Upgrade V8 to 5.1.281.57 DO NOT MERGE
FPIIM-449
Change-Id: Id981b686b4d587ac31697662eb98bb34be42ad90
(cherry picked from commit 3b9bc31999c9787eb726ecdbfd5796bfdec32a18)
diff --git a/src/objects.h b/src/objects.h
index 61c6e5e..cbc9c04 100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -33,6 +33,8 @@
#include "src/mips64/constants-mips64.h" // NOLINT
#elif V8_TARGET_ARCH_PPC
#include "src/ppc/constants-ppc.h" // NOLINT
+#elif V8_TARGET_ARCH_S390
+#include "src/s390/constants-s390.h" // NOLINT
#endif
@@ -78,6 +80,7 @@
// - HashTable
// - Dictionary
// - StringTable
+// - StringSet
// - CompilationCacheTable
// - CodeCacheHashTable
// - MapCache
@@ -419,6 +422,7 @@
V(JS_MODULE_TYPE) \
V(JS_GLOBAL_OBJECT_TYPE) \
V(JS_GLOBAL_PROXY_TYPE) \
+ V(JS_SPECIAL_API_OBJECT_TYPE) \
V(JS_ARRAY_TYPE) \
V(JS_ARRAY_BUFFER_TYPE) \
V(JS_TYPED_ARRAY_TYPE) \
@@ -438,7 +442,6 @@
V(DEBUG_INFO_TYPE) \
V(BREAK_POINT_INFO_TYPE)
-
// Since string types are not consecutive, this macro is used to
// iterate over them.
#define STRING_TYPE_LIST(V) \
@@ -591,7 +594,6 @@
return ((type & kShortcutTypeMask) == kShortcutTypeTag);
}
-
enum InstanceType {
// String types.
INTERNALIZED_STRING_TYPE = kTwoByteStringTag | kSeqStringTag |
@@ -703,16 +705,18 @@
// objects in the JS sense. The first and the last type in this range are
// the two forms of function. This organization enables using the same
// compares for checking the JS_RECEIVER and the NONCALLABLE_JS_OBJECT range.
- JS_PROXY_TYPE, // FIRST_JS_RECEIVER_TYPE
- JS_VALUE_TYPE, // FIRST_JS_OBJECT_TYPE
+ JS_PROXY_TYPE, // FIRST_JS_RECEIVER_TYPE
+ JS_GLOBAL_OBJECT_TYPE, // FIRST_JS_OBJECT_TYPE
+ JS_GLOBAL_PROXY_TYPE,
+ // Like JS_OBJECT_TYPE, but requires access checks and/or has interceptors.
+ JS_SPECIAL_API_OBJECT_TYPE, // LAST_SPECIAL_RECEIVER_TYPE
+ JS_VALUE_TYPE, // LAST_CUSTOM_ELEMENTS_RECEIVER
JS_MESSAGE_OBJECT_TYPE,
JS_DATE_TYPE,
JS_OBJECT_TYPE,
JS_CONTEXT_EXTENSION_OBJECT_TYPE,
JS_GENERATOR_OBJECT_TYPE,
JS_MODULE_TYPE,
- JS_GLOBAL_OBJECT_TYPE,
- JS_GLOBAL_PROXY_TYPE,
JS_ARRAY_TYPE,
JS_ARRAY_BUFFER_TYPE,
JS_TYPED_ARRAY_TYPE,
@@ -753,8 +757,14 @@
FIRST_JS_RECEIVER_TYPE = JS_PROXY_TYPE,
LAST_JS_RECEIVER_TYPE = LAST_TYPE,
// Boundaries for testing the types represented as JSObject
- FIRST_JS_OBJECT_TYPE = JS_VALUE_TYPE,
+ FIRST_JS_OBJECT_TYPE = JS_GLOBAL_OBJECT_TYPE,
LAST_JS_OBJECT_TYPE = LAST_TYPE,
+ // Boundary for testing JSReceivers that need special property lookup handling
+ LAST_SPECIAL_RECEIVER_TYPE = JS_SPECIAL_API_OBJECT_TYPE,
+ // Boundary case for testing JSReceivers that may have elements while having
+ // an empty fixed array as elements backing store. This is true for string
+ // wrappers.
+ LAST_CUSTOM_ELEMENTS_RECEIVER = JS_VALUE_TYPE,
};
STATIC_ASSERT(JS_OBJECT_TYPE == Internals::kJSObjectType);
@@ -967,6 +977,7 @@
V(HashTable) \
V(Dictionary) \
V(StringTable) \
+ V(StringSet) \
V(NormalizedMapCache) \
V(CompilationCacheTable) \
V(CodeCacheHashTable) \
@@ -974,7 +985,7 @@
V(MapCache) \
V(JSGlobalObject) \
V(JSGlobalProxy) \
- V(UndetectableObject) \
+ V(Undetectable) \
V(AccessCheckNeeded) \
V(Callable) \
V(Function) \
@@ -999,7 +1010,8 @@
V(Uninitialized) \
V(True) \
V(False) \
- V(ArgumentsMarker)
+ V(ArgumentsMarker) \
+ V(OptimizedOut)
// The element types selection for CreateListFromArrayLike.
