Line data Source code
1 : // Copyright 2015 the V8 project authors. All rights reserved.
2 : // Use of this source code is governed by a BSD-style license that can be
3 : // found in the LICENSE file.
4 :
5 : #ifndef V8_OBJECTS_H_
6 : #define V8_OBJECTS_H_
7 :
8 : #include <iosfwd>
9 : #include <memory>
10 :
11 : #include "src/assert-scope.h"
12 : #include "src/bailout-reason.h"
13 : #include "src/base/bits.h"
14 : #include "src/base/flags.h"
15 : #include "src/builtins/builtins-definitions.h"
16 : #include "src/checks.h"
17 : #include "src/elements-kind.h"
18 : #include "src/field-index.h"
19 : #include "src/flags.h"
20 : #include "src/interpreter/bytecode-register.h"
21 : #include "src/messages.h"
22 : #include "src/property-details.h"
23 : #include "src/unicode-decoder.h"
24 : #include "src/unicode.h"
25 :
26 : #if V8_TARGET_ARCH_ARM
27 : #include "src/arm/constants-arm.h" // NOLINT
28 : #elif V8_TARGET_ARCH_ARM64
29 : #include "src/arm64/constants-arm64.h" // NOLINT
30 : #elif V8_TARGET_ARCH_MIPS
31 : #include "src/mips/constants-mips.h" // NOLINT
32 : #elif V8_TARGET_ARCH_MIPS64
33 : #include "src/mips64/constants-mips64.h" // NOLINT
34 : #elif V8_TARGET_ARCH_PPC
35 : #include "src/ppc/constants-ppc.h" // NOLINT
36 : #elif V8_TARGET_ARCH_S390
37 : #include "src/s390/constants-s390.h" // NOLINT
38 : #endif
39 :
40 : // Has to be the last include (doesn't have include guards):
41 : #include "src/objects/object-macros.h"
42 :
43 : //
44 : // Most object types in the V8 JavaScript are described in this file.
45 : //
46 : // Inheritance hierarchy:
47 : // - Object
48 : // - Smi (immediate small integer)
49 : // - HeapObject (superclass for everything allocated in the heap)
50 : // - JSReceiver (suitable for property access)
51 : // - JSObject
52 : // - JSArray
53 : // - JSArrayBuffer
54 : // - JSArrayBufferView
55 : // - JSTypedArray
56 : // - JSDataView
57 : // - JSBoundFunction
58 : // - JSCollection
59 : // - JSSet
60 : // - JSMap
61 : // - JSStringIterator
62 : // - JSSetIterator
63 : // - JSMapIterator
64 : // - JSWeakCollection
65 : // - JSWeakMap
66 : // - JSWeakSet
67 : // - JSRegExp
68 : // - JSFunction
69 : // - JSGeneratorObject
70 : // - JSGlobalObject
71 : // - JSGlobalProxy
72 : // - JSValue
73 : // - JSDate
74 : // - JSMessageObject
75 : // - JSModuleNamespace
76 : // - WasmInstanceObject
77 : // - WasmMemoryObject
78 : // - WasmModuleObject
79 : // - WasmTableObject
80 : // - JSProxy
81 : // - FixedArrayBase
82 : // - ByteArray
83 : // - BytecodeArray
84 : // - FixedArray
85 : // - DescriptorArray
86 : // - FrameArray
87 : // - HashTable
88 : // - Dictionary
89 : // - StringTable
90 : // - StringSet
91 : // - CompilationCacheTable
92 : // - MapCache
93 : // - OrderedHashTable
94 : // - OrderedHashSet
95 : // - OrderedHashMap
96 : // - Context
97 : // - FeedbackMetadata
98 : // - TemplateList
99 : // - TransitionArray
100 : // - ScopeInfo
101 : // - ModuleInfo
102 : // - ScriptContextTable
103 : // - WeakFixedArray
104 : // - WasmSharedModuleData
105 : // - WasmCompiledModule
106 : // - FixedDoubleArray
107 : // - Name
108 : // - String
109 : // - SeqString
110 : // - SeqOneByteString
111 : // - SeqTwoByteString
112 : // - SlicedString
113 : // - ConsString
114 : // - ThinString
115 : // - ExternalString
116 : // - ExternalOneByteString
117 : // - ExternalTwoByteString
118 : // - InternalizedString
119 : // - SeqInternalizedString
120 : // - SeqOneByteInternalizedString
121 : // - SeqTwoByteInternalizedString
122 : // - ConsInternalizedString
123 : // - ExternalInternalizedString
124 : // - ExternalOneByteInternalizedString
125 : // - ExternalTwoByteInternalizedString
126 : // - Symbol
127 : // - HeapNumber
128 : // - BigInt
129 : // - Cell
130 : // - PropertyCell
131 : // - PropertyArray
132 : // - Code
133 : // - AbstractCode, a wrapper around Code or BytecodeArray
134 : // - Map
135 : // - Oddball
136 : // - Foreign
137 : // - SmallOrderedHashTable
138 : // - SmallOrderedHashMap
139 : // - SmallOrderedHashSet
140 : // - SharedFunctionInfo
141 : // - Struct
142 : // - AccessorInfo
143 : // - PromiseResolveThenableJobInfo
144 : // - PromiseReactionJobInfo
145 : // - PromiseCapability
146 : // - AccessorPair
147 : // - AccessCheckInfo
148 : // - InterceptorInfo
149 : // - CallHandlerInfo
150 : // - EnumCache
151 : // - TemplateInfo
152 : // - FunctionTemplateInfo
153 : // - ObjectTemplateInfo
154 : // - Script
155 : // - DebugInfo
156 : // - BreakPoint
157 : // - BreakPointInfo
158 : // - StackFrameInfo
159 : // - SourcePositionTableWithFrameCache
160 : // - CodeCache
161 : // - PrototypeInfo
162 : // - Module
163 : // - ModuleInfoEntry
164 : // - PreParsedScopeData
165 : // - WeakCell
166 : // - FeedbackVector
167 : //
168 : // Formats of Object*:
169 : // Smi: [31 bit signed int] 0
170 : // HeapObject: [32 bit direct pointer] (4 byte aligned) | 01
171 :
172 : namespace v8 {
173 : namespace internal {
174 :
175 : struct InliningPosition;
176 : class PropertyDescriptorObject;
177 :
178 : enum KeyedAccessStoreMode {
179 : STANDARD_STORE,
180 : STORE_TRANSITION_TO_OBJECT,
181 : STORE_TRANSITION_TO_DOUBLE,
182 : STORE_AND_GROW_NO_TRANSITION,
183 : STORE_AND_GROW_TRANSITION_TO_OBJECT,
184 : STORE_AND_GROW_TRANSITION_TO_DOUBLE,
185 : STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS,
186 : STORE_NO_TRANSITION_HANDLE_COW
187 : };
188 :
189 : enum MutableMode {
190 : MUTABLE,
191 : IMMUTABLE
192 : };
193 :
194 :
195 : static inline bool IsTransitionStoreMode(KeyedAccessStoreMode store_mode) {
196 19041 : return store_mode == STORE_TRANSITION_TO_OBJECT ||
197 19041 : store_mode == STORE_TRANSITION_TO_DOUBLE ||
198 40916 : store_mode == STORE_AND_GROW_TRANSITION_TO_OBJECT ||
199 : store_mode == STORE_AND_GROW_TRANSITION_TO_DOUBLE;
200 : }
201 :
202 :
203 : static inline KeyedAccessStoreMode GetNonTransitioningStoreMode(
204 : KeyedAccessStoreMode store_mode) {
205 148372 : if (store_mode >= STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS) {
206 : return store_mode;
207 : }
208 146984 : if (store_mode >= STORE_AND_GROW_NO_TRANSITION) {
209 : return STORE_AND_GROW_NO_TRANSITION;
210 : }
211 : return STANDARD_STORE;
212 : }
213 :
214 :
215 : static inline bool IsGrowStoreMode(KeyedAccessStoreMode store_mode) {
216 28735 : return store_mode >= STORE_AND_GROW_NO_TRANSITION &&
217 : store_mode <= STORE_AND_GROW_TRANSITION_TO_DOUBLE;
218 : }
219 :
220 :
221 : enum IcCheckType { ELEMENT, PROPERTY };
222 :
223 :
224 : // SKIP_WRITE_BARRIER skips the write barrier.
225 : // UPDATE_WEAK_WRITE_BARRIER skips the marking part of the write barrier and
226 : // only performs the generational part.
227 : // UPDATE_WRITE_BARRIER is doing the full barrier, marking and generational.
228 : enum WriteBarrierMode {
229 : SKIP_WRITE_BARRIER,
230 : UPDATE_WEAK_WRITE_BARRIER,
231 : UPDATE_WRITE_BARRIER
232 : };
233 :
234 :
235 : // PropertyNormalizationMode is used to specify whether to keep
236 : // inobject properties when normalizing properties of a JSObject.
237 : enum PropertyNormalizationMode {
238 : CLEAR_INOBJECT_PROPERTIES,
239 : KEEP_INOBJECT_PROPERTIES
240 : };
241 :
242 :
243 : // Indicates whether transitions can be added to a source map or not.
244 : enum TransitionFlag {
245 : INSERT_TRANSITION,
246 : OMIT_TRANSITION
247 : };
248 :
249 :
250 : // Indicates whether the transition is simple: the target map of the transition
251 : // either extends the current map with a new property, or it modifies the
252 : // property that was added last to the current map.
253 : enum SimpleTransitionFlag {
254 : SIMPLE_PROPERTY_TRANSITION,
255 : PROPERTY_TRANSITION,
256 : SPECIAL_TRANSITION
257 : };
258 :
259 : // Indicates whether we are only interested in the descriptors of a particular
260 : // map, or in all descriptors in the descriptor array.
261 : enum DescriptorFlag {
262 : ALL_DESCRIPTORS,
263 : OWN_DESCRIPTORS
264 : };
265 :
266 : // Instance size sentinel for objects of variable size.
267 : const int kVariableSizeSentinel = 0;
268 :
269 : // We may store the unsigned bit field as signed Smi value and do not
270 : // use the sign bit.
271 : const int kStubMajorKeyBits = 8;
272 : const int kStubMinorKeyBits = kSmiValueSize - kStubMajorKeyBits - 1;
273 :
274 : // All Maps have a field instance_type containing a InstanceType.
275 : // It describes the type of the instances.
276 : //
277 : // As an example, a JavaScript object is a heap object and its map
278 : // instance_type is JS_OBJECT_TYPE.
279 : //
280 : // The names of the string instance types are intended to systematically
281 : // mirror their encoding in the instance_type field of the map. The default
282 : // encoding is considered TWO_BYTE. It is not mentioned in the name. ONE_BYTE
283 : // encoding is mentioned explicitly in the name. Likewise, the default
284 : // representation is considered sequential. It is not mentioned in the
285 : // name. The other representations (e.g. CONS, EXTERNAL) are explicitly
286 : // mentioned. Finally, the string is either a STRING_TYPE (if it is a normal
287 : // string) or a INTERNALIZED_STRING_TYPE (if it is a internalized string).
288 : //
289 : // NOTE: The following things are some that depend on the string types having
290 : // instance_types that are less than those of all other types:
291 : // HeapObject::Size, HeapObject::IterateBody, the typeof operator, and
292 : // Object::IsString.
293 : //
294 : // NOTE: Everything following JS_VALUE_TYPE is considered a
295 : // JSObject for GC purposes. The first four entries here have typeof
296 : // 'object', whereas JS_FUNCTION_TYPE has typeof 'function'.
297 : #define INSTANCE_TYPE_LIST(V) \
298 : V(INTERNALIZED_STRING_TYPE) \
299 : V(EXTERNAL_INTERNALIZED_STRING_TYPE) \
300 : V(ONE_BYTE_INTERNALIZED_STRING_TYPE) \
301 : V(EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE) \
302 : V(EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE) \
303 : V(SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE) \
304 : V(SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE) \
305 : V(SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE) \
306 : V(STRING_TYPE) \
307 : V(CONS_STRING_TYPE) \
308 : V(EXTERNAL_STRING_TYPE) \
309 : V(SLICED_STRING_TYPE) \
310 : V(THIN_STRING_TYPE) \
311 : V(ONE_BYTE_STRING_TYPE) \
312 : V(CONS_ONE_BYTE_STRING_TYPE) \
313 : V(EXTERNAL_ONE_BYTE_STRING_TYPE) \
314 : V(SLICED_ONE_BYTE_STRING_TYPE) \
315 : V(THIN_ONE_BYTE_STRING_TYPE) \
316 : V(EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE) \
317 : V(SHORT_EXTERNAL_STRING_TYPE) \
318 : V(SHORT_EXTERNAL_ONE_BYTE_STRING_TYPE) \
319 : V(SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE) \
320 : \
321 : V(SYMBOL_TYPE) \
322 : V(HEAP_NUMBER_TYPE) \
323 : V(BIGINT_TYPE) \
324 : V(ODDBALL_TYPE) \
325 : \
326 : V(MAP_TYPE) \
327 : V(CODE_TYPE) \
328 : V(MUTABLE_HEAP_NUMBER_TYPE) \
329 : V(FOREIGN_TYPE) \
330 : V(BYTE_ARRAY_TYPE) \
331 : V(BYTECODE_ARRAY_TYPE) \
332 : V(FREE_SPACE_TYPE) \
333 : \
334 : V(FIXED_INT8_ARRAY_TYPE) \
335 : V(FIXED_UINT8_ARRAY_TYPE) \
336 : V(FIXED_INT16_ARRAY_TYPE) \
337 : V(FIXED_UINT16_ARRAY_TYPE) \
338 : V(FIXED_INT32_ARRAY_TYPE) \
339 : V(FIXED_UINT32_ARRAY_TYPE) \
340 : V(FIXED_FLOAT32_ARRAY_TYPE) \
341 : V(FIXED_FLOAT64_ARRAY_TYPE) \
342 : V(FIXED_UINT8_CLAMPED_ARRAY_TYPE) \
343 : \
344 : V(FIXED_DOUBLE_ARRAY_TYPE) \
345 : V(FILLER_TYPE) \
346 : \
347 : V(ACCESSOR_INFO_TYPE) \
348 : V(ACCESSOR_PAIR_TYPE) \
349 : V(ACCESS_CHECK_INFO_TYPE) \
350 : V(INTERCEPTOR_INFO_TYPE) \
351 : V(FUNCTION_TEMPLATE_INFO_TYPE) \
352 : V(OBJECT_TEMPLATE_INFO_TYPE) \
353 : V(ALLOCATION_SITE_TYPE) \
354 : V(ALLOCATION_MEMENTO_TYPE) \
355 : V(SCRIPT_TYPE) \
356 : V(ALIASED_ARGUMENTS_ENTRY_TYPE) \
357 : V(PROMISE_RESOLVE_THENABLE_JOB_INFO_TYPE) \
358 : V(PROMISE_REACTION_JOB_INFO_TYPE) \
359 : V(PROMISE_CAPABILITY_TYPE) \
360 : V(DEBUG_INFO_TYPE) \
361 : V(STACK_FRAME_INFO_TYPE) \
362 : V(PROTOTYPE_INFO_TYPE) \
363 : V(TUPLE2_TYPE) \
364 : V(TUPLE3_TYPE) \
365 : V(CONTEXT_EXTENSION_TYPE) \
366 : V(MODULE_TYPE) \
367 : V(MODULE_INFO_ENTRY_TYPE) \
368 : V(ASYNC_GENERATOR_REQUEST_TYPE) \
369 : V(FIXED_ARRAY_TYPE) \
370 : V(HASH_TABLE_TYPE) \
371 : V(FEEDBACK_VECTOR_TYPE) \
372 : V(TRANSITION_ARRAY_TYPE) \
373 : V(PROPERTY_ARRAY_TYPE) \
374 : V(SHARED_FUNCTION_INFO_TYPE) \
375 : V(CELL_TYPE) \
376 : V(WEAK_CELL_TYPE) \
377 : V(PROPERTY_CELL_TYPE) \
378 : V(SMALL_ORDERED_HASH_MAP_TYPE) \
379 : V(SMALL_ORDERED_HASH_SET_TYPE) \
380 : \
381 : V(JS_PROXY_TYPE) \
382 : V(JS_GLOBAL_OBJECT_TYPE) \
383 : V(JS_GLOBAL_PROXY_TYPE) \
384 : V(JS_MODULE_NAMESPACE_TYPE) \
385 : V(JS_SPECIAL_API_OBJECT_TYPE) \
386 : V(JS_VALUE_TYPE) \
387 : V(JS_MESSAGE_OBJECT_TYPE) \
388 : V(JS_DATE_TYPE) \
389 : V(JS_API_OBJECT_TYPE) \
390 : V(JS_OBJECT_TYPE) \
391 : V(JS_ARGUMENTS_TYPE) \
392 : V(JS_CONTEXT_EXTENSION_OBJECT_TYPE) \
393 : V(JS_GENERATOR_OBJECT_TYPE) \
394 : V(JS_ASYNC_GENERATOR_OBJECT_TYPE) \
395 : V(JS_ARRAY_TYPE) \
396 : V(JS_ARRAY_BUFFER_TYPE) \
397 : V(JS_TYPED_ARRAY_TYPE) \
398 : V(JS_DATA_VIEW_TYPE) \
399 : V(JS_SET_TYPE) \
400 : V(JS_MAP_TYPE) \
401 : V(JS_SET_KEY_VALUE_ITERATOR_TYPE) \
402 : V(JS_SET_VALUE_ITERATOR_TYPE) \
403 : V(JS_MAP_KEY_ITERATOR_TYPE) \
404 : V(JS_MAP_KEY_VALUE_ITERATOR_TYPE) \
405 : V(JS_MAP_VALUE_ITERATOR_TYPE) \
406 : V(JS_WEAK_MAP_TYPE) \
407 : V(JS_WEAK_SET_TYPE) \
408 : V(JS_PROMISE_TYPE) \
409 : V(JS_REGEXP_TYPE) \
410 : V(JS_ERROR_TYPE) \
411 : V(JS_ASYNC_FROM_SYNC_ITERATOR_TYPE) \
412 : V(JS_STRING_ITERATOR_TYPE) \
413 : \
414 : ARRAY_ITERATOR_TYPE_LIST(V) \
415 : \
416 : V(WASM_INSTANCE_TYPE) \
417 : V(WASM_MEMORY_TYPE) \
418 : V(WASM_MODULE_TYPE) \
419 : V(WASM_TABLE_TYPE) \
420 : V(JS_BOUND_FUNCTION_TYPE) \
421 : V(JS_FUNCTION_TYPE)
422 :
423 : // Since string types are not consecutive, this macro is used to
424 : // iterate over them.
425 : #define STRING_TYPE_LIST(V) \
426 : V(STRING_TYPE, kVariableSizeSentinel, string, String) \
427 : V(ONE_BYTE_STRING_TYPE, kVariableSizeSentinel, one_byte_string, \
428 : OneByteString) \
429 : V(CONS_STRING_TYPE, ConsString::kSize, cons_string, ConsString) \
430 : V(CONS_ONE_BYTE_STRING_TYPE, ConsString::kSize, cons_one_byte_string, \
431 : ConsOneByteString) \
432 : V(SLICED_STRING_TYPE, SlicedString::kSize, sliced_string, SlicedString) \
433 : V(SLICED_ONE_BYTE_STRING_TYPE, SlicedString::kSize, sliced_one_byte_string, \
434 : SlicedOneByteString) \
435 : V(EXTERNAL_STRING_TYPE, ExternalTwoByteString::kSize, external_string, \
436 : ExternalString) \
437 : V(EXTERNAL_ONE_BYTE_STRING_TYPE, ExternalOneByteString::kSize, \
438 : external_one_byte_string, ExternalOneByteString) \
439 : V(EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE, ExternalTwoByteString::kSize, \
440 : external_string_with_one_byte_data, ExternalStringWithOneByteData) \
441 : V(SHORT_EXTERNAL_STRING_TYPE, ExternalTwoByteString::kShortSize, \
442 : short_external_string, ShortExternalString) \
443 : V(SHORT_EXTERNAL_ONE_BYTE_STRING_TYPE, ExternalOneByteString::kShortSize, \
444 : short_external_one_byte_string, ShortExternalOneByteString) \
445 : V(SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE, \
446 : ExternalTwoByteString::kShortSize, \
447 : short_external_string_with_one_byte_data, \
448 : ShortExternalStringWithOneByteData) \
449 : \
450 : V(INTERNALIZED_STRING_TYPE, kVariableSizeSentinel, internalized_string, \
451 : InternalizedString) \
452 : V(ONE_BYTE_INTERNALIZED_STRING_TYPE, kVariableSizeSentinel, \
453 : one_byte_internalized_string, OneByteInternalizedString) \
454 : V(EXTERNAL_INTERNALIZED_STRING_TYPE, ExternalTwoByteString::kSize, \
455 : external_internalized_string, ExternalInternalizedString) \
456 : V(EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE, ExternalOneByteString::kSize, \
457 : external_one_byte_internalized_string, ExternalOneByteInternalizedString) \
458 : V(EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE, \
459 : ExternalTwoByteString::kSize, \
460 : external_internalized_string_with_one_byte_data, \
461 : ExternalInternalizedStringWithOneByteData) \
462 : V(SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE, \
463 : ExternalTwoByteString::kShortSize, short_external_internalized_string, \
464 : ShortExternalInternalizedString) \
465 : V(SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE, \
466 : ExternalOneByteString::kShortSize, \
467 : short_external_one_byte_internalized_string, \
468 : ShortExternalOneByteInternalizedString) \
469 : V(SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE, \
470 : ExternalTwoByteString::kShortSize, \
471 : short_external_internalized_string_with_one_byte_data, \
472 : ShortExternalInternalizedStringWithOneByteData) \
473 : V(THIN_STRING_TYPE, ThinString::kSize, thin_string, ThinString) \
474 : V(THIN_ONE_BYTE_STRING_TYPE, ThinString::kSize, thin_one_byte_string, \
475 : ThinOneByteString)
476 :
477 : #define ARRAY_ITERATOR_TYPE_LIST(V) \
478 : V(JS_TYPED_ARRAY_KEY_ITERATOR_TYPE) \
479 : V(JS_FAST_ARRAY_KEY_ITERATOR_TYPE) \
480 : V(JS_GENERIC_ARRAY_KEY_ITERATOR_TYPE) \
481 : \
482 : V(JS_UINT8_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
483 : V(JS_INT8_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
484 : V(JS_UINT16_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
485 : V(JS_INT16_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
486 : V(JS_UINT32_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
487 : V(JS_INT32_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
488 : V(JS_FLOAT32_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
489 : V(JS_FLOAT64_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
490 : V(JS_UINT8_CLAMPED_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
491 : \
492 : V(JS_FAST_SMI_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
493 : V(JS_FAST_HOLEY_SMI_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
494 : V(JS_FAST_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
495 : V(JS_FAST_HOLEY_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
496 : V(JS_FAST_DOUBLE_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
497 : V(JS_FAST_HOLEY_DOUBLE_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
498 : V(JS_GENERIC_ARRAY_KEY_VALUE_ITERATOR_TYPE) \
499 : \
500 : V(JS_UINT8_ARRAY_VALUE_ITERATOR_TYPE) \
501 : V(JS_INT8_ARRAY_VALUE_ITERATOR_TYPE) \
502 : V(JS_UINT16_ARRAY_VALUE_ITERATOR_TYPE) \
503 : V(JS_INT16_ARRAY_VALUE_ITERATOR_TYPE) \
504 : V(JS_UINT32_ARRAY_VALUE_ITERATOR_TYPE) \
505 : V(JS_INT32_ARRAY_VALUE_ITERATOR_TYPE) \
506 : V(JS_FLOAT32_ARRAY_VALUE_ITERATOR_TYPE) \
507 : V(JS_FLOAT64_ARRAY_VALUE_ITERATOR_TYPE) \
508 : V(JS_UINT8_CLAMPED_ARRAY_VALUE_ITERATOR_TYPE) \
509 : \
510 : V(JS_FAST_SMI_ARRAY_VALUE_ITERATOR_TYPE) \
511 : V(JS_FAST_HOLEY_SMI_ARRAY_VALUE_ITERATOR_TYPE) \
512 : V(JS_FAST_ARRAY_VALUE_ITERATOR_TYPE) \
513 : V(JS_FAST_HOLEY_ARRAY_VALUE_ITERATOR_TYPE) \
514 : V(JS_FAST_DOUBLE_ARRAY_VALUE_ITERATOR_TYPE) \
515 : V(JS_FAST_HOLEY_DOUBLE_ARRAY_VALUE_ITERATOR_TYPE) \
516 : V(JS_GENERIC_ARRAY_VALUE_ITERATOR_TYPE)
517 :
518 : // A struct is a simple object a set of object-valued fields. Including an
519 : // object type in this causes the compiler to generate most of the boilerplate
520 : // code for the class including allocation and garbage collection routines,
521 : // casts and predicates. All you need to define is the class, methods and
522 : // object verification routines. Easy, no?
523 : //
524 : // Note that for subtle reasons related to the ordering or numerical values of
525 : // type tags, elements in this list have to be added to the INSTANCE_TYPE_LIST
526 : // manually.
527 : #define STRUCT_LIST(V) \
528 : V(ACCESSOR_INFO, AccessorInfo, accessor_info) \
529 : V(ACCESSOR_PAIR, AccessorPair, accessor_pair) \
530 : V(ACCESS_CHECK_INFO, AccessCheckInfo, access_check_info) \
531 : V(INTERCEPTOR_INFO, InterceptorInfo, interceptor_info) \
532 : V(FUNCTION_TEMPLATE_INFO, FunctionTemplateInfo, function_template_info) \
533 : V(OBJECT_TEMPLATE_INFO, ObjectTemplateInfo, object_template_info) \
534 : V(ALLOCATION_SITE, AllocationSite, allocation_site) \
535 : V(ALLOCATION_MEMENTO, AllocationMemento, allocation_memento) \
536 : V(SCRIPT, Script, script) \
537 : V(ALIASED_ARGUMENTS_ENTRY, AliasedArgumentsEntry, aliased_arguments_entry) \
538 : V(PROMISE_RESOLVE_THENABLE_JOB_INFO, PromiseResolveThenableJobInfo, \
539 : promise_resolve_thenable_job_info) \
540 : V(PROMISE_REACTION_JOB_INFO, PromiseReactionJobInfo, \
541 : promise_reaction_job_info) \
542 : V(PROMISE_CAPABILITY, PromiseCapability, promise_capability) \
543 : V(DEBUG_INFO, DebugInfo, debug_info) \
544 : V(STACK_FRAME_INFO, StackFrameInfo, stack_frame_info) \
545 : V(PROTOTYPE_INFO, PrototypeInfo, prototype_info) \
546 : V(TUPLE2, Tuple2, tuple2) \
547 : V(TUPLE3, Tuple3, tuple3) \
548 : V(CONTEXT_EXTENSION, ContextExtension, context_extension) \
549 : V(MODULE, Module, module) \
550 : V(MODULE_INFO_ENTRY, ModuleInfoEntry, module_info_entry) \
551 : V(ASYNC_GENERATOR_REQUEST, AsyncGeneratorRequest, async_generator_request)
552 :
553 : // We use the full 8 bits of the instance_type field to encode heap object
554 : // instance types. The high-order bit (bit 7) is set if the object is not a
555 : // string, and cleared if it is a string.
556 : const uint32_t kIsNotStringMask = 0x80;
557 : const uint32_t kStringTag = 0x0;
558 : const uint32_t kNotStringTag = 0x80;
559 :
560 : // Bit 6 indicates that the object is an internalized string (if set) or not.
561 : // Bit 7 has to be clear as well.
562 : const uint32_t kIsNotInternalizedMask = 0x40;
563 : const uint32_t kNotInternalizedTag = 0x40;
564 : const uint32_t kInternalizedTag = 0x0;
565 :
566 : // If bit 7 is clear then bit 3 indicates whether the string consists of
567 : // two-byte characters or one-byte characters.
568 : const uint32_t kStringEncodingMask = 0x8;
569 : const uint32_t kTwoByteStringTag = 0x0;
570 : const uint32_t kOneByteStringTag = 0x8;
571 :
572 : // If bit 7 is clear, the low-order 3 bits indicate the representation
573 : // of the string.
574 : const uint32_t kStringRepresentationMask = 0x07;
575 : enum StringRepresentationTag {
576 : kSeqStringTag = 0x0,
577 : kConsStringTag = 0x1,
578 : kExternalStringTag = 0x2,
579 : kSlicedStringTag = 0x3,
580 : kThinStringTag = 0x5
581 : };
582 : const uint32_t kIsIndirectStringMask = 0x1;
583 : const uint32_t kIsIndirectStringTag = 0x1;
584 : STATIC_ASSERT((kSeqStringTag & kIsIndirectStringMask) == 0); // NOLINT
585 : STATIC_ASSERT((kExternalStringTag & kIsIndirectStringMask) == 0); // NOLINT
586 : STATIC_ASSERT((kConsStringTag &
587 : kIsIndirectStringMask) == kIsIndirectStringTag); // NOLINT
588 : STATIC_ASSERT((kSlicedStringTag &
589 : kIsIndirectStringMask) == kIsIndirectStringTag); // NOLINT
590 : STATIC_ASSERT((kThinStringTag & kIsIndirectStringMask) == kIsIndirectStringTag);
591 :
592 : // If bit 7 is clear, then bit 4 indicates whether this two-byte
593 : // string actually contains one byte data.
594 : const uint32_t kOneByteDataHintMask = 0x10;
595 : const uint32_t kOneByteDataHintTag = 0x10;
596 :
597 : // If bit 7 is clear and string representation indicates an external string,
598 : // then bit 5 indicates whether the data pointer is cached.
599 : const uint32_t kShortExternalStringMask = 0x20;
600 : const uint32_t kShortExternalStringTag = 0x20;
601 :
602 : // A ConsString with an empty string as the right side is a candidate
603 : // for being shortcut by the garbage collector. We don't allocate any
604 : // non-flat internalized strings, so we do not shortcut them thereby
605 : // avoiding turning internalized strings into strings. The bit-masks
606 : // below contain the internalized bit as additional safety.
607 : // See heap.cc, mark-compact.cc and objects-visiting.cc.
608 : const uint32_t kShortcutTypeMask =
609 : kIsNotStringMask |
610 : kIsNotInternalizedMask |
611 : kStringRepresentationMask;
612 : const uint32_t kShortcutTypeTag = kConsStringTag | kNotInternalizedTag;
613 :
614 : static inline bool IsShortcutCandidate(int type) {
615 62 : return ((type & kShortcutTypeMask) == kShortcutTypeTag);
616 : }
617 :
618 : enum InstanceType : uint8_t {
619 : // String types.
620 : INTERNALIZED_STRING_TYPE = kTwoByteStringTag | kSeqStringTag |
621 : kInternalizedTag, // FIRST_PRIMITIVE_TYPE
622 : ONE_BYTE_INTERNALIZED_STRING_TYPE =
623 : kOneByteStringTag | kSeqStringTag | kInternalizedTag,
624 : EXTERNAL_INTERNALIZED_STRING_TYPE =
625 : kTwoByteStringTag | kExternalStringTag | kInternalizedTag,
626 : EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE =
627 : kOneByteStringTag | kExternalStringTag | kInternalizedTag,
628 : EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE =
629 : EXTERNAL_INTERNALIZED_STRING_TYPE | kOneByteDataHintTag |
630 : kInternalizedTag,
631 : SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE = EXTERNAL_INTERNALIZED_STRING_TYPE |
632 : kShortExternalStringTag |
633 : kInternalizedTag,
634 : SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE =
635 : EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE | kShortExternalStringTag |
636 : kInternalizedTag,
637 : SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE =
638 : EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE |
639 : kShortExternalStringTag | kInternalizedTag,
640 : STRING_TYPE = INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
641 : ONE_BYTE_STRING_TYPE =
642 : ONE_BYTE_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
643 : CONS_STRING_TYPE = kTwoByteStringTag | kConsStringTag | kNotInternalizedTag,
644 : CONS_ONE_BYTE_STRING_TYPE =
645 : kOneByteStringTag | kConsStringTag | kNotInternalizedTag,
646 : SLICED_STRING_TYPE =
647 : kTwoByteStringTag | kSlicedStringTag | kNotInternalizedTag,
648 : SLICED_ONE_BYTE_STRING_TYPE =
649 : kOneByteStringTag | kSlicedStringTag | kNotInternalizedTag,
650 : EXTERNAL_STRING_TYPE =
651 : EXTERNAL_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
652 : EXTERNAL_ONE_BYTE_STRING_TYPE =
653 : EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
654 : EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE =
655 : EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE |
656 : kNotInternalizedTag,
657 : SHORT_EXTERNAL_STRING_TYPE =
658 : SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
659 : SHORT_EXTERNAL_ONE_BYTE_STRING_TYPE =
660 : SHORT_EXTERNAL_ONE_BYTE_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
661 : SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE =
662 : SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE |
663 : kNotInternalizedTag,
664 : THIN_STRING_TYPE = kTwoByteStringTag | kThinStringTag | kNotInternalizedTag,
665 : THIN_ONE_BYTE_STRING_TYPE =
666 : kOneByteStringTag | kThinStringTag | kNotInternalizedTag,
667 :
668 : // Non-string names
669 : SYMBOL_TYPE = kNotStringTag, // FIRST_NONSTRING_TYPE, LAST_NAME_TYPE
670 :
671 : // Other primitives (cannot contain non-map-word pointers to heap objects).
672 : HEAP_NUMBER_TYPE,
673 : BIGINT_TYPE,
674 : ODDBALL_TYPE, // LAST_PRIMITIVE_TYPE
675 :
676 : // Objects allocated in their own spaces (never in new space).
