diff options
| author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-07-31 15:50:41 +0200 |
|---|---|---|
| committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-08-30 12:35:23 +0000 |
| commit | 7b2ffa587235a47d4094787d72f38102089f402a (patch) | |
| tree | 30e82af9cbab08a7fa028bb18f4f2987a3f74dfa /chromium/v8/src/runtime | |
| parent | d94af01c90575348c4e81a418257f254b6f8d225 (diff) | |
| download | qtwebengine-chromium-7b2ffa587235a47d4094787d72f38102089f402a.tar.gz | |
BASELINE: Update Chromium to 76.0.3809.94
Change-Id: I321c3f5f929c105aec0f98c5091ef6108822e647
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
Diffstat (limited to 'chromium/v8/src/runtime')
33 files changed, 842 insertions, 1237 deletions
diff --git a/chromium/v8/src/runtime/runtime-array.cc b/chromium/v8/src/runtime/runtime-array.cc index 57087fe3f26..f35e72a666f 100644 --- a/chromium/v8/src/runtime/runtime-array.cc +++ b/chromium/v8/src/runtime/runtime-array.cc @@ -2,21 +2,20 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/conversions-inl.h" -#include "src/counters.h" #include "src/debug/debug.h" -#include "src/elements.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" #include "src/heap/factory.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. #include "src/heap/heap-write-barrier-inl.h" -#include "src/isolate-inl.h" -#include "src/keys.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions-inl.h" #include "src/objects/allocation-site-inl.h" #include "src/objects/arguments-inl.h" +#include "src/objects/elements.h" #include "src/objects/hash-table-inl.h" #include "src/objects/js-array-inl.h" -#include "src/prototype.h" +#include "src/objects/prototype.h" #include "src/runtime/runtime-utils.h" namespace v8 { @@ -42,512 +41,6 @@ RUNTIME_FUNCTION(Runtime_TransitionElementsKindWithKind) { return *object; } -namespace { -// Find the next free position. undefined and holes are both considered -// free spots. Returns "Nothing" if an exception occurred. -V8_WARN_UNUSED_RESULT -Maybe<uint32_t> FindNextFreePosition(Isolate* isolate, - Handle<JSReceiver> receiver, - uint32_t current_pos) { - for (uint32_t position = current_pos;; ++position) { - Maybe<bool> has_element = JSReceiver::HasOwnProperty(receiver, position); - MAYBE_RETURN(has_element, Nothing<uint32_t>()); - if (!has_element.FromJust()) return Just(position); - - Handle<Object> element; - ASSIGN_RETURN_ON_EXCEPTION_VALUE( - isolate, element, JSReceiver::GetElement(isolate, receiver, position), - Nothing<uint32_t>()); - if (element->IsUndefined(isolate)) return Just(position); - } -} - -// As RemoveArrayHoles, but also handles Dictionary elements that stay -// Dictionary (requires_slow_elements() is true), proxies and objects that -// might have accessors. -V8_WARN_UNUSED_RESULT -Object RemoveArrayHolesGeneric(Isolate* isolate, Handle<JSReceiver> receiver, - uint32_t limit) { - HandleScope scope(isolate); - - // For proxies, we do not collect the keys, instead we use all indices in - // the full range of [0, limit). - Handle<FixedArray> keys; - if (!receiver->IsJSProxy()) { - keys = JSReceiver::GetOwnElementIndices(isolate, receiver, - Handle<JSObject>::cast(receiver)); - } - - uint32_t num_undefined = 0; - uint32_t current_pos = 0; - uint32_t num_indices = keys.is_null() ? limit : keys->length(); - - // Compact keys with undefined values and moves non-undefined - // values to the front. - // The loop does two things simultaneously: - // (1) Count the number of 'undefined', i.e. - // i.e.: HasProperty(receiver, key) && Get(receiver, key) == undefined - // (2) Move all non-undefined values to the front. The variable current_pos - // is used to track free spots in the array starting at the beginning. - // Holes and 'undefined' are considered free spots. - // A hole is when HasElement(receiver, key) is false. - for (uint32_t i = 0; i < num_indices; ++i) { - uint32_t key = keys.is_null() ? i : NumberToUint32(keys->get(i)); - - // We only care about array indices that are smaller than the limit. - // The keys are sorted, so we can break as soon as we encounter the first. - if (key >= limit) break; - - Maybe<bool> has_element = JSReceiver::HasElement(receiver, key); - MAYBE_RETURN(has_element, ReadOnlyRoots(isolate).exception()); - if (!has_element.FromJust()) { - continue; - } - - Handle<Object> element; - ASSIGN_RETURN_FAILURE_ON_EXCEPTION( - isolate, element, JSReceiver::GetElement(isolate, receiver, key)); - - if (element->IsUndefined(isolate)) { - ++num_undefined; - } else { - // Find next free position to move elements to. - Maybe<uint32_t> free_position = - FindNextFreePosition(isolate, receiver, current_pos); - MAYBE_RETURN(free_position, ReadOnlyRoots(isolate).exception()); - current_pos = free_position.FromJust(); - - // Do not move elements that are already in the "packed" area. - if (key <= current_pos) continue; - - // array[current_pos] = array[key]. - // Deleting array[key] is done later. This is to preserve the same - // semantics as the old JS implementation when working with non-extensible - // objects: - // If the array contains undefineds, the position at 'key' might later - // bet set to 'undefined'. If we delete the element now and later set it - // to undefined, the set operation would throw an exception. - // Instead, to mark it up as a free space, we set array[key] to undefined. - // As 'key' will be incremented afterward, this undefined value will not - // affect 'num_undefined', and the logic afterwards will correctly set - // the remaining undefineds or delete the remaining properties. - RETURN_FAILURE_ON_EXCEPTION( - isolate, Object::SetElement(isolate, receiver, current_pos, element, - ShouldThrow::kThrowOnError)); - RETURN_FAILURE_ON_EXCEPTION( - isolate, Object::SetElement(isolate, receiver, key, - isolate->factory()->undefined_value(), - ShouldThrow::kThrowOnError)); - ++current_pos; - } - } - - // current_pos points to the next free space in the array/object. In most - // cases this corresponds to the 'length' or to the number of non-undefined - // elements. - // In cases where an object is 'packed' and 'length' is smaller, e.g.: - // { 0: 5, 1: 4, 2: 3, length: 2 } - // current_pos will be greater than limit, thus, we need to take the minimum. - uint32_t result = std::min(current_pos, limit); - - // Set [current_pos, current_pos + num_undefined) to undefined. - for (uint32_t i = 0; i < num_undefined; ++i) { - RETURN_FAILURE_ON_EXCEPTION( - isolate, Object::SetElement(isolate, receiver, current_pos++, - isolate->factory()->undefined_value(), - ShouldThrow::kThrowOnError)); - } - // TODO(szuend): Re-enable when we also copy from the prototype chain for - // JSArrays. Then we can use HasOwnProperty instead of - // HasElement and this condition will hold. - // DCHECK_LE(current_pos, num_indices); - - // Deleting everything after the undefineds up unto the limit. - for (uint32_t i = num_indices; i > 0;) { - --i; - uint32_t key = keys.is_null() ? i : NumberToUint32(keys->get(i)); - if (key < current_pos) break; - if (key >= limit) continue; - - Maybe<bool> delete_result = JSReceiver::DeleteElement(receiver, key); - MAYBE_RETURN(delete_result, ReadOnlyRoots(isolate).exception()); - } - - return *isolate->factory()->NewNumberFromUint(result); -} - -// Collects all defined (non-hole) and non-undefined (array) elements at the -// start of the elements array. If the object is in dictionary mode, it is -// converted to fast elements mode. Undefined values are placed after -// non-undefined values. Returns the number of non-undefined values. -V8_WARN_UNUSED_RESULT -Object RemoveArrayHoles(Isolate* isolate, Handle<JSReceiver> receiver, - uint32_t limit) { - if (receiver->IsJSProxy()) { - return RemoveArrayHolesGeneric(isolate, receiver, limit); - } - - Handle<JSObject> object = Handle<JSObject>::cast(receiver); - if (object->HasStringWrapperElements()) { - int len = String::cast(Handle<JSValue>::cast(object)->value())->length(); - DCHECK_LE(len, limit); - return Smi::FromInt(len); - } - - if (object->HasSloppyArgumentsElements() || !object->map()->is_extensible()) { - return RemoveArrayHolesGeneric(isolate, receiver, limit); - } - - JSObject::ValidateElements(*object); - if (object->HasDictionaryElements()) { - // Convert to fast elements containing only the existing properties. - // Ordering is irrelevant, since we are going to sort anyway. - Handle<NumberDictionary> dict(object->element_dictionary(), isolate); - if (object->IsJSArray() || dict->requires_slow_elements() || - dict->max_number_key() >= limit) { - return RemoveArrayHolesGeneric(isolate, receiver, limit); - } - // Convert to fast elements. - Handle<Map> new_map = - JSObject::GetElementsTransitionMap(object, HOLEY_ELEMENTS); - - AllocationType allocation = ObjectInYoungGeneration(*object) - ? AllocationType::kYoung - : AllocationType::kOld; - Handle<FixedArray> fast_elements = - isolate->factory()->NewFixedArray(dict->NumberOfElements(), allocation); - dict->CopyValuesTo(*fast_elements); - - JSObject::SetMapAndElements(object, new_map, fast_elements); - JSObject::ValidateElements(*object); - } else if (object->HasFixedTypedArrayElements()) { - // Typed arrays cannot have holes or undefined elements. - int array_length = FixedArrayBase::cast(object->elements())->length(); - return Smi::FromInt(Min(limit, static_cast<uint32_t>(array_length))); - } else if (!object->HasDoubleElements()) { - JSObject::EnsureWritableFastElements(object); - } - DCHECK(object->HasSmiOrObjectElements() || object->HasDoubleElements()); - - // Collect holes at the end, undefined before that and the rest at the - // start, and return the number of non-hole, non-undefined values. - - Handle<FixedArrayBase> elements_base(object->elements(), isolate); - uint32_t elements_length = static_cast<uint32_t>(elements_base->length()); - if (limit > elements_length) { - limit = elements_length; - } - if (limit == 0) { - return Smi::kZero; - } - - uint32_t result = 0; - if (elements_base->map() == ReadOnlyRoots(isolate).fixed_double_array_map()) { - FixedDoubleArray elements = FixedDoubleArray::cast(*elements_base); - // Split elements into defined and the_hole, in that order. - unsigned int holes = limit; - // Assume most arrays contain no holes and undefined values, so minimize the - // number of stores of non-undefined, non-the-hole values. - for (unsigned int i = 0; i < holes; i++) { - if (elements->is_the_hole(i)) { - holes--; - } else { - continue; - } - // Position i needs to be filled. - while (holes > i) { - if (elements->is_the_hole(holes)) { - holes--; - } else { - elements->set(i, elements->get_scalar(holes)); - break; - } - } - } - result = holes; - while (holes < limit) { - elements->set_the_hole(holes); - holes++; - } - } else { - FixedArray elements = FixedArray::cast(*elements_base); - DisallowHeapAllocation no_gc; - - // Split elements into defined, undefined and the_hole, in that order. Only - // count locations for undefined and the hole, and fill them afterwards. - WriteBarrierMode write_barrier = elements->GetWriteBarrierMode(no_gc); - unsigned int undefs = limit; - unsigned int holes = limit; - // Assume most arrays contain no holes and undefined values, so minimize the - // number of stores of non-undefined, non-the-hole values. - for (unsigned int i = 0; i < undefs; i++) { - Object current = elements->get(i); - if (current->IsTheHole(isolate)) { - holes--; - undefs--; - } else if (current->IsUndefined(isolate)) { - undefs--; - } else { - continue; - } - // Position i needs to be filled. - while (undefs > i) { - current = elements->get(undefs); - if (current->IsTheHole(isolate)) { - holes--; - undefs--; - } else if (current->IsUndefined(isolate)) { - undefs--; - } else { - elements->set(i, current, write_barrier); - break; - } - } - } - result = undefs; - while (undefs < holes) { - elements->set_undefined(isolate, undefs); - undefs++; - } - while (holes < limit) { - elements->set_the_hole(isolate, holes); - holes++; - } - } - - DCHECK_LE(result, limit); - return *isolate->factory()->NewNumberFromUint(result); -} - -// Copy element at index from source to target only if target does not have the -// element on its own. Returns true if a copy occurred, false if not -// and Nothing if an exception occurred. -V8_WARN_UNUSED_RESULT -Maybe<bool> ConditionalCopy(Isolate* isolate, Handle<JSReceiver> source, - Handle<JSReceiver> target, uint32_t index) { - Maybe<bool> source_has_prop = JSReceiver::HasOwnProperty(source, index); - MAYBE_RETURN(source_has_prop, Nothing<bool>()); - if (!source_has_prop.FromJust()) return Just(false); - - Maybe<bool> target_has_prop = JSReceiver::HasOwnProperty(target, index); - MAYBE_RETURN(target_has_prop, Nothing<bool>()); - if (target_has_prop.FromJust()) return Just(false); - - Handle<Object> source_element; - ASSIGN_RETURN_ON_EXCEPTION_VALUE( - isolate, source_element, JSReceiver::GetElement(isolate, target, index), - Nothing<bool>()); - - Handle<Object> set_result; - ASSIGN_RETURN_ON_EXCEPTION_VALUE( - isolate, set_result, - Object::SetElement(isolate, target, index, source_element, - ShouldThrow::kThrowOnError), - Nothing<bool>()); - - return Just(true); -} - -// Copy elements in the range 0..length from objects prototype chain -// to object itself, if object has holes. Returns null on error and undefined on -// success. -V8_WARN_UNUSED_RESULT -MaybeHandle<Object> CopyFromPrototype(Isolate* isolate, - Handle<JSReceiver> object, - uint32_t length) { - for (PrototypeIterator iter(isolate, object, kStartAtPrototype); - !iter.IsAtEnd(); iter.Advance()) { - Handle<JSReceiver> current(PrototypeIterator::GetCurrent<JSReceiver>(iter)); - - if (current->IsJSProxy()) { - for (uint32_t i = 0; i < length; ++i) { - MAYBE_RETURN_NULL(ConditionalCopy(isolate, current, object, i)); - } - } else { - Handle<FixedArray> keys = JSReceiver::GetOwnElementIndices( - isolate, object, Handle<JSObject>::cast(current)); - - uint32_t num_indices = keys->length(); - for (uint32_t i = 0; i < num_indices; ++i) { - uint32_t idx = NumberToUint32(keys->get(i)); - - // Prototype might have indices that go past length, but we are only - // interested in the range [0, length). - if (idx >= length) break; - - MAYBE_RETURN_NULL(ConditionalCopy(isolate, current, object, idx)); - } - } - } - return isolate->factory()->undefined_value(); -} - -} // namespace - -RUNTIME_FUNCTION(Runtime_PrepareElementsForSort) { - HandleScope scope(isolate); - DCHECK_EQ(2, args.length()); - CONVERT_ARG_HANDLE_CHECKED(JSReceiver, object, 0); - CONVERT_NUMBER_CHECKED(uint32_t, length, Uint32, args[1]); - - if (isolate->debug_execution_mode() == DebugInfo::kSideEffects) { - if (!isolate->debug()->PerformSideEffectCheckForObject(object)) { - return ReadOnlyRoots(isolate).exception(); - } - } - - // Counter for sorting arrays that have non-packed elements and where either - // the ElementsProtector is invalid or the prototype does not match - // Array.prototype. - JSObject initial_array_proto = JSObject::cast( - isolate->native_context()->get(Context::INITIAL_ARRAY_PROTOTYPE_INDEX)); - if (object->IsJSArray() && - !Handle<JSArray>::cast(object)->HasFastPackedElements()) { - if (!isolate->IsNoElementsProtectorIntact() || - object->map()->prototype() != initial_array_proto) { - isolate->CountUsage( - v8::Isolate::kArrayPrototypeSortJSArrayModifiedPrototype); - } - } - - // Skip copying from prototype for JSArrays with ElementsProtector intact and - // the original array prototype. - if (!object->IsJSArray() || !isolate->IsNoElementsProtectorIntact() || - object->map()->prototype() != initial_array_proto) { - RETURN_FAILURE_ON_EXCEPTION(isolate, - CopyFromPrototype(isolate, object, length)); - } - return RemoveArrayHoles(isolate, object, length); -} - -// How many elements does this object/array have? -RUNTIME_FUNCTION(Runtime_EstimateNumberOfElements) { - DisallowHeapAllocation no_gc; - HandleScope scope(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_CHECKED(JSArray, array, 0); - FixedArrayBase elements = array->elements(); - SealHandleScope shs(isolate); - if (elements->IsNumberDictionary()) { - int result = NumberDictionary::cast(elements)->NumberOfElements(); - return Smi::FromInt(result); - } else { - DCHECK(array->length()->IsSmi()); - // For packed elements, we know the exact number of elements - int length = elements->length(); - ElementsKind kind = array->GetElementsKind(); - if (IsFastPackedElementsKind(kind)) { - return Smi::FromInt(length); - } - // For holey elements, take samples from the buffer checking for holes - // to generate the estimate. - const int kNumberOfHoleCheckSamples = 97; - int increment = (length < kNumberOfHoleCheckSamples) - ? 