enum class ElementTypes { kAll, kStringAndSymbol };
@@ -1068,7 +1080,7 @@
INLINE(bool IsNaN() const);
INLINE(bool IsMinusZero() const);
bool ToInt32(int32_t* value);
- bool ToUint32(uint32_t* value);
+ inline bool ToUint32(uint32_t* value);
inline Representation OptimalRepresentation();
@@ -1119,9 +1131,13 @@
MUST_USE_RESULT static MaybeHandle<JSReceiver> ToObject(
Isolate* isolate, Handle<Object> object, Handle<Context> context);
+ // ES6 section 9.2.1.2, OrdinaryCallBindThis for sloppy callee.
+ MUST_USE_RESULT static MaybeHandle<JSReceiver> ConvertReceiver(
+ Isolate* isolate, Handle<Object> object);
+
// ES6 section 7.1.14 ToPropertyKey
- MUST_USE_RESULT static MaybeHandle<Name> ToName(Isolate* isolate,
- Handle<Object> input);
+ MUST_USE_RESULT static inline MaybeHandle<Name> ToName(Isolate* isolate,
+ Handle<Object> input);
// ES6 section 7.1.1 ToPrimitive
MUST_USE_RESULT static inline MaybeHandle<Object> ToPrimitive(
@@ -1231,6 +1247,10 @@
Handle<Object> object, Handle<Name> name, Handle<Object> value,
LanguageMode language_mode,
StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
+ MUST_USE_RESULT static inline MaybeHandle<Object> SetPropertyOrElement(
+ Handle<Object> object, Handle<Name> name, Handle<Object> value,
+ LanguageMode language_mode,
+ StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
MUST_USE_RESULT static Maybe<bool> SetSuperProperty(
LookupIterator* it, Handle<Object> value, LanguageMode language_mode,
@@ -1261,8 +1281,6 @@
MUST_USE_RESULT static inline MaybeHandle<Object> GetPropertyOrElement(
Handle<Object> receiver, Handle<Name> name, Handle<JSReceiver> holder);
MUST_USE_RESULT static inline MaybeHandle<Object> GetProperty(
- Isolate* isolate, Handle<Object> object, const char* key);
- MUST_USE_RESULT static inline MaybeHandle<Object> GetProperty(
Handle<Object> object, Handle<Name> name);
MUST_USE_RESULT static MaybeHandle<Object> GetPropertyWithAccessor(
@@ -1371,6 +1389,9 @@
LookupIterator* it, Handle<Object> value, LanguageMode language_mode,
StoreFromKeyed store_mode, bool* found);
+ MUST_USE_RESULT static MaybeHandle<Name> ConvertToName(Isolate* isolate,
+ Handle<Object> input);
+
DISALLOW_IMPLICIT_CONSTRUCTORS(Object);
};
@@ -1812,6 +1833,13 @@
MUST_USE_RESULT static inline Maybe<bool> HasOwnProperty(
Handle<JSReceiver> object, Handle<Name> name);
+ MUST_USE_RESULT static inline MaybeHandle<Object> GetProperty(
+ Isolate* isolate, Handle<JSReceiver> receiver, const char* key);
+ MUST_USE_RESULT static inline MaybeHandle<Object> GetProperty(
+ Handle<JSReceiver> receiver, Handle<Name> name);
+ MUST_USE_RESULT static inline MaybeHandle<Object> GetElement(
+ Isolate* isolate, Handle<JSReceiver> receiver, uint32_t index);
+
// Implementation of ES6 [[Delete]]
MUST_USE_RESULT static Maybe<bool> DeletePropertyOrElement(
Handle<JSReceiver> object, Handle<Name> name,
@@ -1919,15 +1947,15 @@
bool from_javascript,
ShouldThrow should_throw);
-
- static Handle<Object> GetDataProperty(Handle<JSReceiver> object,
- Handle<Name> name);
+ inline static Handle<Object> GetDataProperty(Handle<JSReceiver> object,
+ Handle<Name> name);
static Handle<Object> GetDataProperty(LookupIterator* it);
// Retrieves a permanent object identity hash code. The undefined value might
// be returned in case no hash was created yet.
- inline Object* GetIdentityHash();
+ static inline Handle<Object> GetIdentityHash(Isolate* isolate,
+ Handle<JSReceiver> object);
// Retrieves a permanent object identity hash code. May create and store a
// hash code if needed and none exists.
@@ -1944,7 +1972,8 @@
// "for (n in object) { }".
MUST_USE_RESULT static MaybeHandle<FixedArray> GetKeys(
Handle<JSReceiver> object, KeyCollectionType type, PropertyFilter filter,
- GetKeysConversion keys_conversion = KEEP_NUMBERS);
+ GetKeysConversion keys_conversion = KEEP_NUMBERS,
+ bool filter_proxy_keys_ = true);
MUST_USE_RESULT static MaybeHandle<FixedArray> GetOwnValues(
Handle<JSReceiver> object, PropertyFilter filter);
@@ -2037,11 +2066,12 @@
inline bool HasSlowArgumentsElements();
inline bool HasFastStringWrapperElements();
inline bool HasSlowStringWrapperElements();
+ bool HasEnumerableElements();
+
inline SeededNumberDictionary* element_dictionary(); // Gets slow elements.