677 : MAP_TYPE,
678 : CODE_TYPE,
679 :
680 : // "Data", objects that cannot contain non-map-word pointers to heap
681 : // objects.
682 : MUTABLE_HEAP_NUMBER_TYPE,
683 : FOREIGN_TYPE,
684 : BYTE_ARRAY_TYPE,
685 : BYTECODE_ARRAY_TYPE,
686 : FREE_SPACE_TYPE,
687 : FIXED_INT8_ARRAY_TYPE, // FIRST_FIXED_TYPED_ARRAY_TYPE
688 : FIXED_UINT8_ARRAY_TYPE,
689 : FIXED_INT16_ARRAY_TYPE,
690 : FIXED_UINT16_ARRAY_TYPE,
691 : FIXED_INT32_ARRAY_TYPE,
692 : FIXED_UINT32_ARRAY_TYPE,
693 : FIXED_FLOAT32_ARRAY_TYPE,
694 : FIXED_FLOAT64_ARRAY_TYPE,
695 : FIXED_UINT8_CLAMPED_ARRAY_TYPE, // LAST_FIXED_TYPED_ARRAY_TYPE
696 : FIXED_DOUBLE_ARRAY_TYPE,
697 : FILLER_TYPE, // LAST_DATA_TYPE
698 :
699 : // Structs.
700 : ACCESSOR_INFO_TYPE,
701 : ACCESSOR_PAIR_TYPE,
702 : ACCESS_CHECK_INFO_TYPE,
703 : INTERCEPTOR_INFO_TYPE,
704 : FUNCTION_TEMPLATE_INFO_TYPE,
705 : OBJECT_TEMPLATE_INFO_TYPE,
706 : ALLOCATION_SITE_TYPE,
707 : ALLOCATION_MEMENTO_TYPE,
708 : SCRIPT_TYPE,
709 : ALIASED_ARGUMENTS_ENTRY_TYPE,
710 : PROMISE_RESOLVE_THENABLE_JOB_INFO_TYPE,
711 : PROMISE_REACTION_JOB_INFO_TYPE,
712 : PROMISE_CAPABILITY_TYPE,
713 : DEBUG_INFO_TYPE,
714 : STACK_FRAME_INFO_TYPE,
715 : PROTOTYPE_INFO_TYPE,
716 : TUPLE2_TYPE,
717 : TUPLE3_TYPE,
718 : CONTEXT_EXTENSION_TYPE,
719 : MODULE_TYPE,
720 : MODULE_INFO_ENTRY_TYPE,
721 : ASYNC_GENERATOR_REQUEST_TYPE,
722 : FIXED_ARRAY_TYPE,
723 : HASH_TABLE_TYPE,
724 : FEEDBACK_VECTOR_TYPE,
725 : TRANSITION_ARRAY_TYPE,
726 : PROPERTY_ARRAY_TYPE,
727 : SHARED_FUNCTION_INFO_TYPE,
728 : CELL_TYPE,
729 : WEAK_CELL_TYPE,
730 : PROPERTY_CELL_TYPE,
731 : SMALL_ORDERED_HASH_MAP_TYPE,
732 : SMALL_ORDERED_HASH_SET_TYPE,
733 :
734 : // All the following types are subtypes of JSReceiver, which corresponds to
735 : // objects in the JS sense. The first and the last type in this range are
736 : // the two forms of function. This organization enables using the same
737 : // compares for checking the JS_RECEIVER and the NONCALLABLE_JS_OBJECT range.
738 : JS_PROXY_TYPE, // FIRST_JS_RECEIVER_TYPE
739 : JS_GLOBAL_OBJECT_TYPE, // FIRST_JS_OBJECT_TYPE
740 : JS_GLOBAL_PROXY_TYPE,
741 : JS_MODULE_NAMESPACE_TYPE,
742 : // Like JS_API_OBJECT_TYPE, but requires access checks and/or has
743 : // interceptors.
744 : JS_SPECIAL_API_OBJECT_TYPE, // LAST_SPECIAL_RECEIVER_TYPE
745 : JS_VALUE_TYPE, // LAST_CUSTOM_ELEMENTS_RECEIVER
746 : JS_MESSAGE_OBJECT_TYPE,
747 : JS_DATE_TYPE,
748 : // Like JS_OBJECT_TYPE, but created from API function.
749 : JS_API_OBJECT_TYPE,
750 : JS_OBJECT_TYPE,
751 : JS_ARGUMENTS_TYPE,
752 : JS_CONTEXT_EXTENSION_OBJECT_TYPE,
753 : JS_GENERATOR_OBJECT_TYPE,
754 : JS_ASYNC_GENERATOR_OBJECT_TYPE,
755 : JS_ARRAY_TYPE,
756 : JS_ARRAY_BUFFER_TYPE,
757 : JS_TYPED_ARRAY_TYPE,
758 : JS_DATA_VIEW_TYPE,
759 : JS_SET_TYPE,
760 : JS_MAP_TYPE,
761 : JS_SET_KEY_VALUE_ITERATOR_TYPE,
762 : JS_SET_VALUE_ITERATOR_TYPE,
763 : JS_MAP_KEY_ITERATOR_TYPE,
764 : JS_MAP_KEY_VALUE_ITERATOR_TYPE,
765 : JS_MAP_VALUE_ITERATOR_TYPE,
766 : JS_WEAK_MAP_TYPE,
767 : JS_WEAK_SET_TYPE,
768 : JS_PROMISE_TYPE,
769 : JS_REGEXP_TYPE,
770 : JS_ERROR_TYPE,
771 : JS_ASYNC_FROM_SYNC_ITERATOR_TYPE,
772 : JS_STRING_ITERATOR_TYPE,
773 :
774 : #define ARRAY_ITERATOR_TYPE(type) type,
775 : ARRAY_ITERATOR_TYPE_LIST(ARRAY_ITERATOR_TYPE)
776 : #undef ARRAY_ITERATOR_TYPE
777 :
778 : WASM_INSTANCE_TYPE,
779 : WASM_MEMORY_TYPE,
780 : WASM_MODULE_TYPE,
781 : WASM_TABLE_TYPE,
782 : JS_BOUND_FUNCTION_TYPE,
783 : JS_FUNCTION_TYPE, // LAST_JS_OBJECT_TYPE, LAST_JS_RECEIVER_TYPE
784 :
785 : // Pseudo-types
786 : FIRST_TYPE = 0x0,
787 : LAST_TYPE = JS_FUNCTION_TYPE,
788 : FIRST_NAME_TYPE = FIRST_TYPE,
789 : LAST_NAME_TYPE = SYMBOL_TYPE,
790 : FIRST_UNIQUE_NAME_TYPE = INTERNALIZED_STRING_TYPE,
791 : LAST_UNIQUE_NAME_TYPE = SYMBOL_TYPE,
792 : FIRST_NONSTRING_TYPE = SYMBOL_TYPE,
793 : FIRST_PRIMITIVE_TYPE = FIRST_NAME_TYPE,
794 : LAST_PRIMITIVE_TYPE = ODDBALL_TYPE,
795 : FIRST_FUNCTION_TYPE = JS_BOUND_FUNCTION_TYPE,
796 : LAST_FUNCTION_TYPE = JS_FUNCTION_TYPE,
797 : // Boundaries for testing for a fixed typed array.
798 : FIRST_FIXED_TYPED_ARRAY_TYPE = FIXED_INT8_ARRAY_TYPE,
799 : LAST_FIXED_TYPED_ARRAY_TYPE = FIXED_UINT8_CLAMPED_ARRAY_TYPE,
800 : // Boundary for promotion to old space.
801 : LAST_DATA_TYPE = FILLER_TYPE,
802 : // Boundary for objects represented as JSReceiver (i.e. JSObject or JSProxy).
803 : // Note that there is no range for JSObject or JSProxy, since their subtypes
804 : // are not continuous in this enum! The enum ranges instead reflect the
805 : // external class names, where proxies are treated as either ordinary objects,
806 : // or functions.
807 : FIRST_JS_RECEIVER_TYPE = JS_PROXY_TYPE,
808 : LAST_JS_RECEIVER_TYPE = LAST_TYPE,
809 : // Boundaries for testing the types represented as JSObject
810 : FIRST_JS_OBJECT_TYPE = JS_GLOBAL_OBJECT_TYPE,
811 : LAST_JS_OBJECT_TYPE = LAST_TYPE,
812 : // Boundary for testing JSReceivers that need special property lookup handling
813 : LAST_SPECIAL_RECEIVER_TYPE = JS_SPECIAL_API_OBJECT_TYPE,
814 : // Boundary case for testing JSReceivers that may have elements while having
815 : // an empty fixed array as elements backing store. This is true for string
816 : // wrappers.
817 : LAST_CUSTOM_ELEMENTS_RECEIVER = JS_VALUE_TYPE,
818 :
819 : FIRST_ARRAY_KEY_ITERATOR_TYPE = JS_TYPED_ARRAY_KEY_ITERATOR_TYPE,
820 : LAST_ARRAY_KEY_ITERATOR_TYPE = JS_GENERIC_ARRAY_KEY_ITERATOR_TYPE,
821 :
822 : FIRST_ARRAY_KEY_VALUE_ITERATOR_TYPE = JS_UINT8_ARRAY_KEY_VALUE_ITERATOR_TYPE,
823 : LAST_ARRAY_KEY_VALUE_ITERATOR_TYPE = JS_GENERIC_ARRAY_KEY_VALUE_ITERATOR_TYPE,
824 :
825 : FIRST_ARRAY_VALUE_ITERATOR_TYPE = JS_UINT8_ARRAY_VALUE_ITERATOR_TYPE,
826 : LAST_ARRAY_VALUE_ITERATOR_TYPE = JS_GENERIC_ARRAY_VALUE_ITERATOR_TYPE,
827 :
828 : FIRST_ARRAY_ITERATOR_TYPE = FIRST_ARRAY_KEY_ITERATOR_TYPE,
829 : LAST_ARRAY_ITERATOR_TYPE = LAST_ARRAY_VALUE_ITERATOR_TYPE,
830 :
831 : FIRST_SET_ITERATOR_TYPE = JS_SET_KEY_VALUE_ITERATOR_TYPE,
832 : LAST_SET_ITERATOR_TYPE = JS_SET_VALUE_ITERATOR_TYPE,
833 :
834 : FIRST_MAP_ITERATOR_TYPE = JS_MAP_KEY_ITERATOR_TYPE,
835 : LAST_MAP_ITERATOR_TYPE = JS_MAP_VALUE_ITERATOR_TYPE,
836 : };
837 :
838 : STATIC_ASSERT(JS_OBJECT_TYPE == Internals::kJSObjectType);
839 : STATIC_ASSERT(JS_API_OBJECT_TYPE == Internals::kJSApiObjectType);
840 : STATIC_ASSERT(JS_SPECIAL_API_OBJECT_TYPE == Internals::kJSSpecialApiObjectType);
841 : STATIC_ASSERT(FIRST_NONSTRING_TYPE == Internals::kFirstNonstringType);
842 : STATIC_ASSERT(ODDBALL_TYPE == Internals::kOddballType);
843 : STATIC_ASSERT(FOREIGN_TYPE == Internals::kForeignType);
844 :
845 : V8_EXPORT_PRIVATE std::ostream& operator<<(std::ostream& os,
846 : InstanceType instance_type);
847 :
848 : #define FIXED_ARRAY_SUB_INSTANCE_TYPE_LIST(V) \
849 : V(BYTECODE_ARRAY_CONSTANT_POOL_SUB_TYPE) \
850 : V(BYTECODE_ARRAY_HANDLER_TABLE_SUB_TYPE) \
851 : V(CODE_STUBS_TABLE_SUB_TYPE) \
852 : V(COMPILATION_CACHE_TABLE_SUB_TYPE) \
853 : V(CONTEXT_SUB_TYPE) \
854 : V(COPY_ON_WRITE_SUB_TYPE) \
855 : V(DEOPTIMIZATION_DATA_SUB_TYPE) \
856 : V(DESCRIPTOR_ARRAY_SUB_TYPE) \
857 : V(EMBEDDED_OBJECT_SUB_TYPE) \
858 : V(ENUM_CACHE_SUB_TYPE) \
859 : V(ENUM_INDICES_CACHE_SUB_TYPE) \
860 : V(DEPENDENT_CODE_SUB_TYPE) \
861 : V(DICTIONARY_ELEMENTS_SUB_TYPE) \
862 : V(DICTIONARY_PROPERTIES_SUB_TYPE) \
863 : V(EMPTY_PROPERTIES_DICTIONARY_SUB_TYPE) \
864 : V(PACKED_ELEMENTS_SUB_TYPE) \
865 : V(FAST_PROPERTIES_SUB_TYPE) \
866 : V(FAST_TEMPLATE_INSTANTIATIONS_CACHE_SUB_TYPE) \
867 : V(HANDLER_TABLE_SUB_TYPE) \
868 : V(JS_COLLECTION_SUB_TYPE) \
869 : V(JS_WEAK_COLLECTION_SUB_TYPE) \
870 : V(NOSCRIPT_SHARED_FUNCTION_INFOS_SUB_TYPE) \
871 : V(NUMBER_STRING_CACHE_SUB_TYPE) \
872 : V(OBJECT_TO_CODE_SUB_TYPE) \
873 : V(OPTIMIZED_CODE_LITERALS_SUB_TYPE) \
874 : V(OPTIMIZED_CODE_MAP_SUB_TYPE) \
875 : V(PROTOTYPE_USERS_SUB_TYPE) \
876 : V(REGEXP_MULTIPLE_CACHE_SUB_TYPE) \
877 : V(RETAINED_MAPS_SUB_TYPE) \
878 : V(SCOPE_INFO_SUB_TYPE) \
879 : V(SCRIPT_LIST_SUB_TYPE) \
880 : V(SERIALIZED_TEMPLATES_SUB_TYPE) \
881 : V(SHARED_FUNCTION_INFOS_SUB_TYPE) \
882 : V(SINGLE_CHARACTER_STRING_CACHE_SUB_TYPE) \
883 : V(SLOW_TEMPLATE_INSTANTIATIONS_CACHE_SUB_TYPE) \
884 : V(STRING_SPLIT_CACHE_SUB_TYPE) \
885 : V(STRING_TABLE_SUB_TYPE) \
886 : V(TEMPLATE_INFO_SUB_TYPE) \
887 : V(FEEDBACK_METADATA_SUB_TYPE) \
888 : V(WEAK_NEW_SPACE_OBJECT_TO_CODE_SUB_TYPE)
889 :
890 : enum FixedArraySubInstanceType {
891 : #define DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE(name) name,
892 : FIXED_ARRAY_SUB_INSTANCE_TYPE_LIST(DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE)
893 : #undef DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE
894 : LAST_FIXED_ARRAY_SUB_TYPE = WEAK_NEW_SPACE_OBJECT_TO_CODE_SUB_TYPE
895 : };
896 :
897 :
898 : // TODO(bmeurer): Remove this in favor of the ComparisonResult below.
899 : enum CompareResult {
900 : LESS = -1,
901 : EQUAL = 0,
902 : GREATER = 1,
903 :
904 : NOT_EQUAL = GREATER
905 : };
906 :
907 :
908 : // Result of an abstract relational comparison of x and y, implemented according
909 : // to ES6 section 7.2.11 Abstract Relational Comparison.
910 : enum class ComparisonResult {
911 : kLessThan, // x < y
912 : kEqual, // x = y
913 : kGreaterThan, // x > y
914 : kUndefined // at least one of x or y was undefined or NaN
915 : };
916 :
917 : class AbstractCode;
918 : class AccessorPair;
919 : class AllocationSite;
920 : class Cell;
921 : class ConsString;
922 : class DependentCode;
923 : class ElementsAccessor;
924 : class EnumCache;
925 : class FixedArrayBase;
926 : class PropertyArray;
927 : class FunctionLiteral;
928 : class JSGlobalObject;
929 : class KeyAccumulator;
930 : class LayoutDescriptor;
931 : class LookupIterator;
932 : class FieldType;
933 : class Module;
934 : class ModuleInfoEntry;
935 : class ObjectHashTable;
936 : class ObjectVisitor;
937 : class PropertyCell;
938 : class PropertyDescriptor;
939 : class RootVisitor;
940 : class SafepointEntry;
941 : class SharedFunctionInfo;
942 : class StringStream;
943 : class TypeFeedbackInfo;
944 : class FeedbackMetadata;
945 : class FeedbackVector;
946 : class WeakCell;
947 : class TransitionArray;
948 : class TemplateList;
949 : class TemplateMap;
950 : template <typename T>
951 : class ZoneForwardList;
952 :
953 : // A template-ized version of the IsXXX functions.
954 : template <class C> inline bool Is(Object* obj);
955 :
956 : #ifdef OBJECT_PRINT
957 : #define DECL_PRINTER(Name) void Name##Print(std::ostream& os); // NOLINT
958 : #else
959 : #define DECL_PRINTER(Name)
960 : #endif
961 :
962 : #define OBJECT_TYPE_LIST(V) \
963 : V(Smi) \
964 : V(LayoutDescriptor) \
965 : V(HeapObject) \
966 : V(Primitive) \
967 : V(Number)
968 :
969 : #define HEAP_OBJECT_ORDINARY_TYPE_LIST(V) \
970 : V(AbstractCode) \
971 : V(AccessCheckNeeded) \
972 : V(ArrayList) \
973 : V(BigInt) \
974 : V(BoilerplateDescription) \
975 : V(Boolean) \
976 : V(BreakPoint) \
977 : V(BreakPointInfo) \
978 : V(ByteArray) \
979 : V(BytecodeArray) \
980 : V(Callable) \
981 : V(CallHandlerInfo) \
982 : V(Cell) \
983 : V(Code) \
984 : V(CompilationCacheTable) \
985 : V(ConsString) \
986 : V(ConstantElementsPair) \
987 : V(Constructor) \
988 : V(Context) \
989 : V(CoverageInfo) \
990 : V(DeoptimizationData) \
991 : V(DependentCode) \
992 : V(DescriptorArray) \
993 : V(EnumCache) \
994 : V(External) \
995 : V(ExternalOneByteString) \
996 : V(ExternalString) \
997 : V(ExternalTwoByteString) \
998 : V(FeedbackMetadata) \
999 : V(FeedbackVector) \
1000 : V(Filler) \
1001 : V(FixedArray) \
1002 : V(FixedArrayBase) \
1003 : V(FixedDoubleArray) \
1004 : V(FixedFloat32Array) \
1005 : V(FixedFloat64Array) \
1006 : V(FixedInt16Array) \
1007 : V(FixedInt32Array) \
1008 : V(FixedInt8Array) \
1009 : V(FixedTypedArrayBase) \
1010 : V(FixedUint16Array) \
1011 : V(FixedUint32Array) \
1012 : V(FixedUint8Array) \
1013 : V(FixedUint8ClampedArray) \
1014 : V(Foreign) \
1015 : V(FrameArray) \
1016 : V(FreeSpace) \
1017 : V(Function) \
1018 : V(HandlerTable) \
1019 : V(HeapNumber) \
1020 : V(InternalizedString) \
1021 : V(JSArgumentsObject) \
1022 : V(JSArray) \
1023 : V(JSArrayBuffer) \
1024 : V(JSArrayBufferView) \
1025 : V(JSArrayIterator) \
1026 : V(JSAsyncFromSyncIterator) \
1027 : V(JSAsyncGeneratorObject) \
1028 : V(JSBoundFunction) \
1029 : V(JSCollection) \
1030 : V(JSContextExtensionObject) \
1031 : V(JSDataView) \
1032 : V(JSDate) \
1033 : V(JSError) \
1034 : V(JSFunction) \
1035 : V(JSGeneratorObject) \
1036 : V(JSGlobalObject) \
1037 : V(JSGlobalProxy) \
1038 : V(JSMap) \
1039 : V(JSMapIterator) \
1040 : V(JSMessageObject) \
1041 : V(JSModuleNamespace) \
1042 : V(JSObject) \
1043 : V(JSPromise) \
1044 : V(JSProxy) \
1045 : V(JSReceiver) \
1046 : V(JSRegExp) \
1047 : V(JSSet) \
1048 : V(JSSetIterator) \
1049 : V(JSSloppyArgumentsObject) \
1050 : V(JSStringIterator) \
1051 : V(JSTypedArray) \
1052 : V(JSValue) \
1053 : V(JSWeakCollection) \
1054 : V(JSWeakMap) \
1055 : V(JSWeakSet) \
1056 : V(Map) \
1057 : V(MapCache) \
1058 : V(ModuleInfo) \
1059 : V(MutableHeapNumber) \
1060 : V(Name) \
1061 : V(NativeContext) \
1062 : V(NormalizedMapCache) \
1063 : V(ObjectHashSet) \
1064 : V(ObjectHashTable) \
1065 : V(Oddball) \
1066 : V(PreParsedScopeData) \
1067 : V(PropertyArray) \
1068 : V(PropertyCell) \
1069 : V(PropertyDescriptorObject) \
1070 : V(RegExpMatchInfo) \
1071 : V(ScopeInfo) \
1072 : V(ScriptContextTable) \
1073 : V(SeqOneByteString) \
1074 : V(SeqString) \
1075 : V(SeqTwoByteString) \
1076 : V(SharedFunctionInfo) \
1077 : V(SlicedString) \
1078 : V(SloppyArgumentsElements) \
1079 : V(SmallOrderedHashMap) \
1080 : V(SmallOrderedHashSet) \
1081 : V(SourcePositionTableWithFrameCache) \
1082 : V(String) \
1083 : V(StringSet) \
1084 : V(StringTable) \
1085 : V(StringWrapper) \
1086 : V(Struct) \
1087 : V(Symbol) \
1088 : V(TemplateInfo) \
1089 : V(TemplateList) \
1090 : V(TemplateMap) \
1091 : V(TemplateObjectDescription) \
1092 : V(ThinString) \
1093 : V(TransitionArray) \
1094 : V(TypeFeedbackInfo) \
1095 : V(Undetectable) \
1096 : V(UniqueName) \
1097 : V(UnseededNumberDictionary) \
1098 : V(WasmInstanceObject) \
1099 : V(WasmMemoryObject) \
1100 : V(WasmModuleObject) \
1101 : V(WasmTableObject) \
1102 : V(WeakCell) \
1103 : V(WeakFixedArray) \
1104 : V(WeakHashTable)
1105 :
1106 : #define HEAP_OBJECT_TEMPLATE_TYPE_LIST(V) \
1107 : V(Dictionary) \
1108 : V(HashTable) \
1109 : V(OrderedHashTable)
1110 :
1111 : #define HEAP_OBJECT_TYPE_LIST(V) \
1112 : HEAP_OBJECT_ORDINARY_TYPE_LIST(V) \
1113 : HEAP_OBJECT_TEMPLATE_TYPE_LIST(V)
1114 :
1115 : #define ODDBALL_LIST(V) \
1116 : V(Undefined, undefined_value) \
1117 : V(Null, null_value) \
1118 : V(TheHole, the_hole_value) \
1119 : V(Exception, exception) \
1120 : V(Uninitialized, uninitialized_value) \
1121 : V(True, true_value) \
1122 : V(False, false_value) \
1123 : V(ArgumentsMarker, arguments_marker) \
1124 : V(OptimizedOut, optimized_out) \
1125 : V(StaleRegister, stale_register)
1126 :
1127 : // The element types selection for CreateListFromArrayLike.
1128 : enum class ElementTypes { kAll, kStringAndSymbol };
1129 :
1130 : // Object is the abstract superclass for all classes in the
1131 : // object hierarchy.
1132 : // Object does not use any virtual functions to avoid the
1133 : // allocation of the C++ vtable.
1134 : // Since both Smi and HeapObject are subclasses of Object no
1135 : // data members can be present in Object.
1136 : class Object {
1137 : public:
1138 : // Type testing.
1139 57980959 : bool IsObject() const { return true; }
1140 :
1141 : #define IS_TYPE_FUNCTION_DECL(Type) INLINE(bool Is##Type() const);
1142 : OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
1143 : HEAP_OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
1144 : #undef IS_TYPE_FUNCTION_DECL
1145 :
1146 : #define IS_TYPE_FUNCTION_DECL(Type, Value) \
1147 : INLINE(bool Is##Type(Isolate* isolate) const);
1148 : ODDBALL_LIST(IS_TYPE_FUNCTION_DECL)
1149 : #undef IS_TYPE_FUNCTION_DECL
1150 :
1151 : INLINE(bool IsNullOrUndefined(Isolate* isolate) const);
1152 :
1153 : // A non-keyed store is of the form a.x = foo or a["x"] = foo whereas
1154 : // a keyed store is of the form a[expression] = foo.
1155 : enum StoreFromKeyed {
1156 : MAY_BE_STORE_FROM_KEYED,
1157 : CERTAINLY_NOT_STORE_FROM_KEYED
1158 : };
1159 :
1160 : enum ShouldThrow { THROW_ON_ERROR, DONT_THROW };
1161 :
1162 : enum class Conversion { kToNumber, kToNumeric };
1163 :
1164 : #define RETURN_FAILURE(isolate, should_throw, call) \
1165 : do { \
1166 : if ((should_throw) == DONT_THROW) { \
1167 : return Just(false); \
1168 : } else { \
1169 : isolate->Throw(*isolate->factory()->call); \
1170 : return Nothing<bool>(); \
1171 : } \
1172 : } while (false)
1173 :
1174 : #define MAYBE_RETURN(call, value) \
1175 : do { \
1176 : if ((call).IsNothing()) return value; \
1177 : } while (false)
1178 :
1179 : #define MAYBE_RETURN_NULL(call) MAYBE_RETURN(call, MaybeHandle<Object>())
1180 :
1181 : #define DECL_STRUCT_PREDICATE(NAME, Name, name) INLINE(bool Is##Name() const);
1182 : STRUCT_LIST(DECL_STRUCT_PREDICATE)
1183 : #undef DECL_STRUCT_PREDICATE
1184 :
1185 : // ES6, #sec-isarray. NOT to be confused with %_IsArray.
1186 : INLINE(MUST_USE_RESULT static Maybe<bool> IsArray(Handle<Object> object));
1187 :
1188 : INLINE(bool IsNameDictionary() const);
1189 : INLINE(bool IsGlobalDictionary() const);
1190 : INLINE(bool IsSeededNumberDictionary() const);
1191 : INLINE(bool IsOrderedHashSet() const);
1192 : INLINE(bool IsOrderedHashMap() const);
1193 : INLINE(bool IsSmallOrderedHashTable() const);
1194 :
1195 : // Extract the number.
1196 : inline double Number() const;
1197 : INLINE(bool IsNaN() const);
1198 : INLINE(bool IsMinusZero() const);
1199 : V8_EXPORT_PRIVATE bool ToInt32(int32_t* value);
1200 : inline bool ToUint32(uint32_t* value) const;
1201 :
1202 : inline Representation OptimalRepresentation();
1203 :
1204 : inline ElementsKind OptimalElementsKind();
1205 :
1206 : inline bool FitsRepresentation(Representation representation);
1207 :
1208 : // Checks whether two valid primitive encodings of a property name resolve to
1209 : // the same logical property. E.g., the smi 1, the string "1" and the double
1210 : // 1 all refer to the same property, so this helper will return true.
1211 : inline bool KeyEquals(Object* other);
1212 :
1213 : inline bool FilterKey(PropertyFilter filter);
1214 :
1215 : Handle<FieldType> OptimalType(Isolate* isolate,
1216 : Representation representation);
1217 :
1218 : inline static Handle<Object> NewStorageFor(Isolate* isolate,
1219 : Handle<Object> object,
1220 : Representation representation);
1221 :
1222 : inline static Handle<Object> WrapForRead(Isolate* isolate,
1223 : Handle<Object> object,
1224 : Representation representation);
1225 :
1226 : // Returns true if the object is of the correct type to be used as a
1227 : // implementation of a JSObject's elements.
1228 : inline bool HasValidElements();
1229 :
1230 : inline bool HasSpecificClassOf(String* name);
1231 :
1232 : bool BooleanValue(); // ECMA-262 9.2.
1233 :
1234 : // ES6 section 7.2.11 Abstract Relational Comparison
1235 : MUST_USE_RESULT static Maybe<ComparisonResult> Compare(Handle<Object> x,
1236 : Handle<Object> y);
1237 :
1238 : // ES6 section 7.2.12 Abstract Equality Comparison
1239 : MUST_USE_RESULT static Maybe<bool> Equals(Handle<Object> x, Handle<Object> y);
1240 :
1241 : // ES6 section 7.2.13 Strict Equality Comparison
1242 : bool StrictEquals(Object* that);
1243 :
1244 : // ES6 section 7.1.13 ToObject
1245 : // Convert to a JSObject if needed.
1246 : // native_context is used when creating wrapper object.
1247 : //
1248 : // Passing a non-null method_name allows us to give a more informative
1249 : // error message for those cases where ToObject is being called on
1250 : // the receiver of a built-in method.
1251 : MUST_USE_RESULT static inline MaybeHandle<JSReceiver> ToObject(
1252 : Isolate* isolate, Handle<Object> object,
1253 : const char* method_name = nullptr);
1254 : MUST_USE_RESULT static MaybeHandle<JSReceiver> ToObject(
1255 : Isolate* isolate, Handle<Object> object, Handle<Context> native_context,
1256 : const char* method_name = nullptr);
1257 :
1258 : // ES6 section 9.2.1.2, OrdinaryCallBindThis for sloppy callee.
1259 : MUST_USE_RESULT static MaybeHandle<JSReceiver> ConvertReceiver(
1260 : Isolate* isolate, Handle<Object> object);
1261 :
1262 : // ES6 section 7.1.14 ToPropertyKey
1263 : MUST_USE_RESULT static inline MaybeHandle<Name> ToName(Isolate* isolate,
1264 : Handle<Object> input);
1265 :
1266 : // ES6 section 7.1.1 ToPrimitive
1267 : MUST_USE_RESULT static inline MaybeHandle<Object> ToPrimitive(
1268 : Handle<Object> input, ToPrimitiveHint hint = ToPrimitiveHint::kDefault);
1269 :
1270 : // ES6 section 7.1.3 ToNumber
1271 : MUST_USE_RESULT static inline MaybeHandle<Object> ToNumber(
1272 : Handle<Object> input);
1273 :
1274 : MUST_USE_RESULT static inline MaybeHandle<Object> ToNumeric(
1275 : Handle<Object> input);
1276 :
1277 : // ES6 section 7.1.4 ToInteger
1278 : MUST_USE_RESULT static inline MaybeHandle<Object> ToInteger(
1279 : Isolate* isolate, Handle<Object> input);
1280 :
1281 : // ES6 section 7.1.5 ToInt32
1282 : MUST_USE_RESULT static inline MaybeHandle<Object> ToInt32(
1283 : Isolate* isolate, Handle<Object> input);
1284 :
1285 : // ES6 section 7.1.6 ToUint32
1286 : MUST_USE_RESULT inline static MaybeHandle<Object> ToUint32(
1287 : Isolate* isolate, Handle<Object> input);
1288 :
1289 : // ES6 section 7.1.12 ToString
1290 : MUST_USE_RESULT static inline MaybeHandle<String> ToString(
1291 : Isolate* isolate, Handle<Object> input);
1292 :
1293 : static Handle<String> NoSideEffectsToString(Isolate* isolate,
1294 : Handle<Object> input);
1295 :
1296 : // ES6 section 7.1.14 ToPropertyKey
1297 : MUST_USE_RESULT static inline MaybeHandle<Object> ToPropertyKey(
1298 : Isolate* isolate, Handle<Object> value);
1299 :
1300 : // ES6 section 7.1.15 ToLength
1301 : MUST_USE_RESULT static inline MaybeHandle<Object> ToLength(
1302 : Isolate* isolate, Handle<Object> input);
1303 :
1304 : // ES6 section 7.1.17 ToIndex
1305 : MUST_USE_RESULT static inline MaybeHandle<Object> ToIndex(
1306 : Isolate* isolate, Handle<Object> input,
1307 : MessageTemplate::Template error_index);
1308 :
1309 : // ES6 section 7.3.9 GetMethod
1310 : MUST_USE_RESULT static MaybeHandle<Object> GetMethod(
1311 : Handle<JSReceiver> receiver, Handle<Name> name);
1312 :
1313 : // ES6 section 7.3.17 CreateListFromArrayLike
1314 : MUST_USE_RESULT static MaybeHandle<FixedArray> CreateListFromArrayLike(
1315 : Isolate* isolate, Handle<Object> object, ElementTypes element_types);
1316 :
1317 : // Get length property and apply ToLength.
