Commit 81a3c699 authored by Marja Hölttä's avatar Marja Hölttä Committed by Commit Bot

[objects.h splitting] Move JSObject + subclasses

Also fixing DEPS include rules for heap-write-barrier.h

BUG=v8:5402,v8:8015

Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng
Change-Id: Ia785da321bc6c6f4c375ae8c866a0bf294e64f5b
Reviewed-on: https://chromium-review.googlesource.com/1238453Reviewed-by: 's avatarMichael Starzinger <mstarzinger@chromium.org>
Commit-Queue: Marja Hölttä <marja@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56138}
parent 9ce331f2
......@@ -866,6 +866,8 @@ action("postmortem-metadata") {
"src/objects/js-array.h",
"src/objects/js-array-buffer-inl.h",
"src/objects/js-array-buffer.h",
"src/objects/js-objects-inl.h",
"src/objects/js-objects.h",
"src/objects/js-regexp-inl.h",
"src/objects/js-regexp.h",
"src/objects/js-regexp-string-iterator-inl.h",
......@@ -2225,6 +2227,8 @@ v8_source_set("v8_base") {
"src/objects/js-number-format-inl.h",
"src/objects/js-number-format.cc",
"src/objects/js-number-format.h",
"src/objects/js-objects-inl.h",
"src/objects/js-objects.h",
"src/objects/js-plural-rules-inl.h",
"src/objects/js-plural-rules.cc",
"src/objects/js-plural-rules.h",
......
......@@ -13,6 +13,7 @@ include_rules = [
"+src/heap/heap.h",
"+src/heap/heap-inl.h",
"+src/heap/heap-write-barrier-inl.h",
"+src/heap/heap-write-barrier.h",
"-src/inspector",
"-src/interpreter",
"+src/interpreter/bytecode-array-accessor.h",
......
......@@ -9,6 +9,7 @@
#include "src/compiler/simplified-operator.h"
#include "src/elements-kind.h"
#include "src/globals.h"
#include "src/objects/js-objects.h"
namespace v8 {
namespace internal {
......
......@@ -27,11 +27,22 @@
namespace v8 {
namespace internal {
class Callable;
class CallInterfaceDescriptor;
class Callable;
class Factory;
class InterpreterData;
class Isolate;
class JSAsyncGeneratorObject;
class JSCollator;
class JSCollection;
class JSDateTimeFormat;
class JSListFormat;
class JSLocale;
class JSNumberFormat;
class JSPluralRules;
class JSRegExpStringIterator;
class JSRelativeTimeFormat;
class JSV8BreakIterator;
class JSWeakCollection;
class JSWeakMap;
class JSWeakSet;
......@@ -41,8 +52,6 @@ class PromiseFulfillReactionJobTask;
class PromiseReaction;
class PromiseReactionJobTask;
class PromiseRejectReactionJobTask;
class InterpreterData;
class Factory;
class Zone;
template <typename T>
......
......@@ -25,6 +25,7 @@
#include "src/objects/arguments-inl.h"
#include "src/objects/js-array-buffer-inl.h"
#include "src/objects/js-array-inl.h"
#include "src/objects/js-objects.h"
#include "src/vector-slot-pair.h"
namespace v8 {
......
......@@ -15,6 +15,7 @@ namespace internal {
// Forward declarations.
class Factory;
class JSGlobalProxy;
class VectorSlotPair;
namespace compiler {
......
......@@ -16,6 +16,8 @@ namespace internal {
// Forward declarations.
class Factory;
class FeedbackNexus;
class JSGlobalObject;
class JSGlobalProxy;
class StringConstantBase;
namespace compiler {
......
......@@ -10,6 +10,8 @@
namespace v8 {
namespace internal {
class JSGlobalObject;
class JSGlobalProxy;
class NativeContext;
class RegExpMatchInfo;
......
......@@ -44,6 +44,7 @@ class JSGeneratorObject;
class JSMap;
class JSMapIterator;
class JSModuleNamespace;
class JSPromise;
class JSProxy;
class JSSet;
class JSSetIterator;
......
......@@ -483,18 +483,6 @@ CAST_ACCESSOR(FeedbackCell)
CAST_ACCESSOR(Foreign)
CAST_ACCESSOR(GlobalDictionary)
CAST_ACCESSOR(HeapObject)
CAST_ACCESSOR(JSAsyncFromSyncIterator)
CAST_ACCESSOR(JSBoundFunction)
CAST_ACCESSOR(JSDataView)
CAST_ACCESSOR(JSDate)
CAST_ACCESSOR(JSFunction)
CAST_ACCESSOR(JSGlobalObject)
CAST_ACCESSOR(JSGlobalProxy)
CAST_ACCESSOR(JSMessageObject)
CAST_ACCESSOR(JSObject)
CAST_ACCESSOR(JSReceiver)
CAST_ACCESSOR(JSStringIterator)
CAST_ACCESSOR(JSValue)
CAST_ACCESSOR(HeapNumber)
CAST_ACCESSOR(LayoutDescriptor)
CAST_ACCESSOR(MutableHeapNumber)
......@@ -723,14 +711,6 @@ MaybeHandle<Object> Object::GetProperty(Isolate* isolate, Handle<Object> object,
return GetProperty(&it);
}
MaybeHandle<Object> JSReceiver::GetProperty(Isolate* isolate,
Handle<JSReceiver> receiver,
Handle<Name> name) {
LookupIterator it(isolate, receiver, name, receiver);
if (!it.IsFound()) return it.factory()->undefined_value();
return Object::GetProperty(&it);
}
MaybeHandle<Object> Object::GetElement(Isolate* isolate, Handle<Object> object,
uint32_t index) {
LookupIterator it(isolate, object, index);
......@@ -738,22 +718,6 @@ MaybeHandle<Object> Object::GetElement(Isolate* isolate, Handle<Object> object,
return GetProperty(&it);
}
MaybeHandle<Object> JSReceiver::GetElement(Isolate* isolate,
Handle<JSReceiver> receiver,
uint32_t index) {
LookupIterator it(isolate, receiver, index, receiver);
if (!it.IsFound()) return it.factory()->undefined_value();
return Object::GetProperty(&it);
}
Handle<Object> JSReceiver::GetDataProperty(Handle<JSReceiver> object,
Handle<Name> name) {
LookupIterator it(object, name, object,
LookupIterator::PROTOTYPE_CHAIN_SKIP_INTERCEPTOR);
if (!it.IsFound()) return it.factory()->undefined_value();
return GetDataProperty(&it);
}
MaybeHandle<Object> Object::SetElement(Isolate* isolate, Handle<Object> object,
uint32_t index, Handle<Object> value,
LanguageMode language_mode) {
......@@ -763,54 +727,6 @@ MaybeHandle<Object> Object::SetElement(Isolate* isolate, Handle<Object> object,
return value;
}
MaybeHandle<Object> JSReceiver::GetPrototype(Isolate* isolate,
Handle<JSReceiver> receiver) {
// We don't expect access checks to be needed on JSProxy objects.
DCHECK(!receiver->IsAccessCheckNeeded() || receiver->IsJSObject());
PrototypeIterator iter(isolate, receiver, kStartAtReceiver,
PrototypeIterator::END_AT_NON_HIDDEN);
do {
if (!iter.AdvanceFollowingProxies()) return MaybeHandle<Object>();
} while (!iter.IsAtEnd());
return PrototypeIterator::GetCurrent(iter);
}
MaybeHandle<Object> JSReceiver::GetProperty(Isolate* isolate,
Handle<JSReceiver> receiver,
const char* name) {
Handle<String> str = isolate->factory()->InternalizeUtf8String(name);
return GetProperty(isolate, receiver, str);
}
// static
V8_WARN_UNUSED_RESULT MaybeHandle<FixedArray> JSReceiver::OwnPropertyKeys(
Handle<JSReceiver> object) {
return KeyAccumulator::GetKeys(object, KeyCollectionMode::kOwnOnly,
ALL_PROPERTIES,
GetKeysConversion::kConvertToString);
}
bool JSObject::PrototypeHasNoElements(Isolate* isolate, JSObject* object) {
DisallowHeapAllocation no_gc;
HeapObject* prototype = HeapObject::cast(object->map()->prototype());
ReadOnlyRoots roots(isolate);
HeapObject* null = roots.null_value();
HeapObject* empty_fixed_array = roots.empty_fixed_array();
HeapObject* empty_slow_element_dictionary =
roots.empty_slow_element_dictionary();
while (prototype != null) {
Map* map = prototype->map();
if (map->IsCustomElementsReceiverMap()) return false;
HeapObject* elements = JSObject::cast(prototype)->elements();
if (elements != empty_fixed_array &&
elements != empty_slow_element_dictionary) {
return false;
}
prototype = HeapObject::cast(map->prototype());
}
return true;
}
Object** HeapObject::RawField(const HeapObject* obj, int byte_offset) {
return reinterpret_cast<Object**>(FIELD_ADDR(obj, byte_offset));
}
......@@ -991,137 +907,6 @@ int HeapNumberBase::get_sign() {
return READ_INT_FIELD(this, kExponentOffset) & kSignMask;
}
ACCESSORS(JSReceiver, raw_properties_or_hash, Object, kPropertiesOrHashOffset)
FixedArrayBase* JSObject::elements() const {
Object* array = READ_FIELD(this, kElementsOffset);
return static_cast<FixedArrayBase*>(array);
}
void JSObject::EnsureCanContainHeapObjectElements(Handle<JSObject> object) {
JSObject::ValidateElements(*object);
ElementsKind elements_kind = object->map()->elements_kind();
if (!IsObjectElementsKind(elements_kind)) {
if (IsHoleyElementsKind(elements_kind)) {
TransitionElementsKind(object, HOLEY_ELEMENTS);
} else {
TransitionElementsKind(object, PACKED_ELEMENTS);
}
}
}
void JSObject::EnsureCanContainElements(Handle<JSObject> object,
Object** objects,
uint32_t count,
EnsureElementsMode mode) {
ElementsKind current_kind = object->GetElementsKind();
ElementsKind target_kind = current_kind;
{
DisallowHeapAllocation no_allocation;
DCHECK(mode != ALLOW_COPIED_DOUBLE_ELEMENTS);
bool is_holey = IsHoleyElementsKind(current_kind);
if (current_kind == HOLEY_ELEMENTS) return;
Object* the_hole = object->GetReadOnlyRoots().the_hole_value();
for (uint32_t i = 0; i < count; ++i) {
Object* current = *objects++;
if (current == the_hole) {
is_holey = true;
target_kind = GetHoleyElementsKind(target_kind);
} else if (!current->IsSmi()) {
if (mode == ALLOW_CONVERTED_DOUBLE_ELEMENTS && current->IsNumber()) {
if (IsSmiElementsKind(target_kind)) {
if (is_holey) {
target_kind = HOLEY_DOUBLE_ELEMENTS;
} else {
target_kind = PACKED_DOUBLE_ELEMENTS;
}
}
} else if (is_holey) {
target_kind = HOLEY_ELEMENTS;
break;
} else {
target_kind = PACKED_ELEMENTS;
}
}
}
}
if (target_kind != current_kind) {
TransitionElementsKind(object, target_kind);
}
}
void JSObject::EnsureCanContainElements(Handle<JSObject> object,
Handle<FixedArrayBase> elements,
uint32_t length,
EnsureElementsMode mode) {
ReadOnlyRoots roots = object->GetReadOnlyRoots();
if (elements->map() != roots.fixed_double_array_map()) {
DCHECK(elements->map() == roots.fixed_array_map() ||
elements->map() == roots.fixed_cow_array_map());
if (mode == ALLOW_COPIED_DOUBLE_ELEMENTS) {
mode = DONT_ALLOW_DOUBLE_ELEMENTS;
}
Object** objects =
Handle<FixedArray>::cast(elements)->GetFirstElementAddress();
EnsureCanContainElements(object, objects, length, mode);
return;
}
DCHECK(mode == ALLOW_COPIED_DOUBLE_ELEMENTS);
if (object->GetElementsKind() == HOLEY_SMI_ELEMENTS) {
TransitionElementsKind(object, HOLEY_DOUBLE_ELEMENTS);
} else if (object->GetElementsKind() == PACKED_SMI_ELEMENTS) {
Handle<FixedDoubleArray> double_array =
Handle<FixedDoubleArray>::cast(elements);
for (uint32_t i = 0; i < length; ++i) {
if (double_array->is_the_hole(i)) {
TransitionElementsKind(object, HOLEY_DOUBLE_ELEMENTS);
return;
}
}
TransitionElementsKind(object, PACKED_DOUBLE_ELEMENTS);
}
}
void JSObject::SetMapAndElements(Handle<JSObject> object,
Handle<Map> new_map,
Handle<FixedArrayBase> value) {
JSObject::MigrateToMap(object, new_map);
DCHECK((object->map()->has_fast_smi_or_object_elements() ||
(*value == object->GetReadOnlyRoots().empty_fixed_array()) ||
object->map()->has_fast_string_wrapper_elements()) ==
(value->map() == object->GetReadOnlyRoots().fixed_array_map() ||
value->map() == object->GetReadOnlyRoots().fixed_cow_array_map()));
DCHECK((*value == object->GetReadOnlyRoots().empty_fixed_array()) ||
(object->map()->has_fast_double_elements() ==
value->IsFixedDoubleArray()));
object->set_elements(*value);
}
void JSObject::set_elements(FixedArrayBase* value, WriteBarrierMode mode) {
WRITE_FIELD(this, kElementsOffset, value);
CONDITIONAL_WRITE_BARRIER(this, kElementsOffset, value, mode);
}
void JSObject::initialize_elements() {
FixedArrayBase* elements = map()->GetInitialElements();
WRITE_FIELD(this, kElementsOffset, elements);
}
InterceptorInfo* JSObject::GetIndexedInterceptor() {
return map()->GetIndexedInterceptor();
}
InterceptorInfo* JSObject::GetNamedInterceptor() {
return map()->GetNamedInterceptor();
}
double Oddball::to_number_raw() const {
return READ_DOUBLE_FIELD(this, kToNumberRawOffset);
}
......@@ -1167,18 +952,6 @@ void PropertyCell::set_property_details(PropertyDetails details) {
set_property_details_raw(details.AsSmi());
}
int JSObject::GetHeaderSize() const { return GetHeaderSize(map()); }
int JSObject::GetHeaderSize(const Map* map) {
// Check for the most common kind of JavaScript object before
// falling into the generic switch. This speeds up the internal
// field operations considerably on average.
InstanceType instance_type = map->instance_type();
return instance_type == JS_OBJECT_TYPE
? JSObject::kHeaderSize
: GetHeaderSize(instance_type, map->has_prototype_slot());
}
inline bool IsSpecialReceiverInstanceType(InstanceType instance_type) {
return instance_type <= LAST_SPECIAL_RECEIVER_TYPE;
}
......@@ -1202,187 +975,6 @@ bool Map::IsCustomElementsReceiverMap() const {
return IsCustomElementsReceiverInstanceType(instance_type());
}
// static
int JSObject::GetEmbedderFieldCount(const Map* map) {
int instance_size = map->instance_size();
if (instance_size == kVariableSizeSentinel) return 0;
return ((instance_size - GetHeaderSize(map)) >> kPointerSizeLog2) -
map->GetInObjectProperties();
}
int JSObject::GetEmbedderFieldCount() const {
return GetEmbedderFieldCount(map());
}
int JSObject::GetEmbedderFieldOffset(int index) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
return GetHeaderSize() + (kPointerSize * index);
}
Object* JSObject::GetEmbedderField(int index) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
// Internal objects do follow immediately after the header, whereas in-object
// properties are at the end of the object. Therefore there is no need
// to adjust the index here.
return READ_FIELD(this, GetHeaderSize() + (kPointerSize * index));
}
void JSObject::SetEmbedderField(int index, Object* value) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
// Internal objects do follow immediately after the header, whereas in-object
// properties are at the end of the object. Therefore there is no need
// to adjust the index here.
int offset = GetHeaderSize() + (kPointerSize * index);
WRITE_FIELD(this, offset, value);
WRITE_BARRIER(this, offset, value);
}
void JSObject::SetEmbedderField(int index, Smi* value) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
// Internal objects do follow immediately after the header, whereas in-object
// properties are at the end of the object. Therefore there is no need
// to adjust the index here.
int offset = GetHeaderSize() + (kPointerSize * index);
WRITE_FIELD(this, offset, value);
}
bool JSObject::IsUnboxedDoubleField(FieldIndex index) {
if (!FLAG_unbox_double_fields) return false;
return map()->IsUnboxedDoubleField(index);
}
// Access fast-case object properties at index. The use of these routines
// is needed to correctly distinguish between properties stored in-object and
// properties stored in the properties array.
Object* JSObject::RawFastPropertyAt(FieldIndex index) {
DCHECK(!IsUnboxedDoubleField(index));
if (index.is_inobject()) {
return READ_FIELD(this, index.offset());
} else {
return property_array()->get(index.outobject_array_index());
}
}
double JSObject::RawFastDoublePropertyAt(FieldIndex index) {
DCHECK(IsUnboxedDoubleField(index));
return READ_DOUBLE_FIELD(this, index.offset());
}
uint64_t JSObject::RawFastDoublePropertyAsBitsAt(FieldIndex index) {
DCHECK(IsUnboxedDoubleField(index));
return READ_UINT64_FIELD(this, index.offset());
}
void JSObject::RawFastPropertyAtPut(FieldIndex index, Object* value) {
if (index.is_inobject()) {
int offset = index.offset();
WRITE_FIELD(this, offset, value);
WRITE_BARRIER(this, offset, value);
} else {
property_array()->set(index.outobject_array_index(), value);
}
}
void JSObject::RawFastDoublePropertyAsBitsAtPut(FieldIndex index,
uint64_t bits) {
// Double unboxing is enabled only on 64-bit platforms.
DCHECK_EQ(kDoubleSize, kPointerSize);
Address field_addr = FIELD_ADDR(this, index.offset());
base::Relaxed_Store(reinterpret_cast<base::AtomicWord*>(field_addr),
static_cast<base::AtomicWord>(bits));
}
void JSObject::FastPropertyAtPut(FieldIndex index, Object* value) {
if (IsUnboxedDoubleField(index)) {
DCHECK(value->IsMutableHeapNumber());
// Ensure that all bits of the double value are preserved.
RawFastDoublePropertyAsBitsAtPut(
index, MutableHeapNumber::cast(value)->value_as_bits());
} else {
RawFastPropertyAtPut(index, value);
}
}
void JSObject::WriteToField(int descriptor, PropertyDetails details,
Object* value) {
DCHECK_EQ(kField, details.location());
DCHECK_EQ(kData, details.kind());
DisallowHeapAllocation no_gc;
FieldIndex index = FieldIndex::ForDescriptor(map(), descriptor);
if (details.representation().IsDouble()) {
// Nothing more to be done.
if (value->IsUninitialized()) {
return;
}
// Manipulating the signaling NaN used for the hole and uninitialized
// double field sentinel in C++, e.g. with bit_cast or value()/set_value(),
// will change its value on ia32 (the x87 stack is used to return values
// and stores to the stack silently clear the signalling bit).
uint64_t bits;
if (value->IsSmi()) {
bits = bit_cast<uint64_t>(static_cast<double>(Smi::ToInt(value)));
} else {
DCHECK(value->IsHeapNumber());
bits = HeapNumber::cast(value)->value_as_bits();
}
if (IsUnboxedDoubleField(index)) {
RawFastDoublePropertyAsBitsAtPut(index, bits);
} else {
auto box = MutableHeapNumber::cast(RawFastPropertyAt(index));
box->set_value_as_bits(bits);
}
} else {
RawFastPropertyAtPut(index, value);
}
}
int JSObject::GetInObjectPropertyOffset(int index) {
return map()->GetInObjectPropertyOffset(index);
}
Object* JSObject::InObjectPropertyAt(int index) {
int offset = GetInObjectPropertyOffset(index);
return READ_FIELD(this, offset);
}
Object* JSObject::InObjectPropertyAtPut(int index,
Object* value,
WriteBarrierMode mode) {
// Adjust for the number of properties stored in the object.
int offset = GetInObjectPropertyOffset(index);
WRITE_FIELD(this, offset, value);
CONDITIONAL_WRITE_BARRIER(this, offset, value, mode);
return value;
}
void JSObject::InitializeBody(Map* map, int start_offset,
Object* pre_allocated_value,
Object* filler_value) {
DCHECK(!filler_value->IsHeapObject() || !Heap::InNewSpace(filler_value));
DCHECK(!pre_allocated_value->IsHeapObject() ||
!Heap::InNewSpace(pre_allocated_value));
int size = map->instance_size();
int offset = start_offset;
if (filler_value != pre_allocated_value) {
int end_of_pre_allocated_offset =
size - (map->UnusedPropertyFields() * kPointerSize);
DCHECK_LE(kHeaderSize, end_of_pre_allocated_offset);
while (offset < end_of_pre_allocated_offset) {
WRITE_FIELD(this, offset, pre_allocated_value);
offset += kPointerSize;
}
}
while (offset < size) {
WRITE_FIELD(this, offset, filler_value);
offset += kPointerSize;
}
}
void Struct::InitializeBody(int object_size) {
Object* value = GetReadOnlyRoots().undefined_value();
for (int offset = kHeaderSize; offset < object_size; offset += kPointerSize) {
......@@ -2041,22 +1633,6 @@ int HeapObject::SizeFromMap(Map* map) const {
return reinterpret_cast<const Code*>(this)->CodeSize();
}
Object* JSBoundFunction::raw_bound_target_function() const {
return READ_FIELD(this, kBoundTargetFunctionOffset);
}
ACCESSORS(JSBoundFunction, bound_target_function, JSReceiver,
kBoundTargetFunctionOffset)
ACCESSORS(JSBoundFunction, bound_this, Object, kBoundThisOffset)
ACCESSORS(JSBoundFunction, bound_arguments, FixedArray, kBoundArgumentsOffset)
ACCESSORS(JSFunction, shared, SharedFunctionInfo, kSharedFunctionInfoOffset)
ACCESSORS(JSFunction, feedback_cell, FeedbackCell, kFeedbackCellOffset)
ACCESSORS(JSGlobalObject, native_context, Context, kNativeContextOffset)
ACCESSORS(JSGlobalObject, global_proxy, JSObject, kGlobalProxyOffset)
ACCESSORS(JSGlobalProxy, native_context, Object, kNativeContextOffset)
ACCESSORS(AsyncGeneratorRequest, next, Object, kNextOffset)
SMI_ACCESSORS(AsyncGeneratorRequest, resume_mode, kResumeModeOffset)
......@@ -2092,206 +1668,6 @@ ACCESSORS(SourcePositionTableWithFrameCache, source_position_table, ByteArray,
ACCESSORS(SourcePositionTableWithFrameCache, stack_frame_cache,
SimpleNumberDictionary, kStackFrameCacheIndex)
FeedbackVector* JSFunction::feedback_vector() const {
DCHECK(has_feedback_vector());
return FeedbackVector::cast(feedback_cell()->value());
}
// Code objects that are marked for deoptimization are not considered to be
// optimized. This is because the JSFunction might have been already
// deoptimized but its code() still needs to be unlinked, which will happen on
// its next activation.