// Requires: HasFastElements().
- static Handle<FixedArray> EnsureWritableFastElements(
- Handle<JSObject> object);
+ static void EnsureWritableFastElements(Handle<JSObject> object);
// Collects elements starting at index 0.
// Undefined values are placed after non-undefined values.
@@ -2089,8 +2119,9 @@
// Adds or reconfigures a property to attributes NONE. It will fail when it
// cannot.
- MUST_USE_RESULT static Maybe<bool> CreateDataProperty(LookupIterator* it,
- Handle<Object> value);
+ MUST_USE_RESULT static Maybe<bool> CreateDataProperty(
+ LookupIterator* it, Handle<Object> value,
+ ShouldThrow should_throw = DONT_THROW);
static void AddProperty(Handle<JSObject> object, Handle<Name> name,
Handle<Object> value, PropertyAttributes attributes);
@@ -2144,7 +2175,7 @@
};
// Retrieve interceptors.
- InterceptorInfo* GetNamedInterceptor();
+ inline InterceptorInfo* GetNamedInterceptor();
inline InterceptorInfo* GetIndexedInterceptor();
// Used from JSReceiver.
@@ -2207,8 +2238,6 @@
// Returns true if the object has a property with the hidden string as name.
static bool HasHiddenProperties(Handle<JSObject> object);
- static void SetIdentityHash(Handle<JSObject> object, Handle<Smi> hash);
-
static void ValidateElements(Handle<JSObject> object);
// Makes sure that this object can contain HeapObject as elements.
@@ -2289,6 +2318,9 @@
static Handle<FixedArray> GetEnumPropertyKeys(Handle<JSObject> object);
+ static Handle<FixedArray> GetFastEnumPropertyKeys(Isolate* isolate,
+ Handle<JSObject> object);
+
// Returns a new map with all transitions dropped from the object's current
// map and the ElementsKind set.
static Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
@@ -2378,10 +2410,6 @@
Handle<JSObject> object,
AllocationSiteUsageContext* site_context,
DeepCopyHints hints = kNoHints);
- // Deep copies given object with special handling for JSFunctions which
- // 1) must be Api functions and 2) are not copied but left as is.
- MUST_USE_RESULT static MaybeHandle<JSObject> DeepCopyApiBoilerplate(
- Handle<JSObject> object);
MUST_USE_RESULT static MaybeHandle<JSObject> DeepWalk(
Handle<JSObject> object,
AllocationSiteCreationContext* site_context);
@@ -2525,13 +2553,11 @@
Handle<JSObject> object,
Handle<Object> value);
- MUST_USE_RESULT Object* GetIdentityHash();
+ static Handle<Object> GetIdentityHash(Isolate* isolate,
+ Handle<JSObject> object);
static Handle<Smi> GetOrCreateIdentityHash(Handle<JSObject> object);
- static Handle<SeededNumberDictionary> GetNormalizedElementDictionary(
- Handle<JSObject> object, Handle<FixedArrayBase> elements);
-
// Helper for fast versions of preventExtensions, seal, and freeze.
// attrs is one of NONE, SEALED, or FROZEN (depending on the operation).
template <PropertyAttributes attrs>
@@ -3065,6 +3091,16 @@
return ToKeyIndex(number_of_descriptors);
}
+ static int ToDetailsIndex(int descriptor_number) {
+ return kFirstIndex + (descriptor_number * kDescriptorSize) +
+ kDescriptorDetails;
+ }
+
+ // Conversion from descriptor number to array indices.
+ static int ToKeyIndex(int descriptor_number) {
+ return kFirstIndex + (descriptor_number * kDescriptorSize) + kDescriptorKey;
+ }
+
private:
// An entry in a DescriptorArray, represented as an (array, index) pair.
class Entry {
@@ -3080,19 +3116,6 @@
int index_;
};
- // Conversion from descriptor number to array indices.
- static int ToKeyIndex(int descriptor_number) {
- return kFirstIndex +
- (descriptor_number * kDescriptorSize) +
- kDescriptorKey;
- }
-
- static int ToDetailsIndex(int descriptor_number) {
- return kFirstIndex +
- (descriptor_number * kDescriptorSize) +
- kDescriptorDetails;
- }
-
static int ToValueIndex(int descriptor_number) {
return kFirstIndex +
(descriptor_number * kDescriptorSize) +
@@ -3196,6 +3219,7 @@
// Tells whether k is a real key. The hole and undefined are not allowed
// as keys and can be used to indicate missing or deleted elements.
inline bool IsKey(Object* k);
+ inline bool IsKey(Heap* heap, Object* k);
// Compute the probe offset (quadratic probing).