1 - : static_cast<int>(length / kNumberOfHoleCheckSamples); - ElementsAccessor* accessor = array->GetElementsAccessor(); - int holes = 0; - for (int i = 0; i < length; i += increment) { - if (!accessor->HasElement(array, i, elements)) { - ++holes; - } - } - int estimate = static_cast<int>((kNumberOfHoleCheckSamples - holes) / - kNumberOfHoleCheckSamples * length); - return Smi::FromInt(estimate); - } -} - - -// Returns an array that tells you where in the [0, length) interval an array -// might have elements. Can either return an array of keys (positive integers -// or undefined) or a number representing the positive length of an interval -// starting at index 0. -// Intervals can span over some keys that are not in the object. -RUNTIME_FUNCTION(Runtime_GetArrayKeys) { - HandleScope scope(isolate); - DCHECK_EQ(2, args.length()); - CONVERT_ARG_HANDLE_CHECKED(JSObject, array, 0); - CONVERT_NUMBER_CHECKED(uint32_t, length, Uint32, args[1]); - ElementsKind kind = array->GetElementsKind(); - - if (IsFastElementsKind(kind) || IsFixedTypedArrayElementsKind(kind)) { - uint32_t actual_length = static_cast<uint32_t>(array->elements()->length()); - return *isolate->factory()->NewNumberFromUint(Min(actual_length, length)); - } - - if (kind == FAST_STRING_WRAPPER_ELEMENTS) { - int string_length = - String::cast(Handle<JSValue>::cast(array)->value())->length(); - int backing_store_length = array->elements()->length(); - return *isolate->factory()->NewNumberFromUint( - Min(length, - static_cast<uint32_t>(Max(string_length, backing_store_length)))); - } - - KeyAccumulator accumulator(isolate, KeyCollectionMode::kOwnOnly, - ALL_PROPERTIES); - for (PrototypeIterator iter(isolate, array, kStartAtReceiver); - !iter.IsAtEnd(); iter.Advance()) { - Handle<JSReceiver> current(PrototypeIterator::GetCurrent<JSReceiver>(iter)); - if (current->HasComplexElements()) { - return *isolate->factory()->NewNumberFromUint(length); - } - accumulator.CollectOwnElementIndices(array, - Handle<JSObject>::cast(current)); - } - // Erase any keys >= length. - Handle<FixedArray> keys = - accumulator.GetKeys(GetKeysConversion::kKeepNumbers); - int j = 0; - for (int i = 0; i < keys->length(); i++) { - if (NumberToUint32(keys->get(i)) >= length) continue; - if (i != j) keys->set(j, keys->get(i)); - j++; - } - - keys = FixedArray::ShrinkOrEmpty(isolate, keys, j); - return *isolate->factory()->NewJSArrayWithElements(keys); -} - -RUNTIME_FUNCTION(Runtime_TrySliceSimpleNonFastElements) { - HandleScope scope(isolate); - DCHECK_EQ(3, args.length()); - CONVERT_ARG_HANDLE_CHECKED(JSReceiver, receiver, 0); - CONVERT_SMI_ARG_CHECKED(first, 1); - CONVERT_SMI_ARG_CHECKED(count, 2); - uint32_t length = first + count; - - // Only handle elements kinds that have a ElementsAccessor Slice - // implementation. - if (receiver->IsJSArray()) { - // This "fastish" path must make sure the destination array is a JSArray. - if (!isolate->IsArraySpeciesLookupChainIntact() || - !JSArray::cast(*receiver)->HasArrayPrototype(isolate)) { - return Smi::FromInt(0); - } - } else { - int len; - if (!receiver->IsJSObject() || - !JSSloppyArgumentsObject::GetSloppyArgumentsLength( - isolate, Handle<JSObject>::cast(receiver), &len) || - (length > static_cast<uint32_t>(len))) { - return Smi::FromInt(0); - } - } - - // This "fastish" path must also ensure that elements are simple (no - // geters/setters), no elements on prototype chain. - Handle<JSObject> object(Handle<JSObject>::cast(receiver)); - if (!JSObject::PrototypeHasNoElements(isolate, *object) || - object->HasComplexElements()) { - return Smi::FromInt(0); - } - - ElementsAccessor* accessor = object->GetElementsAccessor(); - return *accessor->Slice(object, first, length); -} - RUNTIME_FUNCTION(Runtime_NewArray) { HandleScope scope(isolate); DCHECK_LE(3, args.length()); @@ -656,7 +149,7 @@ RUNTIME_FUNCTION(Runtime_NormalizeElements) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSObject, array, 0); - CHECK(!array->HasFixedTypedArrayElements()); + CHECK(!array->HasTypedArrayElements()); CHECK(!array->IsJSGlobalProxy()); JSObject::NormalizeElements(array); return *array; @@ -672,7 +165,7 @@ RUNTIME_FUNCTION(Runtime_GrowArrayElements) { if (key < 0) return Smi::kZero; - uint32_t capacity = static_cast<uint32_t>(object->elements()->length()); + uint32_t capacity = static_cast<uint32_t>(object->elements().length()); uint32_t index = static_cast<uint32_t>(key); if (index >= capacity) { @@ -684,20 +177,6 @@ RUNTIME_FUNCTION(Runtime_GrowArrayElements) { return object->elements(); } - -RUNTIME_FUNCTION(Runtime_HasComplexElements) { - HandleScope scope(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_HANDLE_CHECKED(JSObject, array, 0); - for (PrototypeIterator iter(isolate, array, kStartAtReceiver); - !iter.IsAtEnd(); iter.Advance()) { - if (PrototypeIterator::GetCurrent<JSReceiver>(iter)->HasComplexElements()) { - return ReadOnlyRoots(isolate).true_value(); - } - } - return ReadOnlyRoots(isolate).false_value(); -} - // ES6 22.1.2.2 Array.isArray RUNTIME_FUNCTION(Runtime_ArrayIsArray) { HandleScope shs(isolate); @@ -712,7 +191,7 @@ RUNTIME_FUNCTION(Runtime_IsArray) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, obj, 0); - return isolate->heap()->ToBoolean(obj->IsJSArray()); + return isolate->heap()->ToBoolean(obj.IsJSArray()); } RUNTIME_FUNCTION(Runtime_ArraySpeciesConstructor) { @@ -739,9 +218,9 @@ RUNTIME_FUNCTION(Runtime_ArrayIncludes_Slow) { // Let len be ? ToLength(? Get(O, "length")). int64_t len; { - if (object->map()->instance_type() == JS_ARRAY_TYPE) { + if (object->map().instance_type() == JS_ARRAY_TYPE) { uint32_t len32 = 0; - bool success = JSArray::cast(*object)->length()->ToArrayLength(&len32); + bool success = JSArray::cast(*object).length().ToArrayLength(&len32); DCHECK(success); USE(success); len = len32; @@ -793,7 +272,7 @@ RUNTIME_FUNCTION(Runtime_ArrayIncludes_Slow) { // If the receiver is not a special receiver type, and the length is a valid // element index, perform fast operation tailored to specific ElementsKinds. - if (!object->map()->IsSpecialReceiverMap() && len < kMaxUInt32 && + if (!object->map().IsSpecialReceiverMap() && len < kMaxUInt32 && JSObject::PrototypeHasNoElements(isolate, JSObject::cast(*object))) { Handle<JSObject> obj = Handle<JSObject>::cast(object); ElementsAccessor* elements = obj->GetElementsAccessor(); @@ -843,7 +322,7 @@ RUNTIME_FUNCTION(Runtime_ArrayIndexOf) { { if (object->IsJSArray()) { uint32_t len32 = 0; - bool success = JSArray::cast(*object)->length()->ToArrayLength(&len32); + bool success = JSArray::cast(*object).length().ToArrayLength(&len32); DCHECK(success); USE(success); len = len32; @@ -892,7 +371,7 @@ RUNTIME_FUNCTION(Runtime_ArrayIndexOf) { // If the receiver is not a special receiver type, and the length fits // uint32_t, perform fast operation tailored to specific ElementsKinds. - if (!object->map()->IsSpecialReceiverMap() && len <= kMaxUInt32 && + if (!object->map().IsSpecialReceiverMap() && len <= kMaxUInt32 && JSObject::PrototypeHasNoElements(isolate, JSObject::cast(*object))) { Handle<JSObject> obj = Handle<JSObject>::cast(object); ElementsAccessor* elements = obj->GetElementsAccessor(); diff --git a/chromium/v8/src/runtime/runtime-atomics.cc b/chromium/v8/src/runtime/runtime-atomics.cc index 3fcb9934f94..7c7a8b6207d 100644 --- a/chromium/v8/src/runtime/runtime-atomics.cc +++ b/chromium/v8/src/runtime/runtime-atomics.cc @@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" #include "src/base/macros.h" #include "src/base/platform/mutex.h" -#include "src/conversions-inl.h" -#include "src/counters.h" +#include "src/execution/arguments-inl.h" #include "src/heap/factory.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions-inl.h" #include "src/objects/js-array-buffer-inl.h" #include "src/runtime/runtime-utils.h" @@ -361,7 +361,7 @@ Object GetModifySetValueInBuffer(Arguments args, Isolate* isolate) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, bigint, BigInt::FromObject(isolate, value_obj)); // SharedArrayBuffers are not detachable. - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); if (sta->type() == kExternalBigInt64Array) { return Op<int64_t>::Do(isolate, source, index, bigint); } @@ -373,7 +373,7 @@ Object GetModifySetValueInBuffer(Arguments args, Isolate* isolate) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, value, Object::ToInteger(isolate, value_obj)); // SharedArrayBuffers are not detachable. - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); switch (sta->type()) { #define TYPED_ARRAY_CASE(Type, typeName, TYPE, ctype) \ @@ -403,7 +403,7 @@ RUNTIME_FUNCTION(Runtime_AtomicsLoad64) { DCHECK(sta->type() == kExternalBigInt64Array || sta->type() == kExternalBigUint64Array); // SharedArrayBuffers are not detachable. - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); if (sta->type() == kExternalBigInt64Array) { return Load<int64_t>::Do(isolate, source, index); } @@ -429,7 +429,7 @@ RUNTIME_FUNCTION(Runtime_AtomicsStore64) { DCHECK(sta->type() == kExternalBigInt64Array || sta->type() == kExternalBigUint64Array); // SharedArrayBuffers are not detachable. - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); if (sta->type() == kExternalBigInt64Array) { Store<int64_t>::Do(isolate, source, index, bigint); return *bigint; @@ -451,7 +451,7 @@ RUNTIME_FUNCTION(Runtime_AtomicsCompareExchange) { CONVERT_ARG_HANDLE_CHECKED(Object, old_value_obj, 2); CONVERT_ARG_HANDLE_CHECKED(Object, new_value_obj, 3); CHECK(sta->GetBuffer()->is_shared()); - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); uint8_t* source = static_cast<uint8_t*>(sta->GetBuffer()->backing_store()) + sta->byte_offset(); @@ -464,7 +464,7 @@ RUNTIME_FUNCTION(Runtime_AtomicsCompareExchange) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION( isolate, new_bigint, BigInt::FromObject(isolate, new_value_obj)); // SharedArrayBuffers are not detachable. - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); if (sta->type() == kExternalBigInt64Array) { return DoCompareExchange<int64_t>(isolate, source, index, old_bigint, new_bigint); @@ -481,7 +481,7 @@ RUNTIME_FUNCTION(Runtime_AtomicsCompareExchange) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, new_value, Object::ToInteger(isolate, new_value_obj)); // SharedArrayBuffers are not detachable. - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); switch (sta->type()) { #define TYPED_ARRAY_CASE(Type, typeName, TYPE, ctype) \ diff --git a/chromium/v8/src/runtime/runtime-bigint.cc b/chromium/v8/src/runtime/runtime-bigint.cc index f718ab7eb41..8f065740d74 100644 --- a/chromium/v8/src/runtime/runtime-bigint.cc +++ b/chromium/v8/src/runtime/runtime-bigint.cc @@ -2,10 +2,10 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/objects-inl.h" +#include "src/execution/arguments-inl.h" +#include "src/logging/counters.h" #include "src/objects/bigint.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" namespace v8 { diff --git a/chromium/v8/src/runtime/runtime-classes.cc b/chromium/v8/src/runtime/runtime-classes.cc index 07b101684af..0c170477955 100644 --- a/chromium/v8/src/runtime/runtime-classes.cc +++ b/chromium/v8/src/runtime/runtime-classes.cc @@ -7,14 +7,14 @@ #include <stdlib.h> #include <limits> -#include "src/accessors.h" -#include "src/arguments-inl.h" -#include "src/counters.h" +#include "src/builtins/accessors.h" #include "src/debug/debug.h" -#include "src/elements.h" -#include "src/isolate-inl.h" -#include "src/log.h" -#include "src/message-template.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/execution/message-template.h" +#include "src/logging/counters.h" +#include "src/logging/log.h" +#include "src/objects/elements.h" #include "src/objects/hash-table-inl.h" #include "src/objects/literal-objects-inl.h" #include "src/objects/smi.h" @@ -37,7 +37,7 @@ RUNTIME_FUNCTION(Runtime_ThrowConstructorNonCallableError) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSFunction, constructor, 0); - Handle<String> name(constructor->shared()->Name(), isolate); + Handle<String> name(constructor->shared().Name(), isolate); THROW_NEW_ERROR_RETURN_FAILURE( isolate, NewTypeError(MessageTemplate::kConstructorNonCallable, name)); } @@ -70,8 +70,8 @@ Object ThrowNotSuperConstructor(Isolate* isolate, Handle<Object> constructor, Handle<JSFunction> function) { Handle<String> super_name; if (constructor->IsJSFunction()) { - super_name = handle(Handle<JSFunction>::cast(constructor)->shared()->Name(), - isolate); + super_name = + handle(Handle<JSFunction>::cast(constructor)->shared().Name(), isolate); } else if (constructor->IsOddball()) { DCHECK(constructor->IsNull(isolate)); super_name = isolate->factory()->null_string(); @@ -82,7 +82,7 @@ Object ThrowNotSuperConstructor(Isolate* isolate, Handle<Object> constructor, if (super_name->length() == 0) { super_name = isolate->factory()->null_string(); } - Handle<String> function_name(function->shared()->Name(), isolate); + Handle<String> function_name(function->shared().Name(), isolate); // anonymous class if (function_name->length() == 0) { THROW_NEW_ERROR_RETURN_FAILURE( @@ -129,14 +129,14 @@ Handle<Name> KeyToName<NumberDictionary>(Isolate* isolate, Handle<Object> key) { inline void SetHomeObject(Isolate* isolate, JSFunction method, JSObject home_object) { - if (method->shared()->needs_home_object()) { + if (method.shared().needs_home_object()) { const int kPropertyIndex = JSFunction::kMaybeHomeObjectDescriptorIndex; - CHECK_EQ(method->map()->instance_descriptors()->GetKey(kPropertyIndex), + CHECK_EQ(method.map().instance_descriptors().GetKey(kPropertyIndex), ReadOnlyRoots(isolate).home_object_symbol()); FieldIndex field_index = - FieldIndex::ForDescriptor(method->map(), kPropertyIndex); - method->RawFastPropertyAtPut(field_index, home_object); + FieldIndex::ForDescriptor(method.map(), kPropertyIndex); + method.RawFastPropertyAtPut(field_index, home_object); } } @@ -163,7 +163,7 @@ MaybeHandle<Object> GetMethodAndSetHomeObjectAndName( SetHomeObject(isolate, *method, *home_object); - if (!method->shared()->HasSharedName()) { + if (!method->shared().HasSharedName()) { // TODO(ishell): method does not have a shared name at this point only if // the key is a computed property name. However, the bytecode generator // explicitly generates ToName bytecodes to ensure that the computed @@ -200,7 +200,7 @@ Object GetMethodWithSharedNameAndSetHomeObject(Isolate* isolate, SetHomeObject(isolate, *method, home_object); - DCHECK(method->shared()->HasSharedName()); + DCHECK(method->shared().HasSharedName()); return *method; } @@ -215,7 +215,7 @@ Handle<Dictionary> ShallowCopyDictionaryTemplate( int capacity = dictionary->Capacity(); for (int i = 0; i < capacity; i++) { Object value = dictionary->ValueAt(i); - if (value->IsAccessorPair()) { + if (value.IsAccessorPair()) { Handle<AccessorPair> pair(AccessorPair::cast(value), isolate); pair = AccessorPair::Copy(isolate, pair); dictionary->ValueAtPut(i, *pair); @@ -245,7 +245,7 @@ bool SubstituteValues(Isolate* isolate, Handle<Dictionary> dictionary, if (value->IsAccessorPair()) { Handle<AccessorPair> pair = Handle<AccessorPair>::cast(value); Object tmp = pair->getter(); - if (tmp->IsSmi()) { + if (tmp.IsSmi()) { Handle<Object> result; ASSIGN_RETURN_ON_EXCEPTION_VALUE( isolate, result, @@ -256,7 +256,7 @@ bool SubstituteValues(Isolate* isolate, Handle<Dictionary> dictionary, pair->set_getter(*result); } tmp = pair->setter(); - if (tmp->IsSmi()) { + if (tmp.IsSmi()) { Handle<Object> result; ASSIGN_RETURN_ON_EXCEPTION_VALUE( isolate, result, @@ -297,56 +297,51 @@ bool AddDescriptorsByTemplate( : ShallowCopyDictionaryTemplate(isolate, elements_dictionary_template); - Handle<PropertyArray> property_array = - isolate->factory()->empty_property_array(); - if (FLAG_track_constant_fields) { - // If we store constants in instances, count the number of properties - // that must be in the instance and create the property array to - // hold the constants. - int count = 0; - for (int i = 0; i < nof_descriptors; i++) { - PropertyDetails details = descriptors_template->GetDetails(i); - if (details.location() == kDescriptor && details.kind() == kData) { - count++; - } + // Count the number of properties that must be in the instance and + // create the property array to hold the constants. + int count = 0; + for (int i = 0; i < nof_descriptors; i++) { + PropertyDetails details = descriptors_template->GetDetails(i); + if (details.location() == kDescriptor && details.kind() == kData) { + count++; } - property_array = isolate->factory()->NewPropertyArray(count); } + Handle<PropertyArray> property_array = + isolate->factory()->NewPropertyArray(count); // Read values from |descriptors_template| and store possibly post-processed // values into "instantiated" |descriptors| array. int field_index = 0; for (int i = 0; i < nof_descriptors; i++) { Object value = descriptors_template->GetStrongValue(i); - if (value->IsAccessorPair()) { + if (value.IsAccessorPair()) { Handle<AccessorPair> pair = AccessorPair::Copy( isolate, handle(AccessorPair::cast(value), isolate)); value = *pair; } DisallowHeapAllocation no_gc; Name name = descriptors_template->GetKey(i); - DCHECK(name->IsUniqueName()); + DCHECK(name.IsUniqueName()); PropertyDetails details = descriptors_template->GetDetails(i); if (details.location() == kDescriptor) { if (details.kind() == kData) { - if (value->IsSmi()) { + if (value.IsSmi()) { value = GetMethodWithSharedNameAndSetHomeObject(isolate, args, value, *receiver); } - details = - details.CopyWithRepresentation(value->OptimalRepresentation()); + details = details.CopyWithRepresentation(value.OptimalRepresentation()); } else { DCHECK_EQ(kAccessor, details.kind()); - if (value->IsAccessorPair()) { + if (value.IsAccessorPair()) { AccessorPair pair = AccessorPair::cast(value); - Object tmp = pair->getter(); - if (tmp->IsSmi()) { - pair->set_getter(GetMethodWithSharedNameAndSetHomeObject( + Object tmp = pair.getter(); + if (tmp.IsSmi()) { + pair.set_getter(GetMethodWithSharedNameAndSetHomeObject( isolate, args, tmp, *receiver)); } - tmp = pair->setter(); - if (tmp->IsSmi()) { - pair->set_setter(GetMethodWithSharedNameAndSetHomeObject( + tmp = pair.setter(); + if (tmp.IsSmi()) { + pair.set_setter(GetMethodWithSharedNameAndSetHomeObject( isolate, args, tmp, *receiver)); } } @@ -354,10 +349,8 @@ bool AddDescriptorsByTemplate( } else { UNREACHABLE(); } - DCHECK(value->FitsRepresentation(details.representation())); - // With constant field tracking, we store the values in the instance. - if (FLAG_track_constant_fields && details.location() == kDescriptor && - details.kind() == kData) { + DCHECK(value.FitsRepresentation(details.representation())); + if (details.location() == kDescriptor && details.kind() == kData) { details = PropertyDetails(details.kind(), details.attributes(), kField, PropertyConstness::kConst, details.representation(), field_index) @@ -407,8 +400,8 @@ bool AddDescriptorsByTemplate( Handle<NumberDictionary> elements_dictionary = ShallowCopyDictionaryTemplate(isolate, elements_dictionary_template); - typedef ClassBoilerplate::ValueKind ValueKind; - typedef ClassBoilerplate::ComputedEntryFlags ComputedEntryFlags; + using ValueKind = ClassBoilerplate::ValueKind; + using ComputedEntryFlags = ClassBoilerplate::ComputedEntryFlags; // Merge computed properties with properties and elements dictionary // templates. @@ -469,26 +462,14 @@ bool AddDescriptorsByTemplate( } Handle<JSObject> CreateClassPrototype(Isolate* isolate) { - Factory* factory = isolate->factory(); - - const int kInobjectFields = 0; - - Handle<Map> map; - if (FLAG_track_constant_fields) { - // For constant tracking we want to avoid tha hassle of handling - // in-object properties, so create a map with no in-object - // properties. - - // TODO(ishell) Support caching of zero in-object properties map - // by ObjectLiteralMapFromCache(). - map = Map::Create(isolate, 0); - } else { - // Just use some JSObject map of certain size. - map = factory->ObjectLiteralMapFromCache(isolate->native_context(), - kInobjectFields); - } + // For constant tracking we want to avoid the hassle of handling + // in-object properties, so create a map with no in-object + // properties. - return factory->NewJSObjectFromMap(map); + // TODO(ishell) Support caching of zero in-object properties map + // by ObjectLiteralMapFromCache(). + Handle<Map> map = Map::Create(isolate, 0); + return isolate->factory()->NewJSObjectFromMap(map); } bool InitClassPrototype(Isolate* isolate, @@ -607,7 +588,7 @@ MaybeHandle<Object> DefineClass(Isolate* isolate, } else if (super_class->IsConstructor()) { DCHECK(!super_class->IsJSFunction() || !IsResumableFunction( - Handle<JSFunction>::cast(super_class)->shared()->kind())); + Handle<JSFunction>::cast(super_class)->shared().kind())); ASSIGN_RETURN_ON_EXCEPTION( isolate, prototype_parent, Runtime::GetObjectProperty(isolate, super_class, @@ -647,7 +628,7 @@ MaybeHandle<Object> DefineClass(Isolate* isolate, if (FLAG_trace_maps) { LOG(isolate, MapEvent("InitialMap", Map(), constructor->map(), - "init class constructor", constructor->shared()->DebugName())); + "init class constructor", constructor->shared().DebugName())); LOG(isolate, MapEvent("InitialMap", Map(), prototype->map(), "init class prototype")); } diff --git a/chromium/v8/src/runtime/runtime-collections.cc b/chromium/v8/src/runtime/runtime-collections.cc index 42f6af5f4f9..6e7b9874589 100644 --- a/chromium/v8/src/runtime/runtime-collections.cc +++ b/chromium/v8/src/runtime/runtime-collections.cc @@ -2,11 +2,11 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/conversions-inl.h" -#include "src/counters.h" +#include "src/execution/arguments-inl.h" #include "src/heap/factory.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. +#include "src/logging/counters.h" +#include "src/numbers/conversions-inl.h" #include "src/objects/hash-table-inl.h" #include "src/objects/js-collection-inl.h" #include "src/runtime/runtime-utils.h" diff --git a/chromium/v8/src/runtime/runtime-compiler.cc b/chromium/v8/src/runtime/runtime-compiler.cc index c6a7e7960c9..b3b51ecc07d 100644 --- a/chromium/v8/src/runtime/runtime-compiler.cc +++ b/chromium/v8/src/runtime/runtime-compiler.cc @@ -2,19 +2,19 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" #include "src/asmjs/asm-js.h" +#include "src/codegen/compiler.h" #include "src/compiler-dispatcher/optimizing-compile-dispatcher.h" -#include "src/compiler.h" -#include "src/deoptimizer.h" -#include "src/frames-inl.h" -#include "src/isolate-inl.h" -#include "src/message-template.h" +#include "src/deoptimizer/deoptimizer.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/frames-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/execution/message-template.h" +#include "src/execution/v8threads.h" +#include "src/execution/vm-state-inl.h" #include "src/objects/js-array-buffer-inl.h" #include "src/objects/js-array-inl.h" #include "src/runtime/runtime-utils.h" -#include "src/v8threads.h" -#include "src/vm-state-inl.h" namespace v8 { namespace internal { @@ -25,7 +25,7 @@ RUNTIME_FUNCTION(Runtime_CompileLazy) { CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); #ifdef DEBUG - if (FLAG_trace_lazy && !function->shared()->is_compiled()) { + if (FLAG_trace_lazy && !function->shared().is_compiled()) { PrintF("[unoptimized: "); function->PrintName(); PrintF("]\n"); @@ -66,14 +66,14 @@ RUNTIME_FUNCTION(Runtime_FunctionFirstExecution) { DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); - DCHECK_EQ(function->feedback_vector()->optimization_marker(), + DCHECK_EQ(function->feedback_vector().optimization_marker(), OptimizationMarker::kLogFirstExecution); DCHECK(FLAG_log_function_events); Handle<SharedFunctionInfo> sfi(function->shared(), isolate); LOG(isolate, FunctionEvent( - "first-execution", Script::cast(sfi->script())->id(), 0, + "first-execution", Script::cast(sfi->script()).id(), 0, sfi->StartPosition(), sfi->EndPosition(), sfi->DebugName())); - function->feedback_vector()->ClearOptimizationMarker(); + function->feedback_vector().ClearOptimizationMarker(); // Return the code to continue execution, we don't care at this point whether // this is for lazy compilation or has been eagerly complied. return function->code(); @@ -99,9 +99,9 @@ RUNTIME_FUNCTION(Runtime_EvictOptimizedCodeSlot) { DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); - DCHECK(function->shared()->is_compiled()); + DCHECK(function->shared().is_compiled()); - function->feedback_vector()->EvictOptimizedCodeMarkedForDeoptimization( + function->feedback_vector().EvictOptimizedCodeMarkedForDeoptimization( function->shared(), "Runtime_EvictOptimizedCodeSlot"); return function->code(); } @@ -112,18 +112,18 @@ RUNTIME_FUNCTION(Runtime_InstantiateAsmJs) { CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); Handle<JSReceiver> stdlib; - if (args[1]->IsJSReceiver()) { + if (args[1].IsJSReceiver()) { stdlib = args.at<JSReceiver>(1); } Handle<JSReceiver> foreign; - if (args[2]->IsJSReceiver()) { + if (args[2].IsJSReceiver()) { foreign = args.at<JSReceiver>(2); } Handle<JSArrayBuffer> memory; - if (args[3]->IsJSArrayBuffer()) { + if (args[3].IsJSArrayBuffer()) { memory = args.at<JSArrayBuffer>(3); } - if (function->shared()->HasAsmWasmData()) { + if (function->shared().HasAsmWasmData()) { Handle<SharedFunctionInfo> shared(function->shared(), isolate); Handle<AsmWasmData> data(shared->asm_wasm_data(), isolate); MaybeHandle<Object> result = AsmJs::InstantiateAsmWasm( @@ -134,11 +134,11 @@ RUNTIME_FUNCTION(Runtime_InstantiateAsmJs) { } // Remove wasm data, mark as broken for asm->wasm, replace function code with // UncompiledData, and return a smi 0 to indicate failure. - if (function->shared()->HasAsmWasmData()) { + if (function->shared().HasAsmWasmData()) { SharedFunctionInfo::DiscardCompiled(isolate, handle(function->shared(), isolate)); } - function->shared()->set_is_asm_wasm_broken(true); + function->shared().set_is_asm_wasm_broken(true); DCHECK(function->code() == isolate->builtins()->builtin(Builtins::kInstantiateAsmJs)); function->set_code(isolate->builtins()->builtin(Builtins::kCompileLazy)); @@ -184,7 +184,7 @@ RUNTIME_FUNCTION(Runtime_NotifyDeoptimized) { static bool IsSuitableForOnStackReplacement(Isolate* isolate, Handle<JSFunction> function) { // Keep track of whether we've succeeded in optimizing. - if (function->shared()->optimization_disabled()) return false; + if (function->shared().optimization_disabled()) return false; // If we are trying to do OSR when there are already optimized // activations of the function, it means (a) the function is directly or // indirectly recursive and (b) an optimized invocation has been @@ -209,8 +209,8 @@ BailoutId DetermineEntryAndDisarmOSRForInterpreter(JavaScriptFrame* frame) { // representing the entry point will be valid for any copy of the bytecode. Handle<BytecodeArray> bytecode(iframe->GetBytecodeArray(), iframe->isolate()); - DCHECK(frame->LookupCode()->is_interpreter_trampoline_builtin()); - DCHECK(frame->function()->shared()->HasBytecodeArray()); + DCHECK(frame->LookupCode().is_interpreter_trampoline_builtin()); + DCHECK(frame->function().shared().HasBytecodeArray()); DCHECK(frame->is_interpreted()); // Reset the OSR loop nesting depth to disarm back edges. @@ -258,11 +258,11 @@ RUNTIME_FUNCTION(Runtime_CompileForOnStackReplacement) { DeoptimizationData data = DeoptimizationData::cast(result->deoptimization_data()); - if (data->OsrPcOffset()->value() >= 0) { - DCHECK(BailoutId(data->OsrBytecodeOffset()->value()) == ast_id); + if (data.OsrPcOffset().value() >= 0) { + DCHECK(BailoutId(data.OsrBytecodeOffset().value()) == ast_id); if (FLAG_trace_osr) { PrintF("[OSR - Entry at AST id %d, offset %d in optimized code]\n", - ast_id.ToInt(), data->OsrPcOffset()->value()); + ast_id.ToInt(), data.OsrPcOffset().value()); } DCHECK(result->is_turbofanned()); @@ -289,7 +289,7 @@ RUNTIME_FUNCTION(Runtime_CompileForOnStackReplacement) { } if (!function->IsOptimized()) { - function->set_code(function->shared()->GetCode()); + function->set_code(function->shared().GetCode()); } return Object(); } @@ -303,7 +303,7 @@ static Object CompileGlobalEval(Isolate* isolate, Handle<String> source, // Check if native context allows code generation from // strings. Throw an exception if it doesn't. - if (native_context->allow_code_gen_from_strings()->IsFalse(isolate) && + if (native_context->allow_code_gen_from_strings().IsFalse(isolate) && !Compiler::CodeGenerationFromStringsAllowed(isolate, native_context, source)) { Handle<Object> error_message = @@ -340,14 +340,14 @@ RUNTIME_FUNCTION(Runtime_ResolvePossiblyDirectEval) { // execution default to an indirect call to eval, which will also return // the first argument without doing anything). if (*callee != isolate->native_context()->global_eval_fun() || - !args[1]->IsString()) { + !args[1].IsString()) { return *callee; } - DCHECK(args[3]->IsSmi()); + DCHECK(args[3].IsSmi()); DCHECK(is_valid_language_mode(args.smi_at(3))); LanguageMode language_mode = static_cast<LanguageMode>(args.smi_at(3)); - DCHECK(args[4]->IsSmi()); + DCHECK(args[4].IsSmi()); Handle<SharedFunctionInfo> outer_info(args.at<JSFunction>(2)->shared(), isolate); return CompileGlobalEval(isolate, args.at<String>(1), outer_info, diff --git a/chromium/v8/src/runtime/runtime-date.cc b/chromium/v8/src/runtime/runtime-date.cc index 5c22d280df3..bb5e4e1bcb1 100644 --- a/chromium/v8/src/runtime/runtime-date.cc +++ b/chromium/v8/src/runtime/runtime-date.cc @@ -4,12 +4,12 @@ #include "src/runtime/runtime-utils.h" -#include "src/arguments.h" -#include "src/conversions-inl.h" -#include "src/counters.h" -#include "src/date.h" +#include "src/date/date.h" +#include "src/execution/arguments.h" +#include "src/execution/isolate-inl.h" #include "src/heap/factory.h" -#include "src/isolate-inl.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions-inl.h" namespace v8 { namespace internal { diff --git a/chromium/v8/src/runtime/runtime-debug.cc b/chromium/v8/src/runtime/runtime-debug.cc index 601d1a8da0d..afe4a921e6d 100644 --- a/chromium/v8/src/runtime/runtime-debug.cc +++ b/chromium/v8/src/runtime/runtime-debug.cc @@ -4,22 +4,22 @@ #include <vector> -#include "src/arguments-inl.h" -#include "src/compiler.h" -#include "src/counters.h" +#include "src/codegen/compiler.h" +#include "src/common/globals.h" #include "src/debug/debug-coverage.h" #include "src/debug/debug-evaluate.h" #include "src/debug/debug-frames.h" #include "src/debug/debug-scopes.h" #include "src/debug/debug.h" #include "src/debug/liveedit.h" -#include "src/frames-inl.h" -#include "src/globals.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/frames-inl.h" +#include "src/execution/isolate-inl.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. #include "src/interpreter/bytecode-array-accessor.h" #include "src/interpreter/bytecodes.h" #include "src/interpreter/interpreter.h" -#include "src/isolate-inl.h" +#include "src/logging/counters.h" #include "src/objects/debug-objects-inl.h" #include "src/objects/heap-object-inl.h" #include "src/objects/js-collection-inl.h" @@ -66,10 +66,10 @@ RUNTIME_FUNCTION_RETURN_PAIR(Runtime_DebugBreakOnBytecode) { DCHECK(it.frame()->is_interpreted()); InterpretedFrame* interpreted_frame = reinterpret_cast<InterpretedFrame*>(it.frame()); - SharedFunctionInfo shared = interpreted_frame->function()->shared(); - BytecodeArray bytecode_array = shared->GetBytecodeArray(); + SharedFunctionInfo shared = interpreted_frame->function().shared(); + BytecodeArray bytecode_array = shared.GetBytecodeArray(); int bytecode_offset = interpreted_frame->GetBytecodeOffset(); - Bytecode bytecode = Bytecodes::FromByte(bytecode_array->get(bytecode_offset)); + Bytecode bytecode = Bytecodes::FromByte(bytecode_array.get(bytecode_offset)); bool side_effect_check_failed = false; if (isolate->debug_execution_mode() == DebugInfo::kSideEffects) { @@ -98,7 +98,7 @@ RUNTIME_FUNCTION_RETURN_PAIR(Runtime_DebugBreakOnBytecode) { Smi::FromInt(static_cast<uint8_t>(bytecode))); } Object interrupt_object = isolate->stack_guard()->HandleInterrupts(); - if (interrupt_object->IsException(isolate)) { + if (interrupt_object.IsException(isolate)) { return MakePair(interrupt_object, Smi::FromInt(static_cast<uint8_t>(bytecode))); } @@ -112,8 +112,8 @@ RUNTIME_FUNCTION(Runtime_DebugBreakAtEntry) { CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); USE(function); - DCHECK(function->shared()->HasDebugInfo()); - DCHECK(function->shared()->GetDebugInfo()->BreakAtEntry()); + DCHECK(function->shared().HasDebugInfo()); + DCHECK(function->shared().GetDebugInfo().BreakAtEntry()); // Get the top-most JavaScript frame. JavaScriptFrameIterator it(isolate); @@ -147,7 +147,7 @@ static MaybeHandle<JSArray> GetIteratorInternalProperties( Factory* factory = isolate->factory(); Handle<IteratorType> iterator = Handle<IteratorType>::cast(object); const char* kind = nullptr; - switch (iterator->map()->instance_type()) { + switch (iterator->map().instance_type()) { case JS_MAP_KEY_ITERATOR_TYPE: kind = "keys"; break; @@ -300,7 +300,7 @@ RUNTIME_FUNCTION(Runtime_GetGeneratorScopeCount) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); - if (!args[0]->IsJSGeneratorObject()) return Smi::kZero; + if (!args[0].IsJSGeneratorObject()) return Smi::kZero; // Check arguments. CONVERT_ARG_HANDLE_CHECKED(JSGeneratorObject, gen, 0); @@ -323,7 +323,7 @@ RUNTIME_FUNCTION(Runtime_GetGeneratorScopeDetails) { HandleScope scope(isolate); DCHECK_EQ(2, args.length()); - if (!args[0]->IsJSGeneratorObject()) { + if (!args[0].IsJSGeneratorObject()) { return ReadOnlyRoots(isolate).undefined_value(); } @@ -448,8 +448,8 @@ RUNTIME_FUNCTION(Runtime_FunctionGetInferredName) { DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, f, 0); - if (f->IsJSFunction()) { - return JSFunction::cast(f)->shared()->inferred_name(); + if (f.IsJSFunction()) { + return JSFunction::cast(f).shared().inferred_name(); } return ReadOnlyRoots(isolate).empty_string(); } @@ -484,19 +484,19 @@ int ScriptLinePosition(Handle<Script> script, int line) { if (script->type() == Script::TYPE_WASM) { return WasmModuleObject::cast(script->wasm_module_object()) - ->GetFunctionOffset(line); + .GetFunctionOffset(line); } Script::InitLineEnds(script); FixedArray line_ends_array = FixedArray::cast(script->line_ends()); - const int line_count = line_ends_array->length(); + const int line_count = line_ends_array.length(); DCHECK_LT(0, line_count); if (line == 0) return 0; // If line == line_count, we return the first position beyond the last line. if (line > line_count) return -1; - return Smi::ToInt(line_ends_array->get(line - 1)) + 1; + return Smi::ToInt(line_ends_array.get(line - 1)) + 1; } int ScriptLinePositionWithOffset(Handle<Script> script, int line, int offset) { @@ -578,7 +578,7 @@ bool GetScriptById(Isolate* isolate, int needle, Handle<Script>* result) { Script::Iterator iterator(isolate); for (Script script = iterator.Next(); !script.is_null(); script = iterator.Next()) { - if (script->id() == needle) { + if (script.id() == needle) { *result = handle(script, isolate); return true; } @@ -737,23 +737,7 @@ RUNTIME_FUNCTION(Runtime_DebugToggleBlockCoverage) { } RUNTIME_FUNCTION(Runtime_IncBlockCounter) { - SealHandleScope scope(isolate); - DCHECK_EQ(2, args.length()); - CONVERT_ARG_CHECKED(JSFunction, function, 0); - CONVERT_SMI_ARG_CHECKED(coverage_array_slot_index, 1); - - // It's quite possible that a function contains IncBlockCounter bytecodes, but - // no coverage info exists. This happens e.g. by selecting the best-effort - // coverage collection mode, which triggers deletion of all coverage infos in - // order to avoid memory leaks. - - SharedFunctionInfo shared = function->shared(); - if (shared->HasCoverageInfo()) { - CoverageInfo coverage_info = shared->GetCoverageInfo(); - coverage_info->IncrementBlockCount(coverage_array_slot_index); - } - - return ReadOnlyRoots(isolate).undefined_value(); + UNREACHABLE(); // Never called. See the IncBlockCounter builtin instead. } RUNTIME_FUNCTION(Runtime_DebugAsyncFunctionEntered) { @@ -793,7 +777,7 @@ RUNTIME_FUNCTION(Runtime_LiveEditPatchScript) { CONVERT_ARG_HANDLE_CHECKED(JSFunction, script_function, 0); CONVERT_ARG_HANDLE_CHECKED(String, new_source, 1); - Handle<Script> script(Script::cast(script_function->shared()->script()), + Handle<Script> script(Script::cast(script_function->shared().script()), isolate); v8::debug::LiveEditResult result; LiveEdit::PatchScript(isolate, script, new_source, false, &result); diff --git a/chromium/v8/src/runtime/runtime-forin.cc b/chromium/v8/src/runtime/runtime-forin.cc index 56580e91daf..6042a867c92 100644 --- a/chromium/v8/src/runtime/runtime-forin.cc +++ b/chromium/v8/src/runtime/runtime-forin.cc @@ -4,15 +4,15 @@ #include "src/runtime/runtime-utils.h" -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/elements.