// TODO(jupvfranco): rename this function. Maybe RunOptimizedCode,
// or IsValidOptimizedCode.
bool JSFunction::IsOptimized() {
return code()->kind() == Code::OPTIMIZED_FUNCTION &&
!code()->marked_for_deoptimization();
}
bool JSFunction::HasOptimizedCode() {
return IsOptimized() ||
(has_feedback_vector() && feedback_vector()->has_optimized_code() &&
!feedback_vector()->optimized_code()->marked_for_deoptimization());
}
bool JSFunction::HasOptimizationMarker() {
return has_feedback_vector() && feedback_vector()->has_optimization_marker();
}
void JSFunction::ClearOptimizationMarker() {
DCHECK(has_feedback_vector());
feedback_vector()->ClearOptimizationMarker();
}
// Optimized code marked for deoptimization will tier back down to running
// interpreted on its next activation, and already doesn't count as IsOptimized.
bool JSFunction::IsInterpreted() {
return code()->is_interpreter_trampoline_builtin() ||
(code()->kind() == Code::OPTIMIZED_FUNCTION &&
code()->marked_for_deoptimization());
}
bool JSFunction::ChecksOptimizationMarker() {
return code()->checks_optimization_marker();
}
bool JSFunction::IsMarkedForOptimization() {
return has_feedback_vector() && feedback_vector()->optimization_marker() ==
OptimizationMarker::kCompileOptimized;
}
bool JSFunction::IsMarkedForConcurrentOptimization() {
return has_feedback_vector() &&
feedback_vector()->optimization_marker() ==
OptimizationMarker::kCompileOptimizedConcurrent;
}
bool JSFunction::IsInOptimizationQueue() {
return has_feedback_vector() && feedback_vector()->optimization_marker() ==
OptimizationMarker::kInOptimizationQueue;
}
void JSFunction::CompleteInobjectSlackTrackingIfActive() {
if (!has_prototype_slot()) return;
if (has_initial_map() && initial_map()->IsInobjectSlackTrackingInProgress()) {
initial_map()->CompleteInobjectSlackTracking(GetIsolate());
}
}
AbstractCode* JSFunction::abstract_code() {
if (IsInterpreted()) {
return AbstractCode::cast(shared()->GetBytecodeArray());
} else {
return AbstractCode::cast(code());
}
}
Code* JSFunction::code() { return Code::cast(READ_FIELD(this, kCodeOffset)); }
void JSFunction::set_code(Code* value) {
DCHECK(!Heap::InNewSpace(value));
WRITE_FIELD(this, kCodeOffset, value);
MarkingBarrier(this, HeapObject::RawField(this, kCodeOffset), value);
}
void JSFunction::set_code_no_write_barrier(Code* value) {
DCHECK(!Heap::InNewSpace(value));
WRITE_FIELD(this, kCodeOffset, value);
}
void JSFunction::ClearOptimizedCodeSlot(const char* reason) {
if (has_feedback_vector() && feedback_vector()->has_optimized_code()) {
if (FLAG_trace_opt) {
PrintF("[evicting entry from optimizing code feedback slot (%s) for ",
reason);
ShortPrint();
PrintF("]\n");
}
feedback_vector()->ClearOptimizedCode();
}
}
void JSFunction::SetOptimizationMarker(OptimizationMarker marker) {
DCHECK(has_feedback_vector());
DCHECK(ChecksOptimizationMarker());
DCHECK(!HasOptimizedCode());
feedback_vector()->SetOptimizationMarker(marker);
}
bool JSFunction::has_feedback_vector() const {
return !feedback_cell()->value()->IsUndefined();
}
Context* JSFunction::context() {
return Context::cast(READ_FIELD(this, kContextOffset));
}
bool JSFunction::has_context() const {
return READ_FIELD(this, kContextOffset)->IsContext();
}
JSGlobalProxy* JSFunction::global_proxy() { return context()->global_proxy(); }
Context* JSFunction::native_context() { return context()->native_context(); }
void JSFunction::set_context(Object* value) {
DCHECK(value->IsUndefined() || value->IsContext());
WRITE_FIELD(this, kContextOffset, value);
WRITE_BARRIER(this, kContextOffset, value);
}
ACCESSORS_CHECKED(JSFunction, prototype_or_initial_map, Object,
kPrototypeOrInitialMapOffset, map()->has_prototype_slot())
bool JSFunction::has_prototype_slot() const {
return map()->has_prototype_slot();
}
Map* JSFunction::initial_map() {
return Map::cast(prototype_or_initial_map());
}
bool JSFunction::has_initial_map() {
DCHECK(has_prototype_slot());
return prototype_or_initial_map()->IsMap();
}
bool JSFunction::has_instance_prototype() {
DCHECK(has_prototype_slot());
return has_initial_map() || !prototype_or_initial_map()->IsTheHole();
}
bool JSFunction::has_prototype() {
DCHECK(has_prototype_slot());
return map()->has_non_instance_prototype() || has_instance_prototype();
}
bool JSFunction::has_prototype_property() {
return (has_prototype_slot() && IsConstructor()) ||
IsGeneratorFunction(shared()->kind());
}
bool JSFunction::PrototypeRequiresRuntimeLookup() {
return !has_prototype_property() || map()->has_non_instance_prototype();
}
Object* JSFunction::instance_prototype() {
DCHECK(has_instance_prototype());
if (has_initial_map()) return initial_map()->prototype();
// When there is no initial map and the prototype is a JSReceiver, the
// initial map field is used for the prototype field.
return prototype_or_initial_map();
}
Object* JSFunction::prototype() {
DCHECK(has_prototype());
// If the function's prototype property has been set to a non-JSReceiver
// value, that value is stored in the constructor field of the map.
if (map()->has_non_instance_prototype()) {
Object* prototype = map()->GetConstructor();
// The map must have a prototype in that field, not a back pointer.
DCHECK(!prototype->IsMap());
DCHECK(!prototype->IsFunctionTemplateInfo());
return prototype;
}
return instance_prototype();
}
bool JSFunction::is_compiled() {
return code()->builtin_index() != Builtins::kCompileLazy;
}
// static
bool Foreign::IsNormalized(Object* value) {
if (value == Smi::kZero) return true;
......@@ -2314,158 +1690,6 @@ void SmallOrderedHashTable<Derived>::SetDataEntry(int entry, int relative_index,
WRITE_BARRIER(this, static_cast<int>(entry_offset), value);
}
ACCESSORS(JSValue, value, Object, kValueOffset)
ACCESSORS(JSDate, value, Object, kValueOffset)
ACCESSORS(JSDate, cache_stamp, Object, kCacheStampOffset)
ACCESSORS(JSDate, year, Object, kYearOffset)
ACCESSORS(JSDate, month, Object, kMonthOffset)
ACCESSORS(JSDate, day, Object, kDayOffset)
ACCESSORS(JSDate, weekday, Object, kWeekdayOffset)
ACCESSORS(JSDate, hour, Object, kHourOffset)
ACCESSORS(JSDate, min, Object, kMinOffset)
ACCESSORS(JSDate, sec, Object, kSecOffset)
SMI_ACCESSORS(JSMessageObject, type, kTypeOffset)
ACCESSORS(JSMessageObject, argument, Object, kArgumentsOffset)
ACCESSORS(JSMessageObject, script, Script, kScriptOffset)
ACCESSORS(JSMessageObject, stack_frames, Object, kStackFramesOffset)
SMI_ACCESSORS(JSMessageObject, start_position, kStartPositionOffset)
SMI_ACCESSORS(JSMessageObject, end_position, kEndPositionOffset)
SMI_ACCESSORS(JSMessageObject, error_level, kErrorLevelOffset)
ElementsKind JSObject::GetElementsKind() const {
ElementsKind kind = map()->elements_kind();
#if VERIFY_HEAP && DEBUG
FixedArrayBase* fixed_array =
reinterpret_cast<FixedArrayBase*>(READ_FIELD(this, kElementsOffset));
// If a GC was caused while constructing this object, the elements
// pointer may point to a one pointer filler map.
if (ElementsAreSafeToExamine()) {
Map* map = fixed_array->map();
if (IsSmiOrObjectElementsKind(kind)) {
DCHECK(map == GetReadOnlyRoots().fixed_array_map() ||
map == GetReadOnlyRoots().fixed_cow_array_map());
} else if (IsDoubleElementsKind(kind)) {
DCHECK(fixed_array->IsFixedDoubleArray() ||
fixed_array == GetReadOnlyRoots().empty_fixed_array());
} else if (kind == DICTIONARY_ELEMENTS) {
DCHECK(fixed_array->IsFixedArray());
DCHECK(fixed_array->IsDictionary());
} else {
DCHECK(kind > DICTIONARY_ELEMENTS);
}
DCHECK(!IsSloppyArgumentsElementsKind(kind) ||
(elements()->IsFixedArray() && elements()->length() >= 2));
}
#endif
return kind;
}
bool JSObject::HasObjectElements() {
return IsObjectElementsKind(GetElementsKind());
}
bool JSObject::HasSmiElements() { return IsSmiElementsKind(GetElementsKind()); }
bool JSObject::HasSmiOrObjectElements() {
return IsSmiOrObjectElementsKind(GetElementsKind());
}
bool JSObject::HasDoubleElements() {
return IsDoubleElementsKind(GetElementsKind());
}
bool JSObject::HasHoleyElements() {
return IsHoleyElementsKind(GetElementsKind());
}
bool JSObject::HasFastElements() {
return IsFastElementsKind(GetElementsKind());
}
bool JSObject::HasFastPackedElements() {
return IsFastPackedElementsKind(GetElementsKind());
}
bool JSObject::HasDictionaryElements() {
return GetElementsKind() == DICTIONARY_ELEMENTS;
}
bool JSObject::HasFastArgumentsElements() {
return GetElementsKind() == FAST_SLOPPY_ARGUMENTS_ELEMENTS;
}
bool JSObject::HasSlowArgumentsElements() {
return GetElementsKind() == SLOW_SLOPPY_ARGUMENTS_ELEMENTS;
}
bool JSObject::HasSloppyArgumentsElements() {
return IsSloppyArgumentsElementsKind(GetElementsKind());
}
bool JSObject::HasStringWrapperElements() {
return IsStringWrapperElementsKind(GetElementsKind());
}
bool JSObject::HasFastStringWrapperElements() {
return GetElementsKind() == FAST_STRING_WRAPPER_ELEMENTS;
}
bool JSObject::HasSlowStringWrapperElements() {
return GetElementsKind() == SLOW_STRING_WRAPPER_ELEMENTS;
}
bool JSObject::HasFixedTypedArrayElements() {
DCHECK_NOT_NULL(elements());
return map()->has_fixed_typed_array_elements();
}
#define FIXED_TYPED_ELEMENTS_CHECK(Type, type, TYPE, ctype) \
bool JSObject::HasFixed##Type##Elements() { \
HeapObject* array = elements(); \
DCHECK_NOT_NULL(array); \
if (!array->IsHeapObject()) return false; \
return array->map()->instance_type() == FIXED_##TYPE##_ARRAY_TYPE; \
}
TYPED_ARRAYS(FIXED_TYPED_ELEMENTS_CHECK)
#undef FIXED_TYPED_ELEMENTS_CHECK
bool JSObject::HasNamedInterceptor() {
return map()->has_named_interceptor();
}
bool JSObject::HasIndexedInterceptor() {
return map()->has_indexed_interceptor();
}
void JSGlobalObject::set_global_dictionary(GlobalDictionary* dictionary) {
DCHECK(IsJSGlobalObject());
set_raw_properties_or_hash(dictionary);
}
GlobalDictionary* JSGlobalObject::global_dictionary() {
DCHECK(!HasFastProperties());
DCHECK(IsJSGlobalObject());
return GlobalDictionary::cast(raw_properties_or_hash());
}
NumberDictionary* JSObject::element_dictionary() {
DCHECK(HasDictionaryElements() || HasSlowStringWrapperElements());
return NumberDictionary::cast(elements());
}
// static
Maybe<bool> Object::GreaterThan(Isolate* isolate, Handle<Object> x,
Handle<Object> y) {
......@@ -2564,134 +1788,6 @@ MaybeHandle<Object> Object::GetPropertyOrElement(Handle<Object> receiver,
}
void JSReceiver::initialize_properties() {
Heap* heap = GetHeap();
ReadOnlyRoots roots(heap);
DCHECK(!Heap::InNewSpace(roots.empty_fixed_array()));
DCHECK(!Heap::InNewSpace(heap->empty_property_dictionary()));
if (map()->is_dictionary_map()) {
WRITE_FIELD(this, kPropertiesOrHashOffset,
heap->empty_property_dictionary());
} else {
WRITE_FIELD(this, kPropertiesOrHashOffset, roots.empty_fixed_array());
}
}
bool JSReceiver::HasFastProperties() const {
DCHECK(
raw_properties_or_hash()->IsSmi() ||
(raw_properties_or_hash()->IsDictionary() == map()->is_dictionary_map()));
return !map()->is_dictionary_map();
}
NameDictionary* JSReceiver::property_dictionary() const {
DCHECK(!IsJSGlobalObject());
DCHECK(!HasFastProperties());
Object* prop = raw_properties_or_hash();
if (prop->IsSmi()) {
return GetHeap()->empty_property_dictionary();
}
return NameDictionary::cast(prop);
}
// TODO(gsathya): Pass isolate directly to this function and access
// the heap from this.
PropertyArray* JSReceiver::property_array() const {
DCHECK(HasFastProperties());
Object* prop = raw_properties_or_hash();
if (prop->IsSmi() || prop == GetReadOnlyRoots().empty_fixed_array()) {
return GetReadOnlyRoots().empty_property_array();
}
return PropertyArray::cast(prop);
}
Maybe<bool> JSReceiver::HasProperty(Handle<JSReceiver> object,
Handle<Name> name) {
LookupIterator it = LookupIterator::PropertyOrElement(object->GetIsolate(),
object, name, object);
return HasProperty(&it);
}
Maybe<bool> JSReceiver::HasOwnProperty(Handle<JSReceiver> object,
uint32_t index) {
if (object->IsJSModuleNamespace()) return Just(false);
if (object->IsJSObject()) { // Shortcut.
LookupIterator it(object->GetIsolate(), object, index, object,
LookupIterator::OWN);
return HasProperty(&it);
}
Maybe<PropertyAttributes> attributes =
JSReceiver::GetOwnPropertyAttributes(object, index);
MAYBE_RETURN(attributes, Nothing<bool>());
return Just(attributes.FromJust() != ABSENT);
}
Maybe<PropertyAttributes> JSReceiver::GetPropertyAttributes(
Handle<JSReceiver> object, Handle<Name> name) {
LookupIterator it = LookupIterator::PropertyOrElement(object->GetIsolate(),
object, name, object);
return GetPropertyAttributes(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetOwnPropertyAttributes(
Handle<JSReceiver> object, Handle<Name> name) {
LookupIterator it = LookupIterator::PropertyOrElement(
object->GetIsolate(), object, name, object, LookupIterator::OWN);
return GetPropertyAttributes(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetOwnPropertyAttributes(
Handle<JSReceiver> object, uint32_t index) {
LookupIterator it(object->GetIsolate(), object, index, object,
LookupIterator::OWN);
return GetPropertyAttributes(&it);
}
Maybe<bool> JSReceiver::HasElement(Handle<JSReceiver> object, uint32_t index) {
LookupIterator it(object->GetIsolate(), object, index, object);
return HasProperty(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetElementAttributes(
Handle<JSReceiver> object, uint32_t index) {
Isolate* isolate = object->GetIsolate();
LookupIterator it(isolate, object, index, object);
return GetPropertyAttributes(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetOwnElementAttributes(
Handle<JSReceiver> object, uint32_t index) {
Isolate* isolate = object->GetIsolate();
LookupIterator it(isolate, object, index, object, LookupIterator::OWN);
return GetPropertyAttributes(&it);
}
bool JSGlobalObject::IsDetached() {
return JSGlobalProxy::cast(global_proxy())->IsDetachedFrom(this);
}
bool JSGlobalProxy::IsDetachedFrom(JSGlobalObject* global) const {
const PrototypeIterator iter(this->GetIsolate(),
const_cast<JSGlobalProxy*>(this));
return iter.GetCurrent() != global;
}
inline int JSGlobalProxy::SizeWithEmbedderFields(int embedder_field_count) {
DCHECK_GE(embedder_field_count, 0);
return kSize + embedder_field_count * kPointerSize;
}
Object* AccessorPair::get(AccessorComponent component) {
return component == ACCESSOR_GETTER ? getter() : setter();
......@@ -2989,15 +2085,6 @@ static inline Handle<Object> MakeEntryPair(Isolate* isolate, Handle<Object> key,
PACKED_ELEMENTS, 2);
}
ACCESSORS(JSIteratorResult, value, Object, kValueOffset)
ACCESSORS(JSIteratorResult, done, Object, kDoneOffset)
ACCESSORS(JSAsyncFromSyncIterator, sync_iterator, JSReceiver,
kSyncIteratorOffset)
ACCESSORS(JSAsyncFromSyncIterator, next, Object, kNextOffset)
ACCESSORS(JSStringIterator, string, String, kStringOffset)
SMI_ACCESSORS(JSStringIterator, index, kNextIndexOffset)
bool ScopeInfo::IsAsmModule() const { return AsmModuleField::decode(Flags()); }
......
......@@ -707,21 +707,6 @@ class FixedArrayBase;
class PropertyArray;
class FunctionLiteral;
class FunctionTemplateInfo;
class JSGeneratorObject;
class JSAsyncGeneratorObject;
class JSGlobalObject;
class JSGlobalProxy;
#ifdef V8_INTL_SUPPORT
class JSV8BreakIterator;
class JSCollator;
class JSDateTimeFormat;
class JSListFormat;
class JSLocale;
class JSNumberFormat;
class JSPluralRules;
class JSRelativeTimeFormat;
#endif // V8_INTL_SUPPORT
class JSPromise;
class KeyAccumulator;
class LayoutDescriptor;
class LookupIterator;
......@@ -1993,850 +1978,6 @@ class PropertyArray : public HeapObject {
DISALLOW_IMPLICIT_CONSTRUCTORS(PropertyArray);
};
// JSReceiver includes types on which properties can be defined, i.e.,
// JSObject and JSProxy.
class JSReceiver : public HeapObject, public NeverReadOnlySpaceObject {
public:
// Returns true if there is no slow (ie, dictionary) backing store.
inline bool HasFastProperties() const;
// Returns the properties array backing store if it
// exists. Otherwise, returns an empty_property_array when there's a
// Smi (hash code) or an empty_fixed_array for a fast properties
// map.
inline PropertyArray* property_array() const;
// Gets slow properties for non-global objects.
inline NameDictionary* property_dictionary() const;
// Sets the properties backing store and makes sure any existing hash is moved
// to the new properties store. To clear out the properties store, pass in the
// empty_fixed_array(), the hash will be maintained in this case as well.
void SetProperties(HeapObject* properties);
// There are five possible values for the properties offset.
// 1) EmptyFixedArray/EmptyPropertyDictionary - This is the standard
// placeholder.
//
// 2) Smi - This is the hash code of the object.
//
// 3) PropertyArray - This is similar to a FixedArray but stores
// the hash code of the object in its length field. This is a fast
// backing store.
//
// 4) NameDictionary - This is the dictionary-mode backing store.
//
// 4) GlobalDictionary - This is the backing store for the
// GlobalObject.
//
// This is used only in the deoptimizer and heap. Please use the
// above typed getters and setters to access the properties.
DECL_ACCESSORS(raw_properties_or_hash, Object)
inline void initialize_properties();
// Deletes an existing named property in a normalized object.
static void DeleteNormalizedProperty(Handle<JSReceiver> object, int entry);
DECL_CAST(JSReceiver)
// ES6 section 7.1.1 ToPrimitive
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ToPrimitive(
Handle<JSReceiver> receiver,
ToPrimitiveHint hint = ToPrimitiveHint::kDefault);
// ES6 section 7.1.1.1 OrdinaryToPrimitive
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> OrdinaryToPrimitive(
Handle<JSReceiver> receiver, OrdinaryToPrimitiveHint hint);
static MaybeHandle<Context> GetFunctionRealm(Handle<JSReceiver> receiver);
// Get the first non-hidden prototype.
static inline MaybeHandle<Object> GetPrototype(Isolate* isolate,
Handle<JSReceiver> receiver);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasInPrototypeChain(
Isolate* isolate, Handle<JSReceiver> object, Handle<Object> proto);
// Reads all enumerable own properties of source and adds them to
// target, using either Set or CreateDataProperty depending on the
// use_set argument. This only copies values not present in the
// maybe_excluded_properties list.
V8_WARN_UNUSED_RESULT static Maybe<bool> SetOrCopyDataProperties(
Isolate* isolate, Handle<JSReceiver> target, Handle<Object> source,
const ScopedVector<Handle<Object>>* excluded_properties = nullptr,
bool use_set = true);
// Implementation of [[HasProperty]], ECMA-262 5th edition, section 8.12.6.