INLINE(static uint32_t GetProbeOffset(uint32_t n)) {
@@ -3417,6 +3441,25 @@
DISALLOW_IMPLICIT_CONSTRUCTORS(StringTable);
};
+class StringSetShape : public BaseShape<String*> {
+ public:
+ static inline bool IsMatch(String* key, Object* value);
+ static inline uint32_t Hash(String* key);
+ static inline uint32_t HashForObject(String* key, Object* object);
+
+ static const int kPrefixSize = 0;
+ static const int kEntrySize = 1;
+};
+
+class StringSet : public HashTable<StringSet, StringSetShape, String*> {
+ public:
+ static Handle<StringSet> New(Isolate* isolate);
+ static Handle<StringSet> Add(Handle<StringSet> blacklist,
+ Handle<String> name);
+ bool Has(Handle<String> name);
+
+ DECLARE_CAST(StringSet)
+};
template <typename Derived, typename Shape, typename Key>
class Dictionary: public HashTable<Derived, Shape, Key> {
@@ -3473,10 +3516,6 @@
return NumberOfElementsFilterAttributes(ENUMERABLE_STRINGS);
}
- // Returns true if the dictionary contains any elements that are non-writable,
- // non-configurable, non-enumerable, or have getters/setters.
- bool HasComplexElements();
-
enum SortMode { UNSORTED, SORTED };
// Fill in details for properties into storage.
@@ -3709,6 +3748,10 @@
void UpdateMaxNumberKey(uint32_t key, bool used_as_prototype);
+ // Returns true if the dictionary contains any elements that are non-writable,
+ // non-configurable, non-enumerable, or have getters/setters.
+ bool HasComplexElements();
+
// If slow elements are required we will never go back to fast-case
// for the elements kept in this dictionary. We require slow
// elements if an element has been added at an index larger than
@@ -4462,7 +4505,7 @@
// Accessors for source position table containing mappings between byte code
// offset and source position.
- DECL_ACCESSORS(source_position_table, FixedArray)
+ DECL_ACCESSORS(source_position_table, ByteArray)
DECLARE_CAST(BytecodeArray)
@@ -4870,11 +4913,14 @@
#define NON_IC_KIND_LIST(V) \
V(FUNCTION) \
V(OPTIMIZED_FUNCTION) \
+ V(BYTECODE_HANDLER) \
V(STUB) \
V(HANDLER) \
V(BUILTIN) \
V(REGEXP) \
- V(WASM_FUNCTION)
+ V(WASM_FUNCTION) \
+ V(WASM_TO_JS_FUNCTION) \
+ V(JS_TO_WASM_FUNCTION)
#define IC_KIND_LIST(V) \
V(LOAD_IC) \
@@ -4884,7 +4930,6 @@
V(KEYED_STORE_IC) \
V(BINARY_OP_IC) \
V(COMPARE_IC) \
- V(COMPARE_NIL_IC) \
V(TO_BOOLEAN_IC)
#define CODE_KIND_LIST(V) \
@@ -4998,10 +5043,10 @@
inline bool is_call_stub();
inline bool is_binary_op_stub();
inline bool is_compare_ic_stub();
- inline bool is_compare_nil_ic_stub();
inline bool is_to_boolean_ic_stub();
inline bool is_keyed_stub();
inline bool is_optimized_code();
+ inline bool is_wasm_code();
inline bool embeds_maps_weakly();
inline bool IsCodeStubOrIC();
@@ -5244,6 +5289,7 @@
static void MakeCodeAgeSequenceYoung(byte* sequence, Isolate* isolate);
static void MarkCodeAsExecuted(byte* sequence, Isolate* isolate);
void MakeYoung(Isolate* isolate);
+ void PreAge(Isolate* isolate);
void MarkToBeExecutedOnce(Isolate* isolate);
void MakeOlder(MarkingParity);
static bool IsYoungSequence(Isolate* isolate, byte* sequence);
@@ -5301,8 +5347,9 @@
// Note: We might be able to squeeze this into the flags above.
static const int kPrologueOffset = kKindSpecificFlags2Offset + kIntSize;
static const int kConstantPoolOffset = kPrologueOffset + kIntSize;
- static const int kHeaderPaddingStart =
+ static const int kBuiltinIndexOffset =
kConstantPoolOffset + kConstantPoolSize;
+ static const int kHeaderPaddingStart = kBuiltinIndexOffset + kIntSize;
// Add padding to align the instruction start following right after
// the Code object header.
@@ -5326,10 +5373,11 @@
class TypeField : public BitField<StubType, 3, 1> {};
class CacheHolderField : public BitField<CacheHolderFlag, 4, 2> {};
class KindField : public BitField<Kind, 6, 5> {};
- class ExtraICStateField: public BitField<ExtraICState, 11,
- PlatformSmiTagging::kSmiValueSize - 11 + 1> {}; // NOLINT
+ class ExtraICStateField
+ : public BitField<ExtraICState, 11, PlatformSmiTagging::kSmiValueSize -
+ 11 + 1> {}; // NOLINT
- // KindSpecificFlags1 layout (STUB and OPTIMIZED_FUNCTION)
+ // KindSpecificFlags1 layout (STUB, BUILTIN and OPTIMIZED_FUNCTION)
static const int kStackSlotsFirstBit = 0;
static const int kStackSlotsBitCount = 24;
static const int kMarkedForDeoptimizationBit =
@@ -5404,11 +5452,37 @@
class AbstractCode : public HeapObject {
public:
+ // All code kinds and INTERPRETED_FUNCTION.
