
namespace internal {
namespace {
bool IsUninitializedLiteralSite(Object literal_site) {
return literal_site == Smi::zero();
}
bool HasBoilerplate(Handle<Object> literal_site) {
return !literal_site->IsSmi();
}
void PreInitializeLiteralSite(Handle<FeedbackVector> vector,
FeedbackSlot slot) {
vector->SynchronizedSet(slot, Smi::FromInt(1));
}
template <class ContextObject>
class JSObjectWalkVisitor {
public:
explicit JSObjectWalkVisitor(ContextObject* site_context)
: site_context_(site_context) {}
V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> StructureWalk(
Handle<JSObject> object);
protected:
V8_WARN_UNUSED_RESULT inline MaybeHandle<JSObject> VisitElementOrProperty(
Handle<JSObject> object, Handle<JSObject> value) {
// Dont create allocation sites for nested object literals
if (!value->IsJSArray()) {
return StructureWalk(value);
}
Handle<AllocationSite> current_site = site_context()->EnterNewScope();
MaybeHandle<JSObject> copy_of_value = StructureWalk(value);
site_context()->ExitScope(current_site, value);
return copy_of_value;
}
inline ContextObject* site_context() { return site_context_; }
inline Isolate* isolate() { return site_context()->isolate(); }
private:
ContextObject* site_context_;
};
template <class ContextObject>
MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk(
Handle<JSObject> object) {
Isolate* isolate = this->isolate();
bool copying = ContextObject::kCopying;
{
StackLimitCheck check(isolate);
if (check.HasOverflowed()) {
isolate->StackOverflow();
return MaybeHandle<JSObject>();
}
}
if (object->map(isolate).is_deprecated()) {
base::SharedMutexGuard<base::kExclusive> mutex_guard(
isolate->boilerplate_migration_access());
JSObject::MigrateInstance(isolate, object);
}
Handle<JSObject> copy;
if (copying) {
// JSFunction objects are not allowed to be in normal boilerplates at all.
DCHECK(!object->IsJSFunction(isolate));
Handle<AllocationSite> site_to_pass;
if (site_context()->ShouldCreateMemento(object)) {
site_to_pass = site_context()->current();
}
copy = isolate->factory()->CopyJSObjectWithAllocationSite(object,
site_to_pass);
} else {
copy = object;
}
DCHECK(copying || copy.is_identical_to(object));
HandleScope scope(isolate);
// Deep copy own properties. Arrays only have 1 property "length".
if (!copy->IsJSArray(isolate)) {
if (copy->HasFastProperties(isolate)) {
Handle<DescriptorArray> descriptors(
copy->map(isolate).instance_descriptors(isolate), isolate);
for (InternalIndex i : copy->map(isolate).IterateOwnDescriptors()) {
PropertyDetails details = descriptors->GetDetails(i);
DCHECK_EQ(PropertyLocation::kField, details.location());
DCHECK_EQ(PropertyKind::kData, details.kind());
FieldIndex index = FieldIndex::ForPropertyIndex(
copy->map(isolate), details.field_index(),
details.representation());
Object raw = copy->RawFastPropertyAt(isolate, index);
if (raw.IsJSObject(isolate)) {
Handle<JSObject> value(JSObject::cast(raw), isolate);
ASSIGN_RETURN_ON_EXCEPTION(
isolate, value, VisitElementOrProperty(copy, value), JSObject);
if (copying) copy->FastPropertyAtPut(index, *value);
} else if (copying && details.representation().IsDouble()) {
uint64_t double_value =
HeapNumber::cast(raw).value_as_bits(kRelaxedLoad);
auto value = isolate->factory()->NewHeapNumberFromBits(double_value);
copy->FastPropertyAtPut(index, *value);
}
}
} else {
if (V8_ENABLE_SWISS_NAME_DICTIONARY_BOOL) {
Handle<SwissNameDictionary> dict(
copy->property_dictionary_swiss(isolate), isolate);
for (InternalIndex i : dict->IterateEntries()) {
Object raw = dict->ValueAt(i);
if (!raw.IsJSObject(isolate)) continue;
DCHECK(dict->KeyAt(i).IsName());
Handle<JSObject> value(JSObject::cast(raw), isolate);
ASSIGN_RETURN_ON_EXCEPTION(
isolate, value, VisitElementOrProperty(copy, value), JSObject);
if (copying) dict->ValueAtPut(i, *value);
}
} else {
Handle<NameDictionary> dict(copy->property_dictionary(isolate),
isolate);
for (InternalIndex i : dict->IterateEntries()) {
Object raw = dict->ValueAt(isolate, i);
if (!raw.IsJSObject(isolate)) continue;
DCHECK(dict->KeyAt(isolate, i).IsName());
Handle<JSObject> value(JSObject::cast(raw), isolate);
ASSIGN_RETURN_ON_EXCEPTION(
isolate, value, VisitElementOrProperty(copy, value), JSObject);
if (copying) dict->ValueAtPut(i, *value);
}
}
}
// Assume non-arrays don't end up having elements.