V8_WARN_UNUSED_RESULT static Maybe<bool> HasProperty(LookupIterator* it);
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasProperty(
Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasElement(
Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasOwnProperty(
Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasOwnProperty(
Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
Isolate* isolate, Handle<JSReceiver> receiver, const char* key);
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
Isolate* isolate, Handle<JSReceiver> receiver, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetElement(
Isolate* isolate, Handle<JSReceiver> receiver, uint32_t index);
// Implementation of ES6 [[Delete]]
V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyOrElement(
Handle<JSReceiver> object, Handle<Name> name,
LanguageMode language_mode = LanguageMode::kSloppy);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
Handle<JSReceiver> object, Handle<Name> name,
LanguageMode language_mode = LanguageMode::kSloppy);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
LookupIterator* it, LanguageMode language_mode);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteElement(
Handle<JSReceiver> object, uint32_t index,
LanguageMode language_mode = LanguageMode::kSloppy);
V8_WARN_UNUSED_RESULT static Object* DefineProperty(
Isolate* isolate, Handle<Object> object, Handle<Object> name,
Handle<Object> attributes);
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> DefineProperties(
Isolate* isolate, Handle<Object> object, Handle<Object> properties);
// "virtual" dispatcher to the correct [[DefineOwnProperty]] implementation.
V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnProperty(
Isolate* isolate, Handle<JSReceiver> object, Handle<Object> key,
PropertyDescriptor* desc, ShouldThrow should_throw);
// ES6 7.3.4 (when passed kDontThrow)
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
Isolate* isolate, Handle<JSReceiver> object, Handle<Name> key,
Handle<Object> value, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
// ES6 9.1.6.1
V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
Isolate* isolate, Handle<JSObject> object, Handle<Object> key,
PropertyDescriptor* desc, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
LookupIterator* it, PropertyDescriptor* desc, ShouldThrow should_throw);
// ES6 9.1.6.2
V8_WARN_UNUSED_RESULT static Maybe<bool> IsCompatiblePropertyDescriptor(
Isolate* isolate, bool extensible, PropertyDescriptor* desc,
PropertyDescriptor* current, Handle<Name> property_name,
ShouldThrow should_throw);
// ES6 9.1.6.3
// |it| can be NULL in cases where the ES spec passes |undefined| as the
// receiver. Exactly one of |it| and |property_name| must be provided.
V8_WARN_UNUSED_RESULT static Maybe<bool> ValidateAndApplyPropertyDescriptor(
Isolate* isolate, LookupIterator* it, bool extensible,
PropertyDescriptor* desc, PropertyDescriptor* current,
ShouldThrow should_throw, Handle<Name> property_name);
V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool>
GetOwnPropertyDescriptor(Isolate* isolate, Handle<JSReceiver> object,
Handle<Object> key, PropertyDescriptor* desc);
V8_WARN_UNUSED_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
LookupIterator* it, PropertyDescriptor* desc);
typedef PropertyAttributes IntegrityLevel;
// ES6 7.3.14 (when passed kDontThrow)
// 'level' must be SEALED or FROZEN.
V8_WARN_UNUSED_RESULT static Maybe<bool> SetIntegrityLevel(
Handle<JSReceiver> object, IntegrityLevel lvl, ShouldThrow should_throw);
// ES6 7.3.15
// 'level' must be SEALED or FROZEN.
V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
Handle<JSReceiver> object, IntegrityLevel lvl);
// ES6 [[PreventExtensions]] (when passed kDontThrow)
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
Handle<JSReceiver> object, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> IsExtensible(
Handle<JSReceiver> object);
// Returns the class name ([[Class]] property in the specification).
V8_EXPORT_PRIVATE String* class_name();
// Returns the constructor (the function that was used to instantiate the
// object).
static MaybeHandle<JSFunction> GetConstructor(Handle<JSReceiver> receiver);
// Returns the constructor name (the name (possibly, inferred name) of the
// function that was used to instantiate the object).
static Handle<String> GetConstructorName(Handle<JSReceiver> receiver);
Handle<Context> GetCreationContext();
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetOwnPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetOwnPropertyAttributes(Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetElementAttributes(Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetOwnElementAttributes(Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes> GetPropertyAttributes(
LookupIterator* it);
// Set the object's prototype (only JSReceiver and null are allowed values).
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
Handle<JSReceiver> object, Handle<Object> value, bool from_javascript,
ShouldThrow should_throw);
inline static Handle<Object> GetDataProperty(Handle<JSReceiver> object,
Handle<Name> name);
static Handle<Object> GetDataProperty(LookupIterator* it);
// Retrieves a permanent object identity hash code. The undefined value might
// be returned in case no hash was created yet.
Object* GetIdentityHash(Isolate* isolate);
// Retrieves a permanent object identity hash code. May create and store a
// hash code if needed and none exists.
static Smi* CreateIdentityHash(Isolate* isolate, JSReceiver* key);
Smi* GetOrCreateIdentityHash(Isolate* isolate);
// Stores the hash code. The hash passed in must be masked with
// JSReceiver::kHashMask.
void SetIdentityHash(int masked_hash);
// ES6 [[OwnPropertyKeys]] (modulo return type)
V8_WARN_UNUSED_RESULT static inline MaybeHandle<FixedArray> OwnPropertyKeys(
Handle<JSReceiver> object);
V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnValues(
Handle<JSReceiver> object, PropertyFilter filter,
bool try_fast_path = true);
V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnEntries(
Handle<JSReceiver> object, PropertyFilter filter,
bool try_fast_path = true);
V8_WARN_UNUSED_RESULT static Handle<FixedArray> GetOwnElementIndices(
Isolate* isolate, Handle<JSReceiver> receiver, Handle<JSObject> object);
static const int kHashMask = PropertyArray::HashField::kMask;
// Layout description.
static const int kPropertiesOrHashOffset = HeapObject::kHeaderSize;
static const int kHeaderSize = HeapObject::kHeaderSize + kPointerSize;
bool HasProxyInPrototype(Isolate* isolate);
bool HasComplexElements();
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSReceiver);
};
// The JSObject describes real heap allocated JavaScript objects with
// properties.
// Note that the map of JSObject changes during execution to enable inline
// caching.
class JSObject: public JSReceiver {
public:
static bool IsUnmodifiedApiObject(Object** o);
static V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> New(
Handle<JSFunction> constructor, Handle<JSReceiver> new_target,
Handle<AllocationSite> site);
static MaybeHandle<Context> GetFunctionRealm(Handle<JSObject> object);
// 9.1.12 ObjectCreate ( proto [ , internalSlotsList ] )
// Notice: This is NOT 19.1.2.2 Object.create ( O, Properties )
static V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> ObjectCreate(
Isolate* isolate, Handle<Object> prototype);
// [elements]: The elements (properties with names that are integers).
//
// Elements can be in two general modes: fast and slow. Each mode
// corresponds to a set of object representations of elements that
// have something in common.
//
// In the fast mode elements is a FixedArray and so each element can
// be quickly accessed. This fact is used in the generated code. The
// elements array can have one of three maps in this mode:
// fixed_array_map, sloppy_arguments_elements_map or
// fixed_cow_array_map (for copy-on-write arrays). In the latter case
// the elements array may be shared by a few objects and so before
// writing to any element the array must be copied. Use
// EnsureWritableFastElements in this case.
//
// In the slow mode the elements is either a NumberDictionary, a
// FixedArray parameter map for a (sloppy) arguments object.
DECL_ACCESSORS(elements, FixedArrayBase)
inline void initialize_elements();
static inline void SetMapAndElements(Handle<JSObject> object,
Handle<Map> map,
Handle<FixedArrayBase> elements);
inline ElementsKind GetElementsKind() const;
ElementsAccessor* GetElementsAccessor();
// Returns true if an object has elements of PACKED_SMI_ELEMENTS or
// HOLEY_SMI_ELEMENTS ElementsKind.
inline bool HasSmiElements();
// Returns true if an object has elements of PACKED_ELEMENTS or
// HOLEY_ELEMENTS ElementsKind.
inline bool HasObjectElements();
// Returns true if an object has elements of PACKED_SMI_ELEMENTS,
// HOLEY_SMI_ELEMENTS, PACKED_ELEMENTS, or HOLEY_ELEMENTS.
inline bool HasSmiOrObjectElements();
// Returns true if an object has any of the "fast" elements kinds.
inline bool HasFastElements();
// Returns true if an object has any of the PACKED elements kinds.
inline bool HasFastPackedElements();
// Returns true if an object has elements of PACKED_DOUBLE_ELEMENTS or
// HOLEY_DOUBLE_ELEMENTS ElementsKind.
inline bool HasDoubleElements();
// Returns true if an object has elements of HOLEY_SMI_ELEMENTS,
// HOLEY_DOUBLE_ELEMENTS, or HOLEY_ELEMENTS ElementsKind.
inline bool HasHoleyElements();
inline bool HasSloppyArgumentsElements();
inline bool HasStringWrapperElements();
inline bool HasDictionaryElements();
inline bool HasFixedTypedArrayElements();
inline bool HasFixedUint8ClampedElements();
inline bool HasFixedArrayElements();
inline bool HasFixedInt8Elements();
inline bool HasFixedUint8Elements();
inline bool HasFixedInt16Elements();
inline bool HasFixedUint16Elements();
inline bool HasFixedInt32Elements();
inline bool HasFixedUint32Elements();
inline bool HasFixedFloat32Elements();
inline bool HasFixedFloat64Elements();
inline bool HasFixedBigInt64Elements();
inline bool HasFixedBigUint64Elements();
inline bool HasFastArgumentsElements();
inline bool HasSlowArgumentsElements();
inline bool HasFastStringWrapperElements();
inline bool HasSlowStringWrapperElements();
bool HasEnumerableElements();
inline NumberDictionary* element_dictionary(); // Gets slow elements.
// Requires: HasFastElements().
static void EnsureWritableFastElements(Handle<JSObject> object);
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithInterceptor(
LookupIterator* it, ShouldThrow should_throw, Handle<Object> value);
// The API currently still wants DefineOwnPropertyIgnoreAttributes to convert
// AccessorInfo objects to data fields. We allow FORCE_FIELD as an exception
// to the default behavior that calls the setter.
enum AccessorInfoHandling { FORCE_FIELD, DONT_FORCE_FIELD };
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
DefineOwnPropertyIgnoreAttributes(
LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
AccessorInfoHandling handling = DONT_FORCE_FIELD);
V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnPropertyIgnoreAttributes(
LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
ShouldThrow should_throw,
AccessorInfoHandling handling = DONT_FORCE_FIELD);
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
SetOwnPropertyIgnoreAttributes(Handle<JSObject> object, Handle<Name> name,
Handle<Object> value,
PropertyAttributes attributes);
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
SetOwnElementIgnoreAttributes(Handle<JSObject> object, uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
// Equivalent to one of the above depending on whether |name| can be converted
// to an array index.
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
DefinePropertyOrElementIgnoreAttributes(Handle<JSObject> object,
Handle<Name> name,
Handle<Object> value,
PropertyAttributes attributes = NONE);
// Adds or reconfigures a property to attributes NONE. It will fail when it
// cannot.
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
LookupIterator* it, Handle<Object> value,
ShouldThrow should_throw = kDontThrow);
static void AddProperty(Isolate* isolate, Handle<JSObject> object,
Handle<Name> name, Handle<Object> value,
PropertyAttributes attributes);
static void AddDataElement(Handle<JSObject> receiver, uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
// Extend the receiver with a single fast property appeared first in the
// passed map. This also extends the property backing store if necessary.
static void AllocateStorageForMap(Handle<JSObject> object, Handle<Map> map);
// Migrates the given object to a map whose field representations are the
// lowest upper bound of all known representations for that field.
static void MigrateInstance(Handle<JSObject> instance);
// Migrates the given object only if the target map is already available,
// or returns false if such a map is not yet available.
static bool TryMigrateInstance(Handle<JSObject> instance);
// Sets the property value in a normalized object given (key, value, details).
// Handles the special representation of JS global objects.
static void SetNormalizedProperty(Handle<JSObject> object, Handle<Name> name,
Handle<Object> value,
PropertyDetails details);
static void SetDictionaryElement(Handle<JSObject> object, uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
static void SetDictionaryArgumentsElement(Handle<JSObject> object,
uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
static void OptimizeAsPrototype(Handle<JSObject> object,
bool enable_setup_mode = true);
static void ReoptimizeIfPrototype(Handle<JSObject> object);
static void MakePrototypesFast(Handle<Object> receiver,
WhereToStart where_to_start, Isolate* isolate);
static void LazyRegisterPrototypeUser(Handle<Map> user, Isolate* isolate);
static void UpdatePrototypeUserRegistration(Handle<Map> old_map,
Handle<Map> new_map,
Isolate* isolate);
static bool UnregisterPrototypeUser(Handle<Map> user, Isolate* isolate);
static Map* InvalidatePrototypeChains(Map* map);
static void InvalidatePrototypeValidityCell(JSGlobalObject* global);
// Updates prototype chain tracking information when an object changes its
// map from |old_map| to |new_map|.
static void NotifyMapChange(Handle<Map> old_map, Handle<Map> new_map,
Isolate* isolate);
// Utility used by many Array builtins and runtime functions
static inline bool PrototypeHasNoElements(Isolate* isolate, JSObject* object);
// To be passed to PrototypeUsers::Compact.
static void PrototypeRegistryCompactionCallback(HeapObject* value,
int old_index, int new_index);
// Retrieve interceptors.
inline InterceptorInfo* GetNamedInterceptor();
inline InterceptorInfo* GetIndexedInterceptor();
// Used from JSReceiver.
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
GetPropertyAttributesWithInterceptor(LookupIterator* it);
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
GetPropertyAttributesWithFailedAccessCheck(LookupIterator* it);
// Defines an AccessorPair property on the given object.
// TODO(mstarzinger): Rename to SetAccessor().
static MaybeHandle<Object> DefineAccessor(Handle<JSObject> object,
Handle<Name> name,
Handle<Object> getter,
Handle<Object> setter,
PropertyAttributes attributes);
static MaybeHandle<Object> DefineAccessor(LookupIterator* it,
Handle<Object> getter,
Handle<Object> setter,
PropertyAttributes attributes);
// Defines an AccessorInfo property on the given object.
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> SetAccessor(
Handle<JSObject> object, Handle<Name> name, Handle<AccessorInfo> info,
PropertyAttributes attributes);
// The result must be checked first for exceptions. If there's no exception,
// the output parameter |done| indicates whether the interceptor has a result
// or not.
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetPropertyWithInterceptor(
LookupIterator* it, bool* done);
static void ValidateElements(JSObject* object);
// Makes sure that this object can contain HeapObject as elements.
static inline void EnsureCanContainHeapObjectElements(Handle<JSObject> obj);
// Makes sure that this object can contain the specified elements.
static inline void EnsureCanContainElements(
Handle<JSObject> object,
Object** elements,
uint32_t count,
EnsureElementsMode mode);
static inline void EnsureCanContainElements(
Handle<JSObject> object,
Handle<FixedArrayBase> elements,
uint32_t length,
EnsureElementsMode mode);
static void EnsureCanContainElements(
Handle<JSObject> object,
Arguments* arguments,
uint32_t first_arg,
uint32_t arg_count,
EnsureElementsMode mode);
// Would we convert a fast elements array to dictionary mode given
// an access at key?
bool WouldConvertToSlowElements(uint32_t index);
static const uint32_t kMinAddedElementsCapacity = 16;
// Computes the new capacity when expanding the elements of a JSObject.
static uint32_t NewElementsCapacity(uint32_t old_capacity) {
// (old_capacity + 50%) + kMinAddedElementsCapacity
return old_capacity + (old_capacity >> 1) + kMinAddedElementsCapacity;
}
// These methods do not perform access checks!
template <AllocationSiteUpdateMode update_or_check =
AllocationSiteUpdateMode::kUpdate>
static bool UpdateAllocationSite(Handle<JSObject> object,
ElementsKind to_kind);
// Lookup interceptors are used for handling properties controlled by host
// objects.
inline bool HasNamedInterceptor();
inline bool HasIndexedInterceptor();
// Support functions for v8 api (needed for correct interceptor behavior).
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedProperty(
Handle<JSObject> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealElementProperty(
Handle<JSObject> object, uint32_t index);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedCallbackProperty(
Handle<JSObject> object, Handle<Name> name);
// Get the header size for a JSObject. Used to compute the index of
// embedder fields as well as the number of embedder fields.
// The |function_has_prototype_slot| parameter is needed only for
// JSFunction objects.
static int GetHeaderSize(InstanceType instance_type,
bool function_has_prototype_slot = false);
static inline int GetHeaderSize(const Map* map);
inline int GetHeaderSize() const;
static inline int GetEmbedderFieldCount(const Map* map);
inline int GetEmbedderFieldCount() const;
inline int GetEmbedderFieldOffset(int index);
inline Object* GetEmbedderField(int index);
inline void SetEmbedderField(int index, Object* value);
inline void SetEmbedderField(int index, Smi* value);
// Returns true when the object is potentially a wrapper that gets special
// garbage collection treatment.
// TODO(mlippautz): Make check exact and replace the pattern match in
// Heap::TracePossibleWrapper.
bool IsApiWrapper();
// Same as IsApiWrapper() but also allow dropping the wrapper on minor GCs.
bool IsDroppableApiWrapper();
// Returns a new map with all transitions dropped from the object's current
// map and the ElementsKind set.
static Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
ElementsKind to_kind);
static void TransitionElementsKind(Handle<JSObject> object,
ElementsKind to_kind);
// Always use this to migrate an object to a new map.
// |expected_additional_properties| is only used for fast-to-slow transitions
// and ignored otherwise.
static void MigrateToMap(Handle<JSObject> object, Handle<Map> new_map,
int expected_additional_properties = 0);
// Forces a prototype without any of the checks that the regular SetPrototype
// would do.
static void ForceSetPrototype(Handle<JSObject> object, Handle<Object> proto);
// Convert the object to use the canonical dictionary
// representation. If the object is expected to have additional properties
// added this number can be indicated to have the backing store allocated to
// an initial capacity for holding these properties.
static void NormalizeProperties(Handle<JSObject> object,
PropertyNormalizationMode mode,
int expected_additional_properties,
const char* reason);
// Convert and update the elements backing store to be a
// NumberDictionary dictionary. Returns the backing after conversion.
static Handle<NumberDictionary> NormalizeElements(Handle<JSObject> object);
void RequireSlowElements(NumberDictionary* dictionary);
// Transform slow named properties to fast variants.
static void MigrateSlowToFast(Handle<JSObject> object,
int unused_property_fields, const char* reason);
inline bool IsUnboxedDoubleField(FieldIndex index);
// Access fast-case object properties at index.
static Handle<Object> FastPropertyAt(Handle<JSObject> object,
Representation representation,
FieldIndex index);
inline Object* RawFastPropertyAt(FieldIndex index);
inline double RawFastDoublePropertyAt(FieldIndex index);
inline uint64_t RawFastDoublePropertyAsBitsAt(FieldIndex index);
inline void FastPropertyAtPut(FieldIndex index, Object* value);
inline void RawFastPropertyAtPut(FieldIndex index, Object* value);
inline void RawFastDoublePropertyAsBitsAtPut(FieldIndex index, uint64_t bits);
inline void WriteToField(int descriptor, PropertyDetails details,
Object* value);
// Access to in object properties.
inline int GetInObjectPropertyOffset(int index);
inline Object* InObjectPropertyAt(int index);
inline Object* InObjectPropertyAtPut(int index,
Object* value,
WriteBarrierMode mode
= UPDATE_WRITE_BARRIER);
// Set the object's prototype (only JSReceiver and null are allowed values).
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
Handle<JSObject> object, Handle<Object> value, bool from_javascript,
ShouldThrow should_throw);
// Makes the object prototype immutable
// Never called from JavaScript
static void SetImmutableProto(Handle<JSObject> object);
// Initializes the body starting at |start_offset|. It is responsibility of
// the caller to initialize object header. Fill the pre-allocated fields with
// pre_allocated_value and the rest with filler_value.
// Note: this call does not update write barrier, the caller is responsible
// to ensure that |filler_value| can be collected without WB here.
inline void InitializeBody(Map* map, int start_offset,
Object* pre_allocated_value, Object* filler_value);
// Check whether this object references another object
bool ReferencesObject(Object* obj);
V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
Handle<JSObject> object, IntegrityLevel lvl);
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
Handle<JSObject> object, ShouldThrow should_throw);
static bool IsExtensible(Handle<JSObject> object);
DECL_CAST(JSObject)
// Dispatched behavior.
void JSObjectShortPrint(StringStream* accumulator);
DECL_PRINTER(JSObject)
DECL_VERIFIER(JSObject)
#ifdef OBJECT_PRINT
bool PrintProperties(std::ostream& os); // NOLINT
void PrintElements(std::ostream& os); // NOLINT
#endif
#if defined(DEBUG) || defined(OBJECT_PRINT)
void PrintTransitions(std::ostream& os); // NOLINT
#endif
static void PrintElementsTransition(
FILE* file, Handle<JSObject> object,
ElementsKind from_kind, Handle<FixedArrayBase> from_elements,
ElementsKind to_kind, Handle<FixedArrayBase> to_elements);
void PrintInstanceMigration(FILE* file, Map* original_map, Map* new_map);
#ifdef DEBUG
// Structure for collecting spill information about JSObjects.
class SpillInformation {
public:
void Clear();
void Print();
int number_of_objects_;
int number_of_objects_with_fast_properties_;
int number_of_objects_with_fast_elements_;
int number_of_fast_used_fields_;
int number_of_fast_unused_fields_;
int number_of_slow_used_properties_;
int number_of_slow_unused_properties_;
int number_of_fast_used_elements_;
int number_of_fast_unused_elements_;
int number_of_slow_used_elements_;
int number_of_slow_unused_elements_;
};
void IncrementSpillStatistics(Isolate* isolate, SpillInformation* info);
#endif
#ifdef VERIFY_HEAP
// If a GC was caused while constructing this object, the elements pointer
// may point to a one pointer filler map. The object won't be rooted, but
// our heap verification code could stumble across it.
bool ElementsAreSafeToExamine() const;
#endif
Object* SlowReverseLookup(Object* value);
// Maximal number of elements (numbered 0 .. kMaxElementCount - 1).