+ enum Kind {
+#define DEFINE_CODE_KIND_ENUM(name) name,
+ CODE_KIND_LIST(DEFINE_CODE_KIND_ENUM)
+#undef DEFINE_CODE_KIND_ENUM
+ INTERPRETED_FUNCTION,
+ };
+
int SourcePosition(int offset);
int SourceStatementPosition(int offset);
+ // Returns the address of the first instruction.
+ inline Address instruction_start();
+
+ // Returns the address right after the last instruction.
+ inline Address instruction_end();
+
+ // Returns the of the code instructions.
+ inline int instruction_size();
+
+ // Returns true if pc is inside this object's instructions.
+ inline bool contains(byte* pc);
+
+ // Returns the AbstractCode::Kind of the code.
+ inline Kind kind();
+
+ // Calculate the size of the code object to report for log events. This takes
+ // the layout of the code object into account.
+ inline int ExecutableSize();
+
DECLARE_CAST(AbstractCode)
- inline int Size();
inline Code* GetCode();
inline BytecodeArray* GetBytecodeArray();
};
@@ -5565,6 +5639,10 @@
static MaybeHandle<JSFunction> GetConstructorFunction(
Handle<Map> map, Handle<Context> native_context);
+ // Retrieve interceptors.
+ inline InterceptorInfo* GetNamedInterceptor();
+ inline InterceptorInfo* GetIndexedInterceptor();
+
// Instance type.
inline InstanceType instance_type();
inline void set_instance_type(InstanceType value);
@@ -5597,7 +5675,7 @@
class Deprecated : public BitField<bool, 23, 1> {};
class IsUnstable : public BitField<bool, 24, 1> {};
class IsMigrationTarget : public BitField<bool, 25, 1> {};
- class IsStrong : public BitField<bool, 26, 1> {};
+ // Bit 26 is free.
class NewTargetIsBase : public BitField<bool, 27, 1> {};
// Bit 28 is free.
@@ -5706,8 +5784,6 @@
inline void set_is_callable();
inline bool is_callable() const;
- inline void set_is_strong();
- inline bool is_strong();
inline void set_new_target_is_base(bool value);
inline bool new_target_is_base();
inline void set_is_extensible(bool value);
@@ -5961,8 +6037,9 @@
PropertyAttributes attributes,
StoreFromKeyed store_mode);
static Handle<Map> TransitionToAccessorProperty(
- Handle<Map> map, Handle<Name> name, AccessorComponent component,
- Handle<Object> accessor, PropertyAttributes attributes);
+ Handle<Map> map, Handle<Name> name, int descriptor,
+ AccessorComponent component, Handle<Object> accessor,
+ PropertyAttributes attributes);
static Handle<Map> ReconfigureExistingProperty(Handle<Map> map,
int descriptor,
PropertyKind kind,
@@ -6535,41 +6612,43 @@
//
// Installation of ids for the selected builtin functions is handled
// by the bootstrapper.
-#define FUNCTIONS_WITH_ID_LIST(V) \
- V(Array.prototype, indexOf, ArrayIndexOf) \
- V(Array.prototype, lastIndexOf, ArrayLastIndexOf) \
- V(Array.prototype, push, ArrayPush) \
- V(Array.prototype, pop, ArrayPop) \
- V(Array.prototype, shift, ArrayShift) \
- V(Function.prototype, apply, FunctionApply) \
- V(Function.prototype, call, FunctionCall) \
- V(String.prototype, charCodeAt, StringCharCodeAt) \
- V(String.prototype, charAt, StringCharAt) \
- V(String.prototype, concat, StringConcat) \
- V(String.prototype, toLowerCase, StringToLowerCase) \
- V(String.prototype, toUpperCase, StringToUpperCase) \
- V(String, fromCharCode, StringFromCharCode) \
- V(Math, random, MathRandom) \
- V(Math, floor, MathFloor) \
- V(Math, round, MathRound) \
- V(Math, ceil, MathCeil) \
- V(Math, abs, MathAbs) \
- V(Math, log, MathLog) \
- V(Math, exp, MathExp) \
- V(Math, sqrt, MathSqrt) \
- V(Math, pow, MathPow) \
- V(Math, max, MathMax) \
- V(Math, min, MathMin) \
- V(Math, cos, MathCos) \
- V(Math, sin, MathSin) \
- V(Math, tan, MathTan) \
- V(Math, acos, MathAcos) \
- V(Math, asin, MathAsin) \
- V(Math, atan, MathAtan) \
- V(Math, atan2, MathAtan2) \
- V(Math, imul, MathImul) \
- V(Math, clz32, MathClz32) \
- V(Math, fround, MathFround)
+#define FUNCTIONS_WITH_ID_LIST(V) \
+ V(Array.prototype, indexOf, ArrayIndexOf) \
+ V(Array.prototype, lastIndexOf, ArrayLastIndexOf) \
+ V(Array.prototype, push, ArrayPush) \
+ V(Array.prototype, pop, ArrayPop) \
+ V(Array.prototype, shift, ArrayShift) \
+ V(Function.prototype, apply, FunctionApply) \