if (copy->elements(isolate).length() == 0) return copy;
}
// Deep copy own elements.
switch (copy->GetElementsKind(isolate)) {
case PACKED_ELEMENTS:
case PACKED_FROZEN_ELEMENTS:
case PACKED_SEALED_ELEMENTS:
case PACKED_NONEXTENSIBLE_ELEMENTS:
case HOLEY_FROZEN_ELEMENTS:
case HOLEY_SEALED_ELEMENTS:
case HOLEY_NONEXTENSIBLE_ELEMENTS:
case HOLEY_ELEMENTS: {
Handle<FixedArray> elements(FixedArray::cast(copy->elements(isolate)),
isolate);
if (elements->map(isolate) ==
ReadOnlyRoots(isolate).fixed_cow_array_map()) {
#ifdef DEBUG
for (int i = 0; i < elements->length(); i++) {
DCHECK(!elements->get(i).IsJSObject());
}
#endif
} else {
for (int i = 0; i < elements->length(); i++) {
Object raw = elements->get(isolate, i);
if (!raw.IsJSObject(isolate)) continue;
Handle<JSObject> value(JSObject::cast(raw), isolate);
ASSIGN_RETURN_ON_EXCEPTION(
isolate, value, VisitElementOrProperty(copy, value), JSObject);
if (copying) elements->set(i, *value);
}
}
break;
}
case DICTIONARY_ELEMENTS: {
Handle<NumberDictionary> element_dictionary(
copy->element_dictionary(isolate), isolate);
for (InternalIndex i : element_dictionary->IterateEntries()) {
Object raw = element_dictionary->ValueAt(isolate, i);
if (!raw.IsJSObject(isolate)) continue;
Handle<JSObject> value(JSObject::cast(raw), isolate);
ASSIGN_RETURN_ON_EXCEPTION(
isolate, value, VisitElementOrProperty(copy, value), JSObject);
if (copying) element_dictionary->ValueAtPut(i, *value);
}
break;
}
case FAST_SLOPPY_ARGUMENTS_ELEMENTS:
case SLOW_SLOPPY_ARGUMENTS_ELEMENTS:
UNIMPLEMENTED();
break;
case FAST_STRING_WRAPPER_ELEMENTS:
case SLOW_STRING_WRAPPER_ELEMENTS:
case WASM_ARRAY_ELEMENTS:
UNREACHABLE();
#define TYPED_ARRAY_CASE(Type, type, TYPE, ctype) case TYPE##_ELEMENTS:
TYPED_ARRAYS(TYPED_ARRAY_CASE)
RAB_GSAB_TYPED_ARRAYS(TYPED_ARRAY_CASE)
#undef TYPED_ARRAY_CASE
// Typed elements cannot be created using an object literal.