// Also maximal value of JSArray's length property.
static const uint32_t kMaxElementCount = 0xffffffffu;
// Constants for heuristics controlling conversion of fast elements
// to slow elements.
// Maximal gap that can be introduced by adding an element beyond
// the current elements length.
static const uint32_t kMaxGap = 1024;
// Maximal length of fast elements array that won't be checked for
// being dense enough on expansion.
static const int kMaxUncheckedFastElementsLength = 5000;
// Same as above but for old arrays. This limit is more strict. We
// don't want to be wasteful with long lived objects.
static const int kMaxUncheckedOldFastElementsLength = 500;
// This constant applies only to the initial map of "global.Object" and
// not to arbitrary other JSObject maps.
static const int kInitialGlobalObjectUnusedPropertiesCount = 4;
static const int kMaxInstanceSize = 255 * kPointerSize;
// When extending the backing storage for property values, we increase
// its size by more than the 1 entry necessary, so sequentially adding fields
// to the same object requires fewer allocations and copies.
static const int kFieldsAdded = 3;
STATIC_ASSERT(kMaxNumberOfDescriptors + kFieldsAdded <=
PropertyArray::kMaxLength);
// Layout description.
static const int kElementsOffset = JSReceiver::kHeaderSize;
static const int kHeaderSize = kElementsOffset + kPointerSize;
STATIC_ASSERT(kHeaderSize == Internals::kJSObjectHeaderSize);
static const int kMaxInObjectProperties =
(kMaxInstanceSize - kHeaderSize) >> kPointerSizeLog2;
STATIC_ASSERT(kMaxInObjectProperties <= kMaxNumberOfDescriptors);
// TODO(cbruni): Revisit calculation of the max supported embedder fields.
static const int kMaxEmbedderFields =
((1 << kFirstInobjectPropertyOffsetBitCount) - 1 - kHeaderSize) >>
kPointerSizeLog2;
STATIC_ASSERT(kMaxEmbedderFields <= kMaxInObjectProperties);
class BodyDescriptor;
class FastBodyDescriptor;
// Gets the number of currently used elements.
int GetFastElementsUsage();
static bool AllCanRead(LookupIterator* it);
static bool AllCanWrite(LookupIterator* it);
private:
friend class JSReceiver;
friend class Object;
// Used from Object::GetProperty().
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
GetPropertyWithFailedAccessCheck(LookupIterator* it);
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithFailedAccessCheck(
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyWithInterceptor(
LookupIterator* it, ShouldThrow should_throw);
bool ReferencesObjectFromElements(FixedArray* elements,
ElementsKind kind,
Object* object);
// Helper for fast versions of preventExtensions, seal, and freeze.
// attrs is one of NONE, SEALED, or FROZEN (depending on the operation).
template <PropertyAttributes attrs>
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensionsWithTransition(
Handle<JSObject> object, ShouldThrow should_throw);
DISALLOW_IMPLICIT_CONSTRUCTORS(JSObject);
};
// JSAccessorPropertyDescriptor is just a JSObject with a specific initial
// map. This initial map adds in-object properties for "get", "set",
// "enumerable" and "configurable" properties, as assigned by the
// FromPropertyDescriptor function for regular accessor properties.
class JSAccessorPropertyDescriptor: public JSObject {
public:
// Offsets of object fields.
static const int kGetOffset = JSObject::kHeaderSize;
static const int kSetOffset = kGetOffset + kPointerSize;
static const int kEnumerableOffset = kSetOffset + kPointerSize;
static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
static const int kSize = kConfigurableOffset + kPointerSize;
// Indices of in-object properties.
static const int kGetIndex = 0;
static const int kSetIndex = 1;
static const int kEnumerableIndex = 2;
static const int kConfigurableIndex = 3;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSAccessorPropertyDescriptor);
};
// JSDataPropertyDescriptor is just a JSObject with a specific initial map.
// This initial map adds in-object properties for "value", "writable",
// "enumerable" and "configurable" properties, as assigned by the
// FromPropertyDescriptor function for regular data properties.
class JSDataPropertyDescriptor: public JSObject {
public:
// Offsets of object fields.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kWritableOffset = kValueOffset + kPointerSize;
static const int kEnumerableOffset = kWritableOffset + kPointerSize;
static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
static const int kSize = kConfigurableOffset + kPointerSize;
// Indices of in-object properties.
static const int kValueIndex = 0;
static const int kWritableIndex = 1;
static const int kEnumerableIndex = 2;
static const int kConfigurableIndex = 3;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSDataPropertyDescriptor);
};
// JSIteratorResult is just a JSObject with a specific initial map.
// This initial map adds in-object properties for "done" and "value",
// as specified by ES6 section 25.1.1.3 The IteratorResult Interface
class JSIteratorResult: public JSObject {
public:
DECL_ACCESSORS(value, Object)
DECL_ACCESSORS(done, Object)
// Offsets of object fields.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kDoneOffset = kValueOffset + kPointerSize;
static const int kSize = kDoneOffset + kPointerSize;
// Indices of in-object properties.
static const int kValueIndex = 0;
static const int kDoneIndex = 1;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSIteratorResult);
};
// FreeSpace are fixed-size free memory blocks used by the heap and GC.
// They look like heap objects (are heap object tagged and have a map) so that
// the heap remains iterable. They have a size and a next pointer.
......@@ -3146,512 +2287,6 @@ enum class BuiltinFunctionId : uint8_t {
kInvalidBuiltinFunctionId = static_cast<uint8_t>(-1),
};
// JSBoundFunction describes a bound function exotic object.
class JSBoundFunction : public JSObject {
public:
// [bound_target_function]: The wrapped function object.
inline Object* raw_bound_target_function() const;
DECL_ACCESSORS(bound_target_function, JSReceiver)
// [bound_this]: The value that is always passed as the this value when
// calling the wrapped function.
DECL_ACCESSORS(bound_this, Object)
// [bound_arguments]: A list of values whose elements are used as the first
// arguments to any call to the wrapped function.
DECL_ACCESSORS(bound_arguments, FixedArray)
static MaybeHandle<String> GetName(Isolate* isolate,
Handle<JSBoundFunction> function);
static Maybe<int> GetLength(Isolate* isolate,
Handle<JSBoundFunction> function);
static MaybeHandle<Context> GetFunctionRealm(
Handle<JSBoundFunction> function);
DECL_CAST(JSBoundFunction)
// Dispatched behavior.
DECL_PRINTER(JSBoundFunction)
DECL_VERIFIER(JSBoundFunction)
// The bound function's string representation implemented according
// to ES6 section 19.2.3.5 Function.prototype.toString ( ).
static Handle<String> ToString(Handle<JSBoundFunction> function);
// Layout description.
static const int kBoundTargetFunctionOffset = JSObject::kHeaderSize;
static const int kBoundThisOffset = kBoundTargetFunctionOffset + kPointerSize;
static const int kBoundArgumentsOffset = kBoundThisOffset + kPointerSize;
static const int kSize = kBoundArgumentsOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSBoundFunction);
};
// JSFunction describes JavaScript functions.
class JSFunction: public JSObject {
public:
// [prototype_or_initial_map]:
DECL_ACCESSORS(prototype_or_initial_map, Object)
// [shared]: The information about the function that
// can be shared by instances.
DECL_ACCESSORS(shared, SharedFunctionInfo)
static const int kLengthDescriptorIndex = 0;
static const int kNameDescriptorIndex = 1;
// Home object descriptor index when function has a [[HomeObject]] slot.
static const int kMaybeHomeObjectDescriptorIndex = 2;
// [context]: The context for this function.
inline Context* context();
inline bool has_context() const;
inline void set_context(Object* context);
inline JSGlobalProxy* global_proxy();
inline Context* native_context();
static Handle<Object> GetName(Isolate* isolate, Handle<JSFunction> function);
static Maybe<int> GetLength(Isolate* isolate, Handle<JSFunction> function);
static Handle<Context> GetFunctionRealm(Handle<JSFunction> function);
// [code]: The generated code object for this function. Executed
// when the function is invoked, e.g. foo() or new foo(). See
// [[Call]] and [[Construct]] description in ECMA-262, section
// 8.6.2, page 27.
inline Code* code();
inline void set_code(Code* code);
inline void set_code_no_write_barrier(Code* code);
// Get the abstract code associated with the function, which will either be
// a Code object or a BytecodeArray.
inline AbstractCode* abstract_code();
// Tells whether or not this function is interpreted.
//
// Note: function->IsInterpreted() does not necessarily return the same value
// as function->shared()->IsInterpreted() because the closure might have been
// optimized.
inline bool IsInterpreted();
// Tells whether or not this function checks its optimization marker in its
// feedback vector.
inline bool ChecksOptimizationMarker();
// Tells whether or not this function holds optimized code.
//
// Note: Returning false does not necessarily mean that this function hasn't
// been optimized, as it may have optimized code on its feedback vector.
inline bool IsOptimized();
// Tells whether or not this function has optimized code available to it,
// either because it is optimized or because it has optimized code in its
// feedback vector.
inline bool HasOptimizedCode();
// Tells whether or not this function has a (non-zero) optimization marker.
inline bool HasOptimizationMarker();
// Mark this function for lazy recompilation. The function will be recompiled
// the next time it is executed.
void MarkForOptimization(ConcurrencyMode mode);
// Tells whether or not the function is already marked for lazy recompilation.
inline bool IsMarkedForOptimization();
inline bool IsMarkedForConcurrentOptimization();
// Tells whether or not the function is on the concurrent recompilation queue.
inline bool IsInOptimizationQueue();
// Clears the optimized code slot in the function's feedback vector.
inline void ClearOptimizedCodeSlot(const char* reason);
// Sets the optimization marker in the function's feedback vector.
inline void SetOptimizationMarker(OptimizationMarker marker);
// Clears the optimization marker in the function's feedback vector.
inline void ClearOptimizationMarker();
// If slack tracking is active, it computes instance size of the initial map
// with minimum permissible object slack. If it is not active, it simply
// returns the initial map's instance size.
int ComputeInstanceSizeWithMinSlack(Isolate* isolate);
// Completes inobject slack tracking on initial map if it is active.
inline void CompleteInobjectSlackTrackingIfActive();
// [feedback_cell]: The FeedbackCell used to hold the FeedbackVector
// eventually.
DECL_ACCESSORS(feedback_cell, FeedbackCell)
// feedback_vector() can be used once the function is compiled.
inline FeedbackVector* feedback_vector() const;
inline bool has_feedback_vector() const;
static void EnsureFeedbackVector(Handle<JSFunction> function);
// Unconditionally clear the type feedback vector.
void ClearTypeFeedbackInfo();
inline bool has_prototype_slot() const;
// The initial map for an object created by this constructor.
inline Map* initial_map();
static void SetInitialMap(Handle<JSFunction> function, Handle<Map> map,
Handle<Object> prototype);
inline bool has_initial_map();
static void EnsureHasInitialMap(Handle<JSFunction> function);
// Creates a map that matches the constructor's initial map, but with
// [[prototype]] being new.target.prototype. Because new.target can be a
// JSProxy, this can call back into JavaScript.
static V8_WARN_UNUSED_RESULT MaybeHandle<Map> GetDerivedMap(
Isolate* isolate, Handle<JSFunction> constructor,
Handle<JSReceiver> new_target);
// Get and set the prototype property on a JSFunction. If the
// function has an initial map the prototype is set on the initial
// map. Otherwise, the prototype is put in the initial map field
// until an initial map is needed.
inline bool has_prototype();
inline bool has_instance_prototype();
inline Object* prototype();
inline Object* instance_prototype();
inline bool has_prototype_property();
inline bool PrototypeRequiresRuntimeLookup();
static void SetPrototype(Handle<JSFunction> function,
Handle<Object> value);
// Returns if this function has been compiled to native code yet.
inline bool is_compiled();
static int GetHeaderSize(bool function_has_prototype_slot) {
return function_has_prototype_slot ? JSFunction::kSizeWithPrototype
: JSFunction::kSizeWithoutPrototype;
}
// Prints the name of the function using PrintF.
void PrintName(FILE* out = stdout);
DECL_CAST(JSFunction)
// Calculate the instance size and in-object properties count.
static bool CalculateInstanceSizeForDerivedClass(
Handle<JSFunction> function, InstanceType instance_type,
int requested_embedder_fields, int* instance_size,
int* in_object_properties);
static void CalculateInstanceSizeHelper(InstanceType instance_type,
bool has_prototype_slot,
int requested_embedder_fields,
int requested_in_object_properties,
int* instance_size,
int* in_object_properties);
class BodyDescriptor;
// Dispatched behavior.
DECL_PRINTER(JSFunction)
DECL_VERIFIER(JSFunction)
// The function's name if it is configured, otherwise shared function info
// debug name.
static Handle<String> GetName(Handle<JSFunction> function);
// ES6 section 9.2.11 SetFunctionName
// Because of the way this abstract operation is used in the spec,
// it should never fail, but in practice it will fail if the generated
// function name's length exceeds String::kMaxLength.
static V8_WARN_UNUSED_RESULT bool SetName(Handle<JSFunction> function,
Handle<Name> name,
Handle<String> prefix);
// The function's displayName if it is set, otherwise name if it is
// configured, otherwise shared function info
// debug name.
static Handle<String> GetDebugName(Handle<JSFunction> function);
// The function's string representation implemented according to
// ES6 section 19.2.3.5 Function.prototype.toString ( ).
static Handle<String> ToString(Handle<JSFunction> function);
// Layout description.
#define JS_FUNCTION_FIELDS(V) \
/* Pointer fields. */ \
V(kSharedFunctionInfoOffset, kPointerSize) \
V(kContextOffset, kPointerSize) \
V(kFeedbackCellOffset, kPointerSize) \
V(kEndOfStrongFieldsOffset, 0) \
V(kCodeOffset, kPointerSize) \
/* Size of JSFunction object without prototype field. */ \
V(kSizeWithoutPrototype, 0) \
V(kPrototypeOrInitialMapOffset, kPointerSize) \
/* Size of JSFunction object with prototype field. */ \
V(kSizeWithPrototype, 0)
DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize, JS_FUNCTION_FIELDS)
#undef JS_FUNCTION_FIELDS
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSFunction);
};
// JSGlobalProxy's prototype must be a JSGlobalObject or null,
// and the prototype is hidden. JSGlobalProxy always delegates
// property accesses to its prototype if the prototype is not null.
//
// A JSGlobalProxy can be reinitialized which will preserve its identity.
//
// Accessing a JSGlobalProxy requires security check.
class JSGlobalProxy : public JSObject {
public:
// [native_context]: the owner native context of this global proxy object.
// It is null value if this object is not used by any context.
DECL_ACCESSORS(native_context, Object)
DECL_CAST(JSGlobalProxy)
inline bool IsDetachedFrom(JSGlobalObject* global) const;
static int SizeWithEmbedderFields(int embedder_field_count);
// Dispatched behavior.
DECL_PRINTER(JSGlobalProxy)
DECL_VERIFIER(JSGlobalProxy)
// Layout description.
static const int kNativeContextOffset = JSObject::kHeaderSize;
static const int kSize = kNativeContextOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalProxy);
};
// JavaScript global object.
class JSGlobalObject : public JSObject {
public:
// [native context]: the natives corresponding to this global object.
DECL_ACCESSORS(native_context, Context)
// [global proxy]: the global proxy object of the context
DECL_ACCESSORS(global_proxy, JSObject)
// Gets global object properties.
inline GlobalDictionary* global_dictionary();
inline void set_global_dictionary(GlobalDictionary* dictionary);
static void InvalidatePropertyCell(Handle<JSGlobalObject> object,
Handle<Name> name);
// Ensure that the global object has a cell for the given property name.
static Handle<PropertyCell> EnsureEmptyPropertyCell(
Handle<JSGlobalObject> global, Handle<Name> name,
PropertyCellType cell_type, int* entry_out = nullptr);
DECL_CAST(JSGlobalObject)
inline bool IsDetached();
// Dispatched behavior.
DECL_PRINTER(JSGlobalObject)
DECL_VERIFIER(JSGlobalObject)
// Layout description.
static const int kNativeContextOffset = JSObject::kHeaderSize;
static const int kGlobalProxyOffset = kNativeContextOffset + kPointerSize;
static const int kHeaderSize = kGlobalProxyOffset + kPointerSize;
static const int kSize = kHeaderSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalObject);
};
// Representation for JS Wrapper objects, String, Number, Boolean, etc.
class JSValue: public JSObject {
public:
// [value]: the object being wrapped.
DECL_ACCESSORS(value, Object)
DECL_CAST(JSValue)
// Dispatched behavior.
DECL_PRINTER(JSValue)
DECL_VERIFIER(JSValue)
// Layout description.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kSize = kValueOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSValue);
};
class DateCache;
// Representation for JS date objects.
class JSDate: public JSObject {
public:
static V8_WARN_UNUSED_RESULT MaybeHandle<JSDate> New(
Handle<JSFunction> constructor, Handle<JSReceiver> new_target, double tv);
// If one component is NaN, all of them are, indicating a NaN time value.
// [value]: the time value.
DECL_ACCESSORS(value, Object)
// [year]: caches year. Either undefined, smi, or NaN.
DECL_ACCESSORS(year, Object)
// [month]: caches month. Either undefined, smi, or NaN.
DECL_ACCESSORS(month, Object)
// [day]: caches day. Either undefined, smi, or NaN.
DECL_ACCESSORS(day, Object)
// [weekday]: caches day of week. Either undefined, smi, or NaN.
DECL_ACCESSORS(weekday, Object)
// [hour]: caches hours. Either undefined, smi, or NaN.
DECL_ACCESSORS(hour, Object)
// [min]: caches minutes. Either undefined, smi, or NaN.
DECL_ACCESSORS(min, Object)
// [sec]: caches seconds. Either undefined, smi, or NaN.
DECL_ACCESSORS(sec, Object)
// [cache stamp]: sample of the date cache stamp at the
// moment when chached fields were cached.
DECL_ACCESSORS(cache_stamp, Object)
DECL_CAST(JSDate)
// Returns the time value (UTC) identifying the current time.
static double CurrentTimeValue(Isolate* isolate);
// Returns the date field with the specified index.
// See FieldIndex for the list of date fields.
static Object* GetField(Object* date, Smi* index);
static Handle<Object> SetValue(Handle<JSDate> date, double v);
void SetValue(Object* value, bool is_value_nan);
// Dispatched behavior.
DECL_PRINTER(JSDate)
DECL_VERIFIER(JSDate)
// The order is important. It must be kept in sync with date macros
// in macros.py.
enum FieldIndex {
kDateValue,
kYear,
kMonth,
kDay,
kWeekday,
kHour,
kMinute,
kSecond,
kFirstUncachedField,
kMillisecond = kFirstUncachedField,
kDays,
kTimeInDay,
kFirstUTCField,
kYearUTC = kFirstUTCField,
kMonthUTC,
kDayUTC,
kWeekdayUTC,
kHourUTC,
kMinuteUTC,
kSecondUTC,
kMillisecondUTC,
kDaysUTC,
kTimeInDayUTC,
kTimezoneOffset
};
// Layout description.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kYearOffset = kValueOffset + kPointerSize;
static const int kMonthOffset = kYearOffset + kPointerSize;
static const int kDayOffset = kMonthOffset + kPointerSize;
static const int kWeekdayOffset = kDayOffset + kPointerSize;
static const int kHourOffset = kWeekdayOffset + kPointerSize;
static const int kMinOffset = kHourOffset + kPointerSize;
static const int kSecOffset = kMinOffset + kPointerSize;
static const int kCacheStampOffset = kSecOffset + kPointerSize;
static const int kSize = kCacheStampOffset + kPointerSize;
private:
inline Object* DoGetField(FieldIndex index);
Object* GetUTCField(FieldIndex index, double value, DateCache* date_cache);
// Computes and caches the cacheable fields of the date.
inline void SetCachedFields(int64_t local_time_ms, DateCache* date_cache);
DISALLOW_IMPLICIT_CONSTRUCTORS(JSDate);
};
// Representation of message objects used for error reporting through
// the API. The messages are formatted in JavaScript so this object is
// a real JavaScript object. The information used for formatting the
// error messages are not directly accessible from JavaScript to
// prevent leaking information to user code called during error
// formatting.
class JSMessageObject: public JSObject {
public:
// [type]: the type of error message.
inline int type() const;
inline void set_type(int value);
// [arguments]: the arguments for formatting the error message.
DECL_ACCESSORS(argument, Object)
// [script]: the script from which the error message originated.
DECL_ACCESSORS(script, Script)
// [stack_frames]: an array of stack frames for this error object.
DECL_ACCESSORS(stack_frames, Object)
// [start_position]: the start position in the script for the error message.
inline int start_position() const;
inline void set_start_position(int value);
// [end_position]: the end position in the script for the error message.
inline int end_position() const;
inline void set_end_position(int value);
// Returns the line number for the error message (1-based), or
// Message::kNoLineNumberInfo if the line cannot be determined.
int GetLineNumber() const;
// Returns the offset of the given position within the containing line.
int GetColumnNumber() const;
// Returns the source code line containing the given source
// position, or the empty string if the position is invalid.
Handle<String> GetSourceLine() const;
inline int error_level() const;
inline void set_error_level(int level);
DECL_CAST(JSMessageObject)
// Dispatched behavior.
DECL_PRINTER(JSMessageObject)
DECL_VERIFIER(JSMessageObject)
// Layout description.
static const int kTypeOffset = JSObject::kHeaderSize;
static const int kArgumentsOffset = kTypeOffset + kPointerSize;
static const int kScriptOffset = kArgumentsOffset + kPointerSize;
static const int kStackFramesOffset = kScriptOffset + kPointerSize;
static const int kStartPositionOffset = kStackFramesOffset + kPointerSize;
static const int kEndPositionOffset = kStartPositionOffset + kPointerSize;
static const int kErrorLevelOffset = kEndPositionOffset + kPointerSize;
static const int kSize = kErrorLevelOffset + kPointerSize;
typedef FixedBodyDescriptor<HeapObject::kMapOffset,
kStackFramesOffset + kPointerSize,
kSize> BodyDescriptor;
};
// Utility superclass for stack-allocated objects that must be updated
// on gc. It provides two ways for the gc to update instances, either
// iterating or updating after gc.