+ V(Function.prototype, call, FunctionCall) \
+ V(Object.prototype, hasOwnProperty, ObjectHasOwnProperty) \
+ V(String.prototype, charCodeAt, StringCharCodeAt) \
+ V(String.prototype, charAt, StringCharAt) \
+ V(String.prototype, concat, StringConcat) \
+ V(String.prototype, toLowerCase, StringToLowerCase) \
+ V(String.prototype, toUpperCase, StringToUpperCase) \
+ V(String, fromCharCode, StringFromCharCode) \
+ V(Math, random, MathRandom) \
+ V(Math, floor, MathFloor) \
+ V(Math, round, MathRound) \
+ V(Math, ceil, MathCeil) \
+ V(Math, abs, MathAbs) \
+ V(Math, log, MathLog) \
+ V(Math, exp, MathExp) \
+ V(Math, sqrt, MathSqrt) \
+ V(Math, pow, MathPow) \
+ V(Math, max, MathMax) \
+ V(Math, min, MathMin) \
+ V(Math, cos, MathCos) \
+ V(Math, sin, MathSin) \
+ V(Math, tan, MathTan) \
+ V(Math, acos, MathAcos) \
+ V(Math, asin, MathAsin) \
+ V(Math, atan, MathAtan) \
+ V(Math, atan2, MathAtan2) \
+ V(Math, imul, MathImul) \
+ V(Math, clz32, MathClz32) \
+ V(Math, fround, MathFround) \
+ V(Math, trunc, MathTrunc)
#define ATOMIC_FUNCTIONS_WITH_ID_LIST(V) \
V(Atomics, load, AtomicsLoad) \
@@ -6577,6 +6656,9 @@
enum BuiltinFunctionId {
kArrayCode,
+ kGeneratorObjectNext,
+ kGeneratorObjectReturn,
+ kGeneratorObjectThrow,
#define DECLARE_FUNCTION_ID(ignored1, ignore2, name) \
k##name,
FUNCTIONS_WITH_ID_LIST(DECLARE_FUNCTION_ID)
@@ -6606,6 +6688,10 @@
// [code]: Function code.
DECL_ACCESSORS(code, Code)
+ // Get the abstract code associated with the function, which will either be
+ // a Code object or a BytecodeArray.
+ inline AbstractCode* abstract_code();
+
inline void ReplaceCode(Code* code);
// [optimized_code_map]: Map from native context to optimized code
@@ -6635,22 +6721,17 @@
// Trims the optimized code map after entries have been removed.
void TrimOptimizedCodeMap(int shrink_by);
- // Add a new entry to the optimized code map for context-independent code.
+ // Add or update entry in the optimized code map for context-independent code.
static void AddSharedCodeToOptimizedCodeMap(Handle<SharedFunctionInfo> shared,
Handle<Code> code);
- // Add a new entry to the optimized code map for context-dependent code.
- inline static void AddToOptimizedCodeMap(Handle<SharedFunctionInfo> shared,
- Handle<Context> native_context,
- Handle<Code> code,
- Handle<LiteralsArray> literals,
- BailoutId osr_ast_id);
-
- // We may already have cached the code, but want to store literals in the
- // cache.
- inline static void AddLiteralsToOptimizedCodeMap(
- Handle<SharedFunctionInfo> shared, Handle<Context> native_context,
- Handle<LiteralsArray> literals);
+ // Add or update entry in the optimized code map for context-dependent code.
+ // If {code} is not given, then an existing entry's code won't be overwritten.
+ static void AddToOptimizedCodeMap(Handle<SharedFunctionInfo> shared,
+ Handle<Context> native_context,
+ MaybeHandle<Code> code,
+ Handle<LiteralsArray> literals,
+ BailoutId osr_ast_id);
// Set up the link between shared function info and the script. The shared
// function info is added to the list on the script.
@@ -6721,19 +6802,34 @@
// [function data]: This field holds some additional data for function.
// Currently it has one of:
// - a FunctionTemplateInfo to make benefit the API [IsApiFunction()].
- // - a Smi identifying a builtin function [HasBuiltinFunctionId()].
// - a BytecodeArray for the interpreter [HasBytecodeArray()].
- // In the long run we don't want all functions to have this field but
- // we can fix that when we have a better model for storing hidden data
- // on objects.
DECL_ACCESSORS(function_data, Object)
inline bool IsApiFunction();
inline FunctionTemplateInfo* get_api_func_data();
- inline bool HasBuiltinFunctionId();
- inline BuiltinFunctionId builtin_function_id();
+ inline void set_api_func_data(FunctionTemplateInfo* data);
inline bool HasBytecodeArray();
inline BytecodeArray* bytecode_array();
+ inline void set_bytecode_array(BytecodeArray* bytecode);
+ inline void ClearBytecodeArray();
+
+ // [function identifier]: This field holds an additional identifier for the
+ // function.