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" #include "src/heap/factory.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" -#include "src/keys.h" -#include "src/objects-inl.h" +#include "src/logging/counters.h" +#include "src/objects/elements.h" +#include "src/objects/keys.h" #include "src/objects/module.h" +#include "src/objects/objects-inl.h" namespace v8 { namespace internal { diff --git a/chromium/v8/src/runtime/runtime-function.cc b/chromium/v8/src/runtime/runtime-function.cc index 3d69845668a..0d1879c16a1 100644 --- a/chromium/v8/src/runtime/runtime-function.cc +++ b/chromium/v8/src/runtime/runtime-function.cc @@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/accessors.h" -#include "src/arguments-inl.h" -#include "src/compiler.h" -#include "src/counters.h" +#include "src/builtins/accessors.h" +#include "src/codegen/compiler.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" +#include "src/logging/counters.h" #include "src/runtime/runtime-utils.h" namespace v8 { @@ -20,8 +20,8 @@ RUNTIME_FUNCTION(Runtime_FunctionGetScriptSource) { CONVERT_ARG_HANDLE_CHECKED(JSReceiver, function, 0); if (function->IsJSFunction()) { - Handle<Object> script( - Handle<JSFunction>::cast(function)->shared()->script(), isolate); + Handle<Object> script(Handle<JSFunction>::cast(function)->shared().script(), + isolate); if (script->IsScript()) return Handle<Script>::cast(script)->source(); } return ReadOnlyRoots(isolate).undefined_value(); @@ -33,8 +33,8 @@ RUNTIME_FUNCTION(Runtime_FunctionGetScriptId) { CONVERT_ARG_HANDLE_CHECKED(JSReceiver, function, 0); if (function->IsJSFunction()) { - Handle<Object> script( - Handle<JSFunction>::cast(function)->shared()->script(), isolate); + Handle<Object> script(Handle<JSFunction>::cast(function)->shared().script(), + isolate); if (script->IsScript()) { return Smi::FromInt(Handle<Script>::cast(script)->id()); } @@ -60,7 +60,7 @@ RUNTIME_FUNCTION(Runtime_FunctionGetScriptSourcePosition) { DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(JSFunction, fun, 0); - int pos = fun->shared()->StartPosition(); + int pos = fun.shared().StartPosition(); return Smi::FromInt(pos); } @@ -70,7 +70,7 @@ RUNTIME_FUNCTION(Runtime_FunctionIsAPIFunction) { DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(JSFunction, f, 0); - return isolate->heap()->ToBoolean(f->shared()->IsApiFunction()); + return isolate->heap()->ToBoolean(f.shared().IsApiFunction()); } @@ -85,7 +85,7 @@ RUNTIME_FUNCTION(Runtime_Call) { argv[i] = args.at(2 + i); } RETURN_RESULT_OR_FAILURE( - isolate, Execution::Call(isolate, target, receiver, argc, argv.start())); + isolate, Execution::Call(isolate, target, receiver, argc, argv.begin())); } @@ -93,7 +93,7 @@ RUNTIME_FUNCTION(Runtime_IsFunction) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, object, 0); - return isolate->heap()->ToBoolean(object->IsFunction()); + return isolate->heap()->ToBoolean(object.IsFunction()); } diff --git a/chromium/v8/src/runtime/runtime-futex.cc b/chromium/v8/src/runtime/runtime-futex.cc index e8b40259811..c251653838c 100644 --- a/chromium/v8/src/runtime/runtime-futex.cc +++ b/chromium/v8/src/runtime/runtime-futex.cc @@ -4,12 +4,12 @@ #include "src/runtime/runtime-utils.h" -#include "src/arguments-inl.h" #include "src/base/platform/time.h" -#include "src/conversions-inl.h" -#include "src/counters.h" -#include "src/futex-emulation.h" -#include "src/globals.h" +#include "src/common/globals.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/futex-emulation.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions-inl.h" #include "src/objects/heap-object-inl.h" #include "src/objects/js-array-buffer-inl.h" @@ -27,7 +27,7 @@ RUNTIME_FUNCTION(Runtime_AtomicsNumWaitersForTesting) { CONVERT_SIZE_ARG_CHECKED(index, 1); CHECK(!sta->WasDetached()); CHECK(sta->GetBuffer()->is_shared()); - CHECK_LT(index, NumberToSize(sta->length())); + CHECK_LT(index, sta->length()); CHECK_EQ(sta->type(), kExternalInt32Array); Handle<JSArrayBuffer> array_buffer = sta->GetBuffer(); diff --git a/chromium/v8/src/runtime/runtime-generator.cc b/chromium/v8/src/runtime/runtime-generator.cc index f8873ff938f..069ea88e125 100644 --- a/chromium/v8/src/runtime/runtime-generator.cc +++ b/chromium/v8/src/runtime/runtime-generator.cc @@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/counters.h" +#include "src/execution/arguments-inl.h" #include "src/heap/factory.h" #include "src/heap/heap-inl.h" -#include "src/objects-inl.h" +#include "src/logging/counters.h" #include "src/objects/js-generator-inl.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" namespace v8 { @@ -48,14 +48,14 @@ RUNTIME_FUNCTION(Runtime_CreateJSGeneratorObject) { DCHECK_EQ(2, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); CONVERT_ARG_HANDLE_CHECKED(Object, receiver, 1); - CHECK_IMPLIES(IsAsyncFunction(function->shared()->kind()), - IsAsyncGeneratorFunction(function->shared()->kind())); - CHECK(IsResumableFunction(function->shared()->kind())); + CHECK_IMPLIES(IsAsyncFunction(function->shared().kind()), + IsAsyncGeneratorFunction(function->shared().kind())); + CHECK(IsResumableFunction(function->shared().kind())); // Underlying function needs to have bytecode available. - DCHECK(function->shared()->HasBytecodeArray()); - int size = function->shared()->internal_formal_parameter_count() + - function->shared()->GetBytecodeArray()->register_count(); + DCHECK(function->shared().HasBytecodeArray()); + int size = function->shared().internal_formal_parameter_count() + + function->shared().GetBytecodeArray().register_count(); Handle<FixedArray> parameters_and_registers = isolate->factory()->NewFixedArray(size); @@ -129,7 +129,7 @@ RUNTIME_FUNCTION(Runtime_AsyncGeneratorHasCatchHandlerForPC) { DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(JSAsyncGeneratorObject, generator, 0); - int state = generator->continuation(); + int state = generator.continuation(); DCHECK_NE(state, JSAsyncGeneratorObject::kGeneratorExecuting); // If state is 0 ("suspendedStart"), there is guaranteed to be no catch @@ -137,11 +137,11 @@ RUNTIME_FUNCTION(Runtime_AsyncGeneratorHasCatchHandlerForPC) { // not reach a catch handler. if (state < 1) return ReadOnlyRoots(isolate).false_value(); - SharedFunctionInfo shared = generator->function()->shared(); - DCHECK(shared->HasBytecodeArray()); - HandlerTable handler_table(shared->GetBytecodeArray()); + SharedFunctionInfo shared = generator.function().shared(); + DCHECK(shared.HasBytecodeArray()); + HandlerTable handler_table(shared.GetBytecodeArray()); - int pc = Smi::cast(generator->input_or_debug_pos())->value(); + int pc = Smi::cast(generator.input_or_debug_pos()).value(); HandlerTable::CatchPrediction catch_prediction = HandlerTable::ASYNC_AWAIT; handler_table.LookupRange(pc, nullptr, &catch_prediction); return isolate->heap()->ToBoolean(catch_prediction == HandlerTable::CAUGHT); diff --git a/chromium/v8/src/runtime/runtime-internal.cc b/chromium/v8/src/runtime/runtime-internal.cc index b884f3b83d1..21b1b1ef7c8 100644 --- a/chromium/v8/src/runtime/runtime-internal.cc +++ b/chromium/v8/src/runtime/runtime-internal.cc @@ -4,27 +4,27 @@ #include <memory> -#include "src/api.h" -#include "src/arguments-inl.h" +#include "src/api/api.h" #include "src/ast/ast-traversal-visitor.h" #include "src/ast/prettyprinter.h" -#include "src/bootstrapper.h" #include "src/builtins/builtins.h" -#include "src/conversions.h" -#include "src/counters.h" #include "src/debug/debug.h" -#include "src/feedback-vector-inl.h" -#include "src/frames-inl.h" -#include "src/isolate-inl.h" -#include "src/message-template.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/frames-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/execution/message-template.h" +#include "src/init/bootstrapper.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions.h" +#include "src/objects/feedback-vector-inl.h" #include "src/objects/js-array-inl.h" #include "src/objects/template-objects-inl.h" -#include "src/ostreams.h" #include "src/parsing/parse-info.h" #include "src/parsing/parsing.h" #include "src/runtime/runtime-utils.h" #include "src/snapshot/snapshot.h" -#include "src/string-builder-inl.h" +#include "src/strings/string-builder-inl.h" +#include "src/utils/ostreams.h" namespace v8 { namespace internal { @@ -40,13 +40,6 @@ RUNTIME_FUNCTION(Runtime_AccessCheck) { return ReadOnlyRoots(isolate).undefined_value(); } -RUNTIME_FUNCTION(Runtime_CheckIsBootstrapping) { - SealHandleScope shs(isolate); - DCHECK_EQ(0, args.length()); - CHECK(isolate->bootstrapper()->IsActive()); - return ReadOnlyRoots(isolate).undefined_value(); -} - RUNTIME_FUNCTION(Runtime_FatalProcessOutOfMemoryInAllocateRaw) { HandleScope scope(isolate); DCHECK_EQ(0, args.length()); @@ -276,13 +269,13 @@ RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterrupt) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); - function->raw_feedback_cell()->set_interrupt_budget(FLAG_interrupt_budget); + function->raw_feedback_cell().set_interrupt_budget(FLAG_interrupt_budget); if (!function->has_feedback_vector()) { JSFunction::EnsureFeedbackVector(function); // Also initialize the invocation count here. This is only really needed for // OSR. When we OSR functions with lazy feedback allocation we want to have // a non zero invocation count so we can inline functions. - function->feedback_vector()->set_invocation_count(1); + function->feedback_vector().set_invocation_count(1); return ReadOnlyRoots(isolate).undefined_value(); } // Handle interrupts. @@ -292,13 +285,6 @@ RUNTIME_FUNCTION(Runtime_BytecodeBudgetInterrupt) { } } -RUNTIME_FUNCTION(Runtime_Interrupt) { - SealHandleScope shs(isolate); - DCHECK_EQ(0, args.length()); - TRACE_EVENT0("v8.execute", "V8.Interrupt"); - return isolate->stack_guard()->HandleInterrupts(); -} - RUNTIME_FUNCTION(Runtime_AllocateInYoungGeneration) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); @@ -323,6 +309,14 @@ RUNTIME_FUNCTION(Runtime_AllocateInOldGeneration) { AllocationType::kOld); } +RUNTIME_FUNCTION(Runtime_AllocateByteArray) { + HandleScope scope(isolate); + DCHECK_EQ(1, args.length()); + CONVERT_SMI_ARG_CHECKED(length, 0); + DCHECK_LT(0, length); + return *isolate->factory()->NewByteArray(length); +} + RUNTIME_FUNCTION(Runtime_AllocateSeqOneByteString) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); @@ -361,7 +355,7 @@ bool ComputeLocation(Isolate* isolate, MessageLocation* target) { SharedFunctionInfo::EnsureSourcePositionsAvailable(isolate, shared); int pos = summary.abstract_code()->SourcePosition(summary.code_offset()); if (script->IsScript() && - !(Handle<Script>::cast(script)->source()->IsUndefined(isolate))) { + !(Handle<Script>::cast(script)->source().IsUndefined(isolate))) { Handle<Script> casted_script = Handle<Script>::cast(script); *target = MessageLocation(casted_script, pos, pos + 1, shared); return true; @@ -615,7 +609,7 @@ RUNTIME_FUNCTION(Runtime_GetAndResetRuntimeCallStats) { } else { DCHECK_LE(args.length(), 2); std::FILE* f; - if (args[0]->IsString()) { + if (args[0].IsString()) { // With a string argument, the results are appended to that file. CONVERT_ARG_HANDLE_CHECKED(String, arg0, 0); DisallowHeapAllocation no_gc; @@ -640,7 +634,7 @@ RUNTIME_FUNCTION(Runtime_GetAndResetRuntimeCallStats) { OFStream stats_stream(f); isolate->counters()->runtime_call_stats()->Print(stats_stream); isolate->counters()->runtime_call_stats()->Reset(); - if (args[0]->IsString()) + if (args[0].IsString()) std::fclose(f); else std::fflush(f); @@ -701,7 +695,7 @@ RUNTIME_FUNCTION(Runtime_GetTemplateObject) { CONVERT_ARG_HANDLE_CHECKED(SharedFunctionInfo, shared_info, 1); CONVERT_SMI_ARG_CHECKED(slot_id, 2); - Handle<Context> native_context(isolate->context()->native_context(), isolate); + Handle<Context> native_context(isolate->context().native_context(), isolate); return *TemplateObjectDescription::GetTemplateObject( isolate, native_context, description, shared_info, slot_id); } diff --git a/chromium/v8/src/runtime/runtime-interpreter.cc b/chromium/v8/src/runtime/runtime-interpreter.cc index ad843174153..48b4d2b6e76 100644 --- a/chromium/v8/src/runtime/runtime-interpreter.cc +++ b/chromium/v8/src/runtime/runtime-interpreter.cc @@ -4,19 +4,19 @@ #include <iomanip> -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/frames-inl.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/frames-inl.h" +#include "src/execution/isolate-inl.h" #include "src/interpreter/bytecode-array-iterator.h" #include "src/interpreter/bytecode-decoder.h" #include "src/interpreter/bytecode-flags.h" #include "src/interpreter/bytecode-register.h" #include "src/interpreter/bytecodes.h" #include "src/interpreter/interpreter.h" -#include "src/isolate-inl.h" -#include "src/ostreams.h" +#include "src/logging/counters.h" #include "src/runtime/runtime-utils.h" #include "src/snapshot/snapshot.h" +#include "src/utils/ostreams.h" namespace v8 { namespace internal { @@ -84,7 +84,7 @@ void PrintRegisters(Isolate* isolate, std::ostream& os, bool is_input, << interpreter::Register(reg_index).ToString( bytecode_iterator.bytecode_array()->parameter_count()) << kArrowDirection; - reg_object->ShortPrint(os); + reg_object.ShortPrint(os); os << " ]" << std::endl; } } @@ -173,13 +173,13 @@ RUNTIME_FUNCTION(Runtime_InterpreterTraceUpdateFeedback) { CONVERT_SMI_ARG_CHECKED(slot, 1); CONVERT_ARG_CHECKED(String, reason, 2); - int slot_count = function->feedback_vector()->metadata()->slot_count(); + int slot_count = function->feedback_vector().metadata().slot_count(); StdoutStream os; os << "[Feedback slot " << slot << "/" << slot_count << " in "; - function->shared()->ShortPrint(os); + function->shared().ShortPrint(os); os << " updated to "; - function->feedback_vector()->FeedbackSlotPrint(os, FeedbackSlot(slot)); + function->feedback_vector().FeedbackSlotPrint(os, FeedbackSlot(slot)); os << " - "; StringCharacterStream stream(reason); diff --git a/chromium/v8/src/runtime/runtime-intl.cc b/chromium/v8/src/runtime/runtime-intl.cc index 37cd2a45d73..de27dca8a3a 100644 --- a/chromium/v8/src/runtime/runtime-intl.cc +++ b/chromium/v8/src/runtime/runtime-intl.cc @@ -9,14 +9,14 @@ #include <cmath> #include <memory> -#include "src/api-inl.h" -#include "src/api-natives.h" -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/date.h" -#include "src/global-handles.h" +#include "src/api/api-inl.h" +#include "src/api/api-natives.h" +#include "src/date/date.