......@@ -3859,60 +2494,6 @@ class PropertyCell : public HeapObject {
DISALLOW_IMPLICIT_CONSTRUCTORS(PropertyCell);
};
// The [Async-from-Sync Iterator] object
// (proposal-async-iteration/#sec-async-from-sync-iterator-objects)
// An object which wraps an ordinary Iterator and converts it to behave
// according to the Async Iterator protocol.
// (See https://tc39.github.io/proposal-async-iteration/#sec-iteration)
class JSAsyncFromSyncIterator : public JSObject {
public:
DECL_CAST(JSAsyncFromSyncIterator)
DECL_PRINTER(JSAsyncFromSyncIterator)
DECL_VERIFIER(JSAsyncFromSyncIterator)
// Async-from-Sync Iterator instances are ordinary objects that inherit
// properties from the %AsyncFromSyncIteratorPrototype% intrinsic object.
// Async-from-Sync Iterator instances are initially created with the internal
// slots listed in Table 4.
// (proposal-async-iteration/#table-async-from-sync-iterator-internal-slots)
DECL_ACCESSORS(sync_iterator, JSReceiver)
// The "next" method is loaded during GetIterator, and is not reloaded for
// subsequent "next" invocations.
DECL_ACCESSORS(next, Object)
// Offsets of object fields.
static const int kSyncIteratorOffset = JSObject::kHeaderSize;
static const int kNextOffset = kSyncIteratorOffset + kPointerSize;
static const int kSize = kNextOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSAsyncFromSyncIterator);
};
class JSStringIterator : public JSObject {
public:
// Dispatched behavior.
DECL_PRINTER(JSStringIterator)
DECL_VERIFIER(JSStringIterator)
DECL_CAST(JSStringIterator)
// [string]: the [[IteratedString]] inobject property.
DECL_ACCESSORS(string, String)
// [index]: The [[StringIteratorNextIndex]] inobject property.
inline int index() const;
inline void set_index(int value);
static const int kStringOffset = JSObject::kHeaderSize;
static const int kNextIndexOffset = kStringOffset + kPointerSize;
static const int kSize = kNextIndexOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSStringIterator);
};
// Foreign describes objects pointing from JavaScript to C structures.
class Foreign: public HeapObject {
public:
......
......@@ -8,6 +8,7 @@
#include "src/objects/allocation-site.h"
#include "src/heap/heap-inl.h"
#include "src/objects/js-objects-inl.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -5,8 +5,8 @@
#ifndef V8_OBJECTS_ARGUMENTS_H_
#define V8_OBJECTS_ARGUMENTS_H_
#include "src/objects.h"
#include "src/objects/fixed-array.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -30,6 +30,7 @@ namespace internal {
template <typename T>
class Handle;
class JSCollator;
class Intl {
public:
......
......@@ -5,7 +5,7 @@
#ifndef V8_OBJECTS_JS_ARRAY_BUFFER_H_
#define V8_OBJECTS_JS_ARRAY_BUFFER_H_
#include "src/objects.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -5,9 +5,9 @@
#ifndef V8_OBJECTS_JS_ARRAY_H_
#define V8_OBJECTS_JS_ARRAY_H_
#include "src/objects.h"
#include "src/objects/allocation-site.h"
#include "src/objects/fixed-array.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -5,7 +5,7 @@
#ifndef V8_OBJECTS_JS_GENERATOR_H_
#define V8_OBJECTS_JS_GENERATOR_H_
#include "src/objects.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
// Copyright 2018 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef V8_OBJECTS_JS_OBJECTS_INL_H_
#define V8_OBJECTS_JS_OBJECTS_INL_H_
#include "src/objects/js-objects.h"
#include "src/feedback-vector.h"
#include "src/heap/heap-write-barrier.h"
#include "src/keys.h"
#include "src/lookup-inl.h"
#include "src/objects/shared-function-info.h"
#include "src/prototype.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
namespace v8 {
namespace internal {
CAST_ACCESSOR(JSAsyncFromSyncIterator)
CAST_ACCESSOR(JSBoundFunction)
CAST_ACCESSOR(JSDataView)
CAST_ACCESSOR(JSDate)
CAST_ACCESSOR(JSFunction)
CAST_ACCESSOR(JSGlobalObject)
CAST_ACCESSOR(JSGlobalProxy)
CAST_ACCESSOR(JSMessageObject)
CAST_ACCESSOR(JSObject)
CAST_ACCESSOR(JSReceiver)
CAST_ACCESSOR(JSStringIterator)
CAST_ACCESSOR(JSValue)
MaybeHandle<Object> JSReceiver::GetProperty(Isolate* isolate,
Handle<JSReceiver> receiver,
Handle<Name> name) {
LookupIterator it(isolate, receiver, name, receiver);
if (!it.IsFound()) return it.factory()->undefined_value();
return Object::GetProperty(&it);
}
MaybeHandle<Object> JSReceiver::GetElement(Isolate* isolate,
Handle<JSReceiver> receiver,
uint32_t index) {
LookupIterator it(isolate, receiver, index, receiver);
if (!it.IsFound()) return it.factory()->undefined_value();
return Object::GetProperty(&it);
}
Handle<Object> JSReceiver::GetDataProperty(Handle<JSReceiver> object,
Handle<Name> name) {
LookupIterator it(object, name, object,
LookupIterator::PROTOTYPE_CHAIN_SKIP_INTERCEPTOR);
if (!it.IsFound()) return it.factory()->undefined_value();
return GetDataProperty(&it);
}
MaybeHandle<Object> JSReceiver::GetPrototype(Isolate* isolate,
Handle<JSReceiver> receiver) {
// We don't expect access checks to be needed on JSProxy objects.
DCHECK(!receiver->IsAccessCheckNeeded() || receiver->IsJSObject());
PrototypeIterator iter(isolate, receiver, kStartAtReceiver,
PrototypeIterator::END_AT_NON_HIDDEN);
do {
if (!iter.AdvanceFollowingProxies()) return MaybeHandle<Object>();
} while (!iter.IsAtEnd());
return PrototypeIterator::GetCurrent(iter);
}
MaybeHandle<Object> JSReceiver::GetProperty(Isolate* isolate,
Handle<JSReceiver> receiver,
const char* name) {
Handle<String> str = isolate->factory()->InternalizeUtf8String(name);
return GetProperty(isolate, receiver, str);
}
// static
V8_WARN_UNUSED_RESULT MaybeHandle<FixedArray> JSReceiver::OwnPropertyKeys(
Handle<JSReceiver> object) {
return KeyAccumulator::GetKeys(object, KeyCollectionMode::kOwnOnly,
ALL_PROPERTIES,
GetKeysConversion::kConvertToString);
}
bool JSObject::PrototypeHasNoElements(Isolate* isolate, JSObject* object) {
DisallowHeapAllocation no_gc;
HeapObject* prototype = HeapObject::cast(object->map()->prototype());
ReadOnlyRoots roots(isolate);
HeapObject* null = roots.null_value();
HeapObject* empty_fixed_array = roots.empty_fixed_array();
HeapObject* empty_slow_element_dictionary =
roots.empty_slow_element_dictionary();
while (prototype != null) {
Map* map = prototype->map();
if (map->IsCustomElementsReceiverMap()) return false;
HeapObject* elements = JSObject::cast(prototype)->elements();
if (elements != empty_fixed_array &&
elements != empty_slow_element_dictionary) {
return false;
}
prototype = HeapObject::cast(map->prototype());
}
return true;
}
ACCESSORS(JSReceiver, raw_properties_or_hash, Object, kPropertiesOrHashOffset)
FixedArrayBase* JSObject::elements() const {
Object* array = READ_FIELD(this, kElementsOffset);
return static_cast<FixedArrayBase*>(array);
}
void JSObject::EnsureCanContainHeapObjectElements(Handle<JSObject> object) {
JSObject::ValidateElements(*object);
ElementsKind elements_kind = object->map()->elements_kind();
if (!IsObjectElementsKind(elements_kind)) {
if (IsHoleyElementsKind(elements_kind)) {
TransitionElementsKind(object, HOLEY_ELEMENTS);
} else {
TransitionElementsKind(object, PACKED_ELEMENTS);
}
}
}
void JSObject::EnsureCanContainElements(Handle<JSObject> object,
Object** objects, uint32_t count,
EnsureElementsMode mode) {
ElementsKind current_kind = object->GetElementsKind();
ElementsKind target_kind = current_kind;
{
DisallowHeapAllocation no_allocation;
DCHECK(mode != ALLOW_COPIED_DOUBLE_ELEMENTS);
bool is_holey = IsHoleyElementsKind(current_kind);
if (current_kind == HOLEY_ELEMENTS) return;
Object* the_hole = object->GetReadOnlyRoots().the_hole_value();
for (uint32_t i = 0; i < count; ++i) {
Object* current = *objects++;
if (current == the_hole) {
is_holey = true;
target_kind = GetHoleyElementsKind(target_kind);
} else if (!current->IsSmi()) {
if (mode == ALLOW_CONVERTED_DOUBLE_ELEMENTS && current->IsNumber()) {
if (IsSmiElementsKind(target_kind)) {
if (is_holey) {
target_kind = HOLEY_DOUBLE_ELEMENTS;
} else {
target_kind = PACKED_DOUBLE_ELEMENTS;
}
}
} else if (is_holey) {
target_kind = HOLEY_ELEMENTS;
break;
} else {
target_kind = PACKED_ELEMENTS;
}
}
}
}
if (target_kind != current_kind) {
TransitionElementsKind(object, target_kind);
}
}
void JSObject::EnsureCanContainElements(Handle<JSObject> object,
Handle<FixedArrayBase> elements,
uint32_t length,
EnsureElementsMode mode) {
ReadOnlyRoots roots = object->GetReadOnlyRoots();
if (elements->map() != roots.fixed_double_array_map()) {
DCHECK(elements->map() == roots.fixed_array_map() ||
elements->map() == roots.fixed_cow_array_map());
if (mode == ALLOW_COPIED_DOUBLE_ELEMENTS) {
mode = DONT_ALLOW_DOUBLE_ELEMENTS;
}
Object** objects =
Handle<FixedArray>::cast(elements)->GetFirstElementAddress();
EnsureCanContainElements(object, objects, length, mode);
return;
}
DCHECK(mode == ALLOW_COPIED_DOUBLE_ELEMENTS);
if (object->GetElementsKind() == HOLEY_SMI_ELEMENTS) {
TransitionElementsKind(object, HOLEY_DOUBLE_ELEMENTS);
} else if (object->GetElementsKind() == PACKED_SMI_ELEMENTS) {
Handle<FixedDoubleArray> double_array =
Handle<FixedDoubleArray>::cast(elements);
for (uint32_t i = 0; i < length; ++i) {
if (double_array->is_the_hole(i)) {
TransitionElementsKind(object, HOLEY_DOUBLE_ELEMENTS);
return;
}
}
TransitionElementsKind(object, PACKED_DOUBLE_ELEMENTS);
}
}
void JSObject::SetMapAndElements(Handle<JSObject> object, Handle<Map> new_map,
Handle<FixedArrayBase> value) {
JSObject::MigrateToMap(object, new_map);
DCHECK((object->map()->has_fast_smi_or_object_elements() ||
(*value == object->GetReadOnlyRoots().empty_fixed_array()) ||
object->map()->has_fast_string_wrapper_elements()) ==
(value->map() == object->GetReadOnlyRoots().fixed_array_map() ||
value->map() == object->GetReadOnlyRoots().fixed_cow_array_map()));
DCHECK((*value == object->GetReadOnlyRoots().empty_fixed_array()) ||
(object->map()->has_fast_double_elements() ==
value->IsFixedDoubleArray()));
object->set_elements(*value);
}
void JSObject::set_elements(FixedArrayBase* value, WriteBarrierMode mode) {
WRITE_FIELD(this, kElementsOffset, value);
CONDITIONAL_WRITE_BARRIER(this, kElementsOffset, value, mode);
}
void JSObject::initialize_elements() {
FixedArrayBase* elements = map()->GetInitialElements();
WRITE_FIELD(this, kElementsOffset, elements);
}
InterceptorInfo* JSObject::GetIndexedInterceptor() {
return map()->GetIndexedInterceptor();
}
InterceptorInfo* JSObject::GetNamedInterceptor() {
return map()->GetNamedInterceptor();
}
int JSObject::GetHeaderSize() const { return GetHeaderSize(map()); }
int JSObject::GetHeaderSize(const Map* map) {
// Check for the most common kind of JavaScript object before
// falling into the generic switch. This speeds up the internal
// field operations considerably on average.
InstanceType instance_type = map->instance_type();
return instance_type == JS_OBJECT_TYPE
? JSObject::kHeaderSize
: GetHeaderSize(instance_type, map->has_prototype_slot());
}
// static
int JSObject::GetEmbedderFieldCount(const Map* map) {
int instance_size = map->instance_size();
if (instance_size == kVariableSizeSentinel) return 0;
return ((instance_size - GetHeaderSize(map)) >> kPointerSizeLog2) -
map->GetInObjectProperties();
}
int JSObject::GetEmbedderFieldCount() const {
return GetEmbedderFieldCount(map());
}
int JSObject::GetEmbedderFieldOffset(int index) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
return GetHeaderSize() + (kPointerSize * index);
}
Object* JSObject::GetEmbedderField(int index) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
// Internal objects do follow immediately after the header, whereas in-object
// properties are at the end of the object. Therefore there is no need
// to adjust the index here.
return READ_FIELD(this, GetHeaderSize() + (kPointerSize * index));
}
void JSObject::SetEmbedderField(int index, Object* value) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
// Internal objects do follow immediately after the header, whereas in-object
// properties are at the end of the object. Therefore there is no need
// to adjust the index here.
int offset = GetHeaderSize() + (kPointerSize * index);
WRITE_FIELD(this, offset, value);
WRITE_BARRIER(this, offset, value);
}
void JSObject::SetEmbedderField(int index, Smi* value) {
DCHECK(index < GetEmbedderFieldCount() && index >= 0);
// Internal objects do follow immediately after the header, whereas in-object
// properties are at the end of the object. Therefore there is no need
// to adjust the index here.
int offset = GetHeaderSize() + (kPointerSize * index);
WRITE_FIELD(this, offset, value);
}
bool JSObject::IsUnboxedDoubleField(FieldIndex index) {
if (!FLAG_unbox_double_fields) return false;
return map()->IsUnboxedDoubleField(index);
}
// Access fast-case object properties at index. The use of these routines
// is needed to correctly distinguish between properties stored in-object and
// properties stored in the properties array.
Object* JSObject::RawFastPropertyAt(FieldIndex index) {
DCHECK(!IsUnboxedDoubleField(index));
if (index.is_inobject()) {
return READ_FIELD(this, index.offset());
} else {
return property_array()->get(index.outobject_array_index());
}
}
double JSObject::RawFastDoublePropertyAt(FieldIndex index) {
DCHECK(IsUnboxedDoubleField(index));
return READ_DOUBLE_FIELD(this, index.offset());
}
uint64_t JSObject::RawFastDoublePropertyAsBitsAt(FieldIndex index) {
DCHECK(IsUnboxedDoubleField(index));
return READ_UINT64_FIELD(this, index.offset());
}
void JSObject::RawFastPropertyAtPut(FieldIndex index, Object* value) {
if (index.is_inobject()) {
int offset = index.offset();
WRITE_FIELD(this, offset, value);
WRITE_BARRIER(this, offset, value);
} else {
property_array()->set(index.outobject_array_index(), value);
}
}
void JSObject::RawFastDoublePropertyAsBitsAtPut(FieldIndex index,
uint64_t bits) {
// Double unboxing is enabled only on 64-bit platforms.
DCHECK_EQ(kDoubleSize, kPointerSize);
Address field_addr = FIELD_ADDR(this, index.offset());
base::Relaxed_Store(reinterpret_cast<base::AtomicWord*>(field_addr),
static_cast<base::AtomicWord>(bits));
}
void JSObject::FastPropertyAtPut(FieldIndex index, Object* value) {
if (IsUnboxedDoubleField(index)) {
DCHECK(value->IsMutableHeapNumber());
// Ensure that all bits of the double value are preserved.
RawFastDoublePropertyAsBitsAtPut(
index, MutableHeapNumber::cast(value)->value_as_bits());
} else {
RawFastPropertyAtPut(index, value);
}
}
void JSObject::WriteToField(int descriptor, PropertyDetails details,
Object* value) {
DCHECK_EQ(kField, details.location());
DCHECK_EQ(kData, details.kind());
DisallowHeapAllocation no_gc;
FieldIndex index = FieldIndex::ForDescriptor(map(), descriptor);
if (details.representation().IsDouble()) {
// Nothing more to be done.
if (value->IsUninitialized()) {
return;
}
// Manipulating the signaling NaN used for the hole and uninitialized
// double field sentinel in C++, e.g. with bit_cast or value()/set_value(),
// will change its value on ia32 (the x87 stack is used to return values
// and stores to the stack silently clear the signalling bit).
uint64_t bits;
if (value->IsSmi()) {
bits = bit_cast<uint64_t>(static_cast<double>(Smi::ToInt(value)));
} else {
DCHECK(value->IsHeapNumber());
bits = HeapNumber::cast(value)->value_as_bits();
}
if (IsUnboxedDoubleField(index)) {
RawFastDoublePropertyAsBitsAtPut(index, bits);
} else {
auto box = MutableHeapNumber::cast(RawFastPropertyAt(index));
box->set_value_as_bits(bits);
}
} else {
RawFastPropertyAtPut(index, value);
}
}
int JSObject::GetInObjectPropertyOffset(int index) {
return map()->GetInObjectPropertyOffset(index);
}
Object* JSObject::InObjectPropertyAt(int index) {
int offset = GetInObjectPropertyOffset(index);
return READ_FIELD(this, offset);
}
Object* JSObject::InObjectPropertyAtPut(int index, Object* value,
WriteBarrierMode mode) {
// Adjust for the number of properties stored in the object.
int offset = GetInObjectPropertyOffset(index);
WRITE_FIELD(this, offset, value);
CONDITIONAL_WRITE_BARRIER(this, offset, value, mode);
return value;
}
void JSObject::InitializeBody(Map* map, int start_offset,
Object* pre_allocated_value,
Object* filler_value) {
DCHECK(!filler_value->IsHeapObject() || !Heap::InNewSpace(filler_value));
DCHECK(!pre_allocated_value->IsHeapObject() ||
!Heap::InNewSpace(pre_allocated_value));
int size = map->instance_size();
int offset = start_offset;
if (filler_value != pre_allocated_value) {
int end_of_pre_allocated_offset =
size - (map->UnusedPropertyFields() * kPointerSize);
DCHECK_LE(kHeaderSize, end_of_pre_allocated_offset);
while (offset < end_of_pre_allocated_offset) {
WRITE_FIELD(this, offset, pre_allocated_value);
offset += kPointerSize;
}
}
while (offset < size) {
WRITE_FIELD(this, offset, filler_value);
offset += kPointerSize;
}
}
Object* JSBoundFunction::raw_bound_target_function() const {
return READ_FIELD(this, kBoundTargetFunctionOffset);
}
ACCESSORS(JSBoundFunction, bound_target_function, JSReceiver,
kBoundTargetFunctionOffset)
ACCESSORS(JSBoundFunction, bound_this, Object, kBoundThisOffset)
ACCESSORS(JSBoundFunction, bound_arguments, FixedArray, kBoundArgumentsOffset)
ACCESSORS(JSFunction, shared, SharedFunctionInfo, kSharedFunctionInfoOffset)
ACCESSORS(JSFunction, feedback_cell, FeedbackCell, kFeedbackCellOffset)
ACCESSORS(JSGlobalObject, native_context, Context, kNativeContextOffset)
ACCESSORS(JSGlobalObject, global_proxy, JSObject, kGlobalProxyOffset)
ACCESSORS(JSGlobalProxy, native_context, Object, kNativeContextOffset)
FeedbackVector* JSFunction::feedback_vector() const {
DCHECK(has_feedback_vector());
return FeedbackVector::cast(feedback_cell()->value());
}
// Code objects that are marked for deoptimization are not considered to be
// optimized. This is because the JSFunction might have been already
// deoptimized but its code() still needs to be unlinked, which will happen on
// its next activation.
