Upgrade V8 to version 4.9.385.28
https://chromium.googlesource.com/v8/v8/+/4.9.385.28
FPIIM-449
Change-Id: I4b2e74289d4bf3667f2f3dc8aa2e541f63e26eb4
diff --git a/src/factory.h b/src/factory.h
index 24a6647..01a2f7e 100644
--- a/src/factory.h
+++ b/src/factory.h
@@ -6,18 +6,17 @@
#define V8_FACTORY_H_
#include "src/isolate.h"
+#include "src/messages.h"
+#include "src/type-feedback-vector.h"
namespace v8 {
namespace internal {
-class FeedbackVectorSpec;
-
// Interface for handle based allocation.
-class Factory FINAL {
+class Factory final {
public:
- Handle<Oddball> NewOddball(Handle<Map> map,
- const char* to_string,
- Handle<Object> to_number,
+ Handle<Oddball> NewOddball(Handle<Map> map, const char* to_string,
+ Handle<Object> to_number, const char* type_of,
byte kind);
// Allocates a fixed array initialized with undefined values.
@@ -45,19 +44,20 @@
int size,
PretenureFlag pretenure = NOT_TENURED);
- Handle<ConstantPoolArray> NewConstantPoolArray(
- const ConstantPoolArray::NumberOfEntries& small);
-
- Handle<ConstantPoolArray> NewExtendedConstantPoolArray(
- const ConstantPoolArray::NumberOfEntries& small,
- const ConstantPoolArray::NumberOfEntries& extended);
-
Handle<OrderedHashSet> NewOrderedHashSet();
Handle<OrderedHashMap> NewOrderedHashMap();
// Create a new boxed value.
Handle<Box> NewBox(Handle<Object> value);
+ // Create a new PrototypeInfo struct.
+ Handle<PrototypeInfo> NewPrototypeInfo();
+
+ // Create a new SloppyBlockWithEvalContextExtension struct.
+ Handle<SloppyBlockWithEvalContextExtension>
+ NewSloppyBlockWithEvalContextExtension(Handle<ScopeInfo> scope_info,
+ Handle<JSObject> extension);
+
// Create a pre-tenured empty AccessorPair.
Handle<AccessorPair> NewAccessorPair();
@@ -80,6 +80,8 @@
template<class StringTableKey>
Handle<String> InternalizeStringWithKey(StringTableKey* key);
+ Handle<Name> InternalizeName(Handle<Name> name);
+
// String creation functions. Most of the string creation functions take
// a Heap::PretenureFlag argument to optionally request that they be
@@ -155,24 +157,21 @@
// Allocates an internalized string in old space based on the character
// stream.
- MUST_USE_RESULT Handle<String> NewInternalizedStringFromUtf8(
- Vector<const char> str,
- int chars,
- uint32_t hash_field);
+ Handle<String> NewInternalizedStringFromUtf8(Vector<const char> str,
+ int chars, uint32_t hash_field);
- MUST_USE_RESULT Handle<String> NewOneByteInternalizedString(
- Vector<const uint8_t> str, uint32_t hash_field);
+ Handle<String> NewOneByteInternalizedString(Vector<const uint8_t> str,
+ uint32_t hash_field);
- MUST_USE_RESULT Handle<String> NewOneByteInternalizedSubString(
+ Handle<String> NewOneByteInternalizedSubString(
Handle<SeqOneByteString> string, int offset, int length,
uint32_t hash_field);
- MUST_USE_RESULT Handle<String> NewTwoByteInternalizedString(
- Vector<const uc16> str,
- uint32_t hash_field);
+ Handle<String> NewTwoByteInternalizedString(Vector<const uc16> str,
+ uint32_t hash_field);
- MUST_USE_RESULT Handle<String> NewInternalizedStringImpl(
- Handle<String> string, int chars, uint32_t hash_field);
+ Handle<String> NewInternalizedStringImpl(Handle<String> string, int chars,
+ uint32_t hash_field);
// Compute the matching internalized string map for a string if possible.
// Empty handle is returned if string is in new space or not flattened.
@@ -221,7 +220,6 @@
// Create a symbol.
Handle<Symbol> NewSymbol();
Handle<Symbol> NewPrivateSymbol();
- Handle<Symbol> NewPrivateOwnSymbol();
// Create a global (but otherwise uninitialized) context.