UNREACHABLE();
case PACKED_SMI_ELEMENTS:
case HOLEY_SMI_ELEMENTS:
case PACKED_DOUBLE_ELEMENTS:
case HOLEY_DOUBLE_ELEMENTS:
case NO_ELEMENTS:
// No contained objects, nothing to do.
break;
}
return copy;
}
class DeprecationUpdateContext {
public:
explicit DeprecationUpdateContext(Isolate* isolate) { isolate_ = isolate; }
Isolate* isolate() { return isolate_; }
bool ShouldCreateMemento(Handle<JSObject> object) { return false; }
inline void ExitScope(Handle<AllocationSite> scope_site,
Handle<JSObject> object) {}
Handle<AllocationSite> EnterNewScope() { return Handle<AllocationSite>(); }
Handle<AllocationSite> current() {
UNREACHABLE();
}
static const bool kCopying = false;
private:
Isolate* isolate_;
};
// AllocationSiteCreationContext aids in the creation of AllocationSites to
// accompany object literals.
class AllocationSiteCreationContext : public AllocationSiteContext {
public:
explicit AllocationSiteCreationContext(Isolate* isolate)
: AllocationSiteContext(isolate) {}
Handle<AllocationSite> EnterNewScope() {
Handle<AllocationSite> scope_site;
if (top().is_null()) {
// We are creating the top level AllocationSite as opposed to a nested
// AllocationSite.
InitializeTraversal(isolate()->factory()->NewAllocationSite(true));
scope_site = Handle<AllocationSite>(*top(), isolate());
if (FLAG_trace_creation_allocation_sites) {
PrintF("*** Creating top level %s AllocationSite %p\n", "Fat",
reinterpret_cast<void*>(scope_site->ptr()));
}
} else {
DCHECK(!current().is_null());
scope_site = isolate()->factory()->NewAllocationSite(false);
if (FLAG_trace_creation_allocation_sites) {
PrintF(
"*** Creating nested %s AllocationSite (top, current, new) (%p, "
"%p, "
"%p)\n",
"Slim", reinterpret_cast<void*>(top()->ptr()),
reinterpret_cast<void*>(current()->ptr()),
reinterpret_cast<void*>(scope_site->ptr()));
}
current()->set_nested_site(*scope_site);
update_current_site(*scope_site);
}
DCHECK(!scope_site.is_null());
return scope_site;
}
void ExitScope(Handle<AllocationSite> scope_site, Handle<JSObject> object) {
if (object.is_null()) return;
scope_site->set_boilerplate(*object, kReleaseStore);
if (FLAG_trace_creation_allocation_sites) {
bool top_level =
!scope_site.is_null() && top().is_identical_to(scope_site);
if (top_level) {
PrintF("*** Setting AllocationSite %p transition_info %p\n",
reinterpret_cast<void*>(scope_site->ptr()),
reinterpret_cast<void*>(object->ptr()));
} else {
PrintF("*** Setting AllocationSite (%p, %p) transition_info %p\n",
reinterpret_cast<void*>(top()->ptr()),
reinterpret_cast<void*>(scope_site->ptr()),
reinterpret_cast<void*>(object->ptr()));
}
}
}
static const bool kCopying = false;
};
MaybeHandle<JSObject> DeepWalk(Handle<JSObject> object,
DeprecationUpdateContext* site_context) {
JSObjectWalkVisitor<DeprecationUpdateContext> v(site_context);
MaybeHandle<JSObject> result = v.StructureWalk(object);
Handle<JSObject> for_assert;
DCHECK(!result.ToHandle(&for_assert) || for_assert.is_identical_to(object));
return result;
}
MaybeHandle<JSObject> DeepWalk(Handle<JSObject> object,
AllocationSiteCreationContext* site_context) {
JSObjectWalkVisitor<AllocationSiteCreationContext> v(site_context);
MaybeHandle<JSObject> result = v.StructureWalk(object);
Handle<JSObject> for_assert;
DCHECK(!result.ToHandle(&for_assert) || for_assert.is_identical_to(object));
return result;
}
MaybeHandle<JSObject> DeepCopy(Handle<JSObject> object,
AllocationSiteUsageContext* site_context) {
JSObjectWalkVisitor<AllocationSiteUsageContext> v(site_context);