// TODO(jupvfranco): rename this function. Maybe RunOptimizedCode,
// or IsValidOptimizedCode.
bool JSFunction::IsOptimized() {
return code()->kind() == Code::OPTIMIZED_FUNCTION &&
!code()->marked_for_deoptimization();
}
bool JSFunction::HasOptimizedCode() {
return IsOptimized() ||
(has_feedback_vector() && feedback_vector()->has_optimized_code() &&
!feedback_vector()->optimized_code()->marked_for_deoptimization());
}
bool JSFunction::HasOptimizationMarker() {
return has_feedback_vector() && feedback_vector()->has_optimization_marker();
}
void JSFunction::ClearOptimizationMarker() {
DCHECK(has_feedback_vector());
feedback_vector()->ClearOptimizationMarker();
}
// Optimized code marked for deoptimization will tier back down to running
// interpreted on its next activation, and already doesn't count as IsOptimized.
bool JSFunction::IsInterpreted() {
return code()->is_interpreter_trampoline_builtin() ||
(code()->kind() == Code::OPTIMIZED_FUNCTION &&
code()->marked_for_deoptimization());
}
bool JSFunction::ChecksOptimizationMarker() {
return code()->checks_optimization_marker();
}
bool JSFunction::IsMarkedForOptimization() {
return has_feedback_vector() && feedback_vector()->optimization_marker() ==
OptimizationMarker::kCompileOptimized;
}
bool JSFunction::IsMarkedForConcurrentOptimization() {
return has_feedback_vector() &&
feedback_vector()->optimization_marker() ==
OptimizationMarker::kCompileOptimizedConcurrent;
}
bool JSFunction::IsInOptimizationQueue() {
return has_feedback_vector() && feedback_vector()->optimization_marker() ==
OptimizationMarker::kInOptimizationQueue;
}
void JSFunction::CompleteInobjectSlackTrackingIfActive() {
if (!has_prototype_slot()) return;
if (has_initial_map() && initial_map()->IsInobjectSlackTrackingInProgress()) {
initial_map()->CompleteInobjectSlackTracking(GetIsolate());
}
}
AbstractCode* JSFunction::abstract_code() {
if (IsInterpreted()) {
return AbstractCode::cast(shared()->GetBytecodeArray());
} else {
return AbstractCode::cast(code());
}
}
Code* JSFunction::code() { return Code::cast(READ_FIELD(this, kCodeOffset)); }
void JSFunction::set_code(Code* value) {
DCHECK(!Heap::InNewSpace(value));
WRITE_FIELD(this, kCodeOffset, value);
MarkingBarrier(this, HeapObject::RawField(this, kCodeOffset), value);
}
void JSFunction::set_code_no_write_barrier(Code* value) {
DCHECK(!Heap::InNewSpace(value));
WRITE_FIELD(this, kCodeOffset, value);
}
void JSFunction::ClearOptimizedCodeSlot(const char* reason) {
if (has_feedback_vector() && feedback_vector()->has_optimized_code()) {
if (FLAG_trace_opt) {
PrintF("[evicting entry from optimizing code feedback slot (%s) for ",
reason);
ShortPrint();
PrintF("]\n");
}
feedback_vector()->ClearOptimizedCode();
}
}
void JSFunction::SetOptimizationMarker(OptimizationMarker marker) {
DCHECK(has_feedback_vector());
DCHECK(ChecksOptimizationMarker());
DCHECK(!HasOptimizedCode());
feedback_vector()->SetOptimizationMarker(marker);
}
bool JSFunction::has_feedback_vector() const {
return !feedback_cell()->value()->IsUndefined();
}
Context* JSFunction::context() {
return Context::cast(READ_FIELD(this, kContextOffset));
}
bool JSFunction::has_context() const {
return READ_FIELD(this, kContextOffset)->IsContext();
}
JSGlobalProxy* JSFunction::global_proxy() { return context()->global_proxy(); }
Context* JSFunction::native_context() { return context()->native_context(); }
void JSFunction::set_context(Object* value) {
DCHECK(value->IsUndefined() || value->IsContext());
WRITE_FIELD(this, kContextOffset, value);
WRITE_BARRIER(this, kContextOffset, value);
}
ACCESSORS_CHECKED(JSFunction, prototype_or_initial_map, Object,
kPrototypeOrInitialMapOffset, map()->has_prototype_slot())
bool JSFunction::has_prototype_slot() const {
return map()->has_prototype_slot();
}
Map* JSFunction::initial_map() { return Map::cast(prototype_or_initial_map()); }
bool JSFunction::has_initial_map() {
DCHECK(has_prototype_slot());
return prototype_or_initial_map()->IsMap();
}
bool JSFunction::has_instance_prototype() {
DCHECK(has_prototype_slot());
return has_initial_map() || !prototype_or_initial_map()->IsTheHole();
}
bool JSFunction::has_prototype() {
DCHECK(has_prototype_slot());
return map()->has_non_instance_prototype() || has_instance_prototype();
}
bool JSFunction::has_prototype_property() {
return (has_prototype_slot() && IsConstructor()) ||
IsGeneratorFunction(shared()->kind());
}
bool JSFunction::PrototypeRequiresRuntimeLookup() {
return !has_prototype_property() || map()->has_non_instance_prototype();
}
Object* JSFunction::instance_prototype() {
DCHECK(has_instance_prototype());
if (has_initial_map()) return initial_map()->prototype();
// When there is no initial map and the prototype is a JSReceiver, the
// initial map field is used for the prototype field.
return prototype_or_initial_map();
}
Object* JSFunction::prototype() {
DCHECK(has_prototype());
// If the function's prototype property has been set to a non-JSReceiver
// value, that value is stored in the constructor field of the map.
if (map()->has_non_instance_prototype()) {
Object* prototype = map()->GetConstructor();
// The map must have a prototype in that field, not a back pointer.
DCHECK(!prototype->IsMap());
DCHECK(!prototype->IsFunctionTemplateInfo());
return prototype;
}
return instance_prototype();
}
bool JSFunction::is_compiled() {
return code()->builtin_index() != Builtins::kCompileLazy;
}
ACCESSORS(JSValue, value, Object, kValueOffset)
ACCESSORS(JSDate, value, Object, kValueOffset)
ACCESSORS(JSDate, cache_stamp, Object, kCacheStampOffset)
ACCESSORS(JSDate, year, Object, kYearOffset)
ACCESSORS(JSDate, month, Object, kMonthOffset)
ACCESSORS(JSDate, day, Object, kDayOffset)
ACCESSORS(JSDate, weekday, Object, kWeekdayOffset)
ACCESSORS(JSDate, hour, Object, kHourOffset)
ACCESSORS(JSDate, min, Object, kMinOffset)
ACCESSORS(JSDate, sec, Object, kSecOffset)
SMI_ACCESSORS(JSMessageObject, type, kTypeOffset)
ACCESSORS(JSMessageObject, argument, Object, kArgumentsOffset)
ACCESSORS(JSMessageObject, script, Script, kScriptOffset)
ACCESSORS(JSMessageObject, stack_frames, Object, kStackFramesOffset)
SMI_ACCESSORS(JSMessageObject, start_position, kStartPositionOffset)
SMI_ACCESSORS(JSMessageObject, end_position, kEndPositionOffset)
SMI_ACCESSORS(JSMessageObject, error_level, kErrorLevelOffset)
ElementsKind JSObject::GetElementsKind() const {
ElementsKind kind = map()->elements_kind();
#if VERIFY_HEAP && DEBUG
FixedArrayBase* fixed_array =
reinterpret_cast<FixedArrayBase*>(READ_FIELD(this, kElementsOffset));
// If a GC was caused while constructing this object, the elements
// pointer may point to a one pointer filler map.
if (ElementsAreSafeToExamine()) {
Map* map = fixed_array->map();
if (IsSmiOrObjectElementsKind(kind)) {
DCHECK(map == GetReadOnlyRoots().fixed_array_map() ||
map == GetReadOnlyRoots().fixed_cow_array_map());
} else if (IsDoubleElementsKind(kind)) {
DCHECK(fixed_array->IsFixedDoubleArray() ||
fixed_array == GetReadOnlyRoots().empty_fixed_array());
} else if (kind == DICTIONARY_ELEMENTS) {
DCHECK(fixed_array->IsFixedArray());
DCHECK(fixed_array->IsDictionary());
} else {
DCHECK(kind > DICTIONARY_ELEMENTS);
}
DCHECK(!IsSloppyArgumentsElementsKind(kind) ||
(elements()->IsFixedArray() && elements()->length() >= 2));
}
#endif
return kind;
}
bool JSObject::HasObjectElements() {
return IsObjectElementsKind(GetElementsKind());
}
bool JSObject::HasSmiElements() { return IsSmiElementsKind(GetElementsKind()); }
bool JSObject::HasSmiOrObjectElements() {
return IsSmiOrObjectElementsKind(GetElementsKind());
}
bool JSObject::HasDoubleElements() {
return IsDoubleElementsKind(GetElementsKind());
}
bool JSObject::HasHoleyElements() {
return IsHoleyElementsKind(GetElementsKind());
}
bool JSObject::HasFastElements() {
return IsFastElementsKind(GetElementsKind());
}
bool JSObject::HasFastPackedElements() {
return IsFastPackedElementsKind(GetElementsKind());
}
bool JSObject::HasDictionaryElements() {
return GetElementsKind() == DICTIONARY_ELEMENTS;
}
bool JSObject::HasFastArgumentsElements() {
return GetElementsKind() == FAST_SLOPPY_ARGUMENTS_ELEMENTS;
}
bool JSObject::HasSlowArgumentsElements() {
return GetElementsKind() == SLOW_SLOPPY_ARGUMENTS_ELEMENTS;
}
bool JSObject::HasSloppyArgumentsElements() {
return IsSloppyArgumentsElementsKind(GetElementsKind());
}
bool JSObject::HasStringWrapperElements() {
return IsStringWrapperElementsKind(GetElementsKind());
}
bool JSObject::HasFastStringWrapperElements() {
return GetElementsKind() == FAST_STRING_WRAPPER_ELEMENTS;
}
bool JSObject::HasSlowStringWrapperElements() {
return GetElementsKind() == SLOW_STRING_WRAPPER_ELEMENTS;
}
bool JSObject::HasFixedTypedArrayElements() {
DCHECK_NOT_NULL(elements());
return map()->has_fixed_typed_array_elements();
}
#define FIXED_TYPED_ELEMENTS_CHECK(Type, type, TYPE, ctype) \
bool JSObject::HasFixed##Type##Elements() { \
HeapObject* array = elements(); \
DCHECK_NOT_NULL(array); \
if (!array->IsHeapObject()) return false; \
return array->map()->instance_type() == FIXED_##TYPE##_ARRAY_TYPE; \
}
TYPED_ARRAYS(FIXED_TYPED_ELEMENTS_CHECK)
#undef FIXED_TYPED_ELEMENTS_CHECK
bool JSObject::HasNamedInterceptor() { return map()->has_named_interceptor(); }
bool JSObject::HasIndexedInterceptor() {
return map()->has_indexed_interceptor();
}
void JSGlobalObject::set_global_dictionary(GlobalDictionary* dictionary) {
DCHECK(IsJSGlobalObject());
set_raw_properties_or_hash(dictionary);
}
GlobalDictionary* JSGlobalObject::global_dictionary() {
DCHECK(!HasFastProperties());
DCHECK(IsJSGlobalObject());
return GlobalDictionary::cast(raw_properties_or_hash());
}
NumberDictionary* JSObject::element_dictionary() {
DCHECK(HasDictionaryElements() || HasSlowStringWrapperElements());
return NumberDictionary::cast(elements());
}
void JSReceiver::initialize_properties() {
Heap* heap = GetHeap();
ReadOnlyRoots roots(heap);
DCHECK(!Heap::InNewSpace(roots.empty_fixed_array()));
DCHECK(!Heap::InNewSpace(heap->empty_property_dictionary()));
if (map()->is_dictionary_map()) {
WRITE_FIELD(this, kPropertiesOrHashOffset,
heap->empty_property_dictionary());
} else {
WRITE_FIELD(this, kPropertiesOrHashOffset, roots.empty_fixed_array());
}
}
bool JSReceiver::HasFastProperties() const {
DCHECK(
raw_properties_or_hash()->IsSmi() ||
(raw_properties_or_hash()->IsDictionary() == map()->is_dictionary_map()));
return !map()->is_dictionary_map();
}
NameDictionary* JSReceiver::property_dictionary() const {
DCHECK(!IsJSGlobalObject());
DCHECK(!HasFastProperties());
Object* prop = raw_properties_or_hash();
if (prop->IsSmi()) {
return GetHeap()->empty_property_dictionary();
}
return NameDictionary::cast(prop);
}
// TODO(gsathya): Pass isolate directly to this function and access
// the heap from this.
PropertyArray* JSReceiver::property_array() const {
DCHECK(HasFastProperties());
Object* prop = raw_properties_or_hash();
if (prop->IsSmi() || prop == GetReadOnlyRoots().empty_fixed_array()) {
return GetReadOnlyRoots().empty_property_array();
}
return PropertyArray::cast(prop);
}
Maybe<bool> JSReceiver::HasProperty(Handle<JSReceiver> object,
Handle<Name> name) {
LookupIterator it = LookupIterator::PropertyOrElement(object->GetIsolate(),
object, name, object);
return HasProperty(&it);
}
Maybe<bool> JSReceiver::HasOwnProperty(Handle<JSReceiver> object,
uint32_t index) {
if (object->IsJSModuleNamespace()) return Just(false);
if (object->IsJSObject()) { // Shortcut.
LookupIterator it(object->GetIsolate(), object, index, object,
LookupIterator::OWN);
return HasProperty(&it);
}
Maybe<PropertyAttributes> attributes =
JSReceiver::GetOwnPropertyAttributes(object, index);
MAYBE_RETURN(attributes, Nothing<bool>());
return Just(attributes.FromJust() != ABSENT);
}
Maybe<PropertyAttributes> JSReceiver::GetPropertyAttributes(
Handle<JSReceiver> object, Handle<Name> name) {
LookupIterator it = LookupIterator::PropertyOrElement(object->GetIsolate(),
object, name, object);
return GetPropertyAttributes(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetOwnPropertyAttributes(
Handle<JSReceiver> object, Handle<Name> name) {
LookupIterator it = LookupIterator::PropertyOrElement(
object->GetIsolate(), object, name, object, LookupIterator::OWN);
return GetPropertyAttributes(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetOwnPropertyAttributes(
Handle<JSReceiver> object, uint32_t index) {
LookupIterator it(object->GetIsolate(), object, index, object,
LookupIterator::OWN);
return GetPropertyAttributes(&it);
}
Maybe<bool> JSReceiver::HasElement(Handle<JSReceiver> object, uint32_t index) {
LookupIterator it(object->GetIsolate(), object, index, object);
return HasProperty(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetElementAttributes(
Handle<JSReceiver> object, uint32_t index) {
Isolate* isolate = object->GetIsolate();
LookupIterator it(isolate, object, index, object);
return GetPropertyAttributes(&it);
}
Maybe<PropertyAttributes> JSReceiver::GetOwnElementAttributes(
Handle<JSReceiver> object, uint32_t index) {
Isolate* isolate = object->GetIsolate();
LookupIterator it(isolate, object, index, object, LookupIterator::OWN);
return GetPropertyAttributes(&it);
}
bool JSGlobalObject::IsDetached() {
return JSGlobalProxy::cast(global_proxy())->IsDetachedFrom(this);
}
bool JSGlobalProxy::IsDetachedFrom(JSGlobalObject* global) const {
const PrototypeIterator iter(this->GetIsolate(),
const_cast<JSGlobalProxy*>(this));
return iter.GetCurrent() != global;
}
inline int JSGlobalProxy::SizeWithEmbedderFields(int embedder_field_count) {
DCHECK_GE(embedder_field_count, 0);
return kSize + embedder_field_count * kPointerSize;
}
ACCESSORS(JSIteratorResult, value, Object, kValueOffset)
ACCESSORS(JSIteratorResult, done, Object, kDoneOffset)
ACCESSORS(JSAsyncFromSyncIterator, sync_iterator, JSReceiver,
kSyncIteratorOffset)
ACCESSORS(JSAsyncFromSyncIterator, next, Object, kNextOffset)
ACCESSORS(JSStringIterator, string, String, kStringOffset)
SMI_ACCESSORS(JSStringIterator, index, kNextIndexOffset)
} // namespace internal
} // namespace v8
#include "src/objects/object-macros-undef.h"
#endif // V8_OBJECTS_JS_OBJECTS_INL_H_
// Copyright 2018 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef V8_OBJECTS_JS_OBJECTS_H_
#define V8_OBJECTS_JS_OBJECTS_H_
#include "src/objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
namespace v8 {
namespace internal {
class JSGlobalObject;
class JSGlobalProxy;
// JSReceiver includes types on which properties can be defined, i.e.,
// JSObject and JSProxy.
class JSReceiver : public HeapObject, public NeverReadOnlySpaceObject {
public:
// Returns true if there is no slow (ie, dictionary) backing store.
inline bool HasFastProperties() const;
// Returns the properties array backing store if it
// exists. Otherwise, returns an empty_property_array when there's a
// Smi (hash code) or an empty_fixed_array for a fast properties
// map.
inline PropertyArray* property_array() const;
// Gets slow properties for non-global objects.
inline NameDictionary* property_dictionary() const;
// Sets the properties backing store and makes sure any existing hash is moved
// to the new properties store. To clear out the properties store, pass in the
// empty_fixed_array(), the hash will be maintained in this case as well.
void SetProperties(HeapObject* properties);
// There are five possible values for the properties offset.
// 1) EmptyFixedArray/EmptyPropertyDictionary - This is the standard
// placeholder.
//
// 2) Smi - This is the hash code of the object.
//
// 3) PropertyArray - This is similar to a FixedArray but stores
// the hash code of the object in its length field. This is a fast
// backing store.
//
// 4) NameDictionary - This is the dictionary-mode backing store.
//
// 4) GlobalDictionary - This is the backing store for the
// GlobalObject.
//
// This is used only in the deoptimizer and heap. Please use the
// above typed getters and setters to access the properties.
DECL_ACCESSORS(raw_properties_or_hash, Object)
inline void initialize_properties();
// Deletes an existing named property in a normalized object.
static void DeleteNormalizedProperty(Handle<JSReceiver> object, int entry);
DECL_CAST(JSReceiver)
// ES6 section 7.1.1 ToPrimitive
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ToPrimitive(
Handle<JSReceiver> receiver,
ToPrimitiveHint hint = ToPrimitiveHint::kDefault);
// ES6 section 7.1.1.1 OrdinaryToPrimitive
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> OrdinaryToPrimitive(
Handle<JSReceiver> receiver, OrdinaryToPrimitiveHint hint);
static MaybeHandle<Context> GetFunctionRealm(Handle<JSReceiver> receiver);
// Get the first non-hidden prototype.
static inline MaybeHandle<Object> GetPrototype(Isolate* isolate,
Handle<JSReceiver> receiver);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasInPrototypeChain(
Isolate* isolate, Handle<JSReceiver> object, Handle<Object> proto);
// Reads all enumerable own properties of source and adds them to
// target, using either Set or CreateDataProperty depending on the
// use_set argument. This only copies values not present in the
// maybe_excluded_properties list.
V8_WARN_UNUSED_RESULT static Maybe<bool> SetOrCopyDataProperties(
Isolate* isolate, Handle<JSReceiver> target, Handle<Object> source,
const ScopedVector<Handle<Object>>* excluded_properties = nullptr,
bool use_set = true);
// Implementation of [[HasProperty]], ECMA-262 5th edition, section 8.12.6.
V8_WARN_UNUSED_RESULT static Maybe<bool> HasProperty(LookupIterator* it);
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasProperty(
Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasElement(
Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasOwnProperty(
Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasOwnProperty(
Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
Isolate* isolate, Handle<JSReceiver> receiver, const char* key);
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
Isolate* isolate, Handle<JSReceiver> receiver, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetElement(
Isolate* isolate, Handle<JSReceiver> receiver, uint32_t index);
// Implementation of ES6 [[Delete]]
V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyOrElement(
Handle<JSReceiver> object, Handle<Name> name,
LanguageMode language_mode = LanguageMode::kSloppy);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
Handle<JSReceiver> object, Handle<Name> name,
LanguageMode language_mode = LanguageMode::kSloppy);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
LookupIterator* it, LanguageMode language_mode);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteElement(
Handle<JSReceiver> object, uint32_t index,
LanguageMode language_mode = LanguageMode::kSloppy);
V8_WARN_UNUSED_RESULT static Object* DefineProperty(
Isolate* isolate, Handle<Object> object, Handle<Object> name,
Handle<Object> attributes);
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> DefineProperties(
Isolate* isolate, Handle<Object> object, Handle<Object> properties);
// "virtual" dispatcher to the correct [[DefineOwnProperty]] implementation.
V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnProperty(
Isolate* isolate, Handle<JSReceiver> object, Handle<Object> key,
PropertyDescriptor* desc, ShouldThrow should_throw);
// ES6 7.3.4 (when passed kDontThrow)
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
Isolate* isolate, Handle<JSReceiver> object, Handle<Name> key,
Handle<Object> value, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
// ES6 9.1.6.1
V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
Isolate* isolate, Handle<JSObject> object, Handle<Object> key,
PropertyDescriptor* desc, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
LookupIterator* it, PropertyDescriptor* desc, ShouldThrow should_throw);
// ES6 9.1.6.2
V8_WARN_UNUSED_RESULT static Maybe<bool> IsCompatiblePropertyDescriptor(
Isolate* isolate, bool extensible, PropertyDescriptor* desc,
PropertyDescriptor* current, Handle<Name> property_name,
ShouldThrow should_throw);
// ES6 9.1.6.3
// |it| can be NULL in cases where the ES spec passes |undefined| as the
// receiver. Exactly one of |it| and |property_name| must be provided.
V8_WARN_UNUSED_RESULT static Maybe<bool> ValidateAndApplyPropertyDescriptor(
Isolate* isolate, LookupIterator* it, bool extensible,
PropertyDescriptor* desc, PropertyDescriptor* current,
ShouldThrow should_throw, Handle<Name> property_name);
V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool>
GetOwnPropertyDescriptor(Isolate* isolate, Handle<JSReceiver> object,
Handle<Object> key, PropertyDescriptor* desc);
V8_WARN_UNUSED_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
LookupIterator* it, PropertyDescriptor* desc);
typedef PropertyAttributes IntegrityLevel;
// ES6 7.3.14 (when passed kDontThrow)
// 'level' must be SEALED or FROZEN.
V8_WARN_UNUSED_RESULT static Maybe<bool> SetIntegrityLevel(
Handle<JSReceiver> object, IntegrityLevel lvl, ShouldThrow should_throw);
// ES6 7.3.15
// 'level' must be SEALED or FROZEN.
V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
Handle<JSReceiver> object, IntegrityLevel lvl);
// ES6 [[PreventExtensions]] (when passed kDontThrow)
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
Handle<JSReceiver> object, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> IsExtensible(
Handle<JSReceiver> object);
// Returns the class name ([[Class]] property in the specification).
V8_EXPORT_PRIVATE String* class_name();
// Returns the constructor (the function that was used to instantiate the
// object).
static MaybeHandle<JSFunction> GetConstructor(Handle<JSReceiver> receiver);
// Returns the constructor name (the name (possibly, inferred name) of the
// function that was used to instantiate the object).
static Handle<String> GetConstructorName(Handle<JSReceiver> receiver);
Handle<Context> GetCreationContext();
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetOwnPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetOwnPropertyAttributes(Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetElementAttributes(Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
GetOwnElementAttributes(Handle<JSReceiver> object, uint32_t index);
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes> GetPropertyAttributes(
LookupIterator* it);
// Set the object's prototype (only JSReceiver and null are allowed values).