Handle<Context> NewNativeContext();
@@ -264,10 +262,6 @@
Handle<AliasedArgumentsEntry> NewAliasedArgumentsEntry(
int aliased_context_slot);
- Handle<DeclaredAccessorDescriptor> NewDeclaredAccessorDescriptor();
-
- Handle<DeclaredAccessorInfo> NewDeclaredAccessorInfo();
-
Handle<ExecutableAccessorInfo> NewExecutableAccessorInfo();
Handle<Script> NewScript(Handle<String> source);
@@ -283,25 +277,26 @@
Handle<ByteArray> NewByteArray(int length,
PretenureFlag pretenure = NOT_TENURED);
- Handle<ExternalArray> NewExternalArray(
- int length,
- ExternalArrayType array_type,
- void* external_pointer,
+ Handle<BytecodeArray> NewBytecodeArray(int length, const byte* raw_bytecodes,
+ int frame_size, int parameter_count,
+ Handle<FixedArray> constant_pool);
+
+ Handle<FixedTypedArrayBase> NewFixedTypedArrayWithExternalPointer(
+ int length, ExternalArrayType array_type, void* external_pointer,
PretenureFlag pretenure = NOT_TENURED);
Handle<FixedTypedArrayBase> NewFixedTypedArray(
- int length,
- ExternalArrayType array_type,
+ int length, ExternalArrayType array_type, bool initialize,
PretenureFlag pretenure = NOT_TENURED);
Handle<Cell> NewCell(Handle<Object> value);
- Handle<PropertyCell> NewPropertyCellWithHole();
-
- Handle<PropertyCell> NewPropertyCell(Handle<Object> value);
+ Handle<PropertyCell> NewPropertyCell();
Handle<WeakCell> NewWeakCell(Handle<HeapObject> value);
+ Handle<TransitionArray> NewTransitionArray(int capacity);
+
// Allocate a tenured AllocationSite. It's payload is null.
Handle<AllocationSite> NewAllocationSite();
@@ -324,6 +319,10 @@
Handle<FixedArray> CopyFixedArrayWithMap(Handle<FixedArray> array,
Handle<Map> map);
+ Handle<FixedArray> CopyFixedArrayAndGrow(
+ Handle<FixedArray> array, int grow_by,
+ PretenureFlag pretenure = NOT_TENURED);
+
Handle<FixedArray> CopyFixedArray(Handle<FixedArray> array);
// This method expects a COW array in new space, and creates a copy
@@ -333,9 +332,6 @@
Handle<FixedDoubleArray> CopyFixedDoubleArray(
Handle<FixedDoubleArray> array);
- Handle<ConstantPoolArray> CopyConstantPoolArray(
- Handle<ConstantPoolArray> array);
-
// Numbers (e.g. literals) are pretenured by the parser.
// The return value may be a smi or a heap number.
Handle<Object> NewNumber(double value,
@@ -347,7 +343,9 @@
PretenureFlag pretenure = NOT_TENURED);
Handle<Object> NewNumberFromSize(size_t value,
PretenureFlag pretenure = NOT_TENURED) {
- if (Smi::IsValid(static_cast<intptr_t>(value))) {
+ // We can't use Smi::IsValid() here because that operates on a signed
+ // intptr_t, and casting from size_t could create a bogus sign bit.
+ if (value <= static_cast<size_t>(Smi::kMaxValue)) {
return Handle<Object>(Smi::FromIntptr(static_cast<intptr_t>(value)),
isolate());
}
@@ -357,12 +355,20 @@
MutableMode mode = IMMUTABLE,
PretenureFlag pretenure = NOT_TENURED);
+#define SIMD128_NEW_DECL(TYPE, Type, type, lane_count, lane_type) \
+ Handle<Type> New##Type(lane_type lanes[lane_count], \
+ PretenureFlag pretenure = NOT_TENURED);
+ SIMD128_TYPES(SIMD128_NEW_DECL)
+#undef SIMD128_NEW_DECL
+
// These objects are used by the api to create env-independent data
// structures in the heap.
inline Handle<JSObject> NewNeanderObject() {
return NewJSObjectFromMap(neander_map());
}
+ Handle<JSWeakMap> NewJSWeakMap();
+
Handle<JSObject> NewArgumentsObject(Handle<JSFunction> callee, int length);
// JS objects are pretenured when allocated by the bootstrapper and
@@ -374,14 +380,13 @@
Handle<AllocationSite> site);
// Global objects are pretenured and initialized based on a constructor.