MaybeHandle<JSObject> copy = v.StructureWalk(object);
Handle<JSObject> for_assert;
DCHECK(!copy.ToHandle(&for_assert) || !for_assert.is_identical_to(object));
return copy;
}
Handle<JSObject> CreateObjectLiteral(
Isolate* isolate,
Handle<ObjectBoilerplateDescription> object_boilerplate_description,
int flags, AllocationType allocation);
Handle<JSObject> CreateArrayLiteral(
Isolate* isolate,
Handle<ArrayBoilerplateDescription> array_boilerplate_description,
AllocationType allocation);
struct ObjectLiteralHelper {
static inline Handle<JSObject> Create(Isolate* isolate,
Handle<HeapObject> description,
int flags, AllocationType allocation) {
Handle<ObjectBoilerplateDescription> object_boilerplate_description =
Handle<ObjectBoilerplateDescription>::cast(description);
return CreateObjectLiteral(isolate, object_boilerplate_description, flags,
allocation);
}
};
struct ArrayLiteralHelper {
static inline Handle<JSObject> Create(Isolate* isolate,
Handle<HeapObject> description,
int flags_not_used,
AllocationType allocation) {
Handle<ArrayBoilerplateDescription> array_boilerplate_description =
Handle<ArrayBoilerplateDescription>::cast(description);
return CreateArrayLiteral(isolate, array_boilerplate_description,
allocation);
}
};
Handle<JSObject> CreateObjectLiteral(
Isolate* isolate,
Handle<ObjectBoilerplateDescription> object_boilerplate_description,
int flags, AllocationType allocation) {
Handle<NativeContext> native_context = isolate->native_context();
bool use_fast_elements = (flags & ObjectLiteral::kFastElements) != 0;
bool has_null_prototype = (flags & ObjectLiteral::kHasNullPrototype) != 0;
// In case we have function literals, we want the object to be in
// slow properties mode for now. We don't go in the map cache because
// maps with constant functions can't be shared if the functions are
// not the same (which is the common case).
int number_of_properties =
object_boilerplate_description->backing_store_size();
// Ignoring number_of_properties for force dictionary map with
// __proto__:null.
Handle<Map> map =
has_null_prototype
? handle(native_context->slow_object_with_null_prototype_map(),
isolate)
: isolate->factory()->ObjectLiteralMapFromCache(native_context,
number_of_properties);
Handle<JSObject> boilerplate =
isolate->factory()->NewFastOrSlowJSObjectFromMap(
map, number_of_properties, allocation);
// Normalize the elements of the boilerplate to save space if needed.
if (!use_fast_elements) JSObject::NormalizeElements(boilerplate);
// Add the constant properties to the boilerplate.
int length = object_boilerplate_description->size();
// TODO(verwaest): Support tracking representations in the boilerplate.
for (int index = 0; index < length; index++) {
Handle<Object> key(object_boilerplate_description->name(isolate, index),
isolate);
Handle<Object> value(object_boilerplate_description->value(isolate, index),
isolate);
if (value->IsHeapObject()) {
if (HeapObject::cast(*value).IsArrayBoilerplateDescription(isolate)) {
Handle<ArrayBoilerplateDescription> array_boilerplate =
Handle<ArrayBoilerplateDescription>::cast(value);
value = CreateArrayLiteral(isolate, array_boilerplate, allocation);
} else if (HeapObject::cast(*value).IsObjectBoilerplateDescription(
isolate)) {
Handle<ObjectBoilerplateDescription> object_boilerplate =
Handle<ObjectBoilerplateDescription>::cast(value);
value = CreateObjectLiteral(isolate, object_boilerplate,
object_boilerplate->flags(), allocation);
}
}
uint32_t element_index = 0;
if (key->ToArrayIndex(&element_index)) {
// Array index (uint32).