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/handles/global-handles.h" #include "src/heap/factory.h" -#include "src/isolate-inl.h" +#include "src/logging/counters.h" #include "src/objects/intl-objects.h" #include "src/objects/js-array-inl.h" #include "src/objects/js-collator-inl.h" @@ -27,7 +27,7 @@ #include "src/objects/js-plural-rules-inl.h" #include "src/objects/managed.h" #include "src/runtime/runtime-utils.h" -#include "src/utils.h" +#include "src/utils/utils.h" namespace v8 { namespace internal { diff --git a/chromium/v8/src/runtime/runtime-literals.cc b/chromium/v8/src/runtime/runtime-literals.cc index 0947c02a192..67aa0974845 100644 --- a/chromium/v8/src/runtime/runtime-literals.cc +++ b/chromium/v8/src/runtime/runtime-literals.cc @@ -2,11 +2,11 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/allocation-site-scopes-inl.h" -#include "src/arguments-inl.h" #include "src/ast/ast.h" -#include "src/counters.h" -#include "src/isolate-inl.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/logging/counters.h" +#include "src/objects/allocation-site-scopes-inl.h" #include "src/objects/hash-table-inl.h" #include "src/objects/heap-number-inl.h" #include "src/objects/heap-object-inl.h" @@ -86,7 +86,7 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( } } - if (object->map()->is_deprecated()) { + if (object->map().is_deprecated()) { JSObject::MigrateInstance(object); } @@ -113,23 +113,23 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( // Deep copy own properties. Arrays only have 1 property "length". if (!copy->IsJSArray()) { if (copy->HasFastProperties()) { - Handle<DescriptorArray> descriptors(copy->map()->instance_descriptors(), + Handle<DescriptorArray> descriptors(copy->map().instance_descriptors(), isolate); - int limit = copy->map()->NumberOfOwnDescriptors(); + int limit = copy->map().NumberOfOwnDescriptors(); for (int i = 0; i < limit; i++) { DCHECK_EQ(kField, descriptors->GetDetails(i).location()); DCHECK_EQ(kData, descriptors->GetDetails(i).kind()); FieldIndex index = FieldIndex::ForDescriptor(copy->map(), i); if (copy->IsUnboxedDoubleField(index)) continue; Object raw = copy->RawFastPropertyAt(index); - if (raw->IsJSObject()) { + if (raw.IsJSObject()) { Handle<JSObject> value(JSObject::cast(raw), isolate); ASSIGN_RETURN_ON_EXCEPTION( isolate, value, VisitElementOrProperty(copy, value), JSObject); if (copying) copy->FastPropertyAtPut(index, *value); - } else if (copying && raw->IsMutableHeapNumber()) { + } else if (copying && raw.IsMutableHeapNumber()) { DCHECK(descriptors->GetDetails(i).representation().IsDouble()); - uint64_t double_value = MutableHeapNumber::cast(raw)->value_as_bits(); + uint64_t double_value = MutableHeapNumber::cast(raw).value_as_bits(); auto value = isolate->factory()->NewMutableHeapNumberFromBits(double_value); copy->FastPropertyAtPut(index, *value); @@ -139,8 +139,8 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( Handle<NameDictionary> dict(copy->property_dictionary(), isolate); for (int i = 0; i < dict->Capacity(); i++) { Object raw = dict->ValueAt(i); - if (!raw->IsJSObject()) continue; - DCHECK(dict->KeyAt(i)->IsName()); + if (!raw.IsJSObject()) continue; + DCHECK(dict->KeyAt(i).IsName()); Handle<JSObject> value(JSObject::cast(raw), isolate); ASSIGN_RETURN_ON_EXCEPTION( isolate, value, VisitElementOrProperty(copy, value), JSObject); @@ -149,7 +149,7 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( } // Assume non-arrays don't end up having elements. - if (copy->elements()->length() == 0) return copy; + if (copy->elements().length() == 0) return copy; } // Deep copy own elements. @@ -157,18 +157,20 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( case PACKED_ELEMENTS: case PACKED_FROZEN_ELEMENTS: case PACKED_SEALED_ELEMENTS: + case HOLEY_FROZEN_ELEMENTS: + case HOLEY_SEALED_ELEMENTS: case HOLEY_ELEMENTS: { Handle<FixedArray> elements(FixedArray::cast(copy->elements()), isolate); if (elements->map() == ReadOnlyRoots(isolate).fixed_cow_array_map()) { #ifdef DEBUG for (int i = 0; i < elements->length(); i++) { - DCHECK(!elements->get(i)->IsJSObject()); + DCHECK(!elements->get(i).IsJSObject()); } #endif } else { for (int i = 0; i < elements->length(); i++) { Object raw = elements->get(i); - if (!raw->IsJSObject()) continue; + if (!raw.IsJSObject()) continue; Handle<JSObject> value(JSObject::cast(raw), isolate); ASSIGN_RETURN_ON_EXCEPTION( isolate, value, VisitElementOrProperty(copy, value), JSObject); @@ -183,7 +185,7 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( int capacity = element_dictionary->Capacity(); for (int i = 0; i < capacity; i++) { Object raw = element_dictionary->ValueAt(i); - if (!raw->IsJSObject()) continue; + if (!raw.IsJSObject()) continue; Handle<JSObject> value(JSObject::cast(raw), isolate); ASSIGN_RETURN_ON_EXCEPTION( isolate, value, VisitElementOrProperty(copy, value), JSObject); @@ -198,7 +200,6 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( case FAST_STRING_WRAPPER_ELEMENTS: case SLOW_STRING_WRAPPER_ELEMENTS: UNREACHABLE(); - break; #define TYPED_ARRAY_CASE(Type, type, TYPE, ctype) case TYPE##_ELEMENTS: @@ -206,7 +207,6 @@ MaybeHandle<JSObject> JSObjectWalkVisitor<ContextObject>::StructureWalk( #undef TYPED_ARRAY_CASE // Typed elements cannot be created using an object literal. UNREACHABLE(); - break; case PACKED_SMI_ELEMENTS: case HOLEY_SMI_ELEMENTS: @@ -392,7 +392,7 @@ struct ObjectLiteralHelper { // TODO(cbruni): avoid making the boilerplate fast again, the clone stub // supports dict-mode objects directly. JSObject::MigrateSlowToFast(boilerplate, - boilerplate->map()->UnusedPropertyFields(), + boilerplate->map().UnusedPropertyFields(), "FastLiteral"); } return boilerplate; @@ -427,7 +427,7 @@ struct ArrayLiteralHelper { Handle<FixedArray> fixed_array_values = Handle<FixedArray>::cast(copied_elements_values); for (int i = 0; i < fixed_array_values->length(); i++) { - DCHECK(!fixed_array_values->get(i)->IsFixedArray()); + DCHECK(!fixed_array_values->get(i).IsFixedArray()); } #endif } else { diff --git a/chromium/v8/src/runtime/runtime-module.cc b/chromium/v8/src/runtime/runtime-module.cc index 91dac4fa1ce..41f21865a67 100644 --- a/chromium/v8/src/runtime/runtime-module.cc +++ b/chromium/v8/src/runtime/runtime-module.cc @@ -2,11 +2,11 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/objects-inl.h" +#include "src/execution/arguments-inl.h" +#include "src/logging/counters.h" #include "src/objects/js-promise.h" #include "src/objects/module.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" namespace v8 { @@ -18,11 +18,10 @@ RUNTIME_FUNCTION(Runtime_DynamicImportCall) { CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); CONVERT_ARG_HANDLE_CHECKED(Object, specifier, 1); - Handle<Script> script(Script::cast(function->shared()->script()), isolate); + Handle<Script> script(Script::cast(function->shared().script()), isolate); while (script->has_eval_from_shared()) { - script = - handle(Script::cast(script->eval_from_shared()->script()), isolate); + script = handle(Script::cast(script->eval_from_shared().script()), isolate); } RETURN_RESULT_OR_FAILURE( @@ -34,14 +33,14 @@ RUNTIME_FUNCTION(Runtime_GetModuleNamespace) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_SMI_ARG_CHECKED(module_request, 0); - Handle<Module> module(isolate->context()->module(), isolate); + Handle<Module> module(isolate->context().module(), isolate); return *Module::GetModuleNamespace(isolate, module, module_request); } RUNTIME_FUNCTION(Runtime_GetImportMetaObject) { HandleScope scope(isolate); DCHECK_EQ(0, args.length()); - Handle<Module> module(isolate->context()->module(), isolate); + Handle<Module> module(isolate->context().module(), isolate); return *isolate->RunHostInitializeImportMetaObjectCallback(module); } diff --git a/chromium/v8/src/runtime/runtime-numbers.cc b/chromium/v8/src/runtime/runtime-numbers.cc index edceef20a53..e496880b71b 100644 --- a/chromium/v8/src/runtime/runtime-numbers.cc +++ b/chromium/v8/src/runtime/runtime-numbers.cc @@ -2,12 +2,12 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" #include "src/base/bits.h" -#include "src/bootstrapper.h" -#include "src/counters.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" +#include "src/init/bootstrapper.h" +#include "src/logging/counters.h" #include "src/runtime/runtime-utils.h" namespace v8 { @@ -78,21 +78,6 @@ RUNTIME_FUNCTION(Runtime_NumberToString) { return *isolate->factory()->NumberToString(number); } -// Compare two Smis x, y as if they were converted to strings and then -// compared lexicographically. Returns: -// -1 if x < y -// 0 if x == y -// 1 if x > y -// TODO(szuend): Remove once the call-site in src/js/array.js is gone. -RUNTIME_FUNCTION(Runtime_SmiLexicographicCompare) { - SealHandleScope shs(isolate); - DCHECK_EQ(2, args.length()); - CONVERT_ARG_CHECKED(Smi, x_value, 0); - CONVERT_ARG_CHECKED(Smi, y_value, 1); - - return Object(Smi::LexicographicCompare(isolate, x_value, y_value)); -} - RUNTIME_FUNCTION(Runtime_MaxSmi) { SealHandleScope shs(isolate); DCHECK_EQ(0, args.length()); @@ -104,7 +89,7 @@ RUNTIME_FUNCTION(Runtime_IsSmi) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, obj, 0); - return isolate->heap()->ToBoolean(obj->IsSmi()); + return isolate->heap()->ToBoolean(obj.IsSmi()); } diff --git a/chromium/v8/src/runtime/runtime-object.cc b/chromium/v8/src/runtime/runtime-object.cc index e38bed36208..8b94d83f318 100644 --- a/chromium/v8/src/runtime/runtime-object.cc +++ b/chromium/v8/src/runtime/runtime-object.cc @@ -2,17 +2,17 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/bootstrapper.h" -#include "src/counters.h" #include "src/debug/debug.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/execution/message-template.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" -#include "src/message-template.h" +#include "src/init/bootstrapper.h" +#include "src/logging/counters.h" #include "src/objects/hash-table-inl.h" #include "src/objects/js-array-inl.h" #include "src/objects/property-descriptor-object.h" -#include "src/property-descriptor.h" +#include "src/objects/property-descriptor.h" #include "src/runtime/runtime-utils.h" #include "src/runtime/runtime.h" @@ -42,8 +42,8 @@ MaybeHandle<Object> Runtime::GetObjectProperty(Isolate* isolate, if (is_found_out) *is_found_out = it.IsFound(); if (!it.IsFound() && key->IsSymbol() && - Symbol::cast(*key)->is_private_name()) { - Handle<Object> name_string(Symbol::cast(*key)->name(), isolate); + Symbol::cast(*key).is_private_name()) { + Handle<Object> name_string(Symbol::cast(*key).name(), isolate); DCHECK(name_string->IsString()); THROW_NEW_ERROR(isolate, NewTypeError(MessageTemplate::kInvalidPrivateFieldRead, @@ -81,75 +81,91 @@ namespace { bool DeleteObjectPropertyFast(Isolate* isolate, Handle<JSReceiver> receiver, Handle<Object> raw_key) { - DisallowHeapAllocation no_allocation; // This implements a special case for fast property deletion: when the // last property in an object is deleted, then instead of normalizing // the properties, we can undo the last map transition, with a few // prerequisites: // (1) The receiver must be a regular object and the key a unique name. - Map map = receiver->map(); - if (map->IsSpecialReceiverMap()) return false; + Handle<Map> receiver_map(receiver->map(), isolate); + if (receiver_map->IsSpecialReceiverMap()) return false; if (!raw_key->IsUniqueName()) return false; Handle<Name> key = Handle<Name>::cast(raw_key); // (2) The property to be deleted must be the last property. - int nof = map->NumberOfOwnDescriptors(); + int nof = receiver_map->NumberOfOwnDescriptors(); if (nof == 0) return false; int descriptor = nof - 1; - DescriptorArray descriptors = map->instance_descriptors(); + Handle<DescriptorArray> descriptors(receiver_map->instance_descriptors(), + isolate); if (descriptors->GetKey(descriptor) != *key) return false; // (3) The property to be deleted must be deletable. PropertyDetails details = descriptors->GetDetails(descriptor); if (!details.IsConfigurable()) return false; - // TODO(bmeurer): This optimization is unsound if the property is currently - // marked as constant, as there's no way that we can learn that it is not - // constant when we later follow the same transition again with a different - // value on the same object. As a quick-fix we just disable the optimization - // in case of constant fields. We might want to restructure the code here to - // update the {map} instead and deoptimize all code that depends on it. - if (details.constness() == PropertyConstness::kConst) return false; // (4) The map must have a back pointer. - Object backpointer = map->GetBackPointer(); + Handle<Object> backpointer(receiver_map->GetBackPointer(), isolate); if (!backpointer->IsMap()) return false; + Handle<Map> parent_map = Handle<Map>::cast(backpointer); // (5) The last transition must have been caused by adding a property // (and not any kind of special transition). - if (Map::cast(backpointer)->NumberOfOwnDescriptors() != nof - 1) return false; + if (parent_map->NumberOfOwnDescriptors() != nof - 1) return false; // Preconditions successful. No more bailouts after this point. + // If the {descriptor} was "const" so far, we need to update the + // {receiver_map} here, otherwise we could get the constants wrong, i.e. + // + // o.x = 1; + // delete o.x; + // o.x = 2; + // + // could trick V8 into thinking that `o.x` is still 1 even after the second + // assignment. + if (details.constness() == PropertyConstness::kConst && + details.location() == kField) { + Handle<FieldType> field_type(descriptors->GetFieldType(descriptor), + isolate); + Map::GeneralizeField(isolate, receiver_map, descriptor, + PropertyConstness::kMutable, details.representation(), + field_type); + DCHECK_EQ(PropertyConstness::kMutable, + descriptors->GetDetails(descriptor).constness()); + } + // Zap the property to avoid keeping objects alive. Zapping is not necessary // for properties stored in the descriptor array. if (details.location() == kField) { - isolate->heap()->NotifyObjectLayoutChange(*receiver, map->instance_size(), - no_allocation); - FieldIndex index = FieldIndex::ForPropertyIndex(map, details.field_index()); + DisallowHeapAllocation no_allocation; + isolate->heap()->NotifyObjectLayoutChange( + *receiver, receiver_map->instance_size(), no_allocation); + FieldIndex index = + FieldIndex::ForPropertyIndex(*receiver_map, details.field_index()); // Special case deleting the last out-of object property. if (!index.is_inobject() && index.outobject_array_index() == 0) { - DCHECK(!Map::cast(backpointer)->HasOutOfObjectProperties()); + DCHECK(!parent_map->HasOutOfObjectProperties()); // Clear out the properties backing store. receiver->SetProperties(ReadOnlyRoots(isolate).empty_fixed_array()); } else { Object filler = ReadOnlyRoots(isolate).one_pointer_filler_map(); - JSObject::cast(*receiver)->RawFastPropertyAtPut(index, filler); + JSObject::cast(*receiver).RawFastPropertyAtPut(index, filler); // We must clear any recorded slot for the deleted property, because // subsequent object modifications might put a raw double there. // Slot clearing is the reason why this entire function cannot currently // be implemented in the DeleteProperty stub. - if (index.is_inobject() && !map->IsUnboxedDoubleField(index)) { + if (index.is_inobject() && !receiver_map->IsUnboxedDoubleField(index)) { isolate->heap()->ClearRecordedSlot(*receiver, receiver->RawField(index.offset())); } } } - // If the map was marked stable before, then there could be optimized code - // that depends on the assumption that no object that reached this map - // transitions away from it without triggering the "deoptimize dependent - // code" mechanism. - map->NotifyLeafMapLayoutChange(isolate); + // If the {receiver_map} was marked stable before, then there could be + // optimized code that depends on the assumption that no object that + // reached this {receiver_map} transitions away from it without triggering + // the "deoptimize dependent code" mechanism. + receiver_map->NotifyLeafMapLayoutChange(isolate); // Finally, perform the map rollback. - receiver->synchronized_set_map(Map::cast(backpointer)); + receiver->synchronized_set_map(*parent_map); #if VERIFY_HEAP receiver->HeapObjectVerify(isolate); - receiver->property_array()->PropertyArrayVerify(isolate); + receiver->property_array().PropertyArrayVerify(isolate); #endif return true; } @@ -288,9 +304,9 @@ RUNTIME_FUNCTION(Runtime_ObjectHasOwnProperty) { } Map map = js_obj->map(); - if (!map->has_hidden_prototype() && - (key_is_array_index ? !map->has_indexed_interceptor() - : !map->has_named_interceptor())) { + if (!map.has_hidden_prototype() && + (key_is_array_index ? !map.has_indexed_interceptor() + : !map.has_named_interceptor())) { return ReadOnlyRoots(isolate).false_value(); } @@ -319,7 +335,7 @@ RUNTIME_FUNCTION(Runtime_ObjectHasOwnProperty) { } else if (object->IsString()) { return isolate->heap()->ToBoolean( key_is_array_index - ? index < static_cast<uint32_t>(String::cast(*object)->length()) + ? index < static_cast<uint32_t>(String::cast(*object).length()) : key->Equals(ReadOnlyRoots(isolate).length_string())); } else if (object->IsNullOrUndefined(isolate)) { THROW_NEW_ERROR_RETURN_FAILURE( @@ -391,8 +407,8 @@ MaybeHandle<Object> Runtime::SetObjectProperty( if (!success) return MaybeHandle<Object>(); if (!it.IsFound() && key->IsSymbol() && - Symbol::cast(*key)->is_private_name()) { - Handle<Object> name_string(Symbol::cast(*key)->name(), isolate); + Symbol::cast(*key).is_private_name()) { + Handle<Object> name_string(Symbol::cast(*key).name(), isolate); DCHECK(name_string->IsString()); THROW_NEW_ERROR(isolate, NewTypeError(MessageTemplate::kInvalidPrivateFieldWrite, @@ -507,7 +523,7 @@ RUNTIME_FUNCTION(Runtime_GetProperty) { // Convert string-index keys to their number variant to avoid internalization // below; and speed up subsequent conversion to index. uint32_t index; - if (key_obj->IsString() && String::cast(*key_obj)->AsArrayIndex(&index)) { + if (key_obj->IsString() && String::cast(*key_obj).AsArrayIndex(&index)) { key_obj = isolate->factory()->NewNumberFromUint(index); } if (receiver_obj->IsJSObject()) { @@ -521,23 +537,23 @@ RUNTIME_FUNCTION(Runtime_GetProperty) { if (receiver->IsJSGlobalObject()) { // Attempt dictionary lookup. GlobalDictionary dictionary = - JSGlobalObject::cast(*receiver)->global_dictionary(); - int entry = dictionary->FindEntry(isolate, key); + JSGlobalObject::cast(*receiver).global_dictionary(); + int entry = dictionary.FindEntry(isolate, key); if (entry != GlobalDictionary::kNotFound) { - PropertyCell cell = dictionary->CellAt(entry); - if (cell->property_details().kind() == kData) { - Object value = cell->value(); - if (!value->IsTheHole(isolate)) return value; + PropertyCell cell = dictionary.CellAt(entry); + if (cell.property_details().kind() == kData) { + Object value = cell.value(); + if (!value.IsTheHole(isolate)) return value; // If value is the hole (meaning, absent) do the general lookup. } } } else if (!receiver->HasFastProperties()) { // Attempt dictionary lookup. NameDictionary dictionary = receiver->property_dictionary(); - int entry = dictionary->FindEntry(isolate, key); + int entry = dictionary.FindEntry(isolate, key); if ((entry != NameDictionary::kNotFound) && - (dictionary->DetailsAt(entry).kind() == kData)) { - return dictionary->ValueAt(entry); + (dictionary.DetailsAt(entry).kind() == kData)) { + return dictionary.ValueAt(entry); } } } else if (key_obj->IsSmi()) { @@ -550,7 +566,7 @@ RUNTIME_FUNCTION(Runtime_GetProperty) { Handle<JSObject> js_object = Handle<JSObject>::cast(receiver_obj); ElementsKind elements_kind = js_object->GetElementsKind(); if (IsDoubleElementsKind(elements_kind)) { - if (Smi::ToInt(*key_obj) >= js_object->elements()->length()) { + if (Smi::ToInt(*key_obj) >= js_object->elements().length()) { elements_kind = IsHoleyElementsKind(elements_kind) ? HOLEY_ELEMENTS : PACKED_ELEMENTS; JSObject::TransitionElementsKind(js_object, elements_kind); @@ -737,6 +753,15 @@ RUNTIME_FUNCTION(Runtime_NewObject) { JSObject::New(target, new_target, Handle<AllocationSite>::null())); } +RUNTIME_FUNCTION(Runtime_GetDerivedMap) { + HandleScope scope(isolate); + DCHECK_EQ(2, args.length()); + CONVERT_ARG_HANDLE_CHECKED(JSFunction, target, 0); + CONVERT_ARG_HANDLE_CHECKED(JSReceiver, new_target, 1); + RETURN_RESULT_OR_FAILURE( + isolate, JSFunction::GetDerivedMap(isolate, target, new_target)); +} + RUNTIME_FUNCTION(Runtime_CompleteInobjectSlackTrackingForMap) { DisallowHeapAllocation no_gc; HandleScope scope(isolate); @@ -756,7 +781,7 @@ RUNTIME_FUNCTION(Runtime_TryMigrateInstance) { if (!object->IsJSObject()) return Smi::kZero; Handle<JSObject> js_object = Handle<JSObject>::cast(object); // It could have been a DCHECK but we call this function directly from tests. - if (!js_object->map()->is_deprecated()) return Smi::kZero; + if (!js_object->map().is_deprecated()) return Smi::kZero; // This call must not cause lazy deopts, because it's called from deferred // code where we can't handle lazy deopts for lack of a suitable bailout // ID. So we just try migration and signal failure if necessary, @@ -834,14 +859,14 @@ RUNTIME_FUNCTION(Runtime_DefineDataPropertyInLiteral) { if (flags & DataPropertyInLiteralFlag::kSetFunctionName) { DCHECK(value->IsJSFunction()); Handle<JSFunction> function = Handle<JSFunction>::cast(value); - DCHECK(!function->shared()->HasSharedName()); + DCHECK(!function->shared().HasSharedName()); Handle<Map> function_map(function->map(), isolate); if (!JSFunction::SetName(function, name, isolate->factory()->empty_string())) { return ReadOnlyRoots(isolate).exception(); } // Class constructors do not reserve in-object space for name field. - CHECK_IMPLIES(!IsClassConstructor(function->shared()->kind()), + CHECK_IMPLIES(!IsClassConstructor(function->shared().kind()), *function_map == function->map()); } @@ -872,7 +897,7 @@ RUNTIME_FUNCTION(Runtime_CollectTypeProfile) { type = Handle<String>(ReadOnlyRoots(isolate).null_string(), isolate); } - DCHECK(vector->metadata()->HasTypeProfileSlot()); + DCHECK(vector->metadata().HasTypeProfileSlot()); FeedbackNexus nexus(vector, vector->GetTypeProfileSlot()); nexus.Collect(type, position->value()); @@ -884,7 +909,7 @@ RUNTIME_FUNCTION(Runtime_HasFastPackedElements) { DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(HeapObject, obj, 0); return isolate->heap()->ToBoolean( - IsFastPackedElementsKind(obj->map()->elements_kind())); + IsFastPackedElementsKind(obj.map().elements_kind())); } @@ -892,7 +917,7 @@ RUNTIME_FUNCTION(Runtime_IsJSReceiver) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, obj, 0); - return isolate->heap()->ToBoolean(obj->IsJSReceiver()); + return isolate->heap()->ToBoolean(obj.IsJSReceiver()); } @@ -900,8 +925,8 @@ RUNTIME_FUNCTION(Runtime_ClassOf) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, obj, 0); - if (!obj->IsJSReceiver()) return ReadOnlyRoots(isolate).null_value(); - return JSReceiver::cast(obj)->class_name(); + if (!obj.IsJSReceiver()) return ReadOnlyRoots(isolate).null_value(); + return JSReceiver::cast(obj).class_name(); } RUNTIME_FUNCTION(Runtime_GetFunctionName) { @@ -919,7 +944,7 @@ RUNTIME_FUNCTION(Runtime_DefineGetterPropertyUnchecked) { CONVERT_ARG_HANDLE_CHECKED(JSFunction, getter, 2); CONVERT_PROPERTY_ATTRIBUTES_CHECKED(attrs, 3); - if (String::cast(getter->shared()->Name())->length() == 0) { + if (String::cast(getter->shared().Name()).length() == 0) { Handle<Map> getter_map(getter->map(), isolate); if (!JSFunction::SetName(getter, name, isolate->factory()->get_string())) { return ReadOnlyRoots(isolate).exception(); @@ -986,7 +1011,7 @@ RUNTIME_FUNCTION(Runtime_CopyDataPropertiesWithExcludedProperties) { // instead because of our call to %ToName() in the desugaring for // computed properties. if (property->IsString() && - String::cast(*property)->AsArrayIndex(&property_num)) { + String::cast(*property).AsArrayIndex(&property_num)) { property = isolate->factory()->NewNumberFromUint(property_num); } @@ -1009,7 +1034,7 @@ RUNTIME_FUNCTION(Runtime_DefineSetterPropertyUnchecked) { CONVERT_ARG_HANDLE_CHECKED(JSFunction, setter, 2); CONVERT_PROPERTY_ATTRIBUTES_CHECKED(attrs, 3); - if (String::cast(setter->shared()->Name())->length() == 0) { + if (String::cast(setter->shared().Name()).length() == 0) { Handle<Map> setter_map(setter->map(), isolate); if (!JSFunction::SetName(setter, name, isolate->factory()->set_string())) { return ReadOnlyRoots(isolate).exception(); @@ -1052,15 +1077,13 @@ RUNTIME_FUNCTION(Runtime_ToLength) { RETURN_RESULT_OR_FAILURE(isolate, Object::ToLength(isolate, input)); } - -RUNTIME_FUNCTION(Runtime_ToString) { +RUNTIME_FUNCTION(Runtime_ToStringRT) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(Object, input, 0); RETURN_RESULT_OR_FAILURE(isolate, Object::ToString(isolate, input)); } - RUNTIME_FUNCTION(Runtime_ToName) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); @@ -1122,6 +1145,31 @@ RUNTIME_FUNCTION(Runtime_GetOwnPropertyDescriptor) { return *desc.ToPropertyDescriptorObject(isolate); } +RUNTIME_FUNCTION(Runtime_AddPrivateBrand) { + HandleScope scope(isolate); + DCHECK_EQ(args.length(), 2); + CONVERT_ARG_HANDLE_CHECKED(JSReceiver, receiver, 0); + CONVERT_ARG_HANDLE_CHECKED(Symbol, brand, 1); + DCHECK(brand->is_private_name()); + + LookupIterator it = LookupIterator::PropertyOrElement( + isolate, receiver, brand, LookupIterator::OWN); + + if (it.IsFound()) { + THROW_NEW_ERROR_RETURN_FAILURE( + isolate, NewTypeError(MessageTemplate::kVarRedeclaration, brand)); + } + + PropertyAttributes attributes = + static_cast<PropertyAttributes>(DONT_ENUM | DONT_DELETE | READ_ONLY); + // TODO(joyee): we could use this slot to store something useful. For now, + // store the brand itself. + CHECK(Object::AddDataProperty(&it, brand, attributes, Just(kDontThrow), + StoreOrigin::kMaybeKeyed) + .FromJust()); + return *receiver; +} + RUNTIME_FUNCTION(Runtime_AddPrivateField) { HandleScope scope(isolate); DCHECK_EQ(3, args.length()); diff --git a/chromium/v8/src/runtime/runtime-operators.cc b/chromium/v8/src/runtime/runtime-operators.cc index cc932f2b41a..272502b69f7 100644 --- a/chromium/v8/src/runtime/runtime-operators.cc +++ b/chromium/v8/src/runtime/runtime-operators.cc @@ -2,10 +2,10 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments.h" -#include "src/counters.h" +#include "src/execution/arguments.h" +#include "src/execution/isolate-inl.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" +#include "src/logging/counters.h" #include "src/runtime/runtime-utils.h" namespace v8 { @@ -45,7 +45,7 @@ RUNTIME_FUNCTION(Runtime_StrictEqual) { DCHECK_EQ(2, args.length()); CONVERT_ARG_CHECKED(Object, x, 0); CONVERT_ARG_CHECKED(Object, y, 1); - return isolate->heap()->ToBoolean(x->StrictEquals(y)); + return isolate->heap()->ToBoolean(x.StrictEquals(y)); } RUNTIME_FUNCTION(Runtime_StrictNotEqual) { @@ -53,7 +53,7 @@ RUNTIME_FUNCTION(Runtime_StrictNotEqual) { DCHECK_EQ(2, args.length()); CONVERT_ARG_CHECKED(Object, x, 0); CONVERT_ARG_CHECKED(Object, y, 1); - return isolate->heap()->ToBoolean(!x->StrictEquals(y)); + return isolate->heap()->ToBoolean(!x.StrictEquals(y)); } RUNTIME_FUNCTION(Runtime_LessThan) { diff --git a/chromium/v8/src/runtime/runtime-promise.cc b/chromium/v8/src/runtime/runtime-promise.cc index d39c7190a34..d1b63a2fc87 100644 --- a/chromium/v8/src/runtime/runtime-promise.cc +++ b/chromium/v8/src/runtime/runtime-promise.cc @@ -2,15 +2,15 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/api-inl.h" -#include "src/arguments-inl.h" -#include "src/counters.h" +#include "src/api/api-inl.h" #include "src/debug/debug.h" -#include "src/elements.h" -#include "src/microtask-queue.h" -#include "src/objects-inl.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/microtask-queue.h" +#include "src/logging/counters.h" +#include "src/objects/elements.h" #include "src/objects/heap-object-inl.h" #include "src/objects/js-promise-inl.h" +#include "src/objects/objects-inl.h" #include "src/objects/oddball-inl.h" #include "src/runtime/runtime-utils.h" @@ -80,7 +80,7 @@ RUNTIME_FUNCTION(Runtime_EnqueueMicrotask) { Handle<CallableTask> microtask = isolate->factory()->NewCallableTask( function, handle(function->native_context(), isolate)); MicrotaskQueue* microtask_queue = - function->native_context()->microtask_queue(); + function->native_context().microtask_queue(); if (microtask_queue) microtask_queue->EnqueueMicrotask(*microtask); return ReadOnlyRoots(isolate).undefined_value(); } @@ -117,7 +117,7 @@ RUNTIME_FUNCTION(Runtime_PromiseMarkAsHandled) { DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(JSPromise, promise, 0); - promise->set_has_handler(true); + promise.set_has_handler(true); return ReadOnlyRoots(isolate).undefined_value(); } diff --git a/chromium/v8/src/runtime/runtime-proxy.cc b/chromium/v8/src/runtime/runtime-proxy.cc index 11544cd34b6..dd07234a4a4 100644 --- a/chromium/v8/src/runtime/runtime-proxy.cc +++ b/chromium/v8/src/runtime/runtime-proxy.cc @@ -4,42 +4,18 @@ #include "src/runtime/runtime-utils.h" -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/elements.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" #include "src/heap/factory.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" -#include "src/objects-inl.h" +#include "src/logging/counters.h" +#include "src/objects/elements.h" +#include "src/objects/objects-inl.h" namespace v8 { namespace internal { -RUNTIME_FUNCTION(Runtime_IsJSProxy) { - SealHandleScope shs(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_CHECKED(Object, obj, 0); - return isolate->heap()->ToBoolean(obj->IsJSProxy()); -} - - -RUNTIME_FUNCTION(Runtime_JSProxyGetHandler) { - SealHandleScope shs(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_CHECKED(JSProxy, proxy, 0); - return proxy->handler(); -} - - -RUNTIME_FUNCTION(Runtime_JSProxyGetTarget) { - SealHandleScope shs(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_CHECKED(JSProxy, proxy, 0); - return proxy->target(); -} - - RUNTIME_FUNCTION(Runtime_GetPropertyWithReceiver) { HandleScope scope(isolate); @@ -98,7 +74,7 @@ RUNTIME_FUNCTION(Runtime_CheckProxyGetSetTrapResult) { JSProxy::AccessKind(access_kind))); } -RUNTIME_FUNCTION(Runtime_CheckProxyHasTrap) { +RUNTIME_FUNCTION(Runtime_CheckProxyHasTrapResult) { HandleScope scope(isolate); DCHECK_EQ(2, args.length()); diff --git a/chromium/v8/src/runtime/runtime-regexp.cc b/chromium/v8/src/runtime/runtime-regexp.cc index 7b5cd91699a..85c9ebcb1be 100644 --- a/chromium/v8/src/runtime/runtime-regexp.cc +++ b/chromium/v8/src/runtime/runtime-regexp.cc @@ -4,18 +4,18 @@ #include <functional> -#include "src/arguments-inl.h" -#include "src/conversions-inl.h" -#include "src/counters.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/execution/message-template.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" -#include "src/message-template.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions-inl.h" #include "src/objects/js-array-inl.h" #include "src/regexp/jsregexp-inl.h" #include "src/regexp/regexp-utils.h" #include "src/runtime/runtime-utils.h" -#include "src/string-builder-inl.h" -#include "src/string-search.h" +#include "src/strings/string-builder-inl.h" +#include "src/strings/string-search.h" #include "src/zone/zone-chunk-list.h" namespace v8 { @@ -45,17 +45,17 @@ int LookupNamedCapture(const std::function<bool(String)>& name_matches, // internalized strings. int maybe_capture_index = -1; - const int named_capture_count = capture_name_map->length() >> 1; + const int named_capture_count = capture_name_map.length() >> 1; for (int j = 0; j < named_capture_count; j++) { // The format of {capture_name_map} is documented at // JSRegExp::kIrregexpCaptureNameMapIndex. const int name_ix = j * 2; const int index_ix = j * 2 + 1; - String capture_name = String::cast(capture_name_map->get(name_ix)); + String capture_name = String::cast(capture_name_map.get(name_ix)); if (!name_matches(capture_name)) continue; - maybe_capture_index = Smi::ToInt(capture_name_map->get(index_ix)); + maybe_capture_index = Smi::ToInt(capture_name_map.get(index_ix)); break; } @@ -267,7 +267,7 @@ class CompiledReplacement { const int capture_index = LookupNamedCapture( [=](String capture_name) { - return capture_name->IsEqualTo(requested_name); + return capture_name.IsEqualTo(requested_name); }, capture_name_map); @@ -323,7 +323,7 @@ bool CompiledReplacement::Compile(Isolate* isolate, Handle<JSRegExp> regexp, if (capture_count > 0) { DCHECK_EQ(regexp->TypeTag(), JSRegExp::IRREGEXP); Object maybe_capture_name_map = regexp->CaptureNameMap(); - if (maybe_capture_name_map->IsFixedArray()) { + if (maybe_capture_name_map.IsFixedArray()) { capture_name_map = FixedArray::cast(maybe_capture_name_map); } } @@ -405,7 +405,7 @@ void FindOneByteStringIndices(Vector<const uint8_t> subject, uint8_t pattern, DCHECK_LT(0, limit); // Collect indices of pattern in subject using memchr. // Stop after finding at most limit values. - const uint8_t* subject_start = subject.start(); + const uint8_t* subject_start = subject.begin(); const uint8_t* subject_end = subject_start + subject.length(); const uint8_t* pos = subject_start; while (limit > 0) { @@ -421,7 +421,7 @@ void FindOneByteStringIndices(Vector<const uint8_t> subject, uint8_t pattern, void FindTwoByteStringIndices(const Vector<const uc16> subject, uc16 pattern, std::vector<int>* indices, unsigned int limit) { DCHECK_LT(0, limit); - const uc16* subject_start = subject.start(); + const uc16* subject_start = subject.begin(); const uc16* subject_end = subject_start + subject.length(); for (const uc16* pos = subject_start; pos < subject_end && limit > 0; pos++) { if (*pos == pattern) { @@ -454,8 +454,8 @@ void FindStringIndicesDispatch(Isolate* isolate, String subject, String pattern, std::vector<int>* indices, unsigned int limit) { { DisallowHeapAllocation no_gc; - String::FlatContent subject_content = subject->GetFlatContent(no_gc); - String::FlatContent pattern_content = pattern->GetFlatContent(no_gc); + String::FlatContent subject_content = subject.GetFlatContent(no_gc); + String::FlatContent pattern_content = pattern.GetFlatContent(no_gc); DCHECK(subject_content.IsFlat()); DCHECK(pattern_content.IsFlat()); if (subject_content.IsOneByte()) { @@ -533,7 +533,7 @@ V8_WARN_UNUSED_RESULT static Object StringReplaceGlobalAtomRegExpWithString( String pattern = String::cast(pattern_regexp->DataAt(JSRegExp::kAtomPatternIndex)); int subject_len = subject->length(); - int pattern_len = pattern->length(); + int pattern_len = pattern.length(); int replacement_len = replacement->length(); FindStringIndicesDispatch(isolate, *subject, pattern, indices, 0xFFFFFFFF); @@ -893,7 +893,7 @@ class MatchInfoBackedMatch : public String::Match { if (regexp->TypeTag() == JSRegExp::IRREGEXP) { Object o = regexp->CaptureNameMap(); - has_named_captures_ = o->IsFixedArray(); + has_named_captures_ = o.IsFixedArray(); if (has_named_captures_) { capture_name_map_ = handle(FixedArray::cast(o), isolate); } @@ -934,7 +934,7 @@ class MatchInfoBackedMatch : public String::Match { CaptureState* state) override { DCHECK(has_named_captures_); const int capture_index = LookupNamedCapture( - [=](String capture_name) { return capture_name->Equals(*name); }, + [=](String capture_name) { return capture_name.Equals(*name); }, *capture_name_map_); if (capture_index == -1) { @@ -1095,11 +1095,11 @@ static Object SearchRegExpMultiple(Isolate* isolate, Handle<String> subject, Object cached_answer = RegExpResultsCache::Lookup( isolate->heap(), *subject, regexp->data(), &last_match_cache, RegExpResultsCache::REGEXP_MULTIPLE_INDICES); - if (cached_answer->IsFixedArray()) { + if (cached_answer.IsFixedArray()) { int capture_registers = (capture_count + 1) * 2; int32_t* last_match = NewArray<int32_t>(capture_registers); for (int i = 0; i < capture_registers; i++) { - last_match[i] = Smi::ToInt(last_match_cache->get(i)); + last_match[i] = Smi::ToInt(last_match_cache.get(i)); } Handle<FixedArray> cached_fixed_array = Handle<FixedArray>(FixedArray::cast(cached_answer), isolate); @@ -1339,7 +1339,7 @@ V8_WARN_UNUSED_RESULT MaybeHandle<String> RegExpReplace( Object result = StringReplaceGlobalRegExpWithString( isolate, string, regexp, replace, last_match_info); - if (result->IsString()) { + if (result.IsString()) { return handle(String::cast(result), isolate); } else { return MaybeHandle<String>(); @@ -1387,7 +1387,7 @@ RUNTIME_FUNCTION(Runtime_StringReplaceNonGlobalRegExpWithFunction) { CONVERT_ARG_HANDLE_CHECKED(JSReceiver, replace_obj, 2); DCHECK(RegExpUtils::IsUnmodifiedRegExp(isolate, regexp)); - DCHECK(replace_obj->map()->is_callable()); + DCHECK(replace_obj->map().is_callable()); Factory* factory = isolate->factory(); Handle<RegExpMatchInfo> last_match_info = isolate->regexp_last_match_info(); @@ -1450,7 +1450,7 @@ RUNTIME_FUNCTION(Runtime_StringReplaceNonGlobalRegExpWithFunction) { DCHECK_EQ(regexp->TypeTag(), JSRegExp::IRREGEXP); Object maybe_capture_map = regexp->CaptureNameMap(); - if (maybe_capture_map->IsFixedArray()) { + if (maybe_capture_map.IsFixedArray()) { has_named_captures = true; capture_map = handle(FixedArray::cast(maybe_capture_map), isolate); } @@ -1489,7 +1489,7 @@ RUNTIME_FUNCTION(Runtime_StringReplaceNonGlobalRegExpWithFunction) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION( isolate, replacement_obj, Execution::Call(isolate, replace_obj, factory->undefined_value(), argc, - argv.start())); + argv.begin())); Handle<String> replacement; ASSIGN_RETURN_FAILURE_ON_EXCEPTION( @@ -1578,7 +1578,7 @@ RUNTIME_FUNCTION(Runtime_RegExpSplit) { Handle<Object> splitter_obj; ASSIGN_RETURN_FAILURE_ON_EXCEPTION( isolate, splitter_obj, - Execution::New(isolate, ctor, argc, argv.start())); + Execution::New(isolate, ctor, argc, argv.begin())); splitter = Handle<JSReceiver>::cast(splitter_obj); } @@ -1851,7 +1851,7 @@ RUNTIME_FUNCTION(Runtime_RegExpReplaceRT) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION( isolate, replacement_obj, Execution::Call(isolate, replace_obj, factory->undefined_value(), - argc, argv.start())); + argc, argv.begin())); ASSIGN_RETURN_FAILURE_ON_EXCEPTION( isolate, replacement, Object::ToString(isolate, replacement_obj)); @@ -1904,7 +1904,7 @@ RUNTIME_FUNCTION(Runtime_IsRegExp) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, obj, 0); - return isolate->heap()->ToBoolean(obj->IsJSRegExp()); + return isolate->heap()->ToBoolean(obj.IsJSRegExp()); } } // namespace internal diff --git a/chromium/v8/src/runtime/runtime-scopes.cc b/chromium/v8/src/runtime/runtime-scopes.cc index b7e22b8b3d3..25d10e33958 100644 --- a/chromium/v8/src/runtime/runtime-scopes.cc +++ b/chromium/v8/src/runtime/runtime-scopes.cc @@ -4,16 +4,16 @@ #include <memory> -#include "src/accessors.h" -#include "src/arguments-inl.h" #include "src/ast/scopes.h" -#include "src/bootstrapper.h" -#include "src/counters.h" -#include "src/deoptimizer.h" -#include "src/frames-inl.h" +#include "src/builtins/accessors.h" +#include "src/deoptimizer/deoptimizer.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/frames-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/execution/message-template.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" -#include "src/message-template.h" +#include "src/init/bootstrapper.h" +#include "src/logging/counters.h" #include "src/objects/heap-object-inl.h" #include "src/objects/module-inl.h" #include "src/objects/smi.h" @@ -52,7 +52,7 @@ Object DeclareGlobal( Handle<FeedbackVector> feedback_vector = Handle<FeedbackVector>(), FeedbackSlot slot = FeedbackSlot::Invalid()) { Handle<ScriptContextTable> script_contexts( - global->native_context()->script_context_table(), isolate); + global->native_context().script_context_table(), isolate); ScriptContextTable::LookupResult lookup; if (ScriptContextTable::Lookup(isolate, *script_contexts, *name, &lookup) && IsLexicalVariableMode(lookup.mode)) { @@ -125,7 +125,7 @@ Object DeclareGlobal( // Preinitialize the feedback slot if the global object does not have // named interceptor or the interceptor is not masking. if (!global->HasNamedInterceptor() || - global->GetNamedInterceptor()->non_masking()) { + global->GetNamedInterceptor().non_masking()) { FeedbackNexus nexus(feedback_vector, slot); nexus.ConfigurePropertyCellMode(it.GetPropertyCell()); } @@ -221,12 +221,12 @@ Object DeclareEvalHelper(Isolate* isolate, Handle<String> name, // context, or a declaration block scope. Since this is called from eval, the // context passed is the context of the caller, which may be some nested // context and not the declaration context. - Handle<Context> context(isolate->context()->declaration_context(), isolate); + Handle<Context> context(isolate->context().declaration_context(), isolate); DCHECK(context->IsFunctionContext() || context->IsNativeContext() || context->IsScriptContext() || context->IsEvalContext() || (context->IsBlockContext() && - context->scope_info()->is_declaration_scope())); + context->scope_info().is_declaration_scope())); bool is_function = value->IsJSFunction(); bool is_var = !is_function; @@ -252,13 +252,13 @@ Object DeclareEvalHelper(Isolate* isolate, Handle<String> name, value, NONE, is_var, is_function, RedeclarationType::kTypeError); } - if (context->extension()->IsJSGlobalObject()) { + if (context->extension().IsJSGlobalObject()) { Handle<JSGlobalObject> global(JSGlobalObject::cast(context->extension()), isolate); return DeclareGlobal(isolate, global, name, value, NONE, is_var, is_function, RedeclarationType::kTypeError); } else if (context->IsScriptContext()) { - DCHECK(context->global_object()->IsJSGlobalObject()); + DCHECK(context->global_object().IsJSGlobalObject()); Handle<JSGlobalObject> global( JSGlobalObject::cast(context->global_object()), isolate); return DeclareGlobal(isolate, global, name, value, NONE, is_var, @@ -288,7 +288,7 @@ Object DeclareEvalHelper(Isolate* isolate, Handle<String> name, // yet. Sloppy eval will never have an extension object, as vars are hoisted // out, and lets are known statically. DCHECK((context->IsBlockContext() && - context->scope_info()->is_declaration_scope()) || + context->scope_info().is_declaration_scope()) || context->IsFunctionContext()); object = isolate->factory()->NewJSObject(isolate->context_extension_function()); @@ -389,13 +389,13 @@ std::unique_ptr<Handle<Object>[]> GetCallerArguments(Isolate* isolate, template <typename T> Handle<JSObject> NewSloppyArguments(Isolate* isolate, Handle<JSFunction> callee, T parameters, int argument_count) { - CHECK(!IsDerivedConstructor(callee->shared()->kind())); - DCHECK(callee->shared()->has_simple_parameters()); + CHECK(!IsDerivedConstructor(callee->shared().kind())); + DCHECK(callee->shared().has_simple_parameters()); Handle<JSObject> result = isolate->factory()->NewArgumentsObject(callee, argument_count); // Allocate the elements if needed. - int parameter_count = callee->shared()->internal_formal_parameter_count(); + int parameter_count = callee->shared().internal_formal_parameter_count(); if (argument_count > 0) { if (parameter_count > 0) { int mapped_count = Min(argument_count, parameter_count); @@ -423,7 +423,7 @@ Handle<JSObject> NewSloppyArguments(Isolate* isolate, Handle<JSFunction> callee, --index; } - Handle<ScopeInfo> scope_info(callee->shared()->scope_info(), isolate); + Handle<ScopeInfo> scope_info(callee->shared().scope_info(), isolate); // First mark all mappable slots as unmapped and copy the values into the // arguments object. @@ -522,7 +522,7 @@ RUNTIME_FUNCTION(Runtime_NewRestParameter) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSFunction, callee, 0) - int start_index = callee->shared()->internal_formal_parameter_count(); + int start_index = callee->shared().internal_formal_parameter_count(); // This generic runtime function can also be used when the caller has been // inlined, we use the slow but accurate {GetCallerArguments}. int argument_count = 0; @@ -535,9 +535,9 @@ RUNTIME_FUNCTION(Runtime_NewRestParameter) { { DisallowHeapAllocation no_gc; FixedArray elements = FixedArray::cast(result->elements()); - WriteBarrierMode mode = elements->GetWriteBarrierMode(no_gc); + WriteBarrierMode mode = elements.GetWriteBarrierMode(no_gc); for (int i = 0; i < num_elements; i++) { - elements->set(i, *arguments[i + start_index], mode); + elements.set(i, *arguments[i + start_index], mode); } } return *result; @@ -580,7 +580,7 @@ RUNTIME_FUNCTION(Runtime_NewArgumentsElements) { // Note that args[0] is the address of an array of full object pointers // (a.k.a. FullObjectSlot), which looks like a Smi because it's aligned. DCHECK(args[0].IsSmi()); - FullObjectSlot frame(args[0]->ptr()); + FullObjectSlot frame(args[0].ptr()); CONVERT_SMI_ARG_CHECKED(length, 1); CONVERT_SMI_ARG_CHECKED(mapped_count, 2); Handle<FixedArray> result = @@ -811,7 +811,7 @@ MaybeHandle<Object> LoadLookupSlot(Isolate* isolate, Handle<String> name, // If the "property" we were looking for is a local variable, the // receiver is the global object; see ECMA-262, 3rd., 10.1.6 and 10.2.3. Handle<Object> receiver = isolate->factory()->undefined_value(); - Handle<Object> value = handle(Context::cast(*holder)->get(index), isolate); + Handle<Object> value = handle(Context::cast(*holder).get(index), isolate); // Check for uninitialized bindings. if (flag == kNeedsInitialization && value->IsTheHole(isolate)) { THROW_NEW_ERROR(isolate, @@ -875,7 +875,7 @@ RUNTIME_FUNCTION(Runtime_LoadLookupSlotInsideTypeof) { RUNTIME_FUNCTION_RETURN_PAIR(Runtime_LoadLookupSlotForCall) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); - DCHECK(args[0]->IsString()); + DCHECK(args[0].IsString()); Handle<String> name = args.at<String>(0); Handle<Object> value; Handle<Object> receiver; @@ -915,7 +915,7 @@ MaybeHandle<Object> StoreLookupSlot( // The property was found in a context slot. if (index != Context::kNotFound) { if (flag == kNeedsInitialization && - Handle<Context>::cast(holder)->get(index)->IsTheHole(isolate)) { + Handle<Context>::cast(holder)->get(index).IsTheHole(isolate)) { THROW_NEW_ERROR(isolate, NewReferenceError(MessageTemplate::kNotDefined, name), Object); @@ -985,7 +985,7 @@ RUNTIME_FUNCTION(Runtime_StoreLookupSlot_SloppyHoisting) { CONVERT_ARG_HANDLE_CHECKED(Object, value, 1); const ContextLookupFlags lookup_flags = static_cast<ContextLookupFlags>(DONT_FOLLOW_CHAINS); - Handle<Context> declaration_context(isolate->context()->declaration_context(), + Handle<Context> declaration_context(isolate->context().declaration_context(), isolate); RETURN_RESULT_OR_FAILURE( isolate, StoreLookupSlot(isolate, declaration_context, name, value, diff --git a/chromium/v8/src/runtime/runtime-strings.cc b/chromium/v8/src/runtime/runtime-strings.cc index aa19b103ebe..2e2918e47d0 100644 --- a/chromium/v8/src/runtime/runtime-strings.cc +++ b/chromium/v8/src/runtime/runtime-strings.cc @@ -2,19 +2,19 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/conversions.h" -#include "src/counters.h" +#include "src/execution/arguments-inl.h" #include "src/heap/heap-inl.h" -#include "src/objects-inl.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions.h" #include "src/objects/js-array-inl.h" +#include "src/objects/objects-inl.h" #include "src/objects/slots.h" #include "src/objects/smi.h" #include "src/regexp/jsregexp-inl.h" #include "src/regexp/regexp-utils.h" #include "src/runtime/runtime-utils.h" -#include "src/string-builder-inl.h" -#include "src/string-search.h" +#include "src/strings/string-builder-inl.h" +#include "src/strings/string-search.h" namespace v8 { namespace internal { @@ -77,8 +77,8 @@ MaybeHandle<String> StringReplaceOneCharWithString( recursion_limit--; if (subject->IsConsString()) { ConsString cons = ConsString::cast(*subject); - Handle<String> first = handle(cons->first(), isolate); - Handle<String> second = handle(cons->second(), isolate); + Handle<String> first = handle(cons.first(), isolate); + Handle<String> second = handle(cons.second(), isolate); Handle<String> new_first; if (!StringReplaceOneCharWithString(isolate, first, search, replace, found, recursion_limit).ToHandle(&new_first)) { @@ -276,7 +276,7 @@ RUNTIME_FUNCTION(Runtime_StringBuilderConcat) { DCHECK_EQ(3, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSArray, array, 0); int32_t array_length; - if (!args[1]->ToInt32(&array_length)) { + if (!args[1].ToInt32(&array_length)) { THROW_NEW_ERROR_RETURN_FAILURE(isolate, NewInvalidStringLengthError()); } CONVERT_ARG_HANDLE_CHECKED(String, special, 2); @@ -303,15 +303,15 @@ RUNTIME_FUNCTION(Runtime_StringBuilderConcat) { { DisallowHeapAllocation no_gc; FixedArray fixed_array = FixedArray::cast(array->elements()); - if (fixed_array->length() < array_length) { - array_length = fixed_array->length(); + if (fixed_array.length() < array_length) { + array_length = fixed_array.length(); } if (array_length == 0) { return ReadOnlyRoots(isolate).empty_string(); } else if (array_length == 1) { - Object first = fixed_array->get(0); - if (first->IsString()) return first; + Object first = fixed_array.get(0); + if (first.IsString()) return first; } length = StringBuilderConcatLength(special_length, fixed_array, array_length, &one_byte); @@ -356,20 +356,20 @@ static int CopyCachedOneByteCharsToArray(Heap* heap, const uint8_t* chars, FixedArray one_byte_cache = heap->single_character_string_cache(); Object undefined = ReadOnlyRoots(heap).undefined_value(); int i; - WriteBarrierMode mode = elements->GetWriteBarrierMode(no_gc); + WriteBarrierMode mode = elements.GetWriteBarrierMode(no_gc); for (i = 0; i < length; ++i) { - Object value = one_byte_cache->get(chars[i]); + Object value = one_byte_cache.get(chars[i]); if (value == undefined) break; - elements->set(i, value, mode); + elements.set(i, value, mode); } if (i < length) { - MemsetTagged(elements->RawFieldOfElementAt(i), Smi::kZero, length - i); + MemsetTagged(elements.RawFieldOfElementAt(i), Smi::kZero, length - i); } #ifdef DEBUG for (int j = 0; j < length; ++j) { - Object element = elements->get(j); + Object element = elements.get(j); DCHECK(element == Smi::kZero || - (element->IsString() && String::cast(element)->LooksValid())); + (element.IsString() && String::cast(element).LooksValid())); } #endif return i; @@ -398,7 +398,7 @@ RUNTIME_FUNCTION(Runtime_StringToArray) { Vector<const uint8_t> chars = content.ToOneByteVector(); // Note, this will initialize all elements (not only the prefix) // to prevent GC from seeing partially initialized array. - position = CopyCachedOneByteCharsToArray(isolate->heap(), chars.start(), + position = CopyCachedOneByteCharsToArray(isolate->heap(), chars.begin(), *elements, length); } else { MemsetTagged(elements->data_start(), @@ -415,7 +415,7 @@ RUNTIME_FUNCTION(Runtime_StringToArray) { #ifdef DEBUG for (int i = 0; i < length; ++i) { - DCHECK_EQ(String::cast(elements->get(i))->length(), 1); + DCHECK_EQ(String::cast(elements->get(i)).length(), 1); } #endif diff --git a/chromium/v8/src/runtime/runtime-symbol.cc b/chromium/v8/src/runtime/runtime-symbol.cc index b47794938af..b204033f39f 100644 --- a/chromium/v8/src/runtime/runtime-symbol.cc +++ b/chromium/v8/src/runtime/runtime-symbol.cc @@ -2,13 +2,13 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/counters.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/isolate-inl.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. -#include "src/isolate-inl.h" -#include "src/objects-inl.h" +#include "src/logging/counters.