1318 : MUST_USE_RESULT static MaybeHandle<Object> GetLengthFromArrayLike(
1319 : Isolate* isolate, Handle<Object> object);
1320 :
1321 : // ES6 section 12.5.6 The typeof Operator
1322 : static Handle<String> TypeOf(Isolate* isolate, Handle<Object> object);
1323 :
1324 : // ES6 section 12.6 Multiplicative Operators
1325 : MUST_USE_RESULT static MaybeHandle<Object> Multiply(Isolate* isolate,
1326 : Handle<Object> lhs,
1327 : Handle<Object> rhs);
1328 : MUST_USE_RESULT static MaybeHandle<Object> Divide(Isolate* isolate,
1329 : Handle<Object> lhs,
1330 : Handle<Object> rhs);
1331 : MUST_USE_RESULT static MaybeHandle<Object> Modulus(Isolate* isolate,
1332 : Handle<Object> lhs,
1333 : Handle<Object> rhs);
1334 :
1335 : // ES6 section 12.7 Additive Operators
1336 : MUST_USE_RESULT static MaybeHandle<Object> Add(Isolate* isolate,
1337 : Handle<Object> lhs,
1338 : Handle<Object> rhs);
1339 : MUST_USE_RESULT static MaybeHandle<Object> Subtract(Isolate* isolate,
1340 : Handle<Object> lhs,
1341 : Handle<Object> rhs);
1342 :
1343 : // ES6 section 12.8 Bitwise Shift Operators
1344 : MUST_USE_RESULT static MaybeHandle<Object> ShiftLeft(Isolate* isolate,
1345 : Handle<Object> lhs,
1346 : Handle<Object> rhs);
1347 : MUST_USE_RESULT static MaybeHandle<Object> ShiftRight(Isolate* isolate,
1348 : Handle<Object> lhs,
1349 : Handle<Object> rhs);
1350 : MUST_USE_RESULT static MaybeHandle<Object> ShiftRightLogical(
1351 : Isolate* isolate, Handle<Object> lhs, Handle<Object> rhs);
1352 :
1353 : // ES6 section 12.9 Relational Operators
1354 : MUST_USE_RESULT static inline Maybe<bool> GreaterThan(Handle<Object> x,
1355 : Handle<Object> y);
1356 : MUST_USE_RESULT static inline Maybe<bool> GreaterThanOrEqual(
1357 : Handle<Object> x, Handle<Object> y);
1358 : MUST_USE_RESULT static inline Maybe<bool> LessThan(Handle<Object> x,
1359 : Handle<Object> y);
1360 : MUST_USE_RESULT static inline Maybe<bool> LessThanOrEqual(Handle<Object> x,
1361 : Handle<Object> y);
1362 :
1363 : // ES6 section 12.11 Binary Bitwise Operators
1364 : MUST_USE_RESULT static MaybeHandle<Object> BitwiseAnd(Isolate* isolate,
1365 : Handle<Object> lhs,
1366 : Handle<Object> rhs);
1367 : MUST_USE_RESULT static MaybeHandle<Object> BitwiseOr(Isolate* isolate,
1368 : Handle<Object> lhs,
1369 : Handle<Object> rhs);
1370 : MUST_USE_RESULT static MaybeHandle<Object> BitwiseXor(Isolate* isolate,
1371 : Handle<Object> lhs,
1372 : Handle<Object> rhs);
1373 :
1374 : // ES6 section 7.3.19 OrdinaryHasInstance (C, O).
1375 : MUST_USE_RESULT static MaybeHandle<Object> OrdinaryHasInstance(
1376 : Isolate* isolate, Handle<Object> callable, Handle<Object> object);
1377 :
1378 : // ES6 section 12.10.4 Runtime Semantics: InstanceofOperator(O, C)
1379 : MUST_USE_RESULT static MaybeHandle<Object> InstanceOf(
1380 : Isolate* isolate, Handle<Object> object, Handle<Object> callable);
1381 :
1382 : V8_EXPORT_PRIVATE MUST_USE_RESULT static MaybeHandle<Object> GetProperty(
1383 : LookupIterator* it);
1384 :
1385 : // ES6 [[Set]] (when passed DONT_THROW)
1386 : // Invariants for this and related functions (unless stated otherwise):
1387 : // 1) When the result is Nothing, an exception is pending.
1388 : // 2) When passed THROW_ON_ERROR, the result is never Just(false).
1389 : // In some cases, an exception is thrown regardless of the ShouldThrow
1390 : // argument. These cases are either in accordance with the spec or not
1391 : // covered by it (eg., concerning API callbacks).
1392 : MUST_USE_RESULT static Maybe<bool> SetProperty(LookupIterator* it,
1393 : Handle<Object> value,
1394 : LanguageMode language_mode,
1395 : StoreFromKeyed store_mode);
1396 : MUST_USE_RESULT static MaybeHandle<Object> SetProperty(
1397 : Handle<Object> object, Handle<Name> name, Handle<Object> value,
1398 : LanguageMode language_mode,
1399 : StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
1400 : MUST_USE_RESULT static inline MaybeHandle<Object> SetPropertyOrElement(
1401 : Handle<Object> object, Handle<Name> name, Handle<Object> value,
1402 : LanguageMode language_mode,
1403 : StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
1404 :
1405 : MUST_USE_RESULT static Maybe<bool> SetSuperProperty(
1406 : LookupIterator* it, Handle<Object> value, LanguageMode language_mode,
1407 : StoreFromKeyed store_mode);
1408 :
1409 : MUST_USE_RESULT static Maybe<bool> CannotCreateProperty(
1410 : Isolate* isolate, Handle<Object> receiver, Handle<Object> name,
1411 : Handle<Object> value, ShouldThrow should_throw);
1412 : MUST_USE_RESULT static Maybe<bool> WriteToReadOnlyProperty(
1413 : LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
1414 : MUST_USE_RESULT static Maybe<bool> WriteToReadOnlyProperty(
1415 : Isolate* isolate, Handle<Object> receiver, Handle<Object> name,
1416 : Handle<Object> value, ShouldThrow should_throw);
1417 : MUST_USE_RESULT static Maybe<bool> RedefineIncompatibleProperty(
1418 : Isolate* isolate, Handle<Object> name, Handle<Object> value,
1419 : ShouldThrow should_throw);
1420 : MUST_USE_RESULT static Maybe<bool> SetDataProperty(LookupIterator* it,
1421 : Handle<Object> value);
1422 : MUST_USE_RESULT static Maybe<bool> AddDataProperty(
1423 : LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
1424 : ShouldThrow should_throw, StoreFromKeyed store_mode);
1425 : MUST_USE_RESULT static inline MaybeHandle<Object> GetPropertyOrElement(
1426 : Handle<Object> object, Handle<Name> name);
1427 : MUST_USE_RESULT static inline MaybeHandle<Object> GetPropertyOrElement(
1428 : Handle<Object> receiver, Handle<Name> name, Handle<JSReceiver> holder);
1429 : MUST_USE_RESULT static inline MaybeHandle<Object> GetProperty(
1430 : Handle<Object> object, Handle<Name> name);
1431 :
1432 : MUST_USE_RESULT static MaybeHandle<Object> GetPropertyWithAccessor(
1433 : LookupIterator* it);
1434 : MUST_USE_RESULT static Maybe<bool> SetPropertyWithAccessor(
1435 : LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
1436 :
1437 : MUST_USE_RESULT static MaybeHandle<Object> GetPropertyWithDefinedGetter(
1438 : Handle<Object> receiver,
1439 : Handle<JSReceiver> getter);
1440 : MUST_USE_RESULT static Maybe<bool> SetPropertyWithDefinedSetter(
1441 : Handle<Object> receiver, Handle<JSReceiver> setter, Handle<Object> value,
1442 : ShouldThrow should_throw);
1443 :
1444 : MUST_USE_RESULT static inline MaybeHandle<Object> GetElement(
1445 : Isolate* isolate, Handle<Object> object, uint32_t index);
1446 :
1447 : MUST_USE_RESULT static inline MaybeHandle<Object> SetElement(
1448 : Isolate* isolate, Handle<Object> object, uint32_t index,
1449 : Handle<Object> value, LanguageMode language_mode);
1450 :
1451 : // Returns the permanent hash code associated with this object. May return
1452 : // undefined if not yet created.
1453 : Object* GetHash();
1454 :
1455 : // Returns the permanent hash code associated with this object depending on
1456 : // the actual object type. May create and store a hash code if needed and none
1457 : // exists.
1458 : Smi* GetOrCreateHash(Isolate* isolate);
1459 : static Smi* GetOrCreateHash(Isolate* isolate, Object* key);
1460 :
1461 : // Checks whether this object has the same value as the given one. This
1462 : // function is implemented according to ES5, section 9.12 and can be used
1463 : // to implement the Harmony "egal" function.
1464 : V8_EXPORT_PRIVATE bool SameValue(Object* other);
1465 :
1466 : // Checks whether this object has the same value as the given one.
1467 : // +0 and -0 are treated equal. Everything else is the same as SameValue.
1468 : // This function is implemented according to ES6, section 7.2.4 and is used
1469 : // by ES6 Map and Set.
1470 : bool SameValueZero(Object* other);
1471 :
1472 : // ES6 section 9.4.2.3 ArraySpeciesCreate (part of it)
1473 : MUST_USE_RESULT static MaybeHandle<Object> ArraySpeciesConstructor(
1474 : Isolate* isolate, Handle<Object> original_array);
1475 :
1476 : // ES6 section 7.3.20 SpeciesConstructor ( O, defaultConstructor )
1477 : MUST_USE_RESULT static MaybeHandle<Object> SpeciesConstructor(
1478 : Isolate* isolate, Handle<JSReceiver> recv,
1479 : Handle<JSFunction> default_ctor);
1480 :
1481 : // Tries to convert an object to an array length. Returns true and sets the
1482 : // output parameter if it succeeds.
1483 : inline bool ToArrayLength(uint32_t* index) const;
1484 :
1485 : // Tries to convert an object to an array index. Returns true and sets the
1486 : // output parameter if it succeeds. Equivalent to ToArrayLength, but does not
1487 : // allow kMaxUInt32.
1488 : inline bool ToArrayIndex(uint32_t* index) const;
1489 :
1490 : // Returns true if the result of iterating over the object is the same
1491 : // (including observable effects) as simply accessing the properties between 0
1492 : // and length.
1493 : bool IterationHasObservableEffects();
1494 :
1495 : DECL_VERIFIER(Object)
1496 : #ifdef VERIFY_HEAP
1497 : // Verify a pointer is a valid object pointer.
1498 : static void VerifyPointer(Object* p);
1499 : #endif
1500 :
1501 : inline void VerifyApiCallResultType();
1502 :
1503 : // Prints this object without details.
1504 : void ShortPrint(FILE* out = stdout);
1505 :
1506 : // Prints this object without details to a message accumulator.
1507 : void ShortPrint(StringStream* accumulator);
1508 :
1509 : void ShortPrint(std::ostream& os); // NOLINT
1510 :
1511 : DECL_CAST(Object)
1512 :
1513 : // Layout description.
1514 : static const int kHeaderSize = 0; // Object does not take up any space.
1515 :
1516 : #ifdef OBJECT_PRINT
1517 : // For our gdb macros, we should perhaps change these in the future.
1518 : void Print();
1519 :
1520 : // Prints this object with details.
1521 : void Print(std::ostream& os); // NOLINT
1522 : #else
1523 24 : void Print() { ShortPrint(); }
1524 : void Print(std::ostream& os) { ShortPrint(os); } // NOLINT
1525 : #endif
1526 :
1527 : private:
1528 : friend class LookupIterator;
1529 : friend class StringStream;
1530 :
1531 : // Return the map of the root of object's prototype chain.
1532 : Map* GetPrototypeChainRootMap(Isolate* isolate) const;
1533 :
1534 : // Helper for SetProperty and SetSuperProperty.
1535 : // Return value is only meaningful if [found] is set to true on return.
1536 : MUST_USE_RESULT static Maybe<bool> SetPropertyInternal(
1537 : LookupIterator* it, Handle<Object> value, LanguageMode language_mode,
1538 : StoreFromKeyed store_mode, bool* found);
1539 :
1540 : MUST_USE_RESULT static MaybeHandle<Name> ConvertToName(Isolate* isolate,
1541 : Handle<Object> input);
1542 : MUST_USE_RESULT static MaybeHandle<Object> ConvertToPropertyKey(
1543 : Isolate* isolate, Handle<Object> value);
1544 : MUST_USE_RESULT static MaybeHandle<String> ConvertToString(
1545 : Isolate* isolate, Handle<Object> input);
1546 : MUST_USE_RESULT static MaybeHandle<Object> ConvertToNumberOrNumeric(
1547 : Isolate* isolate, Handle<Object> input, Conversion mode);
1548 : MUST_USE_RESULT static MaybeHandle<Object> ConvertToInteger(
1549 : Isolate* isolate, Handle<Object> input);
1550 : MUST_USE_RESULT static MaybeHandle<Object> ConvertToInt32(
1551 : Isolate* isolate, Handle<Object> input);
1552 : MUST_USE_RESULT static MaybeHandle<Object> ConvertToUint32(
1553 : Isolate* isolate, Handle<Object> input);
1554 : MUST_USE_RESULT static MaybeHandle<Object> ConvertToLength(
1555 : Isolate* isolate, Handle<Object> input);
1556 : MUST_USE_RESULT static MaybeHandle<Object> ConvertToIndex(
1557 : Isolate* isolate, Handle<Object> input,
1558 : MessageTemplate::Template error_index);
1559 :
1560 : DISALLOW_IMPLICIT_CONSTRUCTORS(Object);
1561 : };
1562 :
1563 :
1564 : // In objects.h to be usable without objects-inl.h inclusion.
1565 17305314356 : bool Object::IsSmi() const { return HAS_SMI_TAG(this); }
1566 : bool Object::IsHeapObject() const {
1567 : DCHECK_EQ(!IsSmi(), Internals::HasHeapObjectTag(this));
1568 35162630 : return !IsSmi();
1569 : }
1570 :
1571 : struct Brief {
1572 1125 : explicit Brief(const Object* const v) : value(v) {}
1573 : const Object* value;
1574 : };
1575 :
1576 : V8_EXPORT_PRIVATE std::ostream& operator<<(std::ostream& os, const Brief& v);
1577 :
1578 : // Smi represents integer Numbers that can be stored in 31 bits.
1579 : // Smis are immediate which means they are NOT allocated in the heap.
1580 : // The this pointer has the following format: [31 bit signed int] 0
1581 : // For long smis it has the following format:
1582 : // [32 bit signed int] [31 bits zero padding] 0
1583 : // Smi stands for small integer.
1584 : class Smi: public Object {
1585 : public:
1586 : // Returns the integer value.
1587 19850954 : inline int value() const { return Internals::SmiValue(this); }
1588 : inline Smi* ToUint32Smi() {
1589 473567 : if (value() <= 0) return Smi::kZero;
1590 : return Smi::FromInt(static_cast<uint32_t>(value()));
1591 : }
1592 :
1593 : // Convert a Smi object to an int.
1594 : static inline int ToInt(const Object* object);
1595 :
1596 : // Convert a value to a Smi object.
1597 38757909 : static inline Smi* FromInt(int value) {
1598 : DCHECK(Smi::IsValid(value));
1599 38757909 : return reinterpret_cast<Smi*>(Internals::IntToSmi(value));
1600 : }
1601 :
1602 : static inline Smi* FromIntptr(intptr_t value) {
1603 : DCHECK(Smi::IsValid(value));
1604 : int smi_shift_bits = kSmiTagSize + kSmiShiftSize;
1605 263515 : return reinterpret_cast<Smi*>((value << smi_shift_bits) | kSmiTag);
1606 : }
1607 :
1608 : template <typename E,
1609 : typename = typename std::enable_if<std::is_enum<E>::value>::type>
1610 : static inline Smi* FromEnum(E value) {
1611 : STATIC_ASSERT(sizeof(E) <= sizeof(int));
1612 642477 : return FromInt(static_cast<int>(value));
1613 : }
1614 :
1615 : // Returns whether value can be represented in a Smi.
1616 6 : static inline bool IsValid(intptr_t value) {
1617 : bool result = Internals::IsValidSmi(value);
1618 : DCHECK_EQ(result, value >= kMinValue && value <= kMaxValue);
1619 6 : return result;
1620 : }
1621 :
1622 : DECL_CAST(Smi)
1623 :
1624 : // Dispatched behavior.
1625 : V8_EXPORT_PRIVATE void SmiPrint(std::ostream& os) const; // NOLINT
1626 : DECL_VERIFIER(Smi)
1627 :
1628 : static constexpr Smi* const kZero = nullptr;
1629 : static const int kMinValue =
1630 : (static_cast<unsigned int>(-1)) << (kSmiValueSize - 1);
1631 : static const int kMaxValue = -(kMinValue + 1);
1632 :
1633 : private:
1634 : DISALLOW_IMPLICIT_CONSTRUCTORS(Smi);
1635 : };
1636 :
1637 :
1638 : // Heap objects typically have a map pointer in their first word. However,
1639 : // during GC other data (e.g. mark bits, forwarding addresses) is sometimes
1640 : // encoded in the first word. The class MapWord is an abstraction of the
1641 : // value in a heap object's first word.
1642 : class MapWord BASE_EMBEDDED {
1643 : public:
1644 : // Normal state: the map word contains a map pointer.
1645 :
1646 : // Create a map word from a map pointer.
1647 : static inline MapWord FromMap(const Map* map);
1648 :
1649 : // View this map word as a map pointer.
1650 : inline Map* ToMap() const;
1651 :
1652 : // Scavenge collection: the map word of live objects in the from space
1653 : // contains a forwarding address (a heap object pointer in the to space).
1654 :
1655 : // True if this map word is a forwarding address for a scavenge
1656 : // collection. Only valid during a scavenge collection (specifically,
1657 : // when all map words are heap object pointers, i.e. not during a full GC).
1658 : inline bool IsForwardingAddress() const;
1659 :
1660 : // Create a map word from a forwarding address.
1661 : static inline MapWord FromForwardingAddress(HeapObject* object);
1662 :
1663 : // View this map word as a forwarding address.
1664 : inline HeapObject* ToForwardingAddress();
1665 :
1666 : static inline MapWord FromRawValue(uintptr_t value) {
1667 : return MapWord(value);
1668 : }
1669 :
1670 : inline uintptr_t ToRawValue() {
1671 : return value_;
1672 : }
1673 :
1674 : private:
1675 : // HeapObject calls the private constructor and directly reads the value.
1676 : friend class HeapObject;
1677 :
1678 : explicit MapWord(uintptr_t value) : value_(value) {}
1679 :
1680 : uintptr_t value_;
1681 : };
1682 :
1683 :
1684 : // HeapObject is the superclass for all classes describing heap allocated
1685 : // objects.
1686 : class HeapObject: public Object {
1687 : public:
1688 : // [map]: Contains a map which contains the object's reflective
1689 : // information.
1690 : inline Map* map() const;
1691 : inline void set_map(Map* value);
1692 :
1693 : inline HeapObject** map_slot();
1694 :
1695 : // The no-write-barrier version. This is OK if the object is white and in
1696 : // new space, or if the value is an immortal immutable object, like the maps
1697 : // of primitive (non-JS) objects like strings, heap numbers etc.
1698 : inline void set_map_no_write_barrier(Map* value);
1699 :
1700 : // Get the map using acquire load.
1701 : inline Map* synchronized_map() const;
1702 : inline MapWord synchronized_map_word() const;
1703 :
1704 : // Set the map using release store
1705 : inline void synchronized_set_map(Map* value);
1706 : inline void synchronized_set_map_word(MapWord map_word);
1707 :
1708 : // Initialize the map immediately after the object is allocated.
1709 : // Do not use this outside Heap.
1710 : inline void set_map_after_allocation(
1711 : Map* value, WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
1712 :
1713 : // During garbage collection, the map word of a heap object does not
1714 : // necessarily contain a map pointer.
1715 : inline MapWord map_word() const;
1716 : inline void set_map_word(MapWord map_word);
1717 :
1718 : // The Heap the object was allocated in. Used also to access Isolate.
1719 : inline Heap* GetHeap() const;
1720 :
1721 : // Convenience method to get current isolate.
1722 : inline Isolate* GetIsolate() const;
1723 :
1724 : #define IS_TYPE_FUNCTION_DECL(Type) INLINE(bool Is##Type() const);
1725 : HEAP_OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
1726 : #undef IS_TYPE_FUNCTION_DECL
1727 :
1728 : #define IS_TYPE_FUNCTION_DECL(Type, Value) \
1729 : INLINE(bool Is##Type(Isolate* isolate) const);
1730 : ODDBALL_LIST(IS_TYPE_FUNCTION_DECL)
1731 : #undef IS_TYPE_FUNCTION_DECL
1732 :
1733 : INLINE(bool IsNullOrUndefined(Isolate* isolate) const);
1734 :
1735 : #define DECL_STRUCT_PREDICATE(NAME, Name, name) INLINE(bool Is##Name() const);
1736 : STRUCT_LIST(DECL_STRUCT_PREDICATE)
1737 : #undef DECL_STRUCT_PREDICATE
1738 :
1739 : // Converts an address to a HeapObject pointer.
1740 202400395 : static inline HeapObject* FromAddress(Address address) {
1741 : DCHECK_TAG_ALIGNED(address);
1742 202400395 : return reinterpret_cast<HeapObject*>(address + kHeapObjectTag);
1743 : }
1744 :
1745 : // Returns the address of this HeapObject.
1746 5960889850 : inline Address address() const {
1747 : return reinterpret_cast<Address>(const_cast<HeapObject*>(this)) -
1748 5960889850 : kHeapObjectTag;
1749 : }
1750 :
1751 : // Iterates over pointers contained in the object (including the Map).
1752 : // If it's not performance critical iteration use the non-templatized
1753 : // version.
1754 : void Iterate(ObjectVisitor* v);
1755 :
1756 : template <typename ObjectVisitor>
1757 : inline void IterateFast(ObjectVisitor* v);
1758 :
1759 : // Iterates over all pointers contained in the object except the
1760 : // first map pointer. The object type is given in the first
1761 : // parameter. This function does not access the map pointer in the
1762 : // object, and so is safe to call while the map pointer is modified.
1763 : // If it's not performance critical iteration use the non-templatized
1764 : // version.
1765 : void IterateBody(ObjectVisitor* v);
1766 : void IterateBody(InstanceType type, int object_size, ObjectVisitor* v);
1767 :
1768 : template <typename ObjectVisitor>
1769 : inline void IterateBodyFast(ObjectVisitor* v);
1770 :
1771 : template <typename ObjectVisitor>
1772 : inline void IterateBodyFast(InstanceType type, int object_size,
1773 : ObjectVisitor* v);
1774 :
1775 : // Returns true if the object contains a tagged value at given offset.
1776 : // It is used for invalid slots filtering. If the offset points outside
1777 : // of the object or to the map word, the result is UNDEFINED (!!!).
1778 : bool IsValidSlot(int offset);
1779 :
1780 : // Returns the heap object's size in bytes
1781 : inline int Size() const;
1782 :
1783 : // Given a heap object's map pointer, returns the heap size in bytes
1784 : // Useful when the map pointer field is used for other purposes.
1785 : // GC internal.
1786 : inline int SizeFromMap(Map* map) const;
1787 :
1788 : // Returns the field at offset in obj, as a read/write Object* reference.
1789 : // Does no checking, and is safe to use during GC, while maps are invalid.
1790 : // Does not invoke write barrier, so should only be assigned to
1791 : // during marking GC.
1792 : static inline Object** RawField(HeapObject* obj, int offset);
1793 :
1794 : DECL_CAST(HeapObject)
1795 :
1796 : // Return the write barrier mode for this. Callers of this function
1797 : // must be able to present a reference to an DisallowHeapAllocation
1798 : // object as a sign that they are not going to use this function
1799 : // from code that allocates and thus invalidates the returned write
1800 : // barrier mode.
1801 : inline WriteBarrierMode GetWriteBarrierMode(
1802 : const DisallowHeapAllocation& promise);
1803 :
1804 : // Dispatched behavior.
1805 : void HeapObjectShortPrint(std::ostream& os); // NOLINT
1806 : #ifdef OBJECT_PRINT
1807 : void PrintHeader(std::ostream& os, const char* id); // NOLINT
1808 : #endif
1809 : DECL_PRINTER(HeapObject)
1810 : DECL_VERIFIER(HeapObject)
1811 : #ifdef VERIFY_HEAP
1812 : inline void VerifyObjectField(int offset);
1813 : inline void VerifySmiField(int offset);
1814 :
1815 : // Verify a pointer is a valid HeapObject pointer that points to object
1816 : // areas in the heap.
1817 : static void VerifyHeapPointer(Object* p);
1818 : #endif
1819 :
1820 : inline AllocationAlignment RequiredAlignment() const;
1821 :
1822 : // Layout description.
1823 : // First field in a heap object is map.
1824 : static const int kMapOffset = Object::kHeaderSize;
1825 : static const int kHeaderSize = kMapOffset + kPointerSize;
1826 :
1827 : STATIC_ASSERT(kMapOffset == Internals::kHeapObjectMapOffset);
1828 :
1829 : private:
1830 : DISALLOW_IMPLICIT_CONSTRUCTORS(HeapObject);
1831 : };
1832 :
1833 :
1834 : template <int start_offset, int end_offset, int size>
1835 : class FixedBodyDescriptor;
1836 :
1837 :
1838 : template <int start_offset>
1839 : class FlexibleBodyDescriptor;
1840 :
1841 :
1842 : // The HeapNumber class describes heap allocated numbers that cannot be
1843 : // represented in a Smi (small integer)
1844 : class HeapNumber: public HeapObject {
1845 : public:
1846 : // [value]: number value.
1847 : inline double value() const;
1848 : inline void set_value(double value);
1849 :
1850 : inline uint64_t value_as_bits() const;
1851 : inline void set_value_as_bits(uint64_t bits);
1852 :
1853 : DECL_CAST(HeapNumber)
1854 :
1855 : V8_EXPORT_PRIVATE void HeapNumberPrint(std::ostream& os); // NOLINT
1856 : DECL_VERIFIER(HeapNumber)
1857 :
1858 : inline int get_exponent();
1859 : inline int get_sign();
1860 :
1861 : // Layout description.
1862 : static const int kValueOffset = HeapObject::kHeaderSize;
1863 : // IEEE doubles are two 32 bit words. The first is just mantissa, the second
1864 : // is a mixture of sign, exponent and mantissa. The offsets of two 32 bit
1865 : // words within double numbers are endian dependent and they are set
1866 : // accordingly.
1867 : #if defined(V8_TARGET_LITTLE_ENDIAN)
1868 : static const int kMantissaOffset = kValueOffset;
1869 : static const int kExponentOffset = kValueOffset + 4;
1870 : #elif defined(V8_TARGET_BIG_ENDIAN)
1871 : static const int kMantissaOffset = kValueOffset + 4;
1872 : static const int kExponentOffset = kValueOffset;
1873 : #else
1874 : #error Unknown byte ordering
1875 : #endif
1876 :
1877 : static const int kSize = kValueOffset + kDoubleSize;
1878 : static const uint32_t kSignMask = 0x80000000u;
1879 : static const uint32_t kExponentMask = 0x7ff00000u;
1880 : static const uint32_t kMantissaMask = 0xfffffu;
1881 : static const int kMantissaBits = 52;
1882 : static const int kExponentBits = 11;
1883 : static const int kExponentBias = 1023;
1884 : static const int kExponentShift = 20;
1885 : static const int kInfinityOrNanExponent =
1886 : (kExponentMask >> kExponentShift) - kExponentBias;
1887 : static const int kMantissaBitsInTopWord = 20;
1888 : static const int kNonMantissaBitsInTopWord = 12;
1889 :
1890 : private:
1891 : DISALLOW_IMPLICIT_CONSTRUCTORS(HeapNumber);
1892 : };
1893 :
1894 : enum EnsureElementsMode {
1895 : DONT_ALLOW_DOUBLE_ELEMENTS,
1896 : ALLOW_COPIED_DOUBLE_ELEMENTS,
1897 : ALLOW_CONVERTED_DOUBLE_ELEMENTS
1898 : };
1899 :
1900 :
1901 : // Indicator for one component of an AccessorPair.
1902 : enum AccessorComponent {
1903 : ACCESSOR_GETTER,
1904 : ACCESSOR_SETTER
1905 : };
1906 :
1907 : enum class GetKeysConversion { kKeepNumbers, kConvertToString };
1908 :
1909 : enum class KeyCollectionMode {
1910 : kOwnOnly = static_cast<int>(v8::KeyCollectionMode::kOwnOnly),
1911 : kIncludePrototypes =
1912 : static_cast<int>(v8::KeyCollectionMode::kIncludePrototypes)
1913 : };
1914 :
1915 : enum class AllocationSiteUpdateMode { kUpdate, kCheckOnly };
1916 :
1917 : class PropertyArray : public HeapObject {
1918 : public:
1919 : // [length]: length of the array.
1920 : inline int length() const;
1921 :
1922 : // Get the length using acquire loads.
1923 : inline int synchronized_length() const;
1924 :
1925 : // This is only used on a newly allocated PropertyArray which
1926 : // doesn't have an existing hash.
1927 : inline void initialize_length(int length);
1928 :
1929 : inline void SetHash(int hash);
1930 : inline int Hash() const;
1931 :
1932 : inline Object* get(int index) const;
1933 :
1934 : inline void set(int index, Object* value);
1935 : // Setter with explicit barrier mode.
1936 : inline void set(int index, Object* value, WriteBarrierMode mode);
1937 :
1938 : // Gives access to raw memory which stores the array's data.
1939 : inline Object** data_start();
1940 :
1941 : // Garbage collection support.
1942 : static constexpr int SizeFor(int length) {
1943 21994844 : return kHeaderSize + length * kPointerSize;
1944 : }
1945 :
1946 : DECL_CAST(PropertyArray)
1947 : DECL_PRINTER(PropertyArray)
1948 : DECL_VERIFIER(PropertyArray)
1949 :
1950 : // Layout description.
1951 : static const int kLengthAndHashOffset = HeapObject::kHeaderSize;
1952 : static const int kHeaderSize = kLengthAndHashOffset + kPointerSize;
1953 :
1954 : // Garbage collection support.
1955 : typedef FlexibleBodyDescriptor<kHeaderSize> BodyDescriptor;
1956 : // No weak fields.
1957 : typedef BodyDescriptor BodyDescriptorWeak;
1958 :
1959 : static const int kLengthFieldSize = 10;
1960 : class LengthField : public BitField<int, 0, kLengthFieldSize> {};
1961 : class HashField : public BitField<int, kLengthFieldSize,
1962 : kSmiValueSize - kLengthFieldSize - 1> {};
1963 :
1964 : static const int kNoHashSentinel = 0;
1965 :
1966 : private:
1967 : DISALLOW_IMPLICIT_CONSTRUCTORS(PropertyArray);
1968 : };
1969 :
1970 : // JSReceiver includes types on which properties can be defined, i.e.,
1971 : // JSObject and JSProxy.
1972 : class JSReceiver: public HeapObject {
1973 : public:
1974 : // Returns true if there is no slow (ie, dictionary) backing store.
1975 : inline bool HasFastProperties() const;
1976 :
1977 : // Returns the properties array backing store if it
1978 : // exists. Otherwise, returns an empty_property_array when there's a
1979 : // Smi (hash code) or an empty_fixed_array for a fast properties
1980 : // map.
1981 : inline PropertyArray* property_array() const;
1982 :
1983 : // Gets slow properties for non-global objects.
1984 : inline NameDictionary* property_dictionary() const;
1985 :
1986 : void SetProperties(HeapObject* properties);
1987 :
1988 : // There are five possible values for the properties offset.
1989 : // 1) EmptyFixedArray/EmptyPropertyDictionary - This is the standard
1990 : // placeholder.
1991 : //
1992 : // 2) Smi - This is the hash code of the object.
1993 : //
1994 : // 3) PropertyArray - This is similar to a FixedArray but stores
1995 : // the hash code of the object in its length field. This is a fast
1996 : // backing store.
1997 : //
1998 : // 4) NameDictionary - This is the dictionary-mode backing store.
1999 : //
2000 : // 4) GlobalDictionary - This is the backing store for the
2001 : // GlobalObject.
2002 : //
2003 : // This is used only in the deoptimizer and heap. Please use the
2004 : // above typed getters and setters to access the properties.
2005 : DECL_ACCESSORS(raw_properties_or_hash, Object)
2006 :
2007 : inline void initialize_properties();
2008 :
2009 : // Deletes an existing named property in a normalized object.
2010 : static void DeleteNormalizedProperty(Handle<JSReceiver> object, int entry);
2011 :
2012 : DECL_CAST(JSReceiver)
2013 :
2014 : // ES6 section 7.1.1 ToPrimitive
2015 : MUST_USE_RESULT static MaybeHandle<Object> ToPrimitive(
2016 : Handle<JSReceiver> receiver,
2017 : ToPrimitiveHint hint = ToPrimitiveHint::kDefault);
2018 :
2019 : // ES6 section 7.1.1.1 OrdinaryToPrimitive
2020 : MUST_USE_RESULT static MaybeHandle<Object> OrdinaryToPrimitive(
2021 : Handle<JSReceiver> receiver, OrdinaryToPrimitiveHint hint);
2022 :
2023 : static MaybeHandle<Context> GetFunctionRealm(Handle<JSReceiver> receiver);
2024 :
2025 : // Get the first non-hidden prototype.
2026 : static inline MaybeHandle<Object> GetPrototype(Isolate* isolate,
2027 : Handle<JSReceiver> receiver);
2028 :
2029 : MUST_USE_RESULT static Maybe<bool> HasInPrototypeChain(
2030 : Isolate* isolate, Handle<JSReceiver> object, Handle<Object> proto);
2031 :
2032 : // Reads all enumerable own properties of source and adds them to
2033 : // target, using either Set or CreateDataProperty depending on the
2034 : // use_set argument. This only copies values not present in the
2035 : // maybe_excluded_properties list.
2036 : MUST_USE_RESULT static Maybe<bool> SetOrCopyDataProperties(
2037 : Isolate* isolate, Handle<JSReceiver> target, Handle<Object> source,
2038 : const ScopedVector<Handle<Object>>* excluded_properties = nullptr,
2039 : bool use_set = true);
2040 :
2041 : // Implementation of [[HasProperty]], ECMA-262 5th edition, section 8.12.6.
