diff options
Diffstat (limited to 'chromium/v8/src/objects.h')
| -rw-r--r-- | chromium/v8/src/objects.h | 782 |
1 files changed, 563 insertions, 219 deletions
diff --git a/chromium/v8/src/objects.h b/chromium/v8/src/objects.h index d370c32a1a4..12087eb00a6 100644 --- a/chromium/v8/src/objects.h +++ b/chromium/v8/src/objects.h @@ -232,6 +232,13 @@ static inline bool IsGrowStoreMode(KeyedAccessStoreMode store_mode) { enum WriteBarrierMode { SKIP_WRITE_BARRIER, UPDATE_WRITE_BARRIER }; +// Indicates whether a value can be loaded as a constant. +enum StoreMode { + ALLOW_AS_CONSTANT, + FORCE_FIELD +}; + + // PropertyNormalizationMode is used to specify whether to keep // inobject properties when normalizing properties of a JSObject. enum PropertyNormalizationMode { @@ -258,7 +265,6 @@ enum CreationFlag { // Indicates whether transitions can be added to a source map or not. enum TransitionFlag { INSERT_TRANSITION, - OMIT_TRANSITION_KEEP_REPRESENTATIONS, OMIT_TRANSITION }; @@ -333,6 +339,7 @@ const int kStubMinorKeyBits = kBitsPerInt - kSmiTagSize - kStubMajorKeyBits; V(CONS_STRING_TYPE) \ V(CONS_ASCII_STRING_TYPE) \ V(SLICED_STRING_TYPE) \ + V(SLICED_ASCII_STRING_TYPE) \ V(EXTERNAL_STRING_TYPE) \ V(EXTERNAL_ASCII_STRING_TYPE) \ V(EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE) \ @@ -416,6 +423,8 @@ const int kStubMinorKeyBits = kBitsPerInt - kSmiTagSize - kStubMajorKeyBits; V(JS_TYPED_ARRAY_TYPE) \ V(JS_DATA_VIEW_TYPE) \ V(JS_PROXY_TYPE) \ + V(JS_SET_TYPE) \ + V(JS_MAP_TYPE) \ V(JS_WEAK_MAP_TYPE) \ V(JS_WEAK_SET_TYPE) \ V(JS_REGEXP_TYPE) \ @@ -783,7 +792,6 @@ enum InstanceType { // Pseudo-types FIRST_TYPE = 0x0, LAST_TYPE = JS_FUNCTION_TYPE, - INVALID_TYPE = FIRST_TYPE - 1, FIRST_NAME_TYPE = FIRST_TYPE, LAST_NAME_TYPE = SYMBOL_TYPE, FIRST_UNIQUE_NAME_TYPE = INTERNALIZED_STRING_TYPE, @@ -1046,7 +1054,300 @@ class MaybeObject BASE_EMBEDDED { V(AccessCheckNeeded) \ V(Cell) \ V(PropertyCell) \ - V(ObjectHashTable) \ + V(ObjectHashTable) + + +#define ERROR_MESSAGES_LIST(V) \ + V(kNoReason, "no reason") \ + \ + V(k32BitValueInRegisterIsNotZeroExtended, \ + "32 bit value in register is not zero-extended") \ + V(kAlignmentMarkerExpected, "alignment marker expected") \ + V(kAllocationIsNotDoubleAligned, "Allocation is not double aligned") \ + V(kAPICallReturnedInvalidObject, "API call returned invalid object") \ + V(kArgumentsObjectValueInATestContext, \ + "arguments object value in a test context") \ + V(kArrayBoilerplateCreationFailed, "array boilerplate creation failed") \ + V(kArrayIndexConstantValueTooBig, "array index constant value too big") \ + V(kAssignmentToArguments, "assignment to arguments") \ + V(kAssignmentToLetVariableBeforeInitialization, \ + "assignment to let variable before initialization") \ + V(kAssignmentToLOOKUPVariable, "assignment to LOOKUP variable") \ + V(kAssignmentToParameterFunctionUsesArgumentsObject, \ + "assignment to parameter, function uses arguments object") \ + V(kAssignmentToParameterInArgumentsObject, \ + "assignment to parameter in arguments object") \ + V(kAttemptToUseUndefinedCache, "Attempt to use undefined cache") \ + V(kBadValueContextForArgumentsObjectValue, \ + "bad value context for arguments object value") \ + V(kBadValueContextForArgumentsValue, \ + "bad value context for arguments value") \ + V(kBailedOutDueToDependencyChange, "bailed out due to dependency change") \ + V(kBailoutWasNotPrepared, "bailout was not prepared") \ + V(kBinaryStubGenerateFloatingPointCode, \ + "BinaryStub_GenerateFloatingPointCode") \ + V(kBothRegistersWereSmisInSelectNonSmi, \ + "Both registers were smis in SelectNonSmi") \ + V(kCallToAJavaScriptRuntimeFunction, \ + "call to a JavaScript runtime function") \ + V(kCannotTranslatePositionInChangedArea, \ + "Cannot translate position in changed area") \ + V(kCodeGenerationFailed, "code generation failed") \ + V(kCodeObjectNotProperlyPatched, "code object not properly patched") \ + V(kCompoundAssignmentToLookupSlot, "compound assignment to lookup slot") \ + V(kContextAllocatedArguments, "context-allocated arguments") \ + V(kDebuggerIsActive, "debugger is active") \ + V(kDebuggerStatement, "DebuggerStatement") \ + V(kDeclarationInCatchContext, "Declaration in catch context") \ + V(kDeclarationInWithContext, "Declaration in with context") \ + V(kDefaultNaNModeNotSet, "Default NaN mode not set") \ + V(kDeleteWithGlobalVariable, "delete with global variable") \ + V(kDeleteWithNonGlobalVariable, "delete with non-global variable") \ + V(kDestinationOfCopyNotAligned, "Destination of copy not aligned") \ + V(kDontDeleteCellsCannotContainTheHole, \ + "DontDelete cells can't contain the hole") \ + V(kDoPushArgumentNotImplementedForDoubleType, \ + "DoPushArgument not implemented for double type") \ + V(kEmitLoadRegisterUnsupportedDoubleImmediate, \ + "EmitLoadRegister: Unsupported double immediate") \ + V(kEval, "eval") \ + V(kExpected0AsASmiSentinel, "Expected 0 as a Smi sentinel") \ + V(kExpectedAlignmentMarker, "expected alignment marker") \ + V(kExpectedAllocationSiteInCell, \ + "Expected AllocationSite in property cell") \ + V(kExpectedPropertyCellInRegisterA2, \ + "Expected property cell in register a2") \ + V(kExpectedPropertyCellInRegisterEbx, \ + "Expected property cell in register ebx") \ + V(kExpectedPropertyCellInRegisterRbx, \ + "Expected property cell in register rbx") \ + V(kExpectingAlignmentForCopyBytes, \ + "Expecting alignment for CopyBytes") \ + V(kExportDeclaration, "Export declaration") \ + V(kExternalStringExpectedButNotFound, \ + "external string expected, but not found") \ + V(kFailedBailedOutLastTime, "failed/bailed out last time") \ + V(kForInStatementIsNotFastCase, "ForInStatement is not fast case") \ + V(kForInStatementOptimizationIsDisabled, \ + "ForInStatement optimization is disabled") \ + V(kForInStatementWithNonLocalEachVariable, \ + "ForInStatement with non-local each variable") \ + V(kForOfStatement, "ForOfStatement") \ + V(kFrameIsExpectedToBeAligned, "frame is expected to be aligned") \ + V(kFunctionCallsEval, "function calls eval") \ + V(kFunctionIsAGenerator, "function is a generator") \ + V(kFunctionWithIllegalRedeclaration, "function with illegal redeclaration") \ + V(kGeneratedCodeIsTooLarge, "Generated code is too large") \ + V(kGeneratorFailedToResume, "Generator failed to resume") \ + V(kGenerator, "generator") \ + V(kGlobalFunctionsMustHaveInitialMap, \ + "Global functions must have initial map") \ + V(kHeapNumberMapRegisterClobbered, "HeapNumberMap register clobbered") \ + V(kImportDeclaration, "Import declaration") \ + V(kImproperObjectOnPrototypeChainForStore, \ + "improper object on prototype chain for store") \ + V(kIndexIsNegative, "Index is negative") \ + V(kIndexIsTooLarge, "Index is too large") \ + V(kInlinedRuntimeFunctionClassOf, "inlined runtime function: ClassOf") \ + V(kInlinedRuntimeFunctionFastAsciiArrayJoin, \ + "inlined runtime function: FastAsciiArrayJoin") \ + V(kInlinedRuntimeFunctionGeneratorNext, \ + "inlined runtime function: GeneratorNext") \ + V(kInlinedRuntimeFunctionGeneratorThrow, \ + "inlined runtime function: GeneratorThrow") \ + V(kInlinedRuntimeFunctionGetFromCache, \ + "inlined runtime function: GetFromCache") \ + V(kInlinedRuntimeFunctionIsNonNegativeSmi, \ + "inlined runtime function: IsNonNegativeSmi") \ + V(kInlinedRuntimeFunctionIsRegExpEquivalent, \ + "inlined runtime function: IsRegExpEquivalent") \ + V(kInlinedRuntimeFunctionIsStringWrapperSafeForDefaultValueOf, \ + "inlined runtime function: IsStringWrapperSafeForDefaultValueOf") \ + V(kInliningBailedOut, "inlining bailed out") \ + V(kInputGPRIsExpectedToHaveUpper32Cleared, \ + "input GPR is expected to have upper32 cleared") \ + V(kInstanceofStubUnexpectedCallSiteCacheCheck, \ + "InstanceofStub unexpected call site cache (check)") \ + V(kInstanceofStubUnexpectedCallSiteCacheCmp1, \ + "InstanceofStub unexpected call site cache (cmp 1)") \ + V(kInstanceofStubUnexpectedCallSiteCacheCmp2, \ + "InstanceofStub unexpected call site cache (cmp 2)") \ + V(kInstanceofStubUnexpectedCallSiteCacheMov, \ + "InstanceofStub unexpected call site cache (mov)") \ + V(kInteger32ToSmiFieldWritingToNonSmiLocation, \ + "Integer32ToSmiField writing to non-smi location") \ + V(kInvalidCaptureReferenced, "Invalid capture referenced") \ + V(kInvalidElementsKindForInternalArrayOrInternalPackedArray, \ + "Invalid ElementsKind for InternalArray or InternalPackedArray") \ + V(kInvalidHandleScopeLevel, "Invalid HandleScope level") \ + V(kInvalidLeftHandSideInAssignment, "invalid left-hand side in assignment") \ + V(kInvalidLhsInCompoundAssignment, "invalid lhs in compound assignment") \ + V(kInvalidLhsInCountOperation, "invalid lhs in count operation") \ + V(kInvalidMinLength, "Invalid min_length") \ + V(kJSGlobalObjectNativeContextShouldBeANativeContext, \ + "JSGlobalObject::native_context should be a native context") \ + V(kJSGlobalProxyContextShouldNotBeNull, \ + "JSGlobalProxy::context() should not be null") \ + V(kJSObjectWithFastElementsMapHasSlowElements, \ + "JSObject with fast elements map has slow elements") \ + V(kLetBindingReInitialization, "Let binding re-initialization") \ + V(kLiveBytesCountOverflowChunkSize, "Live Bytes Count overflow chunk size") \ + V(kLiveEditFrameDroppingIsNotSupportedOnArm, \ + "LiveEdit frame dropping is not supported on arm") \ + V(kLiveEditFrameDroppingIsNotSupportedOnMips, \ + "LiveEdit frame dropping is not supported on mips") \ + V(kLiveEdit, "LiveEdit") \ + V(kLookupVariableInCountOperation, \ + "lookup variable in count operation") \ + V(kMapIsNoLongerInEax, "Map is no longer in eax") \ + V(kModuleDeclaration, "Module declaration") \ + V(kModuleLiteral, "Module literal") \ + V(kModulePath, "Module path") \ + V(kModuleStatement, "Module statement") \ + V(kModuleVariable, "Module variable") \ + V(kModuleUrl, "Module url") \ + V(kNoCasesLeft, "no cases left") \ + V(kNoEmptyArraysHereInEmitFastAsciiArrayJoin, \ + "No empty arrays here in EmitFastAsciiArrayJoin") \ + V(kNonInitializerAssignmentToConst, \ + "non-initializer assignment to const") \ + V(kNonSmiIndex, "Non-smi index") \ + V(kNonSmiKeyInArrayLiteral, "Non-smi key in array literal") \ + V(kNonSmiValue, "Non-smi value") \ + V(kNotEnoughVirtualRegistersForValues, \ + "not enough virtual registers for values") \ + V(kNotEnoughSpillSlotsForOsr, \ + "not enough spill slots for OSR") \ + V(kNotEnoughVirtualRegistersRegalloc, \ + "not enough virtual registers (regalloc)") \ + V(kObjectFoundInSmiOnlyArray, "object found in smi-only array") \ + V(kObjectLiteralWithComplexProperty, \ + "Object literal with complex property") \ + V(kOddballInStringTableIsNotUndefinedOrTheHole, \ + "oddball in string table is not undefined or the hole") \ + V(kOperandIsASmiAndNotAName, "Operand is a smi and not a name") \ + V(kOperandIsASmiAndNotAString, "Operand is a smi and not a string") \ + V(kOperandIsASmi, "Operand is a smi") \ + V(kOperandIsNotAName, "Operand is not a name") \ + V(kOperandIsNotANumber, "Operand is not a number") \ + V(kOperandIsNotASmi, "Operand is not a smi") \ + V(kOperandIsNotAString, "Operand is not a string") \ + V(kOperandIsNotSmi, "Operand is not smi") \ + V(kOperandNotANumber, "Operand not a number") \ + V(kOptimizedTooManyTimes, "optimized too many times") \ + V(kOutOfVirtualRegistersWhileTryingToAllocateTempRegister, \ + "Out of virtual registers while trying to allocate temp register") \ + V(kParseScopeError, "parse/scope error") \ + V(kPossibleDirectCallToEval, "possible direct call to eval") \ + V(kPropertyAllocationCountFailed, "Property allocation count failed") \ + V(kReceivedInvalidReturnAddress, "Received invalid return address") \ + V(kReferenceToAVariableWhichRequiresDynamicLookup, \ + "reference to a variable which requires dynamic lookup") \ + V(kReferenceToGlobalLexicalVariable, \ + "reference to global lexical variable") \ + V(kReferenceToUninitializedVariable, "reference to uninitialized variable") \ + V(kRegisterDidNotMatchExpectedRoot, "Register did not match expected root") \ + V(kRegisterWasClobbered, "register was clobbered") \ + V(kScopedBlock, "ScopedBlock") \ + V(kSharedFunctionInfoLiteral, "Shared function info literal") \ + V(kSmiAdditionOverflow, "Smi addition overflow") \ + V(kSmiSubtractionOverflow, "Smi subtraction overflow") \ + V(kStackFrameTypesMustMatch, "stack frame types must match") \ + V(kSwitchStatementMixedOrNonLiteralSwitchLabels, \ + "SwitchStatement: mixed or non-literal switch labels") \ + V(kSwitchStatementTooManyClauses, "SwitchStatement: too many clauses") \ + V(kTheInstructionShouldBeALui, "The instruction should be a lui") \ + V(kTheInstructionShouldBeAnOri, "The instruction should be an ori") \ + V(kTheInstructionToPatchShouldBeALoadFromPc, \ + "The instruction to patch should be a load from pc") \ + V(kTheInstructionToPatchShouldBeALui, \ + "The instruction to patch should be a lui") \ + V(kTheInstructionToPatchShouldBeAnOri, \ + "The instruction to patch should be an ori") \ + V(kTooManyParametersLocals, "too many parameters/locals") \ + V(kTooManyParameters, "too many parameters") \ + V(kTooManySpillSlotsNeededForOSR, "Too many spill slots needed for OSR") \ + V(kToOperandIsDoubleRegisterUnimplemented, \ + "ToOperand IsDoubleRegister unimplemented") \ + V(kToOperandUnsupportedDoubleImmediate, \ + "ToOperand Unsupported double immediate") \ + V(kTryCatchStatement, "TryCatchStatement") \ + V(kTryFinallyStatement, "TryFinallyStatement") \ + V(kUnableToEncodeValueAsSmi, "Unable to encode value as smi") \ + V(kUnalignedAllocationInNewSpace, "Unaligned allocation in new space") \ + V(kUndefinedValueNotLoaded, "Undefined value not loaded") \ + V(kUndoAllocationOfNonAllocatedMemory, \ + "Undo allocation of non allocated memory") \ + V(kUnexpectedAllocationTop, "Unexpected allocation top") \ + V(kUnexpectedElementsKindInArrayConstructor, \ + "Unexpected ElementsKind in array constructor") \ + V(kUnexpectedFallthroughFromCharCodeAtSlowCase, \ + "Unexpected fallthrough from CharCodeAt slow case") \ + V(kUnexpectedFallthroughFromCharFromCodeSlowCase, \ + "Unexpected fallthrough from CharFromCode slow case") \ + V(kUnexpectedFallThroughFromStringComparison, \ + "Unexpected fall-through from string comparison") \ + V(kUnexpectedFallThroughInBinaryStubGenerateFloatingPointCode, \ + "Unexpected fall-through in BinaryStub_GenerateFloatingPointCode") \ + V(kUnexpectedFallthroughToCharCodeAtSlowCase, \ + "Unexpected fallthrough to CharCodeAt slow case") \ + V(kUnexpectedFallthroughToCharFromCodeSlowCase, \ + "Unexpected fallthrough to CharFromCode slow case") \ + V(kUnexpectedFPUStackDepthAfterInstruction, \ + "Unexpected FPU stack depth after instruction") \ + V(kUnexpectedInitialMapForArrayFunction1, \ + "Unexpected initial map for Array function (1)") \ + V(kUnexpectedInitialMapForArrayFunction2, \ + "Unexpected initial map for Array function (2)") \ + V(kUnexpectedInitialMapForArrayFunction, \ + "Unexpected initial map for Array function") \ + V(kUnexpectedInitialMapForInternalArrayFunction, \ + "Unexpected initial map for InternalArray