Upgrade V8 to version 4.9.385.28
https://chromium.googlesource.com/v8/v8/+/4.9.385.28
FPIIM-449
Change-Id: I4b2e74289d4bf3667f2f3dc8aa2e541f63e26eb4
diff --git a/src/json-stringifier.h b/src/json-stringifier.h
index 393551d..5c0459e 100644
--- a/src/json-stringifier.h
+++ b/src/json-stringifier.h
@@ -5,9 +5,9 @@
#ifndef V8_JSON_STRINGIFIER_H_
#define V8_JSON_STRINGIFIER_H_
-#include "src/v8.h"
-
#include "src/conversions.h"
+#include "src/lookup.h"
+#include "src/messages.h"
#include "src/string-builder.h"
#include "src/utils.h"
@@ -82,7 +82,8 @@
INLINE(Result SerializeJSArray(Handle<JSArray> object));
INLINE(Result SerializeJSObject(Handle<JSObject> object));
- Result SerializeJSArraySlow(Handle<JSArray> object, uint32_t length);
+ Result SerializeJSArraySlow(Handle<JSArray> object, uint32_t start,
+ uint32_t length);
void SerializeString(Handle<String> object);
@@ -222,6 +223,7 @@
SerializeStringUnchecked_(object->GetFlatContent().ToOneByteVector(),
&no_extend);
no_extend.Append('\"');
+ return no_extend.Finalize();
} else {
result = isolate->factory()
->NewRawTwoByteString(worst_case_length)
@@ -232,8 +234,8 @@
SerializeStringUnchecked_(object->GetFlatContent().ToUC16Vector(),
&no_extend);
no_extend.Append('\"');
+ return no_extend.Finalize();
}
- return result;
}
@@ -272,17 +274,15 @@
for (int i = 0; i < length; i++) {
if (elements->get(i) == *object) {
AllowHeapAllocation allow_to_return_error;
- Handle<Object> error;
- MaybeHandle<Object> maybe_error = factory()->NewTypeError(
- "circular_structure", HandleVector<Object>(NULL, 0));
- if (maybe_error.ToHandle(&error)) isolate_->Throw(*error);
+ Handle<Object> error =
+ factory()->NewTypeError(MessageTemplate::kCircularStructure);
+ isolate_->Throw(*error);
return EXCEPTION;
}
}
}
- JSArray::EnsureSize(stack_, length + 1);
+ JSArray::SetLength(stack_, length + 1);
FixedArray::cast(stack_->elements())->set(length, *object);
- stack_->set_length(Smi::FromInt(length + 1));
return SUCCESS;
}
@@ -337,14 +337,13 @@
case JS_VALUE_TYPE:
if (deferred_string_key) SerializeDeferredKey(comma, key);
return SerializeJSValue(Handle<JSValue>::cast(object));
- case JS_FUNCTION_TYPE:
- return UNCHANGED;
default:
if (object->IsString()) {
if (deferred_string_key) SerializeDeferredKey(comma, key);
SerializeString(Handle<String>::cast(object));
return SUCCESS;
} else if (object->IsJSObject()) {
+ if (object->IsCallable()) return UNCHANGED;
// Go to slow path for global proxy and objects requiring access checks.
if (object->IsAccessCheckNeeded() || object->IsJSGlobalProxy()) break;
if (deferred_string_key) SerializeDeferredKey(comma, key);
@@ -361,15 +360,11 @@
Handle<Object> key,
bool deferred_comma,
bool deferred_key) {
- Handle<JSObject> builtins(isolate_->native_context()->builtins(), isolate_);
- Handle<JSFunction> builtin = Handle<JSFunction>::cast(Object::GetProperty(
- isolate_, builtins, "JSONSerializeAdapter").ToHandleChecked());
-
+ Handle<JSFunction> fun = isolate_->json_serialize_adapter();
Handle<Object> argv[] = { key, object };
Handle<Object> result;
ASSIGN_RETURN_ON_EXCEPTION_VALUE(
- isolate_, result,
- Execution::Call(isolate_, builtin, object, 2, argv),
+ isolate_, result, Execution::Call(isolate_, fun, object, 2, argv),
EXCEPTION);
if (result->IsUndefined()) return UNCHANGED;
if (deferred_key) {
@@ -388,19 +383,23 @@
if (class_name == isolate_->heap()->String_string()) {
Handle<Object> value;
ASSIGN_RETURN_ON_EXCEPTION_VALUE(
- isolate_, value, Execution::ToString(isolate_, object), EXCEPTION);
+ isolate_, value, Object::ToString(isolate_, object), EXCEPTION);
SerializeString(Handle<String>::cast(value));
} else if (class_name == isolate_->heap()->Number_string()) {
Handle<Object> value;
- ASSIGN_RETURN_ON_EXCEPTION_VALUE(
- isolate_, value, Execution::ToNumber(isolate_, object), EXCEPTION);
+ ASSIGN_RETURN_ON_EXCEPTION_VALUE(isolate_, value, Object::ToNumber(object),
+ EXCEPTION);
if (value->IsSmi()) return SerializeSmi(Smi::cast(*value));
SerializeHeapNumber(Handle<HeapNumber>::cast(value));
- } else {
- DCHECK(class_name == isolate_->heap()->Boolean_string());
+ } else if (class_name == isolate_->heap()->Boolean_string()) {
Object* value = JSValue::cast(*object)->value();
DCHECK(value->IsBoolean());
builder_.AppendCString(value->IsTrue() ? "true" : "false");
+ } else {
+ // ES6 24.3.2.1 step 10.c, serialize as an ordinary JSObject.