2042 : MUST_USE_RESULT static Maybe<bool> HasProperty(LookupIterator* it);
2043 : MUST_USE_RESULT static inline Maybe<bool> HasProperty(
2044 : Handle<JSReceiver> object, Handle<Name> name);
2045 : MUST_USE_RESULT static inline Maybe<bool> HasElement(
2046 : Handle<JSReceiver> object, uint32_t index);
2047 :
2048 : MUST_USE_RESULT static Maybe<bool> HasOwnProperty(Handle<JSReceiver> object,
2049 : Handle<Name> name);
2050 : MUST_USE_RESULT static inline Maybe<bool> HasOwnProperty(
2051 : Handle<JSReceiver> object, uint32_t index);
2052 :
2053 : MUST_USE_RESULT static inline MaybeHandle<Object> GetProperty(
2054 : Isolate* isolate, Handle<JSReceiver> receiver, const char* key);
2055 : MUST_USE_RESULT static inline MaybeHandle<Object> GetProperty(
2056 : Handle<JSReceiver> receiver, Handle<Name> name);
2057 : MUST_USE_RESULT static inline MaybeHandle<Object> GetElement(
2058 : Isolate* isolate, Handle<JSReceiver> receiver, uint32_t index);
2059 :
2060 : // Implementation of ES6 [[Delete]]
2061 : MUST_USE_RESULT static Maybe<bool> DeletePropertyOrElement(
2062 : Handle<JSReceiver> object, Handle<Name> name,
2063 : LanguageMode language_mode = LanguageMode::kSloppy);
2064 : MUST_USE_RESULT static Maybe<bool> DeleteProperty(
2065 : Handle<JSReceiver> object, Handle<Name> name,
2066 : LanguageMode language_mode = LanguageMode::kSloppy);
2067 : MUST_USE_RESULT static Maybe<bool> DeleteProperty(LookupIterator* it,
2068 : LanguageMode language_mode);
2069 : MUST_USE_RESULT static Maybe<bool> DeleteElement(
2070 : Handle<JSReceiver> object, uint32_t index,
2071 : LanguageMode language_mode = LanguageMode::kSloppy);
2072 :
2073 : MUST_USE_RESULT static Object* DefineProperty(Isolate* isolate,
2074 : Handle<Object> object,
2075 : Handle<Object> name,
2076 : Handle<Object> attributes);
2077 : MUST_USE_RESULT static MaybeHandle<Object> DefineProperties(
2078 : Isolate* isolate, Handle<Object> object, Handle<Object> properties);
2079 :
2080 : // "virtual" dispatcher to the correct [[DefineOwnProperty]] implementation.
2081 : MUST_USE_RESULT static Maybe<bool> DefineOwnProperty(
2082 : Isolate* isolate, Handle<JSReceiver> object, Handle<Object> key,
2083 : PropertyDescriptor* desc, ShouldThrow should_throw);
2084 :
2085 : // ES6 7.3.4 (when passed DONT_THROW)
2086 : MUST_USE_RESULT static Maybe<bool> CreateDataProperty(
2087 : LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
2088 :
2089 : // ES6 9.1.6.1
2090 : MUST_USE_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
2091 : Isolate* isolate, Handle<JSObject> object, Handle<Object> key,
2092 : PropertyDescriptor* desc, ShouldThrow should_throw);
2093 : MUST_USE_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
2094 : LookupIterator* it, PropertyDescriptor* desc, ShouldThrow should_throw);
2095 : // ES6 9.1.6.2
2096 : MUST_USE_RESULT static Maybe<bool> IsCompatiblePropertyDescriptor(
2097 : Isolate* isolate, bool extensible, PropertyDescriptor* desc,
2098 : PropertyDescriptor* current, Handle<Name> property_name,
2099 : ShouldThrow should_throw);
2100 : // ES6 9.1.6.3
2101 : // |it| can be NULL in cases where the ES spec passes |undefined| as the
2102 : // receiver. Exactly one of |it| and |property_name| must be provided.
2103 : MUST_USE_RESULT static Maybe<bool> ValidateAndApplyPropertyDescriptor(
2104 : Isolate* isolate, LookupIterator* it, bool extensible,
2105 : PropertyDescriptor* desc, PropertyDescriptor* current,
2106 : ShouldThrow should_throw, Handle<Name> property_name);
2107 :
2108 : V8_EXPORT_PRIVATE MUST_USE_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
2109 : Isolate* isolate, Handle<JSReceiver> object, Handle<Object> key,
2110 : PropertyDescriptor* desc);
2111 : MUST_USE_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
2112 : LookupIterator* it, PropertyDescriptor* desc);
2113 :
2114 : typedef PropertyAttributes IntegrityLevel;
2115 :
2116 : // ES6 7.3.14 (when passed DONT_THROW)
2117 : // 'level' must be SEALED or FROZEN.
2118 : MUST_USE_RESULT static Maybe<bool> SetIntegrityLevel(
2119 : Handle<JSReceiver> object, IntegrityLevel lvl, ShouldThrow should_throw);
2120 :
2121 : // ES6 7.3.15
2122 : // 'level' must be SEALED or FROZEN.
2123 : MUST_USE_RESULT static Maybe<bool> TestIntegrityLevel(
2124 : Handle<JSReceiver> object, IntegrityLevel lvl);
2125 :
2126 : // ES6 [[PreventExtensions]] (when passed DONT_THROW)
2127 : MUST_USE_RESULT static Maybe<bool> PreventExtensions(
2128 : Handle<JSReceiver> object, ShouldThrow should_throw);
2129 :
2130 : MUST_USE_RESULT static Maybe<bool> IsExtensible(Handle<JSReceiver> object);
2131 :
2132 : // Returns the class name ([[Class]] property in the specification).
2133 : V8_EXPORT_PRIVATE String* class_name();
2134 :
2135 : // Returns the constructor name (the name (possibly, inferred name) of the
2136 : // function that was used to instantiate the object).
2137 : static Handle<String> GetConstructorName(Handle<JSReceiver> receiver);
2138 :
2139 : Handle<Context> GetCreationContext();
2140 :
2141 : MUST_USE_RESULT static inline Maybe<PropertyAttributes> GetPropertyAttributes(
2142 : Handle<JSReceiver> object, Handle<Name> name);
2143 : MUST_USE_RESULT static inline Maybe<PropertyAttributes>
2144 : GetOwnPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
2145 : MUST_USE_RESULT static inline Maybe<PropertyAttributes>
2146 : GetOwnPropertyAttributes(Handle<JSReceiver> object, uint32_t index);
2147 :
2148 : MUST_USE_RESULT static inline Maybe<PropertyAttributes> GetElementAttributes(
2149 : Handle<JSReceiver> object, uint32_t index);
2150 : MUST_USE_RESULT static inline Maybe<PropertyAttributes>
2151 : GetOwnElementAttributes(Handle<JSReceiver> object, uint32_t index);
2152 :
2153 : MUST_USE_RESULT static Maybe<PropertyAttributes> GetPropertyAttributes(
2154 : LookupIterator* it);
2155 :
2156 : // Set the object's prototype (only JSReceiver and null are allowed values).
2157 : MUST_USE_RESULT static Maybe<bool> SetPrototype(Handle<JSReceiver> object,
2158 : Handle<Object> value,
2159 : bool from_javascript,
2160 : ShouldThrow should_throw);
2161 :
2162 : inline static Handle<Object> GetDataProperty(Handle<JSReceiver> object,
2163 : Handle<Name> name);
2164 : static Handle<Object> GetDataProperty(LookupIterator* it);
2165 :
2166 :
2167 : // Retrieves a permanent object identity hash code. The undefined value might
2168 : // be returned in case no hash was created yet.
2169 : inline Object* GetIdentityHash(Isolate* isolate);
2170 :
2171 : // Retrieves a permanent object identity hash code. May create and store a
2172 : // hash code if needed and none exists.
2173 : inline Smi* GetOrCreateIdentityHash(Isolate* isolate);
2174 :
2175 : // Stores the hash code. The hash passed in must be masked with
2176 : // JSReceiver::kHashMask.
2177 : void SetIdentityHash(int masked_hash);
2178 :
2179 : // ES6 [[OwnPropertyKeys]] (modulo return type)
2180 : MUST_USE_RESULT static inline MaybeHandle<FixedArray> OwnPropertyKeys(
2181 : Handle<JSReceiver> object);
2182 :
2183 : MUST_USE_RESULT static MaybeHandle<FixedArray> GetOwnValues(
2184 : Handle<JSReceiver> object, PropertyFilter filter);
2185 :
2186 : MUST_USE_RESULT static MaybeHandle<FixedArray> GetOwnEntries(
2187 : Handle<JSReceiver> object, PropertyFilter filter);
2188 :
2189 : static const int kHashMask = PropertyArray::HashField::kMask;
2190 :
2191 : // Layout description.
2192 : static const int kPropertiesOrHashOffset = HeapObject::kHeaderSize;
2193 : static const int kHeaderSize = HeapObject::kHeaderSize + kPointerSize;
2194 :
2195 : bool HasProxyInPrototype(Isolate* isolate);
2196 :
2197 : bool HasComplexElements();
2198 :
2199 : private:
2200 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSReceiver);
2201 : };
2202 :
2203 :
2204 : // The JSObject describes real heap allocated JavaScript objects with
2205 : // properties.
2206 : // Note that the map of JSObject changes during execution to enable inline
2207 : // caching.
2208 : class JSObject: public JSReceiver {
2209 : public:
2210 : static bool IsUnmodifiedApiObject(Object** o);
2211 :
2212 : static MUST_USE_RESULT MaybeHandle<JSObject> New(
2213 : Handle<JSFunction> constructor, Handle<JSReceiver> new_target,
2214 : Handle<AllocationSite> site = Handle<AllocationSite>::null());
2215 :
2216 : static MaybeHandle<Context> GetFunctionRealm(Handle<JSObject> object);
2217 :
2218 : // [elements]: The elements (properties with names that are integers).
2219 : //
2220 : // Elements can be in two general modes: fast and slow. Each mode
2221 : // corresponds to a set of object representations of elements that
2222 : // have something in common.
2223 : //
2224 : // In the fast mode elements is a FixedArray and so each element can
2225 : // be quickly accessed. This fact is used in the generated code. The
2226 : // elements array can have one of three maps in this mode:
2227 : // fixed_array_map, sloppy_arguments_elements_map or
2228 : // fixed_cow_array_map (for copy-on-write arrays). In the latter case
2229 : // the elements array may be shared by a few objects and so before
2230 : // writing to any element the array must be copied. Use
2231 : // EnsureWritableFastElements in this case.
2232 : //
2233 : // In the slow mode the elements is either a NumberDictionary, a
2234 : // FixedArray parameter map for a (sloppy) arguments object.
2235 : DECL_ACCESSORS(elements, FixedArrayBase)
2236 : inline void initialize_elements();
2237 : static inline void SetMapAndElements(Handle<JSObject> object,
2238 : Handle<Map> map,
2239 : Handle<FixedArrayBase> elements);
2240 : inline ElementsKind GetElementsKind();
2241 : ElementsAccessor* GetElementsAccessor();
2242 : // Returns true if an object has elements of PACKED_SMI_ELEMENTS or
2243 : // HOLEY_SMI_ELEMENTS ElementsKind.
2244 : inline bool HasSmiElements();
2245 : // Returns true if an object has elements of PACKED_ELEMENTS or
2246 : // HOLEY_ELEMENTS ElementsKind.
2247 : inline bool HasObjectElements();
2248 : // Returns true if an object has elements of PACKED_SMI_ELEMENTS,
2249 : // HOLEY_SMI_ELEMENTS, PACKED_ELEMENTS, or HOLEY_ELEMENTS.
2250 : inline bool HasSmiOrObjectElements();
2251 : // Returns true if an object has any of the "fast" elements kinds.
2252 : inline bool HasFastElements();
2253 : // Returns true if an object has elements of PACKED_DOUBLE_ELEMENTS or
2254 : // HOLEY_DOUBLE_ELEMENTS ElementsKind.
2255 : inline bool HasDoubleElements();
2256 : // Returns true if an object has elements of HOLEY_SMI_ELEMENTS,
2257 : // HOLEY_DOUBLE_ELEMENTS, or HOLEY_ELEMENTS ElementsKind.
2258 : inline bool HasHoleyElements();
2259 : inline bool HasSloppyArgumentsElements();
2260 : inline bool HasStringWrapperElements();
2261 : inline bool HasDictionaryElements();
2262 :
2263 : inline bool HasFixedTypedArrayElements();
2264 :
2265 : inline bool HasFixedUint8ClampedElements();
2266 : inline bool HasFixedArrayElements();
2267 : inline bool HasFixedInt8Elements();
2268 : inline bool HasFixedUint8Elements();
2269 : inline bool HasFixedInt16Elements();
2270 : inline bool HasFixedUint16Elements();
2271 : inline bool HasFixedInt32Elements();
2272 : inline bool HasFixedUint32Elements();
2273 : inline bool HasFixedFloat32Elements();
2274 : inline bool HasFixedFloat64Elements();
2275 :
2276 : inline bool HasFastArgumentsElements();
2277 : inline bool HasSlowArgumentsElements();
2278 : inline bool HasFastStringWrapperElements();
2279 : inline bool HasSlowStringWrapperElements();
2280 : bool HasEnumerableElements();
2281 :
2282 : inline SeededNumberDictionary* element_dictionary(); // Gets slow elements.
2283 :
2284 : // Requires: HasFastElements().
2285 : static void EnsureWritableFastElements(Handle<JSObject> object);
2286 :
2287 : MUST_USE_RESULT static Maybe<bool> SetPropertyWithInterceptor(
2288 : LookupIterator* it, ShouldThrow should_throw, Handle<Object> value);
2289 :
2290 : // The API currently still wants DefineOwnPropertyIgnoreAttributes to convert
2291 : // AccessorInfo objects to data fields. We allow FORCE_FIELD as an exception
2292 : // to the default behavior that calls the setter.
2293 : enum AccessorInfoHandling { FORCE_FIELD, DONT_FORCE_FIELD };
2294 :
2295 : MUST_USE_RESULT static MaybeHandle<Object> DefineOwnPropertyIgnoreAttributes(
2296 : LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
2297 : AccessorInfoHandling handling = DONT_FORCE_FIELD);
2298 :
2299 : MUST_USE_RESULT static Maybe<bool> DefineOwnPropertyIgnoreAttributes(
2300 : LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
2301 : ShouldThrow should_throw,
2302 : AccessorInfoHandling handling = DONT_FORCE_FIELD);
2303 :
2304 : MUST_USE_RESULT static MaybeHandle<Object> SetOwnPropertyIgnoreAttributes(
2305 : Handle<JSObject> object, Handle<Name> name, Handle<Object> value,
2306 : PropertyAttributes attributes);
2307 :
2308 : MUST_USE_RESULT static MaybeHandle<Object> SetOwnElementIgnoreAttributes(
2309 : Handle<JSObject> object, uint32_t index, Handle<Object> value,
2310 : PropertyAttributes attributes);
2311 :
2312 : // Equivalent to one of the above depending on whether |name| can be converted
2313 : // to an array index.
2314 : MUST_USE_RESULT static MaybeHandle<Object>
2315 : DefinePropertyOrElementIgnoreAttributes(Handle<JSObject> object,
2316 : Handle<Name> name,
2317 : Handle<Object> value,
2318 : PropertyAttributes attributes = NONE);
2319 :
2320 : // Adds or reconfigures a property to attributes NONE. It will fail when it
2321 : // cannot.
2322 : MUST_USE_RESULT static Maybe<bool> CreateDataProperty(
2323 : LookupIterator* it, Handle<Object> value,
2324 : ShouldThrow should_throw = DONT_THROW);
2325 :
2326 : static void AddProperty(Handle<JSObject> object, Handle<Name> name,
2327 : Handle<Object> value, PropertyAttributes attributes);
2328 :
2329 : MUST_USE_RESULT static Maybe<bool> AddDataElement(
2330 : Handle<JSObject> receiver, uint32_t index, Handle<Object> value,
2331 : PropertyAttributes attributes, ShouldThrow should_throw);
2332 : MUST_USE_RESULT static MaybeHandle<Object> AddDataElement(
2333 : Handle<JSObject> receiver, uint32_t index, Handle<Object> value,
2334 : PropertyAttributes attributes);
2335 :
2336 : // Extend the receiver with a single fast property appeared first in the
2337 : // passed map. This also extends the property backing store if necessary.
2338 : static void AllocateStorageForMap(Handle<JSObject> object, Handle<Map> map);
2339 :
2340 : // Migrates the given object to a map whose field representations are the
2341 : // lowest upper bound of all known representations for that field.
2342 : static void MigrateInstance(Handle<JSObject> instance);
2343 :
2344 : // Migrates the given object only if the target map is already available,
2345 : // or returns false if such a map is not yet available.
2346 : static bool TryMigrateInstance(Handle<JSObject> instance);
2347 :
2348 : // Sets the property value in a normalized object given (key, value, details).
2349 : // Handles the special representation of JS global objects.
2350 : static void SetNormalizedProperty(Handle<JSObject> object, Handle<Name> name,
2351 : Handle<Object> value,
2352 : PropertyDetails details);
2353 : static void SetDictionaryElement(Handle<JSObject> object, uint32_t index,
2354 : Handle<Object> value,
2355 : PropertyAttributes attributes);
2356 : static void SetDictionaryArgumentsElement(Handle<JSObject> object,
2357 : uint32_t index,
2358 : Handle<Object> value,
2359 : PropertyAttributes attributes);
2360 :
2361 : static void OptimizeAsPrototype(Handle<JSObject> object);
2362 : static void ReoptimizeIfPrototype(Handle<JSObject> object);
2363 : static void MakePrototypesFast(Handle<Object> receiver,
2364 : WhereToStart where_to_start, Isolate* isolate);
2365 : static void LazyRegisterPrototypeUser(Handle<Map> user, Isolate* isolate);
2366 : static void UpdatePrototypeUserRegistration(Handle<Map> old_map,
2367 : Handle<Map> new_map,
2368 : Isolate* isolate);
2369 : static bool UnregisterPrototypeUser(Handle<Map> user, Isolate* isolate);
2370 : static void InvalidatePrototypeChains(Map* map);
2371 :
2372 : // Updates prototype chain tracking information when an object changes its
2373 : // map from |old_map| to |new_map|.
2374 : static void NotifyMapChange(Handle<Map> old_map, Handle<Map> new_map,
2375 : Isolate* isolate);
2376 :
2377 : // Utility used by many Array builtins and runtime functions
2378 : static inline bool PrototypeHasNoElements(Isolate* isolate, JSObject* object);
2379 :
2380 : // Alternative implementation of WeakFixedArray::NullCallback.
2381 : class PrototypeRegistryCompactionCallback {
2382 : public:
2383 : static void Callback(Object* value, int old_index, int new_index);
2384 : };
2385 :
2386 : // Retrieve interceptors.
2387 : inline InterceptorInfo* GetNamedInterceptor();
2388 : inline InterceptorInfo* GetIndexedInterceptor();
2389 :
2390 : // Used from JSReceiver.
2391 : MUST_USE_RESULT static Maybe<PropertyAttributes>
2392 : GetPropertyAttributesWithInterceptor(LookupIterator* it);
2393 : MUST_USE_RESULT static Maybe<PropertyAttributes>
2394 : GetPropertyAttributesWithFailedAccessCheck(LookupIterator* it);
2395 :
2396 : // Defines an AccessorPair property on the given object.
2397 : // TODO(mstarzinger): Rename to SetAccessor().
2398 : static MaybeHandle<Object> DefineAccessor(Handle<JSObject> object,
2399 : Handle<Name> name,
2400 : Handle<Object> getter,
2401 : Handle<Object> setter,
2402 : PropertyAttributes attributes);
2403 : static MaybeHandle<Object> DefineAccessor(LookupIterator* it,
2404 : Handle<Object> getter,
2405 : Handle<Object> setter,
2406 : PropertyAttributes attributes);
2407 :
2408 : // Defines an AccessorInfo property on the given object.
2409 : MUST_USE_RESULT static MaybeHandle<Object> SetAccessor(
2410 : Handle<JSObject> object,
2411 : Handle<AccessorInfo> info);
2412 :
2413 : // The result must be checked first for exceptions. If there's no exception,
2414 : // the output parameter |done| indicates whether the interceptor has a result
2415 : // or not.
2416 : MUST_USE_RESULT static MaybeHandle<Object> GetPropertyWithInterceptor(
2417 : LookupIterator* it, bool* done);
2418 :
2419 : static void ValidateElements(JSObject* object);
2420 :
2421 : // Makes sure that this object can contain HeapObject as elements.
2422 : static inline void EnsureCanContainHeapObjectElements(Handle<JSObject> obj);
2423 :
2424 : // Makes sure that this object can contain the specified elements.
2425 : static inline void EnsureCanContainElements(
2426 : Handle<JSObject> object,
2427 : Object** elements,
2428 : uint32_t count,
2429 : EnsureElementsMode mode);
2430 : static inline void EnsureCanContainElements(
2431 : Handle<JSObject> object,
2432 : Handle<FixedArrayBase> elements,
2433 : uint32_t length,
2434 : EnsureElementsMode mode);
2435 : static void EnsureCanContainElements(
2436 : Handle<JSObject> object,
2437 : Arguments* arguments,
2438 : uint32_t first_arg,
2439 : uint32_t arg_count,
2440 : EnsureElementsMode mode);
2441 :
2442 : // Would we convert a fast elements array to dictionary mode given
2443 : // an access at key?
2444 : bool WouldConvertToSlowElements(uint32_t index);
2445 :
2446 : static const uint32_t kMinAddedElementsCapacity = 16;
2447 :
2448 : // Computes the new capacity when expanding the elements of a JSObject.
2449 : static uint32_t NewElementsCapacity(uint32_t old_capacity) {
2450 : // (old_capacity + 50%) + kMinAddedElementsCapacity
2451 1384575 : return old_capacity + (old_capacity >> 1) + kMinAddedElementsCapacity;
2452 : }
2453 :
2454 : // These methods do not perform access checks!
2455 : template <AllocationSiteUpdateMode update_or_check =
2456 : AllocationSiteUpdateMode::kUpdate>
2457 : static bool UpdateAllocationSite(Handle<JSObject> object,
2458 : ElementsKind to_kind);
2459 :
2460 : // Lookup interceptors are used for handling properties controlled by host
2461 : // objects.
2462 : inline bool HasNamedInterceptor();
2463 : inline bool HasIndexedInterceptor();
2464 :
2465 : // Support functions for v8 api (needed for correct interceptor behavior).
2466 : MUST_USE_RESULT static Maybe<bool> HasRealNamedProperty(
2467 : Handle<JSObject> object, Handle<Name> name);
2468 : MUST_USE_RESULT static Maybe<bool> HasRealElementProperty(
2469 : Handle<JSObject> object, uint32_t index);
2470 : MUST_USE_RESULT static Maybe<bool> HasRealNamedCallbackProperty(
2471 : Handle<JSObject> object, Handle<Name> name);
2472 :
2473 : // Get the header size for a JSObject. Used to compute the index of
2474 : // embedder fields as well as the number of embedder fields.
2475 : // The |function_has_prototype_slot| parameter is needed only for
2476 : // JSFunction objects.
2477 : static int GetHeaderSize(InstanceType instance_type,
2478 : bool function_has_prototype_slot = false);
2479 : static inline int GetHeaderSize(const Map* map);
2480 : inline int GetHeaderSize() const;
2481 :
2482 : static inline int GetEmbedderFieldCount(const Map* map);
2483 : inline int GetEmbedderFieldCount() const;
2484 : inline int GetEmbedderFieldOffset(int index);
2485 : inline Object* GetEmbedderField(int index);
2486 : inline void SetEmbedderField(int index, Object* value);
2487 : inline void SetEmbedderField(int index, Smi* value);
2488 : bool WasConstructedFromApiFunction();
2489 :
2490 : // Returns a new map with all transitions dropped from the object's current
2491 : // map and the ElementsKind set.
2492 : static Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
2493 : ElementsKind to_kind);
2494 : static void TransitionElementsKind(Handle<JSObject> object,
2495 : ElementsKind to_kind);
2496 :
2497 : // Always use this to migrate an object to a new map.
2498 : // |expected_additional_properties| is only used for fast-to-slow transitions
2499 : // and ignored otherwise.
2500 : static void MigrateToMap(Handle<JSObject> object, Handle<Map> new_map,
2501 : int expected_additional_properties = 0);
2502 :
2503 : // Forces a prototype without any of the checks that the regular SetPrototype
2504 : // would do.
2505 : static void ForceSetPrototype(Handle<JSObject> object, Handle<Object> proto);
2506 :
2507 : // Convert the object to use the canonical dictionary
2508 : // representation. If the object is expected to have additional properties
2509 : // added this number can be indicated to have the backing store allocated to
2510 : // an initial capacity for holding these properties.
2511 : static void NormalizeProperties(Handle<JSObject> object,
2512 : PropertyNormalizationMode mode,
2513 : int expected_additional_properties,
2514 : const char* reason);
2515 :
2516 : // Convert and update the elements backing store to be a
2517 : // SeededNumberDictionary dictionary. Returns the backing after conversion.
2518 : static Handle<SeededNumberDictionary> NormalizeElements(
2519 : Handle<JSObject> object);
2520 :
2521 : void RequireSlowElements(SeededNumberDictionary* dictionary);
2522 :
2523 : // Transform slow named properties to fast variants.
2524 : static void MigrateSlowToFast(Handle<JSObject> object,
2525 : int unused_property_fields, const char* reason);
2526 :
2527 : inline bool IsUnboxedDoubleField(FieldIndex index);
2528 :
2529 : // Access fast-case object properties at index.
2530 : static Handle<Object> FastPropertyAt(Handle<JSObject> object,
2531 : Representation representation,
2532 : FieldIndex index);
2533 : inline Object* RawFastPropertyAt(FieldIndex index);
2534 : inline double RawFastDoublePropertyAt(FieldIndex index);
2535 : inline uint64_t RawFastDoublePropertyAsBitsAt(FieldIndex index);
2536 :
2537 : inline void FastPropertyAtPut(FieldIndex index, Object* value);
2538 : inline void RawFastPropertyAtPut(FieldIndex index, Object* value);
2539 : inline void RawFastDoublePropertyAsBitsAtPut(FieldIndex index, uint64_t bits);
2540 : inline void WriteToField(int descriptor, PropertyDetails details,
2541 : Object* value);
2542 :
2543 : // Access to in object properties.
2544 : inline int GetInObjectPropertyOffset(int index);
2545 : inline Object* InObjectPropertyAt(int index);
2546 : inline Object* InObjectPropertyAtPut(int index,
2547 : Object* value,
2548 : WriteBarrierMode mode
2549 : = UPDATE_WRITE_BARRIER);
2550 :
2551 : // Set the object's prototype (only JSReceiver and null are allowed values).
2552 : MUST_USE_RESULT static Maybe<bool> SetPrototype(Handle<JSObject> object,
2553 : Handle<Object> value,
2554 : bool from_javascript,
2555 : ShouldThrow should_throw);
2556 :
2557 : // Makes the object prototype immutable
2558 : // Never called from JavaScript
2559 : static void SetImmutableProto(Handle<JSObject> object);
2560 :
2561 : // Initializes the body starting at |start_offset|. It is responsibility of
2562 : // the caller to initialize object header. Fill the pre-allocated fields with
2563 : // pre_allocated_value and the rest with filler_value.
2564 : // Note: this call does not update write barrier, the caller is responsible
2565 : // to ensure that |filler_value| can be collected without WB here.
2566 : inline void InitializeBody(Map* map, int start_offset,
2567 : Object* pre_allocated_value, Object* filler_value);
2568 :
2569 : // Check whether this object references another object
2570 : bool ReferencesObject(Object* obj);
2571 :
2572 : MUST_USE_RESULT static Maybe<bool> TestIntegrityLevel(Handle<JSObject> object,
2573 : IntegrityLevel lvl);
2574 :
2575 : MUST_USE_RESULT static Maybe<bool> PreventExtensions(
2576 : Handle<JSObject> object, ShouldThrow should_throw);
2577 :
2578 : static bool IsExtensible(Handle<JSObject> object);
2579 :
2580 : DECL_CAST(JSObject)
2581 :
2582 : // Dispatched behavior.
2583 : void JSObjectShortPrint(StringStream* accumulator);
2584 : DECL_PRINTER(JSObject)
2585 : DECL_VERIFIER(JSObject)
2586 : #ifdef OBJECT_PRINT
2587 : bool PrintProperties(std::ostream& os); // NOLINT
2588 : void PrintElements(std::ostream& os); // NOLINT
2589 : #endif
2590 : #if defined(DEBUG) || defined(OBJECT_PRINT)
2591 : void PrintTransitions(std::ostream& os); // NOLINT
2592 : #endif
2593 :
2594 : static void PrintElementsTransition(
2595 : FILE* file, Handle<JSObject> object,
2596 : ElementsKind from_kind, Handle<FixedArrayBase> from_elements,
2597 : ElementsKind to_kind, Handle<FixedArrayBase> to_elements);
2598 :
2599 : void PrintInstanceMigration(FILE* file, Map* original_map, Map* new_map);
2600 :
2601 : #ifdef DEBUG
2602 : // Structure for collecting spill information about JSObjects.
2603 : class SpillInformation {
2604 : public:
2605 : void Clear();
2606 : void Print();
2607 : int number_of_objects_;
2608 : int number_of_objects_with_fast_properties_;
2609 : int number_of_objects_with_fast_elements_;
2610 : int number_of_fast_used_fields_;
2611 : int number_of_fast_unused_fields_;
2612 : int number_of_slow_used_properties_;
2613 : int number_of_slow_unused_properties_;
2614 : int number_of_fast_used_elements_;
2615 : int number_of_fast_unused_elements_;
2616 : int number_of_slow_used_elements_;
2617 : int number_of_slow_unused_elements_;
2618 : };
2619 :
2620 : void IncrementSpillStatistics(SpillInformation* info);
2621 : #endif
2622 :
2623 : #ifdef VERIFY_HEAP
2624 : // If a GC was caused while constructing this object, the elements pointer
2625 : // may point to a one pointer filler map. The object won't be rooted, but
2626 : // our heap verification code could stumble across it.
2627 : bool ElementsAreSafeToExamine();
2628 : #endif
2629 :
2630 : Object* SlowReverseLookup(Object* value);
2631 :
2632 : // Maximal number of elements (numbered 0 .. kMaxElementCount - 1).
2633 : // Also maximal value of JSArray's length property.
2634 : static const uint32_t kMaxElementCount = 0xffffffffu;
2635 :
2636 : // Constants for heuristics controlling conversion of fast elements
2637 : // to slow elements.
2638 :
2639 : // Maximal gap that can be introduced by adding an element beyond
2640 : // the current elements length.
2641 : static const uint32_t kMaxGap = 1024;
2642 :
2643 : // Maximal length of fast elements array that won't be checked for
2644 : // being dense enough on expansion.
2645 : static const int kMaxUncheckedFastElementsLength = 5000;
2646 :
2647 : // Same as above but for old arrays. This limit is more strict. We
2648 : // don't want to be wasteful with long lived objects.
2649 : static const int kMaxUncheckedOldFastElementsLength = 500;
2650 :
2651 : // This constant applies only to the initial map of "global.Object" and
2652 : // not to arbitrary other JSObject maps.
2653 : static const int kInitialGlobalObjectUnusedPropertiesCount = 4;
2654 :
2655 : static const int kMaxInstanceSize = 255 * kPointerSize;
2656 :
2657 : // When extending the backing storage for property values, we increase
2658 : // its size by more than the 1 entry necessary, so sequentially adding fields
2659 : // to the same object requires fewer allocations and copies.
2660 : static const int kFieldsAdded = 3;
2661 :
2662 : // Layout description.
2663 : static const int kElementsOffset = JSReceiver::kHeaderSize;
2664 : static const int kHeaderSize = kElementsOffset + kPointerSize;
2665 :
2666 : STATIC_ASSERT(kHeaderSize == Internals::kJSObjectHeaderSize);
2667 : static const int kMaxInObjectProperties =
2668 : (kMaxInstanceSize - kHeaderSize) >> kPointerSizeLog2;
2669 :
2670 : class BodyDescriptor;
2671 : // No weak fields.
2672 : typedef BodyDescriptor BodyDescriptorWeak;
2673 :
2674 : class FastBodyDescriptor;
2675 : // No weak fields.
2676 : typedef FastBodyDescriptor FastBodyDescriptorWeak;
2677 :
2678 : // Gets the number of currently used elements.
2679 : int GetFastElementsUsage();
2680 :
2681 : static bool AllCanRead(LookupIterator* it);
2682 : static bool AllCanWrite(LookupIterator* it);
2683 :
2684 : private:
2685 : friend class JSReceiver;
2686 : friend class Object;
2687 :
2688 : // Used from Object::GetProperty().
2689 : MUST_USE_RESULT static MaybeHandle<Object> GetPropertyWithFailedAccessCheck(
2690 : LookupIterator* it);
2691 :
2692 : MUST_USE_RESULT static Maybe<bool> SetPropertyWithFailedAccessCheck(
2693 : LookupIterator* it, Handle<Object> value, ShouldThrow should_throw);
2694 :
2695 : MUST_USE_RESULT static Maybe<bool> DeletePropertyWithInterceptor(
2696 : LookupIterator* it, ShouldThrow should_throw);
2697 :
2698 : bool ReferencesObjectFromElements(FixedArray* elements,
2699 : ElementsKind kind,
2700 : Object* object);
2701 :
2702 : Object* GetIdentityHash(Isolate* isolate);
2703 :
2704 : Smi* GetOrCreateIdentityHash(Isolate* isolate);
2705 :
2706 : // Helper for fast versions of preventExtensions, seal, and freeze.
2707 : // attrs is one of NONE, SEALED, or FROZEN (depending on the operation).