function") \ + V(kUnexpectedLevelAfterReturnFromApiCall, \ + "Unexpected level after return from api call") \ + V(kUnexpectedNumberOfPreAllocatedPropertyFields, \ + "Unexpected number of pre-allocated property fields") \ + V(kUnexpectedStringFunction, "Unexpected String function") \ + V(kUnexpectedStringType, "Unexpected string type") \ + V(kUnexpectedStringWrapperInstanceSize, \ + "Unexpected string wrapper instance size") \ + V(kUnexpectedTypeForRegExpDataFixedArrayExpected, \ + "Unexpected type for RegExp data, FixedArray expected") \ + V(kUnexpectedUnusedPropertiesOfStringWrapper, \ + "Unexpected unused properties of string wrapper") \ + V(kUninitializedKSmiConstantRegister, "Uninitialized kSmiConstantRegister") \ + V(kUnknown, "unknown") \ + V(kUnsupportedConstCompoundAssignment, \ + "unsupported const compound assignment") \ + V(kUnsupportedCountOperationWithConst, \ + "unsupported count operation with const") \ + V(kUnsupportedDoubleImmediate, "unsupported double immediate") \ + V(kUnsupportedLetCompoundAssignment, "unsupported let compound assignment") \ + V(kUnsupportedLookupSlotInDeclaration, \ + "unsupported lookup slot in declaration") \ + V(kUnsupportedNonPrimitiveCompare, "Unsupported non-primitive compare") \ + V(kUnsupportedPhiUseOfArguments, "Unsupported phi use of arguments") \ + V(kUnsupportedPhiUseOfConstVariable, \ + "Unsupported phi use of const variable") \ + V(kUnsupportedTaggedImmediate, "unsupported tagged immediate") \ + V(kVariableResolvedToWithContext, "Variable resolved to with context") \ + V(kWeShouldNotHaveAnEmptyLexicalContext, \ + "we should not have an empty lexical context") \ + V(kWithStatement, "WithStatement") \ + V(kWrongAddressOrValuePassedToRecordWrite, \ + "Wrong address or value passed to RecordWrite") \ + V(kYield, "Yield") + + +#define ERROR_MESSAGES_CONSTANTS(C, T) C, +enum BailoutReason { + ERROR_MESSAGES_LIST(ERROR_MESSAGES_CONSTANTS) + kLastErrorMessage +}; +#undef ERROR_MESSAGES_CONSTANTS + + +const char* GetBailoutReason(BailoutReason reason); // Object is the abstract superclass for all classes in the @@ -1148,8 +1449,8 @@ class Object : public MaybeObject { inline bool HasSpecificClassOf(String* name); - MUST_USE_RESULT MaybeObject* ToObject(); // ECMA-262 9.9. - bool BooleanValue(); // ECMA-262 9.2. + MUST_USE_RESULT MaybeObject* ToObject(Isolate* isolate); // ECMA-262 9.9. + bool BooleanValue(); // ECMA-262 9.2. // Convert to a JSObject if needed. // native_context is used when creating wrapper object. @@ -1171,7 +1472,8 @@ class Object : public MaybeObject { Name* key, PropertyAttributes* attributes); - static Handle<Object> GetProperty(Handle<Object> object, Handle<Name> key); + static Handle<Object> GetProperty(Handle<Object> object, + Handle<Name> key); static Handle<Object> GetProperty(Handle<Object> object, Handle<Object> receiver, LookupResult* result, @@ -1193,11 +1495,15 @@ class Object : public MaybeObject { MUST_USE_RESULT MaybeObject* GetPropertyWithDefinedGetter(Object* receiver, JSReceiver* getter); - static Handle<Object> GetElement(Handle<Object> object, uint32_t index); - MUST_USE_RESULT inline MaybeObject* GetElement(uint32_t index); + static Handle<Object> GetElement(Isolate* isolate, + Handle<Object> object, + uint32_t index); + MUST_USE_RESULT inline MaybeObject* GetElement(Isolate* isolate, + uint32_t index); // For use when we know that no exception can be thrown. - inline Object* GetElementNoExceptionThrown(uint32_t index); - MUST_USE_RESULT MaybeObject* GetElementWithReceiver(Object* receiver, + inline Object* GetElementNoExceptionThrown(Isolate* isolate, uint32_t index); + MUST_USE_RESULT MaybeObject* GetElementWithReceiver(Isolate* isolate, + Object* receiver, uint32_t index); // Return the object's prototype (might be Heap::null_value()). @@ -1229,10 +1535,7 @@ class Object : public MaybeObject { inline void VerifyApiCallResultType(); // Prints this object without details. - inline void ShortPrint() { - ShortPrint(stdout); - } - void ShortPrint(FILE* out); + void ShortPrint(FILE* out = stdout); // Prints this object without details to a message accumulator. void ShortPrint(StringStream* accumulator); @@ -1271,10 +1574,7 @@ class Smi: public Object { static inline Smi* cast(Object* object); // Dispatched behavior. - inline void SmiPrint() { - SmiPrint(stdout); - } - void SmiPrint(FILE* out); + void SmiPrint(FILE* out = stdout); void SmiPrint(StringStream* accumulator); DECLARE_VERIFIER(Smi) @@ -1345,10 +1645,7 @@ class Failure: public MaybeObject { static inline Failure* cast(MaybeObject* object); // Dispatched behavior. - inline void FailurePrint() { - FailurePrint(stdout); - } - void FailurePrint(FILE* out); + void FailurePrint(FILE* out = stdout); void FailurePrint(StringStream* accumulator); DECLARE_VERIFIER(Failure) @@ -1429,9 +1726,7 @@ class HeapObject: public Object { // The Heap the object was allocated in. Used also to access Isolate. inline Heap* GetHeap(); - // Convenience method to get current isolate. This method can be - // accessed only when its result is the same as - // Isolate::Current(), it ASSERTs this. See also comment for GetHeap. + // Convenience method to get current isolate. inline Isolate* GetIsolate(); // Converts an address to a HeapObject pointer. @@ -1463,6 +1758,13 @@ class HeapObject: public Object { // during marking GC. static inline Object** RawField(HeapObject* obj, int offset); + // Adds the |code| object related to |name| to the code cache of this map. If + // this map is a dictionary map that is shared, the map copied and installed + // onto the object. + static void UpdateMapCodeCache(Handle<HeapObject> object, + Handle<Name> name, + Handle<Code> code); + // Casting. static inline HeapObject* cast(Object* obj); @@ -1477,12 +1779,9 @@ class HeapObject: public Object { // Dispatched behavior. void HeapObjectShortPrint(StringStream* accumulator); #ifdef OBJECT_PRINT - inline void HeapObjectPrint() { - HeapObjectPrint(stdout); - } - void HeapObjectPrint(FILE* out); void PrintHeader(FILE* out, const char* id); #endif + DECLARE_PRINTER(HeapObject) DECLARE_VERIFIER(HeapObject) #ifdef VERIFY_HEAP inline void VerifyObjectField(int offset); @@ -1566,10 +1865,7 @@ class HeapNumber: public HeapObject { // Dispatched behavior. bool HeapNumberBooleanValue(); - inline void HeapNumberPrint() { - HeapNumberPrint(stdout); - } - void HeapNumberPrint(FILE* out); + void HeapNumberPrint(FILE* out = stdout); void HeapNumberPrint(StringStream* accumulator); DECLARE_VERIFIER(HeapNumber) @@ -1644,12 +1940,6 @@ class JSReceiver: public HeapObject { CERTAINLY_NOT_STORE_FROM_KEYED }; - // Indicates whether a value can be loaded as a constant. - enum StoreMode { - ALLOW_AS_CONSTANT, - FORCE_FIELD - }; - // Internal properties (e.g. the hidden properties dictionary) might // be added even though the receiver is non-extensible. enum ExtensibilityCheck { @@ -1665,6 +1955,11 @@ class JSReceiver: public HeapObject { Handle<Object> value, PropertyAttributes attributes, StrictModeFlag strict_mode); + static Handle<Object> SetElement(Handle<JSReceiver> object, + uint32_t index, + Handle<Object> value, + PropertyAttributes attributes, + StrictModeFlag strict_mode); MUST_USE_RESULT static MaybeObject* SetPropertyOrFail( Handle<JSReceiver> object, @@ -1696,15 +1991,7 @@ class JSReceiver: public HeapObject { DeleteMode mode = NORMAL_DELETION); static Handle<Object> DeleteElement(Handle<JSReceiver> object, uint32_t index, - DeleteMode mode); - - // Set the index'th array element. - // Can cause