deps/v8/src/runtime/runtime-literals.cc

   1 // Copyright 2014 the V8 project authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "src/v8.h"
   6
   7 #include "src/allocation-site-scopes.h"
   8 #include "src/arguments.h"
   9 #include "src/ast.h"
  10 #include "src/parser.h"
  11 #include "src/runtime/runtime.h"
  12 #include "src/runtime/runtime-utils.h"
  13
  14 namespace v8 {
  15 namespace internal {
  16
  17 static Handle<Map> ComputeObjectLiteralMap(
  18     Handle<Context> context, Handle<FixedArray> constant_properties,
  19     bool* is_result_from_cache) {
  20   int properties_length = constant_properties->length();
  21   int number_of_properties = properties_length / 2;
  22
  23   for (int p = 0; p != properties_length; p += 2) {
  24     Object* key = constant_properties->get(p);
  25     uint32_t element_index = 0;
  26     if (key->ToArrayIndex(&element_index)) {
  27       // An index key does not require space in the property backing store.
  28       number_of_properties--;
  29     }
  30   }
  31   Isolate* isolate = context->GetIsolate();
  32   return isolate->factory()->ObjectLiteralMapFromCache(
  33       context, number_of_properties, is_result_from_cache);
  34 }
  35
  36 MUST_USE_RESULT static MaybeHandle<Object> CreateLiteralBoilerplate(
  37     Isolate* isolate, Handle<FixedArray> literals,
  38     Handle<FixedArray> constant_properties);
  39
  40
  41 MUST_USE_RESULT static MaybeHandle<Object> CreateObjectLiteralBoilerplate(
  42     Isolate* isolate, Handle<FixedArray> literals,
  43     Handle<FixedArray> constant_properties, bool should_have_fast_elements,
  44     bool has_function_literal) {
  45   Handle<Context> context = isolate->native_context();
  46
  47   // In case we have function literals, we want the object to be in
  48   // slow properties mode for now. We don't go in the map cache because
  49   // maps with constant functions can't be shared if the functions are
  50   // not the same (which is the common case).
  51   bool is_result_from_cache = false;
  52   Handle<Map> map = has_function_literal
  53                         ? Handle<Map>(context->object_function()->initial_map())
  54                         : ComputeObjectLiteralMap(context, constant_properties,
  55                                                   &is_result_from_cache);
  56
  57   PretenureFlag pretenure_flag =
  58       isolate->heap()->InNewSpace(*literals) ? NOT_TENURED : TENURED;
  59
  60   Handle<JSObject> boilerplate =
  61       isolate->factory()->NewJSObjectFromMap(map, pretenure_flag);
  62
  63   // Normalize the elements of the boilerplate to save space if needed.
  64   if (!should_have_fast_elements) JSObject::NormalizeElements(boilerplate);
  65
  66   // Add the constant properties to the boilerplate.
  67   int length = constant_properties->length();
  68   bool should_transform =
  69       !is_result_from_cache && boilerplate->HasFastProperties();
  70   bool should_normalize = should_transform || has_function_literal;
  71   if (should_normalize) {
  72     // TODO(verwaest): We might not want to ever normalize here.
  73     JSObject::NormalizeProperties(boilerplate, KEEP_INOBJECT_PROPERTIES,
  74                                   length / 2, "Boilerplate");
  75   }
  76   // TODO(verwaest): Support tracking representations in the boilerplate.
  77   for (int index = 0; index < length; index += 2) {
  78     Handle<Object> key(constant_properties->get(index + 0), isolate);
  79     Handle<Object> value(constant_properties->get(index + 1), isolate);
  80     if (value->IsFixedArray()) {
  81       // The value contains the constant_properties of a
  82       // simple object or array literal.
  83       Handle<FixedArray> array = Handle<FixedArray>::cast(value);
  84       ASSIGN_RETURN_ON_EXCEPTION(
  85           isolate, value, CreateLiteralBoilerplate(isolate, literals, array),
  86           Object);
  87     }
  88     MaybeHandle<Object> maybe_result;
  89     uint32_t element_index = 0;
  90     if (key->IsInternalizedString()) {
  91       if (Handle<String>::cast(key)->AsArrayIndex(&element_index)) {
  92         // Array index as string (uint32).