2708 : template <PropertyAttributes attrs>
2709 : MUST_USE_RESULT static Maybe<bool> PreventExtensionsWithTransition(
2710 : Handle<JSObject> object, ShouldThrow should_throw);
2711 :
2712 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSObject);
2713 : };
2714 :
2715 :
2716 : // JSAccessorPropertyDescriptor is just a JSObject with a specific initial
2717 : // map. This initial map adds in-object properties for "get", "set",
2718 : // "enumerable" and "configurable" properties, as assigned by the
2719 : // FromPropertyDescriptor function for regular accessor properties.
2720 : class JSAccessorPropertyDescriptor: public JSObject {
2721 : public:
2722 : // Offsets of object fields.
2723 : static const int kGetOffset = JSObject::kHeaderSize;
2724 : static const int kSetOffset = kGetOffset + kPointerSize;
2725 : static const int kEnumerableOffset = kSetOffset + kPointerSize;
2726 : static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
2727 : static const int kSize = kConfigurableOffset + kPointerSize;
2728 : // Indices of in-object properties.
2729 : static const int kGetIndex = 0;
2730 : static const int kSetIndex = 1;
2731 : static const int kEnumerableIndex = 2;
2732 : static const int kConfigurableIndex = 3;
2733 :
2734 : private:
2735 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSAccessorPropertyDescriptor);
2736 : };
2737 :
2738 :
2739 : // JSDataPropertyDescriptor is just a JSObject with a specific initial map.
2740 : // This initial map adds in-object properties for "value", "writable",
2741 : // "enumerable" and "configurable" properties, as assigned by the
2742 : // FromPropertyDescriptor function for regular data properties.
2743 : class JSDataPropertyDescriptor: public JSObject {
2744 : public:
2745 : // Offsets of object fields.
2746 : static const int kValueOffset = JSObject::kHeaderSize;
2747 : static const int kWritableOffset = kValueOffset + kPointerSize;
2748 : static const int kEnumerableOffset = kWritableOffset + kPointerSize;
2749 : static const int kConfigurableOffset = kEnumerableOffset + kPointerSize;
2750 : static const int kSize = kConfigurableOffset + kPointerSize;
2751 : // Indices of in-object properties.
2752 : static const int kValueIndex = 0;
2753 : static const int kWritableIndex = 1;
2754 : static const int kEnumerableIndex = 2;
2755 : static const int kConfigurableIndex = 3;
2756 :
2757 : private:
2758 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSDataPropertyDescriptor);
2759 : };
2760 :
2761 :
2762 : // JSIteratorResult is just a JSObject with a specific initial map.
2763 : // This initial map adds in-object properties for "done" and "value",
2764 : // as specified by ES6 section 25.1.1.3 The IteratorResult Interface
2765 : class JSIteratorResult: public JSObject {
2766 : public:
2767 : DECL_ACCESSORS(value, Object)
2768 :
2769 : DECL_ACCESSORS(done, Object)
2770 :
2771 : // Offsets of object fields.
2772 : static const int kValueOffset = JSObject::kHeaderSize;
2773 : static const int kDoneOffset = kValueOffset + kPointerSize;
2774 : static const int kSize = kDoneOffset + kPointerSize;
2775 : // Indices of in-object properties.
2776 : static const int kValueIndex = 0;
2777 : static const int kDoneIndex = 1;
2778 :
2779 : private:
2780 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSIteratorResult);
2781 : };
2782 :
2783 :
2784 : // Common superclass for FixedArrays that allow implementations to share
2785 : // common accessors and some code paths.
2786 : class FixedArrayBase: public HeapObject {
2787 : public:
2788 : // [length]: length of the array.
2789 : inline int length() const;
2790 : inline void set_length(int value);
2791 :
2792 : // Get and set the length using acquire loads and release stores.
2793 : inline int synchronized_length() const;
2794 : inline void synchronized_set_length(int value);
2795 :
2796 : DECL_CAST(FixedArrayBase)
2797 :
2798 : static int GetMaxLengthForNewSpaceAllocation(ElementsKind kind);
2799 :
2800 : bool IsCowArray() const;
2801 :
2802 : // Layout description.
2803 : // Length is smi tagged when it is stored.
2804 : static const int kLengthOffset = HeapObject::kHeaderSize;
2805 : static const int kHeaderSize = kLengthOffset + kPointerSize;
2806 : };
2807 :
2808 :
2809 : class FixedDoubleArray;
2810 : class IncrementalMarking;
2811 :
2812 :
2813 : // FixedArray describes fixed-sized arrays with element type Object*.
2814 : class FixedArray: public FixedArrayBase {
2815 : public:
2816 : // Setter and getter for elements.
2817 : inline Object* get(int index) const;
2818 : static inline Handle<Object> get(FixedArray* array, int index,
2819 : Isolate* isolate);
2820 : template <class T>
2821 : MaybeHandle<T> GetValue(Isolate* isolate, int index) const;
2822 :
2823 : template <class T>
2824 : Handle<T> GetValueChecked(Isolate* isolate, int index) const;
2825 :
2826 : // Return a grown copy if the index is bigger than the array's length.
2827 : static Handle<FixedArray> SetAndGrow(Handle<FixedArray> array, int index,
2828 : Handle<Object> value);
2829 :
2830 : // Setter that uses write barrier.
2831 : inline void set(int index, Object* value);
2832 : inline bool is_the_hole(Isolate* isolate, int index);
2833 :
2834 : // Setter that doesn't need write barrier.
2835 : inline void set(int index, Smi* value);
2836 : // Setter with explicit barrier mode.
2837 : inline void set(int index, Object* value, WriteBarrierMode mode);
2838 :
2839 : // Setters for frequently used oddballs located in old space.
2840 : inline void set_undefined(int index);
2841 : inline void set_undefined(Isolate* isolate, int index);
2842 : inline void set_null(int index);
2843 : inline void set_null(Isolate* isolate, int index);
2844 : inline void set_the_hole(int index);
2845 : inline void set_the_hole(Isolate* isolate, int index);
2846 :
2847 : inline Object** GetFirstElementAddress();
2848 : inline bool ContainsOnlySmisOrHoles();
2849 :
2850 : // Gives access to raw memory which stores the array's data.
2851 : inline Object** data_start();
2852 :
2853 : inline void FillWithHoles(int from, int to);
2854 :
2855 : // Shrink length and insert filler objects.
2856 : void Shrink(int length);
2857 :
2858 : // Copy a sub array from the receiver to dest.
2859 : void CopyTo(int pos, FixedArray* dest, int dest_pos, int len) const;
2860 :
2861 : // Garbage collection support.
2862 : static constexpr int SizeFor(int length) {
2863 291084584 : return kHeaderSize + length * kPointerSize;
2864 : }
2865 :
2866 : // Code Generation support.
2867 : static constexpr int OffsetOfElementAt(int index) { return SizeFor(index); }
2868 :
2869 : // Garbage collection support.
2870 : inline Object** RawFieldOfElementAt(int index);
2871 :
2872 : DECL_CAST(FixedArray)
2873 :
2874 : // Maximal allowed size, in bytes, of a single FixedArray.
2875 : // Prevents overflowing size computations, as well as extreme memory
2876 : // consumption.
2877 : static const int kMaxSize = 128 * MB * kPointerSize;
2878 : // Maximally allowed length of a FixedArray.
2879 : static const int kMaxLength = (kMaxSize - kHeaderSize) / kPointerSize;
2880 : // Maximally allowed length for regular (non large object space) object.
2881 : STATIC_ASSERT(kMaxRegularHeapObjectSize < kMaxSize);
2882 : static const int kMaxRegularLength =
2883 : (kMaxRegularHeapObjectSize - kHeaderSize) / kPointerSize;
2884 :
2885 : // Dispatched behavior.
2886 : DECL_PRINTER(FixedArray)
2887 : DECL_VERIFIER(FixedArray)
2888 : #ifdef DEBUG
2889 : // Checks if two FixedArrays have identical contents.
2890 : bool IsEqualTo(FixedArray* other);
2891 : #endif
2892 :
2893 : typedef FlexibleBodyDescriptor<kHeaderSize> BodyDescriptor;
2894 : // No weak fields.
2895 : typedef BodyDescriptor BodyDescriptorWeak;
2896 :
2897 : protected:
2898 : // Set operation on FixedArray without using write barriers. Can
2899 : // only be used for storing old space objects or smis.
2900 : static inline void NoWriteBarrierSet(FixedArray* array,
2901 : int index,
2902 : Object* value);
2903 :
2904 : private:
2905 : STATIC_ASSERT(kHeaderSize == Internals::kFixedArrayHeaderSize);
2906 :
2907 : DISALLOW_IMPLICIT_CONSTRUCTORS(FixedArray);
2908 : };
2909 :
2910 : // FixedDoubleArray describes fixed-sized arrays with element type double.
2911 : class FixedDoubleArray: public FixedArrayBase {
2912 : public:
2913 : // Setter and getter for elements.
2914 : inline double get_scalar(int index);
2915 : inline uint64_t get_representation(int index);
2916 : static inline Handle<Object> get(FixedDoubleArray* array, int index,
2917 : Isolate* isolate);
2918 : inline void set(int index, double value);
2919 : inline void set_the_hole(Isolate* isolate, int index);
2920 : inline void set_the_hole(int index);
2921 :
2922 : // Checking for the hole.
2923 : inline bool is_the_hole(Isolate* isolate, int index);
2924 : inline bool is_the_hole(int index);
2925 :
2926 : // Garbage collection support.
2927 : inline static int SizeFor(int length) {
2928 1356186 : return kHeaderSize + length * kDoubleSize;
2929 : }
2930 :
2931 : // Gives access to raw memory which stores the array's data.
2932 : inline double* data_start();
2933 :
2934 : inline void FillWithHoles(int from, int to);
2935 :
2936 : // Code Generation support.
2937 : static int OffsetOfElementAt(int index) { return SizeFor(index); }
2938 :
2939 : DECL_CAST(FixedDoubleArray)
2940 :
2941 : // Maximal allowed size, in bytes, of a single FixedDoubleArray.
2942 : // Prevents overflowing size computations, as well as extreme memory
2943 : // consumption.
2944 : static const int kMaxSize = 512 * MB;
2945 : // Maximally allowed length of a FixedArray.
2946 : static const int kMaxLength = (kMaxSize - kHeaderSize) / kDoubleSize;
2947 :
2948 : // Dispatched behavior.
2949 : DECL_PRINTER(FixedDoubleArray)
2950 : DECL_VERIFIER(FixedDoubleArray)
2951 :
2952 : class BodyDescriptor;
2953 : // No weak fields.
2954 : typedef BodyDescriptor BodyDescriptorWeak;
2955 :
2956 : private:
2957 : DISALLOW_IMPLICIT_CONSTRUCTORS(FixedDoubleArray);
2958 : };
2959 :
2960 : class WeakFixedArray : public FixedArray {
2961 : public:
2962 : // If |maybe_array| is not a WeakFixedArray, a fresh one will be allocated.
2963 : // This function does not check if the value exists already, callers must
2964 : // ensure this themselves if necessary.
2965 : static Handle<WeakFixedArray> Add(Handle<Object> maybe_array,
2966 : Handle<HeapObject> value,
2967 : int* assigned_index = nullptr);
2968 :
2969 : // Returns true if an entry was found and removed.
2970 : bool Remove(Handle<HeapObject> value);
2971 :
2972 : class NullCallback {
2973 : public:
2974 : static void Callback(Object* value, int old_index, int new_index) {}
2975 : };
2976 :
2977 : template <class CompactionCallback>
2978 : void Compact();
2979 :
2980 : inline Object* Get(int index) const;
2981 : inline void Clear(int index);
2982 : inline int Length() const;
2983 :
2984 : inline bool IsEmptySlot(int index) const;
2985 : static Object* Empty() { return Smi::kZero; }
2986 :
2987 : class Iterator {
2988 : public:
2989 916247 : explicit Iterator(Object* maybe_array) : list_(nullptr) {
2990 916247 : Reset(maybe_array);
2991 : }
2992 : void Reset(Object* maybe_array);
2993 :
2994 : template <class T>
2995 : inline T* Next();
2996 :
2997 : private:
2998 : int index_;
2999 : WeakFixedArray* list_;
3000 : #ifdef DEBUG
3001 : int last_used_index_;
3002 : DisallowHeapAllocation no_gc_;
3003 : #endif // DEBUG
3004 : DISALLOW_COPY_AND_ASSIGN(Iterator);
3005 : };
3006 :
3007 : DECL_CAST(WeakFixedArray)
3008 :
3009 : private:
3010 : static const int kLastUsedIndexIndex = 0;
3011 : static const int kFirstIndex = 1;
3012 :
3013 : static Handle<WeakFixedArray> Allocate(
3014 : Isolate* isolate, int size, Handle<WeakFixedArray> initialize_from);
3015 :
3016 : static void Set(Handle<WeakFixedArray> array, int index,
3017 : Handle<HeapObject> value);
3018 : inline void clear(int index);
3019 :
3020 : inline int last_used_index() const;
3021 : inline void set_last_used_index(int index);
3022 :
3023 : // Disallow inherited setters.
3024 : void set(int index, Smi* value);
3025 : void set(int index, Object* value);
3026 : void set(int index, Object* value, WriteBarrierMode mode);
3027 : DISALLOW_IMPLICIT_CONSTRUCTORS(WeakFixedArray);
3028 : };
3029 :
3030 : // Generic array grows dynamically with O(1) amortized insertion.
3031 : //
3032 : // ArrayList is a FixedArray with static convenience methods for adding more
3033 : // elements. The Length() method returns the number of elements in the list, not
3034 : // the allocated size. The number of elements is stored at kLengthIndex and is
3035 : // updated with every insertion. The elements of the ArrayList are stored in the
3036 : // underlying FixedArray starting at kFirstIndex.
3037 : class ArrayList : public FixedArray {
3038 : public:
3039 : enum AddMode {
3040 : kNone,
3041 : // Use this if GC can delete elements from the array.
3042 : kReloadLengthAfterAllocation,
3043 : };
3044 : static Handle<ArrayList> Add(Handle<ArrayList> array, Handle<Object> obj,
3045 : AddMode mode = kNone);
3046 : static Handle<ArrayList> Add(Handle<ArrayList> array, Handle<Object> obj1,
3047 : Handle<Object> obj2, AddMode = kNone);
3048 : static Handle<ArrayList> New(Isolate* isolate, int size);
3049 :
3050 : // Returns the number of elements in the list, not the allocated size, which
3051 : // is length(). Lower and upper case length() return different results!
3052 : inline int Length() const;
3053 :
3054 : // Sets the Length() as used by Elements(). Does not change the underlying
3055 : // storage capacity, i.e., length().
3056 : inline void SetLength(int length);
3057 : inline Object* Get(int index) const;
3058 : inline Object** Slot(int index);
3059 :
3060 : // Set the element at index to obj. The underlying array must be large enough.
3061 : // If you need to grow the ArrayList, use the static Add() methods instead.
3062 : inline void Set(int index, Object* obj,
3063 : WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
3064 :
3065 : // Set the element at index to undefined. This does not change the Length().
3066 : inline void Clear(int index, Object* undefined);
3067 :
3068 : // Return a copy of the list of size Length() without the first entry. The
3069 : // number returned by Length() is stored in the first entry.
3070 : static Handle<FixedArray> Elements(Handle<ArrayList> array);
3071 : bool IsFull();
3072 : DECL_CAST(ArrayList)
3073 :
3074 : private:
3075 : static Handle<ArrayList> EnsureSpace(Handle<ArrayList> array, int length);
3076 : static const int kLengthIndex = 0;
3077 : static const int kFirstIndex = 1;
3078 : DISALLOW_IMPLICIT_CONSTRUCTORS(ArrayList);
3079 : };
3080 :
3081 : enum SearchMode { ALL_ENTRIES, VALID_ENTRIES };
3082 :
3083 : template <SearchMode search_mode, typename T>
3084 : inline int Search(T* array, Name* name, int valid_entries = 0,
3085 : int* out_insertion_index = nullptr);
3086 :
3087 : // ByteArray represents fixed sized byte arrays. Used for the relocation info
3088 : // that is attached to code objects.
3089 : class ByteArray: public FixedArrayBase {
3090 : public:
3091 : inline int Size();
3092 :
3093 : // Setter and getter.
3094 : inline byte get(int index) const;
3095 : inline void set(int index, byte value);
3096 :
3097 : // Copy in / copy out whole byte slices.
3098 : inline void copy_out(int index, byte* buffer, int length);
3099 : inline void copy_in(int index, const byte* buffer, int length);
3100 :
3101 : // Treat contents as an int array.
3102 : inline int get_int(int index) const;
3103 : inline void set_int(int index, int value);
3104 :
3105 : inline uint32_t get_uint32(int index) const;
3106 : inline void set_uint32(int index, uint32_t value);
3107 :
3108 : // Clear uninitialized padding space. This ensures that the snapshot content
3109 : // is deterministic.
3110 : inline void clear_padding();
3111 :
3112 : static int SizeFor(int length) {
3113 307887863 : return OBJECT_POINTER_ALIGN(kHeaderSize + length);
3114 : }
3115 : // We use byte arrays for free blocks in the heap. Given a desired size in
3116 : // bytes that is a multiple of the word size and big enough to hold a byte
3117 : // array, this function returns the number of elements a byte array should
3118 : // have.
3119 : static int LengthFor(int size_in_bytes) {
3120 : DCHECK(IsAligned(size_in_bytes, kPointerSize));
3121 : DCHECK_GE(size_in_bytes, kHeaderSize);
3122 : return size_in_bytes - kHeaderSize;
3123 : }
3124 :
3125 : // Returns data start address.
3126 : inline Address GetDataStartAddress();
3127 :
3128 : inline int DataSize() const;
3129 :
3130 : // Returns a pointer to the ByteArray object for a given data start address.
3131 : static inline ByteArray* FromDataStartAddress(Address address);
3132 :
3133 : DECL_CAST(ByteArray)
3134 :
3135 : // Dispatched behavior.
3136 : inline int ByteArraySize();
3137 : DECL_PRINTER(ByteArray)
3138 : DECL_VERIFIER(ByteArray)
3139 :
3140 : // Layout description.
3141 : static const int kAlignedSize = OBJECT_POINTER_ALIGN(kHeaderSize);
3142 :
3143 : // Maximal memory consumption for a single ByteArray.
3144 : static const int kMaxSize = 512 * MB;
3145 : // Maximal length of a single ByteArray.
3146 : static const int kMaxLength = kMaxSize - kHeaderSize;
3147 :
3148 : class BodyDescriptor;
3149 : // No weak fields.
3150 : typedef BodyDescriptor BodyDescriptorWeak;
3151 :
3152 : private:
3153 : DISALLOW_IMPLICIT_CONSTRUCTORS(ByteArray);
3154 : };
3155 :
3156 : // Wrapper class for ByteArray which can store arbitrary C++ classes, as long
3157 : // as they can be copied with memcpy.
3158 : template <class T>
3159 : class PodArray : public ByteArray {
3160 : public:
3161 : static Handle<PodArray<T>> New(Isolate* isolate, int length,
3162 : PretenureFlag pretenure = NOT_TENURED);
3163 : void copy_out(int index, T* result) {
3164 : ByteArray::copy_out(index * sizeof(T), reinterpret_cast<byte*>(result),
3165 36 : sizeof(T));
3166 : }
3167 : T get(int index) {
3168 : T result;
3169 : copy_out(index, &result);
3170 : return result;
3171 : }
3172 : void set(int index, const T& value) {
3173 61185 : copy_in(index * sizeof(T), reinterpret_cast<const byte*>(&value),
3174 : sizeof(T));
3175 : }
3176 0 : int length() { return ByteArray::length() / sizeof(T); }
3177 : DECL_CAST(PodArray<T>)
3178 :
3179 : private:
3180 : DISALLOW_IMPLICIT_CONSTRUCTORS(PodArray<T>);
3181 : };
3182 :
3183 : // FreeSpace are fixed-size free memory blocks used by the heap and GC.
3184 : // They look like heap objects (are heap object tagged and have a map) so that
3185 : // the heap remains iterable. They have a size and a next pointer.
3186 : // The next pointer is the raw address of the next FreeSpace object (or NULL)
3187 : // in the free list.
3188 : class FreeSpace: public HeapObject {
3189 : public:
3190 : // [size]: size of the free space including the header.
3191 : inline int size() const;
3192 : inline void set_size(int value);
3193 :
3194 : inline int relaxed_read_size() const;
3195 : inline void relaxed_write_size(int value);
3196 :
3197 : inline int Size();
3198 :
3199 : // Accessors for the next field.
3200 : inline FreeSpace* next();
3201 : inline void set_next(FreeSpace* next);
3202 :
3203 : inline static FreeSpace* cast(HeapObject* obj);
3204 :
3205 : // Dispatched behavior.
3206 : DECL_PRINTER(FreeSpace)
3207 : DECL_VERIFIER(FreeSpace)
3208 :
3209 : // Layout description.
3210 : // Size is smi tagged when it is stored.
3211 : static const int kSizeOffset = HeapObject::kHeaderSize;
3212 : static const int kNextOffset = POINTER_SIZE_ALIGN(kSizeOffset + kPointerSize);
3213 : static const int kSize = kNextOffset + kPointerSize;
3214 :
3215 : private:
3216 : DISALLOW_IMPLICIT_CONSTRUCTORS(FreeSpace);
3217 : };
3218 :
3219 :
3220 : // V has parameters (Type, type, TYPE, C type, element_size)
3221 : #define TYPED_ARRAYS(V) \
3222 : V(Uint8, uint8, UINT8, uint8_t, 1) \
3223 : V(Int8, int8, INT8, int8_t, 1) \
3224 : V(Uint16, uint16, UINT16, uint16_t, 2) \
3225 : V(Int16, int16, INT16, int16_t, 2) \
3226 : V(Uint32, uint32, UINT32, uint32_t, 4) \
3227 : V(Int32, int32, INT32, int32_t, 4) \
3228 : V(Float32, float32, FLOAT32, float, 4) \
3229 : V(Float64, float64, FLOAT64, double, 8) \
3230 : V(Uint8Clamped, uint8_clamped, UINT8_CLAMPED, uint8_t, 1)
3231 :
3232 :
3233 : class FixedTypedArrayBase: public FixedArrayBase {
3234 : public:
3235 : // [base_pointer]: Either points to the FixedTypedArrayBase itself or nullptr.
3236 : DECL_ACCESSORS(base_pointer, Object)
3237 :
3238 : // [external_pointer]: Contains the offset between base_pointer and the start
3239 : // of the data. If the base_pointer is a nullptr, the external_pointer
3240 : // therefore points to the actual backing store.
3241 : DECL_ACCESSORS(external_pointer, void)
3242 :
3243 : // Dispatched behavior.
3244 : DECL_CAST(FixedTypedArrayBase)
3245 :
3246 : static const int kBasePointerOffset = FixedArrayBase::kHeaderSize;
3247 : static const int kExternalPointerOffset = kBasePointerOffset + kPointerSize;
3248 : static const int kHeaderSize =
3249 : DOUBLE_POINTER_ALIGN(kExternalPointerOffset + kPointerSize);
3250 :
3251 : static const int kDataOffset = kHeaderSize;
3252 :
3253 : static const int kMaxElementSize = 8;
3254 :
3255 : #ifdef V8_HOST_ARCH_32_BIT
3256 : static const size_t kMaxByteLength = std::numeric_limits<size_t>::max();
3257 : #else
3258 : static const size_t kMaxByteLength =
3259 : static_cast<size_t>(Smi::kMaxValue) * kMaxElementSize;
3260 : #endif // V8_HOST_ARCH_32_BIT
3261 :
3262 : static const size_t kMaxLength = Smi::kMaxValue;
3263 :
3264 : class BodyDescriptor;
3265 : // No weak fields.
3266 : typedef BodyDescriptor BodyDescriptorWeak;
3267 :
3268 : inline int size() const;
3269 :
3270 : static inline int TypedArraySize(InstanceType type, int length);
3271 : inline int TypedArraySize(InstanceType type) const;
3272 :
3273 : // Use with care: returns raw pointer into heap.
3274 : inline void* DataPtr();
3275 :
3276 : inline int DataSize() const;
3277 :
3278 : inline size_t ByteLength() const;
3279 :
3280 : private:
3281 : static inline int ElementSize(InstanceType type);
3282 :
3283 : inline int DataSize(InstanceType type) const;
3284 :
3285 : DISALLOW_IMPLICIT_CONSTRUCTORS(FixedTypedArrayBase);
3286 : };
3287 :
3288 :
3289 : template <class Traits>
3290 : class FixedTypedArray: public FixedTypedArrayBase {
3291 : public:
3292 : typedef typename Traits::ElementType ElementType;
3293 : static const InstanceType kInstanceType = Traits::kInstanceType;
3294 :
3295 : DECL_CAST(FixedTypedArray<Traits>)
3296 :
3297 : inline ElementType get_scalar(int index);
3298 : static inline Handle<Object> get(FixedTypedArray* array, int index);
3299 : inline void set(int index, ElementType value);
3300 :
3301 : static inline ElementType from(int value);
3302 : static inline ElementType from(uint32_t value);
3303 : static inline ElementType from(double value);
3304 :
3305 : // This accessor applies the correct conversion from Smi, HeapNumber
3306 : // and undefined.
3307 : inline void SetValue(uint32_t index, Object* value);
3308 :
3309 : DECL_PRINTER(FixedTypedArray)
3310 : DECL_VERIFIER(FixedTypedArray)
3311 :
3312 : private:
3313 : DISALLOW_IMPLICIT_CONSTRUCTORS(FixedTypedArray);
3314 : };
3315 :
3316 : #define FIXED_TYPED_ARRAY_TRAITS(Type, type, TYPE, elementType, size) \
3317 : STATIC_ASSERT(size <= FixedTypedArrayBase::kMaxElementSize); \
3318 : class Type##ArrayTraits { \
3319 : public: /* NOLINT */ \
3320 : typedef elementType ElementType; \
3321 : static const InstanceType kInstanceType = FIXED_##TYPE##_ARRAY_TYPE; \
3322 : static const char* Designator() { return #type " array"; } \
3323 : static inline Handle<Object> ToHandle(Isolate* isolate, \
3324 : elementType scalar); \
3325 : static inline elementType defaultValue(); \
3326 : }; \
3327 : \
3328 : typedef FixedTypedArray<Type##ArrayTraits> Fixed##Type##Array;
3329 :
3330 : TYPED_ARRAYS(FIXED_TYPED_ARRAY_TRAITS)
3331 :
3332 : #undef FIXED_TYPED_ARRAY_TRAITS
3333 :
3334 : class TemplateList : public FixedArray {
3335 : public:
3336 : static Handle<TemplateList> New(Isolate* isolate, int size);
3337 : inline int length() const;
3338 : inline Object* get(int index) const;
3339 : inline void set(int index, Object* value);
3340 : static Handle<TemplateList> Add(Isolate* isolate, Handle<TemplateList> list,
3341 : Handle<Object> value);
3342 : DECL_CAST(TemplateList)
3343 : private:
3344 : static const int kLengthIndex = 0;
3345 : static const int kFirstElementIndex = kLengthIndex + 1;
3346 : DISALLOW_IMPLICIT_CONSTRUCTORS(TemplateList);
3347 : };
3348 :
3349 : class PrototypeInfo;
3350 :
3351 : // An abstract superclass, a marker class really, for simple structure classes.
3352 : // It doesn't carry much functionality but allows struct classes to be
3353 : // identified in the type system.
3354 : class Struct: public HeapObject {
3355 : public:
3356 : inline void InitializeBody(int object_size);
3357 : DECL_CAST(Struct)
3358 : void BriefPrintDetails(std::ostream& os);
3359 : };
3360 :
3361 : class PromiseCapability : public Struct {
3362 : public:
3363 : DECL_CAST(PromiseCapability)
3364 : DECL_PRINTER(PromiseCapability)
3365 : DECL_VERIFIER(PromiseCapability)
3366 :
3367 : DECL_ACCESSORS(promise, Object)
3368 : DECL_ACCESSORS(resolve, Object)
3369 : DECL_ACCESSORS(reject, Object)
3370 :
3371 : static const int kPromiseOffset = Struct::kHeaderSize;
3372 : static const int kResolveOffset = kPromiseOffset + kPointerSize;
3373 : static const int kRejectOffset = kResolveOffset + kPointerSize;
3374 : static const int kSize = kRejectOffset + kPointerSize;
3375 :
3376 : private:
3377 : DISALLOW_IMPLICIT_CONSTRUCTORS(PromiseCapability);
3378 : };
3379 :
3380 : // A container struct to hold state required for PromiseResolveThenableJob.
3381 : class PromiseResolveThenableJobInfo : public Struct {
3382 : public:
3383 : DECL_ACCESSORS(thenable, JSReceiver)
3384 : DECL_ACCESSORS(then, JSReceiver)
3385 : DECL_ACCESSORS(resolve, JSFunction)
3386 : DECL_ACCESSORS(reject, JSFunction)
3387 :
3388 : DECL_ACCESSORS(context, Context)
3389 :
3390 : static const int kThenableOffset = Struct::kHeaderSize;
3391 : static const int kThenOffset = kThenableOffset + kPointerSize;
3392 : static const int kResolveOffset = kThenOffset + kPointerSize;
3393 : static const int kRejectOffset = kResolveOffset + kPointerSize;
3394 : static const int kContextOffset = kRejectOffset + kPointerSize;
3395 : static const int kSize = kContextOffset + kPointerSize;
3396 :
3397 : DECL_CAST(PromiseResolveThenableJobInfo)
3398 : DECL_PRINTER(PromiseResolveThenableJobInfo)
3399 : DECL_VERIFIER(PromiseResolveThenableJobInfo)
3400 :
3401 : private:
3402 : DISALLOW_IMPLICIT_CONSTRUCTORS(PromiseResolveThenableJobInfo);
3403 : };
3404 :
3405 : class JSPromise;
3406 :
3407 : // Struct to hold state required for PromiseReactionJob.
3408 : class PromiseReactionJobInfo : public Struct {
3409 : public:
3410 : DECL_ACCESSORS(value, Object)
3411 : DECL_ACCESSORS(tasks, Object)
3412 :
3413 : // Check comment in JSPromise for information on what state these
3414 : // deferred fields could be in.
3415 : DECL_ACCESSORS(deferred_promise, Object)
3416 : DECL_ACCESSORS(deferred_on_resolve, Object)
3417 : DECL_ACCESSORS(deferred_on_reject, Object)
3418 :
3419 : DECL_INT_ACCESSORS(debug_id)
3420 :
3421 : DECL_ACCESSORS(context, Context)
3422 :
3423 : static const int kValueOffset = Struct::kHeaderSize;
3424 : static const int kTasksOffset = kValueOffset + kPointerSize;
3425 : static const int kDeferredPromiseOffset = kTasksOffset + kPointerSize;
3426 : static const int kDeferredOnResolveOffset =
3427 : kDeferredPromiseOffset + kPointerSize;
3428 : static const int kDeferredOnRejectOffset =
3429 : kDeferredOnResolveOffset + kPointerSize;
3430 : static const int kContextOffset = kDeferredOnRejectOffset + kPointerSize;
3431 : static const int kSize = kContextOffset + kPointerSize;
3432 :
3433 : DECL_CAST(PromiseReactionJobInfo)
3434 : DECL_PRINTER(PromiseReactionJobInfo)
3435 : DECL_VERIFIER(PromiseReactionJobInfo)
3436 :
3437 : private:
3438 : DISALLOW_IMPLICIT_CONSTRUCTORS(PromiseReactionJobInfo);
3439 : };
3440 :
3441 : class AsyncGeneratorRequest : public Struct {
3442 : public:
3443 : // Holds an AsyncGeneratorRequest, or Undefined.
3444 : DECL_ACCESSORS(next, Object)
3445 : DECL_INT_ACCESSORS(resume_mode)
3446 : DECL_ACCESSORS(value, Object)
3447 : DECL_ACCESSORS(promise, Object)
3448 :
3449 : static const int kNextOffset = Struct::kHeaderSize;
3450 : static const int kResumeModeOffset = kNextOffset + kPointerSize;
3451 : static const int kValueOffset = kResumeModeOffset + kPointerSize;
3452 : static const int kPromiseOffset = kValueOffset + kPointerSize;
3453 : static const int kSize = kPromiseOffset + kPointerSize;
3454 :
3455 : DECL_CAST(AsyncGeneratorRequest)
3456 : DECL_PRINTER(AsyncGeneratorRequest)
3457 : DECL_VERIFIER(AsyncGeneratorRequest)
3458 :
3459 : private:
3460 : DISALLOW_IMPLICIT_CONSTRUCTORS(AsyncGeneratorRequest);
3461 : };
3462 :
3463 : // Container for metadata stored on each prototype map.
3464 : class PrototypeInfo : public Struct {
3465 : public:
3466 : static const int UNREGISTERED = -1;
3467 :
3468 : // [weak_cell]: A WeakCell containing this prototype. ICs cache the cell here.
3469 : DECL_ACCESSORS(weak_cell, Object)
3470 :
3471 : // [prototype_users]: WeakFixedArray containing maps using this prototype,
3472 : // or Smi(0) if uninitialized.
3473 : DECL_ACCESSORS(prototype_users, Object)
3474 :
3475 : // [object_create_map]: A field caching the map for Object.create(prototype).
3476 : static inline void SetObjectCreateMap(Handle<PrototypeInfo> info,
3477 : Handle<Map> map);
3478 : inline Map* ObjectCreateMap();
3479 : inline bool HasObjectCreateMap();
3480 :
3481 : // [registry_slot]: Slot in prototype's user registry where this user
3482 : // is stored. Returns UNREGISTERED if this prototype has not been registered.
3483 : inline int registry_slot() const;
3484 : inline void set_registry_slot(int slot);
3485 : // [validity_cell]: Cell containing the validity bit for prototype chains
3486 : // going through this object, or Smi(0) if uninitialized.