GC, or return failure if GC is required. - MUST_USE_RESULT MaybeObject* SetElement(uint32_t index, - Object* value, - PropertyAttributes attributes, - StrictModeFlag strict_mode, - bool check_prototype); + DeleteMode mode = NORMAL_DELETION); // Tests for the fast common case for property enumeration. bool IsSimpleEnum(); @@ -1877,7 +2164,6 @@ class JSObject: public JSReceiver { Object* value, PropertyAttributes attributes, StrictModeFlag strict_mode, - ExtensibilityCheck extensibility_check, StoreMode mode = ALLOW_AS_CONSTANT); static Handle<Object> SetLocalPropertyIgnoreAttributes( @@ -1886,7 +2172,8 @@ class JSObject: public JSReceiver { Handle<Object> value, PropertyAttributes attributes, ValueType value_type = OPTIMAL_REPRESENTATION, - StoreMode mode = ALLOW_AS_CONSTANT); + StoreMode mode = ALLOW_AS_CONSTANT, + ExtensibilityCheck extensibility_check = PERFORM_EXTENSIBILITY_CHECK); static inline Handle<String> ExpectedTransitionKey(Handle<Map> map); static inline Handle<Map> ExpectedTransitionTarget(Handle<Map> map); @@ -1910,12 +2197,13 @@ class JSObject: public JSReceiver { inline MUST_USE_RESULT MaybeObject* TryMigrateInstance(); // Can cause GC. - MUST_USE_RESULT MaybeObject* SetLocalPropertyIgnoreAttributes( + MUST_USE_RESULT MaybeObject* SetLocalPropertyIgnoreAttributesTrampoline( Name* key, Object* value, PropertyAttributes attributes, ValueType value_type = OPTIMAL_REPRESENTATION, - StoreMode mode = ALLOW_AS_CONSTANT); + StoreMode mode = ALLOW_AS_CONSTANT, + ExtensibilityCheck extensibility_check = PERFORM_EXTENSIBILITY_CHECK); // Retrieve a value in a normalized object given a lookup result. // Handles the special representation of JS global objects. @@ -1944,7 +2232,6 @@ class JSObject: public JSReceiver { PropertyDetails details); static void OptimizeAsPrototype(Handle<JSObject> object); - MUST_USE_RESULT MaybeObject* OptimizeAsPrototype(); // Retrieve interceptors. InterceptorInfo* GetNamedInterceptor(); @@ -1970,11 +2257,13 @@ class JSObject: public JSReceiver { Handle<Name> name, Handle<Object> getter, Handle<Object> setter, - PropertyAttributes attributes); + PropertyAttributes attributes, + v8::AccessControl access_control = v8::DEFAULT); MaybeObject* LookupAccessor(Name* name, AccessorComponent component); - MUST_USE_RESULT MaybeObject* DefineAccessor(AccessorInfo* info); + static Handle<Object> SetAccessor(Handle<JSObject> object, + Handle<AccessorInfo> info); // Used from Object::GetProperty(). MUST_USE_RESULT MaybeObject* GetPropertyWithFailedAccessCheck( @@ -2025,23 +2314,18 @@ class JSObject: public JSReceiver { Object* GetHiddenProperty(Name* key); // Deletes a hidden property. Deleting a non-existing property is // considered successful. - void DeleteHiddenProperty(Name* key); + static void DeleteHiddenProperty(Handle<JSObject> object, + Handle<Name> key); // Returns true if the object has a property with the hidden string as name. bool HasHiddenProperties(); - static int GetIdentityHash(Handle<JSObject> obj); - MUST_USE_RESULT MaybeObject* GetIdentityHash(CreationFlag flag); - MUST_USE_RESULT MaybeObject* SetIdentityHash(Smi* hash, CreationFlag flag); - - static Handle<Object> DeleteElement(Handle<JSObject> obj, - uint32_t index, - DeleteMode mode = NORMAL_DELETION); - MUST_USE_RESULT MaybeObject* DeleteElement(uint32_t index, DeleteMode mode); + static int GetIdentityHash(Handle<JSObject> object); + static void SetIdentityHash(Handle<JSObject> object, Smi* hash); inline void ValidateElements(); // Makes sure that this object can contain HeapObject as elements. - MUST_USE_RESULT inline MaybeObject* EnsureCanContainHeapObjectElements(); + static inline void EnsureCanContainHeapObjectElements(Handle<JSObject> obj); // Makes sure that this object can contain the specified elements. MUST_USE_RESULT inline MaybeObject* EnsureCanContainElements( @@ -2217,7 +2501,8 @@ class JSObject: public JSReceiver { MUST_USE_RESULT MaybeObject* AddConstantProperty( Name* name, Object* constant, - PropertyAttributes attributes); + PropertyAttributes attributes, + TransitionFlag flag); MUST_USE_RESULT MaybeObject* ReplaceSlowProperty( Name* name, @@ -2240,25 +2525,11 @@ class JSObject: public JSReceiver { MUST_USE_RESULT MaybeObject* TransitionElementsKind(ElementsKind to_kind); MUST_USE_RESULT MaybeObject* UpdateAllocationSite(ElementsKind to_kind); - // Replaces an existing transition with a transition to a map with a FIELD. - MUST_USE_RESULT MaybeObject* ConvertTransitionToMapTransition( - int transition_index, - Name* name, - Object* new_value, - PropertyAttributes attributes); - - // Converts a descriptor of any other type to a real field, backed by the - // properties array. - MUST_USE_RESULT MaybeObject* ConvertDescriptorToField( - Name* name, - Object* new_value, - PropertyAttributes attributes, - TransitionFlag flag = OMIT_TRANSITION); - MUST_USE_RESULT MaybeObject* MigrateToMap(Map* new_map); MUST_USE_RESULT MaybeObject* GeneralizeFieldRepresentation( int modify_index, - Representation new_representation); + Representation new_representation, + StoreMode store_mode); // Add a property to a fast-case object. MUST_USE_RESULT MaybeObject* AddFastProperty( @@ -2266,7 +2537,8 @@ class JSObject: public JSReceiver { Object* value, PropertyAttributes attributes, StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED, - ValueType value_type = OPTIMAL_REPRESENTATION); + ValueType value_type = OPTIMAL_REPRESENTATION, + TransitionFlag flag = INSERT_TRANSITION); // Add a property to a slow-case object. MUST_USE_RESULT MaybeObject* AddSlowProperty(Name* name, @@ -2282,7 +2554,8 @@ class JSObject: public JSReceiver { StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED, ExtensibilityCheck extensibility_check = PERFORM_EXTENSIBILITY_CHECK, ValueType value_type = OPTIMAL_REPRESENTATION, - StoreMode mode = ALLOW_AS_CONSTANT); + StoreMode mode = ALLOW_AS_CONSTANT, + TransitionFlag flag = INSERT_TRANSITION); // Convert the object to use the canonical dictionary // representation. If the object is expected to have additional properties @@ -2303,12 +2576,6 @@ class JSObject: public JSReceiver { MUST_USE_RESULT MaybeObject* NormalizeElements(); - static void UpdateMapCodeCache(Handle<JSObject> object, - Handle<Name> name, - Handle<Code> code); - - MUST_USE_RESULT MaybeObject* UpdateMapCodeCache(Name* name, Code* code); - // Transform slow named properties to fast variants. // Returns failure if allocation failed. static void TransformToFastProperties(Handle<JSObject> object, @@ -2371,25 +2638,17 @@ class JSObject: public JSReceiver { DECLARE_PRINTER(JSObject) DECLARE_VERIFIER(JSObject) #ifdef OBJECT_PRINT - inline void PrintProperties() { - PrintProperties(stdout); - } - void PrintProperties(FILE* out); - - inline void PrintElements() { - PrintElements(stdout); - } - void PrintElements(FILE* out); - inline void PrintTransitions() { - PrintTransitions(stdout); - } - void PrintTransitions(FILE* out); + void PrintProperties(FILE* out = stdout); + void PrintElements(FILE* out = stdout); + void PrintTransitions(FILE* out = stdout); #endif void PrintElementsTransition( FILE* file, ElementsKind from_kind, FixedArrayBase* from_elements, ElementsKind to_kind, FixedArrayBase* to_elements); + void PrintInstanceMigration(FILE* file, Map* original_map, Map* new_map); + #ifdef DEBUG // Structure for collecting spill information about JSObjects. class SpillInformation { @@ -2416,7 +2675,8 @@ class JSObject: public JSReceiver { // Maximal number of fast properties for the JSObject. Used