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
Handle<JSReceiver> object, Handle<Object> value, bool from_javascript,
ShouldThrow should_throw);
inline static Handle<Object> GetDataProperty(Handle<JSReceiver> object,
Handle<Name> name);
static Handle<Object> GetDataProperty(LookupIterator* it);
// Retrieves a permanent object identity hash code. The undefined value might
// be returned in case no hash was created yet.
Object* GetIdentityHash(Isolate* isolate);
// Retrieves a permanent object identity hash code. May create and store a
// hash code if needed and none exists.
static Smi* CreateIdentityHash(Isolate* isolate, JSReceiver* key);
Smi* GetOrCreateIdentityHash(Isolate* isolate);
// Stores the hash code. The hash passed in must be masked with
// JSReceiver::kHashMask.
void SetIdentityHash(int masked_hash);
// ES6 [[OwnPropertyKeys]] (modulo return type)
V8_WARN_UNUSED_RESULT static inline MaybeHandle<FixedArray> OwnPropertyKeys(
Handle<JSReceiver> object);
V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnValues(
Handle<JSReceiver> object, PropertyFilter filter,
bool try_fast_path = true);
V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnEntries(
Handle<JSReceiver> object, PropertyFilter filter,
bool try_fast_path = true);
V8_WARN_UNUSED_RESULT static Handle<FixedArray> GetOwnElementIndices(
Isolate* isolate, Handle<JSReceiver> receiver, Handle<JSObject> object);
static const int kHashMask = PropertyArray::HashField::kMask;
// Layout description.
static const int kPropertiesOrHashOffset = HeapObject::kHeaderSize;
static const int kHeaderSize = HeapObject::kHeaderSize + kPointerSize;
bool HasProxyInPrototype(Isolate* isolate);
bool HasComplexElements();
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSReceiver);
};
// The JSObject describes real heap allocated JavaScript objects with
// properties.
// Note that the map of JSObject changes during execution to enable inline
// caching.
class JSObject : public JSReceiver {
public:
static bool IsUnmodifiedApiObject(Object** o);
static V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> New(
Handle<JSFunction> constructor, Handle<JSReceiver> new_target,
Handle<AllocationSite> site);
static MaybeHandle<Context> GetFunctionRealm(Handle<JSObject> object);
// 9.1.12 ObjectCreate ( proto [ , internalSlotsList ] )
// Notice: This is NOT 19.1.2.2 Object.create ( O, Properties )
static V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> ObjectCreate(
Isolate* isolate, Handle<Object> prototype);
// [elements]: The elements (properties with names that are integers).
//
// Elements can be in two general modes: fast and slow. Each mode
// corresponds to a set of object representations of elements that
// have something in common.
//
// In the fast mode elements is a FixedArray and so each element can
// be quickly accessed. This fact is used in the generated code. The
// elements array can have one of three maps in this mode:
// fixed_array_map, sloppy_arguments_elements_map or
// fixed_cow_array_map (for copy-on-write arrays). In the latter case
// the elements array may be shared by a few objects and so before
// writing to any element the array must be copied. Use
// EnsureWritableFastElements in this case.
//
// In the slow mode the elements is either a NumberDictionary, a
// FixedArray parameter map for a (sloppy) arguments object.
DECL_ACCESSORS(elements, FixedArrayBase)
inline void initialize_elements();
static inline void SetMapAndElements(Handle<JSObject> object, Handle<Map> map,
Handle<FixedArrayBase> elements);
inline ElementsKind GetElementsKind() const;
ElementsAccessor* GetElementsAccessor();
// Returns true if an object has elements of PACKED_SMI_ELEMENTS or
// HOLEY_SMI_ELEMENTS ElementsKind.
inline bool HasSmiElements();
// Returns true if an object has elements of PACKED_ELEMENTS or
// HOLEY_ELEMENTS ElementsKind.
inline bool HasObjectElements();
// Returns true if an object has elements of PACKED_SMI_ELEMENTS,
// HOLEY_SMI_ELEMENTS, PACKED_ELEMENTS, or HOLEY_ELEMENTS.
inline bool HasSmiOrObjectElements();
// Returns true if an object has any of the "fast" elements kinds.
inline bool HasFastElements();
// Returns true if an object has any of the PACKED elements kinds.
inline bool HasFastPackedElements();
// Returns true if an object has elements of PACKED_DOUBLE_ELEMENTS or
// HOLEY_DOUBLE_ELEMENTS ElementsKind.
inline bool HasDoubleElements();
// Returns true if an object has elements of HOLEY_SMI_ELEMENTS,
// HOLEY_DOUBLE_ELEMENTS, or HOLEY_ELEMENTS ElementsKind.
inline bool HasHoleyElements();
inline bool HasSloppyArgumentsElements();
inline bool HasStringWrapperElements();
inline bool HasDictionaryElements();
inline bool HasFixedTypedArrayElements();
inline bool HasFixedUint8ClampedElements();
inline bool HasFixedArrayElements();
inline bool HasFixedInt8Elements();
inline bool HasFixedUint8Elements();
inline bool HasFixedInt16Elements();
inline bool HasFixedUint16Elements();
inline bool HasFixedInt32Elements();
inline bool HasFixedUint32Elements();
inline bool HasFixedFloat32Elements();
inline bool HasFixedFloat64Elements();
inline bool HasFixedBigInt64Elements();
inline bool HasFixedBigUint64Elements();
inline bool HasFastArgumentsElements();
inline bool HasSlowArgumentsElements();
inline bool HasFastStringWrapperElements();
inline bool HasSlowStringWrapperElements();
bool HasEnumerableElements();
inline NumberDictionary* element_dictionary(); // Gets slow elements.
// Requires: HasFastElements().
static void EnsureWritableFastElements(Handle<JSObject> object);
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithInterceptor(
LookupIterator* it, ShouldThrow should_throw, Handle<Object> value);
// The API currently still wants DefineOwnPropertyIgnoreAttributes to convert
// AccessorInfo objects to data fields. We allow FORCE_FIELD as an exception
// to the default behavior that calls the setter.
enum AccessorInfoHandling { FORCE_FIELD, DONT_FORCE_FIELD };
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
DefineOwnPropertyIgnoreAttributes(
LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
AccessorInfoHandling handling = DONT_FORCE_FIELD);
V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnPropertyIgnoreAttributes(
LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
ShouldThrow should_throw,
AccessorInfoHandling handling = DONT_FORCE_FIELD);
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
SetOwnPropertyIgnoreAttributes(Handle<JSObject> object, Handle<Name> name,
Handle<Object> value,
PropertyAttributes attributes);
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
SetOwnElementIgnoreAttributes(Handle<JSObject> object, uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
// Equivalent to one of the above depending on whether |name| can be converted
// to an array index.
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
DefinePropertyOrElementIgnoreAttributes(Handle<JSObject> object,
Handle<Name> name,
Handle<Object> value,
PropertyAttributes attributes = NONE);
// Adds or reconfigures a property to attributes NONE. It will fail when it
// cannot.
V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
LookupIterator* it, Handle<Object> value,
ShouldThrow should_throw = kDontThrow);
static void AddProperty(Isolate* isolate, Handle<JSObject> object,
Handle<Name> name, Handle<Object> value,
PropertyAttributes attributes);
static void AddDataElement(Handle<JSObject> receiver, uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
// Extend the receiver with a single fast property appeared first in the
// passed map. This also extends the property backing store if necessary.
static void AllocateStorageForMap(Handle<JSObject> object, Handle<Map> map);
// Migrates the given object to a map whose field representations are the
// lowest upper bound of all known representations for that field.
static void MigrateInstance(Handle<JSObject> instance);
// Migrates the given object only if the target map is already available,
// or returns false if such a map is not yet available.
static bool TryMigrateInstance(Handle<JSObject> instance);
// Sets the property value in a normalized object given (key, value, details).
// Handles the special representation of JS global objects.
static void SetNormalizedProperty(Handle<JSObject> object, Handle<Name> name,
Handle<Object> value,
PropertyDetails details);
static void SetDictionaryElement(Handle<JSObject> object, uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
static void SetDictionaryArgumentsElement(Handle<JSObject> object,
uint32_t index,
Handle<Object> value,
PropertyAttributes attributes);
static void OptimizeAsPrototype(Handle<JSObject> object,
bool enable_setup_mode = true);
static void ReoptimizeIfPrototype(Handle<JSObject> object);
static void MakePrototypesFast(Handle<Object> receiver,
WhereToStart where_to_start, Isolate* isolate);
static void LazyRegisterPrototypeUser(Handle<Map> user, Isolate* isolate);
static void UpdatePrototypeUserRegistration(Handle<Map> old_map,
Handle<Map> new_map,
Isolate* isolate);
static bool UnregisterPrototypeUser(Handle<Map> user, Isolate* isolate);
static Map* InvalidatePrototypeChains(Map* map);
static void InvalidatePrototypeValidityCell(JSGlobalObject* global);
// Updates prototype chain tracking information when an object changes its
// map from |old_map| to |new_map|.
static void NotifyMapChange(Handle<Map> old_map, Handle<Map> new_map,
Isolate* isolate);
// Utility used by many Array builtins and runtime functions
static inline bool PrototypeHasNoElements(Isolate* isolate, JSObject* object);
// To be passed to PrototypeUsers::Compact.
static void PrototypeRegistryCompactionCallback(HeapObject* value,
int old_index, int new_index);
// Retrieve interceptors.
inline InterceptorInfo* GetNamedInterceptor();
inline InterceptorInfo* GetIndexedInterceptor();
// Used from JSReceiver.
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
GetPropertyAttributesWithInterceptor(LookupIterator* it);
V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
GetPropertyAttributesWithFailedAccessCheck(LookupIterator* it);
// Defines an AccessorPair property on the given object.
// TODO(mstarzinger): Rename to SetAccessor().
static MaybeHandle<Object> DefineAccessor(Handle<JSObject> object,
Handle<Name> name,
Handle<Object> getter,
Handle<Object> setter,
PropertyAttributes attributes);
static MaybeHandle<Object> DefineAccessor(LookupIterator* it,
Handle<Object> getter,
Handle<Object> setter,
PropertyAttributes attributes);
// Defines an AccessorInfo property on the given object.
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> SetAccessor(
Handle<JSObject> object, Handle<Name> name, Handle<AccessorInfo> info,
PropertyAttributes attributes);
// The result must be checked first for exceptions. If there's no exception,
// the output parameter |done| indicates whether the interceptor has a result
// or not.
V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetPropertyWithInterceptor(
LookupIterator* it, bool* done);
static void ValidateElements(JSObject* object);
// Makes sure that this object can contain HeapObject as elements.
static inline void EnsureCanContainHeapObjectElements(Handle<JSObject> obj);
// Makes sure that this object can contain the specified elements.
static inline void EnsureCanContainElements(Handle<JSObject> object,
Object** elements, uint32_t count,
EnsureElementsMode mode);
static inline void EnsureCanContainElements(Handle<JSObject> object,
Handle<FixedArrayBase> elements,
uint32_t length,
EnsureElementsMode mode);
static void EnsureCanContainElements(Handle<JSObject> object,
Arguments* arguments, uint32_t first_arg,
uint32_t arg_count,
EnsureElementsMode mode);
// Would we convert a fast elements array to dictionary mode given
// an access at key?
bool WouldConvertToSlowElements(uint32_t index);
static const uint32_t kMinAddedElementsCapacity = 16;
// Computes the new capacity when expanding the elements of a JSObject.
static uint32_t NewElementsCapacity(uint32_t old_capacity) {
// (old_capacity + 50%) + kMinAddedElementsCapacity
return old_capacity + (old_capacity >> 1) + kMinAddedElementsCapacity;
}
// These methods do not perform access checks!
template <AllocationSiteUpdateMode update_or_check =
AllocationSiteUpdateMode::kUpdate>
static bool UpdateAllocationSite(Handle<JSObject> object,
ElementsKind to_kind);
// Lookup interceptors are used for handling properties controlled by host
// objects.
inline bool HasNamedInterceptor();
inline bool HasIndexedInterceptor();
// Support functions for v8 api (needed for correct interceptor behavior).
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedProperty(
Handle<JSObject> object, Handle<Name> name);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealElementProperty(
Handle<JSObject> object, uint32_t index);
V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedCallbackProperty(
Handle<JSObject> object, Handle<Name> name);
// Get the header size for a JSObject. Used to compute the index of
// embedder fields as well as the number of embedder fields.
// The |function_has_prototype_slot| parameter is needed only for
// JSFunction objects.
static int GetHeaderSize(InstanceType instance_type,
bool function_has_prototype_slot = false);
static inline int GetHeaderSize(const Map* map);
inline int GetHeaderSize() const;
static inline int GetEmbedderFieldCount(const Map* map);
inline int GetEmbedderFieldCount() const;
inline int GetEmbedderFieldOffset(int index);
inline Object* GetEmbedderField(int index);
inline void SetEmbedderField(int index, Object* value);
inline void SetEmbedderField(int index, Smi* value);
// Returns true when the object is potentially a wrapper that gets special
// garbage collection treatment.
// TODO(mlippautz): Make check exact and replace the pattern match in
// Heap::TracePossibleWrapper.
bool IsApiWrapper();
// Same as IsApiWrapper() but also allow dropping the wrapper on minor GCs.
bool IsDroppableApiWrapper();
// Returns a new map with all transitions dropped from the object's current
// map and the ElementsKind set.
static Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
ElementsKind to_kind);
static void TransitionElementsKind(Handle<JSObject> object,
ElementsKind to_kind);
// Always use this to migrate an object to a new map.
// |expected_additional_properties| is only used for fast-to-slow transitions
// and ignored otherwise.
static void MigrateToMap(Handle<JSObject> object, Handle<Map> new_map,
int expected_additional_properties = 0);
// Forces a prototype without any of the checks that the regular SetPrototype
// would do.
static void ForceSetPrototype(Handle<JSObject> object, Handle<Object> proto);
// Convert the object to use the canonical dictionary
// representation. If the object is expected to have additional properties
// added this number can be indicated to have the backing store allocated to
// an initial capacity for holding these properties.
static void NormalizeProperties(Handle<JSObject> object,
PropertyNormalizationMode mode,
int expected_additional_properties,
const char* reason);
// Convert and update the elements backing store to be a
// NumberDictionary dictionary. Returns the backing after conversion.
static Handle<NumberDictionary> NormalizeElements(Handle<JSObject> object);
void RequireSlowElements(NumberDictionary* dictionary);
// Transform slow named properties to fast variants.
static void MigrateSlowToFast(Handle<JSObject> object,
int unused_property_fields, const char* reason);
inline bool IsUnboxedDoubleField(FieldIndex index);
// Access fast-case object properties at index.
static Handle<Object> FastPropertyAt(Handle<JSObject> object,
Representation representation,
FieldIndex index);
inline Object* RawFastPropertyAt(FieldIndex index);
inline double RawFastDoublePropertyAt(FieldIndex index);
inline uint64_t RawFastDoublePropertyAsBitsAt(FieldIndex index);
inline void FastPropertyAtPut(FieldIndex index, Object* value);
inline void RawFastPropertyAtPut(FieldIndex index, Object* value);
inline void RawFastDoublePropertyAsBitsAtPut(FieldIndex index, uint64_t bits);
inline void WriteToField(int descriptor, PropertyDetails details,
Object* value);
// Access to in object properties.
inline int GetInObjectPropertyOffset(int index);
inline Object* InObjectPropertyAt(int index);
inline Object* InObjectPropertyAtPut(
int index, Object* value, WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
// Set the object's prototype (only JSReceiver and null are allowed values).
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
Handle<JSObject> object, Handle<Object> value, bool from_javascript,
ShouldThrow should_throw);
// Makes the object prototype immutable
// Never called from JavaScript
static void SetImmutableProto(Handle<JSObject> object);
// Initializes the body starting at |start_offset|. It is responsibility of
// the caller to initialize object header. Fill the pre-allocated fields with
// pre_allocated_value and the rest with filler_value.
// Note: this call does not update write barrier, the caller is responsible
// to ensure that |filler_value| can be collected without WB here.
inline void InitializeBody(Map* map, int start_offset,
Object* pre_allocated_value, Object* filler_value);
// Check whether this object references another object
bool ReferencesObject(Object* obj);
V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
Handle<JSObject> object, IntegrityLevel lvl);
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
Handle<JSObject> object, ShouldThrow should_throw);
static bool IsExtensible(Handle<JSObject> object);
DECL_CAST(JSObject)
// Dispatched behavior.
void JSObjectShortPrint(StringStream* accumulator);
DECL_PRINTER(JSObject)
DECL_VERIFIER(JSObject)
#ifdef OBJECT_PRINT
bool PrintProperties(std::ostream& os); // NOLINT
void PrintElements(std::ostream& os); // NOLINT
#endif
#if defined(DEBUG) || defined(OBJECT_PRINT)
void PrintTransitions(std::ostream& os); // NOLINT
#endif
static void PrintElementsTransition(FILE* file, Handle<JSObject> object,
ElementsKind from_kind,
Handle<FixedArrayBase> from_elements,
ElementsKind to_kind,
Handle<FixedArrayBase> to_elements);
void PrintInstanceMigration(FILE* file, Map* original_map, Map* new_map);
#ifdef DEBUG
// Structure for collecting spill information about JSObjects.
class SpillInformation {
public:
void Clear();
void Print();
int number_of_objects_;
int number_of_objects_with_fast_properties_;
int number_of_objects_with_fast_elements_;
int number_of_fast_used_fields_;
int number_of_fast_unused_fields_;
int number_of_slow_used_properties_;
int number_of_slow_unused_properties_;
int number_of_fast_used_elements_;
int number_of_fast_unused_elements_;
int number_of_slow_used_elements_;
int number_of_slow_unused_elements_;
};
void IncrementSpillStatistics(Isolate* isolate, SpillInformation* info);
#endif
#ifdef VERIFY_HEAP
// If a GC was caused while constructing this object, the elements pointer
// may point to a one pointer filler map. The object won't be rooted, but
// our heap verification code could stumble across it.
bool ElementsAreSafeToExamine() const;
#endif
Object* SlowReverseLookup(Object* value);
// Maximal number of elements (numbered 0 .. kMaxElementCount - 1).
// Also maximal value of JSArray's length property.
static const uint32_t kMaxElementCount = 0xffffffffu;
// Constants for heuristics controlling conversion of fast elements
// to slow elements.
// Maximal gap that can be introduced by adding an element beyond
// the current elements length.
static const uint32_t kMaxGap = 1024;
// Maximal length of fast elements array that won't be checked for
// being dense enough on expansion.
static const int kMaxUncheckedFastElementsLength = 5000;
// Same as above but for old arrays. This limit is more strict. We
// don't want to be wasteful with long lived objects.
static const int kMaxUncheckedOldFastElementsLength = 500;
// This constant applies only to the initial map of "global.Object" and
// not to arbitrary other JSObject maps.
static const int kInitialGlobalObjectUnusedPropertiesCount = 4;
static const int kMaxInstanceSize = 255 * kPointerSize;
// When extending the backing storage for property values, we increase
// its size by more than the 1 entry necessary, so sequentially adding fields
// to the same object requires fewer allocations and copies.
static const int kFieldsAdded = 3;
STATIC_ASSERT(kMaxNumberOfDescriptors + kFieldsAdded <=
PropertyArray::kMaxLength);
// Layout description.
static const int kElementsOffset = JSReceiver::kHeaderSize;
static const int kHeaderSize = kElementsOffset + kPointerSize;
STATIC_ASSERT(kHeaderSize == Internals::kJSObjectHeaderSize);
static const int kMaxInObjectProperties =
(kMaxInstanceSize - kHeaderSize) >> kPointerSizeLog2;
STATIC_ASSERT(kMaxInObjectProperties <= kMaxNumberOfDescriptors);
// TODO(cbruni): Revisit calculation of the max supported embedder fields.
static const int kMaxEmbedderFields =
((1 << kFirstInobjectPropertyOffsetBitCount) - 1 - kHeaderSize) >>
kPointerSizeLog2;
STATIC_ASSERT(kMaxEmbedderFields <= kMaxInObjectProperties);
class BodyDescriptor;
class FastBodyDescriptor;
// Gets the number of currently used elements.
int GetFastElementsUsage();
static bool AllCanRead(LookupIterator* it);
static bool AllCanWrite(LookupIterator* it);
private:
friend class JSReceiver;
friend class Object;
// Used from Object::GetProperty().
V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
GetPropertyWithFailedAccessCheck(LookupIterator* it);
V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithFailedAccessCheck(
LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyWithInterceptor(
LookupIterator* it, ShouldThrow should_throw);
bool ReferencesObjectFromElements(FixedArray* elements, ElementsKind kind,
Object* object);
// Helper for fast versions of preventExtensions, seal, and freeze.
// attrs is one of NONE, SEALED, or FROZEN (depending on the operation).
template <PropertyAttributes attrs>
V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensionsWithTransition(
Handle<JSObject> object, ShouldThrow should_throw);
DISALLOW_IMPLICIT_CONSTRUCTORS(JSObject);
};
// JSAccessorPropertyDescriptor is just a JSObject with a specific initial
// map. This initial map adds in-object properties for "get", "set",
// "enumerable" and "configurable" properties, as assigned by the
// FromPropertyDescriptor function for regular accessor properties.
class JSAccessorPropertyDescriptor : public JSObject {
public:
// Offsets of object fields.
static const int kGetOffset = JSObject::kHeaderSize;
static const int kSetOffset = kGetOffset + kPointerSize;
static const int kEnumerableOffset = kSetOffset + kPointerSize;
static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
static const int kSize = kConfigurableOffset + kPointerSize;
// Indices of in-object properties.
static const int kGetIndex = 0;
static const int kSetIndex = 1;
static const int kEnumerableIndex = 2;
static const int kConfigurableIndex = 3;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSAccessorPropertyDescriptor);
};
// JSDataPropertyDescriptor is just a JSObject with a specific initial map.
