diff options
Diffstat (limited to 'deps/v8/src/init')
| -rw-r--r-- | deps/v8/src/init/bootstrapper.cc | 106 | ||||
| -rw-r--r-- | deps/v8/src/init/heap-symbols.h | 12 | ||||
| -rw-r--r-- | deps/v8/src/init/v8.cc | 19 | ||||
| -rw-r--r-- | deps/v8/src/init/v8.h | 6 |
4 files changed, 79 insertions, 64 deletions
diff --git a/deps/v8/src/init/bootstrapper.cc b/deps/v8/src/init/bootstrapper.cc index 1c545d2461..947d8381d8 100644 --- a/deps/v8/src/init/bootstrapper.cc +++ b/deps/v8/src/init/bootstrapper.cc @@ -22,6 +22,7 @@ #include "src/extensions/statistics-extension.h" #include "src/extensions/trigger-failure-extension.h" #include "src/logging/runtime-call-stats-scope.h" +#include "src/objects/instance-type.h" #include "src/objects/objects.h" #ifdef ENABLE_VTUNE_TRACEMARK #include "src/extensions/vtunedomain-support-extension.h" @@ -244,7 +245,7 @@ class Genesis { Handle<JSFunction> InstallTypedArray(const char* name, ElementsKind elements_kind, - InstanceType type, + InstanceType constructor_type, int rab_gsab_initial_map_index); void InitializeMapCaches(); @@ -502,21 +503,30 @@ V8_NOINLINE Handle<JSFunction> InstallFunction( instance_size, inobject_properties, prototype, call); } -// This installs an instance type (|constructor_type|) on the constructor map -// which will be used for protector cell checks -- this is separate from |type| -// which is used to set the instance type of the object created by this -// constructor. If protector cell checks are not required, continue to use the -// default JS_FUNCTION_TYPE by directly calling InstallFunction. -V8_NOINLINE Handle<JSFunction> InstallConstructor( - Isolate* isolate, Handle<JSObject> target, const char* name, - InstanceType type, int instance_size, int inobject_properties, - Handle<HeapObject> prototype, Builtin call, InstanceType constructor_type) { - Handle<JSFunction> function = InstallFunction( - isolate, target, isolate->factory()->InternalizeUtf8String(name), type, - instance_size, inobject_properties, prototype, call); +// This sets a constructor instance type on the constructor map which will be +// used in IsXxxConstructor() predicates. Having such predicates helps figuring +// out if a protector cell should be invalidated. If there are no protector +// cell checks required for constructor, this function must not be used. +// Note, this function doesn't create a copy of the constructor's map. So it's +// better to set constructor instance type after all the properties are added +// to the constructor and thus the map is already guaranteed to be unique. +V8_NOINLINE void SetConstructorInstanceType(Isolate* isolate, + Handle<JSFunction> constructor, + InstanceType constructor_type) { DCHECK(InstanceTypeChecker::IsJSFunction(constructor_type)); - function->map().set_instance_type(constructor_type); - return function; + DCHECK_NE(constructor_type, JS_FUNCTION_TYPE); + + Map map = constructor->map(); + + // Check we don't accidentally change one of the existing maps. + DCHECK_NE(map, *isolate->strict_function_map()); + DCHECK_NE(map, *isolate->strict_function_with_readonly_prototype_map()); + // Constructor function map is always a root map, and thus we don't have to + // deal with updating the whole transition tree. + DCHECK(map.GetBackPointer().IsUndefined(isolate)); + DCHECK_EQ(JS_FUNCTION_TYPE, map.instance_type()); + + map.set_instance_type(constructor_type); } V8_NOINLINE Handle<JSFunction> SimpleCreateFunction(Isolate* isolate, @@ -828,13 +838,15 @@ void Genesis::CreateObjectFunction(Handle<JSFunction> empty_function) { Handle<JSObject> object_function_prototype = factory->NewFunctionPrototype(object_fun); - Handle<Map> map = - Map::Copy(isolate(), handle(object_function_prototype->map(), isolate()), - "EmptyObjectPrototype"); - map->set_is_prototype_map(true); - // Ban re-setting Object.prototype.