2015-12-16 14:27:15 +00:00
|
|
|
// Copyright 2015 the V8 project authors. All rights reserved.
|
2014-04-29 06:42:26 +00:00
|
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
|
|
// found in the LICENSE file.
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
#ifndef V8_OBJECTS_H_
|
|
|
|
#define V8_OBJECTS_H_
|
|
|
|
|
2014-09-30 10:29:32 +00:00
|
|
|
#include <iosfwd>
|
2016-07-25 10:24:45 +00:00
|
|
|
#include <memory>
|
2014-09-30 10:29:32 +00:00
|
|
|
|
2018-05-16 10:49:30 +00:00
|
|
|
#include "include/v8.h"
|
|
|
|
#include "include/v8config.h"
|
2014-06-03 08:12:43 +00:00
|
|
|
#include "src/assert-scope.h"
|
2014-09-02 13:36:35 +00:00
|
|
|
#include "src/base/bits.h"
|
2018-05-16 10:49:30 +00:00
|
|
|
#include "src/base/build_config.h"
|
2015-11-25 13:46:09 +00:00
|
|
|
#include "src/base/flags.h"
|
2018-05-16 10:49:30 +00:00
|
|
|
#include "src/base/logging.h"
|
2014-06-30 13:25:46 +00:00
|
|
|
#include "src/checks.h"
|
2014-06-03 08:12:43 +00:00
|
|
|
#include "src/elements-kind.h"
|
2014-06-10 14:01:08 +00:00
|
|
|
#include "src/field-index.h"
|
2014-06-03 08:12:43 +00:00
|
|
|
#include "src/flags.h"
|
Reland of Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex. (patchset #2 id:170001 of https://codereview.chromium.org/2113593002/ )
Reason for revert:
WebGL tests have been updated and rolled (at https://codereview.chromium.org/2227023002), so this should no longer fail outdated tests.
Original issue's description:
> Revert of Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex. (patchset #8 id:140001 of https://codereview.chromium.org/2090353003/ )
>
> Reason for revert:
> Speculative revert to unblock roll: https://codereview.chromium.org/2107223003/
>
> Original issue's description:
> > Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex.
> >
> > The spec was modified to relax some requirements which implementors had not been
> > enforcing. Part of this process involved introducing a new abstract operation
> > ToIndex, which had partial overlap with our existing semantics as well as some
> > differences (most notably treating undefined as 0). Test262 tests were introduced to
> > check for the new semantics, some of which we were failing. This patch amends the
> > parts of our implementation corresponding to specification algorithms which use
> > ToIndex to follow its semantics precisely.
> >
> > BUG=v8:4784,v8:5120
> >
> > Committed: https://crrev.com/09720349ea058d178521ec58d0a5676443a5a132
> > Cr-Commit-Position: refs/heads/master@{#37406}
>
> TBR=littledan@chromium.org,adamk@chromium.org,bakkot@google.com
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4784,v8:5120
>
> Committed: https://crrev.com/b1f7f1f4e41a723d5f997738a07e35a031713b8f
> Cr-Commit-Position: refs/heads/master@{#37417}
TBR=littledan@chromium.org,adamk@chromium.org,hablich@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:4784,v8:5120
Review-Url: https://codereview.chromium.org/2247073004
Cr-Commit-Position: refs/heads/master@{#38689}
2016-08-17 17:38:34 +00:00
|
|
|
#include "src/messages.h"
|
2014-06-03 08:12:43 +00:00
|
|
|
#include "src/property-details.h"
|
2018-05-16 10:49:30 +00:00
|
|
|
#include "src/utils.h"
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2014-06-20 08:40:11 +00:00
|
|
|
#if V8_TARGET_ARCH_ARM
|
|
|
|
#include "src/arm/constants-arm.h" // NOLINT
|
|
|
|
#elif V8_TARGET_ARCH_ARM64
|
|
|
|
#include "src/arm64/constants-arm64.h" // NOLINT
|
|
|
|
#elif V8_TARGET_ARCH_MIPS
|
|
|
|
#include "src/mips/constants-mips.h" // NOLINT
|
2014-07-09 11:08:26 +00:00
|
|
|
#elif V8_TARGET_ARCH_MIPS64
|
|
|
|
#include "src/mips64/constants-mips64.h" // NOLINT
|
2015-01-16 07:42:00 +00:00
|
|
|
#elif V8_TARGET_ARCH_PPC
|
|
|
|
#include "src/ppc/constants-ppc.h" // NOLINT
|
2016-03-10 14:02:50 +00:00
|
|
|
#elif V8_TARGET_ARCH_S390
|
|
|
|
#include "src/s390/constants-s390.h" // NOLINT
|
2014-06-20 08:40:11 +00:00
|
|
|
#endif
|
|
|
|
|
2017-01-10 16:05:34 +00:00
|
|
|
// Has to be the last include (doesn't have include guards):
|
|
|
|
#include "src/objects/object-macros.h"
|
2011-10-21 10:32:38 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
//
|
2010-07-20 07:14:19 +00:00
|
|
|
// Most object types in the V8 JavaScript are described in this file.
|
2008-07-03 15:10:15 +00:00
|
|
|
//
|
|
|
|
// Inheritance hierarchy:
|
2014-04-30 12:25:18 +00:00
|
|
|
// - Object
|
|
|
|
// - Smi (immediate small integer)
|
|
|
|
// - HeapObject (superclass for everything allocated in the heap)
|
|
|
|
// - JSReceiver (suitable for property access)
|
|
|
|
// - JSObject
|
|
|
|
// - JSArray
|
|
|
|
// - JSArrayBuffer
|
|
|
|
// - JSArrayBufferView
|
|
|
|
// - JSTypedArray
|
|
|
|
// - JSDataView
|
2015-12-27 06:30:53 +00:00
|
|
|
// - JSBoundFunction
|
2014-07-10 10:54:47 +00:00
|
|
|
// - JSCollection
|
|
|
|
// - JSSet
|
|
|
|
// - JSMap
|
2016-09-21 14:17:42 +00:00
|
|
|
// - JSStringIterator
|
2014-04-30 12:25:18 +00:00
|
|
|
// - JSSetIterator
|
|
|
|
// - JSMapIterator
|
|
|
|
// - JSWeakCollection
|
|
|
|
// - JSWeakMap
|
|
|
|
// - JSWeakSet
|
|
|
|
// - JSRegExp
|
|
|
|
// - JSFunction
|
|
|
|
// - JSGeneratorObject
|
2015-11-02 14:57:59 +00:00
|
|
|
// - JSGlobalObject
|
2014-04-30 12:25:18 +00:00
|
|
|
// - JSGlobalProxy
|
|
|
|
// - JSValue
|
|
|
|
// - JSDate
|
|
|
|
// - JSMessageObject
|
2016-10-07 19:37:04 +00:00
|
|
|
// - JSModuleNamespace
|
2018-05-15 20:50:46 +00:00
|
|
|
// - JSLocale // If V8_INTL_SUPPORT enabled.
|
2018-04-03 18:17:57 +00:00
|
|
|
// - WasmGlobalObject
|
2017-07-07 12:27:56 +00:00
|
|
|
// - WasmInstanceObject
|
|
|
|
// - WasmMemoryObject
|
|
|
|
// - WasmModuleObject
|
|
|
|
// - WasmTableObject
|
2014-04-30 12:25:18 +00:00
|
|
|
// - JSProxy
|
|
|
|
// - FixedArrayBase
|
|
|
|
// - ByteArray
|
2015-07-24 12:02:41 +00:00
|
|
|
// - BytecodeArray
|
2014-04-30 12:25:18 +00:00
|
|
|
// - FixedArray
|
|
|
|
// - DescriptorArray
|
2016-08-24 08:48:34 +00:00
|
|
|
// - FrameArray
|
2014-04-30 12:25:18 +00:00
|
|
|
// - HashTable
|
|
|
|
// - Dictionary
|
|
|
|
// - StringTable
|
2016-03-31 05:58:42 +00:00
|
|
|
// - StringSet
|
2014-04-30 12:25:18 +00:00
|
|
|
// - CompilationCacheTable
|
|
|
|
// - MapCache
|
|
|
|
// - OrderedHashTable
|
|
|
|
// - OrderedHashSet
|
|
|
|
// - OrderedHashMap
|
|
|
|
// - Context
|
2017-02-07 14:05:02 +00:00
|
|
|
// - FeedbackMetadata
|
2016-08-01 14:28:06 +00:00
|
|
|
// - TemplateList
|
2014-04-30 12:25:18 +00:00
|
|
|
// - TransitionArray
|
2016-08-01 14:28:06 +00:00
|
|
|
// - ScopeInfo
|
2016-08-31 14:25:28 +00:00
|
|
|
// - ModuleInfo
|
2014-11-12 11:34:09 +00:00
|
|
|
// - ScriptContextTable
|
2018-03-07 14:54:58 +00:00
|
|
|
// - FixedArrayOfWeakCells
|
2014-04-30 12:25:18 +00:00
|
|
|
// - FixedDoubleArray
|
|
|
|
// - Name
|
|
|
|
// - String
|
|
|
|
// - SeqString
|
|
|
|
// - SeqOneByteString
|
|
|
|
// - SeqTwoByteString
|
|
|
|
// - SlicedString
|
|
|
|
// - ConsString
|
2017-01-19 13:27:59 +00:00
|
|
|
// - ThinString
|
2014-04-30 12:25:18 +00:00
|
|
|
// - ExternalString
|
2014-09-10 12:38:12 +00:00
|
|
|
// - ExternalOneByteString
|
2014-04-30 12:25:18 +00:00
|
|
|
// - ExternalTwoByteString
|
|
|
|
// - InternalizedString
|
|
|
|
// - SeqInternalizedString
|
|
|
|
// - SeqOneByteInternalizedString
|
|
|
|
// - SeqTwoByteInternalizedString
|
|
|
|
// - ConsInternalizedString
|
|
|
|
// - ExternalInternalizedString
|
2014-09-10 12:38:12 +00:00
|
|
|
// - ExternalOneByteInternalizedString
|
2014-04-30 12:25:18 +00:00
|
|
|
// - ExternalTwoByteInternalizedString
|
|
|
|
// - Symbol
|
|
|
|
// - HeapNumber
|
2017-09-11 13:16:27 +00:00
|
|
|
// - BigInt
|
2014-04-30 12:25:18 +00:00
|
|
|
// - Cell
|
2015-03-18 12:54:02 +00:00
|
|
|
// - PropertyCell
|
2017-07-11 20:56:40 +00:00
|
|
|
// - PropertyArray
|
2014-04-30 12:25:18 +00:00
|
|
|
// - Code
|
2016-01-28 12:11:55 +00:00
|
|
|
// - AbstractCode, a wrapper around Code or BytecodeArray
|
2014-04-30 12:25:18 +00:00
|
|
|
// - Map
|
|
|
|
// - Oddball
|
|
|
|
// - Foreign
|
2017-06-19 23:19:16 +00:00
|
|
|
// - SmallOrderedHashTable
|
|
|
|
// - SmallOrderedHashMap
|
|
|
|
// - SmallOrderedHashSet
|
2014-04-30 12:25:18 +00:00
|
|
|
// - SharedFunctionInfo
|
|
|
|
// - Struct
|
|
|
|
// - AccessorInfo
|
2018-02-08 16:36:52 +00:00
|
|
|
// - PromiseReaction
|
2017-08-30 17:03:38 +00:00
|
|
|
// - PromiseCapability
|
2014-04-30 12:25:18 +00:00
|
|
|
// - AccessorPair
|
|
|
|
// - AccessCheckInfo
|
|
|
|
// - InterceptorInfo
|
|
|
|
// - CallHandlerInfo
|
2017-08-30 04:21:29 +00:00
|
|
|
// - EnumCache
|
2014-04-30 12:25:18 +00:00
|
|
|
// - TemplateInfo
|
|
|
|
// - FunctionTemplateInfo
|
|
|
|
// - ObjectTemplateInfo
|
|
|
|
// - Script
|
|
|
|
// - DebugInfo
|
2017-08-01 16:41:20 +00:00
|
|
|
// - BreakPoint
|
2014-04-30 12:25:18 +00:00
|
|
|
// - BreakPointInfo
|
2017-04-03 14:58:49 +00:00
|
|
|
// - StackFrameInfo
|
2017-05-23 13:01:29 +00:00
|
|
|
// - SourcePositionTableWithFrameCache
|
2014-04-30 12:25:18 +00:00
|
|
|
// - CodeCache
|
2015-04-07 10:42:45 +00:00
|
|
|
// - PrototypeInfo
|
2018-02-08 16:36:52 +00:00
|
|
|
// - Microtask
|
|
|
|
// - CallbackTask
|
|
|
|
// - CallableTask
|
|
|
|
// - PromiseReactionJobTask
|
|
|
|
// - PromiseFulfillReactionJobTask
|
|
|
|
// - PromiseRejectReactionJobTask
|
|
|
|
// - PromiseResolveThenableJobTask
|
2016-09-16 16:47:07 +00:00
|
|
|
// - Module
|
2016-11-04 09:37:22 +00:00
|
|
|
// - ModuleInfoEntry
|
2017-06-30 10:38:38 +00:00
|
|
|
// - PreParsedScopeData
|
2014-10-14 14:43:45 +00:00
|
|
|
// - WeakCell
|
2018-02-22 12:04:01 +00:00
|
|
|
// - FeedbackCell
|
2017-07-27 12:45:00 +00:00
|
|
|
// - FeedbackVector
|
2008-07-03 15:10:15 +00:00
|
|
|
//
|
|
|
|
// Formats of Object*:
|
|
|
|
// Smi: [31 bit signed int] 0
|
|
|
|
// HeapObject: [32 bit direct pointer] (4 byte aligned) | 01
|
|
|
|
|
2009-05-25 10:05:56 +00:00
|
|
|
namespace v8 {
|
|
|
|
namespace internal {
|
2008-07-03 15:10:15 +00:00
|
|
|
|
This CL enables precise source positions for all V8 compilers. It merges compiler::SourcePosition and internal::SourcePosition to a single class used throughout the codebase. The new internal::SourcePosition instances store an id identifying an inlined function in addition to a script offset.
SourcePosition::InliningId() refers to a the new table DeoptimizationInputData::InliningPositions(), which provides the following data for every inlining id:
- The inlined SharedFunctionInfo as an offset into DeoptimizationInfo::LiteralArray
- The SourcePosition of the inlining. Recursively, this yields the full inlining stack.
Before the Code object is created, the same information can be found in CompilationInfo::inlined_functions().
If SourcePosition::InliningId() is SourcePosition::kNotInlined, it refers to the outer (non-inlined) function.
So every SourcePosition has full information about its inlining stack, as long as the corresponding Code object is known. The internal represenation of a source position is a positive 64bit integer.
All compilers create now appropriate source positions for inlined functions. In the case of Turbofan, this required using AstGraphBuilderWithPositions for inlined functions too. So this class is now moved to a header file.
At the moment, the additional information in source positions is only used in --trace-deopt and --code-comments. The profiler needs to be updated, at the moment it gets the correct script offsets from the deopt info, but the wrong script id from the reconstructed deopt stack, which can lead to wrong outputs. This should be resolved by making the profiler use the new inlining information for deopts.
I activated the inlined deoptimization tests in test-cpu-profiler.cc for Turbofan, changing them to a case where the deopt stack and the inlining position agree. It is currently still broken for other cases.
The following additional changes were necessary:
- The source position table (internal::SourcePositionTableBuilder etc.) supports now 64bit source positions. Encoding source positions in a single 64bit int together with the difference encoding in the source position table results in very little overhead for the inlining id, since only 12% of the source positions in Octane have a changed inlining id.
- The class HPositionInfo was effectively dead code and is now removed.
- SourcePosition has new printing and information facilities, including computing a full inlining stack.
- I had to rename compiler/source-position.{h,cc} to compiler/compiler-source-position-table.{h,cc} to avoid clashes with the new src/source-position.cc file.
- I wrote the new wrapper PodArray for ByteArray. It is a template working with any POD-type. This is used in DeoptimizationInputData::InliningPositions().
- I removed HInlinedFunctionInfo and HGraph::inlined_function_infos, because they were only used for the now obsolete Crankshaft inlining ids.
- Crankshaft managed a list of inlined functions in Lithium: LChunk::inlined_functions. This is an analog structure to CompilationInfo::inlined_functions. So I removed LChunk::inlined_functions and made Crankshaft use CompilationInfo::inlined_functions instead, because this was necessary to register the offsets into the literal array in a uniform way. This is a safe change because LChunk::inlined_functions has no other uses and the functions in CompilationInfo::inlined_functions have a strictly longer lifespan, being created earlier (in Hydrogen already).
BUG=v8:5432
Review-Url: https://codereview.chromium.org/2451853002
Cr-Commit-Position: refs/heads/master@{#40975}
2016-11-14 17:21:37 +00:00
|
|
|
struct InliningPosition;
|
2017-09-25 08:21:07 +00:00
|
|
|
class PropertyDescriptorObject;
|
This CL enables precise source positions for all V8 compilers. It merges compiler::SourcePosition and internal::SourcePosition to a single class used throughout the codebase. The new internal::SourcePosition instances store an id identifying an inlined function in addition to a script offset.
SourcePosition::InliningId() refers to a the new table DeoptimizationInputData::InliningPositions(), which provides the following data for every inlining id:
- The inlined SharedFunctionInfo as an offset into DeoptimizationInfo::LiteralArray
- The SourcePosition of the inlining. Recursively, this yields the full inlining stack.
Before the Code object is created, the same information can be found in CompilationInfo::inlined_functions().
If SourcePosition::InliningId() is SourcePosition::kNotInlined, it refers to the outer (non-inlined) function.
So every SourcePosition has full information about its inlining stack, as long as the corresponding Code object is known. The internal represenation of a source position is a positive 64bit integer.
All compilers create now appropriate source positions for inlined functions. In the case of Turbofan, this required using AstGraphBuilderWithPositions for inlined functions too. So this class is now moved to a header file.
At the moment, the additional information in source positions is only used in --trace-deopt and --code-comments. The profiler needs to be updated, at the moment it gets the correct script offsets from the deopt info, but the wrong script id from the reconstructed deopt stack, which can lead to wrong outputs. This should be resolved by making the profiler use the new inlining information for deopts.
I activated the inlined deoptimization tests in test-cpu-profiler.cc for Turbofan, changing them to a case where the deopt stack and the inlining position agree. It is currently still broken for other cases.
The following additional changes were necessary:
- The source position table (internal::SourcePositionTableBuilder etc.) supports now 64bit source positions. Encoding source positions in a single 64bit int together with the difference encoding in the source position table results in very little overhead for the inlining id, since only 12% of the source positions in Octane have a changed inlining id.
- The class HPositionInfo was effectively dead code and is now removed.
- SourcePosition has new printing and information facilities, including computing a full inlining stack.
- I had to rename compiler/source-position.{h,cc} to compiler/compiler-source-position-table.{h,cc} to avoid clashes with the new src/source-position.cc file.
- I wrote the new wrapper PodArray for ByteArray. It is a template working with any POD-type. This is used in DeoptimizationInputData::InliningPositions().
- I removed HInlinedFunctionInfo and HGraph::inlined_function_infos, because they were only used for the now obsolete Crankshaft inlining ids.
- Crankshaft managed a list of inlined functions in Lithium: LChunk::inlined_functions. This is an analog structure to CompilationInfo::inlined_functions. So I removed LChunk::inlined_functions and made Crankshaft use CompilationInfo::inlined_functions instead, because this was necessary to register the offsets into the literal array in a uniform way. This is a safe change because LChunk::inlined_functions has no other uses and the functions in CompilationInfo::inlined_functions have a strictly longer lifespan, being created earlier (in Hydrogen already).
BUG=v8:5432
Review-Url: https://codereview.chromium.org/2451853002
Cr-Commit-Position: refs/heads/master@{#40975}
2016-11-14 17:21:37 +00:00
|
|
|
|
2017-10-30 15:51:26 +00:00
|
|
|
enum KeyedAccessLoadMode {
|
|
|
|
STANDARD_LOAD,
|
|
|
|
LOAD_IGNORE_OUT_OF_BOUNDS,
|
|
|
|
};
|
|
|
|
|
2013-03-06 21:51:07 +00:00
|
|
|
enum KeyedAccessStoreMode {
|
|
|
|
STANDARD_STORE,
|
2015-08-20 14:40:11 +00:00
|
|
|
STORE_TRANSITION_TO_OBJECT,
|
|
|
|
STORE_TRANSITION_TO_DOUBLE,
|
2018-01-25 09:35:39 +00:00
|
|
|
STORE_AND_GROW_NO_TRANSITION_HANDLE_COW,
|
2015-08-20 14:40:11 +00:00
|
|
|
STORE_AND_GROW_TRANSITION_TO_OBJECT,
|
|
|
|
STORE_AND_GROW_TRANSITION_TO_DOUBLE,
|
2013-03-06 21:51:07 +00:00
|
|
|
STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS,
|
|
|
|
STORE_NO_TRANSITION_HANDLE_COW
|
2012-02-10 12:36:05 +00:00
|
|
|
};
|
|
|
|
|
2014-07-01 15:02:31 +00:00
|
|
|
enum MutableMode {
|
|
|
|
MUTABLE,
|
|
|
|
IMMUTABLE
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2013-03-06 21:51:07 +00:00
|
|
|
static inline bool IsTransitionStoreMode(KeyedAccessStoreMode store_mode) {
|
2015-08-20 14:40:11 +00:00
|
|
|
return store_mode == STORE_TRANSITION_TO_OBJECT ||
|
|
|
|
store_mode == STORE_TRANSITION_TO_DOUBLE ||
|
|
|
|
store_mode == STORE_AND_GROW_TRANSITION_TO_OBJECT ||
|
|
|
|
store_mode == STORE_AND_GROW_TRANSITION_TO_DOUBLE;
|
2013-03-06 21:51:07 +00:00
|
|
|
}
|
|
|
|
|
2018-01-25 09:35:39 +00:00
|
|
|
static inline bool IsCOWHandlingStoreMode(KeyedAccessStoreMode store_mode) {
|
|
|
|
return store_mode == STORE_NO_TRANSITION_HANDLE_COW ||
|
|
|
|
store_mode == STORE_AND_GROW_NO_TRANSITION_HANDLE_COW;
|
|
|
|
}
|
2013-03-06 21:51:07 +00:00
|
|
|
|
|
|
|
static inline KeyedAccessStoreMode GetNonTransitioningStoreMode(
|
2018-03-23 09:45:59 +00:00
|
|
|
KeyedAccessStoreMode store_mode, bool receiver_was_cow) {
|
|
|
|
switch (store_mode) {
|
|
|
|
case STORE_AND_GROW_NO_TRANSITION_HANDLE_COW:
|
|
|
|
case STORE_AND_GROW_TRANSITION_TO_OBJECT:
|
|
|
|
case STORE_AND_GROW_TRANSITION_TO_DOUBLE:
|
|
|
|
store_mode = STORE_AND_GROW_NO_TRANSITION_HANDLE_COW;
|
|
|
|
break;
|
|
|
|
case STANDARD_STORE:
|
|
|
|
case STORE_TRANSITION_TO_OBJECT:
|
|
|
|
case STORE_TRANSITION_TO_DOUBLE:
|
|
|
|
store_mode =
|
|
|
|
receiver_was_cow ? STORE_NO_TRANSITION_HANDLE_COW : STANDARD_STORE;
|
|
|
|
break;
|
|
|
|
case STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS:
|
|
|
|
case STORE_NO_TRANSITION_HANDLE_COW:
|
|
|
|
break;
|
2013-03-06 21:51:07 +00:00
|
|
|
}
|
2018-03-23 09:45:59 +00:00
|
|
|
DCHECK(!IsTransitionStoreMode(store_mode));
|
|
|
|
DCHECK_IMPLIES(receiver_was_cow, IsCOWHandlingStoreMode(store_mode));
|
|
|
|
return store_mode;
|
2013-03-06 21:51:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static inline bool IsGrowStoreMode(KeyedAccessStoreMode store_mode) {
|
2018-01-25 09:35:39 +00:00
|
|
|
return store_mode >= STORE_AND_GROW_NO_TRANSITION_HANDLE_COW &&
|
2015-08-20 14:40:11 +00:00
|
|
|
store_mode <= STORE_AND_GROW_TRANSITION_TO_DOUBLE;
|
2013-03-06 21:51:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-10-10 13:27:52 +00:00
|
|
|
enum IcCheckType { ELEMENT, PROPERTY };
|
|
|
|
|
|
|
|
|
2015-05-27 14:13:04 +00:00
|
|
|
// SKIP_WRITE_BARRIER skips the write barrier.
|
|
|
|
// UPDATE_WEAK_WRITE_BARRIER skips the marking part of the write barrier and
|
|
|
|
// only performs the generational part.
|
|
|
|
// UPDATE_WRITE_BARRIER is doing the full barrier, marking and generational.
|
|
|
|
enum WriteBarrierMode {
|
|
|
|
SKIP_WRITE_BARRIER,
|
|
|
|
UPDATE_WEAK_WRITE_BARRIER,
|
|
|
|
UPDATE_WRITE_BARRIER
|
|
|
|
};
|
2008-10-23 08:46:32 +00:00
|
|
|
|
2009-01-12 10:59:58 +00:00
|
|
|
|
2009-01-12 11:07:02 +00:00
|
|
|
// PropertyNormalizationMode is used to specify whether to keep
|
|
|
|
// inobject properties when normalizing properties of a JSObject.
|
2009-01-12 10:59:58 +00:00
|
|
|
enum PropertyNormalizationMode {
|
|
|
|
CLEAR_INOBJECT_PROPERTIES,
|
|
|
|
KEEP_INOBJECT_PROPERTIES
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2012-07-17 13:50:19 +00:00
|
|
|
// Indicates whether transitions can be added to a source map or not.
|
|
|
|
enum TransitionFlag {
|
|
|
|
INSERT_TRANSITION,
|
|
|
|
OMIT_TRANSITION
|
|
|
|
};
|
|
|
|
|
2012-09-19 09:54:10 +00:00
|
|
|
|
|
|
|
// Indicates whether the transition is simple: the target map of the transition
|
|
|
|
// either extends the current map with a new property, or it modifies the
|
|
|
|
// property that was added last to the current map.
|
2014-12-10 15:18:44 +00:00
|
|
|
enum SimpleTransitionFlag {
|
|
|
|
SIMPLE_PROPERTY_TRANSITION,
|
|
|
|
PROPERTY_TRANSITION,
|
2017-07-21 15:57:33 +00:00
|
|
|
SPECIAL_TRANSITION
|
2014-12-10 15:18:44 +00:00
|
|
|
};
|
2012-09-19 09:54:10 +00:00
|
|
|
|
Sharing of descriptor arrays.
This CL adds multiple things:
Transition arrays do not directly point at their descriptor array anymore, but rather do so via an indirect pointer (a JSGlobalPropertyCell).
An ownership bit is added to maps indicating whether it owns its own descriptor array or not.
Maps owning a descriptor array can pass on ownership if a transition from that map is generated; but only if the descriptor array stays exactly the same; or if a descriptor is added.
Maps that don't have ownership get ownership back if their direct child to which ownership was passed is cleared in ClearNonLiveTransitions.
To detect which descriptors in an array are valid, each map knows its own NumberOfOwnDescriptors. Since the descriptors are sorted in order of addition, if we search and find a descriptor with index bigger than this number, it is not valid for the given map.
We currently still build up an enumeration cache (although this may disappear). The enumeration cache is always built for the entire descriptor array, even if not all descriptors are owned by the map. Once a descriptor array has an enumeration cache for a given map; this invariant will always be true, even if the descriptor array was extended. The extended array will inherit the enumeration cache from the smaller descriptor array. If a map with more descriptors needs an enumeration cache, it's EnumLength will still be set to invalid, so it will have to recompute the enumeration cache. This new cache will also be valid for smaller maps since they have their own enumlength; and use this to loop over the cache. If the EnumLength is still invalid, but there is already a cache present that is big enough; we just initialize the EnumLength field for the map.
When we apply ClearNonLiveTransitions and descriptor ownership is passed back to a parent map, the descriptor array is trimmed in-place and resorted. At the same time, the enumeration cache is trimmed in-place.
Only transition arrays contain descriptor arrays. If we transition to a map and pass ownership of the descriptor array along, the child map will not store the descriptor array it owns. Rather its parent will keep the pointer. So for every leaf-map, we find the descriptor array by following the back pointer, reading out the transition array, and fetching the descriptor array from the JSGlobalPropertyCell. If a map has a transition array, we fetch it from there. If a map has undefined as its back-pointer and has no transition array; it is considered to have an empty descriptor array.
When we modify properties, we cannot share the descriptor array. To accommodate this, the child map will get its own transition array; even if there are not necessarily any transitions leaving from the child map. This is necessary since it's the only way to store its own descriptor array.
Review URL: https://chromiumcodereview.appspot.com/10909007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12492 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-09-12 16:43:57 +00:00
|
|
|
// Indicates whether we are only interested in the descriptors of a particular
|
|
|
|
// map, or in all descriptors in the descriptor array.
|
|
|
|
enum DescriptorFlag {
|
|
|
|
ALL_DESCRIPTORS,
|
|
|
|
OWN_DESCRIPTORS
|
|
|
|
};
|
|
|
|
|
2010-08-18 13:00:38 +00:00
|
|
|
// Instance size sentinel for objects of variable size.
|
2011-11-29 10:56:11 +00:00
|
|
|
const int kVariableSizeSentinel = 0;
|
2010-08-18 13:00:38 +00:00
|
|
|
|
2014-07-31 07:50:26 +00:00
|
|
|
// We may store the unsigned bit field as signed Smi value and do not
|
|
|
|
// use the sign bit.
|
2016-04-13 13:51:23 +00:00
|
|
|
const int kStubMajorKeyBits = 8;
|
2014-07-31 07:50:26 +00:00
|
|
|
const int kStubMinorKeyBits = kSmiValueSize - kStubMajorKeyBits - 1;
|
2010-08-18 13:00:38 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// All Maps have a field instance_type containing a InstanceType.
|
|
|
|
// It describes the type of the instances.
|
|
|
|
//
|
|
|
|
// As an example, a JavaScript object is a heap object and its map
|
|
|
|
// instance_type is JS_OBJECT_TYPE.
|
|
|
|
//
|
|
|
|
// The names of the string instance types are intended to systematically
|
2009-12-22 13:34:02 +00:00
|
|
|
// mirror their encoding in the instance_type field of the map. The default
|
2014-09-10 12:38:12 +00:00
|
|
|
// encoding is considered TWO_BYTE. It is not mentioned in the name. ONE_BYTE
|
2009-12-22 13:34:02 +00:00
|
|
|
// encoding is mentioned explicitly in the name. Likewise, the default
|
|
|
|
// representation is considered sequential. It is not mentioned in the
|
2012-01-16 12:38:59 +00:00
|
|
|
// name. The other representations (e.g. CONS, EXTERNAL) are explicitly
|
2013-02-28 17:03:34 +00:00
|
|
|
// mentioned. Finally, the string is either a STRING_TYPE (if it is a normal
|
|
|
|
// string) or a INTERNALIZED_STRING_TYPE (if it is a internalized string).
|
2008-07-03 15:10:15 +00:00
|
|
|
//
|
|
|
|
// NOTE: The following things are some that depend on the string types having
|
|
|
|
// instance_types that are less than those of all other types:
|
|
|
|
// HeapObject::Size, HeapObject::IterateBody, the typeof operator, and
|
|
|
|
// Object::IsString.
|
|
|
|
//
|
2008-09-02 23:52:50 +00:00
|
|
|
// NOTE: Everything following JS_VALUE_TYPE is considered a
|
2008-07-03 15:10:15 +00:00
|
|
|
// JSObject for GC purposes. The first four entries here have typeof
|
|
|
|
// 'object', whereas JS_FUNCTION_TYPE has typeof 'function'.
|
2018-05-15 20:50:46 +00:00
|
|
|
//
|
|
|
|
// NOTE: List had to be split into two, because of conditional item(s) from
|
|
|
|
// INTL namespace. They can't just be appended to the end, because of the
|
|
|
|
// checks we do in tests (expecting JS_FUNCTION_TYPE to be last).
|
|
|
|
#define INSTANCE_TYPE_LIST_BEFORE_INTL(V) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(INTERNALIZED_STRING_TYPE) \
|
|
|
|
V(EXTERNAL_INTERNALIZED_STRING_TYPE) \
|
|
|
|
V(ONE_BYTE_INTERNALIZED_STRING_TYPE) \
|
|
|
|
V(EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE) \
|
|
|
|
V(EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE) \
|
|
|
|
V(SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE) \
|
|
|
|
V(SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE) \
|
|
|
|
V(SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE) \
|
|
|
|
V(STRING_TYPE) \
|
|
|
|
V(CONS_STRING_TYPE) \
|
|
|
|
V(EXTERNAL_STRING_TYPE) \
|
|
|
|
V(SLICED_STRING_TYPE) \
|
|
|
|
V(THIN_STRING_TYPE) \
|
|
|
|
V(ONE_BYTE_STRING_TYPE) \
|
|
|
|
V(CONS_ONE_BYTE_STRING_TYPE) \
|
|
|
|
V(EXTERNAL_ONE_BYTE_STRING_TYPE) \
|
|
|
|
V(SLICED_ONE_BYTE_STRING_TYPE) \
|
|
|
|
V(THIN_ONE_BYTE_STRING_TYPE) \
|
|
|
|
V(EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE) \
|
|
|
|
V(SHORT_EXTERNAL_STRING_TYPE) \
|
|
|
|
V(SHORT_EXTERNAL_ONE_BYTE_STRING_TYPE) \
|
|
|
|
V(SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE) \
|
|
|
|
\
|
|
|
|
V(SYMBOL_TYPE) \
|
|
|
|
V(HEAP_NUMBER_TYPE) \
|
2017-09-11 13:16:27 +00:00
|
|
|
V(BIGINT_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(ODDBALL_TYPE) \
|
|
|
|
\
|
|
|
|
V(MAP_TYPE) \
|
|
|
|
V(CODE_TYPE) \
|
|
|
|
V(MUTABLE_HEAP_NUMBER_TYPE) \
|
|
|
|
V(FOREIGN_TYPE) \
|
|
|
|
V(BYTE_ARRAY_TYPE) \
|
|
|
|
V(BYTECODE_ARRAY_TYPE) \
|
|
|
|
V(FREE_SPACE_TYPE) \
|
|
|
|
\
|
|
|
|
V(FIXED_INT8_ARRAY_TYPE) \
|
|
|
|
V(FIXED_UINT8_ARRAY_TYPE) \
|
|
|
|
V(FIXED_INT16_ARRAY_TYPE) \
|
|
|
|
V(FIXED_UINT16_ARRAY_TYPE) \
|
|
|
|
V(FIXED_INT32_ARRAY_TYPE) \
|
|
|
|
V(FIXED_UINT32_ARRAY_TYPE) \
|
|
|
|
V(FIXED_FLOAT32_ARRAY_TYPE) \
|
|
|
|
V(FIXED_FLOAT64_ARRAY_TYPE) \
|
|
|
|
V(FIXED_UINT8_CLAMPED_ARRAY_TYPE) \
|
2018-02-17 07:44:01 +00:00
|
|
|
V(FIXED_BIGINT64_ARRAY_TYPE) \
|
|
|
|
V(FIXED_BIGUINT64_ARRAY_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
\
|
|
|
|
V(FIXED_DOUBLE_ARRAY_TYPE) \
|
2018-03-09 12:52:04 +00:00
|
|
|
V(FEEDBACK_METADATA_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(FILLER_TYPE) \
|
|
|
|
\
|
2017-12-19 13:21:23 +00:00
|
|
|
V(ACCESS_CHECK_INFO_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(ACCESSOR_INFO_TYPE) \
|
|
|
|
V(ACCESSOR_PAIR_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(ALIASED_ARGUMENTS_ENTRY_TYPE) \
|
|
|
|
V(ALLOCATION_MEMENTO_TYPE) \
|
|
|
|
V(ASYNC_GENERATOR_REQUEST_TYPE) \
|
|
|
|
V(DEBUG_INFO_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(FUNCTION_TEMPLATE_INFO_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(INTERCEPTOR_INFO_TYPE) \
|
2018-04-10 14:31:06 +00:00
|
|
|
V(INTERPRETER_DATA_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(MODULE_INFO_ENTRY_TYPE) \
|
|
|
|
V(MODULE_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(OBJECT_TEMPLATE_INFO_TYPE) \
|
2018-02-08 16:36:52 +00:00
|
|
|
V(PROMISE_CAPABILITY_TYPE) \
|
|
|
|
V(PROMISE_REACTION_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(PROTOTYPE_INFO_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(SCRIPT_TYPE) \
|
|
|
|
V(STACK_FRAME_INFO_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(TUPLE2_TYPE) \
|
|
|
|
V(TUPLE3_TYPE) \
|
2018-03-01 18:48:50 +00:00
|
|
|
V(WASM_DEBUG_INFO_TYPE) \
|
2018-05-07 15:40:56 +00:00
|
|
|
V(WASM_EXPORTED_FUNCTION_DATA_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
\
|
2018-02-08 16:36:52 +00:00
|
|
|
V(CALLABLE_TASK_TYPE) \
|
|
|
|
V(CALLBACK_TASK_TYPE) \
|
|
|
|
V(PROMISE_FULFILL_REACTION_JOB_TASK_TYPE) \
|
|
|
|
V(PROMISE_REJECT_REACTION_JOB_TASK_TYPE) \
|
|
|
|
V(PROMISE_RESOLVE_THENABLE_JOB_TASK_TYPE) \
|
|
|
|
\
|
2018-06-12 14:15:04 +00:00
|
|
|
V(ALLOCATION_SITE_TYPE) \
|
|
|
|
\
|
2017-07-21 06:49:50 +00:00
|
|
|
V(FIXED_ARRAY_TYPE) \
|
2018-03-02 12:50:56 +00:00
|
|
|
V(BOILERPLATE_DESCRIPTION_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(HASH_TABLE_TYPE) \
|
2018-06-29 14:01:29 +00:00
|
|
|
V(ORDERED_HASH_MAP_TYPE) \
|
|
|
|
V(ORDERED_HASH_SET_TYPE) \
|
|
|
|
V(NAME_DICTIONARY_TYPE) \
|
|
|
|
V(GLOBAL_DICTIONARY_TYPE) \
|
|
|
|
V(NUMBER_DICTIONARY_TYPE) \
|
|
|
|
V(SIMPLE_NUMBER_DICTIONARY_TYPE) \
|
|
|
|
V(STRING_TABLE_TYPE) \
|
2018-06-07 18:47:29 +00:00
|
|
|
V(EPHEMERON_HASH_TABLE_TYPE) \
|
2018-02-16 12:36:47 +00:00
|
|
|
V(SCOPE_INFO_TYPE) \
|
2018-06-29 14:01:29 +00:00
|
|
|
V(SCRIPT_CONTEXT_TABLE_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
\
|
2018-03-23 21:33:06 +00:00
|
|
|
V(BLOCK_CONTEXT_TYPE) \
|
|
|
|
V(CATCH_CONTEXT_TYPE) \
|
|
|
|
V(DEBUG_EVALUATE_CONTEXT_TYPE) \
|
|
|
|
V(EVAL_CONTEXT_TYPE) \
|
|
|
|
V(FUNCTION_CONTEXT_TYPE) \
|
|
|
|
V(MODULE_CONTEXT_TYPE) \
|
|
|
|
V(NATIVE_CONTEXT_TYPE) \
|
|
|
|
V(SCRIPT_CONTEXT_TYPE) \
|
|
|
|
V(WITH_CONTEXT_TYPE) \
|
|
|
|
\
|
2018-04-18 13:29:58 +00:00
|
|
|
V(WEAK_FIXED_ARRAY_TYPE) \
|
2018-06-04 08:20:28 +00:00
|
|
|
V(DESCRIPTOR_ARRAY_TYPE) \
|
2018-04-18 13:29:58 +00:00
|
|
|
V(TRANSITION_ARRAY_TYPE) \
|
|
|
|
\
|
2018-04-02 23:21:30 +00:00
|
|
|
V(CALL_HANDLER_INFO_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(CELL_TYPE) \
|
|
|
|
V(CODE_DATA_CONTAINER_TYPE) \
|
2018-02-22 12:04:01 +00:00
|
|
|
V(FEEDBACK_CELL_TYPE) \
|
2017-11-23 10:45:46 +00:00
|
|
|
V(FEEDBACK_VECTOR_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(LOAD_HANDLER_TYPE) \
|
2017-07-25 07:59:54 +00:00
|
|
|
V(PROPERTY_ARRAY_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(PROPERTY_CELL_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(SHARED_FUNCTION_INFO_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(SMALL_ORDERED_HASH_MAP_TYPE) \
|
|
|
|
V(SMALL_ORDERED_HASH_SET_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(STORE_HANDLER_TYPE) \
|
|
|
|
V(WEAK_CELL_TYPE) \
|
2018-04-16 07:28:28 +00:00
|
|
|
V(WEAK_ARRAY_LIST_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
\
|
|
|
|
V(JS_PROXY_TYPE) \
|
|
|
|
V(JS_GLOBAL_OBJECT_TYPE) \
|
|
|
|
V(JS_GLOBAL_PROXY_TYPE) \
|
2017-07-25 11:09:35 +00:00
|
|
|
V(JS_MODULE_NAMESPACE_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(JS_SPECIAL_API_OBJECT_TYPE) \
|
|
|
|
V(JS_VALUE_TYPE) \
|
|
|
|
V(JS_API_OBJECT_TYPE) \
|
|
|
|
V(JS_OBJECT_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
\
|
2017-07-21 06:49:50 +00:00
|
|
|
V(JS_ARGUMENTS_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(JS_ARRAY_BUFFER_TYPE) \
|
[es2015] Refactor the JSArrayIterator.
This changes the JSArrayIterator to always have only a single instance
type, instead of the zoo of instance types that we had before, and
which became less useful with the specification update to when "next"
is loaded from the iterator now. This greatly simplifies the baseline
implementation of the array iterator, which now only looks at the
iterated object during %ArrayIteratorPrototype%.next invocations.
In TurboFan we introduce a new JSCreateArrayIterator operator, that
holds the IterationKind and get's the iterated object as input. When
optimizing %ArrayIteratorPrototype%.next in the JSCallReducer, we
check whether the receiver is a JSCreateArrayIterator, and if so,
we try to infer maps for the iterated object from there. If we find
any, we speculatively assume that these won't have changed during
iteration (as we did before with the previous approach), and generate
fast code for both JSArray and JSTypedArray iteration.
Drive-by-fix: Drop the fast_array_iteration protector, it's not
necessary anymore since we have the deoptimization guard bit in
the JSCallReducer now.
This addresses the performance cliff noticed in webpack 4. The minimal
repro on the tracking bug goes from
console.timeEnd: mono, 124.773000
console.timeEnd: poly, 670.353000
to
console.timeEnd: mono, 118.709000
console.timeEnd: poly, 141.393000
so that's a 4.7x improvement.
Also make presubmit happy by adding the missing #undef's.