to // restrict the number of map transitions to avoid an explosion in // the number of maps for objects used as dictionaries. - inline bool TooManyFastProperties(int properties, StoreFromKeyed store_mode); + inline bool TooManyFastProperties( + StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED); // Maximal number of elements (numbered 0 .. kMaxElementCount - 1). // Also maximal value of JSArray's length property. @@ -2437,7 +2697,10 @@ class JSObject: public JSReceiver { // don't want to be wasteful with long lived objects. static const int kMaxUncheckedOldFastElementsLength = 500; + // Note that Heap::MaxRegularSpaceAllocationSize() puts a limit on + // permissible values (see the ASSERT in heap.cc). static const int kInitialMaxFastElementArray = 100000; + static const int kFastPropertiesSoftLimit = 12; static const int kMaxFastProperties = 64; static const int kMaxInstanceSize = 255 * kPointerSize; @@ -2471,6 +2734,15 @@ class JSObject: public JSReceiver { friend class DictionaryElementsAccessor; friend class JSReceiver; + // TODO(mstarzinger): Soon to be handlified. + MUST_USE_RESULT MaybeObject* SetLocalPropertyIgnoreAttributes( + Name* key, + Object* value, + PropertyAttributes attributes, + ValueType value_type = OPTIMAL_REPRESENTATION, + StoreMode mode = ALLOW_AS_CONSTANT, + ExtensibilityCheck extensibility_check = PERFORM_EXTENSIBILITY_CHECK); + MUST_USE_RESULT MaybeObject* GetElementWithCallback(Object* receiver, Object* structure, uint32_t index, @@ -2529,11 +2801,11 @@ class JSObject: public JSReceiver { Handle<Name> name, DeleteMode mode); - MUST_USE_RESULT MaybeObject* DeleteElementWithInterceptor(uint32_t index); - - MUST_USE_RESULT MaybeObject* DeleteFastElement(uint32_t index); - MUST_USE_RESULT MaybeObject* DeleteDictionaryElement(uint32_t index, - DeleteMode mode); + static Handle<Object> DeleteElement(Handle<JSObject> object, + uint32_t index, + DeleteMode mode); + static Handle<Object> DeleteElementWithInterceptor(Handle<JSObject> object, + uint32_t index); bool ReferencesObjectFromElements(FixedArray* elements, ElementsKind kind, @@ -2546,26 +2818,28 @@ class JSObject: public JSReceiver { void GetElementsCapacityAndUsage(int* capacity, int* used); bool CanSetCallback(Name* name); - MUST_USE_RESULT MaybeObject* SetElementCallback( - uint32_t index, - Object* structure, - PropertyAttributes attributes); - MUST_USE_RESULT MaybeObject* SetPropertyCallback( - Name* name, - Object* structure, - PropertyAttributes attributes); + static void SetElementCallback(Handle<JSObject> object, + uint32_t index, + Handle<Object> structure, + PropertyAttributes attributes); + static void SetPropertyCallback(Handle<JSObject> object, + Handle<Name> name, + Handle<Object> structure, + PropertyAttributes attributes); static void DefineElementAccessor(Handle<JSObject> object, uint32_t index, Handle<Object> getter, Handle<Object> setter, - PropertyAttributes attributes); + PropertyAttributes attributes, + v8::AccessControl access_control); static Handle<AccessorPair> CreateAccessorPairFor(Handle<JSObject> object, Handle<Name> name); static void DefinePropertyAccessor(Handle<JSObject> object, Handle<Name> name, Handle<Object> getter, Handle<Object> setter, - PropertyAttributes attributes); + PropertyAttributes attributes, + v8::AccessControl access_control); // Try to define a single accessor paying attention to map transitions. // Returns false if this was not possible and we have to use the slow case. @@ -2591,6 +2865,8 @@ class JSObject: public JSReceiver { MUST_USE_RESULT MaybeObject* SetHiddenPropertiesHashTable( Object* value); + MUST_USE_RESULT MaybeObject* GetIdentityHash(CreationFlag flag); + DISALLOW_IMPLICIT_CONSTRUCTORS(JSObject); }; @@ -2632,11 +2908,7 @@ class FixedArray: public FixedArrayBase { // Setters for frequently used oddballs located in old space. inline void set_undefined(int index); - // TODO(isolates): duplicate. - inline void set_undefined(Heap* heap, int index); inline void set_null(int index); - // TODO(isolates): duplicate. - inline void set_null(Heap* heap, int index); inline void set_the_hole(int index); inline Object** GetFirstElementAddress(); @@ -2906,6 +3178,8 @@ class DescriptorArray: public FixedArray { MUST_USE_RESULT MaybeObject* Merge(int verbatim, int valid, int new_size, + int modify_index, + StoreMode store_mode, DescriptorArray* other); bool IsMoreGeneralThan(int verbatim, @@ -2933,7 +3207,8 @@ class DescriptorArray: public FixedArray { // Allocates a DescriptorArray, but returns the singleton // empty descriptor array object if number_of_descriptors is 0. - MUST_USE_RESULT static MaybeObject* Allocate(int number_of_descriptors, + MUST_USE_RESULT static MaybeObject* Allocate(Isolate* isolate, + int number_of_descriptors, int slack = 0); // Casting. @@ -2967,10 +3242,7 @@ class DescriptorArray: public FixedArray { #ifdef OBJECT_PRINT // Print all the descriptors. - inline void PrintDescriptors() { - PrintDescriptors(stdout); - } - void PrintDescriptors(FILE* out); + void PrintDescriptors(FILE* out = stdout); #endif #ifdef DEBUG @@ -3208,6 +3480,9 @@ class HashTable: public FixedArray { inline int FindEntry(Key key); int FindEntry(Isolate* isolate, Key key); + // Rehashes the table in-place. + void Rehash(Key key); + protected: // Find the entry at which to insert element with the given key that // has the given hash value. @@ -3254,6 +3529,13 @@ class HashTable: public FixedArray { return (last + number) & (size - 1); } + // Returns _expected_ if one of entries given by the first _probe_ probes is + // equal to _expected_. Otherwise, returns the entry given by the probe + // number _probe_. + uint32_t EntryForProbe(Key key, Object* k, int probe, uint32_t expected); + + void Swap(uint32_t entry1, uint32_t entry2, WriteBarrierMode mode); + // Rehashes this hash-table into the new table. MUST_USE_RESULT MaybeObject* Rehash(HashTable* new_table, Key key); @@ -3463,10 +3745,7 @@ class Dictionary: public HashTable<Shape, Key> { MUST_USE_RESULT MaybeObject* EnsureCapacity(int n, Key key); #ifdef OBJECT_PRINT - inline void Print() { - Print(stdout); - } - void Print(FILE* out); + void Print(FILE* out = stdout); #endif // Returns the key (slow). Object* SlowReverseLookup(Object* value); @@ -4373,7 +4652,8 @@ class DeoptimizationInputData: public FixedArray { } // Allocates a DeoptimizationInputData. - MUST_USE_RESULT static MaybeObject* Allocate(int deopt_entry_count, + MUST_USE_RESULT static MaybeObject* Allocate(Isolate* isolate, + int deopt_entry_count, PretenureFlag pretenure); // Casting. @@ -4419,7 +4699,8 @@ class DeoptimizationOutputData: public FixedArray { } // Allocates a DeoptimizationOutputData. - MUST_USE_RESULT static MaybeObject* Allocate(int number_of_deopt_points, + MUST_USE_RESULT static MaybeObject* Allocate(Isolate* isolate, + int number_of_deopt_points, PretenureFlag pretenure); // Casting. @@ -4501,7 +4782,6 @@ class Code: public HeapObject { V(KEYED_CALL_IC) \ V(STORE_IC) \ V(KEYED_STORE_IC) \ - V(UNARY_OP_IC) \ V(BINARY_OP_IC) \ V(COMPARE_IC) \ V(COMPARE_NIL_IC) \ @@ -4549,10 +4829,7 @@ class Code: public HeapObject { static const char* ICState2String(InlineCacheState state); static const char* StubType2String(StubType type); static void PrintExtraICState(FILE* out, Kind kind, ExtraICState extra); - inline void Disassemble(const char* name) { - Disassemble(name, stdout); - } - void Disassemble(const char* name, FILE* out); + void Disassemble(const char* name, FILE* out = stdout); #endif // ENABLE_DISASSEMBLER // [instruction_size]: Size of the native instructions @@ -4569,21 +4846,19 @@ class Code: public HeapObject { // [deoptimization_data]: Array containing data for deopt. DECL_ACCESSORS(deoptimization_data, FixedArray) - // [type_feedback_info]: Struct containing type feedback information for - // unoptimized code. Optimized code can temporarily store the head of - // the list of code to be deoptimized during mark-compact GC. - // STUBs can use this slot to store arbitrary information as a Smi. - // Will contain either a TypeFeedbackInfo object, or JSFunction object, - // or undefined, or a Smi. + // [type_feedback_info]: This field stores various things, depending on the + // kind of the code object. + // FUNCTION => type feedback information. + // STUB => various things, e.g. a SMI + // OPTIMIZED_FUNCTION => the next_code_link for optimized code list. DECL_ACCESSORS(type_feedback_info, Object) inline void InitializeTypeFeedbackInfoNoWriteBarrier(Object* value); inline int stub_info(); inline void set_stub_info(int info); - // Used during GC to code a list of code objects to deoptimize. - inline Object* code_to_deoptimize_link(); - inline void set_code_to_deoptimize_link(Object* value); - inline Object** code_to_deoptimize_link_slot(); + // [next_code_link]: Link for lists of optimized or deoptimized code. + // Note that storage for this field is overlapped with typefeedback_info. + DECL_ACCESSORS(next_code_link, Object) // [gc_metadata]: Field used to hold GC related metadata. The contents of this // field does not have to be traced during garbage collection since @@ -4620,8 +4895,7 @@ class Code: public HeapObject { // TODO(danno): This is a bit of a hack right now since there are still // clients of this API that pass "extra" values in for argc. These clients // should be retrofitted to used ExtendedExtraICState. - return kind == COMPARE_NIL_IC || kind == TO_BOOLEAN_IC || - kind == UNARY_OP_IC; + return kind == COMPARE_NIL_IC || kind == TO_BOOLEAN_IC; } inline StubType type(); // Only valid for monomorphic IC stubs. @@ -4629,14 +4903,13 @@ class Code: public HeapObject { // Testers for IC stub kinds. inline bool is_inline_cache_stub(); - inline bool is_debug_break(); + inline bool is_debug_stub(); inline bool is_load_stub() { return kind() == LOAD_IC; } inline bool is_keyed_load_stub() { return kind() == KEYED_LOAD_IC; } inline bool is_store_stub() { return kind() == STORE_IC; } inline bool is_keyed_store_stub() { return kind() == KEYED_STORE_IC; } inline bool is_call_stub() { return kind() == CALL_IC; } inline bool is_keyed_call_stub() { return kind() == KEYED_CALL_IC; } - inline bool is_unary_op_stub() { return kind() == UNARY_OP_IC; } inline bool is_binary_op_stub() { return kind() == BINARY_OP_IC; } inline bool is_compare_ic_stub() { return kind() == COMPARE_IC; } inline bool is_compare_nil_ic_stub() { return kind() == COMPARE_NIL_IC; } @@ -4710,10 +4983,6 @@ class Code: public HeapObject { inline CheckType check_type(); inline void set_check_type(CheckType value); - // [type-recording unary op type]: For kind UNARY_OP_IC. - inline byte unary_op_type(); - inline void set_unary_op_type(byte value); - // [to_boolean_foo]: For kind TO_BOOLEAN_IC tells what state the stub is in. inline byte to_boolean_state(); @@ -4869,6 +5138,8 @@ class Code: public HeapObject { void ClearInlineCaches(); void ClearTypeFeedbackCells(Heap* heap); + BailoutId TranslatePcOffsetToAstId(uint32_t pc_offset); + #define DECLARE_CODE_AGE_ENUM(X) k##X##CodeAge, enum Age { kNoAge = 0, @@ -4908,6 +5179,7 @@ class Code: public HeapObject { kHandlerTableOffset + kPointerSize; static const int kTypeFeedbackInfoOffset = kDeoptimizationDataOffset + kPointerSize; + static const int kNextCodeLinkOffset = kTypeFeedbackInfoOffset; // Shared. static const int kGCMetadataOffset = kTypeFeedbackInfoOffset + kPointerSize; static const int kICAgeOffset = kGCMetadataOffset + kPointerSize; @@ -4952,9 +5224,6 @@ class Code: public HeapObject { // KindSpecificFlags1 layout (STUB and OPTIMIZED_FUNCTION) static const int kStackSlotsFirstBit = 0; static const int kStackSlotsBitCount = 24; - static const int kUnaryOpTypeFirstBit = - kStackSlotsFirstBit + kStackSlotsBitCount; - static const int kUnaryOpTypeBitCount = 3; static const int kHasFunctionCacheFirstBit = kStackSlotsFirstBit + kStackSlotsBitCount; static const int kHasFunctionCacheBitCount = 1; @@ -4963,15 +5232,12 @@ class Code: public HeapObject { static const int kMarkedForDeoptimizationBitCount = 1; STATIC_ASSERT(kStackSlotsFirstBit + kStackSlotsBitCount <= 32); - STATIC_ASSERT(kUnaryOpTypeFirstBit + kUnaryOpTypeBitCount <= 32); STATIC_ASSERT(kHasFunctionCacheFirstBit + kHasFunctionCacheBitCount <= 32); STATIC_ASSERT(kMarkedForDeoptimizationFirstBit + kMarkedForDeoptimizationBitCount <= 32); class StackSlotsField: public BitField<int, kStackSlotsFirstBit, kStackSlotsBitCount> {}; // NOLINT - class UnaryOpTypeField: public BitField<int, - kUnaryOpTypeFirstBit, kUnaryOpTypeBitCount> {}; // NOLINT class HasFunctionCacheField: public BitField<bool, kHasFunctionCacheFirstBit, kHasFunctionCacheBitCount> {}; // NOLINT class MarkedForDeoptimizationField: public BitField<bool, @@ -5176,8 +5442,8 @@ class Map: public HeapObject { inline void set_bit_field2(byte value); // Bit field 3. - inline int bit_field3(); - inline void set_bit_field3(int value); + inline uint32_t bit_field3(); + inline void set_bit_field3(uint32_t bits); class EnumLengthBits: public BitField<int, 0, 11> {}; class NumberOfOwnDescriptorsBits: public BitField<int, 11, 11> {}; @@ -5189,6 +5455,7 @@ class Map: public HeapObject { class Deprecated: public BitField<bool, 27, 1> {}; class IsFrozen: public BitField<bool, 28, 1> {}; class IsUnstable: public BitField<bool, 29, 1> {}; + class IsMigrationTarget: public BitField<bool, 30, 1> {}; // Tells whether the object in the prototype property will be used // for instances created from this function. If the prototype @@ -5347,11 +5614,30 @@ class Map: public HeapObject { static Handle<Map> GeneralizeRepresentation( Handle<Map> map, int modify_index, - Representation new_representation); + Representation new_representation, + StoreMode store_mode); MUST_USE_RESULT MaybeObject* GeneralizeRepresentation( int modify_index, - Representation representation); - MUST_USE_RESULT MaybeObject* CopyGeneralizeAllRepresentations(); + Representation representation, + StoreMode store_mode); + MUST_USE_RESULT MaybeObject* CopyGeneralizeAllRepresentations( + int modify_index, + StoreMode store_mode, + PropertyAttributes attributes, + const char* reason); + + void PrintGeneralization(FILE* file, + const char* reason, + int modify_index, + int split, + int descriptors, + bool constant_to_field, + Representation old_representation, + Representation new_representation); + + // Returns the constructor name (the name (possibly, inferred name) of the + // function that was used to instantiate the object). + String* constructor_name(); // Tells whether the map is attached to SharedFunctionInfo // (for inobject slack tracking). @@ -5486,7 +5772,6 @@ class Map: public HeapObject { set_bit_field3(EnumLengthBits::update(bit_field3(), length)); } - inline bool CanTrackAllocationSite(); inline bool owns_descriptors(); inline void set_owns_descriptors(bool is_shared); inline bool is_observed(); @@ -5495,6 +5780,8 @@ class Map: public HeapObject { inline bool is_frozen(); inline void mark_unstable(); inline bool is_stable(); + inline void set_migration_target(bool value); + inline bool