3487 : // When a prototype object changes its map, then both its own validity cell
3488 : // and those of all "downstream" prototypes are invalidated; handlers for a
3489 : // given receiver embed the currently valid cell for that receiver's prototype
3490 : // during their compilation and check it on execution.
3491 : DECL_ACCESSORS(validity_cell, Object)
3492 : // [bit_field]
3493 : inline int bit_field() const;
3494 : inline void set_bit_field(int bit_field);
3495 :
3496 : DECL_BOOLEAN_ACCESSORS(should_be_fast_map)
3497 :
3498 : DECL_CAST(PrototypeInfo)
3499 :
3500 : // Dispatched behavior.
3501 : DECL_PRINTER(PrototypeInfo)
3502 : DECL_VERIFIER(PrototypeInfo)
3503 :
3504 : static const int kWeakCellOffset = HeapObject::kHeaderSize;
3505 : static const int kPrototypeUsersOffset = kWeakCellOffset + kPointerSize;
3506 : static const int kRegistrySlotOffset = kPrototypeUsersOffset + kPointerSize;
3507 : static const int kValidityCellOffset = kRegistrySlotOffset + kPointerSize;
3508 : static const int kObjectCreateMap = kValidityCellOffset + kPointerSize;
3509 : static const int kBitFieldOffset = kObjectCreateMap + kPointerSize;
3510 : static const int kSize = kBitFieldOffset + kPointerSize;
3511 :
3512 : // Bit field usage.
3513 : static const int kShouldBeFastBit = 0;
3514 :
3515 : private:
3516 : DECL_ACCESSORS(object_create_map, Object)
3517 :
3518 : DISALLOW_IMPLICIT_CONSTRUCTORS(PrototypeInfo);
3519 : };
3520 :
3521 : class Tuple2 : public Struct {
3522 : public:
3523 : DECL_ACCESSORS(value1, Object)
3524 : DECL_ACCESSORS(value2, Object)
3525 :
3526 : DECL_CAST(Tuple2)
3527 :
3528 : // Dispatched behavior.
3529 : DECL_PRINTER(Tuple2)
3530 : DECL_VERIFIER(Tuple2)
3531 : void BriefPrintDetails(std::ostream& os);
3532 :
3533 : static const int kValue1Offset = HeapObject::kHeaderSize;
3534 : static const int kValue2Offset = kValue1Offset + kPointerSize;
3535 : static const int kSize = kValue2Offset + kPointerSize;
3536 :
3537 : private:
3538 : DISALLOW_IMPLICIT_CONSTRUCTORS(Tuple2);
3539 : };
3540 :
3541 : class Tuple3 : public Tuple2 {
3542 : public:
3543 : DECL_ACCESSORS(value3, Object)
3544 :
3545 : DECL_CAST(Tuple3)
3546 :
3547 : // Dispatched behavior.
3548 : DECL_PRINTER(Tuple3)
3549 : DECL_VERIFIER(Tuple3)
3550 : void BriefPrintDetails(std::ostream& os);
3551 :
3552 : static const int kValue3Offset = Tuple2::kSize;
3553 : static const int kSize = kValue3Offset + kPointerSize;
3554 :
3555 : private:
3556 : DISALLOW_IMPLICIT_CONSTRUCTORS(Tuple3);
3557 : };
3558 :
3559 : // Pair used to store both a ScopeInfo and an extension object in the extension
3560 : // slot of a block, catch, or with context. Needed in the rare case where a
3561 : // declaration block scope (a "varblock" as used to desugar parameter
3562 : // destructuring) also contains a sloppy direct eval, or for with and catch
3563 : // scopes. (In no other case both are needed at the same time.)
3564 : class ContextExtension : public Struct {
3565 : public:
3566 : // [scope_info]: Scope info.
3567 : DECL_ACCESSORS(scope_info, ScopeInfo)
3568 : // [extension]: Extension object.
3569 : DECL_ACCESSORS(extension, Object)
3570 :
3571 : DECL_CAST(ContextExtension)
3572 :
3573 : // Dispatched behavior.
3574 : DECL_PRINTER(ContextExtension)
3575 : DECL_VERIFIER(ContextExtension)
3576 :
3577 : static const int kScopeInfoOffset = HeapObject::kHeaderSize;
3578 : static const int kExtensionOffset = kScopeInfoOffset + kPointerSize;
3579 : static const int kSize = kExtensionOffset + kPointerSize;
3580 :
3581 : private:
3582 : DISALLOW_IMPLICIT_CONSTRUCTORS(ContextExtension);
3583 : };
3584 :
3585 : // List of builtin functions we want to identify to improve code
3586 : // generation.
3587 : //
3588 : // Each entry has a name of a global object property holding an object
3589 : // optionally followed by ".prototype", a name of a builtin function
3590 : // on the object (the one the id is set for), and a label.
3591 : //
3592 : // Installation of ids for the selected builtin functions is handled
3593 : // by the bootstrapper.
3594 : #define FUNCTIONS_WITH_ID_LIST(V) \
3595 : V(Array, isArray, ArrayIsArray) \
3596 : V(Array.prototype, concat, ArrayConcat) \
3597 : V(Array.prototype, every, ArrayEvery) \
3598 : V(Array.prototype, fill, ArrayFill) \
3599 : V(Array.prototype, filter, ArrayFilter) \
3600 : V(Array.prototype, findIndex, ArrayFindIndex) \
3601 : V(Array.prototype, forEach, ArrayForEach) \
3602 : V(Array.prototype, includes, ArrayIncludes) \
3603 : V(Array.prototype, indexOf, ArrayIndexOf) \
3604 : V(Array.prototype, join, ArrayJoin) \
3605 : V(Array.prototype, lastIndexOf, ArrayLastIndexOf) \
3606 : V(Array.prototype, map, ArrayMap) \
3607 : V(Array.prototype, pop, ArrayPop) \
3608 : V(Array.prototype, push, ArrayPush) \
3609 : V(Array.prototype, reverse, ArrayReverse) \
3610 : V(Array.prototype, shift, ArrayShift) \
3611 : V(Array.prototype, slice, ArraySlice) \
3612 : V(Array.prototype, some, ArraySome) \
3613 : V(Array.prototype, splice, ArraySplice) \
3614 : V(Array.prototype, unshift, ArrayUnshift) \
3615 : V(Date, now, DateNow) \
3616 : V(Date.prototype, getDate, DateGetDate) \
3617 : V(Date.prototype, getDay, DateGetDay) \
3618 : V(Date.prototype, getFullYear, DateGetFullYear) \
3619 : V(Date.prototype, getHours, DateGetHours) \
3620 : V(Date.prototype, getMilliseconds, DateGetMilliseconds) \
3621 : V(Date.prototype, getMinutes, DateGetMinutes) \
3622 : V(Date.prototype, getMonth, DateGetMonth) \
3623 : V(Date.prototype, getSeconds, DateGetSeconds) \
3624 : V(Date.prototype, getTime, DateGetTime) \
3625 : V(Function.prototype, apply, FunctionApply) \
3626 : V(Function.prototype, bind, FunctionBind) \
3627 : V(Function.prototype, call, FunctionCall) \
3628 : V(Object, assign, ObjectAssign) \
3629 : V(Object, create, ObjectCreate) \
3630 : V(Object, is, ObjectIs) \
3631 : V(Object.prototype, hasOwnProperty, ObjectHasOwnProperty) \
3632 : V(Object.prototype, isPrototypeOf, ObjectIsPrototypeOf) \
3633 : V(Object.prototype, toString, ObjectToString) \
3634 : V(RegExp.prototype, compile, RegExpCompile) \
3635 : V(RegExp.prototype, exec, RegExpExec) \
3636 : V(RegExp.prototype, test, RegExpTest) \
3637 : V(RegExp.prototype, toString, RegExpToString) \
3638 : V(String.prototype, charCodeAt, StringCharCodeAt) \
3639 : V(String.prototype, charAt, StringCharAt) \
3640 : V(String.prototype, codePointAt, StringCodePointAt) \
3641 : V(String.prototype, concat, StringConcat) \
3642 : V(String.prototype, endsWith, StringEndsWith) \
3643 : V(String.prototype, includes, StringIncludes) \
3644 : V(String.prototype, indexOf, StringIndexOf) \
3645 : V(String.prototype, lastIndexOf, StringLastIndexOf) \
3646 : V(String.prototype, repeat, StringRepeat) \
3647 : V(String.prototype, slice, StringSlice) \
3648 : V(String.prototype, startsWith, StringStartsWith) \
3649 : V(String.prototype, substr, StringSubstr) \
3650 : V(String.prototype, substring, StringSubstring) \
3651 : V(String.prototype, toLowerCase, StringToLowerCase) \
3652 : V(String.prototype, toString, StringToString) \
3653 : V(String.prototype, toUpperCase, StringToUpperCase) \
3654 : V(String.prototype, trim, StringTrim) \
3655 : V(String.prototype, trimLeft, StringTrimLeft) \
3656 : V(String.prototype, trimRight, StringTrimRight) \
3657 : V(String.prototype, valueOf, StringValueOf) \
3658 : V(String, fromCharCode, StringFromCharCode) \
3659 : V(String, fromCodePoint, StringFromCodePoint) \
3660 : V(String, raw, StringRaw) \
3661 : V(Math, random, MathRandom) \
3662 : V(Math, floor, MathFloor) \
3663 : V(Math, round, MathRound) \
3664 : V(Math, ceil, MathCeil) \
3665 : V(Math, abs, MathAbs) \
3666 : V(Math, log, MathLog) \
3667 : V(Math, log1p, MathLog1p) \
3668 : V(Math, log2, MathLog2) \
3669 : V(Math, log10, MathLog10) \
3670 : V(Math, cbrt, MathCbrt) \
3671 : V(Math, exp, MathExp) \
3672 : V(Math, expm1, MathExpm1) \
3673 : V(Math, sqrt, MathSqrt) \
3674 : V(Math, pow, MathPow) \
3675 : V(Math, max, MathMax) \
3676 : V(Math, min, MathMin) \
3677 : V(Math, cos, MathCos) \
3678 : V(Math, cosh, MathCosh) \
3679 : V(Math, sign, MathSign) \
3680 : V(Math, sin, MathSin) \
3681 : V(Math, sinh, MathSinh) \
3682 : V(Math, tan, MathTan) \
3683 : V(Math, tanh, MathTanh) \
3684 : V(Math, acos, MathAcos) \
3685 : V(Math, acosh, MathAcosh) \
3686 : V(Math, asin, MathAsin) \
3687 : V(Math, asinh, MathAsinh) \
3688 : V(Math, atan, MathAtan) \
3689 : V(Math, atan2, MathAtan2) \
3690 : V(Math, atanh, MathAtanh) \
3691 : V(Math, imul, MathImul) \
3692 : V(Math, clz32, MathClz32) \
3693 : V(Math, fround, MathFround) \
3694 : V(Math, trunc, MathTrunc) \
3695 : V(Number, isFinite, NumberIsFinite) \
3696 : V(Number, isInteger, NumberIsInteger) \
3697 : V(Number, isNaN, NumberIsNaN) \
3698 : V(Number, isSafeInteger, NumberIsSafeInteger) \
3699 : V(Number, parseFloat, NumberParseFloat) \
3700 : V(Number, parseInt, NumberParseInt) \
3701 : V(Number.prototype, toString, NumberToString) \
3702 : V(Map.prototype, clear, MapClear) \
3703 : V(Map.prototype, delete, MapDelete) \
3704 : V(Map.prototype, entries, MapEntries) \
3705 : V(Map.prototype, forEach, MapForEach) \
3706 : V(Map.prototype, has, MapHas) \
3707 : V(Map.prototype, keys, MapKeys) \
3708 : V(Map.prototype, get, MapGet) \
3709 : V(Map.prototype, set, MapSet) \
3710 : V(Map.prototype, values, MapValues) \
3711 : V(Set.prototype, add, SetAdd) \
3712 : V(Set.prototype, clear, SetClear) \
3713 : V(Set.prototype, delete, SetDelete) \
3714 : V(Set.prototype, entries, SetEntries) \
3715 : V(Set.prototype, forEach, SetForEach) \
3716 : V(Set.prototype, has, SetHas) \
3717 : V(Set.prototype, values, SetValues) \
3718 : V(WeakMap.prototype, delete, WeakMapDelete) \
3719 : V(WeakMap.prototype, has, WeakMapHas) \
3720 : V(WeakMap.prototype, set, WeakMapSet) \
3721 : V(WeakSet.prototype, add, WeakSetAdd) \
3722 : V(WeakSet.prototype, delete, WeakSetDelete) \
3723 : V(WeakSet.prototype, has, WeakSetHas)
3724 :
3725 : #define ATOMIC_FUNCTIONS_WITH_ID_LIST(V) \
3726 : V(Atomics, load, AtomicsLoad) \
3727 : V(Atomics, store, AtomicsStore) \
3728 : V(Atomics, exchange, AtomicsExchange) \
3729 : V(Atomics, compareExchange, AtomicsCompareExchange) \
3730 : V(Atomics, add, AtomicsAdd) \
3731 : V(Atomics, sub, AtomicsSub) \
3732 : V(Atomics, and, AtomicsAnd) \
3733 : V(Atomics, or, AtomicsOr) \
3734 : V(Atomics, xor, AtomicsXor)
3735 :
3736 : enum BuiltinFunctionId {
3737 : kInvalidBuiltinFunctionId = -1,
3738 : kArrayConstructor,
3739 : #define DECL_FUNCTION_ID(ignored1, ignore2, name) k##name,
3740 : FUNCTIONS_WITH_ID_LIST(DECL_FUNCTION_ID)
3741 : ATOMIC_FUNCTIONS_WITH_ID_LIST(DECL_FUNCTION_ID)
3742 : #undef DECL_FUNCTION_ID
3743 : // Fake id for a special case of Math.pow. Note, it continues the
3744 : // list of math functions.
3745 : kMathPowHalf,
3746 : // These are manually assigned to special getters during bootstrapping.
3747 : kArrayBufferByteLength,
3748 : kArrayBufferIsView,
3749 : kArrayEntries,
3750 : kArrayKeys,
3751 : kArrayValues,
3752 : kArrayIteratorNext,
3753 : kMapSize,
3754 : kSetSize,
3755 : kMapIteratorNext,
3756 : kSetIteratorNext,
3757 : kDataViewBuffer,
3758 : kDataViewByteLength,
3759 : kDataViewByteOffset,
3760 : kFunctionHasInstance,
3761 : kGlobalDecodeURI,
3762 : kGlobalDecodeURIComponent,
3763 : kGlobalEncodeURI,
3764 : kGlobalEncodeURIComponent,
3765 : kGlobalEscape,
3766 : kGlobalUnescape,
3767 : kGlobalIsFinite,
3768 : kGlobalIsNaN,
3769 : kTypedArrayByteLength,
3770 : kTypedArrayByteOffset,
3771 : kTypedArrayEntries,
3772 : kTypedArrayKeys,
3773 : kTypedArrayLength,
3774 : kTypedArrayToStringTag,
3775 : kTypedArrayValues,
3776 : kSharedArrayBufferByteLength,
3777 : kStringIterator,
3778 : kStringIteratorNext,
3779 : kStringToLowerCaseIntl,
3780 : kStringToUpperCaseIntl
3781 : };
3782 :
3783 : class JSGeneratorObject: public JSObject {
3784 : public:
3785 : // [function]: The function corresponding to this generator object.
3786 : DECL_ACCESSORS(function, JSFunction)
3787 :
3788 : // [context]: The context of the suspended computation.
3789 : DECL_ACCESSORS(context, Context)
3790 :
3791 : // [receiver]: The receiver of the suspended computation.
3792 : DECL_ACCESSORS(receiver, Object)
3793 :
3794 : // [input_or_debug_pos]
3795 : // For executing generators: the most recent input value.
3796 : // For suspended generators: debug information (bytecode offset).
3797 : // There is currently no need to remember the most recent input value for a
3798 : // suspended generator.
3799 : DECL_ACCESSORS(input_or_debug_pos, Object)
3800 :
3801 : // [resume_mode]: The most recent resume mode.
3802 : enum ResumeMode { kNext, kReturn, kThrow };
3803 : DECL_INT_ACCESSORS(resume_mode)
3804 :
3805 : // [continuation]
3806 : //
3807 : // A positive value indicates a suspended generator. The special
3808 : // kGeneratorExecuting and kGeneratorClosed values indicate that a generator
3809 : // cannot be resumed.
3810 : inline int continuation() const;
3811 : inline void set_continuation(int continuation);
3812 : inline bool is_closed() const;
3813 : inline bool is_executing() const;
3814 : inline bool is_suspended() const;
3815 :
3816 : // For suspended generators: the source position at which the generator
3817 : // is suspended.
3818 : int source_position() const;
3819 :
3820 : // [register_file]: Saved interpreter register file.
3821 : DECL_ACCESSORS(register_file, FixedArray)
3822 :
3823 : DECL_CAST(JSGeneratorObject)
3824 :
3825 : // Dispatched behavior.
3826 : DECL_VERIFIER(JSGeneratorObject)
3827 :
3828 : // Magic sentinel values for the continuation.
3829 : static const int kGeneratorExecuting = -2;
3830 : static const int kGeneratorClosed = -1;
3831 :
3832 : // Layout description.
3833 : static const int kFunctionOffset = JSObject::kHeaderSize;
3834 : static const int kContextOffset = kFunctionOffset + kPointerSize;
3835 : static const int kReceiverOffset = kContextOffset + kPointerSize;
3836 : static const int kInputOrDebugPosOffset = kReceiverOffset + kPointerSize;
3837 : static const int kResumeModeOffset = kInputOrDebugPosOffset + kPointerSize;
3838 : static const int kContinuationOffset = kResumeModeOffset + kPointerSize;
3839 : static const int kRegisterFileOffset = kContinuationOffset + kPointerSize;
3840 : static const int kSize = kRegisterFileOffset + kPointerSize;
3841 :
3842 : private:
3843 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSGeneratorObject);
3844 : };
3845 :
3846 : class JSAsyncGeneratorObject : public JSGeneratorObject {
3847 : public:
3848 : DECL_CAST(JSAsyncGeneratorObject)
3849 :
3850 : // Dispatched behavior.
3851 : DECL_VERIFIER(JSAsyncGeneratorObject)
3852 :
3853 : // [queue]
3854 : // Pointer to the head of a singly linked list of AsyncGeneratorRequest, or
3855 : // undefined.
3856 : DECL_ACCESSORS(queue, HeapObject)
3857 :
3858 : // [awaited_promise]
3859 : // A reference to the Promise of an AwaitExpression.
3860 : DECL_ACCESSORS(awaited_promise, HeapObject)
3861 :
3862 : // Layout description.
3863 : static const int kQueueOffset = JSGeneratorObject::kSize;
3864 : static const int kAwaitedPromiseOffset = kQueueOffset + kPointerSize;
3865 : static const int kSize = kAwaitedPromiseOffset + kPointerSize;
3866 :
3867 : private:
3868 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSAsyncGeneratorObject);
3869 : };
3870 :
3871 : // JSBoundFunction describes a bound function exotic object.
3872 : class JSBoundFunction : public JSObject {
3873 : public:
3874 : // [bound_target_function]: The wrapped function object.
3875 : inline Object* raw_bound_target_function() const;
3876 : DECL_ACCESSORS(bound_target_function, JSReceiver)
3877 :
3878 : // [bound_this]: The value that is always passed as the this value when
3879 : // calling the wrapped function.
3880 : DECL_ACCESSORS(bound_this, Object)
3881 :
3882 : // [bound_arguments]: A list of values whose elements are used as the first
3883 : // arguments to any call to the wrapped function.
3884 : DECL_ACCESSORS(bound_arguments, FixedArray)
3885 :
3886 : static MaybeHandle<String> GetName(Isolate* isolate,
3887 : Handle<JSBoundFunction> function);
3888 : static Maybe<int> GetLength(Isolate* isolate,
3889 : Handle<JSBoundFunction> function);
3890 : static MaybeHandle<Context> GetFunctionRealm(
3891 : Handle<JSBoundFunction> function);
3892 :
3893 : DECL_CAST(JSBoundFunction)
3894 :
3895 : // Dispatched behavior.
3896 : DECL_PRINTER(JSBoundFunction)
3897 : DECL_VERIFIER(JSBoundFunction)
3898 :
3899 : // The bound function's string representation implemented according
3900 : // to ES6 section 19.2.3.5 Function.prototype.toString ( ).
3901 : static Handle<String> ToString(Handle<JSBoundFunction> function);
3902 :
3903 : // Layout description.
3904 : static const int kBoundTargetFunctionOffset = JSObject::kHeaderSize;
3905 : static const int kBoundThisOffset = kBoundTargetFunctionOffset + kPointerSize;
3906 : static const int kBoundArgumentsOffset = kBoundThisOffset + kPointerSize;
3907 : static const int kSize = kBoundArgumentsOffset + kPointerSize;
3908 :
3909 : private:
3910 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSBoundFunction);
3911 : };
3912 :
3913 :
3914 : // JSFunction describes JavaScript functions.
3915 : class JSFunction: public JSObject {
3916 : public:
3917 : // [prototype_or_initial_map]:
3918 : DECL_ACCESSORS(prototype_or_initial_map, Object)
3919 :
3920 : // [shared]: The information about the function that
3921 : // can be shared by instances.
3922 : DECL_ACCESSORS(shared, SharedFunctionInfo)
3923 :
3924 : static const int kLengthDescriptorIndex = 0;
3925 : static const int kNameDescriptorIndex = 1;
3926 :
3927 : // [context]: The context for this function.
3928 : inline Context* context();
3929 : inline bool has_context() const;
3930 : inline void set_context(Object* context);
3931 : inline JSObject* global_proxy();
3932 : inline Context* native_context();
3933 :
3934 : static Handle<Object> GetName(Isolate* isolate, Handle<JSFunction> function);
3935 : static Maybe<int> GetLength(Isolate* isolate, Handle<JSFunction> function);
3936 : static Handle<Context> GetFunctionRealm(Handle<JSFunction> function);
3937 :
3938 : // [code]: The generated code object for this function. Executed
3939 : // when the function is invoked, e.g. foo() or new foo(). See
3940 : // [[Call]] and [[Construct]] description in ECMA-262, section
3941 : // 8.6.2, page 27.
3942 : inline Code* code();
3943 : inline void set_code(Code* code);
3944 : inline void set_code_no_write_barrier(Code* code);
3945 :
3946 : // Get the abstract code associated with the function, which will either be
3947 : // a Code object or a BytecodeArray.
3948 : inline AbstractCode* abstract_code();
3949 :
3950 : // Tells whether or not this function is interpreted.
3951 : //
3952 : // Note: function->IsInterpreted() does not necessarily return the same value
3953 : // as function->shared()->IsInterpreted() because the closure might have been
3954 : // optimized.
3955 : inline bool IsInterpreted();
3956 :
3957 : // Tells whether or not this function checks its optimization marker in its
3958 : // feedback vector.
3959 : inline bool ChecksOptimizationMarker();
3960 :
3961 : // Tells whether or not this function holds optimized code.
3962 : //
3963 : // Note: Returning false does not necessarily mean that this function hasn't
3964 : // been optimized, as it may have optimized code on its feedback vector.
3965 : inline bool IsOptimized();
3966 :
3967 : // Tells whether or not this function has optimized code available to it,
3968 : // either because it is optimized or because it has optimized code in its
3969 : // feedback vector.
3970 : inline bool HasOptimizedCode();
3971 :
3972 : // Tells whether or not this function has a (non-zero) optimization marker.
3973 : inline bool HasOptimizationMarker();
3974 :
3975 : // Mark this function for lazy recompilation. The function will be recompiled
3976 : // the next time it is executed.
3977 : void MarkForOptimization(ConcurrencyMode mode);
3978 :
3979 : // Tells whether or not the function is already marked for lazy recompilation.
3980 : inline bool IsMarkedForOptimization();
3981 : inline bool IsMarkedForConcurrentOptimization();
3982 :
3983 : // Tells whether or not the function is on the concurrent recompilation queue.
3984 : inline bool IsInOptimizationQueue();
3985 :
3986 : // Clears the optimized code slot in the function's feedback vector.
3987 : inline void ClearOptimizedCodeSlot(const char* reason);
3988 :
3989 : // Sets the optimization marker in the function's feedback vector.
3990 : inline void SetOptimizationMarker(OptimizationMarker marker);
3991 :
3992 : // Clears the optimization marker in the function's feedback vector.
3993 : inline void ClearOptimizationMarker();
3994 :
3995 : // Completes inobject slack tracking on initial map if it is active.
3996 : inline void CompleteInobjectSlackTrackingIfActive();
3997 :
3998 : // [feedback_vector_cell]: The feedback vector.
3999 : DECL_ACCESSORS(feedback_vector_cell, Cell)
4000 :
4001 : enum FeedbackVectorState {
4002 : TOP_LEVEL_SCRIPT_NEEDS_VECTOR,
4003 : NEEDS_VECTOR,
4004 : HAS_VECTOR,
4005 : NO_VECTOR_NEEDED
4006 : };
4007 :
4008 : inline FeedbackVectorState GetFeedbackVectorState(Isolate* isolate) const;
4009 :
4010 : // feedback_vector() can be used once the function is compiled.
4011 : inline FeedbackVector* feedback_vector() const;
4012 : inline bool has_feedback_vector() const;
4013 : static void EnsureLiterals(Handle<JSFunction> function);
4014 :
4015 : // Unconditionally clear the type feedback vector.
4016 : void ClearTypeFeedbackInfo();
4017 :
4018 : inline bool has_prototype_slot() const;
4019 :
4020 : // The initial map for an object created by this constructor.
4021 : inline Map* initial_map();
4022 : static void SetInitialMap(Handle<JSFunction> function, Handle<Map> map,
4023 : Handle<Object> prototype);
4024 : inline bool has_initial_map();
4025 : static void EnsureHasInitialMap(Handle<JSFunction> function);
4026 :
4027 : // Creates a map that matches the constructor's initial map, but with
4028 : // [[prototype]] being new.target.prototype. Because new.target can be a
4029 : // JSProxy, this can call back into JavaScript.
4030 : static MUST_USE_RESULT MaybeHandle<Map> GetDerivedMap(
4031 : Isolate* isolate, Handle<JSFunction> constructor,
4032 : Handle<JSReceiver> new_target);
4033 :
4034 : // Get and set the prototype property on a JSFunction. If the
4035 : // function has an initial map the prototype is set on the initial
4036 : // map. Otherwise, the prototype is put in the initial map field
4037 : // until an initial map is needed.
4038 : inline bool has_prototype();
4039 : inline bool has_instance_prototype();
4040 : inline Object* prototype();
4041 : inline Object* instance_prototype();
4042 : static void SetPrototype(Handle<JSFunction> function,
4043 : Handle<Object> value);
4044 :
4045 : // Returns if this function has been compiled to native code yet.
4046 : inline bool is_compiled();
4047 :
4048 : // Prints the name of the function using PrintF.
4049 : void PrintName(FILE* out = stdout);
4050 :
4051 : DECL_CAST(JSFunction)
4052 :
4053 : // Calculate the instance size and in-object properties count.
4054 : static void CalculateInstanceSizeForDerivedClass(
4055 : Handle<JSFunction> function, InstanceType instance_type,
4056 : int requested_embedder_fields, int* instance_size,
4057 : int* in_object_properties);
4058 : static void CalculateInstanceSizeHelper(InstanceType instance_type,
4059 : bool has_prototype_slot,
4060 : int requested_embedder_fields,
4061 : int requested_in_object_properties,
4062 : int* instance_size,
4063 : int* in_object_properties);
4064 :
4065 : class BodyDescriptor;
4066 :
4067 : // Dispatched behavior.
4068 : DECL_PRINTER(JSFunction)
4069 : DECL_VERIFIER(JSFunction)
4070 :
4071 : // The function's name if it is configured, otherwise shared function info
4072 : // debug name.
4073 : static Handle<String> GetName(Handle<JSFunction> function);
4074 :
4075 : // ES6 section 9.2.11 SetFunctionName
4076 : // Because of the way this abstract operation is used in the spec,
4077 : // it should never fail, but in practice it will fail if the generated
4078 : // function name's length exceeds String::kMaxLength.
4079 : static MUST_USE_RESULT bool SetName(Handle<JSFunction> function,
4080 : Handle<Name> name, Handle<String> prefix);
4081 :
4082 : // The function's displayName if it is set, otherwise name if it is
4083 : // configured, otherwise shared function info
4084 : // debug name.
4085 : static Handle<String> GetDebugName(Handle<JSFunction> function);
4086 :
4087 : // The function's string representation implemented according to
4088 : // ES6 section 19.2.3.5 Function.prototype.toString ( ).
4089 : static Handle<String> ToString(Handle<JSFunction> function);
4090 :
4091 : // Layout description.
4092 : #define JS_FUNCTION_FIELDS(V) \
4093 : /* Pointer fields. */ \
4094 : V(kSharedFunctionInfoOffset, kPointerSize) \
4095 : V(kContextOffset, kPointerSize) \
4096 : V(kFeedbackVectorOffset, kPointerSize) \
4097 : V(kEndOfStrongFieldsOffset, 0) \
4098 : V(kCodeOffset, kPointerSize) \
4099 : /* Size of JSFunction object without prototype field. */ \
4100 : V(kSizeWithoutPrototype, 0) \
4101 : V(kPrototypeOrInitialMapOffset, kPointerSize) \
4102 : /* Size of JSFunction object with prototype field. */ \
4103 : V(kSizeWithPrototype, 0)
4104 :
4105 : DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize, JS_FUNCTION_FIELDS)
4106 :
4107 : private:
4108 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSFunction);
4109 : };
4110 :
4111 :
4112 : // JSGlobalProxy's prototype must be a JSGlobalObject or null,
4113 : // and the prototype is hidden. JSGlobalProxy always delegates
4114 : // property accesses to its prototype if the prototype is not null.
4115 : //
4116 : // A JSGlobalProxy can be reinitialized which will preserve its identity.
4117 : //
4118 : // Accessing a JSGlobalProxy requires security check.
4119 :
4120 : class JSGlobalProxy : public JSObject {
4121 : public:
4122 : // [native_context]: the owner native context of this global proxy object.
4123 : // It is null value if this object is not used by any context.
4124 : DECL_ACCESSORS(native_context, Object)
4125 :
4126 : // [hash]: The hash code property (undefined if not initialized yet).
4127 : DECL_ACCESSORS(hash, Object)
4128 :
4129 : DECL_CAST(JSGlobalProxy)
4130 :
4131 : inline bool IsDetachedFrom(JSGlobalObject* global) const;
4132 :
4133 : static int SizeWithEmbedderFields(int embedder_field_count);
4134 :
4135 : // Dispatched behavior.
4136 : DECL_PRINTER(JSGlobalProxy)
4137 : DECL_VERIFIER(JSGlobalProxy)
4138 :
4139 : // Layout description.
4140 : static const int kNativeContextOffset = JSObject::kHeaderSize;
4141 : static const int kHashOffset = kNativeContextOffset + kPointerSize;
4142 : static const int kSize = kHashOffset + kPointerSize;
4143 :
4144 : private:
4145 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalProxy);
4146 : };
4147 :
4148 :
4149 : // JavaScript global object.
4150 : class JSGlobalObject : public JSObject {
4151 : public:
4152 : // [native context]: the natives corresponding to this global object.
4153 : DECL_ACCESSORS(native_context, Context)
4154 :
4155 : // [global proxy]: the global proxy object of the context
4156 : DECL_ACCESSORS(global_proxy, JSObject)
4157 :
4158 : // Gets global object properties.
4159 : inline GlobalDictionary* global_dictionary();
4160 : inline void set_global_dictionary(GlobalDictionary* dictionary);
4161 :
4162 : static void InvalidatePropertyCell(Handle<JSGlobalObject> object,
4163 : Handle<Name> name);
4164 : // Ensure that the global object has a cell for the given property name.
4165 : static Handle<PropertyCell> EnsureEmptyPropertyCell(
4166 : Handle<JSGlobalObject> global, Handle<Name> name,
4167 : PropertyCellType cell_type, int* entry_out = nullptr);
4168 :
4169 : DECL_CAST(JSGlobalObject)
4170 :
4171 : inline bool IsDetached();
4172 :
4173 : // Dispatched behavior.
4174 : DECL_PRINTER(JSGlobalObject)
4175 : DECL_VERIFIER(JSGlobalObject)
4176 :
4177 : // Layout description.
4178 : static const int kNativeContextOffset = JSObject::kHeaderSize;
4179 : static const int kGlobalProxyOffset = kNativeContextOffset + kPointerSize;
4180 : static const int kHeaderSize = kGlobalProxyOffset + kPointerSize;
4181 : static const int kSize = kHeaderSize;
4182 :
4183 : private:
4184 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalObject);
4185 : };
4186 :
4187 :
4188 : // Representation for JS Wrapper objects, String, Number, Boolean, etc.
4189 : class JSValue: public JSObject {
4190 : public:
4191 : // [value]: the object being wrapped.
4192 : DECL_ACCESSORS(value, Object)
4193 :
4194 : DECL_CAST(JSValue)
4195 :
4196 : // Dispatched behavior.
4197 : DECL_PRINTER(JSValue)
4198 : DECL_VERIFIER(JSValue)
4199 :
4200 : // Layout description.
4201 : static const int kValueOffset = JSObject::kHeaderSize;
4202 : static const int kSize = kValueOffset + kPointerSize;
4203 :
4204 : private:
4205 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSValue);
4206 : };
4207 :
4208 :
4209 : class DateCache;
4210 :
4211 : // Representation for JS date objects.