  93         if (value->IsUninitialized()) value = handle(Smi::FromInt(0), isolate);
  94         maybe_result =
  95             JSObject::SetOwnElement(boilerplate, element_index, value, SLOPPY);
  96       } else {
  97         Handle<String> name(String::cast(*key));
  98         DCHECK(!name->AsArrayIndex(&element_index));
  99         maybe_result = JSObject::SetOwnPropertyIgnoreAttributes(
 100             boilerplate, name, value, NONE);
 101       }
 102     } else if (key->ToArrayIndex(&element_index)) {
 103       // Array index (uint32).
 104       if (value->IsUninitialized()) value = handle(Smi::FromInt(0), isolate);
 105       maybe_result =
 106           JSObject::SetOwnElement(boilerplate, element_index, value, SLOPPY);
 107     } else {
 108       // Non-uint32 number.
 109       DCHECK(key->IsNumber());
 110       double num = key->Number();
 111       char arr[100];
 112       Vector<char> buffer(arr, arraysize(arr));
 113       const char* str = DoubleToCString(num, buffer);
 114       Handle<String> name = isolate->factory()->NewStringFromAsciiChecked(str);
 115       maybe_result = JSObject::SetOwnPropertyIgnoreAttributes(boilerplate, name,
 116                                                               value, NONE);
 117     }
 118     // If setting the property on the boilerplate throws an
 119     // exception, the exception is converted to an empty handle in
 120     // the handle based operations.  In that case, we need to
 121     // convert back to an exception.
 122     RETURN_ON_EXCEPTION(isolate, maybe_result, Object);
 123   }
 124
 125   // Transform to fast properties if necessary. For object literals with
 126   // containing function literals we defer this operation until after all
 127   // computed properties have been assigned so that we can generate
 128   // constant function properties.
 129   if (should_transform && !has_function_literal) {
 130     JSObject::MigrateSlowToFast(boilerplate,
 131                                 boilerplate->map()->unused_property_fields(),
 132                                 "FastLiteral");
 133   }
 134   return boilerplate;
 135 }
 136
 137
 138 MaybeHandle<Object> Runtime::CreateArrayLiteralBoilerplate(
 139     Isolate* isolate, Handle<FixedArray> literals,
 140     Handle<FixedArray> elements) {
 141   // Create the JSArray.
 142   Handle<JSFunction> constructor = isolate->array_function();
 143
 144   PretenureFlag pretenure_flag =
 145       isolate->heap()->InNewSpace(*literals) ? NOT_TENURED : TENURED;
 146
 147   Handle<JSArray> object = Handle<JSArray>::cast(
 148       isolate->factory()->NewJSObject(constructor, pretenure_flag));
 149
 150   ElementsKind constant_elements_kind =
 151       static_cast<ElementsKind>(Smi::cast(elements->get(0))->value());
 152   Handle<FixedArrayBase> constant_elements_values(
 153       FixedArrayBase::cast(elements->get(1)));
 154
 155   {
 156     DisallowHeapAllocation no_gc;
 157     DCHECK(IsFastElementsKind(constant_elements_kind));
 158     Context* native_context = isolate->context()->native_context();
 159     Object* maps_array = native_context->js_array_maps();
 160     DCHECK(!maps_array->IsUndefined());
 161     Object* map = FixedArray::cast(maps_array)->get(constant_elements_kind);
 162     object->set_map(Map::cast(map));
 163   }
 164
 165   Handle<FixedArrayBase> copied_elements_values;
 166   if (IsFastDoubleElementsKind(constant_elements_kind)) {
 167     copied_elements_values = isolate->factory()->CopyFixedDoubleArray(
 168         Handle<FixedDoubleArray>::cast(constant_elements_values));
 169   } else {
 170     DCHECK(IsFastSmiOrObjectElementsKind(constant_elements_kind));
 171     const bool is_cow = (constant_elements_values->map() ==
 172                          isolate->heap()->fixed_cow_array_map());
 173     if (is_cow) {
 174       copied_elements_values = constant_elements_values;
 175 #if DEBUG
 176       Handle<FixedArray> fixed_array_values =
 177           Handle<FixedArray>::cast(copied_elements_values);
 178       for (int i = 0; i < fixed_array_values->length(); i++) {
 179         DCHECK(!fixed_array_values->get(i)->IsFixedArray());
 180       }
 181 #endif
 182     } else {
 183       Handle<FixedArray> fixed_array_values =
 184           Handle<FixedArray>::cast(constant_elements_values);
 185       Handle<FixedArray> fixed_array_values_copy =
 186           isolate->factory()->CopyFixedArray(fixed_array_values);
 187       copied_elements_values = fixed_array_values_copy;
 188       for (int i = 0; i < fixed_array_values->length(); i++) {
 189         if (fixed_array_values->get(i)->IsFixedArray()) {
 190           // The value contains the constant_properties of a
 191           // simple object or array literal.
 192           Handle<FixedArray> fa(FixedArray::cast(fixed_array_values->get(i)));
 193           Handle<Object> result;
 194           ASSIGN_RETURN_ON_EXCEPTION(
 195               isolate, result, CreateLiteralBoilerplate(isolate, literals, fa),
 196               Object);
 197           fixed_array_values_copy->set(i, *result);
 198         }
 199       }
 200     }
 201   }
 202   object->set_elements(*copied_elements_values);
 203   object->set_length(Smi::FromInt(copied_elements_values->length()));
 204
 205   JSObject::ValidateElements(object);
 206   return object;
 207 }
 208
 209
 210 MUST_USE_RESULT static MaybeHandle<Object> CreateLiteralBoilerplate(
 211     Isolate* isolate, Handle<FixedArray> literals, Handle<FixedArray> array) {
 212   Handle<FixedArray> elements = CompileTimeValue::GetElements(array);
 213   const bool kHasNoFunctionLiteral = false;
 214   switch (CompileTimeValue::GetLiteralType(array)) {
 215     case CompileTimeValue::OBJECT_LITERAL_FAST_ELEMENTS:
 216       return CreateObjectLiteralBoilerplate(isolate, literals, elements, true,
 217                                             kHasNoFunctionLiteral);
 218     case CompileTimeValue::OBJECT_LITERAL_SLOW_ELEMENTS:
 219       return CreateObjectLiteralBoilerplate(isolate, literals, elements, false,
 220                                             kHasNoFunctionLiteral);
 221     case CompileTimeValue::ARRAY_LITERAL:
 222       return Runtime::CreateArrayLiteralBoilerplate(isolate, literals,
 223                                                     elements);
 224     default:
 225       UNREACHABLE();
 226       return MaybeHandle<Object>();
 227   }
 228 }
 229
 230
 231 RUNTIME_FUNCTION(Runtime_CreateObjectLiteral) {
 232   HandleScope scope(isolate);
 233   DCHECK(args.length() == 4);
 234   CONVERT_ARG_HANDLE_CHECKED(FixedArray, literals, 0);
 235   CONVERT_SMI_ARG_CHECKED(literals_index, 1);
 236   CONVERT_ARG_HANDLE_CHECKED(FixedArray, constant_properties, 2);
 237   CONVERT_SMI_ARG_CHECKED(flags, 3);
 238   bool should_have_fast_elements = (flags & ObjectLiteral::kFastElements) != 0;
 239   bool has_function_literal = (flags & ObjectLiteral::kHasFunction) != 0;
 240   bool enable_mementos = (flags & ObjectLiteral::kDisableMementos) == 0;
 241
 242   RUNTIME_ASSERT(literals_index >= 0 && literals_index < literals->length());
 243
 244   // Check if boilerplate exists. If not, create it first.
 245   Handle<Object> literal_site(literals->get(literals_index), isolate);
 246   Handle<AllocationSite> site;
 247   Handle<JSObject> boilerplate;
 248   if (*literal_site == isolate->heap()->undefined_value()) {
 249     Handle<Object> raw_boilerplate;
 250     ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
 251         isolate, raw_boilerplate,
 252         CreateObjectLiteralBoilerplate(isolate, literals, constant_properties,
 253                                        should_have_fast_elements,
 254                                        has_function_literal));
 255     boilerplate = Handle<JSObject>::cast(raw_boilerplate);
 256
 257     AllocationSiteCreationContext creation_context(isolate);
 258     site = creation_context.EnterNewScope();
 259     RETURN_FAILURE_ON_EXCEPTION(
 260         isolate, JSObject::DeepWalk(boilerplate, &creation_context));
 261     creation_context.ExitScope(site, boilerplate);
 262
 263     // Update the functions literal and return the boilerplate.
 264     literals->set(literals_index, *site);
 265   } else {
 266     site = Handle<AllocationSite>::cast(literal_site);
 267     boilerplate =
 268         Handle<JSObject>(JSObject::cast(site->transition_info()), isolate);
 269   }
 270
 271   AllocationSiteUsageContext usage_context(isolate, site, enable_mementos);
 272   usage_context.EnterNewScope();
 273   MaybeHandle<Object> maybe_copy =
 274       JSObject::DeepCopy(boilerplate, &usage_context);
 275   usage_context.ExitScope(site, boilerplate);
 276   Handle<Object> copy;
 277   ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, copy, maybe_copy);
 278   return *copy;
 279 }
 280
 281
 282 MUST_USE_RESULT static MaybeHandle<AllocationSite> GetLiteralAllocationSite(
 283     Isolate* isolate, Handle<FixedArray> literals, int literals_index,
 284     Handle<FixedArray> elements) {
 285   // Check if boilerplate exists. If not, create it first.
 286   Handle<Object> literal_site(literals->get(literals_index), isolate);
 287   Handle<AllocationSite> site;
 288   if (*literal_site == isolate->heap()->undefined_value()) {
 289     DCHECK(*elements != isolate->heap()->empty_fixed_array());
 290     Handle<Object> boilerplate;
 291     ASSIGN_RETURN_ON_EXCEPTION(
 292         isolate, boilerplate,
 293         Runtime::CreateArrayLiteralBoilerplate(isolate, literals, elements),
 294         AllocationSite);
 295
 296     AllocationSiteCreationContext creation_context(isolate);
 297     site = creation_context.EnterNewScope();
 298     if (JSObject::DeepWalk(Handle<JSObject>::cast(boilerplate),
 299                            &creation_context).is_null()) {
 300       return Handle<AllocationSite>::null();
 301     }
 302     creation_context.ExitScope(site, Handle<JSObject>::cast(boilerplate));
 303
 304     literals->set(literals_index, *site);
 305   } else {
 306     site = Handle<AllocationSite>::cast(literal_site);
 307   }
 308
 309   return site;
 310 }
 311
 312
 313 static MaybeHandle<JSObject> CreateArrayLiteralImpl(Isolate* isolate,
 314                                                     Handle<FixedArray> literals,
 315                                                     int literals_index,
 316                                                     Handle<FixedArray> elements,
 317                                                     int flags) {
 318   RUNTIME_ASSERT_HANDLIFIED(
 319       literals_index >= 0 && literals_index < literals->length(), JSObject);
 320   Handle<AllocationSite> site;
 321   ASSIGN_RETURN_ON_EXCEPTION(
 322       isolate, site,
 323       GetLiteralAllocationSite(isolate, literals, literals_index, elements),
 324       JSObject);
 325
 326   bool enable_mementos = (flags & ArrayLiteral::kDisableMementos) == 0;
 327   Handle<JSObject> boilerplate(JSObject::cast(site->transition_info()));
 328   AllocationSiteUsageContext usage_context(isolate, site, enable_mementos);
 329   usage_context.EnterNewScope();
 330   JSObject::DeepCopyHints hints = (flags & ArrayLiteral::kShallowElements) == 0
 331                                       ? JSObject::kNoHints
 332                                       : JSObject::kObjectIsShallow;
 333   MaybeHandle<JSObject> copy =
 334       JSObject::DeepCopy(boilerplate, &usage_context, hints);
 335   usage_context.ExitScope(site, boilerplate);
 336   return copy;
 337 }
 338
 339
 340 RUNTIME_FUNCTION(Runtime_CreateArrayLiteral) {
 341   HandleScope scope(isolate);
 342   DCHECK(args.length() == 4);
 343   CONVERT_ARG_HANDLE_CHECKED(FixedArray, literals, 0);
 344   CONVERT_SMI_ARG_CHECKED(literals_index, 1);
 345   CONVERT_ARG_HANDLE_CHECKED(FixedArray, elements, 2);
 346   CONVERT_SMI_ARG_CHECKED(flags, 3);
 347
 348   Handle<JSObject> result;
 349   ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
 350       isolate, result, CreateArrayLiteralImpl(isolate, literals, literals_index,
 351                                               elements, flags));
 352   return *result;
 353 }
 354
 355
 356 RUNTIME_FUNCTION(Runtime_CreateArrayLiteralStubBailout) {
 357   HandleScope scope(isolate);
 358   DCHECK(args.length() == 3);
 359   CONVERT_ARG_HANDLE_CHECKED(FixedArray, literals, 0);
 360   CONVERT_SMI_ARG_CHECKED(literals_index, 1);
 361   CONVERT_ARG_HANDLE_CHECKED(FixedArray, elements, 2);
 362
 363   Handle<JSObject> result;
 364   ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
 365       isolate, result,
 366       CreateArrayLiteralImpl(isolate, literals, literals_index, elements,
 367                              ArrayLiteral::kShallowElements));
 368   return *result;
 369 }
 370
 371
 372 RUNTIME_FUNCTION(Runtime_StoreArrayLiteralElement) {
 373   HandleScope scope(isolate);
 374   RUNTIME_ASSERT(args.length() == 5);
 375   CONVERT_ARG_HANDLE_CHECKED(JSObject, object, 0);
 376   CONVERT_SMI_ARG_CHECKED(store_index, 1);
 377   CONVERT_ARG_HANDLE_CHECKED(Object, value, 2);
 378   CONVERT_ARG_HANDLE_CHECKED(FixedArray, literals, 3);
 379   CONVERT_SMI_ARG_CHECKED(literal_index, 4);
 380
 381   Object* raw_literal_cell = literals->get(literal_index);
 382   JSArray* boilerplate = NULL;
 383   if (raw_literal_cell->IsAllocationSite()) {
 384     AllocationSite* site = AllocationSite::cast(raw_literal_cell);
 385     boilerplate = JSArray::cast(site->transition_info());
 386   } else {
 387     boilerplate = JSArray::cast(raw_literal_cell);
 388   }
 389   Handle<JSArray> boilerplate_object(boilerplate);
 390   ElementsKind elements_kind = object->GetElementsKind();
 391   DCHECK(IsFastElementsKind(elements_kind));
 392   // Smis should never trigger transitions.
 393   DCHECK(!value->IsSmi());
 394
 395   if (value->IsNumber()) {
 396     DCHECK(IsFastSmiElementsKind(elements_kind));
 397     ElementsKind transitioned_kind = IsFastHoleyElementsKind(elements_kind)
 398                                          ? FAST_HOLEY_DOUBLE_ELEMENTS
 399                                          : FAST_DOUBLE_ELEMENTS;
 400     if (IsMoreGeneralElementsKindTransition(
 401             boilerplate_object->GetElementsKind(), transitioned_kind)) {
 402       JSObject::TransitionElementsKind(boilerplate_object, transitioned_kind);
 403     }
 404     JSObject::TransitionElementsKind(object, transitioned_kind);
 405     DCHECK(IsFastDoubleElementsKind(object->GetElementsKind()));
 406     FixedDoubleArray* double_array = FixedDoubleArray::cast(object->elements());
 407     HeapNumber* number = HeapNumber::cast(*value);
 408     double_array->set(store_index, number->Number());
 409   } else {
 410     if (!IsFastObjectElementsKind(elements_kind)) {
 411       ElementsKind transitioned_kind = IsFastHoleyElementsKind(elements_kind)
 412                                            ? FAST_HOLEY_ELEMENTS
 413                                            : FAST_ELEMENTS;
 414       JSObject::TransitionElementsKind(object, transitioned_kind);
 415       ElementsKind boilerplate_elements_kind =
 416           boilerplate_object->GetElementsKind();
 417       if (IsMoreGeneralElementsKindTransition(boilerplate_elements_kind,
 418                                               transitioned_kind)) {
 419         JSObject::TransitionElementsKind(boilerplate_object, transitioned_kind);
 420       }
 421     }
 422     FixedArray* object_array = FixedArray::cast(object->elements());
 423     object_array->set(store_index, *value);
 424   }
 425   return *object;
 426 }
 427 }
 428 }  // namespace v8::internal