__proto__ to prevent Proxy security bug - map->set_is_immutable_proto(true); - object_function_prototype->set_map(*map); + { + Handle<Map> map = Map::Copy( + isolate(), handle(object_function_prototype->map(), isolate()), + "EmptyObjectPrototype"); + map->set_is_prototype_map(true); + // Ban re-setting Object.prototype.__proto__ to prevent Proxy security bug + map->set_is_immutable_proto(true); + object_function_prototype->set_map(*map); + } // Complete setting up empty function. { @@ -1658,10 +1670,9 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, Handle<JSFunction> array_prototype_to_string_fun; { // --- A r r a y --- - Handle<JSFunction> array_function = InstallConstructor( + Handle<JSFunction> array_function = InstallFunction( isolate_, global, "Array", JS_ARRAY_TYPE, JSArray::kHeaderSize, 0, - isolate_->initial_object_prototype(), Builtin::kArrayConstructor, - JS_ARRAY_CONSTRUCTOR_TYPE); + isolate_->initial_object_prototype(), Builtin::kArrayConstructor); array_function->shared().DontAdaptArguments(); // This seems a bit hackish, but we need to make sure Array.length @@ -1707,6 +1718,8 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, 1, false); SimpleInstallFunction(isolate_, array_function, "of", Builtin::kArrayOf, 0, false); + SetConstructorInstanceType(isolate_, array_function, + JS_ARRAY_CONSTRUCTOR_TYPE); JSObject::AddProperty(isolate_, proto, factory->constructor_string(), array_function, DONT_ENUM); @@ -1898,7 +1911,6 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, // Install Number constants const double kMaxValue = 1.7976931348623157e+308; const double kMinValue = 5e-324; - const double kMinSafeInteger = -kMaxSafeInteger; const double kEPS = 2.220446049250313e-16; InstallConstant(isolate_, number_fun, "MAX_VALUE", @@ -2346,10 +2358,10 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, } { // -- P r o m i s e - Handle<JSFunction> promise_fun = InstallConstructor( + Handle<JSFunction> promise_fun = InstallFunction( isolate_, global, "Promise", JS_PROMISE_TYPE, JSPromise::kSizeWithEmbedderFields, 0, factory->the_hole_value(), - Builtin::kPromiseConstructor, JS_PROMISE_CONSTRUCTOR_TYPE); + Builtin::kPromiseConstructor); InstallWithIntrinsicDefaultProto(isolate_, promise_fun, Context::PROMISE_FUNCTION_INDEX); @@ -2379,6 +2391,9 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, InstallFunctionWithBuiltinId(isolate_, promise_fun, "reject", Builtin::kPromiseReject, 1, true); + SetConstructorInstanceType(isolate_, promise_fun, + JS_PROMISE_CONSTRUCTOR_TYPE); + // Setup %PromisePrototype%. Handle<JSObject> prototype( JSObject::cast(promise_fun->instance_prototype()), isolate()); @@ -2409,11 +2424,11 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, { // -- R e g E x p // Builtin functions for RegExp.prototype. - Handle<JSFunction> regexp_fun = InstallConstructor( + Handle<JSFunction> regexp_fun = InstallFunction( isolate_, global, "RegExp", JS_REG_EXP_TYPE, JSRegExp::kHeaderSize + JSRegExp::kInObjectFieldCount * kTaggedSize, JSRegExp::kInObjectFieldCount, factory->the_hole_value(), - Builtin::kRegExpConstructor, JS_REG_EXP_CONSTRUCTOR_TYPE); + Builtin::kRegExpConstructor); InstallWithIntrinsicDefaultProto(isolate_, regexp_fun, Context::REGEXP_FUNCTION_INDEX); Handle<SharedFunctionInfo> shared(regexp_fun->shared(), isolate_); @@ -2574,6 +2589,8 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, INSTALL_CAPTURE_GETTER(9); #undef INSTALL_CAPTURE_GETTER } + SetConstructorInstanceType(isolate_, regexp_fun, + JS_REG_EXP_CONSTRUCTOR_TYPE); DCHECK(regexp_fun->has_initial_map()); Handle<Map> initial_map(regexp_fun->initial_map(), isolate()); @@ -4020,7 +4037,7 @@ void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object, Handle<JSFunction> Genesis::InstallTypedArray(const char* name, ElementsKind elements_kind, - InstanceType type, + InstanceType constructor_type, int rab_gsab_initial_map_index) { Handle<JSObject> global = Handle<JSObject>(native_context()->global_object(), isolate()); @@ -4028,10 +4045,10 @@ Handle<JSFunction> Genesis::InstallTypedArray(const char* name, Handle<JSObject> typed_array_prototype = isolate()->typed_array_prototype(); Handle<JSFunction> typed_array_function = isolate()->typed_array_function(); - Handle<JSFunction> result = InstallConstructor( + Handle<JSFunction> result = InstallFunction( isolate(), global, name, JS_TYPED_ARRAY_TYPE, JSTypedArray::kSizeWithEmbedderFields, 0, factory()->the_hole_value(), - Builtin::kTypedArrayConstructor, type); + Builtin::kTypedArrayConstructor); result->initial_map().set_elements_kind(elements_kind); result->shared().DontAdaptArguments(); @@ -4045,6 +4062,11 @@ Handle<JSFunction> Genesis::InstallTypedArray(const char* name, InstallConstant(isolate(), result, "BYTES_PER_ELEMENT", bytes_per_element); + // TODO(v8:11256, ishell): given the granularity of typed array contructor + // protectors, consider creating only one constructor instance type for all + // typed array constructors. + SetConstructorInstanceType(isolate_, result, constructor_type); + // Setup prototype object. DCHECK(result->prototype().IsJSObject()); Handle<JSObject> prototype(JSObject::cast(result->prototype()), isolate()); @@ -4372,7 +4394,6 @@ void Genesis::InitializeCallSiteBuiltins() { #define EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(id) \ void Genesis::InitializeGlobal_##id() {} -EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_top_level_await) EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_import_assertions) EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_private_brand_checks) EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_class_static_blocks) @@ -4380,9 +4401,6 @@ EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_error_cause) #ifdef V8_INTL_SUPPORT EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_intl_best_fit_matcher) -EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_intl_displaynames_v2) -EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_intl_dateformat_day_period) -EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_intl_more_timezone) #endif // V8_INTL_SUPPORT #undef EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE @@ -5872,7 +5890,7 @@ void Genesis::TransferNamedProperties(Handle<JSObject> from, for (InternalIndex i : from->map().IterateOwnDescriptors()) { PropertyDetails details = descs->GetDetails(i); if (details.location() == PropertyLocation::kField) { - if (details.kind() == kData) { + if (details.kind() == PropertyKind::kData) { HandleScope inner(isolate()); Handle<Name> key = Handle<Name>(descs->GetKey(i), isolate()); // If the property is already there we skip it. @@ -5883,13 +5901,13 @@ void Genesis::TransferNamedProperties(Handle<JSObject> from, JSObject::AddProperty(isolate(), to, key, value, details.attributes()); } else { - DCHECK_EQ(kAccessor, details.kind()); + DCHECK_EQ(PropertyKind::kAccessor, details.kind()); UNREACHABLE(); } } else { DCHECK_EQ(PropertyLocation::kDescriptor, details.location()); - DCHECK_EQ(kAccessor, details.kind()); + DCHECK_EQ(PropertyKind::kAccessor, details.kind()); Handle<Name> key(descs->GetKey(i), isolate()); // If the property is already there we skip it. if (PropertyAlreadyExists(isolate(), to, key)) continue; @@ -5897,7 +5915,7 @@ void Genesis::TransferNamedProperties(Handle<JSObject> from, DCHECK(!to->HasFastProperties()); // Add to dictionary. Handle<Object> value(descs->GetStrongValue(i), isolate()); - PropertyDetails d(kAccessor, details.attributes(), + PropertyDetails d(PropertyKind::kAccessor, details.attributes(), PropertyCellType::kMutable); JSObject::SetNormalizedProperty(to, key, value, d); } @@ -5918,7 +5936,7 @@ void Genesis::TransferNamedProperties(Handle<JSObject> from, Handle<Object> value(cell->value(), isolate()); if (value->IsTheHole(isolate())) continue; PropertyDetails details = cell->property_details(); - if (details.kind() != kData) continue; + if (details.kind() != PropertyKind::kData) continue; JSObject::AddProperty(isolate(), to, key, value, details.attributes()); } @@ -5941,7 +5959,7 @@ void Genesis::TransferNamedProperties(Handle<JSObject> from, DCHECK(!value->IsCell()); DCHECK(!value->IsTheHole(isolate())); PropertyDetails details = properties->DetailsAt(entry); - DCHECK_EQ(kData, details.kind()); + DCHECK_EQ(PropertyKind::kData, details.kind()); JSObject::AddProperty(isolate(), to, key, value, details.attributes()); } } else { @@ -5965,7 +5983,7 @@ void Genesis::TransferNamedProperties(Handle<JSObject> from, DCHECK(!value->IsCell()); DCHECK(!value->IsTheHole(isolate())); PropertyDetails details = properties->DetailsAt(key_index); - DCHECK_EQ(kData, details.kind()); + DCHECK_EQ(PropertyKind::kData, details.kind()); JSObject::AddProperty(isolate(), to, key, value, details.attributes()); } } diff --git a/deps/v8/src/init/heap-symbols.h b/deps/v8/src/init/heap-symbols.h index f8af775712..2476fc5c6a 100644 --- a/deps/v8/src/init/heap-symbols.h +++ b/deps/v8/src/init/heap-symbols.h @@ -116,8 +116,7 @@ V(_, useGrouping_string, "useGrouping") \ V(_, unitDisplay_string, "unitDisplay") \ V(_, weekday_string, "weekday") \ - V(_, weekendEnd_string, "weekendEnd") \ - V(_, weekendStart_string, "weekendStart") \ + V(_, weekend_string, "weekend") \ V(_, weekInfo_string, "weekInfo") \ V(_, yearName_string, "yearName") #else // V8_INTL_SUPPORT @@ -197,7 +196,7 @@ V(_, dot_home_object_string, ".home_object") \ V(_, dot_result_string, ".result") \ V(_, dot_repl_result_string, ".repl_result") \ - V(_, dot_static_home_object_string, "._static_home_object") \ + V(_, dot_static_home_object_string, ".static_home_object") \ V(_, dot_string, ".") \ V(_, dot_switch_tag_string, ".switch_tag") \ V(_, dotAll_string, "dotAll") \ @@ -527,11 +526,13 @@ F(MC_EVACUATE_PROLOGUE) \ F(MC_EVACUATE_REBALANCE) \ F(MC_EVACUATE_UPDATE_POINTERS) \ + F(MC_EVACUATE_UPDATE_POINTERS_CLIENT_HEAPS) \ F(MC_EVACUATE_UPDATE_POINTERS_PARALLEL) \ F(MC_EVACUATE_UPDATE_POINTERS_SLOTS_MAIN) \ F(MC_EVACUATE_UPDATE_POINTERS_TO_NEW_ROOTS) \ F(MC_EVACUATE_UPDATE_POINTERS_WEAK) \ F(MC_FINISH_SWEEP_ARRAY_BUFFERS) \ + F(MC_MARK_CLIENT_HEAPS) \ F(MC_MARK_EMBEDDER_PROLOGUE) \ F(MC_MARK_EMBEDDER_TRACING) \ F(MC_MARK_EMBEDDER_TRACING_CLOSURE) \ @@ -575,6 +576,7 @@ F(MINOR_MC_MARKING_DEQUE) \ F(MINOR_MC_RESET_LIVENESS) \ F(MINOR_MC_SWEEPING) \ + F(SAFEPOINT) \ F(SCAVENGER) \ F(SCAVENGER_COMPLETE_SWEEP_ARRAY_BUFFERS) \ F(SCAVENGER_FAST_PROMOTE) \ @@ -589,8 +591,10 @@ F(SCAVENGER_SCAVENGE_WEAK) \ F(SCAVENGER_SCAVENGE_FINALIZE) \ F(SCAVENGER_SWEEP_ARRAY_BUFFERS) \ + F(TIME_TO_GLOBAL_SAFEPOINT) \ F(TIME_TO_SAFEPOINT) \ - F(UNMAPPER) + F(UNMAPPER) \ + F(UNPARK) #define TRACER_BACKGROUND_SCOPES(F) \ F(BACKGROUND_YOUNG_ARRAY_BUFFER_SWEEP) \ diff --git a/deps/v8/src/init/v8.cc b/deps/v8/src/init/v8.cc index f7e16d369c..5172d5da9a 100644 --- a/deps/v8/src/init/v8.cc +++ b/deps/v8/src/init/v8.cc @@ -48,12 +48,9 @@ V8_DECLARE_ONCE(init_snapshot_once); v8::Platform* V8::platform_ = nullptr; -bool V8::Initialize() { - InitializeOncePerProcess(); - return true; -} +void V8::Initialize() { base::CallOnce(&init_once, &InitializeOncePerProcess); } -void V8::TearDown() { +void V8::Dispose() { #if V8_ENABLE_WEBASSEMBLY wasm::WasmEngine::GlobalTearDown(); #endif // V8_ENABLE_WEBASSEMBLY @@ -73,7 +70,7 @@ void V8::TearDown() { FLAG_##flag = false; \ } -void V8::InitializeOncePerProcessImpl() { +void V8::InitializeOncePerProcess() { CHECK(platform_); #ifdef V8_VIRTUAL_MEMORY_CAGE @@ -206,10 +203,6 @@ void V8::InitializeOncePerProcessImpl() { ExternalReferenceTable::InitializeOncePerProcess(); } -void V8::InitializeOncePerProcess() { - base::CallOnce(&init_once, &InitializeOncePerProcessImpl); -} - void V8::InitializePlatform(v8::Platform* platform) { CHECK(!platform_); CHECK(platform); @@ -228,12 +221,12 @@ void V8::InitializePlatform(v8::Platform* platform) { bool V8::InitializeVirtualMemoryCage() { // Platform must have been initialized already. CHECK(platform_); - v8::PageAllocator* page_allocator = GetPlatformPageAllocator(); - return GetProcessWideVirtualMemoryCage()->Initialize(page_allocator); + v8::VirtualAddressSpace* vas = GetPlatformVirtualAddressSpace(); + return GetProcessWideVirtualMemoryCage()->Initialize(vas); } #endif -void V8::ShutdownPlatform() { +void V8::DisposePlatform() { CHECK(platform_); #if defined(V8_OS_WIN) && defined(V8_ENABLE_SYSTEM_INSTRUMENTATION) if (FLAG_enable_system_instrumentation) { diff --git a/deps/v8/src/init/v8.h b/deps/v8/src/init/v8.h index bbde9bfd13..edd5be247d 100644 --- a/deps/v8/src/init/v8.h +++ b/deps/v8/src/init/v8.h @@ -20,8 +20,8 @@ class V8 : public AllStatic { public: // Global actions. - static bool Initialize(); - static void TearDown(); + static void Initialize(); + static void Dispose(); // Report process out of memory. Implementation found in api.cc. // This function will not return, but will terminate the execution. @@ -34,7 +34,7 @@ class V8 : public AllStatic { #endif static void InitializePlatform(v8::Platform* platform); - static void ShutdownPlatform(); + static void DisposePlatform(); V8_EXPORT_PRIVATE static v8::Platform* GetCurrentPlatform(); // Replaces the current platform with the given platform. // Should be used only for testing. |