+ CHECK(!object->IsAccessCheckNeeded());
+ CHECK(!object->IsJSGlobalProxy());
+ return SerializeJSObject(object);
}
return SUCCESS;
}
@@ -435,12 +434,12 @@
Result stack_push = StackPush(object);
if (stack_push != SUCCESS) return stack_push;
uint32_t length = 0;
- CHECK(object->length()->ToArrayIndex(&length));
+ CHECK(object->length()->ToArrayLength(&length));
builder_.AppendCharacter('[');
switch (object->GetElementsKind()) {
case FAST_SMI_ELEMENTS: {
- Handle<FixedArray> elements(
- FixedArray::cast(object->elements()), isolate_);
+ Handle<FixedArray> elements(FixedArray::cast(object->elements()),
+ isolate_);
for (uint32_t i = 0; i < length; i++) {
if (i > 0) builder_.AppendCharacter(',');
SerializeSmi(Smi::cast(elements->get(i)));
@@ -459,14 +458,20 @@
break;
}
case FAST_ELEMENTS: {
- Handle<FixedArray> elements(
- FixedArray::cast(object->elements()), isolate_);
+ Handle<Object> old_length(object->length(), isolate_);
for (uint32_t i = 0; i < length; i++) {
+ if (object->length() != *old_length ||
+ object->GetElementsKind() != FAST_ELEMENTS) {
+ Result result = SerializeJSArraySlow(object, i, length);
+ if (result != SUCCESS) return result;
+ break;
+ }
if (i > 0) builder_.AppendCharacter(',');
- Result result =
- SerializeElement(isolate_,
- Handle<Object>(elements->get(i), isolate_),
- i);
+ Result result = SerializeElement(
+ isolate_,
+ Handle<Object>(FixedArray::cast(object->elements())->get(i),
+ isolate_),
+ i);
if (result == SUCCESS) continue;
if (result == UNCHANGED) {
builder_.AppendCString("null");
@@ -476,11 +481,10 @@
}
break;
}
- // TODO(yangguo): The FAST_HOLEY_* cases could be handled in a faster way.
- // They resemble the non-holey cases except that a prototype chain lookup
- // is necessary for holes.
+ // The FAST_HOLEY_* cases could be handled in a faster way. They resemble
+ // the non-holey cases except that a lookup is necessary for holes.
default: {
- Result result = SerializeJSArraySlow(object, length);
+ Result result = SerializeJSArraySlow(object, 0, length);
if (result != SUCCESS) return result;
break;
}
@@ -492,8 +496,8 @@
BasicJsonStringifier::Result BasicJsonStringifier::SerializeJSArraySlow(
- Handle<JSArray> object, uint32_t length) {
- for (uint32_t i = 0; i < length; i++) {
+ Handle<JSArray> object, uint32_t start, uint32_t length) {
+ for (uint32_t i = start; i < length; i++) {
if (i > 0) builder_.AppendCharacter(',');
Handle<Object> element;
ASSIGN_RETURN_ON_EXCEPTION_VALUE(
@@ -521,7 +525,7 @@
HandleScope handle_scope(isolate_);
Result stack_push = StackPush(object);
if (stack_push != SUCCESS) return stack_push;
- DCHECK(!object->IsJSGlobalProxy() && !object->IsGlobalObject());
+ DCHECK(!object->IsJSGlobalProxy() && !object->IsJSGlobalObject());
builder_.AppendCharacter('{');
bool comma = false;
@@ -539,7 +543,7 @@
PropertyDetails details = map->instance_descriptors()->GetDetails(i);
if (details.IsDontEnum()) continue;
Handle<Object> property;
- if (details.type() == FIELD && *map == object->map()) {
+ if (details.type() == DATA && *map == object->map()) {
FieldIndex field_index = FieldIndex::ForDescriptor(*map, i);
Isolate* isolate = object->GetIsolate();
if (object->IsUnboxedDoubleField(field_index)) {
@@ -563,7 +567,7 @@
Handle<FixedArray> contents;
ASSIGN_RETURN_ON_EXCEPTION_VALUE(
isolate_, contents,
- JSReceiver::GetKeys(object, JSReceiver::OWN_ONLY),
+ JSReceiver::GetKeys(object, JSReceiver::OWN_ONLY, ENUMERABLE_STRINGS),
EXCEPTION);
for (int i = 0; i < contents->length(); i++) {
@@ -576,12 +580,9 @@
} else {
DCHECK(key->IsNumber());
key_handle = factory()->NumberToString(Handle<Object>(key, isolate_));
- uint32_t index;
if (key->IsSmi()) {
maybe_property = Object::GetElement(
isolate_, object, Smi::cast(key)->value());
- } else if (key_handle->AsArrayIndex(&index)) {
- maybe_property = Object::GetElement(isolate_, object, index);
} else {
maybe_property = Object::GetPropertyOrElement(object, key_handle);
}
@@ -681,6 +682,7 @@
}
}
-} } // namespace v8::internal
+} // namespace internal
+} // namespace v8
#endif // V8_JSON_STRINGIFIER_H_