- Handle<GlobalObject> NewGlobalObject(Handle<JSFunction> constructor);
+ Handle<JSGlobalObject> NewJSGlobalObject(Handle<JSFunction> constructor);
// JS objects are pretenured when allocated by the bootstrapper and
// runtime.
Handle<JSObject> NewJSObjectFromMap(
Handle<Map> map,
PretenureFlag pretenure = NOT_TENURED,
- bool allocate_properties = true,
Handle<AllocationSite> allocation_site = Handle<AllocationSite>::null());
// JS modules are pretenured.
@@ -391,41 +396,42 @@
// JS arrays are pretenured when allocated by the parser.
// Create a JSArray with no elements.
- Handle<JSArray> NewJSArray(
- ElementsKind elements_kind,
- PretenureFlag pretenure = NOT_TENURED);
+ Handle<JSArray> NewJSArray(ElementsKind elements_kind,
+ Strength strength = Strength::WEAK,
+ PretenureFlag pretenure = NOT_TENURED);
// Create a JSArray with a specified length and elements initialized
// according to the specified mode.
Handle<JSArray> NewJSArray(
ElementsKind elements_kind, int length, int capacity,
+ Strength strength = Strength::WEAK,
ArrayStorageAllocationMode mode = DONT_INITIALIZE_ARRAY_ELEMENTS,
PretenureFlag pretenure = NOT_TENURED);
Handle<JSArray> NewJSArray(
- int capacity,
- ElementsKind elements_kind = TERMINAL_FAST_ELEMENTS_KIND,
+ int capacity, ElementsKind elements_kind = TERMINAL_FAST_ELEMENTS_KIND,
+ Strength strength = Strength::WEAK,
PretenureFlag pretenure = NOT_TENURED) {
if (capacity != 0) {
elements_kind = GetHoleyElementsKind(elements_kind);
}
- return NewJSArray(elements_kind, 0, capacity,
+ return NewJSArray(elements_kind, 0, capacity, strength,
INITIALIZE_ARRAY_ELEMENTS_WITH_HOLE, pretenure);
}
// Create a JSArray with the given elements.
- Handle<JSArray> NewJSArrayWithElements(
- Handle<FixedArrayBase> elements,
- ElementsKind elements_kind,
- int length,
- PretenureFlag pretenure = NOT_TENURED);
+ Handle<JSArray> NewJSArrayWithElements(Handle<FixedArrayBase> elements,
+ ElementsKind elements_kind, int length,
+ Strength strength = Strength::WEAK,
+ PretenureFlag pretenure = NOT_TENURED);
Handle<JSArray> NewJSArrayWithElements(
Handle<FixedArrayBase> elements,
ElementsKind elements_kind = TERMINAL_FAST_ELEMENTS_KIND,
+ Strength strength = Strength::WEAK,
PretenureFlag pretenure = NOT_TENURED) {
- return NewJSArrayWithElements(
- elements, elements_kind, elements->length(), pretenure);
+ return NewJSArrayWithElements(elements, elements_kind, elements->length(),
+ strength, pretenure);
}
void NewJSArrayStorage(
@@ -436,31 +442,51 @@
Handle<JSGeneratorObject> NewJSGeneratorObject(Handle<JSFunction> function);
- Handle<JSArrayBuffer> NewJSArrayBuffer();
+ Handle<JSArrayBuffer> NewJSArrayBuffer(
+ SharedFlag shared = SharedFlag::kNotShared,
+ PretenureFlag pretenure = NOT_TENURED);
- Handle<JSTypedArray> NewJSTypedArray(ExternalArrayType type);
+ Handle<JSTypedArray> NewJSTypedArray(ExternalArrayType type,
+ PretenureFlag pretenure = NOT_TENURED);
+
+ Handle<JSTypedArray> NewJSTypedArray(ElementsKind elements_kind,
+ PretenureFlag pretenure = NOT_TENURED);
// Creates a new JSTypedArray with the specified buffer.
Handle<JSTypedArray> NewJSTypedArray(ExternalArrayType type,
Handle<JSArrayBuffer> buffer,
- size_t byte_offset, size_t length);
+ size_t byte_offset, size_t length,
+ PretenureFlag pretenure = NOT_TENURED);
+
+ // Creates a new on-heap JSTypedArray.
+ Handle<JSTypedArray> NewJSTypedArray(ElementsKind elements_kind,
+ size_t number_of_elements,
+ PretenureFlag pretenure = NOT_TENURED);
Handle<JSDataView> NewJSDataView();
Handle<JSDataView> NewJSDataView(Handle<JSArrayBuffer> buffer,
size_t byte_offset, size_t byte_length);
+ Handle<JSMap> NewJSMap();
+ Handle<JSSet> NewJSSet();
+
// TODO(aandrey): Maybe these should take table, index and kind arguments.
Handle<JSMapIterator> NewJSMapIterator();
Handle<JSSetIterator> NewJSSetIterator();
- // Allocates a Harmony proxy.
- Handle<JSProxy> NewJSProxy(Handle<Object> handler, Handle<Object> prototype);
+ // Creates a new JSIteratorResult object with the arguments {value} and
+ // {done}. Implemented according to ES6 section 7.4.7 CreateIterResultObject.
+ Handle<JSIteratorResult> NewJSIteratorResult(Handle<Object> value,
+ Handle<Object> done);
- // Allocates a Harmony function proxy.
- Handle<JSProxy> NewJSFunctionProxy(Handle<Object> handler,
- Handle<Object> call_trap,
- Handle<Object> construct_trap,
- Handle<Object> prototype);
+ // Allocates a bound function.
+ MaybeHandle<JSBoundFunction> NewJSBoundFunction(
+ Handle<JSReceiver> target_function, Handle<Object> bound_this,
+ Vector<Handle<Object>> bound_args);
+
+ // Allocates a Harmony proxy.
+ Handle<JSProxy> NewJSProxy(Handle<JSReceiver> target,
+ Handle<JSReceiver> handler);
// Reinitialize an JSGlobalProxy based on a constructor. The object
// must have the same size as objects allocated using the
@@ -469,32 +495,37 @@
void ReinitializeJSGlobalProxy(Handle<JSGlobalProxy> global,
Handle<JSFunction> constructor);
- // Change the type of the argument into a JS object/function and reinitialize.
- void BecomeJSObject(Handle<JSProxy> object);
- void BecomeJSFunction(Handle<JSProxy> object);
+ Handle<JSGlobalProxy> NewUninitializedJSGlobalProxy();
- Handle<JSFunction> NewFunction(Handle<String> name,
- Handle<Code> code,
+ Handle<JSFunction> NewFunction(Handle<String> name, Handle<Code> code,
Handle<Object> prototype,
- bool read_only_prototype = false);
+ bool read_only_prototype = false,
+ bool is_strict = false);
Handle<JSFunction> NewFunction(Handle<String> name);
Handle<JSFunction> NewFunctionWithoutPrototype(Handle<String> name,
- Handle<Code> code);
+ Handle<Code> code,
+ bool is_strict = false);
Handle<JSFunction> NewFunctionFromSharedFunctionInfo(
- Handle<SharedFunctionInfo> function_info,
- Handle<Context> context,
+ Handle<Map> initial_map, Handle<SharedFunctionInfo> function_info,
+ Handle<Context> context, PretenureFlag pretenure = TENURED);
+
+ Handle<JSFunction> NewFunctionFromSharedFunctionInfo(
+ Handle<SharedFunctionInfo> function_info, Handle<Context> context,
PretenureFlag pretenure = TENURED);
Handle<JSFunction> NewFunction(Handle<String> name, Handle<Code> code,
Handle<Object> prototype, InstanceType type,
int instance_size,
bool read_only_prototype = false,
- bool install_constructor = false);
+ bool install_constructor = false,
+ bool is_strict = false);
Handle<JSFunction> NewFunction(Handle<String> name,
Handle<Code> code,
InstanceType type,
int instance_size);
+ Handle<JSFunction> NewFunction(Handle<Map> map, Handle<String> name,
+ MaybeHandle<Code> maybe_code);
// Create a serialized scope info.
Handle<ScopeInfo> NewScopeInfo(int length);
@@ -518,41 +549,31 @@
Handle<Code> CopyCode(Handle<Code> code, Vector<byte> reloc_info);
// Interface for creating error objects.
+ Handle<Object> NewError(Handle<JSFunction> constructor,
+ Handle<String> message);
- MaybeHandle<Object> NewError(const char* maker, const char* message,
- Handle<JSArray> args);
- Handle<String> EmergencyNewError(const char* message, Handle<JSArray> args);
- MaybeHandle<Object> NewError(const char* maker, const char* message,
- Vector<Handle<Object> > args);
- MaybeHandle<Object> NewError(const char* message,
- Vector<Handle<Object> > args);
- MaybeHandle<Object> NewError(Handle<String> message);
- MaybeHandle<Object> NewError(const char* constructor, Handle<String> message);
-
- MaybeHandle<Object> NewTypeError(const char* message,
- Vector<Handle<Object> > args);
- MaybeHandle<Object> NewTypeError(Handle<String> message);
-
- MaybeHandle<Object> NewRangeError(const char* message,
- Vector<Handle<Object> > args);
- MaybeHandle<Object> NewRangeError(Handle<String> message);
-
- MaybeHandle<Object> NewInvalidStringLengthError() {
- return NewRangeError("invalid_string_length",
- HandleVector<Object>(NULL, 0));
+ Handle<Object> NewInvalidStringLengthError() {
+ return NewRangeError(MessageTemplate::kInvalidStringLength);
}
- MaybeHandle<Object> NewSyntaxError(const char* message, Handle<JSArray> args);
- MaybeHandle<Object> NewSyntaxError(Handle<String> message);
+ Handle<Object> NewError(Handle<JSFunction> constructor,
+ MessageTemplate::Template template_index,
+ Handle<Object> arg0 = Handle<Object>(),
+ Handle<Object> arg1 = Handle<Object>(),
+ Handle<Object> arg2 = Handle<Object>());
- MaybeHandle<Object> NewReferenceError(const char* message,
- Vector<Handle<Object> > args);
- MaybeHandle<Object> NewReferenceError(const char* message,
- Handle<JSArray> args);
- MaybeHandle<Object> NewReferenceError(Handle<String> message);
-
- MaybeHandle<Object> NewEvalError(const char* message,
- Vector<Handle<Object> > args);
+#define DECLARE_ERROR(NAME) \
+ Handle<Object> New##NAME(MessageTemplate::Template template_index, \
+ Handle<Object> arg0 = Handle<Object>(), \
+ Handle<Object> arg1 = Handle<Object>(), \
+ Handle<Object> arg2 = Handle<Object>());
+ DECLARE_ERROR(Error)
+ DECLARE_ERROR(EvalError)
+ DECLARE_ERROR(RangeError)
+ DECLARE_ERROR(ReferenceError)
+ DECLARE_ERROR(SyntaxError)
+ DECLARE_ERROR(TypeError)
+#undef DEFINE_ERROR
Handle<String> NumberToString(Handle<Object> number,
bool check_number_string_cache = true);
@@ -561,25 +582,8 @@
return NumberToString(NewNumberFromUint(value));
}
- enum ApiInstanceType {
- JavaScriptObjectType,
- GlobalObjectType,
- GlobalProxyType
- };
-
- Handle<JSFunction> CreateApiFunction(
- Handle<FunctionTemplateInfo> data,
- Handle<Object> prototype,
- ApiInstanceType type = JavaScriptObjectType);
-
Handle<JSFunction> InstallMembers(Handle<JSFunction> function);
- // Installs interceptors on the instance. 'desc' is a function template,
- // and instance is an object instance created by the function of this
- // function template.
- MUST_USE_RESULT MaybeHandle<FunctionTemplateInfo> ConfigureInstance(
- Handle<FunctionTemplateInfo> desc, Handle<JSObject> instance);
-
#define ROOT_ACCESSOR(type, name, camel_name) \
inline Handle<type> name() { \
return Handle<type>(bit_cast<type**>( \
@@ -612,42 +616,31 @@
PRIVATE_SYMBOL_LIST(SYMBOL_ACCESSOR)
#undef SYMBOL_ACCESSOR
-#define SYMBOL_ACCESSOR(name, varname, description) \
+#define SYMBOL_ACCESSOR(name, description) \
inline Handle<Symbol> name() { \
return Handle<Symbol>(bit_cast<Symbol**>( \
&isolate()->heap()->roots_[Heap::k##name##RootIndex])); \
}
PUBLIC_SYMBOL_LIST(SYMBOL_ACCESSOR)
+ WELL_KNOWN_SYMBOL_LIST(SYMBOL_ACCESSOR)
#undef SYMBOL_ACCESSOR
- inline void set_string_table(Handle<StringTable> table) {
- isolate()->heap()->set_string_table(*table);
- }
-
- Handle<String> hidden_string() {
- return Handle<String>(&isolate()->heap()->hidden_string_);
- }
-
// Allocates a new SharedFunctionInfo object.
Handle<SharedFunctionInfo> NewSharedFunctionInfo(
Handle<String> name, int number_of_literals, FunctionKind kind,
Handle<Code> code, Handle<ScopeInfo> scope_info,
Handle<TypeFeedbackVector> feedback_vector);
Handle<SharedFunctionInfo> NewSharedFunctionInfo(Handle<String> name,
- MaybeHandle<Code> code);
-
- // Allocate a new type feedback vector
- Handle<TypeFeedbackVector> NewTypeFeedbackVector(
- const FeedbackVectorSpec& spec);
+ MaybeHandle<Code> code,
+ bool is_constructor);
// Allocates a new JSMessageObject object.
- Handle<JSMessageObject> NewJSMessageObject(
- Handle<String> type,
- Handle<JSArray> arguments,
- int start_position,
- int end_position,
- Handle<Object> script,
- Handle<Object> stack_frames);
+ Handle<JSMessageObject> NewJSMessageObject(MessageTemplate::Template message,
+ Handle<Object> argument,
+ int start_position,
+ int end_position,
+ Handle<Object> script,
+ Handle<Object> stack_frames);
Handle<DebugInfo> NewDebugInfo(Handle<SharedFunctionInfo> shared);
@@ -655,6 +648,7 @@
// native context.
Handle<Map> ObjectLiteralMapFromCache(Handle<Context> context,
int number_of_properties,
+ bool is_strong,
bool* is_result_from_cache);
// Creates a new FixedArray that holds the data associated with the
@@ -676,7 +670,7 @@
// Returns the value for a known global constant (a property of the global
// object which is neither configurable nor writable) like 'undefined'.
// Returns a null handle when the given name is unknown.
- Handle<Object> GlobalConstantFor(Handle<String> name);
+ Handle<Object> GlobalConstantFor(Handle<Name> name);
// Converts the given boolean condition to JavaScript boolean value.
Handle<Object> ToBoolean(bool value);
@@ -705,31 +699,14 @@
// Update the cache with a new number-string pair.
void SetNumberStringCache(Handle<Object> number, Handle<String> string);
- // Initializes a function with a shared part and prototype.
- // Note: this code was factored out of NewFunction such that other parts of
- // the VM could use it. Specifically, a function that creates instances of
- // type JS_FUNCTION_TYPE benefit from the use of this function.
- inline void InitializeFunction(Handle<JSFunction> function,
- Handle<SharedFunctionInfo> info,
- Handle<Context> context);
-
// Creates a function initialized with a shared part.
Handle<JSFunction> NewFunction(Handle<Map> map,
Handle<SharedFunctionInfo> info,
Handle<Context> context,
PretenureFlag pretenure = TENURED);
-
- Handle<JSFunction> NewFunction(Handle<Map> map,
- Handle<String> name,
- MaybeHandle<Code> maybe_code);
-
- // Reinitialize a JSProxy into an (empty) JS object of respective type and
- // size, but keeping the original prototype. The receiver must have at least
- // the size of the new object. The object is reinitialized and behaves as an
- // object that has been freshly allocated.
- void ReinitializeJSProxy(Handle<JSProxy> proxy, InstanceType type, int size);
};
-} } // namespace v8::internal
+} // namespace internal
+} // namespace v8
#endif // V8_FACTORY_H_