if (value->IsUninitialized(isolate)) {
value = handle(Smi::zero(), isolate);
}
JSObject::SetOwnElementIgnoreAttributes(boilerplate, element_index, value,
NONE)
.Check();
} else {
Handle<String> name = Handle<String>::cast(key);
DCHECK(!name->AsArrayIndex(&element_index));
JSObject::SetOwnPropertyIgnoreAttributes(boilerplate, name, value, NONE)
.Check();
}
}
if (map->is_dictionary_map() && !has_null_prototype) {
// TODO(cbruni): avoid making the boilerplate fast again, the clone stub
// supports dict-mode objects directly.
JSObject::MigrateSlowToFast(
boilerplate, boilerplate->map().UnusedPropertyFields(), "FastLiteral");
}
return boilerplate;
}
Handle<JSObject> CreateArrayLiteral(
Isolate* isolate,
Handle<ArrayBoilerplateDescription> array_boilerplate_description,
AllocationType allocation) {
ElementsKind constant_elements_kind =
array_boilerplate_description->elements_kind();
Handle<FixedArrayBase> constant_elements_values(
array_boilerplate_description->constant_elements(isolate), isolate);
// Create the JSArray.
Handle<FixedArrayBase> copied_elements_values;
if (IsDoubleElementsKind(constant_elements_kind)) {
copied_elements_values = isolate->factory()->CopyFixedDoubleArray(
Handle<FixedDoubleArray>::cast(constant_elements_values));
} else {
DCHECK(IsSmiOrObjectElementsKind(constant_elements_kind));
const bool is_cow = (constant_elements_values->map(isolate) ==
ReadOnlyRoots(isolate).fixed_cow_array_map());
if (is_cow) {
copied_elements_values = constant_elements_values;
if (DEBUG_BOOL) {
Handle<FixedArray> fixed_array_values =
Handle<FixedArray>::cast(copied_elements_values);
for (int i = 0; i < fixed_array_values->length(); i++) {
DCHECK(!fixed_array_values->get(i).IsFixedArray());
}
}
} else {
Handle<FixedArray> fixed_array_values =
Handle<FixedArray>::cast(constant_elements_values);
Handle<FixedArray> fixed_array_values_copy =
isolate->factory()->CopyFixedArray(fixed_array_values);
copied_elements_values = fixed_array_values_copy;
for (int i = 0; i < fixed_array_values->length(); i++) {
Object value = fixed_array_values_copy->get(isolate, i);
HeapObject value_heap_object;
if (value.GetHeapObject(isolate, &value_heap_object)) {
if (value_heap_object.IsArrayBoilerplateDescription(isolate)) {
HandleScope sub_scope(isolate);
Handle<ArrayBoilerplateDescription> boilerplate(
ArrayBoilerplateDescription::cast(value_heap_object), isolate);
Handle<JSObject> result =
CreateArrayLiteral(isolate, boilerplate, allocation);
fixed_array_values_copy->set(i, *result);
} else if (value_heap_object.IsObjectBoilerplateDescription(
isolate)) {
HandleScope sub_scope(isolate);
Handle<ObjectBoilerplateDescription> boilerplate(
ObjectBoilerplateDescription::cast(value_heap_object), isolate);
Handle<JSObject> result = CreateObjectLiteral(
isolate, boilerplate, boilerplate->flags(), allocation);
fixed_array_values_copy->set(i, *result);
}
}
}
}
}
return isolate->factory()->NewJSArrayWithElements(
copied_elements_values, constant_elements_kind,
copied_elements_values->length(), allocation);
}
template <typename LiteralHelper>
MaybeHandle<JSObject> CreateLiteralWithoutAllocationSite(