// This initial map adds in-object properties for "value", "writable",
// "enumerable" and "configurable" properties, as assigned by the
// FromPropertyDescriptor function for regular data properties.
class JSDataPropertyDescriptor : public JSObject {
public:
// Offsets of object fields.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kWritableOffset = kValueOffset + kPointerSize;
static const int kEnumerableOffset = kWritableOffset + kPointerSize;
static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
static const int kSize = kConfigurableOffset + kPointerSize;
// Indices of in-object properties.
static const int kValueIndex = 0;
static const int kWritableIndex = 1;
static const int kEnumerableIndex = 2;
static const int kConfigurableIndex = 3;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSDataPropertyDescriptor);
};
// JSIteratorResult is just a JSObject with a specific initial map.
// This initial map adds in-object properties for "done" and "value",
// as specified by ES6 section 25.1.1.3 The IteratorResult Interface
class JSIteratorResult : public JSObject {
public:
DECL_ACCESSORS(value, Object)
DECL_ACCESSORS(done, Object)
// Offsets of object fields.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kDoneOffset = kValueOffset + kPointerSize;
static const int kSize = kDoneOffset + kPointerSize;
// Indices of in-object properties.
static const int kValueIndex = 0;
static const int kDoneIndex = 1;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSIteratorResult);
};
// JSBoundFunction describes a bound function exotic object.
class JSBoundFunction : public JSObject {
public:
// [bound_target_function]: The wrapped function object.
inline Object* raw_bound_target_function() const;
DECL_ACCESSORS(bound_target_function, JSReceiver)
// [bound_this]: The value that is always passed as the this value when
// calling the wrapped function.
DECL_ACCESSORS(bound_this, Object)
// [bound_arguments]: A list of values whose elements are used as the first
// arguments to any call to the wrapped function.
DECL_ACCESSORS(bound_arguments, FixedArray)
static MaybeHandle<String> GetName(Isolate* isolate,
Handle<JSBoundFunction> function);
static Maybe<int> GetLength(Isolate* isolate,
Handle<JSBoundFunction> function);
static MaybeHandle<Context> GetFunctionRealm(
Handle<JSBoundFunction> function);
DECL_CAST(JSBoundFunction)
// Dispatched behavior.
DECL_PRINTER(JSBoundFunction)
DECL_VERIFIER(JSBoundFunction)
// The bound function's string representation implemented according
// to ES6 section 19.2.3.5 Function.prototype.toString ( ).
static Handle<String> ToString(Handle<JSBoundFunction> function);
// Layout description.
static const int kBoundTargetFunctionOffset = JSObject::kHeaderSize;
static const int kBoundThisOffset = kBoundTargetFunctionOffset + kPointerSize;
static const int kBoundArgumentsOffset = kBoundThisOffset + kPointerSize;
static const int kSize = kBoundArgumentsOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSBoundFunction);
};
// JSFunction describes JavaScript functions.
class JSFunction : public JSObject {
public:
// [prototype_or_initial_map]:
DECL_ACCESSORS(prototype_or_initial_map, Object)
// [shared]: The information about the function that
// can be shared by instances.
DECL_ACCESSORS(shared, SharedFunctionInfo)
static const int kLengthDescriptorIndex = 0;
static const int kNameDescriptorIndex = 1;
// Home object descriptor index when function has a [[HomeObject]] slot.
static const int kMaybeHomeObjectDescriptorIndex = 2;
// [context]: The context for this function.
inline Context* context();
inline bool has_context() const;
inline void set_context(Object* context);
inline JSGlobalProxy* global_proxy();
inline Context* native_context();
static Handle<Object> GetName(Isolate* isolate, Handle<JSFunction> function);
static Maybe<int> GetLength(Isolate* isolate, Handle<JSFunction> function);
static Handle<Context> GetFunctionRealm(Handle<JSFunction> function);
// [code]: The generated code object for this function. Executed
// when the function is invoked, e.g. foo() or new foo(). See
// [[Call]] and [[Construct]] description in ECMA-262, section
// 8.6.2, page 27.
inline Code* code();
inline void set_code(Code* code);
inline void set_code_no_write_barrier(Code* code);
// Get the abstract code associated with the function, which will either be
// a Code object or a BytecodeArray.
inline AbstractCode* abstract_code();
// Tells whether or not this function is interpreted.
//
// Note: function->IsInterpreted() does not necessarily return the same value
// as function->shared()->IsInterpreted() because the closure might have been
// optimized.
inline bool IsInterpreted();
// Tells whether or not this function checks its optimization marker in its
// feedback vector.
inline bool ChecksOptimizationMarker();
// Tells whether or not this function holds optimized code.
//
// Note: Returning false does not necessarily mean that this function hasn't
// been optimized, as it may have optimized code on its feedback vector.
inline bool IsOptimized();
// Tells whether or not this function has optimized code available to it,
// either because it is optimized or because it has optimized code in its
// feedback vector.
inline bool HasOptimizedCode();
// Tells whether or not this function has a (non-zero) optimization marker.
inline bool HasOptimizationMarker();
// Mark this function for lazy recompilation. The function will be recompiled
// the next time it is executed.
void MarkForOptimization(ConcurrencyMode mode);
// Tells whether or not the function is already marked for lazy recompilation.
inline bool IsMarkedForOptimization();
inline bool IsMarkedForConcurrentOptimization();
// Tells whether or not the function is on the concurrent recompilation queue.
inline bool IsInOptimizationQueue();
// Clears the optimized code slot in the function's feedback vector.
inline void ClearOptimizedCodeSlot(const char* reason);
// Sets the optimization marker in the function's feedback vector.
inline void SetOptimizationMarker(OptimizationMarker marker);
// Clears the optimization marker in the function's feedback vector.
inline void ClearOptimizationMarker();
// If slack tracking is active, it computes instance size of the initial map
// with minimum permissible object slack. If it is not active, it simply
// returns the initial map's instance size.
int ComputeInstanceSizeWithMinSlack(Isolate* isolate);
// Completes inobject slack tracking on initial map if it is active.
inline void CompleteInobjectSlackTrackingIfActive();
// [feedback_cell]: The FeedbackCell used to hold the FeedbackVector
// eventually.
DECL_ACCESSORS(feedback_cell, FeedbackCell)
// feedback_vector() can be used once the function is compiled.
inline FeedbackVector* feedback_vector() const;
inline bool has_feedback_vector() const;
static void EnsureFeedbackVector(Handle<JSFunction> function);
// Unconditionally clear the type feedback vector.
void ClearTypeFeedbackInfo();
inline bool has_prototype_slot() const;
// The initial map for an object created by this constructor.
inline Map* initial_map();
static void SetInitialMap(Handle<JSFunction> function, Handle<Map> map,
Handle<Object> prototype);
inline bool has_initial_map();
static void EnsureHasInitialMap(Handle<JSFunction> function);
// Creates a map that matches the constructor's initial map, but with
// [[prototype]] being new.target.prototype. Because new.target can be a
// JSProxy, this can call back into JavaScript.
static V8_WARN_UNUSED_RESULT MaybeHandle<Map> GetDerivedMap(
Isolate* isolate, Handle<JSFunction> constructor,
Handle<JSReceiver> new_target);
// Get and set the prototype property on a JSFunction. If the
// function has an initial map the prototype is set on the initial
// map. Otherwise, the prototype is put in the initial map field
// until an initial map is needed.
inline bool has_prototype();
inline bool has_instance_prototype();
inline Object* prototype();
inline Object* instance_prototype();
inline bool has_prototype_property();
inline bool PrototypeRequiresRuntimeLookup();
static void SetPrototype(Handle<JSFunction> function, Handle<Object> value);
// Returns if this function has been compiled to native code yet.
inline bool is_compiled();
static int GetHeaderSize(bool function_has_prototype_slot) {
return function_has_prototype_slot ? JSFunction::kSizeWithPrototype
: JSFunction::kSizeWithoutPrototype;
}
// Prints the name of the function using PrintF.
void PrintName(FILE* out = stdout);
DECL_CAST(JSFunction)
// Calculate the instance size and in-object properties count.
static bool CalculateInstanceSizeForDerivedClass(
Handle<JSFunction> function, InstanceType instance_type,
int requested_embedder_fields, int* instance_size,
int* in_object_properties);
static void CalculateInstanceSizeHelper(InstanceType instance_type,
bool has_prototype_slot,
int requested_embedder_fields,
int requested_in_object_properties,
int* instance_size,
int* in_object_properties);
class BodyDescriptor;
// Dispatched behavior.
DECL_PRINTER(JSFunction)
DECL_VERIFIER(JSFunction)
// The function's name if it is configured, otherwise shared function info
// debug name.
static Handle<String> GetName(Handle<JSFunction> function);
// ES6 section 9.2.11 SetFunctionName
// Because of the way this abstract operation is used in the spec,
// it should never fail, but in practice it will fail if the generated
// function name's length exceeds String::kMaxLength.
static V8_WARN_UNUSED_RESULT bool SetName(Handle<JSFunction> function,
Handle<Name> name,
Handle<String> prefix);
// The function's displayName if it is set, otherwise name if it is
// configured, otherwise shared function info
// debug name.
static Handle<String> GetDebugName(Handle<JSFunction> function);
// The function's string representation implemented according to
// ES6 section 19.2.3.5 Function.prototype.toString ( ).
static Handle<String> ToString(Handle<JSFunction> function);
// Layout description.
#define JS_FUNCTION_FIELDS(V) \
/* Pointer fields. */ \
V(kSharedFunctionInfoOffset, kPointerSize) \
V(kContextOffset, kPointerSize) \
V(kFeedbackCellOffset, kPointerSize) \
V(kEndOfStrongFieldsOffset, 0) \
V(kCodeOffset, kPointerSize) \
/* Size of JSFunction object without prototype field. */ \
V(kSizeWithoutPrototype, 0) \
V(kPrototypeOrInitialMapOffset, kPointerSize) \
/* Size of JSFunction object with prototype field. */ \
V(kSizeWithPrototype, 0)
DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize, JS_FUNCTION_FIELDS)
#undef JS_FUNCTION_FIELDS
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSFunction);
};
// JSGlobalProxy's prototype must be a JSGlobalObject or null,
// and the prototype is hidden. JSGlobalProxy always delegates
// property accesses to its prototype if the prototype is not null.
//
// A JSGlobalProxy can be reinitialized which will preserve its identity.
//
// Accessing a JSGlobalProxy requires security check.
class JSGlobalProxy : public JSObject {
public:
// [native_context]: the owner native context of this global proxy object.
// It is null value if this object is not used by any context.
DECL_ACCESSORS(native_context, Object)
DECL_CAST(JSGlobalProxy)
inline bool IsDetachedFrom(JSGlobalObject* global) const;
static int SizeWithEmbedderFields(int embedder_field_count);
// Dispatched behavior.
DECL_PRINTER(JSGlobalProxy)
DECL_VERIFIER(JSGlobalProxy)
// Layout description.
static const int kNativeContextOffset = JSObject::kHeaderSize;
static const int kSize = kNativeContextOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalProxy);
};
// JavaScript global object.
class JSGlobalObject : public JSObject {
public:
// [native context]: the natives corresponding to this global object.
DECL_ACCESSORS(native_context, Context)
// [global proxy]: the global proxy object of the context
DECL_ACCESSORS(global_proxy, JSObject)
// Gets global object properties.
inline GlobalDictionary* global_dictionary();
inline void set_global_dictionary(GlobalDictionary* dictionary);
static void InvalidatePropertyCell(Handle<JSGlobalObject> object,
Handle<Name> name);
// Ensure that the global object has a cell for the given property name.
static Handle<PropertyCell> EnsureEmptyPropertyCell(
Handle<JSGlobalObject> global, Handle<Name> name,
PropertyCellType cell_type, int* entry_out = nullptr);
DECL_CAST(JSGlobalObject)
inline bool IsDetached();
// Dispatched behavior.
DECL_PRINTER(JSGlobalObject)
DECL_VERIFIER(JSGlobalObject)
// Layout description.
static const int kNativeContextOffset = JSObject::kHeaderSize;
static const int kGlobalProxyOffset = kNativeContextOffset + kPointerSize;
static const int kHeaderSize = kGlobalProxyOffset + kPointerSize;
static const int kSize = kHeaderSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalObject);
};
// Representation for JS Wrapper objects, String, Number, Boolean, etc.
class JSValue : public JSObject {
public:
// [value]: the object being wrapped.
DECL_ACCESSORS(value, Object)
DECL_CAST(JSValue)
// Dispatched behavior.
DECL_PRINTER(JSValue)
DECL_VERIFIER(JSValue)
// Layout description.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kSize = kValueOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSValue);
};
class DateCache;
// Representation for JS date objects.
class JSDate : public JSObject {
public:
static V8_WARN_UNUSED_RESULT MaybeHandle<JSDate> New(
Handle<JSFunction> constructor, Handle<JSReceiver> new_target, double tv);
// If one component is NaN, all of them are, indicating a NaN time value.
// [value]: the time value.
DECL_ACCESSORS(value, Object)
// [year]: caches year. Either undefined, smi, or NaN.
DECL_ACCESSORS(year, Object)
// [month]: caches month. Either undefined, smi, or NaN.
DECL_ACCESSORS(month, Object)
// [day]: caches day. Either undefined, smi, or NaN.
DECL_ACCESSORS(day, Object)
// [weekday]: caches day of week. Either undefined, smi, or NaN.
DECL_ACCESSORS(weekday, Object)
// [hour]: caches hours. Either undefined, smi, or NaN.
DECL_ACCESSORS(hour, Object)
// [min]: caches minutes. Either undefined, smi, or NaN.
DECL_ACCESSORS(min, Object)
// [sec]: caches seconds. Either undefined, smi, or NaN.
DECL_ACCESSORS(sec, Object)
// [cache stamp]: sample of the date cache stamp at the
// moment when chached fields were cached.
DECL_ACCESSORS(cache_stamp, Object)
DECL_CAST(JSDate)
// Returns the time value (UTC) identifying the current time.
static double CurrentTimeValue(Isolate* isolate);
// Returns the date field with the specified index.
// See FieldIndex for the list of date fields.
static Object* GetField(Object* date, Smi* index);
static Handle<Object> SetValue(Handle<JSDate> date, double v);
void SetValue(Object* value, bool is_value_nan);
// Dispatched behavior.
DECL_PRINTER(JSDate)
DECL_VERIFIER(JSDate)
// The order is important. It must be kept in sync with date macros
// in macros.py.
enum FieldIndex {
kDateValue,
kYear,
kMonth,
kDay,
kWeekday,
kHour,
kMinute,
kSecond,
kFirstUncachedField,
kMillisecond = kFirstUncachedField,
kDays,
kTimeInDay,
kFirstUTCField,
kYearUTC = kFirstUTCField,
kMonthUTC,
kDayUTC,
kWeekdayUTC,
kHourUTC,
kMinuteUTC,
kSecondUTC,
kMillisecondUTC,
kDaysUTC,
kTimeInDayUTC,
kTimezoneOffset
};
// Layout description.
static const int kValueOffset = JSObject::kHeaderSize;
static const int kYearOffset = kValueOffset + kPointerSize;
static const int kMonthOffset = kYearOffset + kPointerSize;
static const int kDayOffset = kMonthOffset + kPointerSize;
static const int kWeekdayOffset = kDayOffset + kPointerSize;
static const int kHourOffset = kWeekdayOffset + kPointerSize;
static const int kMinOffset = kHourOffset + kPointerSize;
static const int kSecOffset = kMinOffset + kPointerSize;
static const int kCacheStampOffset = kSecOffset + kPointerSize;
static const int kSize = kCacheStampOffset + kPointerSize;
private:
inline Object* DoGetField(FieldIndex index);
Object* GetUTCField(FieldIndex index, double value, DateCache* date_cache);
// Computes and caches the cacheable fields of the date.
inline void SetCachedFields(int64_t local_time_ms, DateCache* date_cache);
DISALLOW_IMPLICIT_CONSTRUCTORS(JSDate);
};
// Representation of message objects used for error reporting through
// the API. The messages are formatted in JavaScript so this object is
// a real JavaScript object. The information used for formatting the
// error messages are not directly accessible from JavaScript to
// prevent leaking information to user code called during error
// formatting.
class JSMessageObject : public JSObject {
public:
// [type]: the type of error message.
inline int type() const;
inline void set_type(int value);
// [arguments]: the arguments for formatting the error message.
DECL_ACCESSORS(argument, Object)
// [script]: the script from which the error message originated.
DECL_ACCESSORS(script, Script)
// [stack_frames]: an array of stack frames for this error object.
DECL_ACCESSORS(stack_frames, Object)
// [start_position]: the start position in the script for the error message.
inline int start_position() const;
inline void set_start_position(int value);
// [end_position]: the end position in the script for the error message.
inline int end_position() const;
inline void set_end_position(int value);
// Returns the line number for the error message (1-based), or
// Message::kNoLineNumberInfo if the line cannot be determined.
int GetLineNumber() const;
// Returns the offset of the given position within the containing line.
int GetColumnNumber() const;
// Returns the source code line containing the given source
// position, or the empty string if the position is invalid.
Handle<String> GetSourceLine() const;
inline int error_level() const;
inline void set_error_level(int level);
DECL_CAST(JSMessageObject)
// Dispatched behavior.
DECL_PRINTER(JSMessageObject)
DECL_VERIFIER(JSMessageObject)
// Layout description.
static const int kTypeOffset = JSObject::kHeaderSize;
static const int kArgumentsOffset = kTypeOffset + kPointerSize;
static const int kScriptOffset = kArgumentsOffset + kPointerSize;
static const int kStackFramesOffset = kScriptOffset + kPointerSize;
static const int kStartPositionOffset = kStackFramesOffset + kPointerSize;
static const int kEndPositionOffset = kStartPositionOffset + kPointerSize;
static const int kErrorLevelOffset = kEndPositionOffset + kPointerSize;
static const int kSize = kErrorLevelOffset + kPointerSize;
typedef FixedBodyDescriptor<HeapObject::kMapOffset,
kStackFramesOffset + kPointerSize, kSize>
BodyDescriptor;
};
// The [Async-from-Sync Iterator] object
// (proposal-async-iteration/#sec-async-from-sync-iterator-objects)
// An object which wraps an ordinary Iterator and converts it to behave
// according to the Async Iterator protocol.
// (See https://tc39.github.io/proposal-async-iteration/#sec-iteration)
class JSAsyncFromSyncIterator : public JSObject {
public:
DECL_CAST(JSAsyncFromSyncIterator)
DECL_PRINTER(JSAsyncFromSyncIterator)
DECL_VERIFIER(JSAsyncFromSyncIterator)
// Async-from-Sync Iterator instances are ordinary objects that inherit
// properties from the %AsyncFromSyncIteratorPrototype% intrinsic object.
// Async-from-Sync Iterator instances are initially created with the internal
// slots listed in Table 4.
// (proposal-async-iteration/#table-async-from-sync-iterator-internal-slots)
DECL_ACCESSORS(sync_iterator, JSReceiver)
// The "next" method is loaded during GetIterator, and is not reloaded for
// subsequent "next" invocations.
DECL_ACCESSORS(next, Object)
// Offsets of object fields.
static const int kSyncIteratorOffset = JSObject::kHeaderSize;
static const int kNextOffset = kSyncIteratorOffset + kPointerSize;
static const int kSize = kNextOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSAsyncFromSyncIterator);
};
class JSStringIterator : public JSObject {
public:
// Dispatched behavior.
DECL_PRINTER(JSStringIterator)
DECL_VERIFIER(JSStringIterator)
DECL_CAST(JSStringIterator)
// [string]: the [[IteratedString]] inobject property.
DECL_ACCESSORS(string, String)
// [index]: The [[StringIteratorNextIndex]] inobject property.
inline int index() const;
inline void set_index(int value);
static const int kStringOffset = JSObject::kHeaderSize;
static const int kNextIndexOffset = kStringOffset + kPointerSize;
static const int kSize = kNextIndexOffset + kPointerSize;
private:
DISALLOW_IMPLICIT_CONSTRUCTORS(JSStringIterator);
};
} // namespace internal
} // namespace v8
#include "src/objects/object-macros-undef.h"
#endif // V8_OBJECTS_JS_OBJECTS_H_
......@@ -5,7 +5,7 @@
#ifndef V8_OBJECTS_JS_PROMISE_H_
#define V8_OBJECTS_JS_PROMISE_H_
#include "src/objects.h"
#include "src/objects/js-objects.h"
#include "src/objects/promise.h"
// Has to be the last include (doesn't have include guards):
......
......@@ -5,7 +5,7 @@
#ifndef V8_OBJECTS_JS_PROXY_H_
#define V8_OBJECTS_JS_PROXY_H_
#include "src/objects.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -5,7 +5,7 @@
#ifndef V8_OBJECTS_JS_REGEXP_STRING_ITERATOR_H_
#define V8_OBJECTS_JS_REGEXP_STRING_ITERATOR_H_
#include "src/objects.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -7,6 +7,7 @@
#include "src/objects.h"
#include "src/objects/fixed-array.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -7,6 +7,7 @@
#include "src/globals.h"
#include "src/objects/fixed-array.h"
#include "src/objects/js-objects.h"
// Has to be the last include (doesn't have include guards):
#include "src/objects/object-macros.h"
......
......@@ -13,6 +13,8 @@
namespace v8 {
namespace internal {
class JSPromise;
// Struct to hold state required for PromiseReactionJob. See the comment on the
// PromiseReaction below for details on how this is being managed to reduce the
// memory and allocation overhead. This is the base class for the concrete
......
......@@ -27,6 +27,7 @@ class DeferredHandles;
class FunctionLiteral;
class Isolate;
class JavaScriptFrame;
class JSGlobalObject;
class ParseInfo;
class SourceRangeMap;
class Zone;
......
......@@ -31,6 +31,10 @@ class HeapProfiler;
class HeapSnapshot;
class JSArrayBuffer;
class JSCollection;
class JSGeneratorObject;
class JSGlobalObject;
class JSGlobalProxy;
class JSPromise;
class JSWeakCollection;
class SnapshotFiller;
......
......@@ -7,6 +7,7 @@
#include "src/globals.h"
#include "src/objects/fixed-array.h"
#include "src/objects/js-objects.h"
namespace v8 {
namespace internal {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment