[runtime] Migrate GlobalEval to C++.

The GlobalEval JavaScript function was just a small driver for stuff
implemented in C++ anyway, so there's no point in having it around at
all. The next step will be to move the Function constructor to C++ as
well, which is the other user of %CompileString.

R=yangguo@chromium.org
BUG=chromium:535408
LOG=n

Review URL: https://codereview.chromium.org/1540893004

Cr-Commit-Position: refs/heads/master@{#33006}

src/bootstrapper.cc

@@ -2456,6 +2456,14 @@ bool Genesis::InstallNatives(ContextType context_type) {
   native_context()->set_string_function_prototype_map(
       HeapObject::cast(string_function->initial_map()->prototype())->map());
 
+  // Install Global.eval.
+  {
+    Handle<JSFunction> eval = SimpleInstallFunction(
+        handle(native_context()->global_object()), factory()->eval_string(),
+        Builtins::kGlobalEval, 1, true);
+    native_context()->set_global_eval_fun(*eval);
+  }
+
   // Install Date.prototype[@@toPrimitive].
   {
     Handle<String> key = factory()->Date_string();

src/builtins.cc

@@ -1484,6 +1484,75 @@ BUILTIN(ObjectAssign) {
 }
 
 
+namespace {
+
+bool CodeGenerationFromStringsAllowed(Isolate* isolate,
+                                      Handle<Context> context) {
+  DCHECK(context->allow_code_gen_from_strings()->IsFalse());
+  // Check with callback if set.
+  AllowCodeGenerationFromStringsCallback callback =
+      isolate->allow_code_gen_callback();
+  if (callback == NULL) {
+    // No callback set and code generation disallowed.
+    return false;
+  } else {
+    // Callback set. Let it decide if code generation is allowed.
+    VMState<EXTERNAL> state(isolate);
+    return callback(v8::Utils::ToLocal(context));
+  }
+}
+
+
+// TODO(bmeurer): Also migrate the Function constructor to C++ and share this.
+MaybeHandle<JSFunction> CompileString(Handle<Context> context,
+                                      Handle<String> source,
+                                      ParseRestriction restriction) {
+  Isolate* const isolate = context->GetIsolate();
+  Handle<Context> native_context(context->native_context(), isolate);
+
+  // Check if native context allows code generation from
+  // strings. Throw an exception if it doesn't.
+  if (native_context->allow_code_gen_from_strings()->IsFalse() &&
+      !CodeGenerationFromStringsAllowed(isolate, native_context)) {
+    Handle<Object> error_message =
+        native_context->ErrorMessageForCodeGenerationFromStrings();
+    THROW_NEW_ERROR(isolate, NewEvalError(MessageTemplate::kCodeGenFromStrings,
+                                          error_message),
+                    JSFunction);
+  }
+
+  // Compile source string in the native context.
+  Handle<SharedFunctionInfo> outer_info(native_context->closure()->shared(),
+                                        isolate);
+  return Compiler::GetFunctionFromEval(source, outer_info, native_context,
+                                       SLOPPY, restriction,
+                                       RelocInfo::kNoPosition);
+}
+
+}  // namespace
+
+
+// ES6 section 18.2.1 eval (x)
+BUILTIN(GlobalEval) {
+  HandleScope scope(isolate);
+  DCHECK_LE(1, args.length());
+  Handle<Object> x = args.at<Object>(1);
+  Handle<JSFunction> target = args.target();
+  Handle<JSObject> target_global_proxy(target->global_proxy(), isolate);
+  if (!x->IsString()) return *x;
+  Handle<JSFunction> function;
+  ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
+      isolate, function,
+      CompileString(handle(target->native_context(), isolate),
+                    Handle<String>::cast(x), NO_PARSE_RESTRICTION));
+  Handle<Object> result;
+  ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
+      isolate, result,
+      Execution::Call(isolate, function, target_global_proxy, 0, nullptr));
+  return *result;
+}
+
+
 // ES6 section 26.1.3 Reflect.defineProperty
 BUILTIN(ReflectDefineProperty) {
   HandleScope scope(isolate);

src/builtins.h

@@ -69,6 +69,8 @@ inline bool operator&(BuiltinExtraArguments lhs, BuiltinExtraArguments rhs) {
                                                 \
   V(FunctionPrototypeToString, kNone)           \
                                                 \
+  V(GlobalEval, kTarget)                        \
+                                                \
   V(ObjectAssign, kNone)                        \
   V(ObjectProtoToString, kNone)                 \
                                                 \

src/js/v8natives.js

@@ -100,19 +100,6 @@ function GlobalParseFloat(string) {
 }
 
 
-// ES6 18.2.1 eval(x)
-function GlobalEval(x) {
-  if (!IS_STRING(x)) return x;
-
-  var global_proxy = %GlobalProxy(GlobalEval);
-
-  var f = %CompileString(x, false);
-  if (!IS_FUNCTION(f)) return f;
-
-  return %_Call(f, global_proxy);
-}
-
-
 // ----------------------------------------------------------------------------
 
 // Set up global object.
@@ -133,7 +120,6 @@ utils.InstallFunctions(global, DONT_ENUM, [
   "isFinite", GlobalIsFinite,
   "parseInt", GlobalParseInt,
   "parseFloat", GlobalParseFloat,
-  "eval", GlobalEval
 ]);
 
 
@@ -1403,7 +1389,6 @@ utils.Export(function(to) {
 });
 
 %InstallToContext([
-  "global_eval_fun", GlobalEval,
   "object_value_of", ObjectValueOf,
 ]);