Isolate* isolate, Handle<HeapObject> description, int flags) {
Handle<JSObject> literal = LiteralHelper::Create(isolate, description, flags,
AllocationType::kYoung);
DeprecationUpdateContext update_context(isolate);
RETURN_ON_EXCEPTION(isolate, DeepWalk(literal, &update_context), JSObject);
return literal;
}
template <typename LiteralHelper>
MaybeHandle<JSObject> CreateLiteral(Isolate* isolate,
MaybeHandle<FeedbackVector> maybe_vector,
int literals_index,
Handle<HeapObject> description, int flags) {
if (maybe_vector.is_null()) {
return CreateLiteralWithoutAllocationSite<LiteralHelper>(
isolate, description, flags);
}
Handle<FeedbackVector> vector = maybe_vector.ToHandleChecked();
FeedbackSlot literals_slot(FeedbackVector::ToSlot(literals_index));
CHECK(literals_slot.ToInt() < vector->length());
Handle<Object> literal_site(vector->Get(literals_slot)->cast<Object>(),
isolate);
Handle<AllocationSite> site;
Handle<JSObject> boilerplate;
if (HasBoilerplate(literal_site)) {
site = Handle<AllocationSite>::cast(literal_site);
boilerplate = Handle<JSObject>(site->boilerplate(), isolate);
} else {
// Eagerly create AllocationSites for literals that contain an Array.
bool needs_initial_allocation_site =
(flags & AggregateLiteral::kNeedsInitialAllocationSite) != 0;
if (!needs_initial_allocation_site &&
IsUninitializedLiteralSite(*literal_site)) {
PreInitializeLiteralSite(vector, literals_slot);
return CreateLiteralWithoutAllocationSite<LiteralHelper>(
isolate, description, flags);
} else {
boilerplate = LiteralHelper::Create(isolate, description, flags,
AllocationType::kOld);
}
// Install AllocationSite objects.
AllocationSiteCreationContext creation_context(isolate);
site = creation_context.EnterNewScope();
RETURN_ON_EXCEPTION(isolate, DeepWalk(boilerplate, &creation_context),
JSObject);
creation_context.ExitScope(site, boilerplate);
vector->SynchronizedSet(literals_slot, *site);
}
STATIC_ASSERT(static_cast<int>(ObjectLiteral::kDisableMementos) ==
static_cast<int>(ArrayLiteral::kDisableMementos));
bool enable_mementos = (flags & ObjectLiteral::kDisableMementos) == 0;
// Copy the existing boilerplate.
AllocationSiteUsageContext usage_context(isolate, site, enable_mementos);
usage_context.EnterNewScope();
MaybeHandle<JSObject> copy = DeepCopy(boilerplate, &usage_context);
usage_context.ExitScope(site, boilerplate);
return copy;
}
} // namespace
RUNTIME_FUNCTION(Runtime_CreateObjectLiteral) {
HandleScope scope(isolate);
DCHECK_EQ(4, args.length());
Handle<HeapObject> maybe_vector = args.at<HeapObject>(0);
int literals_index = args.tagged_index_value_at(1);
Handle<ObjectBoilerplateDescription> description =
args.at<ObjectBoilerplateDescription>(2);
int flags = args.smi_value_at(3);
Handle<FeedbackVector> vector;
if (maybe_vector->IsFeedbackVector()) {
vector = Handle<FeedbackVector>::cast(maybe_vector);
} else {
DCHECK(maybe_vector->IsUndefined());
}
RETURN_RESULT_OR_FAILURE(
isolate, CreateLiteral<ObjectLiteralHelper>(
isolate, vector, literals_index, description, flags));
}
RUNTIME_FUNCTION(Runtime_CreateObjectLiteralWithoutAllocationSite) {
HandleScope scope(isolate);
DCHECK_EQ(2, args.length());