4212 : class JSDate: public JSObject {
4213 : public:
4214 : static MUST_USE_RESULT MaybeHandle<JSDate> New(Handle<JSFunction> constructor,
4215 : Handle<JSReceiver> new_target,
4216 : double tv);
4217 :
4218 : // If one component is NaN, all of them are, indicating a NaN time value.
4219 : // [value]: the time value.
4220 : DECL_ACCESSORS(value, Object)
4221 : // [year]: caches year. Either undefined, smi, or NaN.
4222 : DECL_ACCESSORS(year, Object)
4223 : // [month]: caches month. Either undefined, smi, or NaN.
4224 : DECL_ACCESSORS(month, Object)
4225 : // [day]: caches day. Either undefined, smi, or NaN.
4226 : DECL_ACCESSORS(day, Object)
4227 : // [weekday]: caches day of week. Either undefined, smi, or NaN.
4228 : DECL_ACCESSORS(weekday, Object)
4229 : // [hour]: caches hours. Either undefined, smi, or NaN.
4230 : DECL_ACCESSORS(hour, Object)
4231 : // [min]: caches minutes. Either undefined, smi, or NaN.
4232 : DECL_ACCESSORS(min, Object)
4233 : // [sec]: caches seconds. Either undefined, smi, or NaN.
4234 : DECL_ACCESSORS(sec, Object)
4235 : // [cache stamp]: sample of the date cache stamp at the
4236 : // moment when chached fields were cached.
4237 : DECL_ACCESSORS(cache_stamp, Object)
4238 :
4239 : DECL_CAST(JSDate)
4240 :
4241 : // Returns the time value (UTC) identifying the current time.
4242 : static double CurrentTimeValue(Isolate* isolate);
4243 :
4244 : // Returns the date field with the specified index.
4245 : // See FieldIndex for the list of date fields.
4246 : static Object* GetField(Object* date, Smi* index);
4247 :
4248 : static Handle<Object> SetValue(Handle<JSDate> date, double v);
4249 :
4250 : void SetValue(Object* value, bool is_value_nan);
4251 :
4252 : // Dispatched behavior.
4253 : DECL_PRINTER(JSDate)
4254 : DECL_VERIFIER(JSDate)
4255 :
4256 : // The order is important. It must be kept in sync with date macros
4257 : // in macros.py.
4258 : enum FieldIndex {
4259 : kDateValue,
4260 : kYear,
4261 : kMonth,
4262 : kDay,
4263 : kWeekday,
4264 : kHour,
4265 : kMinute,
4266 : kSecond,
4267 : kFirstUncachedField,
4268 : kMillisecond = kFirstUncachedField,
4269 : kDays,
4270 : kTimeInDay,
4271 : kFirstUTCField,
4272 : kYearUTC = kFirstUTCField,
4273 : kMonthUTC,
4274 : kDayUTC,
4275 : kWeekdayUTC,
4276 : kHourUTC,
4277 : kMinuteUTC,
4278 : kSecondUTC,
4279 : kMillisecondUTC,
4280 : kDaysUTC,
4281 : kTimeInDayUTC,
4282 : kTimezoneOffset
4283 : };
4284 :
4285 : // Layout description.
4286 : static const int kValueOffset = JSObject::kHeaderSize;
4287 : static const int kYearOffset = kValueOffset + kPointerSize;
4288 : static const int kMonthOffset = kYearOffset + kPointerSize;
4289 : static const int kDayOffset = kMonthOffset + kPointerSize;
4290 : static const int kWeekdayOffset = kDayOffset + kPointerSize;
4291 : static const int kHourOffset = kWeekdayOffset + kPointerSize;
4292 : static const int kMinOffset = kHourOffset + kPointerSize;
4293 : static const int kSecOffset = kMinOffset + kPointerSize;
4294 : static const int kCacheStampOffset = kSecOffset + kPointerSize;
4295 : static const int kSize = kCacheStampOffset + kPointerSize;
4296 :
4297 : private:
4298 : inline Object* DoGetField(FieldIndex index);
4299 :
4300 : Object* GetUTCField(FieldIndex index, double value, DateCache* date_cache);
4301 :
4302 : // Computes and caches the cacheable fields of the date.
4303 : inline void SetCachedFields(int64_t local_time_ms, DateCache* date_cache);
4304 :
4305 :
4306 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSDate);
4307 : };
4308 :
4309 :
4310 : // Representation of message objects used for error reporting through
4311 : // the API. The messages are formatted in JavaScript so this object is
4312 : // a real JavaScript object. The information used for formatting the
4313 : // error messages are not directly accessible from JavaScript to
4314 : // prevent leaking information to user code called during error
4315 : // formatting.
4316 : class JSMessageObject: public JSObject {
4317 : public:
4318 : // [type]: the type of error message.
4319 : inline int type() const;
4320 : inline void set_type(int value);
4321 :
4322 : // [arguments]: the arguments for formatting the error message.
4323 : DECL_ACCESSORS(argument, Object)
4324 :
4325 : // [script]: the script from which the error message originated.
4326 : DECL_ACCESSORS(script, Object)
4327 :
4328 : // [stack_frames]: an array of stack frames for this error object.
4329 : DECL_ACCESSORS(stack_frames, Object)
4330 :
4331 : // [start_position]: the start position in the script for the error message.
4332 : inline int start_position() const;
4333 : inline void set_start_position(int value);
4334 :
4335 : // [end_position]: the end position in the script for the error message.
4336 : inline int end_position() const;
4337 : inline void set_end_position(int value);
4338 :
4339 : // Returns the line number for the error message (1-based), or
4340 : // Message::kNoLineNumberInfo if the line cannot be determined.
4341 : int GetLineNumber() const;
4342 :
4343 : // Returns the offset of the given position within the containing line.
4344 : int GetColumnNumber() const;
4345 :
4346 : // Returns the source code line containing the given source
4347 : // position, or the empty string if the position is invalid.
4348 : Handle<String> GetSourceLine() const;
4349 :
4350 : inline int error_level() const;
4351 : inline void set_error_level(int level);
4352 :
4353 : DECL_CAST(JSMessageObject)
4354 :
4355 : // Dispatched behavior.
4356 : DECL_PRINTER(JSMessageObject)
4357 : DECL_VERIFIER(JSMessageObject)
4358 :
4359 : // Layout description.
4360 : static const int kTypeOffset = JSObject::kHeaderSize;
4361 : static const int kArgumentsOffset = kTypeOffset + kPointerSize;
4362 : static const int kScriptOffset = kArgumentsOffset + kPointerSize;
4363 : static const int kStackFramesOffset = kScriptOffset + kPointerSize;
4364 : static const int kStartPositionOffset = kStackFramesOffset + kPointerSize;
4365 : static const int kEndPositionOffset = kStartPositionOffset + kPointerSize;
4366 : static const int kErrorLevelOffset = kEndPositionOffset + kPointerSize;
4367 : static const int kSize = kErrorLevelOffset + kPointerSize;
4368 :
4369 : typedef FixedBodyDescriptor<HeapObject::kMapOffset,
4370 : kStackFramesOffset + kPointerSize,
4371 : kSize> BodyDescriptor;
4372 : // No weak fields.
4373 : typedef BodyDescriptor BodyDescriptorWeak;
4374 : };
4375 :
4376 : class JSPromise : public JSObject {
4377 : public:
4378 : DECL_ACCESSORS(result, Object)
4379 :
4380 : // There are 3 possible states for these fields --
4381 : // 1) Undefined -- This is the zero state when there is no callback
4382 : // or deferred fields registered.
4383 : //
4384 : // 2) Object -- There is a single callback directly attached to the
4385 : // fulfill_reactions, reject_reactions and the deferred fields are
4386 : // directly attached to the slots. In this state, deferred_promise
4387 : // is a JSReceiver and deferred_on_{resolve, reject} are Callables.
4388 : //
4389 : // 3) FixedArray -- There is more than one callback and deferred
4390 : // fields attached to a FixedArray.
4391 : //
4392 : // The callback can be a Callable or a Symbol.
4393 : DECL_ACCESSORS(deferred_promise, Object)
4394 : DECL_ACCESSORS(deferred_on_resolve, Object)
4395 : DECL_ACCESSORS(deferred_on_reject, Object)
4396 : DECL_ACCESSORS(fulfill_reactions, Object)
4397 : DECL_ACCESSORS(reject_reactions, Object)
4398 :
4399 : DECL_INT_ACCESSORS(flags)
4400 :
4401 : // [has_handler]: Whether this promise has a reject handler or not.
4402 : DECL_BOOLEAN_ACCESSORS(has_handler)
4403 :
4404 : // [handled_hint]: Whether this promise will be handled by a catch
4405 : // block in an async function.
4406 : DECL_BOOLEAN_ACCESSORS(handled_hint)
4407 :
4408 : static const char* Status(v8::Promise::PromiseState status);
4409 : v8::Promise::PromiseState status() const;
4410 :
4411 : DECL_CAST(JSPromise)
4412 :
4413 : // Dispatched behavior.
4414 : DECL_PRINTER(JSPromise)
4415 : DECL_VERIFIER(JSPromise)
4416 :
4417 : // Layout description.
4418 : static const int kResultOffset = JSObject::kHeaderSize;
4419 : static const int kDeferredPromiseOffset = kResultOffset + kPointerSize;
4420 : static const int kDeferredOnResolveOffset =
4421 : kDeferredPromiseOffset + kPointerSize;
4422 : static const int kDeferredOnRejectOffset =
4423 : kDeferredOnResolveOffset + kPointerSize;
4424 : static const int kFulfillReactionsOffset =
4425 : kDeferredOnRejectOffset + kPointerSize;
4426 : static const int kRejectReactionsOffset =
4427 : kFulfillReactionsOffset + kPointerSize;
4428 : static const int kFlagsOffset = kRejectReactionsOffset + kPointerSize;
4429 : static const int kSize = kFlagsOffset + kPointerSize;
4430 : static const int kSizeWithEmbedderFields =
4431 : kSize + v8::Promise::kEmbedderFieldCount * kPointerSize;
4432 :
4433 : // Flags layout.
4434 : // The first two bits store the v8::Promise::PromiseState.
4435 : static const int kStatusBits = 2;
4436 : static const int kHasHandlerBit = 2;
4437 : static const int kHandledHintBit = 3;
4438 :
4439 : static const int kStatusShift = 0;
4440 : static const int kStatusMask = 0x3;
4441 : STATIC_ASSERT(v8::Promise::kPending == 0);
4442 : STATIC_ASSERT(v8::Promise::kFulfilled == 1);
4443 : STATIC_ASSERT(v8::Promise::kRejected == 2);
4444 : };
4445 :
4446 : class TypeFeedbackInfo : public Tuple3 {
4447 : public:
4448 : inline int ic_total_count();
4449 : inline void set_ic_total_count(int count);
4450 :
4451 : inline int ic_with_type_info_count();
4452 : inline void change_ic_with_type_info_count(int delta);
4453 :
4454 : inline int ic_generic_count();
4455 : inline void change_ic_generic_count(int delta);
4456 :
4457 : inline void initialize_storage();
4458 :
4459 : inline void change_own_type_change_checksum();
4460 : inline int own_type_change_checksum();
4461 :
4462 : inline void set_inlined_type_change_checksum(int checksum);
4463 : inline bool matches_inlined_type_change_checksum(int checksum);
4464 :
4465 : DECL_CAST(TypeFeedbackInfo)
4466 :
4467 : static const int kStorage1Offset = kValue1Offset;
4468 : static const int kStorage2Offset = kValue2Offset;
4469 : static const int kStorage3Offset = kValue3Offset;
4470 :
4471 : private:
4472 : static const int kTypeChangeChecksumBits = 7;
4473 :
4474 : class ICTotalCountField: public BitField<int, 0,
4475 : kSmiValueSize - kTypeChangeChecksumBits> {}; // NOLINT
4476 : class OwnTypeChangeChecksum: public BitField<int,
4477 : kSmiValueSize - kTypeChangeChecksumBits,
4478 : kTypeChangeChecksumBits> {}; // NOLINT
4479 : class ICsWithTypeInfoCountField: public BitField<int, 0,
4480 : kSmiValueSize - kTypeChangeChecksumBits> {}; // NOLINT
4481 : class InlinedTypeChangeChecksum: public BitField<int,
4482 : kSmiValueSize - kTypeChangeChecksumBits,
4483 : kTypeChangeChecksumBits> {}; // NOLINT
4484 :
4485 : DISALLOW_IMPLICIT_CONSTRUCTORS(TypeFeedbackInfo);
4486 : };
4487 :
4488 : class AllocationSite: public Struct {
4489 : public:
4490 : static const uint32_t kMaximumArrayBytesToPretransition = 8 * 1024;
4491 : static const double kPretenureRatio;
4492 : static const int kPretenureMinimumCreated = 100;
4493 :
4494 : // Values for pretenure decision field.
4495 : enum PretenureDecision {
4496 : kUndecided = 0,
4497 : kDontTenure = 1,
4498 : kMaybeTenure = 2,
4499 : kTenure = 3,
4500 : kZombie = 4,
4501 : kLastPretenureDecisionValue = kZombie
4502 : };
4503 :
4504 : const char* PretenureDecisionName(PretenureDecision decision);
4505 :
4506 : // Contains either a Smi-encoded bitfield or a boilerplate. If it's a Smi the
4507 : // AllocationSite is for a constructed Array.
4508 : DECL_ACCESSORS(transition_info_or_boilerplate, Object)
4509 : DECL_ACCESSORS(boilerplate, JSObject)
4510 : DECL_INT_ACCESSORS(transition_info)
4511 :
4512 : // nested_site threads a list of sites that represent nested literals
4513 : // walked in a particular order. So [[1, 2], 1, 2] will have one
4514 : // nested_site, but [[1, 2], 3, [4]] will have a list of two.
4515 : DECL_ACCESSORS(nested_site, Object)
4516 :
4517 : // Bitfield containing pretenuring information.
4518 : DECL_INT_ACCESSORS(pretenure_data)
4519 :
4520 : DECL_INT_ACCESSORS(pretenure_create_count)
4521 : DECL_ACCESSORS(dependent_code, DependentCode)
4522 :
4523 : // heap->allocation_site_list() points to the last AllocationSite which form
4524 : // a linked list through the weak_next property. The GC might remove elements
4525 : // from the list by updateing weak_next.
4526 : DECL_ACCESSORS(weak_next, Object)
4527 :
4528 : inline void Initialize();
4529 :
4530 : // This method is expensive, it should only be called for reporting.
4531 : bool IsNested();
4532 :
4533 : // transition_info bitfields, for constructed array transition info.
4534 : class ElementsKindBits: public BitField<ElementsKind, 0, 15> {};
4535 : class UnusedBits: public BitField<int, 15, 14> {};
4536 : class DoNotInlineBit: public BitField<bool, 29, 1> {};
4537 :
4538 : // Bitfields for pretenure_data
4539 : class MementoFoundCountBits: public BitField<int, 0, 26> {};
4540 : class PretenureDecisionBits: public BitField<PretenureDecision, 26, 3> {};
4541 : class DeoptDependentCodeBit: public BitField<bool, 29, 1> {};
4542 : STATIC_ASSERT(PretenureDecisionBits::kMax >= kLastPretenureDecisionValue);
4543 :
4544 : // Increments the mementos found counter and returns true when the first
4545 : // memento was found for a given allocation site.
4546 : inline bool IncrementMementoFoundCount(int increment = 1);
4547 :
4548 : inline void IncrementMementoCreateCount();
4549 :
4550 : PretenureFlag GetPretenureMode() const;
4551 :
4552 : void ResetPretenureDecision();
4553 :
4554 : inline PretenureDecision pretenure_decision() const;
4555 : inline void set_pretenure_decision(PretenureDecision decision);
4556 :
4557 : inline bool deopt_dependent_code() const;
4558 : inline void set_deopt_dependent_code(bool deopt);
4559 :
4560 : inline int memento_found_count() const;
4561 : inline void set_memento_found_count(int count);
4562 :
4563 : inline int memento_create_count() const;
4564 : inline void set_memento_create_count(int count);
4565 :
4566 : // The pretenuring decision is made during gc, and the zombie state allows
4567 : // us to recognize when an allocation site is just being kept alive because
4568 : // a later traversal of new space may discover AllocationMementos that point
4569 : // to this AllocationSite.
4570 : inline bool IsZombie() const;
4571 :
4572 : inline bool IsMaybeTenure() const;
4573 :
4574 : inline void MarkZombie();
4575 :
4576 : inline bool MakePretenureDecision(PretenureDecision current_decision,
4577 : double ratio,
4578 : bool maximum_size_scavenge);
4579 :
4580 : inline bool DigestPretenuringFeedback(bool maximum_size_scavenge);
4581 :
4582 : inline ElementsKind GetElementsKind() const;
4583 : inline void SetElementsKind(ElementsKind kind);
4584 :
4585 : inline bool CanInlineCall() const;
4586 : inline void SetDoNotInlineCall();
4587 :
4588 : inline bool PointsToLiteral() const;
4589 :
4590 : template <AllocationSiteUpdateMode update_or_check =
4591 : AllocationSiteUpdateMode::kUpdate>
4592 : static bool DigestTransitionFeedback(Handle<AllocationSite> site,
4593 : ElementsKind to_kind);
4594 :
4595 : DECL_PRINTER(AllocationSite)
4596 : DECL_VERIFIER(AllocationSite)
4597 :
4598 : DECL_CAST(AllocationSite)
4599 : static inline bool ShouldTrack(ElementsKind boilerplate_elements_kind);
4600 : static bool ShouldTrack(ElementsKind from, ElementsKind to);
4601 : static inline bool CanTrack(InstanceType type);
4602 :
4603 : static const int kTransitionInfoOrBoilerplateOffset = HeapObject::kHeaderSize;
4604 : static const int kNestedSiteOffset =
4605 : kTransitionInfoOrBoilerplateOffset + kPointerSize;
4606 : static const int kPretenureDataOffset = kNestedSiteOffset + kPointerSize;
4607 : static const int kPretenureCreateCountOffset =
4608 : kPretenureDataOffset + kPointerSize;
4609 : static const int kDependentCodeOffset =
4610 : kPretenureCreateCountOffset + kPointerSize;
4611 : static const int kWeakNextOffset = kDependentCodeOffset + kPointerSize;
4612 : static const int kSize = kWeakNextOffset + kPointerSize;
4613 :
4614 : // During mark compact we need to take special care for the dependent code
4615 : // field.
4616 : static const int kPointerFieldsBeginOffset =
4617 : kTransitionInfoOrBoilerplateOffset;
4618 : static const int kPointerFieldsEndOffset = kWeakNextOffset;
4619 :
4620 : // Ignores weakness.
4621 : typedef FixedBodyDescriptor<HeapObject::kHeaderSize, kSize, kSize>
4622 : BodyDescriptor;
4623 :
4624 : // Respects weakness.
4625 : typedef FixedBodyDescriptor<kPointerFieldsBeginOffset,
4626 : kPointerFieldsEndOffset, kSize>
4627 : BodyDescriptorWeak;
4628 :
4629 : private:
4630 : inline bool PretenuringDecisionMade() const;
4631 :
4632 : DISALLOW_IMPLICIT_CONSTRUCTORS(AllocationSite);
4633 : };
4634 :
4635 :
4636 : class AllocationMemento: public Struct {
4637 : public:
4638 : static const int kAllocationSiteOffset = HeapObject::kHeaderSize;
4639 : static const int kSize = kAllocationSiteOffset + kPointerSize;
4640 :
4641 : DECL_ACCESSORS(allocation_site, Object)
4642 :
4643 : inline bool IsValid() const;
4644 : inline AllocationSite* GetAllocationSite() const;
4645 : inline Address GetAllocationSiteUnchecked() const;
4646 :
4647 : DECL_PRINTER(AllocationMemento)
4648 : DECL_VERIFIER(AllocationMemento)
4649 :
4650 : DECL_CAST(AllocationMemento)
4651 :
4652 : private:
4653 : DISALLOW_IMPLICIT_CONSTRUCTORS(AllocationMemento);
4654 : };
4655 :
4656 :
4657 : // Utility superclass for stack-allocated objects that must be updated
4658 : // on gc. It provides two ways for the gc to update instances, either
4659 : // iterating or updating after gc.
4660 : class Relocatable BASE_EMBEDDED {
4661 : public:
4662 : explicit inline Relocatable(Isolate* isolate);
4663 : inline virtual ~Relocatable();
4664 444 : virtual void IterateInstance(RootVisitor* v) {}
4665 21229 : virtual void PostGarbageCollection() { }
4666 :
4667 : static void PostGarbageCollectionProcessing(Isolate* isolate);
4668 : static int ArchiveSpacePerThread();
4669 : static char* ArchiveState(Isolate* isolate, char* to);
4670 : static char* RestoreState(Isolate* isolate, char* from);
4671 : static void Iterate(Isolate* isolate, RootVisitor* v);
4672 : static void Iterate(RootVisitor* v, Relocatable* top);
4673 : static char* Iterate(RootVisitor* v, char* t);
4674 :
4675 : private:
4676 : Isolate* isolate_;
4677 : Relocatable* prev_;
4678 : };
4679 :
4680 :
4681 : // The Oddball describes objects null, undefined, true, and false.
4682 : class Oddball: public HeapObject {
4683 : public:
4684 : // [to_number_raw]: Cached raw to_number computed at startup.
4685 : inline double to_number_raw() const;
4686 : inline void set_to_number_raw(double value);
4687 : inline void set_to_number_raw_as_bits(uint64_t bits);
4688 :
4689 : // [to_string]: Cached to_string computed at startup.
4690 : DECL_ACCESSORS(to_string, String)
4691 :
4692 : // [to_number]: Cached to_number computed at startup.
4693 : DECL_ACCESSORS(to_number, Object)
4694 :
4695 : // [typeof]: Cached type_of computed at startup.
4696 : DECL_ACCESSORS(type_of, String)
4697 :
4698 : inline byte kind() const;
4699 : inline void set_kind(byte kind);
4700 :
4701 : // ES6 section 7.1.3 ToNumber for Boolean, Null, Undefined.
4702 : MUST_USE_RESULT static inline Handle<Object> ToNumber(Handle<Oddball> input);
4703 :
4704 : DECL_CAST(Oddball)
4705 :
4706 : // Dispatched behavior.
4707 : DECL_VERIFIER(Oddball)
4708 :
4709 : // Initialize the fields.
4710 : static void Initialize(Isolate* isolate, Handle<Oddball> oddball,
4711 : const char* to_string, Handle<Object> to_number,
4712 : const char* type_of, byte kind);
4713 :
4714 : // Layout description.
4715 : static const int kToNumberRawOffset = HeapObject::kHeaderSize;
4716 : static const int kToStringOffset = kToNumberRawOffset + kDoubleSize;
4717 : static const int kToNumberOffset = kToStringOffset + kPointerSize;
4718 : static const int kTypeOfOffset = kToNumberOffset + kPointerSize;
4719 : static const int kKindOffset = kTypeOfOffset + kPointerSize;
4720 : static const int kSize = kKindOffset + kPointerSize;
4721 :
4722 : static const byte kFalse = 0;
4723 : static const byte kTrue = 1;
4724 : static const byte kNotBooleanMask = static_cast<byte>(~1);
4725 : static const byte kTheHole = 2;
4726 : static const byte kNull = 3;
4727 : static const byte kArgumentsMarker = 4;
4728 : static const byte kUndefined = 5;
4729 : static const byte kUninitialized = 6;
4730 : static const byte kOther = 7;
4731 : static const byte kException = 8;
4732 : static const byte kOptimizedOut = 9;
4733 : static const byte kStaleRegister = 10;
4734 :
4735 : typedef FixedBodyDescriptor<kToStringOffset, kTypeOfOffset + kPointerSize,
4736 : kSize> BodyDescriptor;
4737 : // No weak fields.
4738 : typedef BodyDescriptor BodyDescriptorWeak;
4739 :
4740 : STATIC_ASSERT(kToNumberRawOffset == HeapNumber::kValueOffset);
4741 : STATIC_ASSERT(kKindOffset == Internals::kOddballKindOffset);
4742 : STATIC_ASSERT(kNull == Internals::kNullOddballKind);
4743 : STATIC_ASSERT(kUndefined == Internals::kUndefinedOddballKind);
4744 :
4745 : private:
4746 : DISALLOW_IMPLICIT_CONSTRUCTORS(Oddball);
4747 : };
4748 :
4749 :
4750 : class Cell: public HeapObject {
4751 : public:
4752 : // [value]: value of the cell.
4753 : DECL_ACCESSORS(value, Object)
4754 :
4755 : DECL_CAST(Cell)
4756 :
4757 : static inline Cell* FromValueAddress(Address value) {
4758 : Object* result = FromAddress(value - kValueOffset);
4759 : return static_cast<Cell*>(result);
4760 : }
4761 :
4762 : inline Address ValueAddress() {
4763 : return address() + kValueOffset;
4764 : }
4765 :
4766 : // Dispatched behavior.
4767 : DECL_PRINTER(Cell)
4768 : DECL_VERIFIER(Cell)
4769 :
4770 : // Layout description.
4771 : static const int kValueOffset = HeapObject::kHeaderSize;
4772 : static const int kSize = kValueOffset + kPointerSize;
4773 :
4774 : typedef FixedBodyDescriptor<kValueOffset,
4775 : kValueOffset + kPointerSize,
4776 : kSize> BodyDescriptor;
4777 : // No weak fields.
4778 : typedef BodyDescriptor BodyDescriptorWeak;
4779 :
4780 : private:
4781 : DISALLOW_IMPLICIT_CONSTRUCTORS(Cell);
4782 : };
4783 :
4784 :
4785 : class PropertyCell : public HeapObject {
4786 : public:
4787 : // [name]: the name of the global property.
4788 : DECL_ACCESSORS(name, Name)
4789 : // [property_details]: details of the global property.
4790 : DECL_ACCESSORS(property_details_raw, Object)
4791 : // [value]: value of the global property.
4792 : DECL_ACCESSORS(value, Object)
4793 : // [dependent_code]: dependent code that depends on the type of the global
4794 : // property.
4795 : DECL_ACCESSORS(dependent_code, DependentCode)
4796 :
4797 : inline PropertyDetails property_details();
4798 : inline void set_property_details(PropertyDetails details);
4799 :
4800 : PropertyCellConstantType GetConstantType();
4801 :
4802 : // Computes the new type of the cell's contents for the given value, but
4803 : // without actually modifying the details.
4804 : static PropertyCellType UpdatedType(Handle<PropertyCell> cell,
4805 : Handle<Object> value,
4806 : PropertyDetails details);
4807 : // Prepares property cell at given entry for receiving given value.
4808 : // As a result the old cell could be invalidated and/or dependent code could
4809 : // be deoptimized. Returns the prepared property cell.
4810 : static Handle<PropertyCell> PrepareForValue(
4811 : Handle<GlobalDictionary> dictionary, int entry, Handle<Object> value,
4812 : PropertyDetails details);
4813 :
4814 : static Handle<PropertyCell> InvalidateEntry(
4815 : Handle<GlobalDictionary> dictionary, int entry);
4816 :
4817 : static void SetValueWithInvalidation(Handle<PropertyCell> cell,
4818 : Handle<Object> new_value);
4819 :
4820 : DECL_CAST(PropertyCell)
4821 :
4822 : // Dispatched behavior.
4823 : DECL_PRINTER(PropertyCell)
4824 : DECL_VERIFIER(PropertyCell)
4825 :
4826 : // Layout description.
4827 : static const int kDetailsOffset = HeapObject::kHeaderSize;
4828 : static const int kNameOffset = kDetailsOffset + kPointerSize;
4829 : static const int kValueOffset = kNameOffset + kPointerSize;
4830 : static const int kDependentCodeOffset = kValueOffset + kPointerSize;
4831 : static const int kSize = kDependentCodeOffset + kPointerSize;
4832 :
4833 : typedef FixedBodyDescriptor<kNameOffset, kSize, kSize> BodyDescriptor;
4834 : // No weak fields.
4835 : typedef BodyDescriptor BodyDescriptorWeak;
4836 :
4837 : private:
4838 : DISALLOW_IMPLICIT_CONSTRUCTORS(PropertyCell);
4839 : };
4840 :
4841 :
4842 : class WeakCell : public HeapObject {
4843 : public:
4844 : inline Object* value() const;
4845 :
4846 : // This should not be called by anyone except GC.
4847 : inline void clear();
4848 :
4849 : // This should not be called by anyone except allocator.
4850 : inline void initialize(HeapObject* value);
4851 :
4852 : inline bool cleared() const;
4853 :
4854 : DECL_CAST(WeakCell)
4855 :
4856 : DECL_PRINTER(WeakCell)
4857 : DECL_VERIFIER(WeakCell)
4858 :
4859 : // Layout description.
4860 : static const int kValueOffset = HeapObject::kHeaderSize;
4861 : static const int kSize = kValueOffset + kPointerSize;
4862 :
4863 : typedef FixedBodyDescriptor<kValueOffset, kSize, kSize> BodyDescriptor;
4864 :
4865 : private:
4866 : DISALLOW_IMPLICIT_CONSTRUCTORS(WeakCell);
4867 : };
4868 :
4869 :
4870 : // The JSProxy describes EcmaScript Harmony proxies
4871 : class JSProxy: public JSReceiver {
4872 : public:
4873 : MUST_USE_RESULT static MaybeHandle<JSProxy> New(Isolate* isolate,
4874 : Handle<Object>,
4875 : Handle<Object>);
4876 :
4877 : // [handler]: The handler property.
4878 : DECL_ACCESSORS(handler, Object)
4879 : // [target]: The target property.
4880 : DECL_ACCESSORS(target, JSReceiver)
4881 : // [hash]: The hash code property (undefined if not initialized yet).
4882 : DECL_ACCESSORS(hash, Object)
4883 :
4884 : static MaybeHandle<Context> GetFunctionRealm(Handle<JSProxy> proxy);
4885 :
4886 : DECL_CAST(JSProxy)
4887 :
4888 : INLINE(bool IsRevoked() const);
4889 : static void Revoke(Handle<JSProxy> proxy);
4890 :
4891 : // ES6 9.5.1
4892 : static MaybeHandle<Object> GetPrototype(Handle<JSProxy> receiver);
4893 :
4894 : // ES6 9.5.2
4895 : MUST_USE_RESULT static Maybe<bool> SetPrototype(Handle<JSProxy> proxy,
4896 : Handle<Object> value,
4897 : bool from_javascript,
4898 : ShouldThrow should_throw);
4899 : // ES6 9.5.3
4900 : MUST_USE_RESULT static Maybe<bool> IsExtensible(Handle<JSProxy> proxy);
4901 :
4902 : // ES6, #sec-isarray. NOT to be confused with %_IsArray.
4903 : MUST_USE_RESULT static Maybe<bool> IsArray(Handle<JSProxy> proxy);
4904 :
4905 : // ES6 9.5.4 (when passed DONT_THROW)
4906 : MUST_USE_RESULT static Maybe<bool> PreventExtensions(
4907 : Handle<JSProxy> proxy, ShouldThrow should_throw);
4908 :
4909 : // ES6 9.5.5
4910 : MUST_USE_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
4911 : Isolate* isolate, Handle<JSProxy> proxy, Handle<Name> name,
4912 : PropertyDescriptor* desc);
4913 :
4914 : // ES6 9.5.6
4915 : MUST_USE_RESULT static Maybe<bool> DefineOwnProperty(
4916 : Isolate* isolate, Handle<JSProxy> object, Handle<Object> key,
4917 : PropertyDescriptor* desc, ShouldThrow should_throw);
4918 :
4919 : // ES6 9.5.7
4920 : MUST_USE_RESULT static Maybe<bool> HasProperty(Isolate* isolate,
4921 : Handle<JSProxy> proxy,
4922 : Handle<Name> name);
4923 :
4924 : // This function never returns false.
4925 : // It returns either true or throws.
4926 : MUST_USE_RESULT static Maybe<bool> CheckHasTrap(Isolate* isolate,
4927 : Handle<Name> name,
4928 : Handle<JSReceiver> target);
4929 :
4930 : // ES6 9.5.8
4931 : MUST_USE_RESULT static MaybeHandle<Object> GetProperty(
4932 : Isolate* isolate, Handle<JSProxy> proxy, Handle<Name> name,
4933 : Handle<Object> receiver, bool* was_found);
4934 :
4935 : enum AccessKind { kGet, kSet };
4936 :
4937 : static MaybeHandle<Object> CheckGetSetTrapResult(Isolate* isolate,
4938 : Handle<Name> name,
4939 : Handle<JSReceiver> target,
4940 : Handle<Object> trap_result,
4941 : AccessKind access_kind);
4942 :
4943 : // ES6 9.5.9
4944 : MUST_USE_RESULT static Maybe<bool> SetProperty(Handle<JSProxy> proxy,
4945 : Handle<Name> name,
4946 : Handle<Object> value,
4947 : Handle<Object> receiver,
4948 : LanguageMode language_mode);
4949 :
4950 : // ES6 9.5.10 (when passed LanguageMode::kSloppy)
4951 : MUST_USE_RESULT static Maybe<bool> DeletePropertyOrElement(
4952 : Handle<JSProxy> proxy, Handle<Name> name, LanguageMode language_mode);
4953 :
4954 : // ES6 9.5.12
4955 : MUST_USE_RESULT static Maybe<bool> OwnPropertyKeys(
4956 : Isolate* isolate, Handle<JSReceiver> receiver, Handle<JSProxy> proxy,
4957 : PropertyFilter filter, KeyAccumulator* accumulator);
4958 :
4959 : MUST_USE_RESULT static Maybe<PropertyAttributes> GetPropertyAttributes(
4960 : LookupIterator* it);
4961 :
4962 : // Dispatched behavior.
4963 : DECL_PRINTER(JSProxy)
4964 : DECL_VERIFIER(JSProxy)
4965 :
4966 : static const int kMaxIterationLimit = 100 * 1024;
4967 :
4968 : // Layout description.