Bug: v8:7510, v7:7514
Change-Id: I79a46bfa2cd0f0710e09365ef72519b1bbb667b5
Reviewed-on: https://chromium-review.googlesource.com/946098
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51725}
2018-03-02 19:31:01 +00:00
|
|
|
V(JS_ARRAY_ITERATOR_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(JS_ARRAY_TYPE) \
|
|
|
|
V(JS_ASYNC_FROM_SYNC_ITERATOR_TYPE) \
|
|
|
|
V(JS_ASYNC_GENERATOR_OBJECT_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(JS_CONTEXT_EXTENSION_OBJECT_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(JS_DATE_TYPE) \
|
|
|
|
V(JS_ERROR_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(JS_GENERATOR_OBJECT_TYPE) \
|
|
|
|
V(JS_MAP_TYPE) \
|
|
|
|
V(JS_MAP_KEY_ITERATOR_TYPE) \
|
|
|
|
V(JS_MAP_KEY_VALUE_ITERATOR_TYPE) \
|
|
|
|
V(JS_MAP_VALUE_ITERATOR_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(JS_MESSAGE_OBJECT_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(JS_PROMISE_TYPE) \
|
|
|
|
V(JS_REGEXP_TYPE) \
|
2018-04-05 14:41:26 +00:00
|
|
|
V(JS_REGEXP_STRING_ITERATOR_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(JS_SET_TYPE) \
|
|
|
|
V(JS_SET_KEY_VALUE_ITERATOR_TYPE) \
|
|
|
|
V(JS_SET_VALUE_ITERATOR_TYPE) \
|
2017-07-21 06:49:50 +00:00
|
|
|
V(JS_STRING_ITERATOR_TYPE) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(JS_WEAK_MAP_TYPE) \
|
|
|
|
V(JS_WEAK_SET_TYPE) \
|
|
|
|
V(JS_TYPED_ARRAY_TYPE) \
|
2018-05-15 20:50:46 +00:00
|
|
|
V(JS_DATA_VIEW_TYPE)
|
|
|
|
|
|
|
|
#define INSTANCE_TYPE_LIST_AFTER_INTL(V) \
|
|
|
|
V(WASM_GLOBAL_TYPE) \
|
|
|
|
V(WASM_INSTANCE_TYPE) \
|
|
|
|
V(WASM_MEMORY_TYPE) \
|
|
|
|
V(WASM_MODULE_TYPE) \
|
|
|
|
V(WASM_TABLE_TYPE) \
|
|
|
|
V(JS_BOUND_FUNCTION_TYPE) \
|
2016-12-19 12:50:30 +00:00
|
|
|
V(JS_FUNCTION_TYPE)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2018-05-15 20:50:46 +00:00
|
|
|
#ifdef V8_INTL_SUPPORT
|
|
|
|
#define INSTANCE_TYPE_LIST(V) \
|
|
|
|
INSTANCE_TYPE_LIST_BEFORE_INTL(V) \
|
|
|
|
V(JS_INTL_LOCALE_TYPE) \
|
|
|
|
INSTANCE_TYPE_LIST_AFTER_INTL(V)
|
|
|
|
#else
|
|
|
|
#define INSTANCE_TYPE_LIST(V) \
|
|
|
|
INSTANCE_TYPE_LIST_BEFORE_INTL(V) \
|
|
|
|
INSTANCE_TYPE_LIST_AFTER_INTL(V)
|
|
|
|
#endif // V8_INTL_SUPPORT
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Since string types are not consecutive, this macro is used to
|
|
|
|
// iterate over them.
|
2014-09-10 12:38:12 +00:00
|
|
|
#define STRING_TYPE_LIST(V) \
|
|
|
|
V(STRING_TYPE, kVariableSizeSentinel, string, String) \
|
|
|
|
V(ONE_BYTE_STRING_TYPE, kVariableSizeSentinel, one_byte_string, \
|
|
|
|
OneByteString) \
|
|
|
|
V(CONS_STRING_TYPE, ConsString::kSize, cons_string, ConsString) \
|
|
|
|
V(CONS_ONE_BYTE_STRING_TYPE, ConsString::kSize, cons_one_byte_string, \
|
|
|
|
ConsOneByteString) \
|
|
|
|
V(SLICED_STRING_TYPE, SlicedString::kSize, sliced_string, SlicedString) \
|
|
|
|
V(SLICED_ONE_BYTE_STRING_TYPE, SlicedString::kSize, sliced_one_byte_string, \
|
|
|
|
SlicedOneByteString) \
|
|
|
|
V(EXTERNAL_STRING_TYPE, ExternalTwoByteString::kSize, external_string, \
|
|
|
|
ExternalString) \
|
|
|
|
V(EXTERNAL_ONE_BYTE_STRING_TYPE, ExternalOneByteString::kSize, \
|
|
|
|
external_one_byte_string, ExternalOneByteString) \
|
|
|
|
V(EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE, ExternalTwoByteString::kSize, \
|
|
|
|
external_string_with_one_byte_data, ExternalStringWithOneByteData) \
|
|
|
|
V(SHORT_EXTERNAL_STRING_TYPE, ExternalTwoByteString::kShortSize, \
|
|
|
|
short_external_string, ShortExternalString) \
|
|
|
|
V(SHORT_EXTERNAL_ONE_BYTE_STRING_TYPE, ExternalOneByteString::kShortSize, \
|
|
|
|
short_external_one_byte_string, ShortExternalOneByteString) \
|
|
|
|
V(SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE, \
|
|
|
|
ExternalTwoByteString::kShortSize, \
|
|
|
|
short_external_string_with_one_byte_data, \
|
|
|
|
ShortExternalStringWithOneByteData) \
|
|
|
|
\
|
|
|
|
V(INTERNALIZED_STRING_TYPE, kVariableSizeSentinel, internalized_string, \
|
|
|
|
InternalizedString) \
|
|
|
|
V(ONE_BYTE_INTERNALIZED_STRING_TYPE, kVariableSizeSentinel, \
|
|
|
|
one_byte_internalized_string, OneByteInternalizedString) \
|
|
|
|
V(EXTERNAL_INTERNALIZED_STRING_TYPE, ExternalTwoByteString::kSize, \
|
|
|
|
external_internalized_string, ExternalInternalizedString) \
|
|
|
|
V(EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE, ExternalOneByteString::kSize, \
|
|
|
|
external_one_byte_internalized_string, ExternalOneByteInternalizedString) \
|
|
|
|
V(EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE, \
|
|
|
|
ExternalTwoByteString::kSize, \
|
|
|
|
external_internalized_string_with_one_byte_data, \
|
|
|
|
ExternalInternalizedStringWithOneByteData) \
|
|
|
|
V(SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE, \
|
|
|
|
ExternalTwoByteString::kShortSize, short_external_internalized_string, \
|
|
|
|
ShortExternalInternalizedString) \
|
|
|
|
V(SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE, \
|
|
|
|
ExternalOneByteString::kShortSize, \
|
|
|
|
short_external_one_byte_internalized_string, \
|
|
|
|
ShortExternalOneByteInternalizedString) \
|
|
|
|
V(SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE, \
|
|
|
|
ExternalTwoByteString::kShortSize, \
|
|
|
|
short_external_internalized_string_with_one_byte_data, \
|
2017-01-19 13:27:59 +00:00
|
|
|
ShortExternalInternalizedStringWithOneByteData) \
|
|
|
|
V(THIN_STRING_TYPE, ThinString::kSize, thin_string, ThinString) \
|
|
|
|
V(THIN_ONE_BYTE_STRING_TYPE, ThinString::kSize, thin_one_byte_string, \
|
|
|
|
ThinOneByteString)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// A struct is a simple object a set of object-valued fields. Including an
|
|
|
|
// object type in this causes the compiler to generate most of the boilerplate
|
|
|
|
// code for the class including allocation and garbage collection routines,
|
|
|
|
// casts and predicates. All you need to define is the class, methods and
|
|
|
|
// object verification routines. Easy, no?
|
|
|
|
//
|
|
|
|
// Note that for subtle reasons related to the ordering or numerical values of
|
|
|
|
// type tags, elements in this list have to be added to the INSTANCE_TYPE_LIST
|
|
|
|
// manually.
|
2015-04-07 10:42:45 +00:00
|
|
|
#define STRUCT_LIST(V) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(ACCESS_CHECK_INFO, AccessCheckInfo, access_check_info) \
|
2016-01-18 15:08:36 +00:00
|
|
|
V(ACCESSOR_INFO, AccessorInfo, accessor_info) \
|
2015-04-07 10:42:45 +00:00
|
|
|
V(ACCESSOR_PAIR, AccessorPair, accessor_pair) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(ALIASED_ARGUMENTS_ENTRY, AliasedArgumentsEntry, aliased_arguments_entry) \
|
|
|
|
V(ALLOCATION_MEMENTO, AllocationMemento, allocation_memento) \
|
|
|
|
V(ASYNC_GENERATOR_REQUEST, AsyncGeneratorRequest, async_generator_request) \
|
|
|
|
V(DEBUG_INFO, DebugInfo, debug_info) \
|
2015-04-07 10:42:45 +00:00
|
|
|
V(FUNCTION_TEMPLATE_INFO, FunctionTemplateInfo, function_template_info) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(INTERCEPTOR_INFO, InterceptorInfo, interceptor_info) \
|
2018-04-10 14:31:06 +00:00
|
|
|
V(INTERPRETER_DATA, InterpreterData, interpreter_data) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(MODULE_INFO_ENTRY, ModuleInfoEntry, module_info_entry) \
|
|
|
|
V(MODULE, Module, module) \
|
2015-04-07 10:42:45 +00:00
|
|
|
V(OBJECT_TEMPLATE_INFO, ObjectTemplateInfo, object_template_info) \
|
2018-02-08 16:36:52 +00:00
|
|
|
V(PROMISE_CAPABILITY, PromiseCapability, promise_capability) \
|
|
|
|
V(PROMISE_REACTION, PromiseReaction, promise_reaction) \
|
[es6] Parameter scopes for sloppy eval
This CL is a nightmare! For the utterly irrelevant edge case of a sloppy function with non-simple parameters and a call to direct eval, like here,
let x = 1;
function f(g = () => x) {
var y
eval("var x = 2")
return g() + x // f() = 3
}
we have to do all of the following, on top of the declaration block ("varblock") contexts we already introduce around the body:
- Introduce the ability for varblock contexts to have both a ScopeInfo and an extension object (e.g., the body varblock in the example will contain both a static var y and a dynamic var x). No other scope needs that. Since there are no context slots left, a special new struct is introduced that pairs up scope info and extension object.
- When declaring lookup slots in the runtime, this new struct is allocated in the case where an extension object has to be added to a block scope (at which point the block's extension slot still contains a plain ScopeInfo).
- While at it, introduce some abstraction to access context extension slots in a more controlled manner, in order to keep special-casing to a minimum.
- Make sure that even empty varblock contexts do not get optimised away when they contain a sloppy eval, so that they can host the potential extension object.
- Extend dynamic search for declaration contexts (used by sloppy direct eval) to recognize varblock contexts.
- In the parser, if a function has a sloppy direct eval, introduce an additional varblock scope around each non-simple (desugared) parameter, as required by the spec to contain possible dynamic var bindings.
- In the pattern rewriter, add the ability to hoist the named variables the pattern declares to an outer scope. That is required because the actual destructuring has to be evaluated inside the protecting varblock scope, but the bindings that the desugaring introduces are in the outer scope.
- ScopeInfos need to save the information whether a block is a varblock, to make sloppy eval calls work correctly that deserialise them as part of the scope chain.
- Add the ability to materialize block scopes with extension objects in the debugger. Likewise, enable setting extension variables in block scopes via the debugger interface.
- While at it, refactor and unify some respective code in the debugger.
Sorry, this CL is large. I could try to split it up, but everything is rather entangled.
@mstarzinger: Please review the changes to contexts.
@yangguo: Please have a look at the debugger stuff.
R=littledan@chromium.org, mstarzinger@chromium.org, yangguo@chromium.org
BUG=v8:811,v8:2160
LOG=N
Review URL: https://codereview.chromium.org/1292753007
Cr-Commit-Position: refs/heads/master@{#30295}
2015-08-21 10:58:35 +00:00
|
|
|
V(PROTOTYPE_INFO, PrototypeInfo, prototype_info) \
|
2017-12-19 13:21:23 +00:00
|
|
|
V(SCRIPT, Script, script) \
|
|
|
|
V(STACK_FRAME_INFO, StackFrameInfo, stack_frame_info) \
|
2016-12-02 10:03:18 +00:00
|
|
|
V(TUPLE2, Tuple2, tuple2) \
|
2018-02-08 16:36:52 +00:00
|
|
|
V(TUPLE3, Tuple3, tuple3) \
|
2018-03-01 18:48:50 +00:00
|
|
|
V(WASM_DEBUG_INFO, WasmDebugInfo, wasm_debug_info) \
|
2018-05-07 15:40:56 +00:00
|
|
|
V(WASM_EXPORTED_FUNCTION_DATA, WasmExportedFunctionData, \
|
|
|
|
wasm_exported_function_data) \
|
2018-02-08 16:36:52 +00:00
|
|
|
V(CALLABLE_TASK, CallableTask, callable_task) \
|
|
|
|
V(CALLBACK_TASK, CallbackTask, callback_task) \
|
|
|
|
V(PROMISE_FULFILL_REACTION_JOB_TASK, PromiseFulfillReactionJobTask, \
|
|
|
|
promise_fulfill_reaction_job_task) \
|
|
|
|
V(PROMISE_REJECT_REACTION_JOB_TASK, PromiseRejectReactionJobTask, \
|
|
|
|
promise_reject_reaction_job_task) \
|
|
|
|
V(PROMISE_RESOLVE_THENABLE_JOB_TASK, PromiseResolveThenableJobTask, \
|
|
|
|
promise_resolve_thenable_job_task)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2018-06-12 14:15:04 +00:00
|
|
|
#define ALLOCATION_SITE_LIST(V) \
|
|
|
|
V(ALLOCATION_SITE, AllocationSite, WithWeakNext, allocation_site) \
|
|
|
|
V(ALLOCATION_SITE, AllocationSite, WithoutWeakNext, \
|
|
|
|
allocation_site_without_weaknext)
|
|
|
|
|
2017-12-06 16:52:26 +00:00
|
|
|
#define DATA_HANDLER_LIST(V) \
|
|
|
|
V(LOAD_HANDLER, LoadHandler, 1, load_handler1) \
|
|
|
|
V(LOAD_HANDLER, LoadHandler, 2, load_handler2) \
|
2017-12-14 15:04:04 +00:00
|
|
|
V(LOAD_HANDLER, LoadHandler, 3, load_handler3) \
|
2017-12-11 13:19:38 +00:00
|
|
|
V(STORE_HANDLER, StoreHandler, 0, store_handler0) \
|
2017-12-06 16:52:26 +00:00
|
|
|
V(STORE_HANDLER, StoreHandler, 1, store_handler1) \
|
2017-12-14 15:04:04 +00:00
|
|
|
V(STORE_HANDLER, StoreHandler, 2, store_handler2) \
|
|
|
|
V(STORE_HANDLER, StoreHandler, 3, store_handler3)
|
2017-12-06 16:52:26 +00:00
|
|
|
|
2017-11-22 18:04:36 +00:00
|
|
|
// We use the full 16 bits of the instance_type field to encode heap object
|
|
|
|
// instance types. All the high-order bits (bit 7-15) are cleared if the object
|
|
|
|
// is a string, and contain set bits if it is not a string.
|
|
|
|
const uint32_t kIsNotStringMask = 0xff80;
|
2008-07-03 15:10:15 +00:00
|
|
|
const uint32_t kStringTag = 0x0;
|
|
|
|
|
2013-02-28 17:03:34 +00:00
|
|
|
// Bit 6 indicates that the object is an internalized string (if set) or not.
|
2013-06-27 13:39:44 +00:00
|
|
|
// Bit 7 has to be clear as well.
|
2013-07-19 11:29:11 +00:00
|
|
|
const uint32_t kIsNotInternalizedMask = 0x40;
|
|
|
|
const uint32_t kNotInternalizedTag = 0x40;
|
|
|
|
const uint32_t kInternalizedTag = 0x0;
|
2008-10-27 12:39:34 +00:00
|
|
|
|
2017-01-19 13:27:59 +00:00
|
|
|
// If bit 7 is clear then bit 3 indicates whether the string consists of
|
2008-10-27 12:39:34 +00:00
|
|
|
// two-byte characters or one-byte characters.
|
2017-01-19 13:27:59 +00:00
|
|
|
const uint32_t kStringEncodingMask = 0x8;
|
2008-07-03 15:10:15 +00:00
|
|
|
const uint32_t kTwoByteStringTag = 0x0;
|
2017-01-19 13:27:59 +00:00
|
|
|
const uint32_t kOneByteStringTag = 0x8;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-01-19 13:27:59 +00:00
|
|
|
// If bit 7 is clear, the low-order 3 bits indicate the representation
|
2008-07-03 15:10:15 +00:00
|
|
|
// of the string.
|
2017-01-19 13:27:59 +00:00
|
|
|
const uint32_t kStringRepresentationMask = 0x07;
|
2008-07-03 15:10:15 +00:00
|
|
|
enum StringRepresentationTag {
|
|
|
|
kSeqStringTag = 0x0,
|
|
|
|
kConsStringTag = 0x1,
|
2011-08-26 13:03:30 +00:00
|
|
|
kExternalStringTag = 0x2,
|
2017-01-19 13:27:59 +00:00
|
|
|
kSlicedStringTag = 0x3,
|
|
|
|
kThinStringTag = 0x5
|
2008-07-03 15:10:15 +00:00
|
|
|
};
|
2011-08-26 13:03:30 +00:00
|
|
|
const uint32_t kIsIndirectStringMask = 0x1;
|
|
|
|
const uint32_t kIsIndirectStringTag = 0x1;
|
2014-06-03 15:45:38 +00:00
|
|
|
STATIC_ASSERT((kSeqStringTag & kIsIndirectStringMask) == 0); // NOLINT
|
|
|
|
STATIC_ASSERT((kExternalStringTag & kIsIndirectStringMask) == 0); // NOLINT
|
|
|
|
STATIC_ASSERT((kConsStringTag &
|
|
|
|
kIsIndirectStringMask) == kIsIndirectStringTag); // NOLINT
|
|
|
|
STATIC_ASSERT((kSlicedStringTag &
|
|
|
|
kIsIndirectStringMask) == kIsIndirectStringTag); // NOLINT
|
2017-01-19 13:27:59 +00:00
|
|
|
STATIC_ASSERT((kThinStringTag & kIsIndirectStringMask) == kIsIndirectStringTag);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-01-19 13:27:59 +00:00
|
|
|
// If bit 7 is clear, then bit 4 indicates whether this two-byte
|
2013-04-26 11:34:44 +00:00
|
|
|
// string actually contains one byte data.
|
2017-01-19 13:27:59 +00:00
|
|
|
const uint32_t kOneByteDataHintMask = 0x10;
|
|
|
|
const uint32_t kOneByteDataHintTag = 0x10;
|
2010-06-17 16:19:28 +00:00
|
|
|
|
2011-11-23 13:08:28 +00:00
|
|
|
// If bit 7 is clear and string representation indicates an external string,
|
2017-01-19 13:27:59 +00:00
|
|
|
// then bit 5 indicates whether the data pointer is cached.
|
|
|
|
const uint32_t kShortExternalStringMask = 0x20;
|
|
|
|
const uint32_t kShortExternalStringTag = 0x20;
|
2009-04-14 12:00:56 +00:00
|
|
|
|
|
|
|
// A ConsString with an empty string as the right side is a candidate
|
2014-07-15 09:19:22 +00:00
|
|
|
// for being shortcut by the garbage collector. We don't allocate any
|
|
|
|
// non-flat internalized strings, so we do not shortcut them thereby
|
|
|
|
// avoiding turning internalized strings into strings. The bit-masks
|
|
|
|
// below contain the internalized bit as additional safety.
|
|
|
|
// See heap.cc, mark-compact.cc and objects-visiting.cc.
|
2009-04-14 12:00:56 +00:00
|
|
|
const uint32_t kShortcutTypeMask =
|
|
|
|
kIsNotStringMask |
|
2013-07-19 11:29:11 +00:00
|
|
|
kIsNotInternalizedMask |
|
2009-04-14 12:00:56 +00:00
|
|
|
kStringRepresentationMask;
|
2013-07-19 11:29:11 +00:00
|
|
|
const uint32_t kShortcutTypeTag = kConsStringTag | kNotInternalizedTag;
|
2009-04-14 12:00:56 +00:00
|
|
|
|
2014-07-15 09:19:22 +00:00
|
|
|
static inline bool IsShortcutCandidate(int type) {
|
|
|
|
return ((type & kShortcutTypeMask) == kShortcutTypeTag);
|
|
|
|
}
|
|
|
|
|
2017-11-22 18:04:36 +00:00
|
|
|
enum InstanceType : uint16_t {
|
2009-12-22 13:34:02 +00:00
|
|
|
// String types.
|
2015-08-11 19:36:04 +00:00
|
|
|
INTERNALIZED_STRING_TYPE = kTwoByteStringTag | kSeqStringTag |
|
|
|
|
kInternalizedTag, // FIRST_PRIMITIVE_TYPE
|
2014-09-10 12:38:12 +00:00
|
|
|
ONE_BYTE_INTERNALIZED_STRING_TYPE =
|
|
|
|
kOneByteStringTag | kSeqStringTag | kInternalizedTag,
|
|
|
|
EXTERNAL_INTERNALIZED_STRING_TYPE =
|
|
|
|
kTwoByteStringTag | kExternalStringTag | kInternalizedTag,
|
|
|
|
EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE =
|
|
|
|
kOneByteStringTag | kExternalStringTag | kInternalizedTag,
|
2013-04-26 11:34:44 +00:00
|
|
|
EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE =
|
2014-09-10 12:38:12 +00:00
|
|
|
EXTERNAL_INTERNALIZED_STRING_TYPE | kOneByteDataHintTag |
|
|
|
|
kInternalizedTag,
|
|
|
|
SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE = EXTERNAL_INTERNALIZED_STRING_TYPE |
|
|
|
|
kShortExternalStringTag |
|
|
|
|
kInternalizedTag,
|
|
|
|
SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE =
|
|
|
|
EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE | kShortExternalStringTag |
|
|
|
|
kInternalizedTag,
|
2013-04-26 11:34:44 +00:00
|
|
|
SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE =
|
2014-09-10 12:38:12 +00:00
|
|
|
EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE |
|
|
|
|
kShortExternalStringTag | kInternalizedTag,
|
2013-07-19 11:29:11 +00:00
|
|
|
STRING_TYPE = INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
|
2014-09-10 12:38:12 +00:00
|
|
|
ONE_BYTE_STRING_TYPE =
|
|
|
|
ONE_BYTE_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
|
2014-04-01 11:30:31 +00:00
|
|
|
CONS_STRING_TYPE = kTwoByteStringTag | kConsStringTag | kNotInternalizedTag,
|
2014-09-10 12:38:12 +00:00
|
|
|
CONS_ONE_BYTE_STRING_TYPE =
|
2014-04-01 11:30:31 +00:00
|
|
|
kOneByteStringTag | kConsStringTag | kNotInternalizedTag,
|
2018-05-02 15:30:06 +00:00
|
|
|
SLICED_STRING_TYPE =
|
|
|
|
kTwoByteStringTag | kSlicedStringTag | kNotInternalizedTag,
|
2014-09-10 12:38:12 +00:00
|
|
|
SLICED_ONE_BYTE_STRING_TYPE =
|
2018-05-02 15:30:06 +00:00
|
|
|
kOneByteStringTag | kSlicedStringTag | kNotInternalizedTag,
|
2013-07-19 11:29:11 +00:00
|
|
|
EXTERNAL_STRING_TYPE =
|
2014-09-10 12:38:12 +00:00
|
|
|
EXTERNAL_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
|
|
|
|
EXTERNAL_ONE_BYTE_STRING_TYPE =
|
|
|
|
EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
|
2013-07-19 11:29:11 +00:00
|
|
|
EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE =
|
2014-09-10 12:38:12 +00:00
|
|
|
EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE |
|
|
|
|
kNotInternalizedTag,
|
2013-07-19 11:29:11 +00:00
|
|
|
SHORT_EXTERNAL_STRING_TYPE =
|
|
|
|
SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
|
2014-09-10 12:38:12 +00:00
|
|
|
SHORT_EXTERNAL_ONE_BYTE_STRING_TYPE =
|
|
|
|
SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
|
2013-07-19 11:29:11 +00:00
|
|
|
SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE =
|
2014-09-10 12:38:12 +00:00
|
|
|
SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE |
|
|
|
|
kNotInternalizedTag,
|
2017-01-19 13:27:59 +00:00
|
|
|
THIN_STRING_TYPE = kTwoByteStringTag | kThinStringTag | kNotInternalizedTag,
|
|
|
|
THIN_ONE_BYTE_STRING_TYPE =
|
|
|
|
kOneByteStringTag | kThinStringTag | kNotInternalizedTag,
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2013-03-01 10:34:31 +00:00
|
|
|
// Non-string names
|
2017-11-22 18:04:36 +00:00
|
|
|
SYMBOL_TYPE =
|
|
|
|
1 + (kIsNotInternalizedMask | kShortExternalStringMask |
|
|
|
|
kOneByteDataHintMask | kStringEncodingMask |
|
|
|
|
kStringRepresentationMask), // FIRST_NONSTRING_TYPE, LAST_NAME_TYPE
|
2013-03-01 10:34:31 +00:00
|
|
|
|
2015-08-11 19:36:04 +00:00
|
|
|
// Other primitives (cannot contain non-map-word pointers to heap objects).
|
|
|
|
HEAP_NUMBER_TYPE,
|
2017-09-11 13:16:27 +00:00
|
|
|
BIGINT_TYPE,
|
2015-08-11 19:36:04 +00:00
|
|
|
ODDBALL_TYPE, // LAST_PRIMITIVE_TYPE
|
|
|
|
|
2009-12-22 13:34:02 +00:00
|
|
|
// Objects allocated in their own spaces (never in new space).
|
2013-03-01 10:34:31 +00:00
|
|
|
MAP_TYPE,
|
2008-07-03 15:10:15 +00:00
|
|
|
CODE_TYPE,
|
2009-12-22 13:34:02 +00:00
|
|
|
|
|
|
|
// "Data", objects that cannot contain non-map-word pointers to heap
|
|
|
|
// objects.
|
2014-07-01 15:02:31 +00:00
|
|
|
MUTABLE_HEAP_NUMBER_TYPE,
|
2011-05-19 11:47:34 +00:00
|
|
|
FOREIGN_TYPE,
|
2008-07-03 15:10:15 +00:00
|
|
|
BYTE_ARRAY_TYPE,
|
2015-07-24 12:02:41 +00:00
|
|
|
BYTECODE_ARRAY_TYPE,
|
2011-09-19 18:36:47 +00:00
|
|
|
FREE_SPACE_TYPE,
|
2015-08-03 13:02:39 +00:00
|
|
|
FIXED_INT8_ARRAY_TYPE, // FIRST_FIXED_TYPED_ARRAY_TYPE
|
2014-01-16 17:08:45 +00:00
|
|
|
FIXED_UINT8_ARRAY_TYPE,
|
|
|
|
FIXED_INT16_ARRAY_TYPE,
|
|
|
|
FIXED_UINT16_ARRAY_TYPE,
|
|
|
|
FIXED_INT32_ARRAY_TYPE,
|
|
|
|
FIXED_UINT32_ARRAY_TYPE,
|
|
|
|
FIXED_FLOAT32_ARRAY_TYPE,
|
|
|
|
FIXED_FLOAT64_ARRAY_TYPE,
|
2018-02-17 07:44:01 +00:00
|
|
|
FIXED_UINT8_CLAMPED_ARRAY_TYPE,
|
|
|
|
FIXED_BIGINT64_ARRAY_TYPE,
|
|
|
|
FIXED_BIGUINT64_ARRAY_TYPE, // LAST_FIXED_TYPED_ARRAY_TYPE
|
2011-06-09 10:03:35 +00:00
|
|
|
FIXED_DOUBLE_ARRAY_TYPE,
|
2018-03-09 12:52:04 +00:00
|
|
|
FEEDBACK_METADATA_TYPE,
|
2009-12-22 13:34:02 +00:00
|
|
|
FILLER_TYPE, // LAST_DATA_TYPE
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2009-12-22 13:34:02 +00:00
|
|
|
// Structs.
|
2017-12-19 13:21:23 +00:00
|
|
|
ACCESS_CHECK_INFO_TYPE,
|
2016-01-18 15:08:36 +00:00
|
|
|
ACCESSOR_INFO_TYPE,
|
2012-01-10 16:11:33 +00:00
|
|
|
ACCESSOR_PAIR_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
ALIASED_ARGUMENTS_ENTRY_TYPE,
|
|
|
|
ALLOCATION_MEMENTO_TYPE,
|
|
|
|
ASYNC_GENERATOR_REQUEST_TYPE,
|
|
|
|
DEBUG_INFO_TYPE,
|
2008-07-03 15:10:15 +00:00
|
|
|
FUNCTION_TEMPLATE_INFO_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
INTERCEPTOR_INFO_TYPE,
|
2018-04-10 14:31:06 +00:00
|
|
|
INTERPRETER_DATA_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
MODULE_INFO_ENTRY_TYPE,
|
|
|
|
MODULE_TYPE,
|
2008-07-03 15:10:15 +00:00
|
|
|
OBJECT_TEMPLATE_INFO_TYPE,
|
2018-02-08 16:36:52 +00:00
|
|
|
PROMISE_CAPABILITY_TYPE,
|
|
|
|
PROMISE_REACTION_TYPE,
|
2015-04-07 10:42:45 +00:00
|
|
|
PROTOTYPE_INFO_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
SCRIPT_TYPE,
|
|
|
|
STACK_FRAME_INFO_TYPE,
|
2016-12-02 10:03:18 +00:00
|
|
|
TUPLE2_TYPE,
|
2016-10-13 16:18:53 +00:00
|
|
|
TUPLE3_TYPE,
|
2018-03-01 18:48:50 +00:00
|
|
|
WASM_DEBUG_INFO_TYPE,
|
2018-05-07 15:40:56 +00:00
|
|
|
WASM_EXPORTED_FUNCTION_DATA_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
|
2018-02-08 16:36:52 +00:00
|
|
|
CALLABLE_TASK_TYPE, // FIRST_MICROTASK_TYPE
|
|
|
|
CALLBACK_TASK_TYPE,
|
|
|
|
PROMISE_FULFILL_REACTION_JOB_TASK_TYPE,
|
|
|
|
PROMISE_REJECT_REACTION_JOB_TASK_TYPE,
|
|
|
|
PROMISE_RESOLVE_THENABLE_JOB_TASK_TYPE, // LAST_MICROTASK_TYPE
|
|
|
|
|
2018-06-12 14:15:04 +00:00
|
|
|
ALLOCATION_SITE_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
// FixedArrays.
|
2017-11-23 10:45:46 +00:00
|
|
|
FIXED_ARRAY_TYPE, // FIRST_FIXED_ARRAY_TYPE
|
2018-03-02 12:50:56 +00:00
|
|
|
BOILERPLATE_DESCRIPTION_TYPE,
|
2018-06-29 14:01:29 +00:00
|
|
|
HASH_TABLE_TYPE, // FIRST_HASH_TABLE_TYPE
|
|
|
|
ORDERED_HASH_MAP_TYPE, // FIRST_DICTIONARY_TYPE
|
|
|
|
ORDERED_HASH_SET_TYPE,
|
|
|
|
NAME_DICTIONARY_TYPE,
|
|
|
|
GLOBAL_DICTIONARY_TYPE,
|
|
|
|
NUMBER_DICTIONARY_TYPE,
|
|
|
|
SIMPLE_NUMBER_DICTIONARY_TYPE, // LAST_DICTIONARY_TYPE
|
|
|
|
STRING_TABLE_TYPE, // LAST_HASH_TABLE_TYPE
|
2018-06-07 18:47:29 +00:00
|
|
|
EPHEMERON_HASH_TABLE_TYPE,
|
2018-02-16 12:36:47 +00:00
|
|
|
SCOPE_INFO_TYPE,
|
2018-06-29 14:01:29 +00:00
|
|
|
SCRIPT_CONTEXT_TABLE_TYPE,
|
2018-03-23 21:33:06 +00:00
|
|
|
BLOCK_CONTEXT_TYPE, // FIRST_CONTEXT_TYPE
|
|
|
|
CATCH_CONTEXT_TYPE,
|
|
|
|
DEBUG_EVALUATE_CONTEXT_TYPE,
|
|
|
|
EVAL_CONTEXT_TYPE,
|
|
|
|
FUNCTION_CONTEXT_TYPE,
|
|
|
|
MODULE_CONTEXT_TYPE,
|
|
|
|
NATIVE_CONTEXT_TYPE,
|
|
|
|
SCRIPT_CONTEXT_TYPE,
|
|
|
|
WITH_CONTEXT_TYPE, // LAST_FIXED_ARRAY_TYPE, LAST_CONTEXT_TYPE
|
2017-12-19 13:21:23 +00:00
|
|
|
|
2018-04-18 13:29:58 +00:00
|
|
|
WEAK_FIXED_ARRAY_TYPE, // FIRST_WEAK_FIXED_ARRAY_TYPE
|
2018-06-04 08:20:28 +00:00
|
|
|
DESCRIPTOR_ARRAY_TYPE,
|
2018-04-18 13:29:58 +00:00
|
|
|
TRANSITION_ARRAY_TYPE, // LAST_WEAK_FIXED_ARRAY_TYPE
|
|
|
|
|
2017-12-19 13:21:23 +00:00
|
|
|
// Misc.
|
2018-04-02 23:21:30 +00:00
|
|
|
CALL_HANDLER_INFO_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
CELL_TYPE,
|
|
|
|
CODE_DATA_CONTAINER_TYPE,
|
2018-02-22 12:04:01 +00:00
|
|
|
FEEDBACK_CELL_TYPE,
|
2017-07-27 12:45:00 +00:00
|
|
|
FEEDBACK_VECTOR_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
LOAD_HANDLER_TYPE,
|
2017-07-25 07:59:54 +00:00
|
|
|
PROPERTY_ARRAY_TYPE,
|
2016-12-19 12:50:30 +00:00
|
|
|
PROPERTY_CELL_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
SHARED_FUNCTION_INFO_TYPE,
|
2017-06-19 23:19:16 +00:00
|
|
|
SMALL_ORDERED_HASH_MAP_TYPE,
|
2017-05-29 09:29:19 +00:00
|
|
|
SMALL_ORDERED_HASH_SET_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
STORE_HANDLER_TYPE,
|
|
|
|
WEAK_CELL_TYPE,
|
2018-04-16 07:28:28 +00:00
|
|
|
WEAK_ARRAY_LIST_TYPE,
|
2009-12-22 13:34:02 +00:00
|
|
|
|
2011-09-21 14:46:54 +00:00
|
|
|
// All the following types are subtypes of JSReceiver, which corresponds to
|
|
|
|
// objects in the JS sense. The first and the last type in this range are
|
|
|
|
// the two forms of function. This organization enables using the same
|
2015-11-30 09:49:19 +00:00
|
|
|
// compares for checking the JS_RECEIVER and the NONCALLABLE_JS_OBJECT range.
|
2017-12-19 13:21:23 +00:00
|
|
|
// Some of the following instance types are exposed in v8.h, so to not
|
|
|
|
// unnecessarily change the ABI when we introduce new instance types in the
|
|
|
|
// future, we leave some space between instance types.
|
2017-12-22 17:20:47 +00:00
|
|
|
JS_PROXY_TYPE = 0x0400, // FIRST_JS_RECEIVER_TYPE
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_GLOBAL_OBJECT_TYPE, // FIRST_JS_OBJECT_TYPE
|
2016-03-04 11:51:55 +00:00
|
|
|
JS_GLOBAL_PROXY_TYPE,
|
2017-07-25 11:09:35 +00:00
|
|
|
JS_MODULE_NAMESPACE_TYPE,
|
2016-04-12 10:31:38 +00:00
|
|
|
// Like JS_API_OBJECT_TYPE, but requires access checks and/or has
|
|
|
|
// interceptors.
|
2017-12-22 17:20:47 +00:00
|
|
|
JS_SPECIAL_API_OBJECT_TYPE = 0x0410, // LAST_SPECIAL_RECEIVER_TYPE
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_VALUE_TYPE, // LAST_CUSTOM_ELEMENTS_RECEIVER
|
2016-04-12 10:31:38 +00:00
|
|
|
// Like JS_OBJECT_TYPE, but created from API function.
|
2017-12-22 17:20:47 +00:00
|
|
|
JS_API_OBJECT_TYPE = 0x0420,
|
2008-07-03 15:10:15 +00:00
|
|
|
JS_OBJECT_TYPE,
|
2016-06-23 14:39:30 +00:00
|
|
|
JS_ARGUMENTS_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_ARRAY_BUFFER_TYPE,
|
[es2015] Refactor the JSArrayIterator.
This changes the JSArrayIterator to always have only a single instance
type, instead of the zoo of instance types that we had before, and
which became less useful with the specification update to when "next"
is loaded from the iterator now. This greatly simplifies the baseline
implementation of the array iterator, which now only looks at the
iterated object during %ArrayIteratorPrototype%.next invocations.
In TurboFan we introduce a new JSCreateArrayIterator operator, that
holds the IterationKind and get's the iterated object as input. When
optimizing %ArrayIteratorPrototype%.next in the JSCallReducer, we
check whether the receiver is a JSCreateArrayIterator, and if so,
we try to infer maps for the iterated object from there. If we find
any, we speculatively assume that these won't have changed during
iteration (as we did before with the previous approach), and generate
fast code for both JSArray and JSTypedArray iteration.
Drive-by-fix: Drop the fast_array_iteration protector, it's not
necessary anymore since we have the deoptimization guard bit in
the JSCallReducer now.
This addresses the performance cliff noticed in webpack 4. The minimal
repro on the tracking bug goes from
console.timeEnd: mono, 124.773000
console.timeEnd: poly, 670.353000
to
console.timeEnd: mono, 118.709000
console.timeEnd: poly, 141.393000
so that's a 4.7x improvement.
Also make presubmit happy by adding the missing #undef's.
Bug: v8:7510, v7:7514
Change-Id: I79a46bfa2cd0f0710e09365ef72519b1bbb667b5
Reviewed-on: https://chromium-review.googlesource.com/946098
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51725}
2018-03-02 19:31:01 +00:00
|
|
|
JS_ARRAY_ITERATOR_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_ARRAY_TYPE,
|
|
|
|
JS_ASYNC_FROM_SYNC_ITERATOR_TYPE,
|
|
|
|
JS_ASYNC_GENERATOR_OBJECT_TYPE,
|
2009-01-14 12:13:26 +00:00
|
|
|
JS_CONTEXT_EXTENSION_OBJECT_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_DATE_TYPE,
|
|
|
|
JS_ERROR_TYPE,
|
2013-04-15 12:29:44 +00:00
|
|
|
JS_GENERATOR_OBJECT_TYPE,
|
2011-10-25 14:14:56 +00:00
|
|
|
JS_MAP_TYPE,
|
2017-07-10 06:46:56 +00:00
|
|
|
JS_MAP_KEY_ITERATOR_TYPE,
|
|
|
|
JS_MAP_KEY_VALUE_ITERATOR_TYPE,
|
|
|
|
JS_MAP_VALUE_ITERATOR_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_MESSAGE_OBJECT_TYPE,
|
2015-11-19 16:11:00 +00:00
|
|
|
JS_PROMISE_TYPE,
|
2011-09-21 14:46:54 +00:00
|
|
|
JS_REGEXP_TYPE,
|
2018-04-05 14:41:26 +00:00
|
|
|
JS_REGEXP_STRING_ITERATOR_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_SET_TYPE,
|
|
|
|
JS_SET_KEY_VALUE_ITERATOR_TYPE,
|
|
|
|
JS_SET_VALUE_ITERATOR_TYPE,
|
2016-09-21 14:17:42 +00:00
|
|
|
JS_STRING_ITERATOR_TYPE,
|
2017-12-19 13:21:23 +00:00
|
|
|
JS_WEAK_MAP_TYPE,
|
|
|
|
JS_WEAK_SET_TYPE,
|
|
|
|
|
|
|
|
JS_TYPED_ARRAY_TYPE,
|
|
|
|
JS_DATA_VIEW_TYPE,
|
2016-10-18 02:42:42 +00:00
|
|
|
|
2018-05-15 20:50:46 +00:00
|
|
|
#ifdef V8_INTL_SUPPORT
|
|
|
|
JS_INTL_LOCALE_TYPE,
|
|
|
|
#endif // V8_INTL_SUPPORT
|
|
|
|
|
2018-04-03 18:17:57 +00:00
|
|
|
WASM_GLOBAL_TYPE,
|
[es2015] Refactor the JSArrayIterator.
This changes the JSArrayIterator to always have only a single instance
type, instead of the zoo of instance types that we had before, and
which became less useful with the specification update to when "next"
is loaded from the iterator now. This greatly simplifies the baseline
implementation of the array iterator, which now only looks at the
iterated object during %ArrayIteratorPrototype%.next invocations.
In TurboFan we introduce a new JSCreateArrayIterator operator, that
holds the IterationKind and get's the iterated object as input. When
optimizing %ArrayIteratorPrototype%.next in the JSCallReducer, we
check whether the receiver is a JSCreateArrayIterator, and if so,
we try to infer maps for the iterated object from there. If we find
any, we speculatively assume that these won't have changed during
iteration (as we did before with the previous approach), and generate
fast code for both JSArray and JSTypedArray iteration.
Drive-by-fix: Drop the fast_array_iteration protector, it's not
necessary anymore since we have the deoptimization guard bit in
the JSCallReducer now.
This addresses the performance cliff noticed in webpack 4. The minimal
repro on the tracking bug goes from
console.timeEnd: mono, 124.773000
console.timeEnd: poly, 670.353000
to
console.timeEnd: mono, 118.709000
console.timeEnd: poly, 141.393000
so that's a 4.7x improvement.
Also make presubmit happy by adding the missing #undef's.
Bug: v8:7510, v7:7514
Change-Id: I79a46bfa2cd0f0710e09365ef72519b1bbb667b5
Reviewed-on: https://chromium-review.googlesource.com/946098
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#51725}
2018-03-02 19:31:01 +00:00
|
|
|
WASM_INSTANCE_TYPE,
|
2017-07-07 12:27:56 +00:00
|
|
|
WASM_MEMORY_TYPE,
|
|
|
|
WASM_MODULE_TYPE,
|
|
|
|
WASM_TABLE_TYPE,
|
2015-12-27 06:30:53 +00:00
|
|
|
JS_BOUND_FUNCTION_TYPE,
|
2011-09-21 14:46:54 +00:00
|
|
|
JS_FUNCTION_TYPE, // LAST_JS_OBJECT_TYPE, LAST_JS_RECEIVER_TYPE
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Pseudo-types
|
|
|
|
FIRST_TYPE = 0x0,
|
2011-09-21 14:46:54 +00:00
|
|
|
LAST_TYPE = JS_FUNCTION_TYPE,
|
2013-03-01 13:28:55 +00:00
|
|
|
FIRST_NAME_TYPE = FIRST_TYPE,
|
2013-03-01 10:34:31 +00:00
|
|
|
LAST_NAME_TYPE = SYMBOL_TYPE,
|
2013-03-01 13:28:55 +00:00
|
|
|
FIRST_UNIQUE_NAME_TYPE = INTERNALIZED_STRING_TYPE,
|
|
|
|
LAST_UNIQUE_NAME_TYPE = SYMBOL_TYPE,
|
2013-03-01 10:34:31 +00:00
|
|
|
FIRST_NONSTRING_TYPE = SYMBOL_TYPE,
|
2015-08-11 19:36:04 +00:00
|
|
|
FIRST_PRIMITIVE_TYPE = FIRST_NAME_TYPE,
|
|
|
|
LAST_PRIMITIVE_TYPE = ODDBALL_TYPE,
|
2015-12-27 06:30:53 +00:00
|
|
|
FIRST_FUNCTION_TYPE = JS_BOUND_FUNCTION_TYPE,
|
|
|
|
LAST_FUNCTION_TYPE = JS_FUNCTION_TYPE,
|
2017-11-23 10:45:46 +00:00
|
|
|
// Boundaries for testing if given HeapObject is a subclass of FixedArray.
|
|
|
|
FIRST_FIXED_ARRAY_TYPE = FIXED_ARRAY_TYPE,
|
2018-03-23 21:33:06 +00:00
|
|
|
LAST_FIXED_ARRAY_TYPE = WITH_CONTEXT_TYPE,
|
2018-06-29 14:01:29 +00:00
|
|
|
// Boundaries for testing if given HeapObject is a subclass of HashTable
|
|
|
|
FIRST_HASH_TABLE_TYPE = HASH_TABLE_TYPE,
|
|
|
|
LAST_HASH_TABLE_TYPE = STRING_TABLE_TYPE,
|
|
|
|
// Boundaries for testing if given HeapObject is a subclass of Dictionary
|
|
|
|
FIRST_DICTIONARY_TYPE = ORDERED_HASH_MAP_TYPE,
|
|
|
|
LAST_DICTIONARY_TYPE = SIMPLE_NUMBER_DICTIONARY_TYPE,
|
2018-04-18 13:29:58 +00:00
|
|
|
// Boundaries for testing if given HeapObject is a subclass of WeakFixedArray.
|
|
|
|
FIRST_WEAK_FIXED_ARRAY_TYPE = WEAK_FIXED_ARRAY_TYPE,
|
|
|
|
LAST_WEAK_FIXED_ARRAY_TYPE = TRANSITION_ARRAY_TYPE,
|
2018-03-23 21:33:06 +00:00
|
|
|
// Boundaries for testing if given HeapObject is a Context
|
|
|
|
FIRST_CONTEXT_TYPE = BLOCK_CONTEXT_TYPE,
|
|
|
|
LAST_CONTEXT_TYPE = WITH_CONTEXT_TYPE,
|
2018-02-08 16:36:52 +00:00
|
|
|
// Boundaries for testing if given HeapObject is a subclass of Microtask.
|
|
|
|
FIRST_MICROTASK_TYPE = CALLABLE_TASK_TYPE,
|
|
|
|
LAST_MICROTASK_TYPE = PROMISE_RESOLVE_THENABLE_JOB_TASK_TYPE,
|
2014-01-16 17:08:45 +00:00
|
|
|
// Boundaries for testing for a fixed typed array.
|
|
|
|
FIRST_FIXED_TYPED_ARRAY_TYPE = FIXED_INT8_ARRAY_TYPE,
|
2018-02-17 07:44:01 +00:00
|
|
|
LAST_FIXED_TYPED_ARRAY_TYPE = FIXED_BIGUINT64_ARRAY_TYPE,
|
2015-04-07 11:31:57 +00:00
|
|
|
// Boundary for promotion to old space.
|
2009-12-22 13:34:02 +00:00
|
|
|
LAST_DATA_TYPE = FILLER_TYPE,
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
// Boundary for objects represented as JSReceiver (i.e. JSObject or JSProxy).
|
|
|
|
// Note that there is no range for JSObject or JSProxy, since their subtypes
|
|
|
|
// are not continuous in this enum! The enum ranges instead reflect the
|
|
|
|
// external class names, where proxies are treated as either ordinary objects,
|
|
|
|
// or functions.
|
2015-12-04 13:49:08 +00:00
|
|
|
FIRST_JS_RECEIVER_TYPE = JS_PROXY_TYPE,
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
LAST_JS_RECEIVER_TYPE = LAST_TYPE,
|
2011-09-21 14:46:54 +00:00
|
|
|
// Boundaries for testing the types represented as JSObject
|
2016-03-04 11:51:55 +00:00
|
|
|
FIRST_JS_OBJECT_TYPE = JS_GLOBAL_OBJECT_TYPE,
|
2011-09-21 14:46:54 +00:00
|
|
|
LAST_JS_OBJECT_TYPE = LAST_TYPE,
|
2016-03-04 11:51:55 +00:00
|
|
|
// Boundary for testing JSReceivers that need special property lookup handling
|
|
|
|
LAST_SPECIAL_RECEIVER_TYPE = JS_SPECIAL_API_OBJECT_TYPE,
|
2016-03-21 14:14:39 +00:00
|
|
|
// Boundary case for testing JSReceivers that may have elements while having
|
|
|
|
// an empty fixed array as elements backing store. This is true for string
|
|
|
|
// wrappers.
|
|
|
|
LAST_CUSTOM_ELEMENTS_RECEIVER = JS_VALUE_TYPE,
|
2016-10-18 02:42:42 +00:00
|
|
|
|
2017-07-14 05:35:21 +00:00
|
|
|
FIRST_SET_ITERATOR_TYPE = JS_SET_KEY_VALUE_ITERATOR_TYPE,
|
|
|
|
LAST_SET_ITERATOR_TYPE = JS_SET_VALUE_ITERATOR_TYPE,
|
|
|
|
|
|
|
|
FIRST_MAP_ITERATOR_TYPE = JS_MAP_KEY_ITERATOR_TYPE,
|
|
|
|
LAST_MAP_ITERATOR_TYPE = JS_MAP_VALUE_ITERATOR_TYPE,
|
2008-07-03 15:10:15 +00:00
|
|
|
};
|
|
|
|
|
2017-11-22 18:04:36 +00:00
|
|
|
STATIC_ASSERT((FIRST_NONSTRING_TYPE & kIsNotStringMask) != kStringTag);
|
2014-05-27 13:43:29 +00:00
|
|
|
STATIC_ASSERT(JS_OBJECT_TYPE == Internals::kJSObjectType);
|
2016-04-12 10:31:38 +00:00
|
|
|
STATIC_ASSERT(JS_API_OBJECT_TYPE == Internals::kJSApiObjectType);
|
2017-10-18 18:57:27 +00:00
|
|
|
STATIC_ASSERT(JS_SPECIAL_API_OBJECT_TYPE == Internals::kJSSpecialApiObjectType);
|
2014-05-27 13:43:29 +00:00
|
|
|
STATIC_ASSERT(FIRST_NONSTRING_TYPE == Internals::kFirstNonstringType);
|
|
|
|
STATIC_ASSERT(ODDBALL_TYPE == Internals::kOddballType);
|
|
|
|
STATIC_ASSERT(FOREIGN_TYPE == Internals::kForeignType);
|
2010-06-18 10:52:59 +00:00
|
|
|
|
2016-10-14 08:55:40 +00:00
|
|
|
V8_EXPORT_PRIVATE std::ostream& operator<<(std::ostream& os,
|
|
|
|
InstanceType instance_type);
|
2015-12-03 10:02:46 +00:00
|
|
|
|
2015-09-18 06:35:36 +00:00
|
|
|
// Result of an abstract relational comparison of x and y, implemented according
|
|
|
|
// to ES6 section 7.2.11 Abstract Relational Comparison.
|
|
|
|
enum class ComparisonResult {
|
|
|
|
kLessThan, // x < y
|
|
|
|
kEqual, // x = y
|
2015-09-28 18:05:56 +00:00
|
|
|
kGreaterThan, // x > y
|
2015-09-18 06:35:36 +00:00
|
|
|
kUndefined // at least one of x or y was undefined or NaN
|
|
|
|
};
|
|
|
|
|
2017-10-24 09:39:35 +00:00
|
|
|
// (Returns false whenever {result} is kUndefined.)
|
2017-10-25 17:43:04 +00:00
|
|
|
bool ComparisonResultToBool(Operation op, ComparisonResult result);
|
2017-10-24 09:39:35 +00:00
|
|
|
|
2016-08-24 08:48:34 +00:00
|
|
|
class AbstractCode;
|
2012-05-24 10:40:24 +00:00
|
|
|
class AccessorPair;
|
2018-04-30 13:27:37 +00:00
|
|
|
class AccessCheckInfo;
|
2013-10-16 08:10:36 +00:00
|
|
|
class AllocationSite;
|
2017-12-01 11:33:03 +00:00
|
|
|
class ByteArray;
|
2015-06-25 12:19:55 +00:00
|
|
|
class Cell;
|
2014-11-26 11:53:27 +00:00
|
|
|
class ConsString;
|
2017-10-13 13:24:26 +00:00
|
|
|
class DependentCode;
|
2011-08-03 11:12:46 +00:00
|
|
|
class ElementsAccessor;
|
2017-08-30 04:21:29 +00:00
|
|
|
class EnumCache;
|
2011-08-12 13:54:27 +00:00
|
|
|
class FixedArrayBase;
|
2017-07-11 20:56:40 +00:00
|
|
|
class PropertyArray;
|
2015-02-12 13:21:06 +00:00
|
|
|
class FunctionLiteral;
|
2018-04-27 08:31:07 +00:00
|
|
|
class FunctionTemplateInfo;
|
2015-11-02 14:57:59 +00:00
|
|
|
class JSGlobalObject;
|
2018-05-15 20:50:46 +00:00
|
|
|
#ifdef V8_INTL_SUPPORT
|
|
|
|
class JSLocale;
|
|
|
|
#endif // V8_INTL_SUPPORT
|
2018-02-08 16:36:52 +00:00
|
|
|
class JSPromise;
|
2015-10-19 13:47:24 +00:00
|
|
|
class KeyAccumulator;
|
2014-11-11 10:24:52 +00:00
|
|
|
class LayoutDescriptor;
|
2014-11-10 17:43:51 +00:00
|
|
|
class LookupIterator;
|
2016-01-26 15:03:40 +00:00
|
|
|
class FieldType;
|
2016-10-07 19:37:04 +00:00
|
|
|
class Module;
|
2016-09-12 12:54:47 +00:00
|
|
|
class ModuleInfoEntry;
|
2015-06-25 12:19:55 +00:00
|
|
|
class ObjectHashTable;
|
2018-04-27 08:31:07 +00:00
|
|
|
class ObjectTemplateInfo;
|
2014-11-11 10:24:52 +00:00
|
|
|
class ObjectVisitor;
|
2015-06-25 12:19:55 +00:00
|
|
|
class PropertyCell;
|
2015-10-13 14:38:16 +00:00
|
|
|
class PropertyDescriptor;
|
2017-04-25 13:32:18 +00:00
|
|
|
class RootVisitor;
|
2015-06-25 12:19:55 +00:00
|
|
|
class SafepointEntry;
|
|
|
|
class SharedFunctionInfo;
|
2011-08-12 13:54:27 +00:00
|
|
|
class StringStream;
|
2018-02-22 12:04:01 +00:00
|
|
|
class FeedbackCell;
|
2017-02-07 14:05:02 +00:00
|
|
|
class FeedbackMetadata;
|
|
|
|
class FeedbackVector;
|
2014-10-15 10:11:08 +00:00
|
|
|
class WeakCell;
|
2018-04-27 08:31:07 +00:00
|
|
|
class TemplateInfo;
|
2015-12-03 13:18:19 +00:00
|
|
|
class TransitionArray;
|
2016-08-01 14:28:06 +00:00
|
|
|
class TemplateList;
|
2017-06-28 12:56:11 +00:00
|
|
|
template <typename T>
|
|
|
|
class ZoneForwardList;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// A template-ized version of the IsXXX functions.
|
2013-05-14 11:02:20 +00:00
|
|
|
template <class C> inline bool Is(Object* obj);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2012-12-13 10:17:37 +00:00
|
|
|
#ifdef OBJECT_PRINT
|
2017-06-29 13:14:20 +00:00
|
|
|
#define DECL_PRINTER(Name) void Name##Print(std::ostream& os); // NOLINT
|
2018-06-26 11:43:50 +00:00
|
|
|
#define DECL_PRINTER_WITH_ISOLATE(Name) \
|
|
|
|
void Name##Print(Isolate* isolate, std::ostream& os); // NOLINT
|
2012-12-13 10:17:37 +00:00
|
|
|
#else
|
2017-06-29 13:14:20 +00:00
|
|
|
#define DECL_PRINTER(Name)
|
2018-06-26 11:43:50 +00:00
|
|
|
#define DECL_PRINTER_WITH_ISOLATE(Name)
|
2012-12-13 10:17:37 +00:00
|
|
|
#endif
|
|
|
|
|
2014-09-10 12:38:12 +00:00
|
|
|
#define OBJECT_TYPE_LIST(V) \
|
|
|
|
V(Smi) \
|
2016-02-16 12:57:29 +00:00
|
|
|
V(LayoutDescriptor) \
|
2014-09-10 12:38:12 +00:00
|
|
|
V(HeapObject) \
|
2016-02-16 12:57:29 +00:00
|
|
|
V(Primitive) \
|
2017-10-23 10:49:42 +00:00
|
|
|
V(Number) \
|
|
|
|
V(Numeric)
|
2014-09-10 12:38:12 +00:00
|
|
|
|
2018-05-15 20:50:46 +00:00
|
|
|
#define HEAP_OBJECT_ORDINARY_TYPE_LIST_BASE(V) \
|
|
|
|
V(AbstractCode) \
|
|
|
|
V(AccessCheckNeeded) \
|
2018-06-12 14:15:04 +00:00
|
|
|
V(AllocationSite) \
|
2018-05-15 20:50:46 +00:00
|
|
|
V(ArrayList) \
|
|
|
|
V(BigInt) \
|
|
|
|
V(BigIntWrapper) \
|
|
|
|
V(BoilerplateDescription) \
|
|
|
|
V(Boolean) \
|
|
|
|
V(BooleanWrapper) \
|
|
|
|
V(BreakPoint) \
|
|
|
|
V(BreakPointInfo) \
|
|
|
|
V(ByteArray) \
|
|
|
|
V(BytecodeArray) \
|
|
|
|
V(CallHandlerInfo) \
|
|
|
|
V(Callable) \
|
|
|
|
V(Cell) \
|
|
|
|
V(ClassBoilerplate) \
|
|
|
|
V(Code) \
|
|
|
|
V(CodeDataContainer) \
|
|
|
|
V(CompilationCacheTable) \
|
|
|
|
V(ConsString) \
|
|
|
|
V(ConstantElementsPair) \
|
2018-06-29 11:05:10 +00:00
|
|
|
V(CompileTimeValue) \
|
2018-05-15 20:50:46 +00:00
|
|
|
V(Constructor) \
|
|
|
|
V(Context) \
|
|
|
|
V(CoverageInfo) \
|
|
|
|
V(DataHandler) \
|
|
|
|
V(DeoptimizationData) \
|
|
|
|
V(DependentCode) \
|
|
|
|
V(DescriptorArray) \
|
2018-06-07 05:57:16 +00:00
|
|
|
V(EphemeronHashTable) \
|
2018-05-15 20:50:46 +00:00
|
|
|
V(EnumCache) \
|
|
|
|
V(ExternalOneByteString) \
|
|
|
|
V(ExternalString) \
|
|
|
|
V(ExternalTwoByteString) \
|
|
|
|
V(FeedbackCell) \
|
|
|
|
V(FeedbackMetadata) \
|
|
|
|
V(FeedbackVector) \
|
|
|
|
V(Filler) \
|
|
|
|
V(FixedArray) \
|
|
|
|
V(FixedArrayBase) \
|
|
|
|
V(FixedArrayExact) \
|
|
|
|
V(FixedArrayOfWeakCells) \
|
|
|
|
V(FixedBigInt64Array) \
|
|
|
|
V(FixedBigUint64Array) \
|
|
|
|
V(FixedDoubleArray) \
|
|
|
|
V(FixedFloat32Array) \
|
|
|
|
V(FixedFloat64Array) \
|
|
|
|
V(FixedInt16Array) \
|
|
|
|
V(FixedInt32Array) \
|
|
|
|
V(FixedInt8Array) \
|
|
|
|
V(FixedTypedArrayBase) \
|
|
|
|
V(FixedUint16Array) \
|
|
|
|
V(FixedUint32Array) \
|
|
|
|
V(FixedUint8Array) \
|
|
|
|
V(FixedUint8ClampedArray) \
|
|
|
|
V(Foreign) \
|
|
|
|
V(FrameArray) \
|
|
|
|
V(FreeSpace) \
|
|
|
|
V(Function) \
|
|
|
|
V(GlobalDictionary) \
|
|
|
|
V(HandlerTable) \
|
|
|
|
V(HeapNumber) \
|
|
|
|
V(InternalizedString) \
|
|
|
|
V(JSArgumentsObject) \
|
|
|
|
V(JSArray) \
|
|
|
|
V(JSArrayBuffer) \
|
|
|
|
V(JSArrayBufferView) \
|
|
|
|
V(JSArrayIterator) \
|
|
|
|
V(JSAsyncFromSyncIterator) \
|
|
|
|
V(JSAsyncGeneratorObject) \
|
|
|
|
V(JSBoundFunction) \
|
|
|
|
V(JSCollection) \
|
|
|
|
V(JSContextExtensionObject) \
|
|
|
|
V(JSDataView) \
|
|
|
|
V(JSDate) \
|
|
|
|
V(JSError) \
|
|
|
|
V(JSFunction) \
|
|
|
|
V(JSGeneratorObject) \
|
|
|
|
V(JSGlobalObject) \
|
|
|
|
V(JSGlobalProxy) \
|
|
|
|
V(JSMap) \
|
|
|
|
V(JSMapIterator) \
|
|
|
|
V(JSMessageObject) \
|
|
|
|
V(JSModuleNamespace) \
|
|
|
|
V(JSObject) \
|
|
|
|
V(JSPromise) \
|
|
|
|
V(JSProxy) \
|
|
|
|
V(JSReceiver) \
|
|
|
|
V(JSRegExp) \
|
|
|
|
V(JSRegExpStringIterator) \
|
|
|
|
V(JSSet) \
|
|
|
|
V(JSSetIterator) \
|
|
|
|
V(JSSloppyArgumentsObject) \
|
|
|
|
V(JSStringIterator) \
|
|
|
|
V(JSTypedArray) \
|
|
|
|
V(JSValue) \
|
|
|
|
V(JSWeakCollection) \
|
|
|
|
V(JSWeakMap) \
|
|
|
|
V(JSWeakSet) \
|
|
|
|
V(LoadHandler) \
|
|
|
|
V(Map) \
|
|
|
|
V(MapCache) \
|
|
|
|
V(Microtask) \
|
|
|
|
V(ModuleInfo) \
|
|
|
|
V(MutableHeapNumber) \
|
|
|
|
V(Name) \
|
|
|
|
V(NameDictionary) \
|
|
|
|
V(NativeContext) \
|
|
|
|
V(NormalizedMapCache) \
|
|
|
|
V(NumberDictionary) \
|
|
|
|
V(NumberWrapper) \
|
|
|
|
V(ObjectHashSet) \
|
|
|
|
V(ObjectHashTable) \
|
|
|
|
V(Oddball) \
|
|
|
|
V(OrderedHashMap) \
|
|
|
|
V(OrderedHashSet) \
|
|
|
|
V(PreParsedScopeData) \
|
|
|
|
V(PromiseReactionJobTask) \
|
|
|
|
V(PropertyArray) \
|
|
|
|
V(PropertyCell) \
|
|
|
|
V(PropertyDescriptorObject) \
|
|
|
|
V(RegExpMatchInfo) \
|
|
|
|
V(ScopeInfo) \
|
|
|
|
V(ScriptContextTable) \
|
|
|
|
V(ScriptWrapper) \
|
|
|
|
V(SeqOneByteString) \
|
|
|
|
V(SeqString) \
|
|
|
|
V(SeqTwoByteString) \
|
|
|
|
V(SharedFunctionInfo) \
|
|
|
|
V(SimpleNumberDictionary) \
|
|
|
|
V(SlicedString) \
|
|
|
|
V(SloppyArgumentsElements) \
|
|
|
|
V(SmallOrderedHashMap) \
|
|
|
|
V(SmallOrderedHashSet) \
|
|
|
|
V(SourcePositionTableWithFrameCache) \
|
|
|
|
V(StoreHandler) \
|
|
|
|
V(String) \
|
|
|
|
V(StringSet) \
|
|
|
|
V(StringTable) \
|
|
|
|
V(StringWrapper) \
|
|
|
|
V(Struct) \
|
|
|
|
V(Symbol) \
|
|
|
|
V(SymbolWrapper) \
|
|
|
|
V(TemplateInfo) \
|
|
|
|
V(TemplateList) \
|
|
|
|
V(TemplateObjectDescription) \
|
|
|
|
V(ThinString) \
|
|
|
|
V(TransitionArray) \
|
|
|
|
V(Undetectable) \
|
|
|
|
V(UniqueName) \
|
|
|
|
V(WasmGlobalObject) \
|
|
|
|
V(WasmInstanceObject) \
|
|
|
|
V(WasmMemoryObject) \
|
|
|
|
V(WasmModuleObject) \
|
|
|
|
V(WasmTableObject) \
|
|
|
|
V(WeakCell) \
|
|
|
|
V(WeakFixedArray) \
|
2018-04-16 07:28:28 +00:00
|
|
|
V(WeakArrayList)
|
2013-08-02 09:53:11 +00:00
|
|
|
|
2018-05-15 20:50:46 +00:00
|
|
|
#ifdef V8_INTL_SUPPORT
|
|
|
|
#define HEAP_OBJECT_ORDINARY_TYPE_LIST(V) \
|
|
|
|
HEAP_OBJECT_ORDINARY_TYPE_LIST_BASE(V) \
|
|
|
|
V(JSLocale)
|
|
|
|
#else
|
|
|
|
#define HEAP_OBJECT_ORDINARY_TYPE_LIST(V) HEAP_OBJECT_ORDINARY_TYPE_LIST_BASE(V)
|
|
|
|
#endif // V8_INTL_SUPPORT
|
|
|
|
|
2017-08-03 14:27:11 +00:00
|
|
|
#define HEAP_OBJECT_TEMPLATE_TYPE_LIST(V) \
|
|
|
|
V(Dictionary) \
|
2017-11-19 10:06:32 +00:00
|
|
|
V(HashTable)
|
2017-08-03 14:27:11 +00:00
|
|
|
|
|
|
|
#define HEAP_OBJECT_TYPE_LIST(V) \
|
|
|
|
HEAP_OBJECT_ORDINARY_TYPE_LIST(V) \
|
|
|
|
HEAP_OBJECT_TEMPLATE_TYPE_LIST(V)
|
|
|
|
|
2016-06-14 10:08:44 +00:00
|
|
|
#define ODDBALL_LIST(V) \
|
|
|
|
V(Undefined, undefined_value) \
|
|
|
|
V(Null, null_value) \
|
|
|
|
V(TheHole, the_hole_value) \
|
|
|
|
V(Exception, exception) \
|
|
|
|
V(Uninitialized, uninitialized_value) \
|
|
|
|
V(True, true_value) \
|
|
|
|
V(False, false_value) \
|
|
|
|
V(ArgumentsMarker, arguments_marker) \
|
|
|
|
V(OptimizedOut, optimized_out) \
|
|
|
|
V(StaleRegister, stale_register)
|
2016-02-16 12:57:29 +00:00
|
|
|
|
2015-12-17 08:40:49 +00:00
|
|
|
// The element types selection for CreateListFromArrayLike.
|
|
|
|
enum class ElementTypes { kAll, kStringAndSymbol };
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Object is the abstract superclass for all classes in the
|
|
|
|
// object hierarchy.
|
|
|
|
// Object does not use any virtual functions to avoid the
|
|
|
|
// allocation of the C++ vtable.
|
2014-04-30 12:25:18 +00:00
|
|
|
// Since both Smi and HeapObject are subclasses of Object no
|
2008-07-03 15:10:15 +00:00
|
|
|
// data members can be present in Object.
|
2014-04-30 12:25:18 +00:00
|
|
|
class Object {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
|
|
|
// Type testing.
|
2014-06-24 09:47:25 +00:00
|
|
|
bool IsObject() const { return true; }
|
Make the runtime entry for setting/changing accessors "atomic".
Previously, there were 1 or 2 calls to the runtime when accessors were changed
or set. This doesn't really work well with property attributes, leading to some
hacks and complicates things even further when trying to share maps in presence
of accessors. Therefore, the runtime entry now takes the full triple (getter,
setter, attributes), where the getter and/or the setter can be null in case they
shouldn't be changed.
For now, we do basically the same on the native side as we did before on the
JavaScript side, but this will change in future CLs, the current CL is already
large enough.
Note that object literals with a getter and a setter for the same property still
do 2 calls, but this is a little bit more tricky to fix and will be handled in a
separate CL.
Review URL: https://chromiumcodereview.appspot.com/9616016
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@10956 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2012-03-07 13:24:44 +00:00
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
#define IS_TYPE_FUNCTION_DECL(Type) V8_INLINE bool Is##Type() const;
|
2011-01-19 08:04:48 +00:00
|
|
|
OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
|
|
|
|
HEAP_OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
|
2016-06-14 10:08:44 +00:00
|
|
|
#undef IS_TYPE_FUNCTION_DECL
|
2017-01-09 13:40:51 +00:00
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsExternal(Isolate* isolate) const;
|
2018-06-20 16:32:59 +00:00
|
|
|
|
2016-06-14 10:08:44 +00:00
|
|
|
#define IS_TYPE_FUNCTION_DECL(Type, Value) \
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool Is##Type(Isolate* isolate) const;
|
2016-02-16 12:57:29 +00:00
|
|
|
ODDBALL_LIST(IS_TYPE_FUNCTION_DECL)
|
2011-01-19 08:04:48 +00:00
|
|
|
#undef IS_TYPE_FUNCTION_DECL
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsNullOrUndefined(Isolate* isolate) const;
|
2017-01-09 13:40:51 +00:00
|
|
|
|
2018-06-12 09:16:35 +00:00
|
|
|
// Non-isolate version of oddball check. This is slower than the above check,
|
|
|
|
// so it should only be used for DCHECKS.
|
|
|
|
#ifdef DEBUG
|
2018-06-22 11:19:13 +00:00
|
|
|
#define IS_TYPE_FUNCTION_DECL(Type, Value) V8_INLINE bool Is##Type() const;
|
2018-06-12 09:16:35 +00:00
|
|
|
ODDBALL_LIST(IS_TYPE_FUNCTION_DECL)
|
|
|
|
#undef IS_TYPE_FUNCTION_DECL
|
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsNullOrUndefined() const;
|
2018-06-12 09:16:35 +00:00
|
|
|
#endif
|
|
|
|
|
2014-07-18 13:47:25 +00:00
|
|
|
// A non-keyed store is of the form a.x = foo or a["x"] = foo whereas
|
|
|
|
// a keyed store is of the form a[expression] = foo.
|
|
|
|
enum StoreFromKeyed {
|
|
|
|
MAY_BE_STORE_FROM_KEYED,
|
|
|
|
CERTAINLY_NOT_STORE_FROM_KEYED
|
|
|
|
};
|
|
|
|
|
2017-10-10 16:00:31 +00:00
|
|
|
enum class Conversion { kToNumber, kToNumeric };
|
|
|
|
|
2015-10-23 09:39:37 +00:00
|
|
|
#define RETURN_FAILURE(isolate, should_throw, call) \
|
|
|
|
do { \
|
2017-10-25 18:07:04 +00:00
|
|
|
if ((should_throw) == kDontThrow) { \
|
2015-10-23 09:39:37 +00:00
|
|
|
return Just(false); \
|
|
|
|
} else { \
|
|
|
|
isolate->Throw(*isolate->factory()->call); \
|
|
|
|
return Nothing<bool>(); \
|
|
|
|
} \
|
|
|
|
} while (false)
|
|
|
|
|
|
|
|
#define MAYBE_RETURN(call, value) \
|
|
|
|
do { \
|
|
|
|
if ((call).IsNothing()) return value; \
|
|
|
|
} while (false)
|
|
|
|
|
|
|
|
#define MAYBE_RETURN_NULL(call) MAYBE_RETURN(call, MaybeHandle<Object>())
|
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
#define DECL_STRUCT_PREDICATE(NAME, Name, name) V8_INLINE bool Is##Name() const;
|
2017-06-29 13:14:20 +00:00
|
|
|
STRUCT_LIST(DECL_STRUCT_PREDICATE)
|
|
|
|
#undef DECL_STRUCT_PREDICATE
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-06-06 15:55:33 +00:00
|
|
|
// ES6, #sec-isarray. NOT to be confused with %_IsArray.
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE
|
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> IsArray(Handle<Object> object);
|
2015-12-03 12:51:15 +00:00
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsSmallOrderedHashTable() const;
|
2011-07-21 13:51:04 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Extract the number.
|
2015-09-15 13:14:36 +00:00
|
|
|
inline double Number() const;
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsNaN() const;
|
|
|
|
V8_INLINE bool IsMinusZero() const;
|
2017-05-03 09:58:03 +00:00
|
|
|
V8_EXPORT_PRIVATE bool ToInt32(int32_t* value);
|
2017-07-03 13:29:23 +00:00
|
|
|
inline bool ToUint32(uint32_t* value) const;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline Representation OptimalRepresentation();
|
2013-04-26 15:30:41 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline ElementsKind OptimalElementsKind();
|
2015-06-23 11:35:43 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline bool FitsRepresentation(Representation representation);
|
2013-04-26 15:30:41 +00:00
|
|
|
|
2015-05-20 17:03:21 +00:00
|
|
|
// Checks whether two valid primitive encodings of a property name resolve to
|
|
|
|
// the same logical property. E.g., the smi 1, the string "1" and the double
|
|
|
|
// 1 all refer to the same property, so this helper will return true.
|
|
|
|
inline bool KeyEquals(Object* other);
|
|
|
|
|
2015-12-02 16:30:06 +00:00
|
|
|
inline bool FilterKey(PropertyFilter filter);
|
2015-10-19 13:47:24 +00:00
|
|
|
|
2016-01-26 15:03:40 +00:00
|
|
|
Handle<FieldType> OptimalType(Isolate* isolate,
|
|
|
|
Representation representation);
|
2014-04-15 07:36:47 +00:00
|
|
|
|
2014-04-15 12:11:39 +00:00
|
|
|
inline static Handle<Object> NewStorageFor(Isolate* isolate,
|
|
|
|
Handle<Object> object,
|
|
|
|
Representation representation);
|
2013-05-08 15:02:08 +00:00
|
|
|
|
2014-07-01 15:02:31 +00:00
|
|
|
inline static Handle<Object> WrapForRead(Isolate* isolate,
|
|
|
|
Handle<Object> object,
|
|
|
|
Representation representation);
|
|
|
|
|
2011-06-09 10:03:35 +00:00
|
|
|
// Returns true if the object is of the correct type to be used as a
|
|
|
|
// implementation of a JSObject's elements.
|
|
|
|
inline bool HasValidElements();
|
|
|
|
|
2018-05-25 13:39:45 +00:00
|
|
|
// ECMA-262 9.2.
|
|
|
|
bool BooleanValue(Isolate* isolate);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-09-18 06:35:36 +00:00
|
|
|
// ES6 section 7.2.11 Abstract Relational Comparison
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<ComparisonResult> Compare(
|
2018-06-20 12:44:39 +00:00
|
|
|
Isolate* isolate, Handle<Object> x, Handle<Object> y);
|
2015-09-18 06:35:36 +00:00
|
|
|
|
2015-09-15 13:14:36 +00:00
|
|
|
// ES6 section 7.2.12 Abstract Equality Comparison
|
2018-06-20 12:44:39 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> Equals(Isolate* isolate,
|
|
|
|
Handle<Object> x,
|
2018-04-09 15:12:07 +00:00
|
|
|
Handle<Object> y);
|
2015-09-15 13:14:36 +00:00
|
|
|
|
2015-08-17 08:01:55 +00:00
|
|
|
// ES6 section 7.2.13 Strict Equality Comparison
|
|
|
|
bool StrictEquals(Object* that);
|
|
|
|
|
2017-04-24 20:53:37 +00:00
|
|
|
// ES6 section 7.1.13 ToObject
|
2008-07-03 15:10:15 +00:00
|
|
|
// Convert to a JSObject if needed.
|
2012-08-17 09:03:08 +00:00
|
|
|
// native_context is used when creating wrapper object.
|
2017-04-24 20:53:37 +00:00
|
|
|
//
|
|
|
|
// Passing a non-null method_name allows us to give a more informative
|
|
|
|
// error message for those cases where ToObject is being called on
|
|
|
|
// the receiver of a built-in method.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<JSReceiver> ToObject(
|
2017-04-24 20:53:37 +00:00
|
|
|
Isolate* isolate, Handle<Object> object,
|
|
|
|
const char* method_name = nullptr);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<JSReceiver> ToObject(
|
2017-04-24 20:53:37 +00:00
|
|
|
Isolate* isolate, Handle<Object> object, Handle<Context> native_context,
|
|
|
|
const char* method_name = nullptr);
|
2015-08-27 12:50:31 +00:00
|
|
|
|
2016-04-29 10:14:42 +00:00
|
|
|
// ES6 section 9.2.1.2, OrdinaryCallBindThis for sloppy callee.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<JSReceiver> ConvertReceiver(
|
2016-04-29 10:14:42 +00:00
|
|
|
Isolate* isolate, Handle<Object> object);
|
|
|
|
|
2015-08-28 09:21:23 +00:00
|
|
|
// ES6 section 7.1.14 ToPropertyKey
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Name> ToName(
|
|
|
|
Isolate* isolate, Handle<Object> input);
|
2015-08-28 09:21:23 +00:00
|
|
|
|
|
|
|
// ES6 section 7.1.1 ToPrimitive
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToPrimitive(
|
2015-08-28 09:21:23 +00:00
|
|
|
Handle<Object> input, ToPrimitiveHint hint = ToPrimitiveHint::kDefault);
|
|
|
|
|
|
|
|
// ES6 section 7.1.3 ToNumber
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToNumber(
|
2016-12-16 14:30:05 +00:00
|
|
|
Handle<Object> input);
|
2015-08-28 09:21:23 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToNumeric(
|
2017-10-10 16:00:31 +00:00
|
|
|
Handle<Object> input);
|
|
|
|
|
2015-09-29 07:41:03 +00:00
|
|
|
// ES6 section 7.1.4 ToInteger
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToInteger(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2015-09-29 07:41:03 +00:00
|
|
|
|
|
|
|
// ES6 section 7.1.5 ToInt32
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToInt32(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2015-09-29 07:41:03 +00:00
|
|
|
|
|
|
|
// ES6 section 7.1.6 ToUint32
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT inline static MaybeHandle<Object> ToUint32(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2015-09-29 07:41:03 +00:00
|
|
|
|
2015-08-28 09:21:23 +00:00
|
|
|
// ES6 section 7.1.12 ToString
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<String> ToString(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2015-08-28 09:21:23 +00:00
|
|
|
|
2016-08-03 12:20:39 +00:00
|
|
|
static Handle<String> NoSideEffectsToString(Isolate* isolate,
|
|
|
|
Handle<Object> input);
|
|
|
|
|
2016-04-29 10:14:42 +00:00
|
|
|
// ES6 section 7.1.14 ToPropertyKey
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToPropertyKey(
|
2016-04-29 10:14:42 +00:00
|
|
|
Isolate* isolate, Handle<Object> value);
|
|
|
|
|
2015-09-29 07:41:03 +00:00
|
|
|
// ES6 section 7.1.15 ToLength
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToLength(
|
2016-12-20 12:21:00 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2015-09-29 07:41:03 +00:00
|
|
|
|
Reland of Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex. (patchset #2 id:170001 of https://codereview.chromium.org/2113593002/ )
Reason for revert:
WebGL tests have been updated and rolled (at https://codereview.chromium.org/2227023002), so this should no longer fail outdated tests.
Original issue's description:
> Revert of Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex. (patchset #8 id:140001 of https://codereview.chromium.org/2090353003/ )
>
> Reason for revert:
> Speculative revert to unblock roll: https://codereview.chromium.org/2107223003/
>
> Original issue's description:
> > Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex.
> >
> > The spec was modified to relax some requirements which implementors had not been
> > enforcing. Part of this process involved introducing a new abstract operation
> > ToIndex, which had partial overlap with our existing semantics as well as some
> > differences (most notably treating undefined as 0). Test262 tests were introduced to
> > check for the new semantics, some of which we were failing. This patch amends the
> > parts of our implementation corresponding to specification algorithms which use
> > ToIndex to follow its semantics precisely.
> >
> > BUG=v8:4784,v8:5120
> >
> > Committed: https://crrev.com/09720349ea058d178521ec58d0a5676443a5a132
> > Cr-Commit-Position: refs/heads/master@{#37406}
>
> TBR=littledan@chromium.org,adamk@chromium.org,bakkot@google.com
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4784,v8:5120
>
> Committed: https://crrev.com/b1f7f1f4e41a723d5f997738a07e35a031713b8f
> Cr-Commit-Position: refs/heads/master@{#37417}
TBR=littledan@chromium.org,adamk@chromium.org,hablich@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:4784,v8:5120
Review-Url: https://codereview.chromium.org/2247073004
Cr-Commit-Position: refs/heads/master@{#38689}
2016-08-17 17:38:34 +00:00
|
|
|
// ES6 section 7.1.17 ToIndex
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> ToIndex(
|
Reland of Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex. (patchset #2 id:170001 of https://codereview.chromium.org/2113593002/ )
Reason for revert:
WebGL tests have been updated and rolled (at https://codereview.chromium.org/2227023002), so this should no longer fail outdated tests.
Original issue's description:
> Revert of Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex. (patchset #8 id:140001 of https://codereview.chromium.org/2090353003/ )
>
> Reason for revert:
> Speculative revert to unblock roll: https://codereview.chromium.org/2107223003/
>
> Original issue's description:
> > Amend DataView, ArrayBuffer, and TypedArray methods to use ToIndex.
> >
> > The spec was modified to relax some requirements which implementors had not been
> > enforcing. Part of this process involved introducing a new abstract operation
> > ToIndex, which had partial overlap with our existing semantics as well as some
> > differences (most notably treating undefined as 0). Test262 tests were introduced to
> > check for the new semantics, some of which we were failing. This patch amends the
> > parts of our implementation corresponding to specification algorithms which use
> > ToIndex to follow its semantics precisely.
> >
> > BUG=v8:4784,v8:5120
> >
> > Committed: https://crrev.com/09720349ea058d178521ec58d0a5676443a5a132
> > Cr-Commit-Position: refs/heads/master@{#37406}
>
> TBR=littledan@chromium.org,adamk@chromium.org,bakkot@google.com
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=v8:4784,v8:5120
>
> Committed: https://crrev.com/b1f7f1f4e41a723d5f997738a07e35a031713b8f
> Cr-Commit-Position: refs/heads/master@{#37417}
TBR=littledan@chromium.org,adamk@chromium.org,hablich@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=v8:4784,v8:5120
Review-Url: https://codereview.chromium.org/2247073004
Cr-Commit-Position: refs/heads/master@{#38689}
2016-08-17 17:38:34 +00:00
|
|
|
Isolate* isolate, Handle<Object> input,
|
|
|
|
MessageTemplate::Template error_index);
|
|
|
|
|
2015-08-28 09:21:23 +00:00
|
|
|
// ES6 section 7.3.9 GetMethod
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetMethod(
|
2015-08-28 09:21:23 +00:00
|
|
|
Handle<JSReceiver> receiver, Handle<Name> name);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-12-17 08:40:49 +00:00
|
|
|
// ES6 section 7.3.17 CreateListFromArrayLike
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> CreateListFromArrayLike(
|
2015-12-17 08:40:49 +00:00
|
|
|
Isolate* isolate, Handle<Object> object, ElementTypes element_types);
|
|
|
|
|
2016-05-20 13:19:02 +00:00
|
|
|
// Get length property and apply ToLength.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetLengthFromArrayLike(
|
2016-05-20 13:19:02 +00:00
|
|
|
Isolate* isolate, Handle<Object> object);
|
|
|
|
|
2015-09-03 06:01:12 +00:00
|
|
|
// ES6 section 12.5.6 The typeof Operator
|
|
|
|
static Handle<String> TypeOf(Isolate* isolate, Handle<Object> object);
|
|
|
|
|
2015-09-10 13:04:15 +00:00
|
|
|
// ES6 section 12.7 Additive Operators
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> Add(Isolate* isolate,
|
|
|
|
Handle<Object> lhs,
|
|
|
|
Handle<Object> rhs);
|
2015-09-10 13:04:15 +00:00
|
|
|
|
2015-09-18 06:35:36 +00:00
|
|
|
// ES6 section 12.9 Relational Operators
|
2018-06-20 12:44:39 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<bool> GreaterThan(Isolate* isolate,
|
|
|
|
Handle<Object> x,
|
2018-04-09 15:12:07 +00:00
|
|
|
Handle<Object> y);
|
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<bool> GreaterThanOrEqual(
|
2018-06-20 12:44:39 +00:00
|
|
|
Isolate* isolate, Handle<Object> x, Handle<Object> y);
|
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<bool> LessThan(Isolate* isolate,
|
|
|
|
Handle<Object> x,
|
2018-04-09 15:12:07 +00:00
|
|
|
Handle<Object> y);
|
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<bool> LessThanOrEqual(
|
2018-06-20 12:44:39 +00:00
|
|
|
Isolate* isolate, Handle<Object> x, Handle<Object> y);
|
2015-09-18 06:35:36 +00:00
|
|
|
|
2016-05-17 11:23:59 +00:00
|
|
|
// ES6 section 7.3.19 OrdinaryHasInstance (C, O).
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> OrdinaryHasInstance(
|
2016-05-17 11:23:59 +00:00
|
|
|
Isolate* isolate, Handle<Object> callable, Handle<Object> object);
|
|
|
|
|
|
|
|
// ES6 section 12.10.4 Runtime Semantics: InstanceofOperator(O, C)
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> InstanceOf(
|
2016-05-17 11:23:59 +00:00
|
|
|
Isolate* isolate, Handle<Object> object, Handle<Object> callable);
|
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
|
|
|
|
GetProperty(LookupIterator* it);
|
2014-07-22 08:28:49 +00:00
|
|
|
|
2017-10-25 18:07:04 +00:00
|
|
|
// ES6 [[Set]] (when passed kDontThrow)
|
2015-10-23 09:39:37 +00:00
|
|
|
// Invariants for this and related functions (unless stated otherwise):
|
|
|
|
// 1) When the result is Nothing, an exception is pending.
|
2017-10-25 18:07:04 +00:00
|
|
|
// 2) When passed kThrowOnError, the result is never Just(false).
|
2015-10-23 09:39:37 +00:00
|
|
|
// In some cases, an exception is thrown regardless of the ShouldThrow
|
|
|
|
// argument. These cases are either in accordance with the spec or not
|
|
|
|
// covered by it (eg., concerning API callbacks).
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetProperty(
|
|
|
|
LookupIterator* it, Handle<Object> value, LanguageMode language_mode,
|
|
|
|
StoreFromKeyed store_mode);
|
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> SetProperty(
|
2015-06-02 11:10:50 +00:00
|
|
|
Handle<Object> object, Handle<Name> name, Handle<Object> value,
|
2015-02-04 09:34:05 +00:00
|
|
|
LanguageMode language_mode,
|
2014-07-22 08:28:49 +00:00
|
|
|
StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> SetPropertyOrElement(
|
2016-04-21 09:48:58 +00:00
|
|
|
Handle<Object> object, Handle<Name> name, Handle<Object> value,
|
|
|
|
LanguageMode language_mode,
|
|
|
|
StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
|
2015-02-19 16:15:25 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetSuperProperty(
|
2015-02-19 16:15:25 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, LanguageMode language_mode,
|
|
|
|
StoreFromKeyed store_mode);
|
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> CannotCreateProperty(
|
2015-10-09 09:12:28 +00:00
|
|
|
Isolate* isolate, Handle<Object> receiver, Handle<Object> name,
|
2015-10-30 10:45:30 +00:00
|
|
|
Handle<Object> value, ShouldThrow should_throw);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> WriteToReadOnlyProperty(
|
2015-10-30 10:45:30 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> WriteToReadOnlyProperty(
|
2015-06-30 15:24:27 +00:00
|
|
|
Isolate* isolate, Handle<Object> receiver, Handle<Object> name,
|
2015-10-30 10:45:30 +00:00
|
|
|
Handle<Object> value, ShouldThrow should_throw);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> RedefineIncompatibleProperty(
|
2015-02-19 16:15:25 +00:00
|
|
|
Isolate* isolate, Handle<Object> name, Handle<Object> value,
|
2015-10-30 10:45:30 +00:00
|
|
|
ShouldThrow should_throw);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetDataProperty(
|
|
|
|
LookupIterator* it, Handle<Object> value);
|
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> AddDataProperty(
|
2015-10-23 09:39:37 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
|
2015-10-30 10:45:30 +00:00
|
|
|
ShouldThrow should_throw, StoreFromKeyed store_mode);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetPropertyOrElement(
|
2016-02-17 10:30:10 +00:00
|
|
|
Handle<Object> object, Handle<Name> name);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetPropertyOrElement(
|
2016-02-17 10:30:10 +00:00
|
|
|
Handle<Object> receiver, Handle<Name> name, Handle<JSReceiver> holder);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
|
2016-02-17 10:30:10 +00:00
|
|
|
Handle<Object> object, Handle<Name> name);
|
2011-10-18 12:19:18 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetPropertyWithAccessor(
|
2016-02-17 10:30:10 +00:00
|
|
|
LookupIterator* it);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithAccessor(
|
2015-10-30 10:45:30 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
|
2014-05-28 09:29:27 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetPropertyWithDefinedGetter(
|
|
|
|
Handle<Object> receiver, Handle<JSReceiver> getter);
|
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithDefinedSetter(
|
2015-10-23 09:39:37 +00:00
|
|
|
Handle<Object> receiver, Handle<JSReceiver> setter, Handle<Object> value,
|
|
|
|
ShouldThrow should_throw);
|
2010-10-25 15:22:03 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetElement(
|
2016-02-17 10:30:10 +00:00
|
|
|
Isolate* isolate, Handle<Object> object, uint32_t index);
|
2014-03-18 12:34:02 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> SetElement(
|
2015-07-10 16:11:00 +00:00
|
|
|
Isolate* isolate, Handle<Object> object, uint32_t index,
|
|
|
|
Handle<Object> value, LanguageMode language_mode);
|
|
|
|
|
2013-11-05 11:47:11 +00:00
|
|
|
// Returns the permanent hash code associated with this object. May return
|
|
|
|
// undefined if not yet created.
|
2018-05-15 00:17:04 +00:00
|
|
|
inline Object* GetHash();
|
2013-11-05 11:47:11 +00:00
|
|
|
|
2011-10-25 14:14:56 +00:00
|
|
|
// Returns the permanent hash code associated with this object depending on
|
2013-11-05 11:47:11 +00:00
|
|
|
// the actual object type. May create and store a hash code if needed and none
|
|
|
|
// exists.
|
2017-08-21 23:05:53 +00:00
|
|
|
Smi* GetOrCreateHash(Isolate* isolate);
|
2017-08-22 01:02:06 +00:00
|
|
|
static Smi* GetOrCreateHash(Isolate* isolate, Object* key);
|
2011-10-25 14:14:56 +00:00
|
|
|
|
|
|
|
// Checks whether this object has the same value as the given one. This
|
|
|
|
// function is implemented according to ES5, section 9.12 and can be used
|
|
|
|
// to implement the Harmony "egal" function.
|
2016-10-17 10:01:42 +00:00
|
|
|
V8_EXPORT_PRIVATE bool SameValue(Object* other);
|
2011-10-25 14:14:56 +00:00
|
|
|
|
2014-05-21 08:47:02 +00:00
|
|
|
// Checks whether this object has the same value as the given one.
|
|
|
|
// +0 and -0 are treated equal. Everything else is the same as SameValue.
|
|
|
|
// This function is implemented according to ES6, section 7.2.4 and is used
|
|
|
|
// by ES6 Map and Set.
|
|
|
|
bool SameValueZero(Object* other);
|
|
|
|
|
2016-01-07 02:29:50 +00:00
|
|
|
// ES6 section 9.4.2.3 ArraySpeciesCreate (part of it)
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ArraySpeciesConstructor(
|
2016-01-07 02:29:50 +00:00
|
|
|
Isolate* isolate, Handle<Object> original_array);
|
|
|
|
|
2017-02-28 20:31:02 +00:00
|
|
|
// ES6 section 7.3.20 SpeciesConstructor ( O, defaultConstructor )
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> SpeciesConstructor(
|
2017-02-28 20:31:02 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> recv,
|
|
|
|
Handle<JSFunction> default_ctor);
|
|
|
|
|
2015-06-02 10:42:16 +00:00
|
|
|
// Tries to convert an object to an array length. Returns true and sets the
|
|
|
|
// output parameter if it succeeds.
|
2017-07-03 13:29:23 +00:00
|
|
|
inline bool ToArrayLength(uint32_t* index) const;
|
2015-06-02 10:42:16 +00:00
|
|
|
|
|
|
|
// Tries to convert an object to an array index. Returns true and sets the
|
|
|
|
// output parameter if it succeeds. Equivalent to ToArrayLength, but does not
|
|
|
|
// allow kMaxUInt32.
|
2017-07-03 13:29:23 +00:00
|
|
|
inline bool ToArrayIndex(uint32_t* index) const;
|
2010-05-27 12:30:45 +00:00
|
|
|
|
2016-12-07 08:34:51 +00:00
|
|
|
// Returns true if the result of iterating over the object is the same
|
|
|
|
// (including observable effects) as simply accessing the properties between 0
|
|
|
|
// and length.
|
|
|
|
bool IterationHasObservableEffects();
|
|
|
|
|
2018-06-11 21:30:30 +00:00
|
|
|
enum class OptionType : bool { String, Boolean };
|
|
|
|
|
|
|
|
#ifdef V8_INTL_SUPPORT
|
|
|
|
// ECMA402 9.2.10. GetOption( options, property, type, type, values, fallback)
|
|
|
|
// ecma402/#sec-getoption
|
|
|
|
//
|
|
|
|
// Instead of passing undefined for the values argument as the spec
|
|
|
|
// defines, pass in an empty fixed array.
|
|
|
|
//
|
|
|
|
// service is a string denoting the type of Intl object; used when
|
|
|
|
// printing the error message.
|
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetOption(
|
|
|
|
Isolate* isolate, Handle<JSReceiver> options, Handle<Name> property,
|
|
|
|
Object::OptionType type, Handle<FixedArray> values,
|
|
|
|
Handle<Object> fallback, Handle<String> service);
|
|
|
|
#endif // V8_INTL_SUPPORT
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(Object)
|
2012-10-12 11:41:14 +00:00
|
|
|
#ifdef VERIFY_HEAP
|
2008-07-03 15:10:15 +00:00
|
|
|
// Verify a pointer is a valid object pointer.
|
|
|
|
static void VerifyPointer(Object* p);
|
2018-06-21 14:49:44 +00:00
|
|
|
// Special non-isolate overload for cases where we don't have an isolate.
|
|
|
|
// TODO(v8:7786): Remove this overload.
|
|
|
|
void ObjectVerify();
|
2008-07-03 15:10:15 +00:00
|
|
|
#endif
|
|
|
|
|
2012-09-10 13:38:21 +00:00
|
|
|
inline void VerifyApiCallResultType();
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Prints this object without details.
|
2013-08-30 07:41:24 +00:00
|
|
|
void ShortPrint(FILE* out = stdout);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Prints this object without details to a message accumulator.
|
|
|
|
void ShortPrint(StringStream* accumulator);
|
|
|
|
|
2014-12-08 09:26:04 +00:00
|
|
|
void ShortPrint(std::ostream& os); // NOLINT
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(Object)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Layout description.
|
2008-09-23 11:45:43 +00:00
|
|
|
static const int kHeaderSize = 0; // Object does not take up any space.
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2014-04-30 12:25:18 +00:00
|
|
|
#ifdef OBJECT_PRINT
|
2014-07-08 08:43:20 +00:00
|
|
|
// For our gdb macros, we should perhaps change these in the future.
|
2018-06-26 11:43:50 +00:00
|
|
|
void Print(Isolate* isolate);
|
2014-07-08 08:43:20 +00:00
|
|
|
|
2014-04-30 12:25:18 +00:00
|
|
|
// Prints this object with details.
|
2018-06-26 11:43:50 +00:00
|
|
|
void Print(Isolate* isolate, std::ostream& os); // NOLINT
|
2014-12-08 09:26:04 +00:00
|
|
|
#else
|
2018-06-26 11:43:50 +00:00
|
|
|
void Print(Isolate* isolate) { ShortPrint(); }
|
|
|
|
void Print(Isolate* isolate, std::ostream& os) { ShortPrint(os); } // NOLINT
|
2014-04-30 12:25:18 +00:00
|
|
|
#endif
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
private:
|
2014-07-14 10:54:24 +00:00
|
|
|
friend class LookupIterator;
|
2016-02-08 13:49:47 +00:00
|
|
|
friend class StringStream;
|
2014-07-14 07:19:49 +00:00
|
|
|
|
|
|
|
// Return the map of the root of object's prototype chain.
|
2017-07-03 13:29:23 +00:00
|
|
|
Map* GetPrototypeChainRootMap(Isolate* isolate) const;
|
2014-07-14 07:19:49 +00:00
|
|
|
|
2018-05-15 00:17:04 +00:00
|
|
|
// Returns a non-SMI for JSReceivers, but returns the hash code for
|
|
|
|
// simple objects. This avoids a double lookup in the cases where
|
|
|
|
// we know we will add the hash to the JSReceiver if it does not
|
|
|
|
// already exist.
|
|
|
|
//
|
|
|
|
// Despite its size, this needs to be inlined for performance
|
|
|
|
// reasons.
|
|
|
|
static inline Object* GetSimpleHash(Object* object);
|
|
|
|
|
2015-02-19 16:15:25 +00:00
|
|
|
// Helper for SetProperty and SetSuperProperty.
|
2015-10-23 09:39:37 +00:00
|
|
|
// Return value is only meaningful if [found] is set to true on return.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyInternal(
|
2015-02-19 16:15:25 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, LanguageMode language_mode,
|
2015-10-30 10:45:30 +00:00
|
|
|
StoreFromKeyed store_mode, bool* found);
|
2015-02-19 16:15:25 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Name> ConvertToName(
|
|
|
|
Isolate* isolate, Handle<Object> input);
|
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ConvertToPropertyKey(
|
2016-12-20 12:21:00 +00:00
|
|
|
Isolate* isolate, Handle<Object> value);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<String> ConvertToString(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ConvertToNumberOrNumeric(
|
2017-10-10 16:00:31 +00:00
|
|
|
Isolate* isolate, Handle<Object> input, Conversion mode);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ConvertToInteger(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ConvertToInt32(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ConvertToUint32(
|
2016-12-16 14:30:05 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ConvertToLength(
|
2016-12-20 12:21:00 +00:00
|
|
|
Isolate* isolate, Handle<Object> input);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ConvertToIndex(
|
2016-12-20 12:21:00 +00:00
|
|
|
Isolate* isolate, Handle<Object> input,
|
|
|
|
MessageTemplate::Template error_index);
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(Object);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2015-08-14 08:48:11 +00:00
|
|
|
// In objects.h to be usable without objects-inl.h inclusion.
|
|
|
|
bool Object::IsSmi() const { return HAS_SMI_TAG(this); }
|
2017-02-27 09:07:25 +00:00
|
|
|
bool Object::IsHeapObject() const {
|
|
|
|
DCHECK_EQ(!IsSmi(), Internals::HasHeapObjectTag(this));
|
|
|
|
return !IsSmi();
|
|
|
|
}
|
2015-08-14 08:48:11 +00:00
|
|
|
|
2014-07-07 09:57:29 +00:00
|
|
|
struct Brief {
|
|
|
|
explicit Brief(const Object* const v) : value(v) {}
|
|
|
|
const Object* value;
|
|
|
|
};
|
|
|
|
|
2018-04-05 09:33:56 +00:00
|
|
|
struct MaybeObjectBrief {
|
|
|
|
explicit MaybeObjectBrief(const MaybeObject* const v) : value(v) {}
|
|
|
|
const MaybeObject* value;
|
|
|
|
};
|
|
|
|
|
2016-10-17 10:01:42 +00:00
|
|
|
V8_EXPORT_PRIVATE std::ostream& operator<<(std::ostream& os, const Brief& v);
|
2018-04-05 09:33:56 +00:00
|
|
|
V8_EXPORT_PRIVATE std::ostream& operator<<(std::ostream& os,
|
|
|
|
const MaybeObjectBrief& v);
|
2014-07-07 09:57:29 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Smi represents integer Numbers that can be stored in 31 bits.
|
|
|
|
// Smis are immediate which means they are NOT allocated in the heap.
|
2009-09-15 11:35:23 +00:00
|
|
|
// The this pointer has the following format: [31 bit signed int] 0
|
2009-10-08 12:36:12 +00:00
|
|
|
// For long smis it has the following format:
|
|
|
|
// [32 bit signed int] [31 bits zero padding] 0
|
|
|
|
// Smi stands for small integer.
|
2013-08-20 10:52:23 +00:00
|
|
|
class Smi: public Object {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
|
|
|
// Returns the integer value.
|
2015-08-13 11:49:01 +00:00
|
|
|
inline int value() const { return Internals::SmiValue(this); }
|
2016-12-16 14:30:05 +00:00
|
|
|
inline Smi* ToUint32Smi() {
|
|
|
|
if (value() <= 0) return Smi::kZero;
|
|
|
|
return Smi::FromInt(static_cast<uint32_t>(value()));
|
|
|
|
}
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-07-10 12:58:27 +00:00
|
|
|
// Convert a Smi object to an int.
|
|
|
|
static inline int ToInt(const Object* object);
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Convert a value to a Smi object.
|
2015-08-13 11:49:01 +00:00
|
|
|
static inline Smi* FromInt(int value) {
|
|
|
|
DCHECK(Smi::IsValid(value));
|
|
|
|
return reinterpret_cast<Smi*>(Internals::IntToSmi(value));
|
|
|
|
}
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
static inline Smi* FromIntptr(intptr_t value) {
|
|
|
|
DCHECK(Smi::IsValid(value));
|
|
|
|
int smi_shift_bits = kSmiTagSize + kSmiShiftSize;
|
|
|
|
return reinterpret_cast<Smi*>((value << smi_shift_bits) | kSmiTag);
|
|
|
|
}
|
2009-05-06 07:53:08 +00:00
|
|
|
|
2017-06-15 14:53:38 +00:00
|
|
|
template <typename E,
|
|
|
|
typename = typename std::enable_if<std::is_enum<E>::value>::type>
|
|
|
|
static inline Smi* FromEnum(E value) {
|
|
|
|
STATIC_ASSERT(sizeof(E) <= sizeof(int));
|
|
|
|
return FromInt(static_cast<int>(value));
|
|
|
|
}
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Returns whether value can be represented in a Smi.
|
2015-08-13 11:49:01 +00:00
|
|
|
static inline bool IsValid(intptr_t value) {
|
|
|
|
bool result = Internals::IsValidSmi(value);
|
|
|
|
DCHECK_EQ(result, value >= kMinValue && value <= kMaxValue);
|
|
|
|
return result;
|
|
|
|
}
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(Smi)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2016-10-14 08:55:40 +00:00
|
|
|
V8_EXPORT_PRIVATE void SmiPrint(std::ostream& os) const; // NOLINT
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(Smi)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2016-12-02 10:05:41 +00:00
|
|
|
static constexpr Smi* const kZero = nullptr;
|
2018-05-04 14:19:03 +00:00
|
|
|
static const int kMinValue = kSmiMinValue;
|
|
|
|
static const int kMaxValue = kSmiMaxValue;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(Smi);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2008-07-30 08:49:36 +00:00
|
|
|
// Heap objects typically have a map pointer in their first word. However,
|
2012-01-16 12:38:59 +00:00
|
|
|
// during GC other data (e.g. mark bits, forwarding addresses) is sometimes
|
2008-07-30 08:49:36 +00:00
|
|
|
// encoded in the first word. The class MapWord is an abstraction of the
|
|
|
|
// value in a heap object's first word.
|
2013-08-20 10:52:23 +00:00
|
|
|
class MapWord BASE_EMBEDDED {
|
2008-07-30 08:49:36 +00:00
|
|
|
public:
|
|
|
|
// Normal state: the map word contains a map pointer.
|
|
|
|
|
|
|
|
// Create a map word from a map pointer.
|
2014-06-20 10:31:17 +00:00
|
|
|
static inline MapWord FromMap(const Map* map);
|
2008-07-30 08:49:36 +00:00
|
|
|
|
|
|
|
// View this map word as a map pointer.
|
2017-07-03 13:29:23 +00:00
|
|
|
inline Map* ToMap() const;
|
2008-07-30 08:49:36 +00:00
|
|
|
|
|
|
|
// Scavenge collection: the map word of live objects in the from space
|
|
|
|
// contains a forwarding address (a heap object pointer in the to space).
|
|
|
|
|
|
|
|
// True if this map word is a forwarding address for a scavenge
|
|
|
|
// collection. Only valid during a scavenge collection (specifically,
|
2012-01-16 12:38:59 +00:00
|
|
|
// when all map words are heap object pointers, i.e. not during a full GC).
|
2016-06-22 12:21:16 +00:00
|
|
|
inline bool IsForwardingAddress() const;
|
2008-07-30 08:49:36 +00:00
|
|
|
|
|
|
|
// Create a map word from a forwarding address.
|
|
|
|
static inline MapWord FromForwardingAddress(HeapObject* object);
|
|
|
|
|
|
|
|
// View this map word as a forwarding address.
|
|
|
|
inline HeapObject* ToForwardingAddress();
|
|
|
|
|
2011-09-19 18:36:47 +00:00
|
|
|
static inline MapWord FromRawValue(uintptr_t value) {
|
|
|
|
return MapWord(value);
|
|
|
|
}
|
2008-07-30 08:49:36 +00:00
|
|
|
|
2011-09-19 18:36:47 +00:00
|
|
|
inline uintptr_t ToRawValue() {
|
|
|
|
return value_;
|
|
|
|
}
|
2009-07-09 11:13:08 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
// HeapObject calls the private constructor and directly reads the value.
|
|
|
|
friend class HeapObject;
|
|
|
|
|
|
|
|
explicit MapWord(uintptr_t value) : value_(value) {}
|
|
|
|
|
|
|
|
uintptr_t value_;
|
2008-07-30 08:49:36 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// HeapObject is the superclass for all classes describing heap allocated
|
|
|
|
// objects.
|
2013-08-20 10:52:23 +00:00
|
|
|
class HeapObject: public Object {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
2008-07-30 08:49:36 +00:00
|
|
|
// [map]: Contains a map which contains the object's reflective
|
|
|
|
// information.
|
2014-06-20 10:31:17 +00:00
|
|
|
inline Map* map() const;
|
2008-07-03 15:10:15 +00:00
|
|
|
inline void set_map(Map* value);
|
2017-05-05 17:41:44 +00:00
|
|
|
|
|
|
|
inline HeapObject** map_slot();
|
|
|
|
|
2011-12-07 08:43:18 +00:00
|
|
|
// The no-write-barrier version. This is OK if the object is white and in
|
|
|
|
// new space, or if the value is an immortal immutable object, like the maps
|
|
|
|
// of primitive (non-JS) objects like strings, heap numbers etc.
|
|
|
|
inline void set_map_no_write_barrier(Map* value);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2014-03-31 14:29:01 +00:00
|
|
|
// Get the map using acquire load.
|
2017-07-03 13:29:23 +00:00
|
|
|
inline Map* synchronized_map() const;
|
2014-06-20 10:31:17 +00:00
|
|
|
inline MapWord synchronized_map_word() const;
|
2014-03-31 14:29:01 +00:00
|
|
|
|
|
|
|
// Set the map using release store
|
|
|
|
inline void synchronized_set_map(Map* value);
|
|
|
|
inline void synchronized_set_map_word(MapWord map_word);
|
|
|
|
|
2017-05-18 19:24:22 +00:00
|
|
|
// Initialize the map immediately after the object is allocated.
|
|
|
|
// Do not use this outside Heap.
|
|
|
|
inline void set_map_after_allocation(
|
|
|
|
Map* value, WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
|
|
|
|
|
2008-07-30 08:49:36 +00:00
|
|
|
// During garbage collection, the map word of a heap object does not
|
|
|
|
// necessarily contain a map pointer.
|
2014-06-20 10:31:17 +00:00
|
|
|
inline MapWord map_word() const;
|
2008-07-30 08:49:36 +00:00
|
|
|
inline void set_map_word(MapWord map_word);
|
|
|
|
|
2011-03-18 20:35:07 +00:00
|
|
|
// The Heap the object was allocated in. Used also to access Isolate.
|
2018-06-01 14:06:32 +00:00
|
|
|
#ifdef DEPRECATE_GET_ISOLATE
|
2018-06-19 10:11:40 +00:00
|
|
|
[[deprecated("Pass Heap explicitly or use a NeverReadOnlyHeapObject")]]
|
2018-06-01 14:06:32 +00:00
|
|
|
#endif
|
|
|
|
inline Heap*
|
|
|
|
GetHeap() const;
|
2011-09-19 18:36:47 +00:00
|
|
|
|
2018-06-01 14:06:32 +00:00
|
|
|
// Convenience method to get current isolate.
|
|
|
|
#ifdef DEPRECATE_GET_ISOLATE
|
2018-06-19 10:11:40 +00:00
|
|
|
[[deprecated("Pass Isolate explicitly or use a NeverReadOnlyHeapObject")]]
|
2018-06-01 14:06:32 +00:00
|
|
|
#endif
|
|
|
|
inline Isolate*
|
|
|
|
GetIsolate() const;
|
2011-03-18 20:35:07 +00:00
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
#define IS_TYPE_FUNCTION_DECL(Type) V8_INLINE bool Is##Type() const;
|
2016-02-16 12:57:29 +00:00
|
|
|
HEAP_OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
|
2016-06-14 10:08:44 +00:00
|
|
|
#undef IS_TYPE_FUNCTION_DECL
|
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsExternal(Isolate* isolate) const;
|
2018-06-20 16:32:59 +00:00
|
|
|
|
2016-06-14 10:08:44 +00:00
|
|
|
#define IS_TYPE_FUNCTION_DECL(Type, Value) \
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool Is##Type(Isolate* isolate) const;
|
2016-02-16 12:57:29 +00:00
|
|
|
ODDBALL_LIST(IS_TYPE_FUNCTION_DECL)
|
|
|
|
#undef IS_TYPE_FUNCTION_DECL
|
2016-06-14 10:08:44 +00:00
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsNullOrUndefined(Isolate* isolate) const;
|
2017-01-09 13:40:51 +00:00
|
|
|
|
2018-06-12 09:16:35 +00:00
|
|
|
// Non-isolate version of oddball check. This is slower than the above check,
|
|
|
|
// so it should only be used for DCHECKS.
|
|
|
|
#ifdef DEBUG
|
2018-06-22 11:19:13 +00:00
|
|
|
#define IS_TYPE_FUNCTION_DECL(Type, Value) V8_INLINE bool Is##Type() const;
|
2018-06-12 09:16:35 +00:00
|
|
|
ODDBALL_LIST(IS_TYPE_FUNCTION_DECL)
|
|
|
|
#undef IS_TYPE_FUNCTION_DECL
|
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsNullOrUndefined() const;
|
2018-06-12 09:16:35 +00:00
|
|
|
#endif
|
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
#define DECL_STRUCT_PREDICATE(NAME, Name, name) V8_INLINE bool Is##Name() const;
|
2017-06-29 13:14:20 +00:00
|
|
|
STRUCT_LIST(DECL_STRUCT_PREDICATE)
|
|
|
|
#undef DECL_STRUCT_PREDICATE
|
2016-02-16 12:57:29 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Converts an address to a HeapObject pointer.
|
2015-08-13 11:49:01 +00:00
|
|
|
static inline HeapObject* FromAddress(Address address) {
|
|
|
|
DCHECK_TAG_ALIGNED(address);
|
|
|
|
return reinterpret_cast<HeapObject*>(address + kHeapObjectTag);
|
|
|
|
}
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Returns the address of this HeapObject.
|
2017-07-03 13:29:23 +00:00
|
|
|
inline Address address() const {
|
2018-04-13 22:28:05 +00:00
|
|
|
return reinterpret_cast<Address>(this) - kHeapObjectTag;
|
2015-08-13 11:49:01 +00:00
|
|
|
}
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-11-13 12:32:08 +00:00
|
|
|
// Iterates over pointers contained in the object (including the Map).
|
|
|
|
// If it's not performance critical iteration use the non-templatized
|
|
|
|
// version.
|
2008-07-03 15:10:15 +00:00
|
|
|
void Iterate(ObjectVisitor* v);
|
|
|
|
|
2015-11-13 12:32:08 +00:00
|
|
|
template <typename ObjectVisitor>
|
|
|
|
inline void IterateFast(ObjectVisitor* v);
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Iterates over all pointers contained in the object except the
|
|
|
|
// first map pointer. The object type is given in the first
|
|
|
|
// parameter. This function does not access the map pointer in the
|
|
|
|
// object, and so is safe to call while the map pointer is modified.
|
2015-11-13 12:32:08 +00:00
|
|
|
// If it's not performance critical iteration use the non-templatized
|
|
|
|
// version.
|
|
|
|
void IterateBody(ObjectVisitor* v);
|
2018-03-26 11:03:28 +00:00
|
|
|
void IterateBody(Map* map, int object_size, ObjectVisitor* v);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-11-13 12:32:08 +00:00
|
|
|
template <typename ObjectVisitor>
|
|
|
|
inline void IterateBodyFast(ObjectVisitor* v);
|
|
|
|
|
|
|
|
template <typename ObjectVisitor>
|
2018-03-26 11:03:28 +00:00
|
|
|
inline void IterateBodyFast(Map* map, int object_size, ObjectVisitor* v);
|
2015-11-13 12:32:08 +00:00
|
|
|
|
|
|
|
// Returns true if the object contains a tagged value at given offset.
|
|
|
|
// It is used for invalid slots filtering. If the offset points outside
|
|
|
|
// of the object or to the map word, the result is UNDEFINED (!!!).
|
2018-03-26 11:03:28 +00:00
|
|
|
bool IsValidSlot(Map* map, int offset);
|
2015-11-13 12:32:08 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Returns the heap object's size in bytes
|
2017-07-03 13:29:23 +00:00
|
|
|
inline int Size() const;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Given a heap object's map pointer, returns the heap size in bytes
|
|
|
|
// Useful when the map pointer field is used for other purposes.
|
|
|
|
// GC internal.
|
2017-07-03 13:29:23 +00:00
|
|
|
inline int SizeFromMap(Map* map) const;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2008-10-29 10:37:14 +00:00
|
|
|
// Returns the field at offset in obj, as a read/write Object* reference.
|
|
|
|
// Does no checking, and is safe to use during GC, while maps are invalid.
|
2010-05-27 12:30:45 +00:00
|
|
|
// Does not invoke write barrier, so should only be assigned to
|
2008-10-29 10:37:14 +00:00
|
|
|
// during marking GC.
|
2018-04-25 11:18:32 +00:00
|
|
|
static inline Object** RawField(const HeapObject* obj, int offset);
|
2018-03-05 13:18:51 +00:00
|
|
|
static inline MaybeObject** RawMaybeWeakField(HeapObject* obj, int offset);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(HeapObject)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2010-01-29 11:46:55 +00:00
|
|
|
// Return the write barrier mode for this. Callers of this function
|
2013-06-10 16:31:55 +00:00
|
|
|
// must be able to present a reference to an DisallowHeapAllocation
|
2010-01-29 11:46:55 +00:00
|
|
|
// object as a sign that they are not going to use this function
|
|
|
|
// from code that allocates and thus invalidates the returned write
|
|
|
|
// barrier mode.
|
2013-06-03 15:32:22 +00:00
|
|
|
inline WriteBarrierMode GetWriteBarrierMode(
|
|
|
|
const DisallowHeapAllocation& promise);
|
2008-10-23 08:46:32 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Dispatched behavior.
|
2014-09-30 10:29:32 +00:00
|
|
|
void HeapObjectShortPrint(std::ostream& os); // NOLINT
|
2010-12-20 10:38:19 +00:00
|
|
|
#ifdef OBJECT_PRINT
|
2014-09-30 10:29:32 +00:00
|
|
|
void PrintHeader(std::ostream& os, const char* id); // NOLINT
|
2010-12-20 10:38:19 +00:00
|
|
|
#endif
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(HeapObject)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(HeapObject)
|
2012-10-12 11:41:14 +00:00
|
|
|
#ifdef VERIFY_HEAP
|
2008-07-03 15:10:15 +00:00
|
|
|
inline void VerifyObjectField(int offset);
|
2010-05-27 12:30:45 +00:00
|
|
|
inline void VerifySmiField(int offset);
|
2018-05-25 07:16:25 +00:00
|
|
|
inline void VerifyMaybeObjectField(int offset);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Verify a pointer is a valid HeapObject pointer that points to object
|
|
|
|
// areas in the heap.
|
|
|
|
static void VerifyHeapPointer(Object* p);
|
|
|
|
#endif
|
|
|
|
|
2018-02-27 10:07:26 +00:00
|
|
|
static inline AllocationAlignment RequiredAlignment(Map* map);
|
2014-11-27 09:22:10 +00:00
|
|
|
|
2017-11-07 06:50:22 +00:00
|
|
|
// Whether the object needs rehashing. That is the case if the object's
|
|
|
|
// content depends on FLAG_hash_seed. When the object is deserialized into
|
|
|
|
// a heap with a different hash seed, these objects need to adapt.
|
|
|
|
inline bool NeedsRehashing() const;
|
|
|
|
|
|
|
|
// Rehashing support is not implemented for all objects that need rehashing.
|
|
|
|
// With objects that need rehashing but cannot be rehashed, rehashing has to
|
|
|
|
// be disabled.
|
|
|
|
bool CanBeRehashed() const;
|
|
|
|
|
|
|
|
// Rehash the object based on the layout inferred from its map.
|
|
|
|
void RehashBasedOnMap();
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Layout description.
|
|
|
|
// First field in a heap object is map.
|
2008-09-23 11:45:43 +00:00
|
|
|
static const int kMapOffset = Object::kHeaderSize;
|
|
|
|
static const int kHeaderSize = kMapOffset + kPointerSize;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2014-05-27 13:43:29 +00:00
|
|
|
STATIC_ASSERT(kMapOffset == Internals::kHeapObjectMapOffset);
|
2009-08-26 10:33:11 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(HeapObject);
|
|
|
|
};
|
|
|
|
|
2018-06-19 10:11:40 +00:00
|
|
|
// Mixin class for objects that can never be in RO space.
|
|
|
|
// TODO(leszeks): Add checks in the factory that we never allocate these objects
|
|
|
|
// in RO space.
|
|
|
|
class NeverReadOnlySpaceObject {
|
|
|
|
public:
|
|
|
|
// The Heap the object was allocated in. Used also to access Isolate.
|
|
|
|
inline Heap* GetHeap() const;
|
|
|
|
|
|
|
|
// Convenience method to get current isolate.
|
|
|
|
inline Isolate* GetIsolate() const;
|
|
|
|
};
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-11-05 14:02:35 +00:00
|
|
|
template <int start_offset, int end_offset, int size>
|
2015-11-13 12:32:08 +00:00
|
|
|
class FixedBodyDescriptor;
|
2010-08-11 14:30:14 +00:00
|
|
|
|
|
|
|
|
2015-11-05 14:02:35 +00:00
|
|
|
template <int start_offset>
|
2015-11-13 12:32:08 +00:00
|
|
|
class FlexibleBodyDescriptor;
|
2015-11-05 14:02:35 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// The HeapNumber class describes heap allocated numbers that cannot be
|
2018-06-26 11:01:19 +00:00
|
|
|
// represented in a Smi (small integer). MutableHeapNumber is the same, but its
|
|
|
|
// number value can change over time (it is used only as property storage).
|
|
|
|
// HeapNumberBase merely exists to avoid code duplication.
|
|
|
|
class HeapNumberBase : public HeapObject {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
|
|
|
// [value]: number value.
|
2014-06-24 09:47:25 +00:00
|
|
|
inline double value() const;
|
2008-07-03 15:10:15 +00:00
|
|
|
inline void set_value(double value);
|
|
|
|
|
2017-01-23 18:18:48 +00:00
|
|
|
inline uint64_t value_as_bits() const;
|
|
|
|
inline void set_value_as_bits(uint64_t bits);
|
|
|
|
|
2010-03-18 13:00:57 +00:00
|
|
|
inline int get_exponent();
|
|
|
|
inline int get_sign();
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Layout description.
|
2008-09-23 11:45:43 +00:00
|
|
|
static const int kValueOffset = HeapObject::kHeaderSize;
|
2009-06-10 10:20:37 +00:00
|
|
|
// IEEE doubles are two 32 bit words. The first is just mantissa, the second
|
2014-04-15 16:39:21 +00:00
|
|
|
// is a mixture of sign, exponent and mantissa. The offsets of two 32 bit
|
|
|
|
// words within double numbers are endian dependent and they are set
|
|
|
|
// accordingly.
|
|
|
|
#if defined(V8_TARGET_LITTLE_ENDIAN)
|
2009-06-10 10:20:37 +00:00
|
|
|
static const int kMantissaOffset = kValueOffset;
|
|
|
|
static const int kExponentOffset = kValueOffset + 4;
|
2014-04-15 16:39:21 +00:00
|
|
|
#elif defined(V8_TARGET_BIG_ENDIAN)
|
|
|
|
static const int kMantissaOffset = kValueOffset + 4;
|
|
|
|
static const int kExponentOffset = kValueOffset;
|
|
|
|
#else
|
|
|
|
#error Unknown byte ordering
|
|
|
|
#endif
|
2011-04-11 09:04:30 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
static const int kSize = kValueOffset + kDoubleSize;
|
2009-06-10 10:20:37 +00:00
|
|
|
static const uint32_t kSignMask = 0x80000000u;
|
|
|
|
static const uint32_t kExponentMask = 0x7ff00000u;
|
|
|
|
static const uint32_t kMantissaMask = 0xfffffu;
|
2010-05-03 10:43:49 +00:00
|
|
|
static const int kMantissaBits = 52;
|
2010-06-14 11:20:36 +00:00
|
|
|
static const int kExponentBits = 11;
|
2009-06-10 10:20:37 +00:00
|
|
|
static const int kExponentBias = 1023;
|
|
|
|
static const int kExponentShift = 20;
|
2013-04-09 08:42:57 +00:00
|
|
|
static const int kInfinityOrNanExponent =
|
|
|
|
(kExponentMask >> kExponentShift) - kExponentBias;
|
2009-06-10 10:20:37 +00:00
|
|
|
static const int kMantissaBitsInTopWord = 20;
|
|
|
|
static const int kNonMantissaBitsInTopWord = 12;
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
private:
|
2018-06-26 11:01:19 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(HeapNumberBase)
|
|
|
|
};
|
|
|
|
|
|
|
|
class HeapNumber : public HeapNumberBase {
|
|
|
|
public:
|
|
|
|
DECL_CAST(HeapNumber)
|
|
|
|
V8_EXPORT_PRIVATE void HeapNumberPrint(std::ostream& os);
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(HeapNumber)
|
|
|
|
};
|
|
|
|
|
|
|
|
class MutableHeapNumber : public HeapNumberBase {
|
|
|
|
public:
|
|
|
|
DECL_CAST(MutableHeapNumber)
|
|
|
|
V8_EXPORT_PRIVATE void MutableHeapNumberPrint(std::ostream& os);
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(MutableHeapNumber)
|
2008-07-03 15:10:15 +00:00
|
|
|
};
|
|
|
|
|
2011-12-09 08:50:19 +00:00
|
|
|
enum EnsureElementsMode {
|
|
|
|
DONT_ALLOW_DOUBLE_ELEMENTS,
|
|
|
|
ALLOW_COPIED_DOUBLE_ELEMENTS,
|
|
|
|
ALLOW_CONVERTED_DOUBLE_ELEMENTS
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2012-03-05 12:11:28 +00:00
|
|
|
// Indicator for one component of an AccessorPair.
|
|
|
|
enum AccessorComponent {
|
|
|
|
ACCESSOR_GETTER,
|
|
|
|
ACCESSOR_SETTER
|
|
|
|
};
|
|
|
|
|
2018-02-12 12:50:50 +00:00
|
|
|
enum class GetKeysConversion {
|
|
|
|
kKeepNumbers = static_cast<int>(v8::KeyConversionMode::kKeepNumbers),
|
|
|
|
kConvertToString = static_cast<int>(v8::KeyConversionMode::kConvertToString)
|
|
|
|
};
|
2012-03-05 12:11:28 +00:00
|
|
|
|
2016-05-30 15:52:56 +00:00
|
|
|
enum class KeyCollectionMode {
|
|
|
|
kOwnOnly = static_cast<int>(v8::KeyCollectionMode::kOwnOnly),
|
|
|
|
kIncludePrototypes =
|
|
|
|
static_cast<int>(v8::KeyCollectionMode::kIncludePrototypes)
|
|
|
|
};
|
2015-10-19 13:47:24 +00:00
|
|
|
|
2016-08-25 11:39:27 +00:00
|
|
|
enum class AllocationSiteUpdateMode { kUpdate, kCheckOnly };
|
|
|
|
|
2017-08-21 01:58:40 +00:00
|
|
|
class PropertyArray : public HeapObject {
|
|
|
|
public:
|
|
|
|
// [length]: length of the array.
|
|
|
|
inline int length() const;
|
|
|
|
|
|
|
|
// Get the length using acquire loads.
|
|
|
|
inline int synchronized_length() const;
|
|
|
|
|
|
|
|
// This is only used on a newly allocated PropertyArray which
|
|
|
|
// doesn't have an existing hash.
|
|
|
|
inline void initialize_length(int length);
|
|
|
|
|
|
|
|
inline void SetHash(int hash);
|
|
|
|
inline int Hash() const;
|
|
|
|
|
|
|
|
inline Object* get(int index) const;
|
|
|
|
|
|
|
|
inline void set(int index, Object* value);
|
|
|
|
// Setter with explicit barrier mode.
|
|
|
|
inline void set(int index, Object* value, WriteBarrierMode mode);
|
|
|
|
|
|
|
|
// Gives access to raw memory which stores the array's data.
|
|
|
|
inline Object** data_start();
|
|
|
|
|
|
|
|
// Garbage collection support.
|
|
|
|
static constexpr int SizeFor(int length) {
|
|
|
|
return kHeaderSize + length * kPointerSize;
|
|
|
|
}
|
|
|
|
|
|
|
|
DECL_CAST(PropertyArray)
|
|
|
|
DECL_PRINTER(PropertyArray)
|
|
|
|
DECL_VERIFIER(PropertyArray)
|
|
|
|
|
|
|
|
// Layout description.
|
2017-08-23 03:11:03 +00:00
|
|
|
static const int kLengthAndHashOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kHeaderSize = kLengthAndHashOffset + kPointerSize;
|
2017-08-21 01:58:40 +00:00
|
|
|
|
|
|
|
// Garbage collection support.
|
|
|
|
typedef FlexibleBodyDescriptor<kHeaderSize> BodyDescriptor;
|
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
|
|
|
|
2017-10-11 22:50:51 +00:00
|
|
|
static const int kLengthFieldSize = 10;
|
|
|
|
class LengthField : public BitField<int, 0, kLengthFieldSize> {};
|
2017-12-13 15:24:51 +00:00
|
|
|
static const int kMaxLength = LengthField::kMax;
|
2017-10-11 22:50:51 +00:00
|
|
|
class HashField : public BitField<int, kLengthFieldSize,
|
|
|
|
kSmiValueSize - kLengthFieldSize - 1> {};
|
2017-08-21 01:58:40 +00:00
|
|
|
|
|
|
|
static const int kNoHashSentinel = 0;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(PropertyArray);
|
|
|
|
};
|
|
|
|
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
// JSReceiver includes types on which properties can be defined, i.e.,
|
|
|
|
// JSObject and JSProxy.
|
2018-06-19 10:11:40 +00:00
|
|
|
class JSReceiver : public HeapObject, public NeverReadOnlySpaceObject {
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
public:
|
2018-06-19 10:11:40 +00:00
|
|
|
// Use the mixin methods over the HeapObject methods.
|
|
|
|
// TODO(v8:7786) Remove once the HeapObject methods are gone.
|
|
|
|
using NeverReadOnlySpaceObject::GetHeap;
|
|
|
|
using NeverReadOnlySpaceObject::GetIsolate;
|
|
|
|
|
2017-07-11 20:56:40 +00:00
|
|
|
// Returns true if there is no slow (ie, dictionary) backing store.
|
|
|
|
inline bool HasFastProperties() const;
|
|
|
|
|
|
|
|
// Returns the properties array backing store if it
|
|
|
|
// exists. Otherwise, returns an empty_property_array when there's a
|
|
|
|
// Smi (hash code) or an empty_fixed_array for a fast properties
|
|
|
|
// map.
|
|
|
|
inline PropertyArray* property_array() const;
|
|
|
|
|
2016-01-12 15:43:41 +00:00
|
|
|
// Gets slow properties for non-global objects.
|
2017-07-11 20:56:40 +00:00
|
|
|
inline NameDictionary* property_dictionary() const;
|
|
|
|
|
2017-11-13 09:35:01 +00:00
|
|
|
// Sets the properties backing store and makes sure any existing hash is moved
|
|
|
|
// to the new properties store. To clear out the properties store, pass in the
|
|
|
|
// empty_fixed_array(), the hash will be maintained in this case as well.
|
2017-08-21 01:58:40 +00:00
|
|
|
void SetProperties(HeapObject* properties);
|
2017-07-17 23:30:32 +00:00
|
|
|
|
2017-08-21 01:58:40 +00:00
|
|
|
// There are five possible values for the properties offset.
|
|
|
|
// 1) EmptyFixedArray/EmptyPropertyDictionary - This is the standard
|
|
|
|
// placeholder.
|
2017-07-11 20:56:40 +00:00
|
|
|
//
|
2017-08-21 01:58:40 +00:00
|
|
|
// 2) Smi - This is the hash code of the object.
|
2017-07-11 20:56:40 +00:00
|
|
|
//
|
|
|
|
// 3) PropertyArray - This is similar to a FixedArray but stores
|
|
|
|
// the hash code of the object in its length field. This is a fast
|
|
|
|
// backing store.
|
|
|
|
//
|
|
|
|
// 4) NameDictionary - This is the dictionary-mode backing store.
|
|
|
|
//
|
2017-08-21 01:58:40 +00:00
|
|
|
// 4) GlobalDictionary - This is the backing store for the
|
|
|
|
// GlobalObject.
|
|
|
|
//
|
2017-07-11 20:56:40 +00:00
|
|
|
// This is used only in the deoptimizer and heap. Please use the
|
|
|
|
// above typed getters and setters to access the properties.
|
2017-07-17 23:30:32 +00:00
|
|
|
DECL_ACCESSORS(raw_properties_or_hash, Object)
|
2017-07-11 20:56:40 +00:00
|
|
|
|
|
|
|
inline void initialize_properties();
|
2016-01-12 15:43:41 +00:00
|
|
|
|
2016-01-18 12:41:09 +00:00
|
|
|
// Deletes an existing named property in a normalized object.
|
2017-06-22 08:07:08 +00:00
|
|
|
static void DeleteNormalizedProperty(Handle<JSReceiver> object, int entry);
|
2016-01-18 12:41:09 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSReceiver)
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
|
2015-08-28 09:21:23 +00:00
|
|
|
// ES6 section 7.1.1 ToPrimitive
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ToPrimitive(
|
2015-08-28 09:21:23 +00:00
|
|
|
Handle<JSReceiver> receiver,
|
|
|
|
ToPrimitiveHint hint = ToPrimitiveHint::kDefault);
|
2016-07-14 10:25:45 +00:00
|
|
|
|
|
|
|
// ES6 section 7.1.1.1 OrdinaryToPrimitive
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> OrdinaryToPrimitive(
|
2015-08-31 12:52:59 +00:00
|
|
|
Handle<JSReceiver> receiver, OrdinaryToPrimitiveHint hint);
|
2015-08-28 09:21:23 +00:00
|
|
|
|
2015-11-27 12:16:32 +00:00
|
|
|
static MaybeHandle<Context> GetFunctionRealm(Handle<JSReceiver> receiver);
|
|
|
|
|
2016-02-08 13:49:47 +00:00
|
|
|
// Get the first non-hidden prototype.
|
|
|
|
static inline MaybeHandle<Object> GetPrototype(Isolate* isolate,
|
|
|
|
Handle<JSReceiver> receiver);
|
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> HasInPrototypeChain(
|
2016-02-08 13:49:47 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> object, Handle<Object> proto);
|
|
|
|
|
2017-01-18 01:05:17 +00:00
|
|
|
// Reads all enumerable own properties of source and adds them to
|
|
|
|
// target, using either Set or CreateDataProperty depending on the
|
|
|
|
// use_set argument. This only copies values not present in the
|
|
|
|
// maybe_excluded_properties list.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetOrCopyDataProperties(
|
2017-01-05 23:44:25 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> target, Handle<Object> source,
|
2017-01-21 01:09:47 +00:00
|
|
|
const ScopedVector<Handle<Object>>* excluded_properties = nullptr,
|
2017-01-18 01:05:17 +00:00
|
|
|
bool use_set = true);
|
2017-01-05 23:44:25 +00:00
|
|
|
|
2013-09-17 11:34:20 +00:00
|
|
|
// Implementation of [[HasProperty]], ECMA-262 5th edition, section 8.12.6.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> HasProperty(LookupIterator* it);
|
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasProperty(
|
2014-07-25 18:32:11 +00:00
|
|
|
Handle<JSReceiver> object, Handle<Name> name);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasElement(
|
2014-07-25 18:32:11 +00:00
|
|
|
Handle<JSReceiver> object, uint32_t index);
|
2015-12-17 12:12:02 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> HasOwnProperty(
|
|
|
|
Handle<JSReceiver> object, Handle<Name> name);
|
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasOwnProperty(
|
2016-06-22 10:18:42 +00:00
|
|
|
Handle<JSReceiver> object, uint32_t index);
|
2013-09-17 11:34:20 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
|
2016-03-08 17:29:05 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> receiver, const char* key);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
|
2018-06-19 09:00:37 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> receiver, Handle<Name> name);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetElement(
|
2016-03-08 17:29:05 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> receiver, uint32_t index);
|
|
|
|
|
2015-11-26 09:34:11 +00:00
|
|
|
// Implementation of ES6 [[Delete]]
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyOrElement(
|
2015-07-02 13:29:48 +00:00
|
|
|
Handle<JSReceiver> object, Handle<Name> name,
|
2017-10-16 10:55:06 +00:00
|
|
|
LanguageMode language_mode = LanguageMode::kSloppy);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
|
2015-01-20 13:41:17 +00:00
|
|
|
Handle<JSReceiver> object, Handle<Name> name,
|
2017-10-16 10:55:06 +00:00
|
|
|
LanguageMode language_mode = LanguageMode::kSloppy);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
|
|
|
|
LookupIterator* it, LanguageMode language_mode);
|
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteElement(
|
2015-01-20 13:41:17 +00:00
|
|
|
Handle<JSReceiver> object, uint32_t index,
|
2017-10-16 10:55:06 +00:00
|
|
|
LanguageMode language_mode = LanguageMode::kSloppy);
|
2011-09-22 10:45:37 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Object* DefineProperty(
|
|
|
|
Isolate* isolate, Handle<Object> object, Handle<Object> name,
|
|
|
|
Handle<Object> attributes);
|
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> DefineProperties(
|
2015-12-30 14:16:04 +00:00
|
|
|
Isolate* isolate, Handle<Object> object, Handle<Object> properties);
|
2015-10-13 14:38:16 +00:00
|
|
|
|
|
|
|
// "virtual" dispatcher to the correct [[DefineOwnProperty]] implementation.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnProperty(
|
2015-12-09 18:06:49 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> object, Handle<Object> key,
|
|
|
|
PropertyDescriptor* desc, ShouldThrow should_throw);
|
2015-10-13 14:38:16 +00:00
|
|
|
|
2017-10-25 18:07:04 +00:00
|
|
|
// ES6 7.3.4 (when passed kDontThrow)
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
|
2015-12-01 12:27:01 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
|
2015-11-16 16:48:43 +00:00
|
|
|
|
2015-11-13 17:18:04 +00:00
|
|
|
// ES6 9.1.6.1
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
|
2015-12-09 18:06:49 +00:00
|
|
|
Isolate* isolate, Handle<JSObject> object, Handle<Object> key,
|
|
|
|
PropertyDescriptor* desc, ShouldThrow should_throw);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
|
2015-12-09 18:06:49 +00:00
|
|
|
LookupIterator* it, PropertyDescriptor* desc, ShouldThrow should_throw);
|
2015-11-13 17:18:04 +00:00
|
|
|
// ES6 9.1.6.2
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> IsCompatiblePropertyDescriptor(
|
2015-12-09 18:06:49 +00:00
|
|
|
Isolate* isolate, bool extensible, PropertyDescriptor* desc,
|
2015-12-14 13:44:38 +00:00
|
|
|
PropertyDescriptor* current, Handle<Name> property_name,
|
|
|
|
ShouldThrow should_throw);
|
2015-11-13 17:18:04 +00:00
|
|
|
// ES6 9.1.6.3
|
|
|
|
// |it| can be NULL in cases where the ES spec passes |undefined| as the
|
|
|
|
// receiver. Exactly one of |it| and |property_name| must be provided.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> ValidateAndApplyPropertyDescriptor(
|
2015-11-17 13:08:24 +00:00
|
|
|
Isolate* isolate, LookupIterator* it, bool extensible,
|
|
|
|
PropertyDescriptor* desc, PropertyDescriptor* current,
|
2017-06-12 11:08:30 +00:00
|
|
|
ShouldThrow should_throw, Handle<Name> property_name);
|
2015-10-13 14:38:16 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool>
|
|
|
|
GetOwnPropertyDescriptor(Isolate* isolate, Handle<JSReceiver> object,
|
|
|
|
Handle<Object> key, PropertyDescriptor* desc);
|
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
|
2015-12-09 18:06:49 +00:00
|
|
|
LookupIterator* it, PropertyDescriptor* desc);
|
2015-10-13 14:38:16 +00:00
|
|
|
|
2015-12-07 11:01:16 +00:00
|
|
|
typedef PropertyAttributes IntegrityLevel;
|
|
|
|
|
2017-10-25 18:07:04 +00:00
|
|
|
// ES6 7.3.14 (when passed kDontThrow)
|
2015-12-07 11:01:16 +00:00
|
|
|
// 'level' must be SEALED or FROZEN.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetIntegrityLevel(
|
2015-12-07 11:01:16 +00:00
|
|
|
Handle<JSReceiver> object, IntegrityLevel lvl, ShouldThrow should_throw);
|
|
|
|
|
2015-12-07 15:35:49 +00:00
|
|
|
// ES6 7.3.15
|
|
|
|
// 'level' must be SEALED or FROZEN.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
|
2015-12-07 15:35:49 +00:00
|
|
|
Handle<JSReceiver> object, IntegrityLevel lvl);
|
|
|
|
|
2017-10-25 18:07:04 +00:00
|
|
|
// ES6 [[PreventExtensions]] (when passed kDontThrow)
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
|
2015-10-21 09:23:33 +00:00
|
|
|
Handle<JSReceiver> object, ShouldThrow should_throw);
|
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> IsExtensible(
|
|
|
|
Handle<JSReceiver> object);
|
2015-11-13 14:13:50 +00:00
|
|
|
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
// Returns the class name ([[Class]] property in the specification).
|
2017-03-15 15:32:00 +00:00
|
|
|
V8_EXPORT_PRIVATE String* class_name();
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
|
|
|
|
// Returns the constructor name (the name (possibly, inferred name) of the
|
|
|
|
// function that was used to instantiate the object).
|
2015-11-27 13:10:00 +00:00
|
|
|
static Handle<String> GetConstructorName(Handle<JSReceiver> receiver);
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
|
2017-02-20 09:47:14 +00:00
|
|
|
Handle<Context> GetCreationContext();
|
2015-11-16 16:48:43 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
|
|
|
|
GetPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
|
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
|
2015-06-02 11:10:50 +00:00
|
|
|
GetOwnPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
|
2016-06-22 10:18:42 +00:00
|
|
|
GetOwnPropertyAttributes(Handle<JSReceiver> object, uint32_t index);
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
|
|
|
|
GetElementAttributes(Handle<JSReceiver> object, uint32_t index);
|
|
|
|
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
|
2015-06-02 11:10:50 +00:00
|
|
|
GetOwnElementAttributes(Handle<JSReceiver> object, uint32_t index);
|
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes> GetPropertyAttributes(
|
2015-06-02 11:10:50 +00:00
|
|
|
LookupIterator* it);
|
|
|
|
|
2015-10-22 11:21:22 +00:00
|
|
|
// Set the object's prototype (only JSReceiver and null are allowed values).
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
|
|
|
|
Handle<JSReceiver> object, Handle<Object> value, bool from_javascript,
|
|
|
|
ShouldThrow should_throw);
|
2015-10-22 11:21:22 +00:00
|
|
|
|
2016-03-04 15:14:42 +00:00
|
|
|
inline static Handle<Object> GetDataProperty(Handle<JSReceiver> object,
|
|
|
|
Handle<Name> name);
|
2015-05-12 13:52:26 +00:00
|
|
|
static Handle<Object> GetDataProperty(LookupIterator* it);
|
|
|
|
|
|
|
|
|
2011-09-22 13:54:53 +00:00
|
|
|
// Retrieves a permanent object identity hash code. The undefined value might
|
2013-11-05 11:47:11 +00:00
|
|
|
// be returned in case no hash was created yet.
|
2017-10-25 12:16:53 +00:00
|
|
|
Object* GetIdentityHash(Isolate* isolate);
|
2013-11-05 11:47:11 +00:00
|
|
|
|
|
|
|
// Retrieves a permanent object identity hash code. May create and store a
|
|
|
|
// hash code if needed and none exists.
|
2017-10-30 13:00:18 +00:00
|
|
|
static Smi* CreateIdentityHash(Isolate* isolate, JSReceiver* key);
|
2017-10-25 12:16:53 +00:00
|
|
|
Smi* GetOrCreateIdentityHash(Isolate* isolate);
|
2011-09-22 13:54:53 +00:00
|
|
|
|
2017-08-21 01:58:40 +00:00
|
|
|
// Stores the hash code. The hash passed in must be masked with
|
|
|
|
// JSReceiver::kHashMask.
|
|
|
|
void SetIdentityHash(int masked_hash);
|
|
|
|
|
2015-12-07 11:01:16 +00:00
|
|
|
// ES6 [[OwnPropertyKeys]] (modulo return type)
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline MaybeHandle<FixedArray> OwnPropertyKeys(
|
2016-05-25 09:13:31 +00:00
|
|
|
Handle<JSReceiver> object);
|
2014-04-16 13:28:11 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnValues(
|
2018-02-07 03:43:37 +00:00
|
|
|
Handle<JSReceiver> object, PropertyFilter filter,
|
|
|
|
bool try_fast_path = true);
|
2016-02-08 14:10:48 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnEntries(
|
2018-02-07 03:43:37 +00:00
|
|
|
Handle<JSReceiver> object, PropertyFilter filter,
|
|
|
|
bool try_fast_path = true);
|
2016-02-08 14:10:48 +00:00
|
|
|
|
2018-05-16 07:03:15 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Handle<FixedArray> GetOwnElementIndices(
|
|
|
|
Isolate* isolate, Handle<JSReceiver> receiver, Handle<JSObject> object);
|
|
|
|
|
2017-10-11 22:50:51 +00:00
|
|
|
static const int kHashMask = PropertyArray::HashField::kMask;
|
2017-08-21 01:58:40 +00:00
|
|
|
|
2016-01-12 15:43:41 +00:00
|
|
|
// Layout description.
|
2017-07-13 00:49:10 +00:00
|
|
|
static const int kPropertiesOrHashOffset = HeapObject::kHeaderSize;
|
2016-01-12 15:43:41 +00:00
|
|
|
static const int kHeaderSize = HeapObject::kHeaderSize + kPointerSize;
|
|
|
|
|
2016-07-22 18:42:14 +00:00
|
|
|
bool HasProxyInPrototype(Isolate* isolate);
|
|
|
|
|
2017-10-02 10:30:02 +00:00
|
|
|
bool HasComplexElements();
|
|
|
|
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSReceiver);
|
|
|
|
};
|
|
|
|
|
2014-04-15 13:42:41 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// The JSObject describes real heap allocated JavaScript objects with
|
|
|
|
// properties.
|
|
|
|
// Note that the map of JSObject changes during execution to enable inline
|
|
|
|
// caching.
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSObject: public JSReceiver {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
2017-05-22 12:47:20 +00:00
|
|
|
static bool IsUnmodifiedApiObject(Object** o);
|
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
static V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> New(
|
2016-01-05 11:05:41 +00:00
|
|
|
Handle<JSFunction> constructor, Handle<JSReceiver> new_target,
|
|
|
|
Handle<AllocationSite> site = Handle<AllocationSite>::null());
|
|
|
|
|
2015-11-27 12:16:32 +00:00
|
|
|
static MaybeHandle<Context> GetFunctionRealm(Handle<JSObject> object);
|
|
|
|
|
2008-08-27 10:11:39 +00:00
|
|
|
// [elements]: The elements (properties with names that are integers).
|
2010-08-16 16:06:46 +00:00
|
|
|
//
|
|
|
|
// Elements can be in two general modes: fast and slow. Each mode
|
2016-09-08 12:51:37 +00:00
|
|
|
// corresponds to a set of object representations of elements that
|
2010-08-16 16:06:46 +00:00
|
|
|
// have something in common.
|
|
|
|
//
|
|
|
|
// In the fast mode elements is a FixedArray and so each element can
|
|
|
|
// be quickly accessed. This fact is used in the generated code. The
|
2011-06-16 14:12:58 +00:00
|
|
|
// elements array can have one of three maps in this mode:
|
2014-03-11 14:39:08 +00:00
|
|
|
// fixed_array_map, sloppy_arguments_elements_map or
|
2011-06-16 14:12:58 +00:00
|
|
|
// fixed_cow_array_map (for copy-on-write arrays). In the latter case
|
|
|
|
// the elements array may be shared by a few objects and so before
|
|
|
|
// writing to any element the array must be copied. Use
|
|
|
|
// EnsureWritableFastElements in this case.
|
2010-08-16 16:06:46 +00:00
|
|
|
//
|
2015-07-28 09:29:34 +00:00
|
|
|
// In the slow mode the elements is either a NumberDictionary, a
|
|
|
|
// FixedArray parameter map for a (sloppy) arguments object.
|
2011-08-12 13:54:27 +00:00
|
|
|
DECL_ACCESSORS(elements, FixedArrayBase)
|
2008-08-27 10:11:39 +00:00
|
|
|
inline void initialize_elements();
|
2014-03-31 15:30:13 +00:00
|
|
|
static inline void SetMapAndElements(Handle<JSObject> object,
|
|
|
|
Handle<Map> map,
|
|
|
|
Handle<FixedArrayBase> elements);
|
2009-07-28 08:43:51 +00:00
|
|
|
inline ElementsKind GetElementsKind();
|
2015-06-23 11:35:43 +00:00
|
|
|
ElementsAccessor* GetElementsAccessor();
|
2017-06-30 11:26:14 +00:00
|
|
|
// Returns true if an object has elements of PACKED_SMI_ELEMENTS or
|
|
|
|
// HOLEY_SMI_ELEMENTS ElementsKind.
|
2017-06-30 18:00:44 +00:00
|
|
|
inline bool HasSmiElements();
|
2017-06-30 11:26:14 +00:00
|
|
|
// Returns true if an object has elements of PACKED_ELEMENTS or
|
|
|
|
// HOLEY_ELEMENTS ElementsKind.
|
2017-06-30 18:00:44 +00:00
|
|
|
inline bool HasObjectElements();
|
2017-06-30 11:26:14 +00:00
|
|
|
// Returns true if an object has elements of PACKED_SMI_ELEMENTS,
|
|
|
|
// HOLEY_SMI_ELEMENTS, PACKED_ELEMENTS, or HOLEY_ELEMENTS.
|
2017-06-30 18:00:44 +00:00
|
|
|
inline bool HasSmiOrObjectElements();
|
2017-06-30 11:26:14 +00:00
|
|
|
// Returns true if an object has any of the "fast" elements kinds.
|
2012-11-15 12:19:14 +00:00
|
|
|
inline bool HasFastElements();
|
2018-05-09 12:19:28 +00:00
|
|
|
// Returns true if an object has any of the PACKED elements kinds.
|
|
|
|
inline bool HasFastPackedElements();
|
2017-06-30 11:26:14 +00:00
|
|
|
// Returns true if an object has elements of PACKED_DOUBLE_ELEMENTS or
|
|
|
|
// HOLEY_DOUBLE_ELEMENTS ElementsKind.
|
2017-06-30 18:00:44 +00:00
|
|
|
inline bool HasDoubleElements();
|
|
|
|
// Returns true if an object has elements of HOLEY_SMI_ELEMENTS,
|
|
|
|
// HOLEY_DOUBLE_ELEMENTS, or HOLEY_ELEMENTS ElementsKind.
|
|
|
|
inline bool HasHoleyElements();
|
2014-03-11 14:39:08 +00:00
|
|
|
inline bool HasSloppyArgumentsElements();
|
2016-01-29 18:57:26 +00:00
|
|
|
inline bool HasStringWrapperElements();
|
2009-07-28 08:43:51 +00:00
|
|
|
inline bool HasDictionaryElements();
|
2014-01-16 17:08:45 +00:00
|
|
|
|
|
|
|
inline bool HasFixedTypedArrayElements();
|
|
|
|
|
2014-03-26 12:50:13 +00:00
|
|
|
inline bool HasFixedUint8ClampedElements();
|
|
|
|
inline bool HasFixedArrayElements();
|
|
|
|
inline bool HasFixedInt8Elements();
|
|
|
|
inline bool HasFixedUint8Elements();
|
|
|
|
inline bool HasFixedInt16Elements();
|
|
|
|
inline bool HasFixedUint16Elements();
|
|
|
|
inline bool HasFixedInt32Elements();
|
|
|
|
inline bool HasFixedUint32Elements();
|
|
|
|
inline bool HasFixedFloat32Elements();
|
|
|
|
inline bool HasFixedFloat64Elements();
|
2018-02-17 07:44:01 +00:00
|
|
|
inline bool HasFixedBigInt64Elements();
|
|
|
|
inline bool HasFixedBigUint64Elements();
|
2014-03-26 12:50:13 +00:00
|
|
|
|
2015-07-02 14:38:37 +00:00
|
|
|
inline bool HasFastArgumentsElements();
|
|
|
|
inline bool HasSlowArgumentsElements();
|
2016-01-29 18:57:26 +00:00
|
|
|
inline bool HasFastStringWrapperElements();
|
|
|
|
inline bool HasSlowStringWrapperElements();
|
2016-03-07 19:25:12 +00:00
|
|
|
bool HasEnumerableElements();
|
|
|
|
|
2017-11-07 09:35:59 +00:00
|
|
|
inline NumberDictionary* element_dictionary(); // Gets slow elements.
|
2011-06-16 14:12:58 +00:00
|
|
|
|
|
|
|
// Requires: HasFastElements().
|
2016-02-25 05:39:57 +00:00
|
|
|
static void EnsureWritableFastElements(Handle<JSObject> object);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithInterceptor(
|
2016-01-22 09:53:29 +00:00
|
|
|
LookupIterator* it, ShouldThrow should_throw, Handle<Object> value);
|
2012-01-05 17:16:19 +00:00
|
|
|
|
2016-02-04 14:47:11 +00:00
|
|
|
// The API currently still wants DefineOwnPropertyIgnoreAttributes to convert
|
|
|
|
// AccessorInfo objects to data fields. We allow FORCE_FIELD as an exception
|
|
|
|
// to the default behavior that calls the setter.
|
|
|
|
enum AccessorInfoHandling { FORCE_FIELD, DONT_FORCE_FIELD };
|
2015-06-11 20:14:46 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
|
|
|
|
DefineOwnPropertyIgnoreAttributes(
|
2015-06-12 14:13:56 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
|
2016-02-04 14:47:11 +00:00
|
|
|
AccessorInfoHandling handling = DONT_FORCE_FIELD);
|
2015-06-12 12:39:32 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnPropertyIgnoreAttributes(
|
2015-10-30 10:45:30 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
|
|
|
|
ShouldThrow should_throw,
|
2016-02-04 14:47:11 +00:00
|
|
|
AccessorInfoHandling handling = DONT_FORCE_FIELD);
|
2015-10-30 10:45:30 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
|
|
|
|
SetOwnPropertyIgnoreAttributes(Handle<JSObject> object, Handle<Name> name,
|
|
|
|
Handle<Object> value,
|
|
|
|
PropertyAttributes attributes);
|
2015-06-11 15:07:00 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
|
|
|
|
SetOwnElementIgnoreAttributes(Handle<JSObject> object, uint32_t index,
|
|
|
|
Handle<Object> value,
|
|
|
|
PropertyAttributes attributes);
|
2015-06-11 15:07:00 +00:00
|
|
|
|
2015-06-12 14:13:56 +00:00
|
|
|
// Equivalent to one of the above depending on whether |name| can be converted
|
|
|
|
// to an array index.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
|
2016-02-04 14:47:11 +00:00
|
|
|
DefinePropertyOrElementIgnoreAttributes(Handle<JSObject> object,
|
|
|
|
Handle<Name> name,
|
|
|
|
Handle<Object> value,
|
|
|
|
PropertyAttributes attributes = NONE);
|
2012-01-05 17:16:19 +00:00
|
|
|
|
2015-06-17 11:25:22 +00:00
|
|
|
// Adds or reconfigures a property to attributes NONE. It will fail when it
|
|
|
|
// cannot.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
|
2016-03-17 21:51:07 +00:00
|
|
|
LookupIterator* it, Handle<Object> value,
|
2017-10-25 18:07:04 +00:00
|
|
|
ShouldThrow should_throw = kDontThrow);
|
2015-06-17 11:25:22 +00:00
|
|
|
|
2018-06-19 09:00:37 +00:00
|
|
|
static void AddProperty(Isolate* isolate, Handle<JSObject> object,
|
|
|
|
Handle<Name> name, Handle<Object> value,
|
|
|
|
PropertyAttributes attributes);
|
2014-06-30 13:48:57 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> AddDataElement(
|
2015-10-23 09:39:37 +00:00
|
|
|
Handle<JSObject> receiver, uint32_t index, Handle<Object> value,
|
|
|
|
PropertyAttributes attributes, ShouldThrow should_throw);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> AddDataElement(
|
2015-06-11 15:07:00 +00:00
|
|
|
Handle<JSObject> receiver, uint32_t index, Handle<Object> value,
|
|
|
|
PropertyAttributes attributes);
|
|
|
|
|
2012-10-17 14:09:42 +00:00
|
|
|
// Extend the receiver with a single fast property appeared first in the
|
|
|
|
// passed map. This also extends the property backing store if necessary.
|
2013-05-08 15:02:08 +00:00
|
|
|
static void AllocateStorageForMap(Handle<JSObject> object, Handle<Map> map);
|
2012-10-17 14:09:42 +00:00
|
|
|
|
2013-09-23 19:56:36 +00:00
|
|
|
// Migrates the given object to a map whose field representations are the
|
|
|
|
// lowest upper bound of all known representations for that field.
|
2013-04-26 15:30:41 +00:00
|
|
|
static void MigrateInstance(Handle<JSObject> instance);
|
|
|
|
|
2013-09-23 19:56:36 +00:00
|
|
|
// Migrates the given object only if the target map is already available,
|
2014-04-28 05:47:43 +00:00
|
|
|
// or returns false if such a map is not yet available.
|
|
|
|
static bool TryMigrateInstance(Handle<JSObject> instance);
|
2013-05-23 11:30:24 +00:00
|
|
|
|
2009-06-30 10:05:36 +00:00
|
|
|
// Sets the property value in a normalized object given (key, value, details).
|
|
|
|
// Handles the special representation of JS global objects.
|
2015-06-02 11:10:50 +00:00
|
|
|
static void SetNormalizedProperty(Handle<JSObject> object, Handle<Name> name,
|
2013-09-18 16:25:52 +00:00
|
|
|
Handle<Object> value,
|
|
|
|
PropertyDetails details);
|
2015-06-18 12:20:54 +00:00
|
|
|
static void SetDictionaryElement(Handle<JSObject> object, uint32_t index,
|
|
|
|
Handle<Object> value,
|
|
|
|
PropertyAttributes attributes);
|
|
|
|
static void SetDictionaryArgumentsElement(Handle<JSObject> object,
|
|
|
|
uint32_t index,
|
|
|
|
Handle<Object> value,
|
|
|
|
PropertyAttributes attributes);
|
2015-06-11 15:07:00 +00:00
|
|
|
|
2017-11-28 08:35:49 +00:00
|
|
|
static void OptimizeAsPrototype(Handle<JSObject> object,
|
|
|
|
bool enable_setup_mode = true);
|
2014-08-04 15:06:28 +00:00
|
|
|
static void ReoptimizeIfPrototype(Handle<JSObject> object);
|
2016-06-08 14:43:22 +00:00
|
|
|
static void MakePrototypesFast(Handle<Object> receiver,
|
|
|
|
WhereToStart where_to_start, Isolate* isolate);
|
2015-04-27 12:59:55 +00:00
|
|
|
static void LazyRegisterPrototypeUser(Handle<Map> user, Isolate* isolate);
|
2016-01-05 16:15:00 +00:00
|
|
|
static void UpdatePrototypeUserRegistration(Handle<Map> old_map,
|
|
|
|
Handle<Map> new_map,
|
|
|
|
Isolate* isolate);
|
2015-08-08 22:56:15 +00:00
|
|
|
static bool UnregisterPrototypeUser(Handle<Map> user, Isolate* isolate);
|
2017-12-05 08:37:37 +00:00
|
|
|
static Map* InvalidatePrototypeChains(Map* map);
|
2017-12-11 13:11:39 +00:00
|
|
|
static void InvalidatePrototypeValidityCell(JSGlobalObject* global);
|
2012-06-06 10:17:26 +00:00
|
|
|
|
2016-11-16 17:44:39 +00:00
|
|
|
// Updates prototype chain tracking information when an object changes its
|
|
|
|
// map from |old_map| to |new_map|.
|
|
|
|
static void NotifyMapChange(Handle<Map> old_map, Handle<Map> new_map,
|
|
|
|
Isolate* isolate);
|
|
|
|
|
2016-08-03 03:26:58 +00:00
|
|
|
// Utility used by many Array builtins and runtime functions
|
|
|
|
static inline bool PrototypeHasNoElements(Isolate* isolate, JSObject* object);
|
|
|
|
|
2018-03-07 14:54:58 +00:00
|
|
|
// Alternative implementation of FixedArrayOfWeakCells::NullCallback.
|
2015-08-08 22:56:15 +00:00
|
|
|
class PrototypeRegistryCompactionCallback {
|
|
|
|
public:
|
|
|
|
static void Callback(Object* value, int old_index, int new_index);
|
|
|
|
};
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Retrieve interceptors.
|
2016-03-10 10:55:46 +00:00
|
|
|
inline InterceptorInfo* GetNamedInterceptor();
|
2015-11-27 02:51:31 +00:00
|
|
|
inline InterceptorInfo* GetIndexedInterceptor();
|
2008-07-03 15:10:15 +00:00
|
|
|
|
Implement set trap for proxies, and revamp class hierarchy in preparation:
- Introduce a class JSReceiver, that is a common superclass of JSObject and
JSProxy. Use JSReceiver where appropriate (probably lots of places that we
still have to migrate, but we will find those later with proxy test suite).
- Move appropriate methods to JSReceiver class (SetProperty,
GetPropertyAttribute, Get/SetPrototype, Lookup, and so on).
- Introduce new JSFunctionProxy subclass of JSProxy. Currently only a stub.
- Overhaul enum InstanceType:
* Introduce FIRST/LAST_SPEC_OBJECT_TYPE that ranges over all types that
represent JS objects, and use that consistently to check language types.
* Rename FIRST/LAST_JS_OBJECT_TYPE and FIRST/LAST_FUNCTION_CLASS_TYPE
to FIRST/LAST_[NON]CALLABLE_SPEC_OBJECT_TYPE for clarity.
* Eliminate the overlap over JS_REGEXP_TYPE.
* Also replace FIRST_JS_OBJECT with FIRST_JS_RECEIVER, but only use it where
we exclusively talk about the internal representation type.
* Insert JS_PROXY and JS_FUNCTION_PROXY in the appropriate places.
- Fix all checks concerning classification, especially for functions, to
use the CALLABLE_SPEC_OBJECT range (that includes funciton proxies).
- Handle proxies in SetProperty (that was the easiest part :) ).
- A few simple test cases.
R=kmillikin@chromium.org
Review URL: http://codereview.chromium.org/6992072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2011-05-31 16:38:40 +00:00
|
|
|
// Used from JSReceiver.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
|
2015-05-21 17:24:28 +00:00
|
|
|
GetPropertyAttributesWithInterceptor(LookupIterator* it);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
|
|
|
|
GetPropertyAttributesWithFailedAccessCheck(LookupIterator* it);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2013-10-01 14:26:15 +00:00
|
|
|
// Defines an AccessorPair property on the given object.
|
2014-07-25 18:32:11 +00:00
|
|
|
// TODO(mstarzinger): Rename to SetAccessor().
|
|
|
|
static MaybeHandle<Object> DefineAccessor(Handle<JSObject> object,
|
|
|
|
Handle<Name> name,
|
|
|
|
Handle<Object> getter,
|
|
|
|
Handle<Object> setter,
|
|
|
|
PropertyAttributes attributes);
|
2015-10-13 14:38:16 +00:00
|
|
|
static MaybeHandle<Object> DefineAccessor(LookupIterator* it,
|
|
|
|
Handle<Object> getter,
|
|
|
|
Handle<Object> setter,
|
|
|
|
PropertyAttributes attributes);
|
2013-07-02 16:24:23 +00:00
|
|
|
|
2013-10-01 14:26:15 +00:00
|
|
|
// Defines an AccessorInfo property on the given object.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> SetAccessor(
|
2017-10-26 15:18:09 +00:00
|
|
|
Handle<JSObject> object, Handle<Name> name, Handle<AccessorInfo> info,
|
|
|
|
PropertyAttributes attributes);
|
2010-05-25 12:14:49 +00:00
|
|
|
|
2015-06-17 14:06:29 +00:00
|
|
|
// The result must be checked first for exceptions. If there's no exception,
|
|
|
|
// the output parameter |done| indicates whether the interceptor has a result
|
|
|
|
// or not.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetPropertyWithInterceptor(
|
2015-06-17 14:06:29 +00:00
|
|
|
LookupIterator* it, bool* done);
|
2009-09-17 10:35:52 +00:00
|
|
|
|
2017-07-06 08:26:19 +00:00
|
|
|
static void ValidateElements(JSObject* object);
|
2011-09-22 11:30:04 +00:00
|
|
|
|
2011-12-09 08:50:19 +00:00
|
|
|
// Makes sure that this object can contain HeapObject as elements.
|
2013-09-09 14:29:47 +00:00
|
|
|
static inline void EnsureCanContainHeapObjectElements(Handle<JSObject> obj);
|
2011-09-22 11:30:04 +00:00
|
|
|
|
|
|
|
// Makes sure that this object can contain the specified elements.
|
2014-03-21 14:29:27 +00:00
|
|
|
static inline void EnsureCanContainElements(
|
|
|
|
Handle<JSObject> object,
|
2012-02-20 10:17:25 +00:00
|
|
|
Object** elements,
|
|
|
|
uint32_t count,
|
|
|
|
EnsureElementsMode mode);
|
2014-03-21 08:30:42 +00:00
|
|
|
static inline void EnsureCanContainElements(
|
|
|
|
Handle<JSObject> object,
|
|
|
|
Handle<FixedArrayBase> elements,
|
|
|
|
uint32_t length,
|
|
|
|
EnsureElementsMode mode);
|
2014-03-18 11:38:27 +00:00
|
|
|
static void EnsureCanContainElements(
|
|
|
|
Handle<JSObject> object,
|
|
|
|
Arguments* arguments,
|
|
|
|
uint32_t first_arg,
|
|
|
|
uint32_t arg_count,
|
|
|
|
EnsureElementsMode mode);
|
2011-09-22 11:30:04 +00:00
|
|
|
|
2014-03-06 13:07:51 +00:00
|
|
|
// Would we convert a fast elements array to dictionary mode given
|
|
|
|
// an access at key?
|
2015-04-30 12:34:02 +00:00
|
|
|
bool WouldConvertToSlowElements(uint32_t index);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-05-15 15:56:10 +00:00
|
|
|
static const uint32_t kMinAddedElementsCapacity = 16;
|
|
|
|
|
2011-03-03 10:16:22 +00:00
|
|
|
// Computes the new capacity when expanding the elements of a JSObject.
|
2015-06-19 18:59:11 +00:00
|
|
|
static uint32_t NewElementsCapacity(uint32_t old_capacity) {
|
2017-05-15 15:56:10 +00:00
|
|
|
// (old_capacity + 50%) + kMinAddedElementsCapacity
|
|
|
|
return old_capacity + (old_capacity >> 1) + kMinAddedElementsCapacity;
|
2011-03-03 10:16:22 +00:00
|
|
|
}
|
|
|
|
|
2012-11-16 13:28:34 +00:00
|
|
|
// These methods do not perform access checks!
|
2016-08-25 11:39:27 +00:00
|
|
|
template <AllocationSiteUpdateMode update_or_check =
|
|
|
|
AllocationSiteUpdateMode::kUpdate>
|
|
|
|
static bool UpdateAllocationSite(Handle<JSObject> object,
|
2015-06-11 15:07:00 +00:00
|
|
|
ElementsKind to_kind);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Lookup interceptors are used for handling properties controlled by host
|
|
|
|
// objects.
|
|
|
|
inline bool HasNamedInterceptor();
|
|
|
|
inline bool HasIndexedInterceptor();
|
|
|
|
|
|
|
|
// Support functions for v8 api (needed for correct interceptor behavior).
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedProperty(
|
2015-06-02 11:10:50 +00:00
|
|
|
Handle<JSObject> object, Handle<Name> name);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealElementProperty(
|
2014-07-25 18:32:11 +00:00
|
|
|
Handle<JSObject> object, uint32_t index);
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedCallbackProperty(
|
2015-06-02 11:10:50 +00:00
|
|
|
Handle<JSObject> object, Handle<Name> name);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Get the header size for a JSObject. Used to compute the index of
|
2017-03-17 13:26:05 +00:00
|
|
|
// embedder fields as well as the number of embedder fields.
|
2017-10-12 15:37:46 +00:00
|
|
|
// The |function_has_prototype_slot| parameter is needed only for
|
|
|
|
// JSFunction objects.
|
|
|
|
static int GetHeaderSize(InstanceType instance_type,
|
|
|
|
bool function_has_prototype_slot = false);
|
|
|
|
static inline int GetHeaderSize(const Map* map);
|
|
|
|
inline int GetHeaderSize() const;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-07-03 13:29:23 +00:00
|
|
|
static inline int GetEmbedderFieldCount(const Map* map);
|
|
|
|
inline int GetEmbedderFieldCount() const;
|
2017-03-17 13:26:05 +00:00
|
|
|
inline int GetEmbedderFieldOffset(int index);
|
|
|
|
inline Object* GetEmbedderField(int index);
|
|
|
|
inline void SetEmbedderField(int index, Object* value);
|
|
|
|
inline void SetEmbedderField(int index, Smi* value);
|
2016-04-12 10:31:38 +00:00
|
|
|
bool WasConstructedFromApiFunction();
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2011-09-15 16:38:47 +00:00
|
|
|
// Returns a new map with all transitions dropped from the object's current
|
|
|
|
// map and the ElementsKind set.
|
2011-10-21 11:42:54 +00:00
|
|
|
static Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
|
|
|
|
ElementsKind to_kind);
|
2013-09-23 11:57:34 +00:00
|
|
|
static void TransitionElementsKind(Handle<JSObject> object,
|
|
|
|
ElementsKind to_kind);
|
2012-01-05 17:16:19 +00:00
|
|
|
|
2015-04-07 10:42:45 +00:00
|
|
|
// Always use this to migrate an object to a new map.
|
|
|
|
// |expected_additional_properties| is only used for fast-to-slow transitions
|
|
|
|
// and ignored otherwise.
|
|
|
|
static void MigrateToMap(Handle<JSObject> object, Handle<Map> new_map,
|
|
|
|
int expected_additional_properties = 0);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2016-07-19 11:28:43 +00:00
|
|
|
// Forces a prototype without any of the checks that the regular SetPrototype
|
|
|
|
// would do.
|
|
|
|
static void ForceSetPrototype(Handle<JSObject> object, Handle<Object> proto);
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Convert the object to use the canonical dictionary
|
2009-07-30 09:13:48 +00:00
|
|
|
// representation. If the object is expected to have additional properties
|
|
|
|
// added this number can be indicated to have the backing store allocated to
|
|
|
|
// an initial capacity for holding these properties.
|
2012-01-05 17:16:19 +00:00
|
|
|
static void NormalizeProperties(Handle<JSObject> object,
|
|
|
|
PropertyNormalizationMode mode,
|
2014-11-07 16:03:11 +00:00
|
|
|
int expected_additional_properties,
|
|
|
|
const char* reason);
|
2012-01-05 17:16:19 +00:00
|
|
|
|
2012-01-16 09:44:35 +00:00
|
|
|
// Convert and update the elements backing store to be a
|
2017-11-07 09:35:59 +00:00
|
|
|
// NumberDictionary dictionary. Returns the backing after conversion.
|
|
|
|
static Handle<NumberDictionary> NormalizeElements(Handle<JSObject> object);
|
2012-01-05 17:16:19 +00:00
|
|
|
|
2017-11-07 09:35:59 +00:00
|
|
|
void RequireSlowElements(NumberDictionary* dictionary);
|
2015-07-15 12:06:20 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Transform slow named properties to fast variants.
|
2014-06-24 15:56:36 +00:00
|
|
|
static void MigrateSlowToFast(Handle<JSObject> object,
|
2014-11-07 16:03:11 +00:00
|
|
|
int unused_property_fields, const char* reason);
|
2012-01-05 17:16:19 +00:00
|
|
|
|
2014-11-11 10:24:52 +00:00
|
|
|
inline bool IsUnboxedDoubleField(FieldIndex index);
|
|
|
|
|
2008-10-15 06:03:26 +00:00
|
|
|
// Access fast-case object properties at index.
|
2014-03-31 14:21:04 +00:00
|
|
|
static Handle<Object> FastPropertyAt(Handle<JSObject> object,
|
|
|
|
Representation representation,
|
2014-06-10 14:01:08 +00:00
|
|
|
FieldIndex index);
|
|
|
|
inline Object* RawFastPropertyAt(FieldIndex index);
|
2014-11-11 10:24:52 +00:00
|
|
|
inline double RawFastDoublePropertyAt(FieldIndex index);
|
2017-01-23 18:18:48 +00:00
|
|
|
inline uint64_t RawFastDoublePropertyAsBitsAt(FieldIndex index);
|
2014-11-11 10:24:52 +00:00
|
|
|
|
2014-06-10 14:01:08 +00:00
|
|
|
inline void FastPropertyAtPut(FieldIndex index, Object* value);
|
2014-11-11 10:24:52 +00:00
|
|
|
inline void RawFastPropertyAtPut(FieldIndex index, Object* value);
|
2017-01-23 18:18:48 +00:00
|
|
|
inline void RawFastDoublePropertyAsBitsAtPut(FieldIndex index, uint64_t bits);
|
2016-02-19 10:41:22 +00:00
|
|
|
inline void WriteToField(int descriptor, PropertyDetails details,
|
|
|
|
Object* value);
|
2008-10-15 06:03:26 +00:00
|
|
|
|
2009-03-23 07:27:47 +00:00
|
|
|
// Access to in object properties.
|
2011-03-18 12:49:27 +00:00
|
|
|
inline int GetInObjectPropertyOffset(int index);
|
2009-03-23 07:27:47 +00:00
|
|
|
inline Object* InObjectPropertyAt(int index);
|
2008-10-23 08:46:32 +00:00
|
|
|
inline Object* InObjectPropertyAtPut(int index,
|
|
|
|
Object* value,
|
|
|
|
WriteBarrierMode mode
|
|
|
|
= UPDATE_WRITE_BARRIER);
|
2008-10-15 06:03:26 +00:00
|
|
|
|
2013-07-02 15:32:46 +00:00
|
|
|
// Set the object's prototype (only JSReceiver and null are allowed values).
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
|
|
|
|
Handle<JSObject> object, Handle<Object> value, bool from_javascript,
|
|
|
|
ShouldThrow should_throw);
|
2013-07-02 15:32:46 +00:00
|
|
|
|
2016-07-01 19:16:53 +00:00
|
|
|
// Makes the object prototype immutable
|
|
|
|
// Never called from JavaScript
|
|
|
|
static void SetImmutableProto(Handle<JSObject> object);
|
|
|
|
|
2015-11-25 12:41:35 +00:00
|
|
|
// Initializes the body starting at |start_offset|. It is responsibility of
|
|
|
|
// the caller to initialize object header. Fill the pre-allocated fields with
|
2011-09-20 10:06:23 +00:00
|
|
|
// pre_allocated_value and the rest with filler_value.
|
|
|
|
// Note: this call does not update write barrier, the caller is responsible
|
|
|
|
// to ensure that |filler_value| can be collected without WB here.
|
2015-11-25 12:41:35 +00:00
|
|
|
inline void InitializeBody(Map* map, int start_offset,
|
|
|
|
Object* pre_allocated_value, Object* filler_value);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Check whether this object references another object
|
|
|
|
bool ReferencesObject(Object* obj);
|
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
|
|
|
|
Handle<JSObject> object, IntegrityLevel lvl);
|
2017-06-22 12:19:26 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
|
2015-10-21 09:23:33 +00:00
|
|
|
Handle<JSObject> object, ShouldThrow should_throw);
|
2010-07-02 14:36:34 +00:00
|
|
|
|
2015-10-01 16:09:50 +00:00
|
|
|
static bool IsExtensible(Handle<JSObject> object);
|
2015-05-27 15:03:28 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSObject)
|
2013-09-20 11:37:02 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Dispatched behavior.
|
|
|
|
void JSObjectShortPrint(StringStream* accumulator);
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSObject)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSObject)
|
2010-12-20 10:38:19 +00:00
|
|
|
#ifdef OBJECT_PRINT
|
2017-01-13 13:57:00 +00:00
|
|
|
bool PrintProperties(std::ostream& os); // NOLINT
|
2018-06-26 11:43:50 +00:00
|
|
|
void PrintElements(Isolate* isolate, std::ostream& os); // NOLINT
|
2014-12-08 09:26:04 +00:00
|
|
|
#endif
|
2014-12-09 14:20:01 +00:00
|
|
|
#if defined(DEBUG) || defined(OBJECT_PRINT)
|
2014-09-30 10:29:32 +00:00
|
|
|
void PrintTransitions(std::ostream& os); // NOLINT
|
2010-12-20 10:38:19 +00:00
|
|
|
#endif
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2014-03-25 15:33:22 +00:00
|
|
|
static void PrintElementsTransition(
|
|
|
|
FILE* file, Handle<JSObject> object,
|
|
|
|
ElementsKind from_kind, Handle<FixedArrayBase> from_elements,
|
|
|
|
ElementsKind to_kind, Handle<FixedArrayBase> to_elements);
|
2011-10-20 09:38:24 +00:00
|
|
|
|
2013-08-19 12:32:50 +00:00
|
|
|
void PrintInstanceMigration(FILE* file, Map* original_map, Map* new_map);
|
|
|
|
|
2010-12-20 10:38:19 +00:00
|
|
|
#ifdef DEBUG
|
2008-07-03 15:10:15 +00:00
|
|
|
// Structure for collecting spill information about JSObjects.
|
2013-08-20 10:52:23 +00:00
|
|
|
class SpillInformation {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
|
|
|
void Clear();
|
|
|
|
void Print();
|
|
|
|
int number_of_objects_;
|
|
|
|
int number_of_objects_with_fast_properties_;
|
|
|
|
int number_of_objects_with_fast_elements_;
|
|
|
|
int number_of_fast_used_fields_;
|
|
|
|
int number_of_fast_unused_fields_;
|
|
|
|
int number_of_slow_used_properties_;
|
|
|
|
int number_of_slow_unused_properties_;
|
|
|
|
int number_of_fast_used_elements_;
|
|
|
|
int number_of_fast_unused_elements_;
|
|
|
|
int number_of_slow_used_elements_;
|
|
|
|
int number_of_slow_unused_elements_;
|
|
|
|
};
|
|
|
|
|
2018-06-21 14:49:44 +00:00
|
|
|
void IncrementSpillStatistics(Isolate* isolate, SpillInformation* info);
|
2013-10-29 07:56:47 +00:00
|
|
|
#endif
|
2013-10-25 12:26:47 +00:00
|
|
|
|
2013-10-29 07:56:47 +00:00
|
|
|
#ifdef VERIFY_HEAP
|
2013-10-25 12:26:47 +00:00
|
|
|
// If a GC was caused while constructing this object, the elements pointer
|
|
|
|
// may point to a one pointer filler map. The object won't be rooted, but
|
|
|
|
// our heap verification code could stumble across it.
|
|
|
|
bool ElementsAreSafeToExamine();
|
2008-07-03 15:10:15 +00:00
|
|
|
#endif
|
2013-10-29 07:56:47 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
Object* SlowReverseLookup(Object* value);
|
|
|
|
|
2010-01-07 13:17:18 +00:00
|
|
|
// Maximal number of elements (numbered 0 .. kMaxElementCount - 1).
|
|
|
|
// Also maximal value of JSArray's length property.
|
|
|
|
static const uint32_t kMaxElementCount = 0xffffffffu;
|
|
|
|
|
2011-07-26 13:56:21 +00:00
|
|
|
// Constants for heuristics controlling conversion of fast elements
|
|
|
|
// to slow elements.
|
|
|
|
|
|
|
|
// Maximal gap that can be introduced by adding an element beyond
|
|
|
|
// the current elements length.
|
2008-07-03 15:10:15 +00:00
|
|
|
static const uint32_t kMaxGap = 1024;
|
2011-07-26 13:56:21 +00:00
|
|
|
|
|
|
|
// Maximal length of fast elements array that won't be checked for
|
|
|
|
// being dense enough on expansion.
|
|
|
|
static const int kMaxUncheckedFastElementsLength = 5000;
|
|
|
|
|
|
|
|
// Same as above but for old arrays. This limit is more strict. We
|
|
|
|
// don't want to be wasteful with long lived objects.
|
|
|
|
static const int kMaxUncheckedOldFastElementsLength = 500;
|
|
|
|
|
2015-05-07 08:39:53 +00:00
|
|
|
// This constant applies only to the initial map of "global.Object" and
|
|
|
|
// not to arbitrary other JSObject maps.
|
2014-05-23 12:55:57 +00:00
|
|
|
static const int kInitialGlobalObjectUnusedPropertiesCount = 4;
|
|
|
|
|
2008-10-16 05:45:33 +00:00
|
|
|
static const int kMaxInstanceSize = 255 * kPointerSize;
|
2017-05-29 09:41:52 +00:00
|
|
|
|
2008-10-09 12:18:48 +00:00
|
|
|
// When extending the backing storage for property values, we increase
|
|
|
|
// its size by more than the 1 entry necessary, so sequentially adding fields
|
|
|
|
// to the same object requires fewer allocations and copies.
|
|
|
|
static const int kFieldsAdded = 3;
|
2017-12-13 15:24:51 +00:00
|
|
|
STATIC_ASSERT(kMaxNumberOfDescriptors + kFieldsAdded <=
|
|
|
|
PropertyArray::kMaxLength);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Layout description.
|
2016-01-12 15:43:41 +00:00
|
|
|
static const int kElementsOffset = JSReceiver::kHeaderSize;
|
2008-07-03 15:10:15 +00:00
|
|
|
static const int kHeaderSize = kElementsOffset + kPointerSize;
|
|
|
|
|
2014-05-27 13:43:29 +00:00
|
|
|
STATIC_ASSERT(kHeaderSize == Internals::kJSObjectHeaderSize);
|
2017-05-29 09:41:52 +00:00
|
|
|
static const int kMaxInObjectProperties =
|
|
|
|
(kMaxInstanceSize - kHeaderSize) >> kPointerSizeLog2;
|
2018-02-12 14:15:08 +00:00
|
|
|
STATIC_ASSERT(kMaxInObjectProperties <= kMaxNumberOfDescriptors);
|
2018-03-08 14:11:52 +00:00
|
|
|
// TODO(cbruni): Revisit calculation of the max supported embedder fields.
|
|
|
|
static const int kMaxEmbedderFields =
|
|
|
|
((1 << kFirstInobjectPropertyOffsetBitCount) - 1 - kHeaderSize) >>
|
|
|
|
kPointerSizeLog2;
|
|
|
|
STATIC_ASSERT(kMaxEmbedderFields <= kMaxInObjectProperties);
|
2009-08-26 10:33:11 +00:00
|
|
|
|
2017-03-24 14:42:52 +00:00
|
|
|
class BodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
|
|
|
|
2017-04-07 19:53:55 +00:00
|
|
|
class FastBodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef FastBodyDescriptor FastBodyDescriptorWeak;
|
2010-08-11 14:30:14 +00:00
|
|
|
|
2015-07-15 15:57:27 +00:00
|
|
|
// Gets the number of currently used elements.
|
|
|
|
int GetFastElementsUsage();
|
2015-06-25 10:48:51 +00:00
|
|
|
|
2015-07-17 12:30:05 +00:00
|
|
|
static bool AllCanRead(LookupIterator* it);
|
|
|
|
static bool AllCanWrite(LookupIterator* it);
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
private:
|
2013-07-17 16:38:49 +00:00
|
|
|
friend class JSReceiver;
|
2013-10-10 15:38:52 +00:00
|
|
|
friend class Object;
|
|
|
|
|
|
|
|
// Used from Object::GetProperty().
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
|
|
|
|
GetPropertyWithFailedAccessCheck(LookupIterator* it);
|
2011-08-03 11:12:46 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithFailedAccessCheck(
|
2015-10-23 09:39:37 +00:00
|
|
|
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
|
2013-09-17 11:01:43 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyWithInterceptor(
|
2016-01-22 09:53:29 +00:00
|
|
|
LookupIterator* it, ShouldThrow should_throw);
|
2013-07-17 16:38:49 +00:00
|
|
|
|
2011-06-16 14:12:58 +00:00
|
|
|
bool ReferencesObjectFromElements(FixedArray* elements,
|
|
|
|
ElementsKind kind,
|
|
|
|
Object* object);
|
|
|
|
|
2014-12-10 20:02:48 +00:00
|
|
|
// Helper for fast versions of preventExtensions, seal, and freeze.
|
|
|
|
// attrs is one of NONE, SEALED, or FROZEN (depending on the operation).
|
|
|
|
template <PropertyAttributes attrs>
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensionsWithTransition(
|
2015-10-21 09:23:33 +00:00
|
|
|
Handle<JSObject> object, ShouldThrow should_throw);
|
2014-12-10 20:02:48 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSObject);
|
|
|
|
};
|
2016-01-20 07:55:24 +00:00
|
|
|
|
|
|
|
|
2016-01-20 19:04:06 +00:00
|
|
|
// JSAccessorPropertyDescriptor is just a JSObject with a specific initial
|
|
|
|
// map. This initial map adds in-object properties for "get", "set",
|
|
|
|
// "enumerable" and "configurable" properties, as assigned by the
|
|
|
|
// FromPropertyDescriptor function for regular accessor properties.
|
|
|
|
class JSAccessorPropertyDescriptor: public JSObject {
|
|
|
|
public:
|
|
|
|
// Offsets of object fields.
|
|
|
|
static const int kGetOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kSetOffset = kGetOffset + kPointerSize;
|
|
|
|
static const int kEnumerableOffset = kSetOffset + kPointerSize;
|
|
|
|
static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
|
|
|
|
static const int kSize = kConfigurableOffset + kPointerSize;
|
|
|
|
// Indices of in-object properties.
|
|
|
|
static const int kGetIndex = 0;
|
|
|
|
static const int kSetIndex = 1;
|
|
|
|
static const int kEnumerableIndex = 2;
|
|
|
|
static const int kConfigurableIndex = 3;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSAccessorPropertyDescriptor);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
// JSDataPropertyDescriptor is just a JSObject with a specific initial map.
|
|
|
|
// This initial map adds in-object properties for "value", "writable",
|
|
|
|
// "enumerable" and "configurable" properties, as assigned by the
|
|
|
|
// FromPropertyDescriptor function for regular data properties.
|
|
|
|
class JSDataPropertyDescriptor: public JSObject {
|
|
|
|
public:
|
|
|
|
// Offsets of object fields.
|
|
|
|
static const int kValueOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kWritableOffset = kValueOffset + kPointerSize;
|
|
|
|
static const int kEnumerableOffset = kWritableOffset + kPointerSize;
|
|
|
|
static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
|
|
|
|
static const int kSize = kConfigurableOffset + kPointerSize;
|
|
|
|
// Indices of in-object properties.
|
|
|
|
static const int kValueIndex = 0;
|
|
|
|
static const int kWritableIndex = 1;
|
|
|
|
static const int kEnumerableIndex = 2;
|
|
|
|
static const int kConfigurableIndex = 3;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSDataPropertyDescriptor);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2016-02-08 06:55:16 +00:00
|
|
|
// JSIteratorResult is just a JSObject with a specific initial map.
|
2016-02-12 05:10:38 +00:00
|
|
|
// This initial map adds in-object properties for "done" and "value",
|
2016-02-08 06:55:16 +00:00
|
|
|
// as specified by ES6 section 25.1.1.3 The IteratorResult Interface
|
|
|
|
class JSIteratorResult: public JSObject {
|
|
|
|
public:
|
2017-02-28 10:11:54 +00:00
|
|
|
DECL_ACCESSORS(value, Object)
|
2017-02-28 12:40:46 +00:00
|
|
|
|
2016-09-21 14:17:42 +00:00
|
|
|
DECL_ACCESSORS(done, Object)
|
|
|
|
|
2016-02-08 06:55:16 +00:00
|
|
|
// Offsets of object fields.
|
|
|
|
static const int kValueOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kDoneOffset = kValueOffset + kPointerSize;
|
|
|
|
static const int kSize = kDoneOffset + kPointerSize;
|
|
|
|
// Indices of in-object properties.
|
|
|
|
static const int kValueIndex = 0;
|
|
|
|
static const int kDoneIndex = 1;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSIteratorResult);
|
|
|
|
};
|
|
|
|
|
2015-01-27 14:56:51 +00:00
|
|
|
// FreeSpace are fixed-size free memory blocks used by the heap and GC.
|
|
|
|
// They look like heap objects (are heap object tagged and have a map) so that
|
|
|
|
// the heap remains iterable. They have a size and a next pointer.
|
|
|
|
// The next pointer is the raw address of the next FreeSpace object (or NULL)
|
|
|
|
// in the free list.
|
2013-08-20 10:52:23 +00:00
|
|
|
class FreeSpace: public HeapObject {
|
2011-09-19 18:36:47 +00:00
|
|
|
public:
|
|
|
|
// [size]: size of the free space including the header.
|
2014-06-20 10:31:17 +00:00
|
|
|
inline int size() const;
|
2011-09-19 18:36:47 +00:00
|
|
|
inline void set_size(int value);
|
|
|
|
|
2017-05-30 07:44:37 +00:00
|
|
|
inline int relaxed_read_size() const;
|
|
|
|
inline void relaxed_write_size(int value);
|
2014-04-08 16:31:57 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline int Size();
|
2011-09-19 18:36:47 +00:00
|
|
|
|
2015-01-27 14:56:51 +00:00
|
|
|
// Accessors for the next field.
|
|
|
|
inline FreeSpace* next();
|
|
|
|
inline void set_next(FreeSpace* next);
|
|
|
|
|
|
|
|
inline static FreeSpace* cast(HeapObject* obj);
|
2011-09-19 18:36:47 +00:00
|
|
|
|
2012-12-13 10:17:37 +00:00
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(FreeSpace)
|
|
|
|
DECL_VERIFIER(FreeSpace)
|
2011-09-19 18:36:47 +00:00
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
// Size is smi tagged when it is stored.
|
|
|
|
static const int kSizeOffset = HeapObject::kHeaderSize;
|
2015-01-27 14:56:51 +00:00
|
|
|
static const int kNextOffset = POINTER_SIZE_ALIGN(kSizeOffset + kPointerSize);
|
2016-09-06 11:02:21 +00:00
|
|
|
static const int kSize = kNextOffset + kPointerSize;
|
2011-09-19 18:36:47 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(FreeSpace);
|
|
|
|
};
|
|
|
|
|
2015-04-27 12:59:55 +00:00
|
|
|
class PrototypeInfo;
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// An abstract superclass, a marker class really, for simple structure classes.
|
2011-05-13 10:58:25 +00:00
|
|
|
// It doesn't carry much functionality but allows struct classes to be
|
2008-07-03 15:10:15 +00:00
|
|
|
// identified in the type system.
|
|
|
|
class Struct: public HeapObject {
|
|
|
|
public:
|
|
|
|
inline void InitializeBody(int object_size);
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(Struct)
|
2017-08-24 13:53:20 +00:00
|
|
|
void BriefPrintDetails(std::ostream& os);
|
2008-07-03 15:10:15 +00:00
|
|
|
};
|
|
|
|
|
2017-10-23 08:23:37 +00:00
|
|
|
class Tuple2 : public Struct {
|
|
|
|
public:
|
|
|
|
DECL_ACCESSORS(value1, Object)
|
|
|
|
DECL_ACCESSORS(value2, Object)
|
|
|
|
|
|
|
|
DECL_CAST(Tuple2)
|
|
|
|
|
|
|
|
// Dispatched behavior.
|
|
|
|
DECL_PRINTER(Tuple2)
|
|
|
|
DECL_VERIFIER(Tuple2)
|
|
|
|
void BriefPrintDetails(std::ostream& os);
|
|
|
|
|
|
|
|
static const int kValue1Offset = HeapObject::kHeaderSize;
|
|
|
|
static const int kValue2Offset = kValue1Offset + kPointerSize;
|
|
|
|
static const int kSize = kValue2Offset + kPointerSize;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(Tuple2);
|
|
|
|
};
|
|
|
|
|
|
|
|
class Tuple3 : public Tuple2 {
|
|
|
|
public:
|
|
|
|
DECL_ACCESSORS(value3, Object)
|
|
|
|
|
|
|
|
DECL_CAST(Tuple3)
|
|
|
|
|
|
|
|
// Dispatched behavior.
|
|
|
|
DECL_PRINTER(Tuple3)
|
|
|
|
DECL_VERIFIER(Tuple3)
|
|
|
|
void BriefPrintDetails(std::ostream& os);
|
|
|
|
|
|
|
|
static const int kValue3Offset = Tuple2::kSize;
|
|
|
|
static const int kSize = kValue3Offset + kPointerSize;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(Tuple3);
|
|
|
|
};
|
|
|
|
|
[async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 13:41:45 +00:00
|
|
|
class AsyncGeneratorRequest : public Struct {
|
|
|
|
public:
|
|
|
|
// Holds an AsyncGeneratorRequest, or Undefined.
|
|
|
|
DECL_ACCESSORS(next, Object)
|
|
|
|
DECL_INT_ACCESSORS(resume_mode)
|
|
|
|
DECL_ACCESSORS(value, Object)
|
|
|
|
DECL_ACCESSORS(promise, Object)
|
|
|
|
|
|
|
|
static const int kNextOffset = Struct::kHeaderSize;
|
|
|
|
static const int kResumeModeOffset = kNextOffset + kPointerSize;
|
|
|
|
static const int kValueOffset = kResumeModeOffset + kPointerSize;
|
|
|
|
static const int kPromiseOffset = kValueOffset + kPointerSize;
|
|
|
|
static const int kSize = kPromiseOffset + kPointerSize;
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(AsyncGeneratorRequest)
|
|
|
|
DECL_PRINTER(AsyncGeneratorRequest)
|
|
|
|
DECL_VERIFIER(AsyncGeneratorRequest)
|
[async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 13:41:45 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(AsyncGeneratorRequest);
|
|
|
|
};
|
|
|
|
|
2015-04-07 10:42:45 +00:00
|
|
|
// Container for metadata stored on each prototype map.
|
|
|
|
class PrototypeInfo : public Struct {
|
|
|
|
public:
|
2015-08-08 22:56:15 +00:00
|
|
|
static const int UNREGISTERED = -1;
|
|
|
|
|
2016-10-17 11:44:37 +00:00
|
|
|
// [weak_cell]: A WeakCell containing this prototype. ICs cache the cell here.
|
|
|
|
DECL_ACCESSORS(weak_cell, Object)
|
|
|
|
|
2018-03-07 14:54:58 +00:00
|
|
|
// [prototype_users]: FixedArrayOfWeakCells containing maps using this
|
|
|
|
// prototype, or Smi(0) if uninitialized.
|
2015-04-07 10:42:45 +00:00
|
|
|
DECL_ACCESSORS(prototype_users, Object)
|
2016-06-23 12:16:35 +00:00
|
|
|
|
|
|
|
// [object_create_map]: A field caching the map for Object.create(prototype).
|
|
|
|
static inline void SetObjectCreateMap(Handle<PrototypeInfo> info,
|
|
|
|
Handle<Map> map);
|
|
|
|
inline Map* ObjectCreateMap();
|
|
|
|
inline bool HasObjectCreateMap();
|
|
|
|
|
2015-08-08 22:56:15 +00:00
|
|
|
// [registry_slot]: Slot in prototype's user registry where this user
|
|
|
|
// is stored. Returns UNREGISTERED if this prototype has not been registered.
|
|
|
|
inline int registry_slot() const;
|
|
|
|
inline void set_registry_slot(int slot);
|
2018-02-22 15:23:55 +00:00
|
|
|
|
2016-06-08 14:43:22 +00:00
|
|
|
// [bit_field]
|
|
|
|
inline int bit_field() const;
|
|
|
|
inline void set_bit_field(int bit_field);
|
|
|
|
|
|
|
|
DECL_BOOLEAN_ACCESSORS(should_be_fast_map)
|
2015-04-07 10:42:45 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(PrototypeInfo)
|
2015-04-07 10:42:45 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(PrototypeInfo)
|
|
|
|
DECL_VERIFIER(PrototypeInfo)
|
2015-04-07 10:42:45 +00:00
|
|
|
|
2016-10-17 11:44:37 +00:00
|
|
|
static const int kWeakCellOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kPrototypeUsersOffset = kWeakCellOffset + kPointerSize;
|
2015-08-08 22:56:15 +00:00
|
|
|
static const int kRegistrySlotOffset = kPrototypeUsersOffset + kPointerSize;
|
|
|
|
static const int kValidityCellOffset = kRegistrySlotOffset + kPointerSize;
|
2018-05-30 10:45:32 +00:00
|
|
|
static const int kObjectCreateMapOffset = kValidityCellOffset + kPointerSize;
|
|
|
|
static const int kBitFieldOffset = kObjectCreateMapOffset + kPointerSize;
|
2016-06-08 14:43:22 +00:00
|
|
|
static const int kSize = kBitFieldOffset + kPointerSize;
|
|
|
|
|
|
|
|
// Bit field usage.
|
|
|
|
static const int kShouldBeFastBit = 0;
|
2015-04-07 10:42:45 +00:00
|
|
|
|
2018-05-30 10:45:32 +00:00
|
|
|
class BodyDescriptor;
|
|
|
|
|
2015-04-07 10:42:45 +00:00
|
|
|
private:
|
2018-05-30 10:45:32 +00:00
|
|
|
DECL_ACCESSORS(object_create_map, MaybeObject)
|
2016-06-23 12:16:35 +00:00
|
|
|
|
2015-04-07 10:42:45 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(PrototypeInfo);
|
|
|
|
};
|
|
|
|
|
2010-12-14 18:53:48 +00:00
|
|
|
// List of builtin functions we want to identify to improve code
|
|
|
|
// generation.
|
|
|
|
//
|
|
|
|
// Each entry has a name of a global object property holding an object
|
|
|
|
// optionally followed by ".prototype", a name of a builtin function
|
|
|
|
// on the object (the one the id is set for), and a label.
|
|
|
|
//
|
|
|
|
// Installation of ids for the selected builtin functions is handled
|
|
|
|
// by the bootstrapper.
|
2016-03-01 18:16:33 +00:00
|
|
|
#define FUNCTIONS_WITH_ID_LIST(V) \
|
2017-01-20 08:56:33 +00:00
|
|
|
V(Array, isArray, ArrayIsArray) \
|
2016-11-28 08:00:48 +00:00
|
|
|
V(Array.prototype, concat, ArrayConcat) \
|
|
|
|
V(Array.prototype, every, ArrayEvery) \
|
|
|
|
V(Array.prototype, fill, ArrayFill) \
|
|
|
|
V(Array.prototype, filter, ArrayFilter) \
|
|
|
|
V(Array.prototype, findIndex, ArrayFindIndex) \
|
|
|
|
V(Array.prototype, forEach, ArrayForEach) \
|
|
|
|
V(Array.prototype, includes, ArrayIncludes) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Array.prototype, indexOf, ArrayIndexOf) \
|
2016-11-28 08:00:48 +00:00
|
|
|
V(Array.prototype, join, ArrayJoin) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Array.prototype, lastIndexOf, ArrayLastIndexOf) \
|
2016-11-28 08:00:48 +00:00
|
|
|
V(Array.prototype, map, ArrayMap) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Array.prototype, pop, ArrayPop) \
|
2016-11-28 08:00:48 +00:00
|
|
|
V(Array.prototype, push, ArrayPush) \
|
|
|
|
V(Array.prototype, reverse, ArrayReverse) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Array.prototype, shift, ArrayShift) \
|
2016-11-28 08:00:48 +00:00
|
|
|
V(Array.prototype, slice, ArraySlice) \
|
|
|
|
V(Array.prototype, some, ArraySome) \
|
|
|
|
V(Array.prototype, splice, ArraySplice) \
|
|
|
|
V(Array.prototype, unshift, ArrayUnshift) \
|
2016-11-24 06:41:25 +00:00
|
|
|
V(Date, now, DateNow) \
|
2016-08-29 10:53:25 +00:00
|
|
|
V(Date.prototype, getDate, DateGetDate) \
|
2016-08-30 10:05:40 +00:00
|
|
|
V(Date.prototype, getDay, DateGetDay) \
|
2016-08-29 10:53:25 +00:00
|
|
|
V(Date.prototype, getFullYear, DateGetFullYear) \
|
|
|
|
V(Date.prototype, getHours, DateGetHours) \
|
|
|
|
V(Date.prototype, getMilliseconds, DateGetMilliseconds) \
|
2016-08-30 10:05:40 +00:00
|
|
|
V(Date.prototype, getMinutes, DateGetMinutes) \
|
2016-08-29 10:53:25 +00:00
|
|
|
V(Date.prototype, getMonth, DateGetMonth) \
|
|
|
|
V(Date.prototype, getSeconds, DateGetSeconds) \
|
|
|
|
V(Date.prototype, getTime, DateGetTime) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Function.prototype, apply, FunctionApply) \
|
2017-06-02 12:30:04 +00:00
|
|
|
V(Function.prototype, bind, FunctionBind) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Function.prototype, call, FunctionCall) \
|
2017-01-20 08:56:33 +00:00
|
|
|
V(Object, assign, ObjectAssign) \
|
|
|
|
V(Object, create, ObjectCreate) \
|
[es2015] Optimize Object.is baseline and interesting cases.
The Object.is builtin provides an entry point to the abstract operation
SameValue, which properly distinguishes -0 and 0, and also identifies
NaNs. Most of the time you don't need these, but rather just regular
strict equality, but when you do, Object.is(o, -0) is the most readable
way to check for minus zero.
This is for example used in Node.js by formatNumber to properly print -0
for negative zero. However since the builtin thus far implemented as C++
builtin and TurboFan didn't know anything about it, Node.js considering
to go with a more performant, less readable version (which also makes
assumptions about the input value) in
https://github.com/nodejs/node/pull/15726
until the performance of Object.is will be on par (so hopefully we can
go back to Object.is in Node 9).
This CL ports the baseline implementation of Object.is to CSA, which
is pretty straight-forward since SameValue is already available in
CodeStubAssembler, and inlines a few interesting cases into TurboFan,
i.e. comparing same SSA node, and checking for -0 and NaN explicitly.
On the micro-benchmarks we go from
testNumberIsMinusZero: 1000 ms.
testObjectIsMinusZero: 929 ms.
testObjectIsNaN: 954 ms.
testObjectIsSame: 793 ms.
testStrictEqualSame: 104 ms.
to
testNumberIsMinusZero: 89 ms.
testObjectIsMinusZero: 88 ms.
testObjectIsNaN: 88 ms.
testObjectIsSame: 86 ms.
testStrictEqualSame: 105 ms.
which is a nice 10x to 11x improvement and brings Object.is on par with
strict equality for most cases.
Drive-by-fix: Also refactor and optimize the SameValue check in the
CodeStubAssembler to avoid code bloat (by not inlining StrictEqual
into every user of SameValue, and also avoiding useless checks).
Bug: v8:6882
Change-Id: Ibffd8c36511f219fcce0d89ed4e1073f5d6c6344
Reviewed-on: https://chromium-review.googlesource.com/700254
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48275}
2017-10-04 06:25:26 +00:00
|
|
|
V(Object, is, ObjectIs) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Object.prototype, hasOwnProperty, ObjectHasOwnProperty) \
|
[builtins] Properly optimize Object.prototype.isPrototypeOf.
Port the baseline implementation of Object.prototype.isPrototypeOf to
the CodeStubAssembler, sharing the existing prototype chain lookup logic
with the instanceof / OrdinaryHasInstance implementation. Based on that,
do the same in TurboFan, introducing a new JSHasInPrototypeChain
operator, which encapsulates the central prototype chain walk logic.
This speeds up Object.prototype.isPrototypeOf by more than a factor of
four, so that the code
A.prototype.isPrototypeOf(a)
is now performance-wise on par with
a instanceof A
for the case where A is a regular constructor function and a is an
instance of A.
Since instanceof does more than just the fundamental prototype chain
lookup, it was discovered in Node core that O.p.isPrototypeOf would
be a more appropriate alternative for certain sanity checks, since
it's less vulnerable to monkey-patching. In addition, the Object
builtin would also avoid the performance-cliff associated with
instanceof (due to the Symbol.hasInstance hook), as for example hit
by https://github.com/nodejs/node/pull/13403#issuecomment-305915874.
The main blocker was the missing performance of isPrototypeOf, since
it was still a JS builtin backed by a runtime call.
This CL also adds more test coverage for the
Object.prototype.isPrototypeOf builtin, especially when called from
optimized code.
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng
BUG=v8:5269,v8:5989,v8:6483
R=jgruber@chromium.org
Review-Url: https://codereview.chromium.org/2934893002
Cr-Commit-Position: refs/heads/master@{#45925}
2017-06-13 19:14:00 +00:00
|
|
|
V(Object.prototype, isPrototypeOf, ObjectIsPrototypeOf) \
|
2017-01-26 12:07:22 +00:00
|
|
|
V(Object.prototype, toString, ObjectToString) \
|
2016-11-24 06:01:44 +00:00
|
|
|
V(RegExp.prototype, compile, RegExpCompile) \
|
|
|
|
V(RegExp.prototype, exec, RegExpExec) \
|
|
|
|
V(RegExp.prototype, test, RegExpTest) \
|
|
|
|
V(RegExp.prototype, toString, RegExpToString) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(String.prototype, charCodeAt, StringCharCodeAt) \
|
|
|
|
V(String.prototype, charAt, StringCharAt) \
|
2016-11-27 19:20:18 +00:00
|
|
|
V(String.prototype, codePointAt, StringCodePointAt) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(String.prototype, concat, StringConcat) \
|
2016-11-27 19:20:18 +00:00
|
|
|
V(String.prototype, endsWith, StringEndsWith) \
|
|
|
|
V(String.prototype, includes, StringIncludes) \
|
|
|
|
V(String.prototype, indexOf, StringIndexOf) \
|
|
|
|
V(String.prototype, lastIndexOf, StringLastIndexOf) \
|
|
|
|
V(String.prototype, repeat, StringRepeat) \
|
|
|
|
V(String.prototype, slice, StringSlice) \
|
|
|
|
V(String.prototype, startsWith, StringStartsWith) \
|
2016-08-09 07:13:38 +00:00
|
|
|
V(String.prototype, substr, StringSubstr) \
|
2016-11-27 19:20:18 +00:00
|
|
|
V(String.prototype, substring, StringSubstring) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(String.prototype, toLowerCase, StringToLowerCase) \
|
2016-11-27 19:20:18 +00:00
|
|
|
V(String.prototype, toString, StringToString) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(String.prototype, toUpperCase, StringToUpperCase) \
|
2016-11-27 19:20:18 +00:00
|
|
|
V(String.prototype, trim, StringTrim) \
|
2018-01-19 13:05:01 +00:00
|
|
|
V(String.prototype, trimLeft, StringTrimStart) \
|
|
|
|
V(String.prototype, trimRight, StringTrimEnd) \
|
2016-11-27 19:20:18 +00:00
|
|
|
V(String.prototype, valueOf, StringValueOf) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(String, fromCharCode, StringFromCharCode) \
|
2016-11-27 19:20:18 +00:00
|
|
|
V(String, fromCodePoint, StringFromCodePoint) \
|
|
|
|
V(String, raw, StringRaw) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, random, MathRandom) \
|
|
|
|
V(Math, floor, MathFloor) \
|
|
|
|
V(Math, round, MathRound) \
|
|
|
|
V(Math, ceil, MathCeil) \
|
|
|
|
V(Math, abs, MathAbs) \
|
|
|
|
V(Math, log, MathLog) \
|
2016-06-13 05:46:38 +00:00
|
|
|
V(Math, log1p, MathLog1p) \
|
2016-06-16 11:22:32 +00:00
|
|
|
V(Math, log2, MathLog2) \
|
|
|
|
V(Math, log10, MathLog10) \
|
2016-06-17 09:13:22 +00:00
|
|
|
V(Math, cbrt, MathCbrt) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, exp, MathExp) \
|
2016-06-17 09:13:22 +00:00
|
|
|
V(Math, expm1, MathExpm1) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, sqrt, MathSqrt) \
|
|
|
|
V(Math, pow, MathPow) \
|
|
|
|
V(Math, max, MathMax) \
|
|
|
|
V(Math, min, MathMin) \
|
|
|
|
V(Math, cos, MathCos) \
|
2016-06-30 08:41:05 +00:00
|
|
|
V(Math, cosh, MathCosh) \
|
[builtins] Unify most of the remaining Math builtins.
Import fdlibm versions of acos, acosh, asin and asinh, which are more
precise and produce the same result across platforms (we were using
libm versions for asin and acos so far, where both speed and precision
depended on the operating system so far). Introduce appropriate TurboFan
operators for these functions and use them both for inlining and for the
generic builtin.
Also migrate the Math.imul and Math.fround builtins to TurboFan builtins
to ensure that their behavior is always exactly the same as the inlined
TurboFan version (i.e. C++ truncation semantics for double to float
don't necessarily meet the JavaScript semantics).
For completeness, also migrate Math.sign, which can even get some nice
love in TurboFan.
Drive-by-fix: Some alpha-sorting on the Math related functions, and
cleanup the list of Math intrinsics that we have to export via the
native context currently.
BUG=v8:3266,v8:3496,v8:3509,v8:3952,v8:5169,v8:5170,v8:5171,v8:5172
TBR=rossberg@chromium.org
R=franzih@chromium.org
Review-Url: https://codereview.chromium.org/2116753002
Cr-Commit-Position: refs/heads/master@{#37476}
2016-07-01 11:11:33 +00:00
|
|
|
V(Math, sign, MathSign) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, sin, MathSin) \
|
2016-06-30 08:41:05 +00:00
|
|
|
V(Math, sinh, MathSinh) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, tan, MathTan) \
|
2016-06-30 08:41:05 +00:00
|
|
|
V(Math, tanh, MathTanh) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, acos, MathAcos) \
|
[builtins] Unify most of the remaining Math builtins.
Import fdlibm versions of acos, acosh, asin and asinh, which are more
precise and produce the same result across platforms (we were using
libm versions for asin and acos so far, where both speed and precision
depended on the operating system so far). Introduce appropriate TurboFan
operators for these functions and use them both for inlining and for the
generic builtin.
Also migrate the Math.imul and Math.fround builtins to TurboFan builtins
to ensure that their behavior is always exactly the same as the inlined
TurboFan version (i.e. C++ truncation semantics for double to float
don't necessarily meet the JavaScript semantics).
For completeness, also migrate Math.sign, which can even get some nice
love in TurboFan.
Drive-by-fix: Some alpha-sorting on the Math related functions, and
cleanup the list of Math intrinsics that we have to export via the
native context currently.
BUG=v8:3266,v8:3496,v8:3509,v8:3952,v8:5169,v8:5170,v8:5171,v8:5172
TBR=rossberg@chromium.org
R=franzih@chromium.org
Review-Url: https://codereview.chromium.org/2116753002
Cr-Commit-Position: refs/heads/master@{#37476}
2016-07-01 11:11:33 +00:00
|
|
|
V(Math, acosh, MathAcosh) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, asin, MathAsin) \
|
[builtins] Unify most of the remaining Math builtins.
Import fdlibm versions of acos, acosh, asin and asinh, which are more
precise and produce the same result across platforms (we were using
libm versions for asin and acos so far, where both speed and precision
depended on the operating system so far). Introduce appropriate TurboFan
operators for these functions and use them both for inlining and for the
generic builtin.
Also migrate the Math.imul and Math.fround builtins to TurboFan builtins
to ensure that their behavior is always exactly the same as the inlined
TurboFan version (i.e. C++ truncation semantics for double to float
don't necessarily meet the JavaScript semantics).
For completeness, also migrate Math.sign, which can even get some nice
love in TurboFan.
Drive-by-fix: Some alpha-sorting on the Math related functions, and
cleanup the list of Math intrinsics that we have to export via the
native context currently.
BUG=v8:3266,v8:3496,v8:3509,v8:3952,v8:5169,v8:5170,v8:5171,v8:5172
TBR=rossberg@chromium.org
R=franzih@chromium.org
Review-Url: https://codereview.chromium.org/2116753002
Cr-Commit-Position: refs/heads/master@{#37476}
2016-07-01 11:11:33 +00:00
|
|
|
V(Math, asinh, MathAsinh) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, atan, MathAtan) \
|
|
|
|
V(Math, atan2, MathAtan2) \
|
2016-06-17 09:13:22 +00:00
|
|
|
V(Math, atanh, MathAtanh) \
|
2016-03-01 18:16:33 +00:00
|
|
|
V(Math, imul, MathImul) \
|
|
|
|
V(Math, clz32, MathClz32) \
|
2016-03-30 11:56:31 +00:00
|
|
|
V(Math, fround, MathFround) \
|
2016-07-05 09:49:52 +00:00
|
|
|
V(Math, trunc, MathTrunc) \
|
2016-09-07 10:14:19 +00:00
|
|
|
V(Number, isFinite, NumberIsFinite) \
|
|
|
|
V(Number, isInteger, NumberIsInteger) \
|
|
|
|
V(Number, isNaN, NumberIsNaN) \
|
|
|
|
V(Number, isSafeInteger, NumberIsSafeInteger) \
|
2016-10-07 08:58:43 +00:00
|
|
|
V(Number, parseFloat, NumberParseFloat) \
|
2016-08-09 07:13:38 +00:00
|
|
|
V(Number, parseInt, NumberParseInt) \
|
2017-01-13 16:47:12 +00:00
|
|
|
V(Number.prototype, toString, NumberToString) \
|
2017-01-20 08:56:33 +00:00
|
|
|
V(Map.prototype, clear, MapClear) \
|
|
|
|
V(Map.prototype, delete, MapDelete) \
|
|
|
|
V(Map.prototype, entries, MapEntries) \
|
|
|
|
V(Map.prototype, forEach, MapForEach) \
|
|
|
|
V(Map.prototype, has, MapHas) \
|
|
|
|
V(Map.prototype, keys, MapKeys) \
|
2017-07-10 11:30:04 +00:00
|
|
|
V(Map.prototype, get, MapGet) \
|
2017-01-20 08:56:33 +00:00
|
|
|
V(Map.prototype, set, MapSet) \
|
|
|
|
V(Map.prototype, values, MapValues) \
|
|
|
|
V(Set.prototype, add, SetAdd) \
|
|
|
|
V(Set.prototype, clear, SetClear) \
|
|
|
|
V(Set.prototype, delete, SetDelete) \
|
|
|
|
V(Set.prototype, entries, SetEntries) \
|
|
|
|
V(Set.prototype, forEach, SetForEach) \
|
|
|
|
V(Set.prototype, has, SetHas) \
|
|
|
|
V(Set.prototype, values, SetValues) \
|
|
|
|
V(WeakMap.prototype, delete, WeakMapDelete) \
|
|
|
|
V(WeakMap.prototype, has, WeakMapHas) \
|
|
|
|
V(WeakMap.prototype, set, WeakMapSet) \
|
|
|
|
V(WeakSet.prototype, add, WeakSetAdd) \
|
|
|
|
V(WeakSet.prototype, delete, WeakSetDelete) \
|
|
|
|
V(WeakSet.prototype, has, WeakSetHas)
|
2010-12-14 18:53:48 +00:00
|
|
|
|
2017-04-11 00:09:37 +00:00
|
|
|
#define ATOMIC_FUNCTIONS_WITH_ID_LIST(V) \
|
|
|
|
V(Atomics, load, AtomicsLoad) \
|
|
|
|
V(Atomics, store, AtomicsStore) \
|
|
|
|
V(Atomics, exchange, AtomicsExchange) \
|
|
|
|
V(Atomics, compareExchange, AtomicsCompareExchange) \
|
|
|
|
V(Atomics, add, AtomicsAdd) \
|
|
|
|
V(Atomics, sub, AtomicsSub) \
|
|
|
|
V(Atomics, and, AtomicsAnd) \
|
|
|
|
V(Atomics, or, AtomicsOr) \
|
|
|
|
V(Atomics, xor, AtomicsXor)
|
2015-06-03 17:58:29 +00:00
|
|
|
|
2010-12-14 18:53:48 +00:00
|
|
|
enum BuiltinFunctionId {
|
2017-06-26 10:03:43 +00:00
|
|
|
kInvalidBuiltinFunctionId = -1,
|
2017-08-07 12:12:37 +00:00
|
|
|
kArrayConstructor,
|
2017-06-29 13:14:20 +00:00
|
|
|
#define DECL_FUNCTION_ID(ignored1, ignore2, name) k##name,
|
|
|
|
FUNCTIONS_WITH_ID_LIST(DECL_FUNCTION_ID)
|
|
|
|
ATOMIC_FUNCTIONS_WITH_ID_LIST(DECL_FUNCTION_ID)
|
|
|
|
#undef DECL_FUNCTION_ID
|
2016-06-08 07:40:11 +00:00
|
|
|
// These are manually assigned to special getters during bootstrapping.
|
2016-07-06 19:23:44 +00:00
|
|
|
kArrayBufferByteLength,
|
2017-09-29 09:10:16 +00:00
|
|
|
kArrayBufferIsView,
|
2016-11-14 15:58:48 +00:00
|
|
|
kArrayEntries,
|
|
|
|
kArrayKeys,
|
|
|
|
kArrayValues,
|
|
|
|
kArrayIteratorNext,
|
2017-12-06 16:21:27 +00:00
|
|
|
kBigIntConstructor,
|
2017-07-14 05:35:21 +00:00
|
|
|
kMapSize,
|
|
|
|
kSetSize,
|
2017-07-06 10:39:28 +00:00
|
|
|
kMapIteratorNext,
|
|
|
|
kSetIteratorNext,
|
2016-06-08 07:40:11 +00:00
|
|
|
kDataViewBuffer,
|
|
|
|
kDataViewByteLength,
|
|
|
|
kDataViewByteOffset,
|
2016-11-18 06:30:57 +00:00
|
|
|
kFunctionHasInstance,
|
2016-08-09 07:13:38 +00:00
|
|
|
kGlobalDecodeURI,
|
|
|
|
kGlobalDecodeURIComponent,
|
|
|
|
kGlobalEncodeURI,
|
|
|
|
kGlobalEncodeURIComponent,
|
|
|
|
kGlobalEscape,
|
|
|
|
kGlobalUnescape,
|
2016-09-07 10:14:19 +00:00
|
|
|
kGlobalIsFinite,
|
|
|
|
kGlobalIsNaN,
|
2017-12-06 16:21:27 +00:00
|
|
|
kNumberConstructor,
|
|
|
|
kSymbolConstructor,
|
2016-06-08 07:40:11 +00:00
|
|
|
kTypedArrayByteLength,
|
|
|
|
kTypedArrayByteOffset,
|
2016-11-14 15:58:48 +00:00
|
|
|
kTypedArrayEntries,
|
|
|
|
kTypedArrayKeys,
|
2016-06-08 07:40:11 +00:00
|
|
|
kTypedArrayLength,
|
2017-10-02 05:28:41 +00:00
|
|
|
kTypedArrayToStringTag,
|
2016-11-14 15:58:48 +00:00
|
|
|
kTypedArrayValues,
|
2016-07-07 19:42:15 +00:00
|
|
|
kSharedArrayBufferByteLength,
|
2017-12-06 16:21:27 +00:00
|
|
|
kStringConstructor,
|
2016-10-18 16:32:31 +00:00
|
|
|
kStringIterator,
|
2016-10-05 18:45:54 +00:00
|
|
|
kStringIteratorNext,
|
2017-06-26 08:19:08 +00:00
|
|
|
kStringToLowerCaseIntl,
|
|
|
|
kStringToUpperCaseIntl
|
2010-12-07 11:31:57 +00:00
|
|
|
};
|
|
|
|
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSGeneratorObject: public JSObject {
|
2013-04-15 12:29:44 +00:00
|
|
|
public:
|
|
|
|
// [function]: The function corresponding to this generator object.
|
|
|
|
DECL_ACCESSORS(function, JSFunction)
|
|
|
|
|
2013-04-19 14:11:23 +00:00
|
|
|
// [context]: The context of the suspended computation.
|
|
|
|
DECL_ACCESSORS(context, Context)
|
2013-04-15 12:29:44 +00:00
|
|
|
|
2013-04-25 10:59:09 +00:00
|
|
|
// [receiver]: The receiver of the suspended computation.
|
|
|
|
DECL_ACCESSORS(receiver, Object)
|
|
|
|
|
2016-06-21 12:12:47 +00:00
|
|
|
// [input_or_debug_pos]
|
|
|
|
// For executing generators: the most recent input value.
|
2016-11-22 13:48:32 +00:00
|
|
|
// For suspended generators: debug information (bytecode offset).
|
2016-06-21 12:12:47 +00:00
|
|
|
// There is currently no need to remember the most recent input value for a
|
|
|
|
// suspended generator.
|
|
|
|
DECL_ACCESSORS(input_or_debug_pos, Object)
|
2016-01-28 08:54:29 +00:00
|
|
|
|
2016-04-11 08:25:44 +00:00
|
|
|
// [resume_mode]: The most recent resume mode.
|
|
|
|
enum ResumeMode { kNext, kReturn, kThrow };
|
|
|
|
DECL_INT_ACCESSORS(resume_mode)
|
|
|
|
|
2016-06-21 12:12:47 +00:00
|
|
|
// [continuation]
|
2013-04-19 14:11:23 +00:00
|
|
|
//
|
2016-06-21 12:12:47 +00:00
|
|
|
// A positive value indicates a suspended generator. The special
|
2013-04-19 14:11:23 +00:00
|
|
|
// kGeneratorExecuting and kGeneratorClosed values indicate that a generator
|
|
|
|
// cannot be resumed.
|
2014-06-20 10:31:17 +00:00
|
|
|
inline int continuation() const;
|
2013-04-15 12:29:44 +00:00
|
|
|
inline void set_continuation(int continuation);
|
2016-06-21 12:12:47 +00:00
|
|
|
inline bool is_closed() const;
|
|
|
|
inline bool is_executing() const;
|
|
|
|
inline bool is_suspended() const;
|
|
|
|
|
|
|
|
// For suspended generators: the source position at which the generator
|
|
|
|
// is suspended.
|
|
|
|
int source_position() const;
|
2013-04-15 12:29:44 +00:00
|
|
|
|
2018-05-24 09:29:53 +00:00
|
|
|
// [parameters_and_registers]: Saved interpreter register file.
|
|
|
|
DECL_ACCESSORS(parameters_and_registers, FixedArray)
|
2013-04-15 12:29:44 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSGeneratorObject)
|
2013-04-15 12:29:44 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSGeneratorObject)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSGeneratorObject)
|
2013-04-15 12:29:44 +00:00
|
|
|
|
2013-04-19 14:11:23 +00:00
|
|
|
// Magic sentinel values for the continuation.
|
2016-04-18 14:13:04 +00:00
|
|
|
static const int kGeneratorExecuting = -2;
|
|
|
|
static const int kGeneratorClosed = -1;
|
2013-04-19 14:11:23 +00:00
|
|
|
|
2013-04-15 12:29:44 +00:00
|
|
|
// Layout description.
|
|
|
|
static const int kFunctionOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kContextOffset = kFunctionOffset + kPointerSize;
|
2013-04-25 10:59:09 +00:00
|
|
|
static const int kReceiverOffset = kContextOffset + kPointerSize;
|
2016-06-21 12:12:47 +00:00
|
|
|
static const int kInputOrDebugPosOffset = kReceiverOffset + kPointerSize;
|
|
|
|
static const int kResumeModeOffset = kInputOrDebugPosOffset + kPointerSize;
|
2016-04-11 08:25:44 +00:00
|
|
|
static const int kContinuationOffset = kResumeModeOffset + kPointerSize;
|
2018-05-24 09:29:53 +00:00
|
|
|
static const int kParametersAndRegistersOffset =
|
|
|
|
kContinuationOffset + kPointerSize;
|
|
|
|
static const int kSize = kParametersAndRegistersOffset + kPointerSize;
|
2013-04-15 12:29:44 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSGeneratorObject);
|
|
|
|
};
|
|
|
|
|
[async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 13:41:45 +00:00
|
|
|
class JSAsyncGeneratorObject : public JSGeneratorObject {
|
|
|
|
public:
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSAsyncGeneratorObject)
|
[async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 13:41:45 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSAsyncGeneratorObject)
|
[async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 13:41:45 +00:00
|
|
|
|
|
|
|
// [queue]
|
|
|
|
// Pointer to the head of a singly linked list of AsyncGeneratorRequest, or
|
|
|
|
// undefined.
|
|
|
|
DECL_ACCESSORS(queue, HeapObject)
|
|
|
|
|
2018-01-29 14:31:04 +00:00
|
|
|
// [is_awaiting]
|
|
|
|
// Whether or not the generator is currently awaiting.
|
|
|
|
DECL_INT_ACCESSORS(is_awaiting)
|
[async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 13:41:45 +00:00
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
static const int kQueueOffset = JSGeneratorObject::kSize;
|
2018-01-29 14:31:04 +00:00
|
|
|
static const int kIsAwaitingOffset = kQueueOffset + kPointerSize;
|
|
|
|
static const int kSize = kIsAwaitingOffset + kPointerSize;
|
[async-iteration] implement AsyncGenerator
- Introduce new struct AsyncGeneratorRequest, which holds
information pertinent to resuming execution of an
AsyncGenerator, such as the Promise associated with the async
generator request. It is intended to be used as a singly
linked list, and holds a pointer to the next item in te queue.