+ // - a Smi identifying a builtin function [HasBuiltinFunctionId()].
+ // - a String identifying the function's inferred name [HasInferredName()].
+ // The inferred_name is inferred from variable or property
+ // assignment of this function. It is used to facilitate debugging and
+ // profiling of JavaScript code written in OO style, where almost
+ // all functions are anonymous but are assigned to object
+ // properties.
+ DECL_ACCESSORS(function_identifier, Object)
+
+ inline bool HasBuiltinFunctionId();
+ inline BuiltinFunctionId builtin_function_id();
+ inline void set_builtin_function_id(BuiltinFunctionId id);
+ inline bool HasInferredName();
+ inline String* inferred_name();
+ inline void set_inferred_name(String* inferred_name);
// [script info]: Script from which the function originates.
DECL_ACCESSORS(script, Object)
@@ -6760,16 +6856,12 @@
// [debug info]: Debug information.
DECL_ACCESSORS(debug_info, Object)
- // [inferred name]: Name inferred from variable or property
- // assignment of this function. Used to facilitate debugging and
- // profiling of JavaScript code written in OO style, where almost
- // all functions are anonymous but are assigned to object
- // properties.
- DECL_ACCESSORS(inferred_name, String)
-
// The function's name if it is non-empty, otherwise the inferred name.
String* DebugName();
+ // Used for flags such as --hydrogen-filter.
+ bool PassesFilter(const char* raw_filter);
+
// Position of the 'function' token in the script source.
inline int function_token_position() const;
inline void set_function_token_position(int function_token_position);
@@ -7006,9 +7098,9 @@
kInstanceClassNameOffset + kPointerSize;
static const int kScriptOffset = kFunctionDataOffset + kPointerSize;
static const int kDebugInfoOffset = kScriptOffset + kPointerSize;
- static const int kInferredNameOffset = kDebugInfoOffset + kPointerSize;
+ static const int kFunctionIdentifierOffset = kDebugInfoOffset + kPointerSize;
static const int kFeedbackVectorOffset =
- kInferredNameOffset + kPointerSize;
+ kFunctionIdentifierOffset + kPointerSize;
#if TRACE_MAPS
static const int kUniqueIdOffset = kFeedbackVectorOffset + kPointerSize;
static const int kLastPointerFieldOffset = kUniqueIdOffset;
@@ -7139,9 +7231,9 @@
kAllowLazyCompilation,
kAllowLazyCompilationWithoutContext,
kOptimizationDisabled,
+ kNeverCompiled,
kNative,
kStrictModeFunction,
- kStrongModeFunction,
kUsesArguments,
kNeedsHomeObject,
// byte 1
@@ -7165,7 +7257,6 @@
kIsSetterFunction,
// byte 3
kDeserialized,
- kNeverCompiled,
kIsDeclaration,
kCompilerHintsCount, // Pseudo entry
};
@@ -7215,8 +7306,6 @@
// native tests when using integer-width instructions.
static const int kStrictModeBit =
kStrictModeFunction + kCompilerHintsSmiTagSize;
- static const int kStrongModeBit =
- kStrongModeFunction + kCompilerHintsSmiTagSize;
static const int kNativeBit = kNative + kCompilerHintsSmiTagSize;
static const int kClassConstructorBits =
@@ -7227,7 +7316,6 @@
// native tests.
// Allows to use byte-width instructions.
static const int kStrictModeBitWithinByte = kStrictModeBit % kBitsPerByte;
- static const int kStrongModeBitWithinByte = kStrongModeBit % kBitsPerByte;
static const int kNativeBitWithinByte = kNativeBit % kBitsPerByte;
static const int kClassConstructorBitsWithinByte =
@@ -7246,7 +7334,6 @@
#error Unknown byte ordering
#endif
static const int kStrictModeByteOffset = BYTE_OFFSET(kStrictModeFunction);
- static const int kStrongModeByteOffset = BYTE_OFFSET(kStrongModeFunction);
static const int kNativeByteOffset = BYTE_OFFSET(kNative);
static const int kFunctionKindByteOffset = BYTE_OFFSET(kFunctionKind);
#undef BYTE_OFFSET
@@ -7258,13 +7345,6 @@
int SearchOptimizedCodeMapEntry(Context* native_context,
BailoutId osr_ast_id);
- // If code is undefined, then existing code won't be overwritten.
- static void AddToOptimizedCodeMapInternal(Handle<SharedFunctionInfo> shared,
- Handle<Context> native_context,
- Handle<HeapObject> code,
- Handle<LiteralsArray> literals,
- BailoutId osr_ast_id);
-
DISALLOW_IMPLICIT_CONSTRUCTORS(SharedFunctionInfo);
};
@@ -7394,6 +7474,9 @@
// to ES6 section 19.2.3.5 Function.prototype.toString ( ).
static Handle<String> ToString(Handle<JSBoundFunction> function);
+ static MaybeHandle<String> GetName(Isolate* isolate,
+ Handle<JSBoundFunction> function);
+
// Layout description.
static const int kBoundTargetFunctionOffset = JSObject::kHeaderSize;
static const int kBoundThisOffset = kBoundTargetFunctionOffset + kPointerSize;
@@ -7438,6 +7521,10 @@
inline void set_code_no_write_barrier(Code* code);
inline void ReplaceCode(Code* code);
+ // Get the abstract code associated with the function, which will either be
+ // a Code object or a BytecodeArray.
+ inline AbstractCode* abstract_code();
+
// Tells whether this function inlines the given shared function info.
bool Inlines(SharedFunctionInfo* candidate);
@@ -7524,7 +7611,11 @@
int requested_internal_fields,
int* instance_size,
int* in_object_properties);
-
+ static void CalculateInstanceSizeHelper(InstanceType instance_type,
+ int requested_internal_fields,
+ int requested_in_object_properties,
+ int* instance_size,
+ int* in_object_properties);
// Visiting policy flags define whether the code entry or next function
// should be visited or not.
enum BodyVisitingPolicy {
@@ -7553,9 +7644,6 @@
// Returns the number of allocated literals.
inline int NumberOfLiterals();
- // Used for flags such as --hydrogen-filter.
- bool PassesFilter(const char* raw_filter);
-
// The function's name if it is configured, otherwise shared function info
// debug name.
static Handle<String> GetName(Handle<JSFunction> function);
@@ -9507,6 +9595,9 @@
// [to_number]: Cached to_number computed at startup.
DECL_ACCESSORS(to_number, Object)
+ // [to_number]: Cached to_boolean computed at startup.
+ DECL_ACCESSORS(to_boolean, Oddball)
+
// [typeof]: Cached type_of computed at startup.
DECL_ACCESSORS(type_of, String)
@@ -9524,12 +9615,13 @@
// Initialize the fields.
static void Initialize(Isolate* isolate, Handle<Oddball> oddball,
const char* to_string, Handle<Object> to_number,
- const char* type_of, byte kind);
+ bool to_boolean, const char* type_of, byte kind);
// Layout description.
static const int kToStringOffset = HeapObject::kHeaderSize;
static const int kToNumberOffset = kToStringOffset + kPointerSize;
- static const int kTypeOfOffset = kToNumberOffset + kPointerSize;
+ static const int kToBooleanOffset = kToNumberOffset + kPointerSize;
+ static const int kTypeOfOffset = kToBooleanOffset + kPointerSize;
static const int kKindOffset = kTypeOfOffset + kPointerSize;
static const int kSize = kKindOffset + kPointerSize;
@@ -9543,6 +9635,7 @@
static const byte kUninitialized = 6;
static const byte kOther = 7;
static const byte kException = 8;
+ static const byte kOptimizedOut = 9;
typedef FixedBodyDescriptor<kToStringOffset, kTypeOfOffset + kPointerSize,
kSize> BodyDescriptor;
@@ -9731,7 +9824,7 @@
// ES6 9.5.8
MUST_USE_RESULT static MaybeHandle<Object> GetProperty(
Isolate* isolate, Handle<JSProxy> proxy, Handle<Name> name,
- Handle<Object> receiver);
+ Handle<Object> receiver, bool* was_found);
// ES6 9.5.9
MUST_USE_RESULT static Maybe<bool> SetProperty(Handle<JSProxy> proxy,
@@ -9765,7 +9858,8 @@
typedef FixedBodyDescriptor<JSReceiver::kPropertiesOffset, kSize, kSize>
BodyDescriptor;
- MUST_USE_RESULT Object* GetIdentityHash();
+ static Handle<Object> GetIdentityHash(Isolate* isolate,
+ Handle<JSProxy> receiver);
static Handle<Smi> GetOrCreateIdentityHash(Handle<JSProxy> proxy);
@@ -10232,6 +10326,12 @@
PropertyDescriptor* desc,
ShouldThrow should_throw);
+ // Checks whether the Array has the current realm's Array.prototype as its
+ // prototype. This function is best-effort and only gives a conservative
+ // approximation, erring on the side of false, in particular with respect
+ // to Proxies and objects with a hidden prototype.
+ inline bool HasArrayPrototype(Isolate* isolate);
+
DECLARE_CAST(JSArray)
// Dispatched behavior.
@@ -10312,6 +10412,9 @@
inline bool is_special_data_property();
inline void set_is_special_data_property(bool value);
+ inline bool is_sloppy();
+ inline void set_is_sloppy(bool value);
+
inline PropertyAttributes property_attributes();
inline void set_property_attributes(PropertyAttributes attributes);
@@ -10348,7 +10451,8 @@
static const int kAllCanReadBit = 0;
static const int kAllCanWriteBit = 1;
static const int kSpecialDataProperty = 2;
- class AttributesField : public BitField<PropertyAttributes, 3, 3> {};
+ static const int kIsSloppy = 3;
+ class AttributesField : public BitField<PropertyAttributes, 4, 3> {};
DISALLOW_IMPLICIT_CONSTRUCTORS(AccessorInfo);
};