is_migration_target(); inline void deprecate(); inline bool is_deprecated(); inline bool CanBeDeprecated(); @@ -5533,6 +5820,9 @@ class Map: public HeapObject { TransitionFlag flag); MUST_USE_RESULT MaybeObject* CopyForObserved(); + static Handle<Map> CopyNormalized(Handle<Map> map, + PropertyNormalizationMode mode, + NormalizedMapSharingMode sharing); MUST_USE_RESULT MaybeObject* CopyNormalized(PropertyNormalizationMode mode, NormalizedMapSharingMode sharing); @@ -5636,12 +5926,15 @@ class Map: public HeapObject { return instance_type() >= FIRST_JS_OBJECT_TYPE; } + bool IsJSObjectMap() { + return instance_type() >= FIRST_JS_OBJECT_TYPE; + } + // Fires when the layout of an object with a leaf map changes. // This includes adding transitions to the leaf map or changing // the descriptor array. inline void NotifyLeafMapLayoutChange(); - inline bool CanOmitPrototypeChecks(); inline bool CanOmitMapChecks(); void AddDependentCompilationInfo(DependentCode::DependencyGroup group, @@ -5658,7 +5951,7 @@ class Map: public HeapObject { #ifdef VERIFY_HEAP void SharedMapVerify(); - void VerifyOmittedPrototypeChecks(); + void VerifyOmittedMapChecks(); #endif inline int visitor_id(); @@ -6305,7 +6598,9 @@ class SharedFunctionInfo: public HeapObject { // Disable (further) attempted optimization of all functions sharing this // shared function info. - void DisableOptimization(const char* reason); + void DisableOptimization(BailoutReason reason); + + inline BailoutReason DisableOptimizationReason(); // Lookup the bailout ID and ASSERT that it exists in the non-optimized // code, returns whether it asserted (i.e., always true if assertions are @@ -6336,6 +6631,21 @@ class SharedFunctionInfo: public HeapObject { inline void set_counters(int value); inline int counters(); + // Stores opt_count and bailout_reason as bit-fields. + inline void set_opt_count_and_bailout_reason(int value); + inline int opt_count_and_bailout_reason(); + + void set_bailout_reason(BailoutReason reason) { + set_opt_count_and_bailout_reason( + DisabledOptimizationReasonBits::update(opt_count_and_bailout_reason(), + reason)); + } + + void set_dont_optimize_reason(BailoutReason reason) { + set_bailout_reason(reason); + set_dont_optimize(reason != kNoReason); + } + // Source size of this function. int SourceSize(); @@ -6402,8 +6712,10 @@ class SharedFunctionInfo: public HeapObject { kEndPositionOffset + kPointerSize; static const int kCompilerHintsOffset = kFunctionTokenPositionOffset + kPointerSize; - static const int kOptCountOffset = kCompilerHintsOffset + kPointerSize; - static const int kCountersOffset = kOptCountOffset + kPointerSize; + static const int kOptCountAndBailoutReasonOffset = + kCompilerHintsOffset + kPointerSize; + static const int kCountersOffset = + kOptCountAndBailoutReasonOffset + kPointerSize; // Total size. static const int kSize = kCountersOffset + kPointerSize; @@ -6437,9 +6749,11 @@ class SharedFunctionInfo: public HeapObject { static const int kCompilerHintsOffset = kFunctionTokenPositionOffset + kIntSize; - static const int kOptCountOffset = kCompilerHintsOffset + kIntSize; + static const int kOptCountAndBailoutReasonOffset = + kCompilerHintsOffset + kIntSize; - static const int kCountersOffset = kOptCountOffset + kIntSize; + static const int kCountersOffset = + kOptCountAndBailoutReasonOffset + kIntSize; // Total size. static const int kSize = kCountersOffset + kIntSize; @@ -6498,6 +6812,9 @@ class SharedFunctionInfo: public HeapObject { class OptReenableTriesBits: public BitField<int, 4, 18> {}; class ICAgeBits: public BitField<int, 22, 8> {}; + class OptCountBits: public BitField<int, 0, 22> {}; + class DisabledOptimizationReasonBits: public BitField<int, 22, 8> {}; + private: #if V8_HOST_ARCH_32_BIT // On 32 bit platforms, compiler hints is a smi. @@ -6682,8 +6999,7 @@ class JSFunction: public JSObject { // Mark this function for lazy recompilation. The function will be // recompiled the next time it is executed. void MarkForLazyRecompilation(); - void MarkForParallelRecompilation(); - void MarkForInstallingRecompiledCode(); + void MarkForConcurrentRecompilation(); void MarkInRecompileQueue(); // Helpers to compile this function. Returns true on success, false on @@ -6692,18 +7008,18 @@ class JSFunction: public JSObject { ClearExceptionFlag flag); static bool CompileLazy(Handle<JSFunction> function, ClearExceptionFlag flag); + static Handle<Code> CompileOsr(Handle<JSFunction> function, + BailoutId osr_ast_id, + ClearExceptionFlag flag); static bool CompileOptimized(Handle<JSFunction> function, - BailoutId osr_ast_id, ClearExceptionFlag flag); // Tells whether or not the function is already marked for lazy // recompilation. inline bool IsMarkedForLazyRecompilation(); - inline bool IsMarkedForParallelRecompilation(); - inline bool IsMarkedForInstallingRecompiledCode(); + inline bool IsMarkedForConcurrentRecompilation(); - // Tells whether or not the function is on the parallel - // recompilation queue. + // Tells whether or not the function is on the concurrent recompilation queue. inline bool IsInRecompileQueue(); // Check whether or not this function is inlineable. @@ -6768,15 +7084,14 @@ class JSFunction: public JSObject { // Returns if this function has been compiled to native code yet. inline bool is_compiled(); - // [next_function_link]: Field for linking functions. This list is treated as - // a weak list by the GC. + // [next_function_link]: Links functions into various lists, e.g. the list + // of optimized functions hanging off the native_context. The CodeFlusher + // uses this link to chain together flushing candidates. Treated weakly + // by the garbage collector. DECL_ACCESSORS(next_function_link, Object) // Prints the name of the function using PrintF. - inline void PrintName() { - PrintName(stdout); - } - void PrintName(FILE* out); + void PrintName(FILE* out = stdout); // Casting. static inline JSFunction* cast(Object* obj); @@ -6795,7 +7110,8 @@ class JSFunction: public JSObject { // Retrieve the native context from a function's literal array. static Context* NativeContextFromLiterals(FixedArray* literals); - bool PassesHydrogenFilter(); + // Used for flags such as --hydrogen-filter. + bool PassesFilter(const char* raw_filter); // Layout descriptors. The last property (from kNonWeakFieldsEndOffset to // kSize) is weak and has special handling during garbage collection. @@ -6885,10 +7201,6 @@ class GlobalObject: public JSObject { return answer; } - // Ensure that the global object has a cell for the given property name. - static Handle<PropertyCell> EnsurePropertyCell(Handle<GlobalObject> global, - Handle<Name> name); - // Casting. static inline GlobalObject* cast(Object* obj); @@ -6910,6 +7222,10 @@ class JSGlobalObject: public GlobalObject { // Casting. static inline JSGlobalObject* cast(Object* obj); + // Ensure that the global object has a cell for the given property name. + static Handle<PropertyCell> EnsurePropertyCell(Handle<JSGlobalObject> global, + Handle<Name> name); + // Dispatched behavior. DECLARE_PRINTER(JSGlobalObject) DECLARE_VERIFIER(JSGlobalObject) @@ -7554,6 +7870,7 @@ class AllocationSite: public Struct { static inline AllocationSiteMode GetMode( ElementsKind boilerplate_elements_kind); static inline AllocationSiteMode GetMode(ElementsKind from, ElementsKind to); + static inline bool CanTrack(InstanceType type); static const int kTransitionInfoOffset = HeapObject::kHeaderSize; static const int kWeakNextOffset = kTransitionInfoOffset + kPointerSize; @@ -7750,6 +8067,8 @@ class Name: public HeapObject { // Casting. static inline Name* cast(Object* obj); + bool IsCacheable(Isolate* isolate); + DECLARE_PRINTER(Name) // Layout description. @@ -8019,13 +8338,9 @@ class String: public Name { // Dispatched behavior. void StringShortPrint(StringStream* accumulator); #ifdef OBJECT_PRINT - inline void StringPrint() { - StringPrint(stdout); - } - void StringPrint(FILE* out); - char* ToAsciiArray(); #endif + DECLARE_PRINTER(String) DECLARE_VERIFIER(String) inline bool IsFlat(); @@ -8477,13 +8792,14 @@ class Relocatable BASE_EMBEDDED { virtual void IterateInstance(ObjectVisitor* v) { } virtual void PostGarbageCollection() { } - static void PostGarbageCollectionProcessing(); + static void PostGarbageCollectionProcessing(Isolate* isolate); static int ArchiveSpacePerThread(); static char* ArchiveState(Isolate* isolate, char* to); static char* RestoreState(Isolate* isolate, char* from); - static void Iterate(ObjectVisitor* v); + static void Iterate(Isolate* isolate, ObjectVisitor* v); static void Iterate(ObjectVisitor* v, Relocatable* top); static char* Iterate(ObjectVisitor* v, char* t); + private: Isolate* isolate_; Relocatable* prev_; @@ -8619,7 +8935,8 @@ class Oddball: public HeapObject { DECLARE_VERIFIER(Oddball) // Initialize the fields. - MUST_USE_RESULT MaybeObject* Initialize(const char* to_string, + MUST_USE_RESULT MaybeObject* Initialize(Heap* heap, + const char* to_string, Object* to_number, byte kind); @@ -8769,11 +9086,6 @@ class JSProxy: public JSReceiver { Object* value, PropertyAttributes attributes, StrictModeFlag strict_mode); - MUST_USE_RESULT MaybeObject* SetElementWithHandler( - JSReceiver* receiver, - uint32_t index, - Object* value, - StrictModeFlag strict_mode); // If the handler defines an accessor property with a setter, invoke it. // If it defines an accessor property without a setter, or a data property @@ -8794,10 +9106,8 @@ class JSProxy: public JSReceiver { JSReceiver* receiver, uint32_t index); - MUST_USE_RESULT MaybeObject* GetIdentityHash(CreationFlag flag); - - // Turn this into an (empty) JSObject. - void Fix(); + // Turn the proxy into an (empty) JSObject. + static void Fix(Handle<JSProxy> proxy); // Initializes the body after the handler slot. inline void InitializeBody(int object_size, Object* value); @@ -8832,13 +9142,23 @@ class JSProxy: public JSReceiver { private: friend class JSReceiver; - static Handle<Object> DeletePropertyWithHandler(Handle<JSProxy> object, + static Handle<Object> SetElementWithHandler(Handle<JSProxy> proxy, + Handle<JSReceiver> receiver, + uint32_t index, + Handle<Object> value, + StrictModeFlag strict_mode); + + static Handle<Object> DeletePropertyWithHandler(Handle<JSProxy> proxy, Handle<Name> name, DeleteMode mode); - static Handle<Object> DeleteElementWithHandler(Handle<JSProxy> object, + static Handle<Object> DeleteElementWithHandler(Handle<JSProxy> proxy, uint32_t index, DeleteMode mode); + MUST_USE_RESULT MaybeObject* GetIdentityHash(CreationFlag flag); + static Handle<Object> GetIdentityHash(Handle<JSProxy> proxy, + CreationFlag flag); + DISALLOW_IMPLICIT_CONSTRUCTORS(JSProxy); }; @@ -9239,6 +9559,11 @@ class AccessorInfo: public Struct { // Dispatched behavior. DECLARE_VERIFIER(AccessorInfo) + // Append all descriptors to the array that are not already there. + // Return number added. + static int AppendUnique(Handle<Object> descriptors, + Handle<FixedArray> array, + int valid_descriptors); static const int kNameOffset = HeapObject::kHeaderSize; static const int kFlagOffset = kNameOffset + kPointerSize; @@ -9402,10 +9727,18 @@ class ExecutableAccessorInfo: public AccessorInfo { // * undefined: considered an accessor by the spec, too, strangely enough // * the hole: an accessor which has not been set // * a pointer to a map: a transition used to ensure map sharing +// access_flags provides the ability to override access checks on access check +// failure. class AccessorPair: public Struct { public: DECL_ACCESSORS(getter, Object) DECL_ACCESSORS(setter, Object) + DECL_ACCESSORS(access_flags, Smi) + + inline void set_access_flags(v8::AccessControl access_control); + inline bool all_can_read(); + inline bool all_can_write(); + inline bool prohibits_overwriting(); static inline AccessorPair* cast(Object* obj); @@ -9442,9 +9775,14 @@ class AccessorPair: public Struct { static const int kGetterOffset = HeapObject::kHeaderSize; static const int kSetterOffset = kGetterOffset + kPointerSize; - static const int kSize = kSetterOffset + kPointerSize; + static const int kAccessFlagsOffset = kSetterOffset + kPointerSize; + static const int kSize = kAccessFlagsOffset + kPointerSize; private: + static const int kAllCanReadBit = 0; + static const int kAllCanWriteBit = 1; + static const int kProhibitsOverwritingBit = 2; + // Strangely enough, in addition to functions and harmony proxies, the spec // requires us to consider undefined as a kind of accessor, too: // var obj = {}; @@ -9532,12 +9870,15 @@ class TemplateInfo: public Struct { public: DECL_ACCESSORS(tag, Object) DECL_ACCESSORS(property_list, Object) + DECL_ACCESSORS(property_accessors, Object) DECLARE_VERIFIER(TemplateInfo) - static const int kTagOffset = HeapObject::kHeaderSize; + static const int kTagOffset = HeapObject::kHeaderSize; static const int kPropertyListOffset = kTagOffset + kPointerSize; - static const int kHeaderSize = kPropertyListOffset + kPointerSize; + static const int kPropertyAccessorsOffset = + kPropertyListOffset + kPointerSize; + static const int kHeaderSize = kPropertyAccessorsOffset + kPointerSize; private: DISALLOW_IMPLICIT_CONSTRUCTORS(TemplateInfo); @@ -9548,7 +9889,6 @@ class FunctionTemplateInfo: public TemplateInfo { public: DECL_ACCESSORS(serial_number, Object) DECL_ACCESSORS(call_code, Object) - DECL_ACCESSORS(property_accessors, Object) DECL_ACCESSORS(prototype_template, Object) DECL_ACCESSORS(parent_template, Object) DECL_ACCESSORS(named_property_handler, Object) @@ -9570,6 +9910,8 @@ class FunctionTemplateInfo: public TemplateInfo { // requires access check. DECL_BOOLEAN_ACCESSORS(needs_access_check) DECL_BOOLEAN_ACCESSORS(read_only_prototype) + DECL_BOOLEAN_ACCESSORS(remove_prototype) + DECL_BOOLEAN_ACCESSORS(do_not_cache) static inline FunctionTemplateInfo* cast(Object* obj); @@ -9579,9 +9921,8 @@ class FunctionTemplateInfo: public TemplateInfo { static const int kSerialNumberOffset = TemplateInfo::kHeaderSize; static const int kCallCodeOffset = kSerialNumberOffset + kPointerSize; - static const int kPropertyAccessorsOffset = kCallCodeOffset + kPointerSize; static const int kPrototypeTemplateOffset = - kPropertyAccessorsOffset + kPointerSize; + kCallCodeOffset + kPointerSize; static const int kParentTemplateOffset = kPrototypeTemplateOffset + kPointerSize; static const int kNamedPropertyHandlerOffset = @@ -9605,6 +9946,8 @@ class FunctionTemplateInfo: public TemplateInfo { static const int kUndetectableBit = 1; static const int kNeedsAccessCheckBit = 2; static const int kReadOnlyPrototypeBit = 3; + static const int kRemovePrototypeBit = 4; + static const int kDoNotCacheBit = 5; DISALLOW_IMPLICIT_CONSTRUCTORS(FunctionTemplateInfo); }; @@ -9787,6 +10130,7 @@ class BreakPointInfo: public Struct { V(kHandleScope, "handlescope", "(Handle scope)") \ V(kBuiltins, "builtins", "(Builtins)") \ V(kGlobalHandles, "globalhandles", "(Global handles)") \ + V(kEternalHandles, "eternalhandles", "(Eternal handles)") \ V(kThreadManager, "threadmanager", "(Thread manager)") \ V(kExtensions, "Extensions", "(Extensions)") |