4969 : static const int kTargetOffset = JSReceiver::kHeaderSize;
4970 : static const int kHandlerOffset = kTargetOffset + kPointerSize;
4971 : static const int kHashOffset = kHandlerOffset + kPointerSize;
4972 : static const int kSize = kHashOffset + kPointerSize;
4973 :
4974 : // kTargetOffset aliases with the elements of JSObject. The fact that
4975 : // JSProxy::target is a Javascript value which cannot be confused with an
4976 : // elements backing store is exploited by loading from this offset from an
4977 : // unknown JSReceiver.
4978 : STATIC_ASSERT(JSObject::kElementsOffset == JSProxy::kTargetOffset);
4979 :
4980 : typedef FixedBodyDescriptor<JSReceiver::kPropertiesOrHashOffset, kSize, kSize>
4981 : BodyDescriptor;
4982 : // No weak fields.
4983 : typedef BodyDescriptor BodyDescriptorWeak;
4984 :
4985 : Object* GetIdentityHash();
4986 :
4987 : Smi* GetOrCreateIdentityHash(Isolate* isolate);
4988 :
4989 : static Maybe<bool> SetPrivateProperty(Isolate* isolate, Handle<JSProxy> proxy,
4990 : Handle<Symbol> private_name,
4991 : PropertyDescriptor* desc,
4992 : ShouldThrow should_throw);
4993 :
4994 : private:
4995 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSProxy);
4996 : };
4997 :
4998 :
4999 : class JSCollection : public JSObject {
5000 : public:
5001 : // [table]: the backing hash table
5002 : DECL_ACCESSORS(table, Object)
5003 :
5004 : static const int kTableOffset = JSObject::kHeaderSize;
5005 : static const int kSize = kTableOffset + kPointerSize;
5006 :
5007 : private:
5008 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSCollection);
5009 : };
5010 :
5011 :
5012 : // The JSSet describes EcmaScript Harmony sets
5013 : // TODO(marja): When moving JSSet out of objects.h, move JSSetIterator (from
5014 : // objects/hash-table.h) into the same file.
5015 : class JSSet : public JSCollection {
5016 : public:
5017 : DECL_CAST(JSSet)
5018 :
5019 : static void Initialize(Handle<JSSet> set, Isolate* isolate);
5020 : static void Clear(Handle<JSSet> set);
5021 :
5022 : // Dispatched behavior.
5023 : DECL_PRINTER(JSSet)
5024 : DECL_VERIFIER(JSSet)
5025 :
5026 : private:
5027 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSSet);
5028 : };
5029 :
5030 :
5031 : // The JSMap describes EcmaScript Harmony maps
5032 : // TODO(marja): When moving JSMap out of objects.h, move JSMapIterator (from
5033 : // objects/hash-table.h) into the same file.
5034 : class JSMap : public JSCollection {
5035 : public:
5036 : DECL_CAST(JSMap)
5037 :
5038 : static void Initialize(Handle<JSMap> map, Isolate* isolate);
5039 : static void Clear(Handle<JSMap> map);
5040 :
5041 : // Dispatched behavior.
5042 : DECL_PRINTER(JSMap)
5043 : DECL_VERIFIER(JSMap)
5044 :
5045 : private:
5046 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSMap);
5047 : };
5048 :
5049 :
5050 : // The [Async-from-Sync Iterator] object
5051 : // (proposal-async-iteration/#sec-async-from-sync-iterator-objects)
5052 : // An object which wraps an ordinary Iterator and converts it to behave
5053 : // according to the Async Iterator protocol.
5054 : // (See https://tc39.github.io/proposal-async-iteration/#sec-iteration)
5055 : class JSAsyncFromSyncIterator : public JSObject {
5056 : public:
5057 : DECL_CAST(JSAsyncFromSyncIterator)
5058 : DECL_PRINTER(JSAsyncFromSyncIterator)
5059 : DECL_VERIFIER(JSAsyncFromSyncIterator)
5060 :
5061 : // Async-from-Sync Iterator instances are ordinary objects that inherit
5062 : // properties from the %AsyncFromSyncIteratorPrototype% intrinsic object.
5063 : // Async-from-Sync Iterator instances are initially created with the internal
5064 : // slots listed in Table 4.
5065 : // (proposal-async-iteration/#table-async-from-sync-iterator-internal-slots)
5066 : DECL_ACCESSORS(sync_iterator, JSReceiver)
5067 :
5068 : // Offsets of object fields.
5069 : static const int kSyncIteratorOffset = JSObject::kHeaderSize;
5070 : static const int kSize = kSyncIteratorOffset + kPointerSize;
5071 :
5072 : private:
5073 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSAsyncFromSyncIterator);
5074 : };
5075 :
5076 : class JSStringIterator : public JSObject {
5077 : public:
5078 : // Dispatched behavior.
5079 : DECL_PRINTER(JSStringIterator)
5080 : DECL_VERIFIER(JSStringIterator)
5081 :
5082 : DECL_CAST(JSStringIterator)
5083 :
5084 : // [string]: the [[IteratedString]] inobject property.
5085 : DECL_ACCESSORS(string, String)
5086 :
5087 : // [index]: The [[StringIteratorNextIndex]] inobject property.
5088 : inline int index() const;
5089 : inline void set_index(int value);
5090 :
5091 : static const int kStringOffset = JSObject::kHeaderSize;
5092 : static const int kNextIndexOffset = kStringOffset + kPointerSize;
5093 : static const int kSize = kNextIndexOffset + kPointerSize;
5094 :
5095 : private:
5096 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSStringIterator);
5097 : };
5098 :
5099 : // Base class for both JSWeakMap and JSWeakSet
5100 : class JSWeakCollection: public JSObject {
5101 : public:
5102 : DECL_CAST(JSWeakCollection)
5103 :
5104 : // [table]: the backing hash table mapping keys to values.
5105 : DECL_ACCESSORS(table, Object)
5106 :
5107 : // [next]: linked list of encountered weak maps during GC.
5108 : DECL_ACCESSORS(next, Object)
5109 :
5110 : static void Initialize(Handle<JSWeakCollection> collection, Isolate* isolate);
5111 : static void Set(Handle<JSWeakCollection> collection, Handle<Object> key,
5112 : Handle<Object> value, int32_t hash);
5113 : static bool Delete(Handle<JSWeakCollection> collection, Handle<Object> key,
5114 : int32_t hash);
5115 : static Handle<JSArray> GetEntries(Handle<JSWeakCollection> holder,
5116 : int max_entries);
5117 :
5118 : static const int kTableOffset = JSObject::kHeaderSize;
5119 : static const int kNextOffset = kTableOffset + kPointerSize;
5120 : static const int kSize = kNextOffset + kPointerSize;
5121 :
5122 : // Visiting policy defines whether the table and next collection fields
5123 : // should be visited or not.
5124 : enum BodyVisitingPolicy { kIgnoreWeakness, kRespectWeakness };
5125 :
5126 : // Iterates the function object according to the visiting policy.
5127 : template <BodyVisitingPolicy>
5128 : class BodyDescriptorImpl;
5129 :
5130 : // Visit the whole object.
5131 : typedef BodyDescriptorImpl<kIgnoreWeakness> BodyDescriptor;
5132 :
5133 : // Don't visit table and next collection fields.
5134 : typedef BodyDescriptorImpl<kRespectWeakness> BodyDescriptorWeak;
5135 :
5136 : private:
5137 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSWeakCollection);
5138 : };
5139 :
5140 :
5141 : // The JSWeakMap describes EcmaScript Harmony weak maps
5142 : class JSWeakMap: public JSWeakCollection {
5143 : public:
5144 : DECL_CAST(JSWeakMap)
5145 :
5146 : // Dispatched behavior.
5147 : DECL_PRINTER(JSWeakMap)
5148 : DECL_VERIFIER(JSWeakMap)
5149 :
5150 : private:
5151 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSWeakMap);
5152 : };
5153 :
5154 :
5155 : // The JSWeakSet describes EcmaScript Harmony weak sets
5156 : class JSWeakSet: public JSWeakCollection {
5157 : public:
5158 : DECL_CAST(JSWeakSet)
5159 :
5160 : // Dispatched behavior.
5161 : DECL_PRINTER(JSWeakSet)
5162 : DECL_VERIFIER(JSWeakSet)
5163 :
5164 : private:
5165 : DISALLOW_IMPLICIT_CONSTRUCTORS(JSWeakSet);
5166 : };
5167 :
5168 :
5169 : // Foreign describes objects pointing from JavaScript to C structures.
5170 : class Foreign: public HeapObject {
5171 : public:
5172 : // [address]: field containing the address.
5173 : inline Address foreign_address();
5174 : inline void set_foreign_address(Address value);
5175 :
5176 : DECL_CAST(Foreign)
5177 :
5178 : // Dispatched behavior.
5179 : DECL_PRINTER(Foreign)
5180 : DECL_VERIFIER(Foreign)
5181 :
5182 : // Layout description.
5183 :
5184 : static const int kForeignAddressOffset = HeapObject::kHeaderSize;
5185 : static const int kSize = kForeignAddressOffset + kPointerSize;
5186 :
5187 : STATIC_ASSERT(kForeignAddressOffset == Internals::kForeignAddressOffset);
5188 :
5189 : class BodyDescriptor;
5190 : // No weak fields.
5191 : typedef BodyDescriptor BodyDescriptorWeak;
5192 :
5193 : private:
5194 : DISALLOW_IMPLICIT_CONSTRUCTORS(Foreign);
5195 : };
5196 :
5197 : // An accessor must have a getter, but can have no setter.
5198 : //
5199 : // When setting a property, V8 searches accessors in prototypes.
5200 : // If an accessor was found and it does not have a setter,
5201 : // the request is ignored.
5202 : //
5203 : // If the accessor in the prototype has the READ_ONLY property attribute, then
5204 : // a new value is added to the derived object when the property is set.
5205 : // This shadows the accessor in the prototype.
5206 : class AccessorInfo: public Struct {
5207 : public:
5208 : DECL_ACCESSORS(name, Object)
5209 : DECL_INT_ACCESSORS(flag)
5210 : DECL_ACCESSORS(expected_receiver_type, Object)
5211 : // This directly points at a foreign C function to be used from the runtime.
5212 : DECL_ACCESSORS(getter, Object)
5213 : DECL_ACCESSORS(setter, Object)
5214 : // This either points at the same as above, or a trampoline in case we are
5215 : // running with the simulator. Use these entries from generated code.
5216 : DECL_ACCESSORS(js_getter, Object)
5217 : DECL_ACCESSORS(data, Object)
5218 :
5219 : static Address redirect(Isolate* isolate, Address address,
5220 : AccessorComponent component);
5221 : Address redirected_getter() const;
5222 :
5223 : // Dispatched behavior.
5224 : DECL_PRINTER(AccessorInfo)
5225 :
5226 : inline bool all_can_read();
5227 : inline void set_all_can_read(bool value);
5228 :
5229 : inline bool all_can_write();
5230 : inline void set_all_can_write(bool value);
5231 :
5232 : inline bool is_special_data_property();
5233 : inline void set_is_special_data_property(bool value);
5234 :
5235 : inline bool replace_on_access();
5236 : inline void set_replace_on_access(bool value);
5237 :
5238 : inline bool is_sloppy();
5239 : inline void set_is_sloppy(bool value);
5240 :
5241 : inline PropertyAttributes property_attributes();
5242 : inline void set_property_attributes(PropertyAttributes attributes);
5243 :
5244 : // Checks whether the given receiver is compatible with this accessor.
5245 : static bool IsCompatibleReceiverMap(Isolate* isolate,
5246 : Handle<AccessorInfo> info,
5247 : Handle<Map> map);
5248 : inline bool IsCompatibleReceiver(Object* receiver);
5249 :
5250 : DECL_CAST(AccessorInfo)
5251 :
5252 : // Dispatched behavior.
5253 : DECL_VERIFIER(AccessorInfo)
5254 :
5255 : // Append all descriptors to the array that are not already there.
5256 : // Return number added.
5257 : static int AppendUnique(Handle<Object> descriptors,
5258 : Handle<FixedArray> array,
5259 : int valid_descriptors);
5260 :
5261 : static const int kNameOffset = HeapObject::kHeaderSize;
5262 : static const int kFlagOffset = kNameOffset + kPointerSize;
5263 : static const int kExpectedReceiverTypeOffset = kFlagOffset + kPointerSize;
5264 : static const int kSetterOffset = kExpectedReceiverTypeOffset + kPointerSize;
5265 : static const int kGetterOffset = kSetterOffset + kPointerSize;
5266 : static const int kJsGetterOffset = kGetterOffset + kPointerSize;
5267 : static const int kDataOffset = kJsGetterOffset + kPointerSize;
5268 : static const int kSize = kDataOffset + kPointerSize;
5269 :
5270 :
5271 : private:
5272 : inline bool HasExpectedReceiverType();
5273 :
5274 : // Bit positions in flag.
5275 : static const int kAllCanReadBit = 0;
5276 : static const int kAllCanWriteBit = 1;
5277 : static const int kSpecialDataProperty = 2;
5278 : static const int kIsSloppy = 3;
5279 : static const int kReplaceOnAccess = 4;
5280 : class AttributesField : public BitField<PropertyAttributes, 5, 3> {};
5281 :
5282 : DISALLOW_IMPLICIT_CONSTRUCTORS(AccessorInfo);
5283 : };
5284 :
5285 : // Support for JavaScript accessors: A pair of a getter and a setter. Each
5286 : // accessor can either be
5287 : // * a JavaScript function or proxy: a real accessor
5288 : // * a FunctionTemplateInfo: a real (lazy) accessor
5289 : // * undefined: considered an accessor by the spec, too, strangely enough
5290 : // * null: an accessor which has not been set
5291 : class AccessorPair: public Struct {
5292 : public:
5293 : DECL_ACCESSORS(getter, Object)
5294 : DECL_ACCESSORS(setter, Object)
5295 :
5296 : DECL_CAST(AccessorPair)
5297 :
5298 : static Handle<AccessorPair> Copy(Handle<AccessorPair> pair);
5299 :
5300 : inline Object* get(AccessorComponent component);
5301 : inline void set(AccessorComponent component, Object* value);
5302 :
5303 : // Note: Returns undefined if the component is not set.
5304 : static Handle<Object> GetComponent(Handle<AccessorPair> accessor_pair,
5305 : AccessorComponent component);
5306 :
5307 : // Set both components, skipping arguments which are a JavaScript null.
5308 : inline void SetComponents(Object* getter, Object* setter);
5309 :
5310 : inline bool Equals(AccessorPair* pair);
5311 : inline bool Equals(Object* getter_value, Object* setter_value);
5312 :
5313 : inline bool ContainsAccessor();
5314 :
5315 : // Dispatched behavior.
5316 : DECL_PRINTER(AccessorPair)
5317 : DECL_VERIFIER(AccessorPair)
5318 :
5319 : static const int kGetterOffset = HeapObject::kHeaderSize;
5320 : static const int kSetterOffset = kGetterOffset + kPointerSize;
5321 : static const int kSize = kSetterOffset + kPointerSize;
5322 :
5323 : private:
5324 : // Strangely enough, in addition to functions and harmony proxies, the spec
5325 : // requires us to consider undefined as a kind of accessor, too:
5326 : // var obj = {};
5327 : // Object.defineProperty(obj, "foo", {get: undefined});
5328 : // assertTrue("foo" in obj);
5329 : inline bool IsJSAccessor(Object* obj);
5330 :
5331 : DISALLOW_IMPLICIT_CONSTRUCTORS(AccessorPair);
5332 : };
5333 :
5334 :
5335 : class AccessCheckInfo: public Struct {
5336 : public:
5337 : DECL_ACCESSORS(callback, Object)
5338 : DECL_ACCESSORS(named_interceptor, Object)
5339 : DECL_ACCESSORS(indexed_interceptor, Object)
5340 : DECL_ACCESSORS(data, Object)
5341 :
5342 : DECL_CAST(AccessCheckInfo)
5343 :
5344 : // Dispatched behavior.
5345 : DECL_PRINTER(AccessCheckInfo)
5346 : DECL_VERIFIER(AccessCheckInfo)
5347 :
5348 : static AccessCheckInfo* Get(Isolate* isolate, Handle<JSObject> receiver);
5349 :
5350 : static const int kCallbackOffset = HeapObject::kHeaderSize;
5351 : static const int kNamedInterceptorOffset = kCallbackOffset + kPointerSize;
5352 : static const int kIndexedInterceptorOffset =
5353 : kNamedInterceptorOffset + kPointerSize;
5354 : static const int kDataOffset = kIndexedInterceptorOffset + kPointerSize;
5355 : static const int kSize = kDataOffset + kPointerSize;
5356 :
5357 : private:
5358 : DISALLOW_IMPLICIT_CONSTRUCTORS(AccessCheckInfo);
5359 : };
5360 :
5361 :
5362 : class InterceptorInfo: public Struct {
5363 : public:
5364 : DECL_ACCESSORS(getter, Object)
5365 : DECL_ACCESSORS(setter, Object)
5366 : DECL_ACCESSORS(query, Object)
5367 : DECL_ACCESSORS(descriptor, Object)
5368 : DECL_ACCESSORS(deleter, Object)
5369 : DECL_ACCESSORS(enumerator, Object)
5370 : DECL_ACCESSORS(definer, Object)
5371 : DECL_ACCESSORS(data, Object)
5372 : DECL_BOOLEAN_ACCESSORS(can_intercept_symbols)
5373 : DECL_BOOLEAN_ACCESSORS(all_can_read)
5374 : DECL_BOOLEAN_ACCESSORS(non_masking)
5375 :
5376 : inline int flags() const;
5377 : inline void set_flags(int flags);
5378 :
5379 : DECL_CAST(InterceptorInfo)
5380 :
5381 : // Dispatched behavior.
5382 : DECL_PRINTER(InterceptorInfo)
5383 : DECL_VERIFIER(InterceptorInfo)
5384 :
5385 : static const int kGetterOffset = HeapObject::kHeaderSize;
5386 : static const int kSetterOffset = kGetterOffset + kPointerSize;
5387 : static const int kQueryOffset = kSetterOffset + kPointerSize;
5388 : static const int kDescriptorOffset = kQueryOffset + kPointerSize;
5389 : static const int kDeleterOffset = kDescriptorOffset + kPointerSize;
5390 : static const int kEnumeratorOffset = kDeleterOffset + kPointerSize;
5391 : static const int kDefinerOffset = kEnumeratorOffset + kPointerSize;
5392 : static const int kDataOffset = kDefinerOffset + kPointerSize;
5393 : static const int kFlagsOffset = kDataOffset + kPointerSize;
5394 : static const int kSize = kFlagsOffset + kPointerSize;
5395 :
5396 : static const int kCanInterceptSymbolsBit = 0;
5397 : static const int kAllCanReadBit = 1;
5398 : static const int kNonMasking = 2;
5399 :
5400 : private:
5401 : DISALLOW_IMPLICIT_CONSTRUCTORS(InterceptorInfo);
5402 : };
5403 :
5404 : class CallHandlerInfo : public Tuple2 {
5405 : public:
5406 : DECL_ACCESSORS(callback, Object)
5407 : DECL_ACCESSORS(data, Object)
5408 :
5409 : DECL_CAST(CallHandlerInfo)
5410 :
5411 : static const int kCallbackOffset = kValue1Offset;
5412 : static const int kDataOffset = kValue2Offset;
5413 :
5414 : private:
5415 : DISALLOW_IMPLICIT_CONSTRUCTORS(CallHandlerInfo);
5416 : };
5417 :
5418 :
5419 : class TemplateInfo: public Struct {
5420 : public:
5421 : DECL_ACCESSORS(tag, Object)
5422 : DECL_ACCESSORS(serial_number, Object)
5423 : DECL_INT_ACCESSORS(number_of_properties)
5424 : DECL_ACCESSORS(property_list, Object)
5425 : DECL_ACCESSORS(property_accessors, Object)
5426 :
5427 : DECL_VERIFIER(TemplateInfo)
5428 :
5429 : DECL_CAST(TemplateInfo)
5430 :
5431 : static const int kTagOffset = HeapObject::kHeaderSize;
5432 : static const int kSerialNumberOffset = kTagOffset + kPointerSize;
5433 : static const int kNumberOfProperties = kSerialNumberOffset + kPointerSize;
5434 : static const int kPropertyListOffset = kNumberOfProperties + kPointerSize;
5435 : static const int kPropertyAccessorsOffset =
5436 : kPropertyListOffset + kPointerSize;
5437 : static const int kHeaderSize = kPropertyAccessorsOffset + kPointerSize;
5438 :
5439 : static const int kFastTemplateInstantiationsCacheSize = 1 * KB;
5440 :
5441 : // While we could grow the slow cache until we run out of memory, we put
5442 : // a limit on it anyway to not crash for embedders that re-create templates
5443 : // instead of caching them.
5444 : static const int kSlowTemplateInstantiationsCacheSize = 1 * MB;
5445 :
5446 : private:
5447 : DISALLOW_IMPLICIT_CONSTRUCTORS(TemplateInfo);
5448 : };
5449 :
5450 : // See the api-exposed FunctionTemplate for more information.
5451 : class FunctionTemplateInfo: public TemplateInfo {
5452 : public:
5453 : // Handler invoked when calling an instance of this FunctionTemplateInfo.
5454 : // Either CallInfoHandler or Undefined.
5455 : DECL_ACCESSORS(call_code, Object)
5456 :
5457 : // ObjectTemplateInfo or Undefined, used for the prototype property of the
5458 : // resulting JSFunction instance of this FunctionTemplate.
5459 : DECL_ACCESSORS(prototype_template, Object)
5460 :
5461 : // In the case the prototype_template is Undefined we use the
5462 : // protoype_provider_template to retrieve the instance prototype. Either
5463 : // contains an ObjectTemplateInfo or Undefined.
5464 : DECL_ACCESSORS(prototype_provider_template, Object)
5465 :
5466 : // Used to create protoype chains. The parent_template's prototype is set as
5467 : // __proto__ of this FunctionTemplate's instance prototype. Is either a
5468 : // FunctionTemplateInfo or Undefined.
5469 : DECL_ACCESSORS(parent_template, Object)
5470 :
5471 : // Returns an InterceptorInfo or Undefined for named properties.
5472 : DECL_ACCESSORS(named_property_handler, Object)
5473 : // Returns an InterceptorInfo or Undefined for indexed properties/elements.
5474 : DECL_ACCESSORS(indexed_property_handler, Object)
5475 :
5476 : // An ObjectTemplateInfo that is used when instantiating the JSFunction
5477 : // associated with this FunctionTemplateInfo. Contains either an
5478 : // ObjectTemplateInfo or Undefined. A default instance_template is assigned
5479 : // upon first instantiation if it's Undefined.
5480 : DECL_ACCESSORS(instance_template, Object)
5481 :
5482 : DECL_ACCESSORS(class_name, Object)
5483 :
5484 : // If the signature is a FunctionTemplateInfo it is used to check whether the
5485 : // receiver calling the associated JSFunction is a compatible receiver, i.e.
5486 : // it is an instance of the signare FunctionTemplateInfo or any of the
5487 : // receiver's prototypes are.
5488 : DECL_ACCESSORS(signature, Object)
5489 :
5490 : // Either a CallHandlerInfo or Undefined. If an instance_call_handler is
5491 : // provided the instances created from the associated JSFunction are marked as
5492 : // callable.
5493 : DECL_ACCESSORS(instance_call_handler, Object)
5494 :
5495 : DECL_ACCESSORS(access_check_info, Object)
5496 : DECL_ACCESSORS(shared_function_info, Object)
5497 :
5498 : // Internal field to store a flag bitfield.
5499 : DECL_INT_ACCESSORS(flag)
5500 :
5501 : // "length" property of the final JSFunction.
5502 : DECL_INT_ACCESSORS(length)
5503 :
5504 : // Either the_hole or a private symbol. Used to cache the result on
5505 : // the receiver under the the cached_property_name when this
5506 : // FunctionTemplateInfo is used as a getter.
5507 : DECL_ACCESSORS(cached_property_name, Object)
5508 :
5509 : // Begin flag bits ---------------------
5510 : DECL_BOOLEAN_ACCESSORS(hidden_prototype)
5511 : DECL_BOOLEAN_ACCESSORS(undetectable)
5512 :
5513 : // If set, object instances created by this function
5514 : // requires access check.
5515 : DECL_BOOLEAN_ACCESSORS(needs_access_check)
5516 :
5517 : DECL_BOOLEAN_ACCESSORS(read_only_prototype)
5518 :
5519 : // If set, do not create a prototype property for the associated
5520 : // JSFunction. This bit implies that neither the prototype_template nor the
5521 : // prototype_provoider_template are instantiated.
5522 : DECL_BOOLEAN_ACCESSORS(remove_prototype)
5523 :
5524 : // If set, do not attach a serial number to this FunctionTemplate and thus do
5525 : // not keep an instance boilerplate around.
5526 : DECL_BOOLEAN_ACCESSORS(do_not_cache)
5527 :
5528 : // If not set an access may be performed on calling the associated JSFunction.
5529 : DECL_BOOLEAN_ACCESSORS(accept_any_receiver)
5530 : // End flag bits ---------------------
5531 :
5532 : DECL_CAST(FunctionTemplateInfo)
5533 :
5534 : // Dispatched behavior.
5535 : DECL_PRINTER(FunctionTemplateInfo)
5536 : DECL_VERIFIER(FunctionTemplateInfo)
5537 :
5538 : static const int kInvalidSerialNumber = 0;
5539 :
5540 : static const int kCallCodeOffset = TemplateInfo::kHeaderSize;
5541 : static const int kPrototypeTemplateOffset =
5542 : kCallCodeOffset + kPointerSize;
5543 : static const int kPrototypeProviderTemplateOffset =
5544 : kPrototypeTemplateOffset + kPointerSize;
5545 : static const int kParentTemplateOffset =
5546 : kPrototypeProviderTemplateOffset + kPointerSize;
5547 : static const int kNamedPropertyHandlerOffset =
5548 : kParentTemplateOffset + kPointerSize;
5549 : static const int kIndexedPropertyHandlerOffset =
5550 : kNamedPropertyHandlerOffset + kPointerSize;
5551 : static const int kInstanceTemplateOffset =
5552 : kIndexedPropertyHandlerOffset + kPointerSize;
5553 : static const int kClassNameOffset = kInstanceTemplateOffset + kPointerSize;
5554 : static const int kSignatureOffset = kClassNameOffset + kPointerSize;
5555 : static const int kInstanceCallHandlerOffset = kSignatureOffset + kPointerSize;
5556 : static const int kAccessCheckInfoOffset =
5557 : kInstanceCallHandlerOffset + kPointerSize;
5558 : static const int kSharedFunctionInfoOffset =
5559 : kAccessCheckInfoOffset + kPointerSize;
5560 : static const int kFlagOffset = kSharedFunctionInfoOffset + kPointerSize;
5561 : static const int kLengthOffset = kFlagOffset + kPointerSize;
5562 : static const int kCachedPropertyNameOffset = kLengthOffset + kPointerSize;
5563 : static const int kSize = kCachedPropertyNameOffset + kPointerSize;
5564 :
5565 : static Handle<SharedFunctionInfo> GetOrCreateSharedFunctionInfo(
5566 : Isolate* isolate, Handle<FunctionTemplateInfo> info,
5567 : MaybeHandle<Name> maybe_name);
5568 : // Returns parent function template or null.
5569 : inline FunctionTemplateInfo* GetParent(Isolate* isolate);
5570 : // Returns true if |object| is an instance of this function template.
5571 : inline bool IsTemplateFor(JSObject* object);
5572 : bool IsTemplateFor(Map* map);
5573 : inline bool instantiated();
5574 :
5575 : // Helper function for cached accessors.
5576 : static MaybeHandle<Name> TryGetCachedPropertyName(Isolate* isolate,
5577 : Handle<Object> getter);
5578 :
5579 : private:
5580 : // Bit position in the flag, from least significant bit position.
5581 : static const int kHiddenPrototypeBit = 0;
5582 : static const int kUndetectableBit = 1;
5583 : static const int kNeedsAccessCheckBit = 2;
5584 : static const int kReadOnlyPrototypeBit = 3;
5585 : static const int kRemovePrototypeBit = 4;
5586 : static const int kDoNotCacheBit = 5;
5587 : static const int kAcceptAnyReceiver = 6;
5588 :
5589 : DISALLOW_IMPLICIT_CONSTRUCTORS(FunctionTemplateInfo);
5590 : };
5591 :
5592 :
5593 : class ObjectTemplateInfo: public TemplateInfo {
5594 : public:
5595 : DECL_ACCESSORS(constructor, Object)
5596 : DECL_ACCESSORS(data, Object)
5597 : DECL_INT_ACCESSORS(embedder_field_count)
5598 : DECL_BOOLEAN_ACCESSORS(immutable_proto)
5599 :
5600 : DECL_CAST(ObjectTemplateInfo)
5601 :
5602 : // Dispatched behavior.
5603 : DECL_PRINTER(ObjectTemplateInfo)
5604 : DECL_VERIFIER(ObjectTemplateInfo)
5605 :
5606 : static const int kConstructorOffset = TemplateInfo::kHeaderSize;
5607 : // LSB is for immutable_proto, higher bits for embedder_field_count
5608 : static const int kDataOffset = kConstructorOffset + kPointerSize;
5609 : static const int kSize = kDataOffset + kPointerSize;
5610 :
5611 : // Starting from given object template's constructor walk up the inheritance
5612 : // chain till a function template that has an instance template is found.
5613 : inline ObjectTemplateInfo* GetParent(Isolate* isolate);
5614 :
5615 : private:
5616 : class IsImmutablePrototype : public BitField<bool, 0, 1> {};
5617 : class EmbedderFieldCount
5618 : : public BitField<int, IsImmutablePrototype::kNext, 29> {};
5619 : };
5620 :
5621 : class StackFrameInfo : public Struct {
5622 : public:
5623 : DECL_INT_ACCESSORS(line_number)
5624 : DECL_INT_ACCESSORS(column_number)
5625 : DECL_INT_ACCESSORS(script_id)
5626 : DECL_ACCESSORS(script_name, Object)
5627 : DECL_ACCESSORS(script_name_or_source_url, Object)
5628 : DECL_ACCESSORS(function_name, Object)
5629 : DECL_BOOLEAN_ACCESSORS(is_eval)
5630 : DECL_BOOLEAN_ACCESSORS(is_constructor)
5631 : DECL_BOOLEAN_ACCESSORS(is_wasm)
5632 : DECL_INT_ACCESSORS(flag)
5633 : DECL_INT_ACCESSORS(id)
5634 :
5635 : DECL_CAST(StackFrameInfo)
5636 :
5637 : // Dispatched behavior.
5638 : DECL_PRINTER(StackFrameInfo)
5639 : DECL_VERIFIER(StackFrameInfo)
5640 :
5641 : static const int kLineNumberIndex = Struct::kHeaderSize;
5642 : static const int kColumnNumberIndex = kLineNumberIndex + kPointerSize;
5643 : static const int kScriptIdIndex = kColumnNumberIndex + kPointerSize;
5644 : static const int kScriptNameIndex = kScriptIdIndex + kPointerSize;
5645 : static const int kScriptNameOrSourceUrlIndex =
5646 : kScriptNameIndex + kPointerSize;
5647 : static const int kFunctionNameIndex =
5648 : kScriptNameOrSourceUrlIndex + kPointerSize;
5649 : static const int kFlagIndex = kFunctionNameIndex + kPointerSize;
5650 : static const int kIdIndex = kFlagIndex + kPointerSize;
5651 : static const int kSize = kIdIndex + kPointerSize;
5652 :
5653 : private:
5654 : // Bit position in the flag, from least significant bit position.
5655 : static const int kIsEvalBit = 0;
5656 : static const int kIsConstructorBit = 1;
5657 : static const int kIsWasmBit = 2;
5658 :
5659 : DISALLOW_IMPLICIT_CONSTRUCTORS(StackFrameInfo);
5660 : };
5661 :
5662 : class SourcePositionTableWithFrameCache : public Tuple2 {
5663 : public:
5664 : DECL_ACCESSORS(source_position_table, ByteArray)
5665 : DECL_ACCESSORS(stack_frame_cache, UnseededNumberDictionary)
5666 :
5667 : DECL_CAST(SourcePositionTableWithFrameCache)
5668 :
5669 : static const int kSourcePositionTableIndex = Struct::kHeaderSize;
5670 : static const int kStackFrameCacheIndex =
5671 : kSourcePositionTableIndex + kPointerSize;
5672 : static const int kSize = kStackFrameCacheIndex + kPointerSize;
5673 :
5674 : private:
5675 : DISALLOW_IMPLICIT_CONSTRUCTORS(SourcePositionTableWithFrameCache);
5676 : };
5677 :
5678 : // BooleanBit is a helper class for setting and getting a bit in an integer.
5679 : class BooleanBit : public AllStatic {
5680 : public:
5681 : static inline bool get(int value, int bit_position) {
5682 126037345 : return (value & (1 << bit_position)) != 0;
5683 : }
5684 :
5685 : static inline int set(int value, int bit_position, bool v) {
5686 16929166 : if (v) {
5687 7288802 : value |= (1 << bit_position);
5688 : } else {
5689 9640364 : value &= ~(1 << bit_position);
5690 : }
5691 : return value;
5692 : }
5693 : };
5694 :
5695 :
5696 : } // NOLINT, false-positive due to second-order macros.
5697 : } // NOLINT, false-positive due to second-order macros.
5698 :
5699 : #include "src/objects/object-macros-undef.h"
5700 :
5701 : #endif // V8_OBJECTS_H_
|