- Introduce JSAsyncGeneratorObject (subclass of
JSGeneratorObject), which includes several new internal fields
(`queue` which contains a singly linked list of
AsyncGeneratorRequest objects, and `await_input` which
contains the sent value from an Await expression (This is
necessary to prevent function.sent (used by yield*) from
having the sent value observably overwritten during
execution).
- Modify SuspendGenerator to accept a set of Flags, which
indicate whether the suspend is for a Yield or Await, and
whether it takes place on an async generator or ES6
generator.
- Introduce interpreter intrinsics and TF intrinsic lowering for
accessing the await input of an async generator
- Modify the JSGeneratorStore operator to understand whether or
not it's suspending for a normal yield, or an AsyncGenerator
Await. This ensures appropriate registers are stored.
- Add versions of ResumeGeneratorTrampoline which store the
input value in a different field depending on wether it's an
AsyncGenerator Await resume, or an ordinary resume. Also modifies
whether debug code will assert that the generator object is a
JSGeneratorObject or a JSAsyncGeneratorObject depending on the
resume type.
BUG=v8:5855
R=bmeurer@chromium.org, rmcilroy@chromium.org, jgruber@chromium.org,
littledan@chromium.org, neis@chromium.org
TBR=marja@chromium.org
Change-Id: I9d58df1d344465fc937fe7eed322424204497187
Reviewed-on: https://chromium-review.googlesource.com/446961
Commit-Queue: Caitlin Potter <caitp@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#44240}
2017-03-29 13:41:45 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSAsyncGeneratorObject);
|
|
|
|
};
|
|
|
|
|
2015-12-27 06:30:53 +00:00
|
|
|
// JSBoundFunction describes a bound function exotic object.
|
|
|
|
class JSBoundFunction : public JSObject {
|
|
|
|
public:
|
|
|
|
// [bound_target_function]: The wrapped function object.
|
2017-06-19 07:09:06 +00:00
|
|
|
inline Object* raw_bound_target_function() const;
|
2015-12-27 06:30:53 +00:00
|
|
|
DECL_ACCESSORS(bound_target_function, JSReceiver)
|
|
|
|
|
|
|
|
// [bound_this]: The value that is always passed as the this value when
|
|
|
|
// calling the wrapped function.
|
|
|
|
DECL_ACCESSORS(bound_this, Object)
|
|
|
|
|
|
|
|
// [bound_arguments]: A list of values whose elements are used as the first
|
|
|
|
// arguments to any call to the wrapped function.
|
|
|
|
DECL_ACCESSORS(bound_arguments, FixedArray)
|
|
|
|
|
2016-04-07 13:36:40 +00:00
|
|
|
static MaybeHandle<String> GetName(Isolate* isolate,
|
|
|
|
Handle<JSBoundFunction> function);
|
2017-10-04 11:38:34 +00:00
|
|
|
static Maybe<int> GetLength(Isolate* isolate,
|
|
|
|
Handle<JSBoundFunction> function);
|
2015-12-27 06:30:53 +00:00
|
|
|
static MaybeHandle<Context> GetFunctionRealm(
|
|
|
|
Handle<JSBoundFunction> function);
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSBoundFunction)
|
2015-12-27 06:30:53 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSBoundFunction)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSBoundFunction)
|
2015-12-27 06:30:53 +00:00
|
|
|
|
|
|
|
// The bound function's string representation implemented according
|
|
|
|
// to ES6 section 19.2.3.5 Function.prototype.toString ( ).
|
|
|
|
static Handle<String> ToString(Handle<JSBoundFunction> function);
|
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
static const int kBoundTargetFunctionOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kBoundThisOffset = kBoundTargetFunctionOffset + kPointerSize;
|
|
|
|
static const int kBoundArgumentsOffset = kBoundThisOffset + kPointerSize;
|
2016-04-07 13:36:40 +00:00
|
|
|
static const int kSize = kBoundArgumentsOffset + kPointerSize;
|
2015-12-27 06:30:53 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSBoundFunction);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// JSFunction describes JavaScript functions.
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSFunction: public JSObject {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
|
|
|
// [prototype_or_initial_map]:
|
|
|
|
DECL_ACCESSORS(prototype_or_initial_map, Object)
|
|
|
|
|
2011-09-13 11:42:57 +00:00
|
|
|
// [shared]: The information about the function that
|
2008-07-03 15:10:15 +00:00
|
|
|
// can be shared by instances.
|
|
|
|
DECL_ACCESSORS(shared, SharedFunctionInfo)
|
|
|
|
|
2016-06-08 09:44:27 +00:00
|
|
|
static const int kLengthDescriptorIndex = 0;
|
|
|
|
static const int kNameDescriptorIndex = 1;
|
2017-11-16 16:45:46 +00:00
|
|
|
// Home object descriptor index when function has a [[HomeObject]] slot.
|
|
|
|
static const int kMaybeHomeObjectDescriptorIndex = 2;
|
2016-06-08 09:44:27 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// [context]: The context for this function.
|
|
|
|
inline Context* context();
|
2017-02-20 09:47:14 +00:00
|
|
|
inline bool has_context() const;
|
2008-07-03 15:10:15 +00:00
|
|
|
inline void set_context(Object* context);
|
2014-07-01 12:12:34 +00:00
|
|
|
inline JSObject* global_proxy();
|
2015-11-20 12:50:03 +00:00
|
|
|
inline Context* native_context();
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2016-04-07 13:36:40 +00:00
|
|
|
static Handle<Object> GetName(Isolate* isolate, Handle<JSFunction> function);
|
2017-10-04 11:38:34 +00:00
|
|
|
static Maybe<int> GetLength(Isolate* isolate, Handle<JSFunction> function);
|
2015-12-07 16:35:03 +00:00
|
|
|
static Handle<Context> GetFunctionRealm(Handle<JSFunction> function);
|
2015-11-27 12:16:32 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// [code]: The generated code object for this function. Executed
|
|
|
|
// when the function is invoked, e.g. foo() or new foo(). See
|
|
|
|
// [[Call]] and [[Construct]] description in ECMA-262, section
|
|
|
|
// 8.6.2, page 27.
|
|
|
|
inline Code* code();
|
2010-12-07 11:31:57 +00:00
|
|
|
inline void set_code(Code* code);
|
2013-03-12 18:03:18 +00:00
|
|
|
inline void set_code_no_write_barrier(Code* code);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2016-02-26 11:04:04 +00:00
|
|
|
// Get the abstract code associated with the function, which will either be
|
|
|
|
// a Code object or a BytecodeArray.
|
|
|
|
inline AbstractCode* abstract_code();
|
|
|
|
|
2016-11-09 17:19:32 +00:00
|
|
|
// Tells whether or not this function is interpreted.
|
|
|
|
//
|
|
|
|
// Note: function->IsInterpreted() does not necessarily return the same value
|
2017-03-27 10:49:51 +00:00
|
|
|
// as function->shared()->IsInterpreted() because the closure might have been
|
|
|
|
// optimized.
|
2016-11-09 17:19:32 +00:00
|
|
|
inline bool IsInterpreted();
|
|
|
|
|
2017-06-15 14:53:38 +00:00
|
|
|
// Tells whether or not this function checks its optimization marker in its
|
|
|
|
// feedback vector.
|
|
|
|
inline bool ChecksOptimizationMarker();
|
|
|
|
|
|
|
|
// Tells whether or not this function holds optimized code.
|
|
|
|
//
|
|
|
|
// Note: Returning false does not necessarily mean that this function hasn't
|
|
|
|
// been optimized, as it may have optimized code on its feedback vector.
|
2010-12-07 11:31:57 +00:00
|
|
|
inline bool IsOptimized();
|
|
|
|
|
2017-06-15 14:53:38 +00:00
|
|
|
// Tells whether or not this function has optimized code available to it,
|
|
|
|
// either because it is optimized or because it has optimized code in its
|
|
|
|
// feedback vector.
|
|
|
|
inline bool HasOptimizedCode();
|
|
|
|
|
|
|
|
// Tells whether or not this function has a (non-zero) optimization marker.
|
|
|
|
inline bool HasOptimizationMarker();
|
|
|
|
|
2016-04-25 10:46:38 +00:00
|
|
|
// Mark this function for lazy recompilation. The function will be recompiled
|
|
|
|
// the next time it is executed.
|
2017-06-15 14:53:38 +00:00
|
|
|
void MarkForOptimization(ConcurrencyMode mode);
|
2013-12-23 14:30:35 +00:00
|
|
|
|
2016-04-25 10:46:38 +00:00
|
|
|
// Tells whether or not the function is already marked for lazy recompilation.
|
2013-12-23 14:30:35 +00:00
|
|
|
inline bool IsMarkedForOptimization();
|
|
|
|
inline bool IsMarkedForConcurrentOptimization();
|
2012-07-19 18:58:23 +00:00
|
|
|
|
2013-08-22 16:14:37 +00:00
|
|
|
// Tells whether or not the function is on the concurrent recompilation queue.
|
2013-12-23 14:30:35 +00:00
|
|
|
inline bool IsInOptimizationQueue();
|
2010-12-07 11:31:57 +00:00
|
|
|
|
2017-05-09 21:45:33 +00:00
|
|
|
// Clears the optimized code slot in the function's feedback vector.
|
|
|
|
inline void ClearOptimizedCodeSlot(const char* reason);
|
|
|
|
|
2017-06-15 14:53:38 +00:00
|
|
|
// Sets the optimization marker in the function's feedback vector.
|
|
|
|
inline void SetOptimizationMarker(OptimizationMarker marker);
|
|
|
|
|
|
|
|
// Clears the optimization marker in the function's feedback vector.
|
|
|
|
inline void ClearOptimizationMarker();
|
|
|
|
|
2015-12-03 10:02:46 +00:00
|
|
|
// Completes inobject slack tracking on initial map if it is active.
|
|
|
|
inline void CompleteInobjectSlackTrackingIfActive();
|
2014-05-23 08:52:05 +00:00
|
|
|
|
2018-02-22 12:04:01 +00:00
|
|
|
// [feedback_cell]: The FeedbackCell used to hold the FeedbackVector
|
|
|
|
// eventually.
|
|
|
|
DECL_ACCESSORS(feedback_cell, FeedbackCell)
|
2017-02-08 11:51:06 +00:00
|
|
|
|
2017-02-06 10:18:05 +00:00
|
|
|
// feedback_vector() can be used once the function is compiled.
|
2017-02-07 14:05:02 +00:00
|
|
|
inline FeedbackVector* feedback_vector() const;
|
2017-02-06 10:18:05 +00:00
|
|
|
inline bool has_feedback_vector() const;
|
2018-02-22 12:04:01 +00:00
|
|
|
static void EnsureFeedbackVector(Handle<JSFunction> function);
|
2016-05-27 08:09:12 +00:00
|
|
|
|
2017-02-15 12:12:46 +00:00
|
|
|
// Unconditionally clear the type feedback vector.
|
2016-05-27 08:09:12 +00:00
|
|
|
void ClearTypeFeedbackInfo();
|
|
|
|
|
2017-10-12 15:37:46 +00:00
|
|
|
inline bool has_prototype_slot() const;
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// The initial map for an object created by this constructor.
|
|
|
|
inline Map* initial_map();
|
2014-08-11 14:00:58 +00:00
|
|
|
static void SetInitialMap(Handle<JSFunction> function, Handle<Map> map,
|
|
|
|
Handle<Object> prototype);
|
2008-07-03 15:10:15 +00:00
|
|
|
inline bool has_initial_map();
|
2013-11-05 12:11:27 +00:00
|
|
|
static void EnsureHasInitialMap(Handle<JSFunction> function);
|
2015-11-27 21:44:27 +00:00
|
|
|
|
|
|
|
// Creates a map that matches the constructor's initial map, but with
|
|
|
|
// [[prototype]] being new.target.prototype. Because new.target can be a
|
|
|
|
// JSProxy, this can call back into JavaScript.
|
2018-04-09 15:12:07 +00:00
|
|
|
static V8_WARN_UNUSED_RESULT MaybeHandle<Map> GetDerivedMap(
|
2015-11-27 21:44:27 +00:00
|
|
|
Isolate* isolate, Handle<JSFunction> constructor,
|
|
|
|
Handle<JSReceiver> new_target);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Get and set the prototype property on a JSFunction. If the
|
|
|
|
// function has an initial map the prototype is set on the initial
|
|
|
|
// map. Otherwise, the prototype is put in the initial map field
|
|
|
|
// until an initial map is needed.
|
|
|
|
inline bool has_prototype();
|
|
|
|
inline bool has_instance_prototype();
|
|
|
|
inline Object* prototype();
|
|
|
|
inline Object* instance_prototype();
|
2013-07-18 07:59:48 +00:00
|
|
|
static void SetPrototype(Handle<JSFunction> function,
|
|
|
|
Handle<Object> value);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Returns if this function has been compiled to native code yet.
|
|
|
|
inline bool is_compiled();
|
|
|
|
|
2018-03-26 11:03:28 +00:00
|
|
|
static int GetHeaderSize(bool function_has_prototype_slot) {
|
|
|
|
return function_has_prototype_slot ? JSFunction::kSizeWithPrototype
|
|
|
|
: JSFunction::kSizeWithoutPrototype;
|
|
|
|
}
|
|
|
|
|
2010-12-07 11:31:57 +00:00
|
|
|
// Prints the name of the function using PrintF.
|
2013-08-30 07:41:24 +00:00
|
|
|
void PrintName(FILE* out = stdout);
|
2010-12-07 11:31:57 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSFunction)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-11-02 08:25:19 +00:00
|
|
|
// Calculate the instance size and in-object properties count.
|
2018-01-31 00:48:38 +00:00
|
|
|
static bool CalculateInstanceSizeForDerivedClass(
|
2017-04-05 11:22:02 +00:00
|
|
|
Handle<JSFunction> function, InstanceType instance_type,
|
|
|
|
int requested_embedder_fields, int* instance_size,
|
|
|
|
int* in_object_properties);
|
2016-03-09 12:41:46 +00:00
|
|
|
static void CalculateInstanceSizeHelper(InstanceType instance_type,
|
2017-10-12 15:37:46 +00:00
|
|
|
bool has_prototype_slot,
|
2017-03-17 13:26:05 +00:00
|
|
|
int requested_embedder_fields,
|
2016-03-09 12:41:46 +00:00
|
|
|
int requested_in_object_properties,
|
|
|
|
int* instance_size,
|
|
|
|
int* in_object_properties);
|
2015-11-10 11:46:13 +00:00
|
|
|
|
2017-09-07 09:16:32 +00:00
|
|
|
class BodyDescriptor;
|
2010-08-20 07:10:18 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSFunction)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSFunction)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-03-13 15:11:47 +00:00
|
|
|
// The function's name if it is configured, otherwise shared function info
|
|
|
|
// debug name.
|
2015-11-19 19:32:31 +00:00
|
|
|
static Handle<String> GetName(Handle<JSFunction> function);
|
|
|
|
|
2016-02-04 22:36:15 +00:00
|
|
|
// ES6 section 9.2.11 SetFunctionName
|
|
|
|
// Because of the way this abstract operation is used in the spec,
|
2017-07-12 00:18:19 +00:00
|
|
|
// it should never fail, but in practice it will fail if the generated
|
|
|
|
// function name's length exceeds String::kMaxLength.
|
2018-04-09 15:12:07 +00:00
|
|
|
static V8_WARN_UNUSED_RESULT bool SetName(Handle<JSFunction> function,
|
|
|
|
Handle<Name> name,
|
|
|
|
Handle<String> prefix);
|
2016-02-04 22:36:15 +00:00
|
|
|
|
2015-11-19 19:32:31 +00:00
|
|
|
// The function's displayName if it is set, otherwise name if it is
|
|
|
|
// configured, otherwise shared function info
|
|
|
|
// debug name.
|
2015-03-13 15:11:47 +00:00
|
|
|
static Handle<String> GetDebugName(Handle<JSFunction> function);
|
|
|
|
|
2015-12-22 06:32:46 +00:00
|
|
|
// The function's string representation implemented according to
|
|
|
|
// ES6 section 19.2.3.5 Function.prototype.toString ( ).
|
|
|
|
static Handle<String> ToString(Handle<JSFunction> function);
|
|
|
|
|
2017-10-12 15:37:46 +00:00
|
|
|
// Layout description.
|
|
|
|
#define JS_FUNCTION_FIELDS(V) \
|
|
|
|
/* Pointer fields. */ \
|
|
|
|
V(kSharedFunctionInfoOffset, kPointerSize) \
|
|
|
|
V(kContextOffset, kPointerSize) \
|
2018-02-22 12:04:01 +00:00
|
|
|
V(kFeedbackCellOffset, kPointerSize) \
|
2017-10-12 15:37:46 +00:00
|
|
|
V(kEndOfStrongFieldsOffset, 0) \
|
|
|
|
V(kCodeOffset, kPointerSize) \
|
|
|
|
/* Size of JSFunction object without prototype field. */ \
|
|
|
|
V(kSizeWithoutPrototype, 0) \
|
|
|
|
V(kPrototypeOrInitialMapOffset, kPointerSize) \
|
|
|
|
/* Size of JSFunction object with prototype field. */ \
|
|
|
|
V(kSizeWithPrototype, 0)
|
|
|
|
|
|
|
|
DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize, JS_FUNCTION_FIELDS)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSFunction);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
// JSGlobalProxy's prototype must be a JSGlobalObject or null,
|
|
|
|
// and the prototype is hidden. JSGlobalProxy always delegates
|
|
|
|
// property accesses to its prototype if the prototype is not null.
|
|
|
|
//
|
|
|
|
// A JSGlobalProxy can be reinitialized which will preserve its identity.
|
|
|
|
//
|
|
|
|
// Accessing a JSGlobalProxy requires security check.
|
|
|
|
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSGlobalProxy : public JSObject {
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
public:
|
2012-08-20 11:35:50 +00:00
|
|
|
// [native_context]: the owner native context of this global proxy object.
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
// It is null value if this object is not used by any context.
|
2012-08-20 11:35:50 +00:00
|
|
|
DECL_ACCESSORS(native_context, Object)
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSGlobalProxy)
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
|
2015-11-02 14:57:59 +00:00
|
|
|
inline bool IsDetachedFrom(JSGlobalObject* global) const;
|
2013-12-11 13:51:48 +00:00
|
|
|
|
2017-03-17 13:26:05 +00:00
|
|
|
static int SizeWithEmbedderFields(int embedder_field_count);
|
2016-11-04 10:02:02 +00:00
|
|
|
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSGlobalProxy)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSGlobalProxy)
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
|
|
|
|
// Layout description.
|
2012-08-20 11:35:50 +00:00
|
|
|
static const int kNativeContextOffset = JSObject::kHeaderSize;
|
2017-10-25 12:16:53 +00:00
|
|
|
static const int kSize = kNativeContextOffset + kPointerSize;
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalProxy);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2015-11-02 14:57:59 +00:00
|
|
|
// JavaScript global object.
|
|
|
|
class JSGlobalObject : public JSObject {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
2012-08-17 09:03:08 +00:00
|
|
|
// [native context]: the natives corresponding to this global object.
|
|
|
|
DECL_ACCESSORS(native_context, Context)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2014-07-01 12:12:34 +00:00
|
|
|
// [global proxy]: the global proxy object of the context
|
|
|
|
DECL_ACCESSORS(global_proxy, JSObject)
|
Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
|
|
|
|
2017-07-11 20:56:40 +00:00
|
|
|
// Gets global object properties.
|
|
|
|
inline GlobalDictionary* global_dictionary();
|
|
|
|
inline void set_global_dictionary(GlobalDictionary* dictionary);
|
2008-10-23 08:42:22 +00:00
|
|
|
|
2015-11-02 14:57:59 +00:00
|
|
|
static void InvalidatePropertyCell(Handle<JSGlobalObject> object,
|
2014-11-07 16:29:13 +00:00
|
|
|
Handle<Name> name);
|
2015-02-11 09:15:19 +00:00
|
|
|
// Ensure that the global object has a cell for the given property name.
|
2016-07-07 12:32:15 +00:00
|
|
|
static Handle<PropertyCell> EnsureEmptyPropertyCell(
|
|
|
|
Handle<JSGlobalObject> global, Handle<Name> name,
|
|
|
|
PropertyCellType cell_type, int* entry_out = nullptr);
|
2014-11-07 16:29:13 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSGlobalObject)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2013-12-11 13:51:48 +00:00
|
|
|
inline bool IsDetached();
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSGlobalObject)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSGlobalObject)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Layout description.
|
2015-11-02 14:57:59 +00:00
|
|
|
static const int kNativeContextOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kGlobalProxyOffset = kNativeContextOffset + kPointerSize;
|
|
|
|
static const int kHeaderSize = kGlobalProxyOffset + kPointerSize;
|
|
|
|
static const int kSize = kHeaderSize;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalObject);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2012-03-09 11:11:55 +00:00
|
|
|
// Representation for JS Wrapper objects, String, Number, Boolean, etc.
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSValue: public JSObject {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
|
|
|
// [value]: the object being wrapped.
|
|
|
|
DECL_ACCESSORS(value, Object)
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSValue)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSValue)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSValue)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
static const int kValueOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kSize = kValueOffset + kPointerSize;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSValue);
|
|
|
|
};
|
|
|
|
|
2011-02-02 13:31:52 +00:00
|
|
|
|
2012-03-09 12:07:29 +00:00
|
|
|
class DateCache;
|
|
|
|
|
2012-03-09 11:11:55 +00:00
|
|
|
// Representation for JS date objects.
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSDate: public JSObject {
|
2012-03-09 11:11:55 +00:00
|
|
|
public:
|
2018-04-09 15:12:07 +00:00
|
|
|
static V8_WARN_UNUSED_RESULT MaybeHandle<JSDate> New(
|
|
|
|
Handle<JSFunction> constructor, Handle<JSReceiver> new_target, double tv);
|
2016-01-05 11:05:41 +00:00
|
|
|
|
2012-03-09 11:11:55 +00:00
|
|
|
// If one component is NaN, all of them are, indicating a NaN time value.
|
|
|
|
// [value]: the time value.
|
|
|
|
DECL_ACCESSORS(value, Object)
|
|
|
|
// [year]: caches year. Either undefined, smi, or NaN.
|
|
|
|
DECL_ACCESSORS(year, Object)
|
|
|
|
// [month]: caches month. Either undefined, smi, or NaN.
|
|
|
|
DECL_ACCESSORS(month, Object)
|
|
|
|
// [day]: caches day. Either undefined, smi, or NaN.
|
|
|
|
DECL_ACCESSORS(day, Object)
|
2012-03-09 12:07:29 +00:00
|
|
|
// [weekday]: caches day of week. Either undefined, smi, or NaN.
|
|
|
|
DECL_ACCESSORS(weekday, Object)
|
2012-03-09 11:11:55 +00:00
|
|
|
// [hour]: caches hours. Either undefined, smi, or NaN.
|
|
|
|
DECL_ACCESSORS(hour, Object)
|
|
|
|
// [min]: caches minutes. Either undefined, smi, or NaN.
|
|
|
|
DECL_ACCESSORS(min, Object)
|
|
|
|
// [sec]: caches seconds. Either undefined, smi, or NaN.
|
|
|
|
DECL_ACCESSORS(sec, Object)
|
2012-03-09 12:07:29 +00:00
|
|
|
// [cache stamp]: sample of the date cache stamp at the
|
2014-05-22 15:27:57 +00:00
|
|
|
// moment when chached fields were cached.
|
2012-03-09 12:07:29 +00:00
|
|
|
DECL_ACCESSORS(cache_stamp, Object)
|
2012-03-09 11:11:55 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSDate)
|
2012-03-09 11:11:55 +00:00
|
|
|
|
2016-01-05 11:05:41 +00:00
|
|
|
// Returns the time value (UTC) identifying the current time.
|
|
|
|
static double CurrentTimeValue(Isolate* isolate);
|
|
|
|
|
2012-03-09 12:07:29 +00:00
|
|
|
// Returns the date field with the specified index.
|
|
|
|
// See FieldIndex for the list of date fields.
|
2012-05-09 14:34:27 +00:00
|
|
|
static Object* GetField(Object* date, Smi* index);
|
2012-03-09 12:07:29 +00:00
|
|
|
|
2016-01-12 10:47:27 +00:00
|
|
|
static Handle<Object> SetValue(Handle<JSDate> date, double v);
|
|
|
|
|
2012-03-09 12:07:29 +00:00
|
|
|
void SetValue(Object* value, bool is_value_nan);
|
|
|
|
|
2012-03-09 11:11:55 +00:00
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSDate)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSDate)
|
2012-10-12 11:41:14 +00:00
|
|
|
|
2012-03-09 12:07:29 +00:00
|
|
|
// The order is important. It must be kept in sync with date macros
|
|
|
|
// in macros.py.
|
|
|
|
enum FieldIndex {
|
|
|
|
kDateValue,
|
|
|
|
kYear,
|
|
|
|
kMonth,
|
|
|
|
kDay,
|
|
|
|
kWeekday,
|
|
|
|
kHour,
|
|
|
|
kMinute,
|
|
|
|
kSecond,
|
|
|
|
kFirstUncachedField,
|
|
|
|
kMillisecond = kFirstUncachedField,
|
|
|
|
kDays,
|
|
|
|
kTimeInDay,
|
|
|
|
kFirstUTCField,
|
|
|
|
kYearUTC = kFirstUTCField,
|
|
|
|
kMonthUTC,
|
|
|
|
kDayUTC,
|
|
|
|
kWeekdayUTC,
|
|
|
|
kHourUTC,
|
|
|
|
kMinuteUTC,
|
|
|
|
kSecondUTC,
|
|
|
|
kMillisecondUTC,
|
|
|
|
kDaysUTC,
|
|
|
|
kTimeInDayUTC,
|
|
|
|
kTimezoneOffset
|
|
|
|
};
|
2012-03-09 11:11:55 +00:00
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
static const int kValueOffset = JSObject::kHeaderSize;
|
2012-03-09 12:07:29 +00:00
|
|
|
static const int kYearOffset = kValueOffset + kPointerSize;
|
2012-03-09 11:11:55 +00:00
|
|
|
static const int kMonthOffset = kYearOffset + kPointerSize;
|
|
|
|
static const int kDayOffset = kMonthOffset + kPointerSize;
|
2012-03-09 12:07:29 +00:00
|
|
|
static const int kWeekdayOffset = kDayOffset + kPointerSize;
|
|
|
|
static const int kHourOffset = kWeekdayOffset + kPointerSize;
|
2012-03-09 11:11:55 +00:00
|
|
|
static const int kMinOffset = kHourOffset + kPointerSize;
|
|
|
|
static const int kSecOffset = kMinOffset + kPointerSize;
|
2012-03-09 12:07:29 +00:00
|
|
|
static const int kCacheStampOffset = kSecOffset + kPointerSize;
|
|
|
|
static const int kSize = kCacheStampOffset + kPointerSize;
|
2012-03-09 11:11:55 +00:00
|
|
|
|
|
|
|
private:
|
2012-03-09 12:07:29 +00:00
|
|
|
inline Object* DoGetField(FieldIndex index);
|
|
|
|
|
|
|
|
Object* GetUTCField(FieldIndex index, double value, DateCache* date_cache);
|
|
|
|
|
|
|
|
// Computes and caches the cacheable fields of the date.
|
2014-05-22 15:27:57 +00:00
|
|
|
inline void SetCachedFields(int64_t local_time_ms, DateCache* date_cache);
|
2012-03-09 12:07:29 +00:00
|
|
|
|
|
|
|
|
2012-03-09 11:11:55 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSDate);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2011-02-02 13:31:52 +00:00
|
|
|
// Representation of message objects used for error reporting through
|
|
|
|
// the API. The messages are formatted in JavaScript so this object is
|
|
|
|
// a real JavaScript object. The information used for formatting the
|
|
|
|
// error messages are not directly accessible from JavaScript to
|
|
|
|
// prevent leaking information to user code called during error
|
|
|
|
// formatting.
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSMessageObject: public JSObject {
|
2011-02-02 13:31:52 +00:00
|
|
|
public:
|
|
|
|
// [type]: the type of error message.
|
2015-05-18 08:34:05 +00:00
|
|
|
inline int type() const;
|
|
|
|
inline void set_type(int value);
|
2011-02-02 13:31:52 +00:00
|
|
|
|
|
|
|
// [arguments]: the arguments for formatting the error message.
|
2015-05-18 08:34:05 +00:00
|
|
|
DECL_ACCESSORS(argument, Object)
|
2011-02-02 13:31:52 +00:00
|
|
|
|
|
|
|
// [script]: the script from which the error message originated.
|
|
|
|
DECL_ACCESSORS(script, Object)
|
|
|
|
|
|
|
|
// [stack_frames]: an array of stack frames for this error object.
|
|
|
|
DECL_ACCESSORS(stack_frames, Object)
|
|
|
|
|
|
|
|
// [start_position]: the start position in the script for the error message.
|
2014-06-20 10:31:17 +00:00
|
|
|
inline int start_position() const;
|
2011-02-02 13:31:52 +00:00
|
|
|
inline void set_start_position(int value);
|
|
|
|
|
|
|
|
// [end_position]: the end position in the script for the error message.
|
2014-06-20 10:31:17 +00:00
|
|
|
inline int end_position() const;
|
2011-02-02 13:31:52 +00:00
|
|
|
inline void set_end_position(int value);
|
|
|
|
|
2017-08-31 10:28:47 +00:00
|
|
|
// Returns the line number for the error message (1-based), or
|
|
|
|
// Message::kNoLineNumberInfo if the line cannot be determined.
|
2016-08-10 09:58:09 +00:00
|
|
|
int GetLineNumber() const;
|
|
|
|
|
|
|
|
// Returns the offset of the given position within the containing line.
|
|
|
|
int GetColumnNumber() const;
|
|
|
|
|
|
|
|
// Returns the source code line containing the given source
|
|
|
|
// position, or the empty string if the position is invalid.
|
|
|
|
Handle<String> GetSourceLine() const;
|
|
|
|
|
2016-12-12 14:47:56 +00:00
|
|
|
inline int error_level() const;
|
|
|
|
inline void set_error_level(int level);
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSMessageObject)
|
2011-02-02 13:31:52 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(JSMessageObject)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(JSMessageObject)
|
2011-02-02 13:31:52 +00:00
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
static const int kTypeOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kArgumentsOffset = kTypeOffset + kPointerSize;
|
|
|
|
static const int kScriptOffset = kArgumentsOffset + kPointerSize;
|
2014-02-11 09:29:51 +00:00
|
|
|
static const int kStackFramesOffset = kScriptOffset + kPointerSize;
|
2011-02-02 13:31:52 +00:00
|
|
|
static const int kStartPositionOffset = kStackFramesOffset + kPointerSize;
|
|
|
|
static const int kEndPositionOffset = kStartPositionOffset + kPointerSize;
|
2016-12-12 14:47:56 +00:00
|
|
|
static const int kErrorLevelOffset = kEndPositionOffset + kPointerSize;
|
|
|
|
static const int kSize = kErrorLevelOffset + kPointerSize;
|
2011-02-02 13:31:52 +00:00
|
|
|
|
|
|
|
typedef FixedBodyDescriptor<HeapObject::kMapOffset,
|
|
|
|
kStackFramesOffset + kPointerSize,
|
|
|
|
kSize> BodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
2011-02-02 13:31:52 +00:00
|
|
|
};
|
|
|
|
|
2018-06-29 17:14:37 +00:00
|
|
|
class AllocationSite : public Struct, public NeverReadOnlySpaceObject {
|
2013-01-08 09:03:16 +00:00
|
|
|
public:
|
2013-07-08 10:02:16 +00:00
|
|
|
static const uint32_t kMaximumArrayBytesToPretransition = 8 * 1024;
|
2013-11-27 14:03:40 +00:00
|
|
|
static const double kPretenureRatio;
|
|
|
|
static const int kPretenureMinimumCreated = 100;
|
|
|
|
|
|
|
|
// Values for pretenure decision field.
|
2014-01-13 10:28:01 +00:00
|
|
|
enum PretenureDecision {
|
2013-11-27 14:03:40 +00:00
|
|
|
kUndecided = 0,
|
|
|
|
kDontTenure = 1,
|
2014-06-03 07:55:38 +00:00
|
|
|
kMaybeTenure = 2,
|
|
|
|
kTenure = 3,
|
|
|
|
kZombie = 4,
|
2014-01-13 10:28:01 +00:00
|
|
|
kLastPretenureDecisionValue = kZombie
|
2013-11-27 14:03:40 +00:00
|
|
|
};
|
2013-07-08 10:02:16 +00:00
|
|
|
|
2018-06-29 17:14:37 +00:00
|
|
|
// Use the mixin methods over the HeapObject methods.
|
|
|
|
// TODO(v8:7786) Remove once the HeapObject methods are gone.
|
|
|
|
using NeverReadOnlySpaceObject::GetHeap;
|
|
|
|
using NeverReadOnlySpaceObject::GetIsolate;
|
|
|
|
|
2014-06-03 07:55:38 +00:00
|
|
|
const char* PretenureDecisionName(PretenureDecision decision);
|
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
// Contains either a Smi-encoded bitfield or a boilerplate. If it's a Smi the
|
|
|
|
// AllocationSite is for a constructed Array.
|
|
|
|
DECL_ACCESSORS(transition_info_or_boilerplate, Object)
|
|
|
|
DECL_ACCESSORS(boilerplate, JSObject)
|
|
|
|
DECL_INT_ACCESSORS(transition_info)
|
|
|
|
|
2013-09-24 10:30:41 +00:00
|
|
|
// nested_site threads a list of sites that represent nested literals
|
|
|
|
// walked in a particular order. So [[1, 2], 1, 2] will have one
|
|
|
|
// nested_site, but [[1, 2], 3, [4]] will have a list of two.
|
|
|
|
DECL_ACCESSORS(nested_site, Object)
|
2017-07-10 09:48:02 +00:00
|
|
|
|
|
|
|
// Bitfield containing pretenuring information.
|
2018-06-26 11:39:26 +00:00
|
|
|
DECL_INT32_ACCESSORS(pretenure_data)
|
2017-07-10 09:48:02 +00:00
|
|
|
|
2018-06-26 11:39:26 +00:00
|
|
|
DECL_INT32_ACCESSORS(pretenure_create_count)
|
2013-09-19 14:13:34 +00:00
|
|
|
DECL_ACCESSORS(dependent_code, DependentCode)
|
2017-07-10 09:48:02 +00:00
|
|
|
|
|
|
|
// heap->allocation_site_list() points to the last AllocationSite which form
|
|
|
|
// a linked list through the weak_next property. The GC might remove elements
|
|
|
|
// from the list by updateing weak_next.
|
2013-07-17 11:50:24 +00:00
|
|
|
DECL_ACCESSORS(weak_next, Object)
|
2013-01-08 09:03:16 +00:00
|
|
|
|
2013-09-19 14:13:34 +00:00
|
|
|
inline void Initialize();
|
2013-01-08 09:03:16 +00:00
|
|
|
|
2018-06-19 17:06:31 +00:00
|
|
|
// Checks if the allocation site contain weak_next field;
|
|
|
|
inline bool HasWeakNext() const;
|
|
|
|
|
2013-10-16 08:10:36 +00:00
|
|
|
// This method is expensive, it should only be called for reporting.
|
2017-07-10 09:48:02 +00:00
|
|
|
bool IsNested();
|
2013-10-16 08:10:36 +00:00
|
|
|
|
2014-01-13 10:28:01 +00:00
|
|
|
// transition_info bitfields, for constructed array transition info.
|
2013-11-14 12:05:09 +00:00
|
|
|
class ElementsKindBits: public BitField<ElementsKind, 0, 15> {};
|
|
|
|
class UnusedBits: public BitField<int, 15, 14> {};
|
|
|
|
class DoNotInlineBit: public BitField<bool, 29, 1> {};
|
|
|
|
|
2014-01-13 10:28:01 +00:00
|
|
|
// Bitfields for pretenure_data
|
2014-06-03 07:55:38 +00:00
|
|
|
class MementoFoundCountBits: public BitField<int, 0, 26> {};
|
|
|
|
class PretenureDecisionBits: public BitField<PretenureDecision, 26, 3> {};
|
2014-02-17 12:15:16 +00:00
|
|
|
class DeoptDependentCodeBit: public BitField<bool, 29, 1> {};
|
2014-01-13 10:28:01 +00:00
|
|
|
STATIC_ASSERT(PretenureDecisionBits::kMax >= kLastPretenureDecisionValue);
|
|
|
|
|
2013-12-18 21:23:56 +00:00
|
|
|
// Increments the mementos found counter and returns true when the first
|
|
|
|
// memento was found for a given allocation site.
|
2016-01-12 11:45:46 +00:00
|
|
|
inline bool IncrementMementoFoundCount(int increment = 1);
|
2013-11-27 14:03:40 +00:00
|
|
|
|
|
|
|
inline void IncrementMementoCreateCount();
|
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
PretenureFlag GetPretenureMode() const;
|
2014-01-10 12:11:54 +00:00
|
|
|
|
|
|
|
void ResetPretenureDecision();
|
2013-11-27 14:03:40 +00:00
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline PretenureDecision pretenure_decision() const;
|
2015-08-13 11:49:01 +00:00
|
|
|
inline void set_pretenure_decision(PretenureDecision decision);
|
2014-02-17 12:15:16 +00:00
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline bool deopt_dependent_code() const;
|
2015-08-13 11:49:01 +00:00
|
|
|
inline void set_deopt_dependent_code(bool deopt);
|
2014-01-13 10:28:01 +00:00
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline int memento_found_count() const;
|
2014-01-13 10:28:01 +00:00
|
|
|
inline void set_memento_found_count(int count);
|
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline int memento_create_count() const;
|
2015-08-13 11:49:01 +00:00
|
|
|
inline void set_memento_create_count(int count);
|
2014-01-13 10:28:01 +00:00
|
|
|
|
2013-11-27 14:03:40 +00:00
|
|
|
// The pretenuring decision is made during gc, and the zombie state allows
|
|
|
|
// us to recognize when an allocation site is just being kept alive because
|
|
|
|
// a later traversal of new space may discover AllocationMementos that point
|
|
|
|
// to this AllocationSite.
|
2017-07-10 09:48:02 +00:00
|
|
|
inline bool IsZombie() const;
|
2013-11-27 14:03:40 +00:00
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline bool IsMaybeTenure() const;
|
2014-06-03 11:59:47 +00:00
|
|
|
|
2013-11-27 14:03:40 +00:00
|
|
|
inline void MarkZombie();
|
|
|
|
|
2014-06-03 07:55:38 +00:00
|
|
|
inline bool MakePretenureDecision(PretenureDecision current_decision,
|
|
|
|
double ratio,
|
|
|
|
bool maximum_size_scavenge);
|
|
|
|
|
|
|
|
inline bool DigestPretenuringFeedback(bool maximum_size_scavenge);
|
2013-11-27 14:03:40 +00:00
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline ElementsKind GetElementsKind() const;
|
2015-08-13 11:49:01 +00:00
|
|
|
inline void SetElementsKind(ElementsKind kind);
|
2013-01-08 09:03:16 +00:00
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline bool CanInlineCall() const;
|
2015-08-13 11:49:01 +00:00
|
|
|
inline void SetDoNotInlineCall();
|
2013-11-14 12:05:09 +00:00
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline bool PointsToLiteral() const;
|
2013-07-08 10:02:16 +00:00
|
|
|
|
2016-08-25 11:39:27 +00:00
|
|
|
template <AllocationSiteUpdateMode update_or_check =
|
|
|
|
AllocationSiteUpdateMode::kUpdate>
|
|
|
|
static bool DigestTransitionFeedback(Handle<AllocationSite> site,
|
2014-03-25 15:33:22 +00:00
|
|
|
ElementsKind to_kind);
|
2013-11-14 12:05:09 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(AllocationSite)
|
|
|
|
DECL_VERIFIER(AllocationSite)
|
2013-07-08 10:02:16 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(AllocationSite)
|
2017-06-20 09:57:21 +00:00
|
|
|
static inline bool ShouldTrack(ElementsKind boilerplate_elements_kind);
|
|
|
|
static bool ShouldTrack(ElementsKind from, ElementsKind to);
|
2013-08-28 08:39:43 +00:00
|
|
|
static inline bool CanTrack(InstanceType type);
|
2013-01-17 08:41:27 +00:00
|
|
|
|
2018-06-12 14:15:04 +00:00
|
|
|
// Layout description.
|
2018-06-26 11:39:26 +00:00
|
|
|
// AllocationSite has to start with TransitionInfoOrboilerPlateOffset
|
|
|
|
// and end with WeakNext field.
|
2018-06-12 14:15:04 +00:00
|
|
|
#define ALLOCATION_SITE_FIELDS(V) \
|
|
|
|
V(kTransitionInfoOrBoilerplateOffset, kPointerSize) \
|
|
|
|
V(kNestedSiteOffset, kPointerSize) \
|
|
|
|
V(kDependentCodeOffset, kPointerSize) \
|
2018-06-26 11:39:26 +00:00
|
|
|
V(kCommonPointerFieldEndOffset, 0) \
|
|
|
|
V(kPretenureDataOffset, kInt32Size) \
|
|
|
|
V(kPretenureCreateCountOffset, kInt32Size) \
|
2018-06-12 14:15:04 +00:00
|
|
|
/* Size of AllocationSite without WeakNext field */ \
|
|
|
|
V(kSizeWithoutWeakNext, 0) \
|
|
|
|
V(kWeakNextOffset, kPointerSize) \
|
|
|
|
/* Size of AllocationSite with WeakNext field */ \
|
|
|
|
V(kSizeWithWeakNext, 0)
|
|
|
|
|
|
|
|
DEFINE_FIELD_OFFSET_CONSTANTS(HeapObject::kHeaderSize, ALLOCATION_SITE_FIELDS)
|
|
|
|
|
2018-06-19 17:06:31 +00:00
|
|
|
static const int kStartOffset = HeapObject::kHeaderSize;
|
2013-07-17 11:50:24 +00:00
|
|
|
|
2018-06-19 17:06:31 +00:00
|
|
|
template <bool includeWeakNext>
|
|
|
|
class BodyDescriptorImpl;
|
2013-11-19 10:17:33 +00:00
|
|
|
|
2018-06-26 11:39:26 +00:00
|
|
|
// BodyDescriptor is used to traverse all the pointer fields including
|
|
|
|
// weak_next
|
2018-06-19 17:06:31 +00:00
|
|
|
typedef BodyDescriptorImpl<true> BodyDescriptor;
|
2013-07-17 11:50:24 +00:00
|
|
|
|
2018-06-26 11:39:26 +00:00
|
|
|
// BodyDescriptorWeak is used to traverse all the pointer fields
|
2018-06-19 17:06:31 +00:00
|
|
|
// except for weak_next
|
|
|
|
typedef BodyDescriptorImpl<false> BodyDescriptorWeak;
|
2017-06-14 09:46:34 +00:00
|
|
|
|
2013-07-08 10:02:16 +00:00
|
|
|
private:
|
2017-07-10 09:48:02 +00:00
|
|
|
inline bool PretenuringDecisionMade() const;
|
2013-11-27 14:03:40 +00:00
|
|
|
|
2013-07-08 10:02:16 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(AllocationSite);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2013-08-20 10:52:23 +00:00
|
|
|
class AllocationMemento: public Struct {
|
2013-07-08 10:02:16 +00:00
|
|
|
public:
|
|
|
|
static const int kAllocationSiteOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kSize = kAllocationSiteOffset + kPointerSize;
|
|
|
|
|
|
|
|
DECL_ACCESSORS(allocation_site, Object)
|
|
|
|
|
2017-07-10 09:48:02 +00:00
|
|
|
inline bool IsValid() const;
|
|
|
|
inline AllocationSite* GetAllocationSite() const;
|
|
|
|
inline Address GetAllocationSiteUnchecked() const;
|
2013-07-08 10:02:16 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(AllocationMemento)
|
|
|
|
DECL_VERIFIER(AllocationMemento)
|
2013-07-08 10:02:16 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(AllocationMemento)
|
2013-01-08 09:03:16 +00:00
|
|
|
|
|
|
|
private:
|
2013-07-19 13:30:49 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(AllocationMemento);
|
2013-01-08 09:03:16 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
2009-09-30 12:25:46 +00:00
|
|
|
// Utility superclass for stack-allocated objects that must be updated
|
|
|
|
// on gc. It provides two ways for the gc to update instances, either
|
|
|
|
// iterating or updating after gc.
|
|
|
|
class Relocatable BASE_EMBEDDED {
|
2009-10-01 06:27:29 +00:00
|
|
|
public:
|
2011-03-18 20:35:07 +00:00
|
|
|
explicit inline Relocatable(Isolate* isolate);
|
|
|
|
inline virtual ~Relocatable();
|
2017-04-25 13:32:18 +00:00
|
|
|
virtual void IterateInstance(RootVisitor* v) {}
|
2009-09-30 12:25:46 +00:00
|
|
|
virtual void PostGarbageCollection() { }
|
|
|
|
|
2013-09-04 10:34:42 +00:00
|
|
|
static void PostGarbageCollectionProcessing(Isolate* isolate);
|
2013-09-04 11:09:55 +00:00
|
|
|
static int ArchiveSpacePerThread();
|
2011-05-05 18:55:31 +00:00
|
|
|
static char* ArchiveState(Isolate* isolate, char* to);
|
|
|
|
static char* RestoreState(Isolate* isolate, char* from);
|
2017-04-25 13:32:18 +00:00
|
|
|
static void Iterate(Isolate* isolate, RootVisitor* v);
|
|
|
|
static void Iterate(RootVisitor* v, Relocatable* top);
|
|
|
|
static char* Iterate(RootVisitor* v, char* t);
|
2013-09-04 10:34:42 +00:00
|
|
|
|
2009-10-01 06:27:29 +00:00
|
|
|
private:
|
2011-03-18 20:35:07 +00:00
|
|
|
Isolate* isolate_;
|
2009-09-30 12:25:46 +00:00
|
|
|
Relocatable* prev_;
|
|
|
|
};
|
|
|
|
|
2008-10-09 08:08:04 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// The Oddball describes objects null, undefined, true, and false.
|
2013-08-20 10:52:23 +00:00
|
|
|
class Oddball: public HeapObject {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
2016-04-25 09:16:57 +00:00
|
|
|
// [to_number_raw]: Cached raw to_number computed at startup.
|
|
|
|
inline double to_number_raw() const;
|
|
|
|
inline void set_to_number_raw(double value);
|
2017-04-12 10:10:48 +00:00
|
|
|
inline void set_to_number_raw_as_bits(uint64_t bits);
|
2016-04-25 09:16:57 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
// [to_string]: Cached to_string computed at startup.
|
|
|
|
DECL_ACCESSORS(to_string, String)
|
|
|
|
|
|
|
|
// [to_number]: Cached to_number computed at startup.
|
|
|
|
DECL_ACCESSORS(to_number, Object)
|
|
|
|
|
2015-08-11 10:47:24 +00:00
|
|
|
// [typeof]: Cached type_of computed at startup.
|
|
|
|
DECL_ACCESSORS(type_of, String)
|
|
|
|
|
2014-06-24 09:47:25 +00:00
|
|
|
inline byte kind() const;
|
2011-03-18 20:35:07 +00:00
|
|
|
inline void set_kind(byte kind);
|
|
|
|
|
2015-09-15 13:14:36 +00:00
|
|
|
// ES6 section 7.1.3 ToNumber for Boolean, Null, Undefined.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static inline Handle<Object> ToNumber(
|
|
|
|
Handle<Oddball> input);
|
2015-09-15 13:14:36 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(Oddball)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(Oddball)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Initialize the fields.
|
2015-08-11 10:47:24 +00:00
|
|
|
static void Initialize(Isolate* isolate, Handle<Oddball> oddball,
|
|
|
|
const char* to_string, Handle<Object> to_number,
|
2016-07-19 06:13:34 +00:00
|
|
|
const char* type_of, byte kind);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Layout description.
|
2016-04-25 09:16:57 +00:00
|
|
|
static const int kToNumberRawOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kToStringOffset = kToNumberRawOffset + kDoubleSize;
|
2008-07-03 15:10:15 +00:00
|
|
|
static const int kToNumberOffset = kToStringOffset + kPointerSize;
|
2016-07-19 06:13:34 +00:00
|
|
|
static const int kTypeOfOffset = kToNumberOffset + kPointerSize;
|
2015-08-11 10:47:24 +00:00
|
|
|
static const int kKindOffset = kTypeOfOffset + kPointerSize;
|
2011-03-18 20:35:07 +00:00
|
|
|
static const int kSize = kKindOffset + kPointerSize;
|
|
|
|
|
|
|
|
static const byte kFalse = 0;
|
|
|
|
static const byte kTrue = 1;
|
2017-03-17 15:18:18 +00:00
|
|
|
static const byte kNotBooleanMask = static_cast<byte>(~1);
|
2011-03-18 20:35:07 +00:00
|
|
|
static const byte kTheHole = 2;
|
|
|
|
static const byte kNull = 3;
|
2016-02-16 12:57:29 +00:00
|
|
|
static const byte kArgumentsMarker = 4;
|
2011-03-18 20:35:07 +00:00
|
|
|
static const byte kUndefined = 5;
|
2013-06-06 14:21:35 +00:00
|
|
|
static const byte kUninitialized = 6;
|
|
|
|
static const byte kOther = 7;
|
2014-04-22 07:33:20 +00:00
|
|
|
static const byte kException = 8;
|
2016-03-16 14:30:15 +00:00
|
|
|
static const byte kOptimizedOut = 9;
|
2016-04-28 14:54:39 +00:00
|
|
|
static const byte kStaleRegister = 10;
|
2018-05-02 11:54:25 +00:00
|
|
|
static const byte kSelfReferenceMarker = 10;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2015-08-11 10:47:24 +00:00
|
|
|
typedef FixedBodyDescriptor<kToStringOffset, kTypeOfOffset + kPointerSize,
|
2010-08-11 14:30:14 +00:00
|
|
|
kSize> BodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
2010-08-11 14:30:14 +00:00
|
|
|
|
2016-04-25 09:16:57 +00:00
|
|
|
STATIC_ASSERT(kToNumberRawOffset == HeapNumber::kValueOffset);
|
2014-05-27 13:43:29 +00:00
|
|
|
STATIC_ASSERT(kKindOffset == Internals::kOddballKindOffset);
|
|
|
|
STATIC_ASSERT(kNull == Internals::kNullOddballKind);
|
|
|
|
STATIC_ASSERT(kUndefined == Internals::kUndefinedOddballKind);
|
2012-04-18 15:51:34 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(Oddball);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2013-08-20 10:52:23 +00:00
|
|
|
class Cell: public HeapObject {
|
2009-06-30 10:05:36 +00:00
|
|
|
public:
|
2015-03-18 11:43:51 +00:00
|
|
|
// [value]: value of the cell.
|
2009-06-30 10:05:36 +00:00
|
|
|
DECL_ACCESSORS(value, Object)
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(Cell)
|
2009-06-30 10:05:36 +00:00
|
|
|
|
2013-06-12 15:03:44 +00:00
|
|
|
static inline Cell* FromValueAddress(Address value) {
|
|
|
|
Object* result = FromAddress(value - kValueOffset);
|
|
|
|
return static_cast<Cell*>(result);
|
2012-07-31 09:25:23 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
inline Address ValueAddress() {
|
|
|
|
return address() + kValueOffset;
|
|
|
|
}
|
|
|
|
|
2012-12-13 10:17:37 +00:00
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(Cell)
|
|
|
|
DECL_VERIFIER(Cell)
|
2012-10-12 11:41:14 +00:00
|
|
|
|
2009-06-30 10:05:36 +00:00
|
|
|
// Layout description.
|
|
|
|
static const int kValueOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kSize = kValueOffset + kPointerSize;
|
|
|
|
|
2010-08-11 14:30:14 +00:00
|
|
|
typedef FixedBodyDescriptor<kValueOffset,
|
|
|
|
kValueOffset + kPointerSize,
|
|
|
|
kSize> BodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
2010-08-11 14:30:14 +00:00
|
|
|
|
2009-06-30 10:05:36 +00:00
|
|
|
private:
|
2013-06-12 15:03:44 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(Cell);
|
|
|
|
};
|
|
|
|
|
2018-02-22 12:04:01 +00:00
|
|
|
// This is a special cell used to maintain both the link between a
|
|
|
|
// closure and it's feedback vector, as well as a way to count the
|
|
|
|
// number of closures created for a certain function per native
|
|
|
|
// context. There's at most one FeedbackCell for each function in
|
|
|
|
// a native context.
|
|
|
|
class FeedbackCell : public Struct {
|
|
|
|
public:
|
|
|
|
// [value]: value of the cell.
|
|
|
|
DECL_ACCESSORS(value, HeapObject)
|
|
|
|
|
|
|
|
DECL_CAST(FeedbackCell)
|
|
|
|
|
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(FeedbackCell)
|
2018-02-22 12:04:01 +00:00
|
|
|
DECL_VERIFIER(FeedbackCell)
|
|
|
|
|
|
|
|
static const int kValueOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kSize = kValueOffset + kPointerSize;
|
|
|
|
|
|
|
|
typedef FixedBodyDescriptor<kValueOffset, kValueOffset + kPointerSize, kSize>
|
|
|
|
BodyDescriptor;
|
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(FeedbackCell);
|
|
|
|
};
|
2013-06-12 15:03:44 +00:00
|
|
|
|
2015-03-18 12:54:02 +00:00
|
|
|
class PropertyCell : public HeapObject {
|
2013-06-12 15:03:44 +00:00
|
|
|
public:
|
2017-06-27 11:57:13 +00:00
|
|
|
// [name]: the name of the global property.
|
|
|
|
DECL_ACCESSORS(name, Name)
|
2015-06-02 10:29:12 +00:00
|
|
|
// [property_details]: details of the global property.
|
|
|
|
DECL_ACCESSORS(property_details_raw, Object)
|
2015-03-18 11:43:51 +00:00
|
|
|
// [value]: value of the global property.
|
|
|
|
DECL_ACCESSORS(value, Object)
|
2013-06-26 16:17:12 +00:00
|
|
|
// [dependent_code]: dependent code that depends on the type of the global
|
|
|
|
// property.
|
|
|
|
DECL_ACCESSORS(dependent_code, DependentCode)
|
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline PropertyDetails property_details();
|
|
|
|
inline void set_property_details(PropertyDetails details);
|
2015-06-02 10:29:12 +00:00
|
|
|
|
2015-04-27 14:01:15 +00:00
|
|
|
PropertyCellConstantType GetConstantType();
|
|
|
|
|
2013-10-21 13:55:24 +00:00
|
|
|
// Computes the new type of the cell's contents for the given value, but
|
2015-03-17 13:27:25 +00:00
|
|
|
// without actually modifying the details.
|
2018-06-23 09:07:20 +00:00
|
|
|
static PropertyCellType UpdatedType(Isolate* isolate,
|
|
|
|
Handle<PropertyCell> cell,
|
2015-03-17 13:27:25 +00:00
|
|
|
Handle<Object> value,
|
|
|
|
PropertyDetails details);
|
2016-07-07 12:32:15 +00:00
|
|
|
// Prepares property cell at given entry for receiving given value.
|
|
|
|
// As a result the old cell could be invalidated and/or dependent code could
|
|
|
|
// be deoptimized. Returns the prepared property cell.
|
|
|
|
static Handle<PropertyCell> PrepareForValue(
|
2018-06-23 09:07:20 +00:00
|
|
|
Isolate* isolate, Handle<GlobalDictionary> dictionary, int entry,
|
|
|
|
Handle<Object> value, PropertyDetails details);
|
2015-03-17 13:27:25 +00:00
|
|
|
|
2015-06-01 16:24:59 +00:00
|
|
|
static Handle<PropertyCell> InvalidateEntry(
|
2018-06-23 09:07:20 +00:00
|
|
|
Isolate* isolate, Handle<GlobalDictionary> dictionary, int entry);
|
2013-10-21 13:55:24 +00:00
|
|
|
|
2018-06-23 09:07:20 +00:00
|
|
|
static void SetValueWithInvalidation(Isolate* isolate,
|
|
|
|
Handle<PropertyCell> cell,
|
2015-04-22 10:35:23 +00:00
|
|
|
Handle<Object> new_value);
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(PropertyCell)
|
2013-06-12 15:03:44 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2018-06-26 11:43:50 +00:00
|
|
|
DECL_PRINTER_WITH_ISOLATE(PropertyCell)
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_VERIFIER(PropertyCell)
|
2013-06-12 15:03:44 +00:00
|
|
|
|
|
|
|
// Layout description.
|
2015-06-02 10:29:12 +00:00
|
|
|
static const int kDetailsOffset = HeapObject::kHeaderSize;
|
2017-06-27 11:57:13 +00:00
|
|
|
static const int kNameOffset = kDetailsOffset + kPointerSize;
|
|
|
|
static const int kValueOffset = kNameOffset + kPointerSize;
|
2015-03-17 13:27:25 +00:00
|
|
|
static const int kDependentCodeOffset = kValueOffset + kPointerSize;
|
2013-06-26 16:17:12 +00:00
|
|
|
static const int kSize = kDependentCodeOffset + kPointerSize;
|
|
|
|
|
2017-06-27 11:57:13 +00:00
|
|
|
typedef FixedBodyDescriptor<kNameOffset, kSize, kSize> BodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
2013-06-26 16:17:12 +00:00
|
|
|
|
2013-06-12 15:03:44 +00:00
|
|
|
private:
|
2013-06-14 16:06:12 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(PropertyCell);
|
2009-06-30 10:05:36 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
2014-10-14 14:43:45 +00:00
|
|
|
class WeakCell : public HeapObject {
|
|
|
|
public:
|
2014-10-21 09:42:16 +00:00
|
|
|
inline Object* value() const;
|
2014-10-14 14:43:45 +00:00
|
|
|
|
|
|
|
// This should not be called by anyone except GC.
|
2014-10-21 09:42:16 +00:00
|
|
|
inline void clear();
|
2014-10-14 14:43:45 +00:00
|
|
|
|
|
|
|
// This should not be called by anyone except allocator.
|
|
|
|
inline void initialize(HeapObject* value);
|
|
|
|
|
2014-10-21 09:42:16 +00:00
|
|
|
inline bool cleared() const;
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(WeakCell)
|
2014-10-14 14:43:45 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(WeakCell)
|
|
|
|
DECL_VERIFIER(WeakCell)
|
2014-10-14 14:43:45 +00:00
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
static const int kValueOffset = HeapObject::kHeaderSize;
|
2017-07-27 10:35:18 +00:00
|
|
|
static const int kSize = kValueOffset + kPointerSize;
|
2014-10-14 14:43:45 +00:00
|
|
|
|
|
|
|
typedef FixedBodyDescriptor<kValueOffset, kSize, kSize> BodyDescriptor;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(WeakCell);
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2011-05-13 10:58:25 +00:00
|
|
|
// The JSProxy describes EcmaScript Harmony proxies
|
2013-08-20 10:52:23 +00:00
|
|
|
class JSProxy: public JSReceiver {
|
2011-05-13 10:58:25 +00:00
|
|
|
public:
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<JSProxy> New(Isolate* isolate,
|
|
|
|
Handle<Object>,
|
|
|
|
Handle<Object>);
|
2015-12-22 16:36:47 +00:00
|
|
|
|
2011-05-13 10:58:25 +00:00
|
|
|
// [handler]: The handler property.
|
|
|
|
DECL_ACCESSORS(handler, Object)
|
2015-11-13 14:13:50 +00:00
|
|
|
// [target]: The target property.
|
2018-01-10 10:16:23 +00:00
|
|
|
DECL_ACCESSORS(target, Object)
|
2011-09-22 13:54:53 +00:00
|
|
|
|
2015-11-27 12:16:32 +00:00
|
|
|
static MaybeHandle<Context> GetFunctionRealm(Handle<JSProxy> proxy);
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSProxy)
|
2011-05-13 10:58:25 +00:00
|
|
|
|
2018-06-22 11:19:13 +00:00
|
|
|
V8_INLINE bool IsRevoked() const;
|
2015-12-04 10:55:21 +00:00
|
|
|
static void Revoke(Handle<JSProxy> proxy);
|
2015-11-24 14:15:58 +00:00
|
|
|
|
2015-11-16 11:59:33 +00:00
|
|
|
// ES6 9.5.1
|
2015-11-13 14:13:50 +00:00
|
|
|
static MaybeHandle<Object> GetPrototype(Handle<JSProxy> receiver);
|
|
|
|
|
2015-12-01 15:59:34 +00:00
|
|
|
// ES6 9.5.2
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
|
|
|
|
Handle<JSProxy> proxy, Handle<Object> value, bool from_javascript,
|
|
|
|
ShouldThrow should_throw);
|
2015-11-24 14:15:58 +00:00
|
|
|
// ES6 9.5.3
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> IsExtensible(Handle<JSProxy> proxy);
|
2015-11-24 14:15:58 +00:00
|
|
|
|
2017-06-06 15:55:33 +00:00
|
|
|
// ES6, #sec-isarray. NOT to be confused with %_IsArray.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> IsArray(Handle<JSProxy> proxy);
|
2017-06-06 15:55:33 +00:00
|
|
|
|
2017-10-25 18:07:04 +00:00
|
|
|
// ES6 9.5.4 (when passed kDontThrow)
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
|
2015-11-24 14:15:58 +00:00
|
|
|
Handle<JSProxy> proxy, ShouldThrow should_throw);
|
|
|
|
|
2015-11-16 11:59:33 +00:00
|
|
|
// ES6 9.5.5
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
|
2015-12-09 18:06:49 +00:00
|
|
|
Isolate* isolate, Handle<JSProxy> proxy, Handle<Name> name,
|
|
|
|
PropertyDescriptor* desc);
|
2015-11-16 11:59:33 +00:00
|
|
|
|
2015-11-19 09:21:07 +00:00
|
|
|
// ES6 9.5.6
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnProperty(
|
2015-12-09 18:06:49 +00:00
|
|
|
Isolate* isolate, Handle<JSProxy> object, Handle<Object> key,
|
|
|
|
PropertyDescriptor* desc, ShouldThrow should_throw);
|
2015-11-19 09:21:07 +00:00
|
|
|
|
2015-11-30 09:20:24 +00:00
|
|
|
// ES6 9.5.7
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> HasProperty(Isolate* isolate,
|
|
|
|
Handle<JSProxy> proxy,
|
|
|
|
Handle<Name> name);
|
2015-11-30 09:20:24 +00:00
|
|
|
|
2017-08-16 12:33:07 +00:00
|
|
|
// This function never returns false.
|
|
|
|
// It returns either true or throws.
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> CheckHasTrap(
|
|
|
|
Isolate* isolate, Handle<Name> name, Handle<JSReceiver> target);
|
2017-08-16 12:33:07 +00:00
|
|
|
|
2015-12-01 14:04:16 +00:00
|
|
|
// ES6 9.5.8
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetProperty(
|
2015-12-01 14:04:16 +00:00
|
|
|
Isolate* isolate, Handle<JSProxy> proxy, Handle<Name> name,
|
2016-04-28 08:24:34 +00:00
|
|
|
Handle<Object> receiver, bool* was_found);
|
2015-12-01 14:04:16 +00:00
|
|
|
|
2017-09-01 13:05:17 +00:00
|
|
|
enum AccessKind { kGet, kSet };
|
|
|
|
|
|
|
|
static MaybeHandle<Object> CheckGetSetTrapResult(Isolate* isolate,
|
|
|
|
Handle<Name> name,
|
|
|
|
Handle<JSReceiver> target,
|
|
|
|
Handle<Object> trap_result,
|
|
|
|
AccessKind access_kind);
|
2017-08-10 07:09:05 +00:00
|
|
|
|
2015-12-01 14:04:16 +00:00
|
|
|
// ES6 9.5.9
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> SetProperty(
|
|
|
|
Handle<JSProxy> proxy, Handle<Name> name, Handle<Object> value,
|
|
|
|
Handle<Object> receiver, LanguageMode language_mode);
|
2015-12-01 14:04:16 +00:00
|
|
|
|
2017-10-16 10:55:06 +00:00
|
|
|
// ES6 9.5.10 (when passed LanguageMode::kSloppy)
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyOrElement(
|
2015-11-26 09:34:11 +00:00
|
|
|
Handle<JSProxy> proxy, Handle<Name> name, LanguageMode language_mode);
|
|
|
|
|
2015-11-28 15:02:59 +00:00
|
|
|
// ES6 9.5.12
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<bool> OwnPropertyKeys(
|
2015-12-09 18:06:49 +00:00
|
|
|
Isolate* isolate, Handle<JSReceiver> receiver, Handle<JSProxy> proxy,
|
|
|
|
PropertyFilter filter, KeyAccumulator* accumulator);
|
2015-11-28 15:02:59 +00:00
|
|
|
|
2018-04-09 15:12:07 +00:00
|
|
|
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes> GetPropertyAttributes(
|
2015-11-19 09:21:07 +00:00
|
|
|
LookupIterator* it);
|
|
|
|
|
2011-05-13 10:58:25 +00:00
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(JSProxy)
|
|
|
|
DECL_VERIFIER(JSProxy)
|
2011-05-13 10:58:25 +00:00
|
|
|
|
2017-06-06 15:55:33 +00:00
|
|
|
static const int kMaxIterationLimit = 100 * 1024;
|
|
|
|
|
2016-01-12 15:43:41 +00:00
|
|
|
// Layout description.
|
|
|
|
static const int kTargetOffset = JSReceiver::kHeaderSize;
|
2015-11-12 22:11:53 +00:00
|
|
|
static const int kHandlerOffset = kTargetOffset + kPointerSize;
|
2017-10-25 12:16:53 +00:00
|
|
|
static const int kSize = kHandlerOffset + kPointerSize;
|
2011-05-13 10:58:25 +00:00
|
|
|
|
2017-08-03 14:27:11 +00:00
|
|
|
// kTargetOffset aliases with the elements of JSObject. The fact that
|
|
|
|
// JSProxy::target is a Javascript value which cannot be confused with an
|
|
|
|
// elements backing store is exploited by loading from this offset from an
|
|
|
|
// unknown JSReceiver.
|
|
|
|
STATIC_ASSERT(JSObject::kElementsOffset == JSProxy::kTargetOffset);
|
|
|
|
|
2017-07-13 00:49:10 +00:00
|
|
|
typedef FixedBodyDescriptor<JSReceiver::kPropertiesOrHashOffset, kSize, kSize>
|
2016-01-12 15:43:41 +00:00
|
|
|
BodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
2011-05-13 10:58:25 +00:00
|
|
|
|
2018-02-21 22:08:59 +00:00
|
|
|
static Maybe<bool> SetPrivateSymbol(Isolate* isolate, Handle<JSProxy> proxy,
|
|
|
|
Handle<Symbol> private_name,
|
|
|
|
PropertyDescriptor* desc,
|
|
|
|
ShouldThrow should_throw);
|
2016-01-18 12:41:09 +00:00
|
|
|
|
2016-02-18 08:48:33 +00:00
|
|
|
private:
|
2011-05-13 10:58:25 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSProxy);
|
|
|
|
};
|
|
|
|
|
2018-01-05 14:40:40 +00:00
|
|
|
// JSProxyRevocableResult is just a JSObject with a specific initial map.
|
|
|
|
// This initial map adds in-object properties for "proxy" and "revoke".
|
|
|
|
// See https://tc39.github.io/ecma262/#sec-proxy.revocable
|
|
|
|
class JSProxyRevocableResult : public JSObject {
|
|
|
|
public:
|
|
|
|
// Offsets of object fields.
|
|
|
|
static const int kProxyOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kRevokeOffset = kProxyOffset + kPointerSize;
|
|
|
|
static const int kSize = kRevokeOffset + kPointerSize;
|
|
|
|
// Indices of in-object properties.
|
|
|
|
static const int kProxyIndex = 0;
|
|
|
|
static const int kRevokeIndex = 1;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSProxyRevocableResult);
|
|
|
|
};
|
|
|
|
|
2017-02-24 17:48:49 +00:00
|
|
|
// The [Async-from-Sync Iterator] object
|
|
|
|
// (proposal-async-iteration/#sec-async-from-sync-iterator-objects)
|
|
|
|
// An object which wraps an ordinary Iterator and converts it to behave
|
|
|
|
// according to the Async Iterator protocol.
|
|
|
|
// (See https://tc39.github.io/proposal-async-iteration/#sec-iteration)
|
|
|
|
class JSAsyncFromSyncIterator : public JSObject {
|
|
|
|
public:
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSAsyncFromSyncIterator)
|
|
|
|
DECL_PRINTER(JSAsyncFromSyncIterator)
|
|
|
|
DECL_VERIFIER(JSAsyncFromSyncIterator)
|
2017-02-24 17:48:49 +00:00
|
|
|
|
|
|
|
// Async-from-Sync Iterator instances are ordinary objects that inherit
|
|
|
|
// properties from the %AsyncFromSyncIteratorPrototype% intrinsic object.
|
|
|
|
// Async-from-Sync Iterator instances are initially created with the internal
|
|
|
|
// slots listed in Table 4.
|
|
|
|
// (proposal-async-iteration/#table-async-from-sync-iterator-internal-slots)
|
|
|
|
DECL_ACCESSORS(sync_iterator, JSReceiver)
|
|
|
|
|
2018-01-11 20:58:57 +00:00
|
|
|
// The "next" method is loaded during GetIterator, and is not reloaded for
|
|
|
|
// subsequent "next" invocations.
|
|
|
|
DECL_ACCESSORS(next, Object)
|
|
|
|
|
2017-02-24 17:48:49 +00:00
|
|
|
// Offsets of object fields.
|
|
|
|
static const int kSyncIteratorOffset = JSObject::kHeaderSize;
|
2018-01-11 20:58:57 +00:00
|
|
|
static const int kNextOffset = kSyncIteratorOffset + kPointerSize;
|
|
|
|
static const int kSize = kNextOffset + kPointerSize;
|
2017-02-24 17:48:49 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSAsyncFromSyncIterator);
|
|
|
|
};
|
|
|
|
|
2016-09-21 14:17:42 +00:00
|
|
|
class JSStringIterator : public JSObject {
|
|
|
|
public:
|
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(JSStringIterator)
|
|
|
|
DECL_VERIFIER(JSStringIterator)
|
2016-09-21 14:17:42 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(JSStringIterator)
|
2016-09-21 14:17:42 +00:00
|
|
|
|
2017-03-17 13:26:05 +00:00
|
|
|
// [string]: the [[IteratedString]] inobject property.
|
2016-09-21 14:17:42 +00:00
|
|
|
DECL_ACCESSORS(string, String)
|
|
|
|
|
2017-03-17 13:26:05 +00:00
|
|
|
// [index]: The [[StringIteratorNextIndex]] inobject property.
|
2016-09-21 14:17:42 +00:00
|
|
|
inline int index() const;
|
|
|
|
inline void set_index(int value);
|
|
|
|
|
|
|
|
static const int kStringOffset = JSObject::kHeaderSize;
|
|
|
|
static const int kNextIndexOffset = kStringOffset + kPointerSize;
|
|
|
|
static const int kSize = kNextIndexOffset + kPointerSize;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(JSStringIterator);
|
|
|
|
};
|
2011-10-25 14:14:56 +00:00
|
|
|
|
2011-05-19 11:47:34 +00:00
|
|
|
// Foreign describes objects pointing from JavaScript to C structures.
|
2013-08-20 10:52:23 +00:00
|
|
|
class Foreign: public HeapObject {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
2011-05-19 11:47:34 +00:00
|
|
|
// [address]: field containing the address.
|
2011-10-28 12:37:29 +00:00
|
|
|
inline Address foreign_address();
|
2017-12-08 13:54:55 +00:00
|
|
|
|
|
|
|
static inline bool IsNormalized(Object* object);
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(Foreign)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2012-12-13 10:17:37 +00:00
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(Foreign)
|
|
|
|
DECL_VERIFIER(Foreign)
|
2008-07-03 15:10:15 +00:00
|
|
|
|
|
|
|
// Layout description.
|
|
|
|
|
2011-10-28 12:37:29 +00:00
|
|
|
static const int kForeignAddressOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kSize = kForeignAddressOffset + kPointerSize;
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2014-05-27 13:43:29 +00:00
|
|
|
STATIC_ASSERT(kForeignAddressOffset == Internals::kForeignAddressOffset);
|
2009-08-26 10:33:11 +00:00
|
|
|
|
2015-11-13 12:32:08 +00:00
|
|
|
class BodyDescriptor;
|
2017-06-14 09:46:34 +00:00
|
|
|
// No weak fields.
|
|
|
|
typedef BodyDescriptor BodyDescriptorWeak;
|
2015-11-13 12:32:08 +00:00
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
private:
|
2018-04-09 19:11:22 +00:00
|
|
|
friend class Factory;
|
2017-12-08 13:54:55 +00:00
|
|
|
friend class SerializerDeserializer;
|
|
|
|
friend class StartupSerializer;
|
|
|
|
|
|
|
|
inline void set_foreign_address(Address value);
|
|
|
|
|
2011-05-19 11:47:34 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(Foreign);
|
2008-07-03 15:10:15 +00:00
|
|
|
};
|
|
|
|
|
2012-01-10 16:11:33 +00:00
|
|
|
// Support for JavaScript accessors: A pair of a getter and a setter. Each
|
|
|
|
// accessor can either be
|
2017-08-25 10:40:07 +00:00
|
|
|
// * a JavaScript function or proxy: a real accessor
|
|
|
|
// * a FunctionTemplateInfo: a real (lazy) accessor
|
2012-01-10 16:11:33 +00:00
|
|
|
// * undefined: considered an accessor by the spec, too, strangely enough
|
2017-08-25 10:40:07 +00:00
|
|
|
// * null: an accessor which has not been set
|
2013-08-20 10:52:23 +00:00
|
|
|
class AccessorPair: public Struct {
|
2012-01-10 16:11:33 +00:00
|
|
|
public:
|
|
|
|
DECL_ACCESSORS(getter, Object)
|
|
|
|
DECL_ACCESSORS(setter, Object)
|
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(AccessorPair)
|
2012-01-10 16:11:33 +00:00
|
|
|
|
2013-07-02 16:24:23 +00:00
|
|
|
static Handle<AccessorPair> Copy(Handle<AccessorPair> pair);
|
2012-02-13 14:15:43 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline Object* get(AccessorComponent component);
|
|
|
|
inline void set(AccessorComponent component, Object* value);
|
2012-05-24 10:40:24 +00:00
|
|
|
|
2017-08-25 10:40:07 +00:00
|
|
|
// Note: Returns undefined if the component is not set.
|
2016-02-09 16:28:02 +00:00
|
|
|
static Handle<Object> GetComponent(Handle<AccessorPair> accessor_pair,
|
|
|
|
AccessorComponent component);
|
2012-03-05 12:11:28 +00:00
|
|
|
|
2012-03-23 09:51:56 +00:00
|
|
|
// Set both components, skipping arguments which are a JavaScript null.
|
2015-08-13 11:49:01 +00:00
|
|
|
inline void SetComponents(Object* getter, Object* setter);
|
2012-02-22 10:52:57 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline bool Equals(AccessorPair* pair);
|
|
|
|
inline bool Equals(Object* getter_value, Object* setter_value);
|
2015-02-16 15:25:33 +00:00
|
|
|
|
2015-08-13 11:49:01 +00:00
|
|
|
inline bool ContainsAccessor();
|
2012-03-02 14:03:59 +00:00
|
|
|
|
2012-12-13 10:17:37 +00:00
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(AccessorPair)
|
|
|
|
DECL_VERIFIER(AccessorPair)
|
2012-01-10 16:11:33 +00:00
|
|
|
|
|
|
|
static const int kGetterOffset = HeapObject::kHeaderSize;
|
|
|
|
static const int kSetterOffset = kGetterOffset + kPointerSize;
|
2014-06-23 09:02:16 +00:00
|
|
|
static const int kSize = kSetterOffset + kPointerSize;
|
2012-01-10 16:11:33 +00:00
|
|
|
|
|
|
|
private:
|
2012-03-02 14:03:59 +00:00
|
|
|
// Strangely enough, in addition to functions and harmony proxies, the spec
|
|
|
|
// requires us to consider undefined as a kind of accessor, too:
|
|
|
|
// var obj = {};
|
|
|
|
// Object.defineProperty(obj, "foo", {get: undefined});
|
|
|
|
// assertTrue("foo" in obj);
|
2015-08-13 11:49:01 +00:00
|
|
|
inline bool IsJSAccessor(Object* obj);
|
2012-03-02 14:03:59 +00:00
|
|
|
|
2012-01-10 16:11:33 +00:00
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(AccessorPair);
|
|
|
|
};
|
|
|
|
|
2017-04-03 14:58:49 +00:00
|
|
|
class StackFrameInfo : public Struct {
|
|
|
|
public:
|
|
|
|
DECL_INT_ACCESSORS(line_number)
|
|
|
|
DECL_INT_ACCESSORS(column_number)
|
|
|
|
DECL_INT_ACCESSORS(script_id)
|
|
|
|
DECL_ACCESSORS(script_name, Object)
|
|
|
|
DECL_ACCESSORS(script_name_or_source_url, Object)
|
|
|
|
DECL_ACCESSORS(function_name, Object)
|
|
|
|
DECL_BOOLEAN_ACCESSORS(is_eval)
|
|
|
|
DECL_BOOLEAN_ACCESSORS(is_constructor)
|
2017-04-08 22:26:22 +00:00
|
|
|
DECL_BOOLEAN_ACCESSORS(is_wasm)
|
2017-04-03 14:58:49 +00:00
|
|
|
DECL_INT_ACCESSORS(flag)
|
2017-04-20 17:33:03 +00:00
|
|
|
DECL_INT_ACCESSORS(id)
|
2017-04-03 14:58:49 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(StackFrameInfo)
|
2017-04-03 14:58:49 +00:00
|
|
|
|
|
|
|
// Dispatched behavior.
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_PRINTER(StackFrameInfo)
|
|
|
|
DECL_VERIFIER(StackFrameInfo)
|
2017-04-03 14:58:49 +00:00
|
|
|
|
|
|
|
static const int kLineNumberIndex = Struct::kHeaderSize;
|
|
|
|
static const int kColumnNumberIndex = kLineNumberIndex + kPointerSize;
|
|
|
|
static const int kScriptIdIndex = kColumnNumberIndex + kPointerSize;
|
|
|
|
static const int kScriptNameIndex = kScriptIdIndex + kPointerSize;
|
|
|
|
static const int kScriptNameOrSourceUrlIndex =
|
|
|
|
kScriptNameIndex + kPointerSize;
|
|
|
|
static const int kFunctionNameIndex =
|
|
|
|
kScriptNameOrSourceUrlIndex + kPointerSize;
|
|
|
|
static const int kFlagIndex = kFunctionNameIndex + kPointerSize;
|
2017-04-20 17:33:03 +00:00
|
|
|
static const int kIdIndex = kFlagIndex + kPointerSize;
|
|
|
|
static const int kSize = kIdIndex + kPointerSize;
|
2017-04-03 14:58:49 +00:00
|
|
|
|
|
|
|
private:
|
|
|
|
// Bit position in the flag, from least significant bit position.
|
|
|
|
static const int kIsEvalBit = 0;
|
|
|
|
static const int kIsConstructorBit = 1;
|
2017-04-08 22:26:22 +00:00
|
|
|
static const int kIsWasmBit = 2;
|
2017-04-03 14:58:49 +00:00
|
|
|
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(StackFrameInfo);
|
|
|
|
};
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2017-04-12 18:33:20 +00:00
|
|
|
class SourcePositionTableWithFrameCache : public Tuple2 {
|
|
|
|
public:
|
|
|
|
DECL_ACCESSORS(source_position_table, ByteArray)
|
2018-01-25 08:42:56 +00:00
|
|
|
DECL_ACCESSORS(stack_frame_cache, SimpleNumberDictionary)
|
2017-04-12 18:33:20 +00:00
|
|
|
|
2017-06-29 13:14:20 +00:00
|
|
|
DECL_CAST(SourcePositionTableWithFrameCache)
|
2017-04-12 18:33:20 +00:00
|
|
|
|
|
|
|
static const int kSourcePositionTableIndex = Struct::kHeaderSize;
|
|
|
|
static const int kStackFrameCacheIndex =
|
|
|
|
kSourcePositionTableIndex + kPointerSize;
|
|
|
|
static const int kSize = kStackFrameCacheIndex + kPointerSize;
|
|
|
|
|
|
|
|
private:
|
|
|
|
DISALLOW_IMPLICIT_CONSTRUCTORS(SourcePositionTableWithFrameCache);
|
|
|
|
};
|
|
|
|
|
2015-09-28 13:10:13 +00:00
|
|
|
// BooleanBit is a helper class for setting and getting a bit in an integer.
|
2013-08-20 10:52:23 +00:00
|
|
|
class BooleanBit : public AllStatic {
|
2008-07-03 15:10:15 +00:00
|
|
|
public:
|
|
|
|
static inline bool get(int value, int bit_position) {
|
|
|
|
return (value & (1 << bit_position)) != 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int set(int value, int bit_position, bool v) {
|
|
|
|
if (v) {
|
|
|
|
value |= (1 << bit_position);
|
|
|
|
} else {
|
|
|
|
value &= ~(1 << bit_position);
|
|
|
|
}
|
|
|
|
return value;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2015-09-17 12:52:37 +00:00
|
|
|
|
2015-09-30 13:46:56 +00:00
|
|
|
} // NOLINT, false-positive due to second-order macros.
|
|
|
|
} // NOLINT, false-positive due to second-order macros.
|
2008-07-03 15:10:15 +00:00
|
|
|
|
2016-12-20 14:08:21 +00:00
|
|
|
#include "src/objects/object-macros-undef.h"
|
|
|
|
|
2008-07-03 15:10:15 +00:00
|
|
|
#endif // V8_OBJECTS_H_
|