Handle<ObjectBoilerplateDescription> description =
args.at<ObjectBoilerplateDescription>(0);
int flags = args.smi_value_at(1);
RETURN_RESULT_OR_FAILURE(
isolate, CreateLiteralWithoutAllocationSite<ObjectLiteralHelper>(
isolate, description, flags));
}
RUNTIME_FUNCTION(Runtime_CreateArrayLiteralWithoutAllocationSite) {
HandleScope scope(isolate);
DCHECK_EQ(2, args.length());
Handle<ArrayBoilerplateDescription> description =
args.at<ArrayBoilerplateDescription>(0);
int flags = args.smi_value_at(1);
RETURN_RESULT_OR_FAILURE(
isolate, CreateLiteralWithoutAllocationSite<ArrayLiteralHelper>(
isolate, description, flags));
}
RUNTIME_FUNCTION(Runtime_CreateArrayLiteral) {
HandleScope scope(isolate);
DCHECK_EQ(4, args.length());
Handle<HeapObject> maybe_vector = args.at<HeapObject>(0);
int literals_index = args.tagged_index_value_at(1);
Handle<ArrayBoilerplateDescription> elements =
args.at<ArrayBoilerplateDescription>(2);
int flags = args.smi_value_at(3);
Handle<FeedbackVector> vector;
if (maybe_vector->IsFeedbackVector()) {
vector = Handle<FeedbackVector>::cast(maybe_vector);
} else {
DCHECK(maybe_vector->IsUndefined());
}
RETURN_RESULT_OR_FAILURE(
isolate, CreateLiteral<ArrayLiteralHelper>(
isolate, vector, literals_index, elements, flags));
}
RUNTIME_FUNCTION(Runtime_CreateRegExpLiteral) {
HandleScope scope(isolate);
DCHECK_EQ(4, args.length());
Handle<HeapObject> maybe_vector = args.at<HeapObject>(0);
int index = args.tagged_index_value_at(1);
Handle<String> pattern = args.at<String>(2);
int flags = args.smi_value_at(3);
if (maybe_vector->IsUndefined()) {
// We don't have a vector; don't create a boilerplate, simply construct a
// plain JSRegExp instance and return it.
RETURN_RESULT_OR_FAILURE(
isolate, JSRegExp::New(isolate, pattern, JSRegExp::Flags(flags)));
}
Handle<FeedbackVector> vector = Handle<FeedbackVector>::cast(maybe_vector);
FeedbackSlot literal_slot(FeedbackVector::ToSlot(index));
Handle<Object> literal_site(vector->Get(literal_slot)->cast<Object>(),
isolate);
// This function must not be called when a boilerplate already exists (if it
// exists, callers should instead copy the boilerplate into a new JSRegExp
// instance).
CHECK(!HasBoilerplate(literal_site));
Handle<JSRegExp> regexp_instance;
ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
isolate, regexp_instance,
JSRegExp::New(isolate, pattern, JSRegExp::Flags(flags)));
// JSRegExp literal sites are initialized in a two-step process:
// Uninitialized-Preinitialized, and Preinitialized-Initialized.
if (IsUninitializedLiteralSite(*literal_site)) {
PreInitializeLiteralSite(vector, literal_slot);
return *regexp_instance;
}
Handle<FixedArray> data(FixedArray::cast(regexp_instance->data()), isolate);
Handle<String> source(String::cast(regexp_instance->source()), isolate);
Handle<RegExpBoilerplateDescription> boilerplate =
isolate->factory()->NewRegExpBoilerplateDescription(
data, source,
Smi::FromInt(static_cast<int>(regexp_instance->flags())));
vector->SynchronizedSet(literal_slot, *boilerplate);
DCHECK(HasBoilerplate(
handle(vector->Get(literal_slot)->cast<Object>(), isolate)));
return *regexp_instance;
}
} // namespace internal
} // namespace v8