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" -#include "src/string-builder-inl.h" +#include "src/strings/string-builder-inl.h" namespace v8 { namespace internal { @@ -39,7 +39,7 @@ RUNTIME_FUNCTION(Runtime_SymbolDescriptiveString) { CONVERT_ARG_HANDLE_CHECKED(Symbol, symbol, 0); IncrementalStringBuilder builder(isolate); builder.AppendCString("Symbol("); - if (symbol->name()->IsString()) { + if (symbol->name().IsString()) { builder.AppendString(handle(String::cast(symbol->name()), isolate)); } builder.AppendCharacter(')'); @@ -51,7 +51,7 @@ RUNTIME_FUNCTION(Runtime_SymbolIsPrivate) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Symbol, symbol, 0); - return isolate->heap()->ToBoolean(symbol->is_private()); + return isolate->heap()->ToBoolean(symbol.is_private()); } } // namespace internal } // namespace v8 diff --git a/chromium/v8/src/runtime/runtime-test.cc b/chromium/v8/src/runtime/runtime-test.cc index 3afa2a98992..85a50fca61f 100644 --- a/chromium/v8/src/runtime/runtime-test.cc +++ b/chromium/v8/src/runtime/runtime-test.cc @@ -7,25 +7,26 @@ #include <memory> #include <sstream> -#include "src/api-inl.h" -#include "src/arguments-inl.h" -#include "src/assembler-inl.h" +#include "src/api/api-inl.h" #include "src/base/platform/mutex.h" +#include "src/codegen/assembler-inl.h" +#include "src/codegen/compiler.h" #include "src/compiler-dispatcher/optimizing-compile-dispatcher.h" -#include "src/compiler.h" -#include "src/counters.h" -#include "src/deoptimizer.h" -#include "src/frames-inl.h" +#include "src/deoptimizer/deoptimizer.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/frames-inl.h" +#include "src/execution/isolate-inl.h" +#include "src/execution/runtime-profiler.h" #include "src/heap/heap-inl.h" // For ToBoolean. TODO(jkummerow): Drop. #include "src/heap/heap-write-barrier-inl.h" #include "src/ic/stub-cache.h" -#include "src/isolate-inl.h" +#include "src/logging/counters.h" #include "src/objects/heap-object-inl.h" +#include "src/objects/js-array-inl.h" #include "src/objects/smi.h" -#include "src/ostreams.h" -#include "src/runtime-profiler.h" #include "src/snapshot/natives.h" #include "src/trap-handler/trap-handler.h" +#include "src/utils/ostreams.h" #include "src/wasm/memory-tracing.h" #include "src/wasm/module-compiler.h" #include "src/wasm/wasm-engine.h" @@ -217,6 +218,28 @@ RUNTIME_FUNCTION(Runtime_IsConcurrentRecompilationSupported) { isolate->concurrent_recompilation_enabled()); } +namespace { + +void RemoveBytecodeFromPendingOptimizeTable(v8::internal::Isolate* isolate, + Handle<JSFunction> function) { + // TODO(mythria): Remove the check for undefined, once we fix all tests to + // add PrepareForOptimization when using OptimizeFunctionOnNextCall. + if (isolate->heap()->pending_optimize_for_test_bytecode().IsUndefined()) { + return; + } + + Handle<ObjectHashTable> table = + handle(ObjectHashTable::cast( + isolate->heap()->pending_optimize_for_test_bytecode()), + isolate); + bool was_present; + table = table->Remove(isolate, table, handle(function->shared(), isolate), + &was_present); + isolate->heap()->SetPendingOptimizeForTestBytecode(*table); +} + +} // namespace + RUNTIME_FUNCTION(Runtime_OptimizeFunctionOnNextCall) { HandleScope scope(isolate); @@ -233,44 +256,45 @@ RUNTIME_FUNCTION(Runtime_OptimizeFunctionOnNextCall) { } Handle<JSFunction> function = Handle<JSFunction>::cast(function_object); - // Check we called PrepareFunctionForOptimization and hold the bytecode - // array to prevent it from getting flushed. - // TODO(mythria): Enable this check once we add PrepareForOptimization in all - // tests before calling OptimizeFunctionOnNextCall. - // CHECK(!ObjectHashTable::cast( - // isolate->heap()->pending_optimize_for_test_bytecode()) - // ->Lookup(handle(function->shared(), isolate)) - // ->IsTheHole()); - // The following conditions were lifted (in part) from the DCHECK inside // JSFunction::MarkForOptimization(). - if (!function->shared()->allows_lazy_compilation()) { + if (!function->shared().allows_lazy_compilation()) { return ReadOnlyRoots(isolate).undefined_value(); } // If function isn't compiled, compile it now. - IsCompiledScope is_compiled_scope(function->shared()->is_compiled_scope()); + IsCompiledScope is_compiled_scope(function->shared().is_compiled_scope()); if (!is_compiled_scope.is_compiled() && !Compiler::Compile(function, Compiler::CLEAR_EXCEPTION, &is_compiled_scope)) { return ReadOnlyRoots(isolate).undefined_value(); } - if (function->shared()->optimization_disabled() && - function->shared()->disable_optimization_reason() == + if (function->shared().optimization_disabled() && + function->shared().disable_optimization_reason() == BailoutReason::kNeverOptimize) { return ReadOnlyRoots(isolate).undefined_value(); } - // If the function is already optimized, just return. - if (function->IsOptimized() || function->shared()->HasAsmWasmData()) { + if (function->shared().HasAsmWasmData()) { return ReadOnlyRoots(isolate).undefined_value(); } - // If the function has optimized code, ensure that we check for it and return. + // Check we called PrepareFunctionForOptimization and hold the bytecode + // array to prevent it from getting flushed. + // TODO(mythria): Enable this check once we add PrepareForOptimization in all + // tests before calling OptimizeFunctionOnNextCall. + // CHECK(!ObjectHashTable::cast( + // isolate->heap()->pending_optimize_for_test_bytecode()) + // ->Lookup(handle(function->shared(), isolate)) + // ->IsTheHole()); + if (function->HasOptimizedCode()) { - DCHECK(function->ChecksOptimizationMarker()); + DCHECK(function->IsOptimized() || function->ChecksOptimizationMarker()); + // If function is already optimized, remove the bytecode array from the + // pending optimize for test table and return. + RemoveBytecodeFromPendingOptimizeTable(isolate, function); return ReadOnlyRoots(isolate).undefined_value(); } @@ -298,7 +322,7 @@ RUNTIME_FUNCTION(Runtime_OptimizeFunctionOnNextCall) { // This function may not have been lazily compiled yet, even though its shared // function has. if (!function->is_compiled()) { - DCHECK(function->shared()->IsInterpreted()); + DCHECK(function->shared().IsInterpreted()); function->set_code(*BUILTIN_CODE(isolate, InterpreterEntryTrampoline)); } @@ -312,12 +336,12 @@ namespace { bool EnsureFeedbackVector(Handle<JSFunction> function) { // Check function allows lazy compilation. - if (!function->shared()->allows_lazy_compilation()) { + if (!function->shared().allows_lazy_compilation()) { return false; } // If function isn't compiled, compile it now. - IsCompiledScope is_compiled_scope(function->shared()->is_compiled_scope()); + IsCompiledScope is_compiled_scope(function->shared().is_compiled_scope()); if (!is_compiled_scope.is_compiled() && !Compiler::Compile(function, Compiler::CLEAR_EXCEPTION, &is_compiled_scope)) { @@ -352,36 +376,28 @@ RUNTIME_FUNCTION(Runtime_PrepareFunctionForOptimization) { // If optimization is disabled for the function, return without making it // pending optimize for test. - if (function->shared()->optimization_disabled() && - function->shared()->disable_optimization_reason() == + if (function->shared().optimization_disabled() && + function->shared().disable_optimization_reason() == BailoutReason::kNeverOptimize) { return ReadOnlyRoots(isolate).undefined_value(); } - // If the function is already optimized, return without making it pending - // optimize for test. - if (function->IsOptimized() || function->shared()->HasAsmWasmData()) { - return ReadOnlyRoots(isolate).undefined_value(); - } - - // If the function has optimized code, ensure that we check for it and then - // return without making it pending optimize for test. - if (function->HasOptimizedCode()) { - DCHECK(function->ChecksOptimizationMarker()); + // We don't optimize Asm/Wasm functions. + if (function->shared().HasAsmWasmData()) { return ReadOnlyRoots(isolate).undefined_value(); } // Hold onto the bytecode array between marking and optimization to ensure // it's not flushed. Handle<ObjectHashTable> table = - isolate->heap()->pending_optimize_for_test_bytecode()->IsUndefined() + isolate->heap()->pending_optimize_for_test_bytecode().IsUndefined() ? ObjectHashTable::New(isolate, 1) : handle(ObjectHashTable::cast( isolate->heap()->pending_optimize_for_test_bytecode()), isolate); table = ObjectHashTable::Put( table, handle(function->shared(), isolate), - handle(function->shared()->GetBytecodeArray(), isolate)); + handle(function->shared().GetBytecodeArray(), isolate)); isolate->heap()->SetPendingOptimizeForTestBytecode(*table); return ReadOnlyRoots(isolate).undefined_value(); @@ -402,25 +418,38 @@ RUNTIME_FUNCTION(Runtime_OptimizeOsr) { if (!it.done()) function = handle(it.frame()->function(), isolate); if (function.is_null()) return ReadOnlyRoots(isolate).undefined_value(); - // If the function is already optimized, just return. - if (function->IsOptimized()) return ReadOnlyRoots(isolate).undefined_value(); - - if (function->shared()->optimization_disabled() && - function->shared()->disable_optimization_reason() == + if (function->shared().optimization_disabled() && + function->shared().disable_optimization_reason() == BailoutReason::kNeverOptimize) { return ReadOnlyRoots(isolate).undefined_value(); } + // Check we called PrepareFunctionForOptimization and hold the bytecode + // array to prevent it from getting flushed. + // TODO(mythria): Enable this check once we add PrepareForOptimization in all + // tests before calling OptimizeOsr. + // CHECK(!ObjectHashTable::cast( + // isolate->heap()->pending_optimize_for_test_bytecode()) + // ->Lookup(handle(function->shared(), isolate)) + // ->IsTheHole()); + + if (function->HasOptimizedCode()) { + DCHECK(function->IsOptimized() || function->ChecksOptimizationMarker()); + // If function is already optimized, remove the bytecode array from the + // pending optimize for test table and return. + RemoveBytecodeFromPendingOptimizeTable(isolate, function); + return ReadOnlyRoots(isolate).undefined_value(); + } + // Ensure that the function is marked for non-concurrent optimization, so that // subsequent runs don't also optimize. - if (!function->HasOptimizedCode()) { - if (FLAG_trace_osr) { - PrintF("[OSR - OptimizeOsr marking "); - function->ShortPrint(); - PrintF(" for non-concurrent optimization]\n"); - } - function->MarkForOptimization(ConcurrencyMode::kNotConcurrent); + if (FLAG_trace_osr) { + PrintF("[OSR - OptimizeOsr marking "); + function->ShortPrint(); + PrintF(" for non-concurrent optimization]\n"); } + JSFunction::EnsureFeedbackVector(function); + function->MarkForOptimization(ConcurrencyMode::kNotConcurrent); // Make the profiler arm all back edges in unoptimized code. if (it.frame()->type() == StackFrame::INTERPRETED) { @@ -443,7 +472,7 @@ RUNTIME_FUNCTION(Runtime_NeverOptimizeFunction) { return ReadOnlyRoots(isolate).undefined_value(); } Handle<JSFunction> function = Handle<JSFunction>::cast(function_object); - function->shared()->DisableOptimization(BailoutReason::kNeverOptimize); + function->shared().DisableOptimization(BailoutReason::kNeverOptimize); return ReadOnlyRoots(isolate).undefined_value(); } @@ -505,7 +534,7 @@ RUNTIME_FUNCTION(Runtime_GetOptimizationStatus) { if (function->IsOptimized()) { status |= static_cast<int>(OptimizationStatus::kOptimized); - if (function->code()->is_turbofanned()) { + if (function->code().is_turbofanned()) { status |= static_cast<int>(OptimizationStatus::kTurboFanned); } } @@ -544,15 +573,6 @@ RUNTIME_FUNCTION(Runtime_UnblockConcurrentRecompilation) { return ReadOnlyRoots(isolate).undefined_value(); } -RUNTIME_FUNCTION(Runtime_GetDeoptCount) { - HandleScope scope(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_HANDLE_CHECKED(JSFunction, function, 0); - // Functions without a feedback vector have never deoptimized. - if (!function->has_feedback_vector()) return Smi::kZero; - return Smi::FromInt(function->feedback_vector()->deopt_count()); -} - static void ReturnThis(const v8::FunctionCallbackInfo<v8::Value>& args) { args.GetReturnValue().Set(args.This()); } @@ -677,11 +697,11 @@ RUNTIME_FUNCTION(Runtime_DebugPrint) { bool weak = maybe_object.IsWeak(); #ifdef DEBUG - if (object->IsString() && !isolate->context().is_null()) { + if (object.IsString() && !isolate->context().is_null()) { DCHECK(!weak); // If we have a string, assume it's a code "marker" // and print some interesting cpu debugging info. - object->Print(os); + object.Print(os); JavaScriptFrameIterator it(isolate); JavaScriptFrame* frame = it.frame(); os << "fp = " << reinterpret_cast<void*>(frame->fp()) @@ -693,10 +713,10 @@ RUNTIME_FUNCTION(Runtime_DebugPrint) { if (weak) { os << "[weak] "; } - object->Print(os); + object.Print(os); } - if (object->IsHeapObject()) { - HeapObject::cast(object)->map()->Print(os); + if (object.IsHeapObject()) { + HeapObject::cast(object).map().Print(os); } #else if (weak) { @@ -724,7 +744,7 @@ RUNTIME_FUNCTION(Runtime_PrintWithNameForAssert) { PrintF("%c", character); } PrintF(": "); - args[1]->ShortPrint(); + args[1].ShortPrint(); PrintF("\n"); return ReadOnlyRoots(isolate).undefined_value(); @@ -792,10 +812,10 @@ RUNTIME_FUNCTION(Runtime_SetForceSlowPath) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, arg, 0); - if (arg->IsTrue(isolate)) { + if (arg.IsTrue(isolate)) { isolate->set_force_slow_path(true); } else { - DCHECK(arg->IsFalse(isolate)); + DCHECK(arg.IsFalse(isolate)); isolate->set_force_slow_path(false); } return ReadOnlyRoots(isolate).undefined_value(); @@ -840,7 +860,7 @@ RUNTIME_FUNCTION(Runtime_DisassembleFunction) { return ReadOnlyRoots(isolate).exception(); } StdoutStream os; - func->code()->Print(os); + func->code().Print(os); os << std::endl; #endif // DEBUG return ReadOnlyRoots(isolate).undefined_value(); @@ -882,7 +902,7 @@ RUNTIME_FUNCTION(Runtime_TraceExit) { CONVERT_ARG_CHECKED(Object, obj, 0); PrintIndentation(isolate); PrintF("} -> "); - obj->ShortPrint(); + obj.ShortPrint(); PrintF("\n"); return obj; // return TOS } @@ -892,11 +912,20 @@ RUNTIME_FUNCTION(Runtime_HaveSameMap) { DCHECK_EQ(2, args.length()); CONVERT_ARG_CHECKED(JSObject, obj1, 0); CONVERT_ARG_CHECKED(JSObject, obj2, 1); - return isolate->heap()->ToBoolean(obj1->map() == obj2->map()); + return isolate->heap()->ToBoolean(obj1.map() == obj2.map()); } +RUNTIME_FUNCTION(Runtime_HasElementsInALargeObjectSpace) { + SealHandleScope shs(isolate); + DCHECK_EQ(1, args.length()); + CONVERT_ARG_CHECKED(JSArray, array, 0); + FixedArrayBase elements = array.elements(); + return isolate->heap()->ToBoolean( + isolate->heap()->new_lo_space()->Contains(elements) || + isolate->heap()->lo_space()->Contains(elements)); +} -RUNTIME_FUNCTION(Runtime_InNewSpace) { +RUNTIME_FUNCTION(Runtime_InYoungGeneration) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(Object, obj, 0); @@ -907,12 +936,12 @@ RUNTIME_FUNCTION(Runtime_IsAsmWasmCode) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(JSFunction, function, 0); - if (!function->shared()->HasAsmWasmData()) { + if (!function.shared().HasAsmWasmData()) { // Doesn't have wasm data. return ReadOnlyRoots(isolate).false_value(); } - if (function->shared()->HasBuiltinId() && - function->shared()->builtin_id() == Builtins::kInstantiateAsmJs) { + if (function.shared().HasBuiltinId() && + function.shared().builtin_id() == Builtins::kInstantiateAsmJs) { // Hasn't been compiled yet. return ReadOnlyRoots(isolate).false_value(); } @@ -950,7 +979,7 @@ RUNTIME_FUNCTION(Runtime_IsWasmCode) { SealHandleScope shs(isolate); DCHECK_EQ(1, args.length()); CONVERT_ARG_CHECKED(JSFunction, function, 0); - bool is_js_to_wasm = function->code()->kind() == Code::JS_TO_WASM_FUNCTION; + bool is_js_to_wasm = function.code().kind() == Code::JS_TO_WASM_FUNCTION; return isolate->heap()->ToBoolean(is_js_to_wasm); } @@ -1017,10 +1046,10 @@ RUNTIME_FUNCTION(Runtime_SetWasmThreadsEnabled) { return ReadOnlyRoots(isolate).undefined_value(); } -#define ELEMENTS_KIND_CHECK_RUNTIME_FUNCTION(Name) \ - RUNTIME_FUNCTION(Runtime_Has##Name) { \ - CONVERT_ARG_CHECKED(JSObject, obj, 0); \ - return isolate->heap()->ToBoolean(obj->Has##Name()); \ +#define ELEMENTS_KIND_CHECK_RUNTIME_FUNCTION(Name) \ + RUNTIME_FUNCTION(Runtime_Has##Name) { \ + CONVERT_ARG_CHECKED(JSObject, obj, 0); \ + return isolate->heap()->ToBoolean(obj.Has##Name()); \ } ELEMENTS_KIND_CHECK_RUNTIME_FUNCTION(FastElements) @@ -1040,7 +1069,7 @@ ELEMENTS_KIND_CHECK_RUNTIME_FUNCTION(FastProperties) #define FIXED_TYPED_ARRAYS_CHECK_RUNTIME_FUNCTION(Type, type, TYPE, ctype) \ RUNTIME_FUNCTION(Runtime_HasFixed##Type##Elements) { \ CONVERT_ARG_CHECKED(JSObject, obj, 0); \ - return isolate->heap()->ToBoolean(obj->HasFixed##Type##Elements()); \ + return isolate->heap()->ToBoolean(obj.HasFixed##Type##Elements()); \ } TYPED_ARRAYS(FIXED_TYPED_ARRAYS_CHECK_RUNTIME_FUNCTION) @@ -1133,7 +1162,7 @@ RUNTIME_FUNCTION(Runtime_HeapObjectVerify) { #else CHECK(object->IsObject()); if (object->IsHeapObject()) { - CHECK(HeapObject::cast(*object)->map()->IsMap()); + CHECK(HeapObject::cast(*object).map().IsMap()); } else { CHECK(object->IsSmi()); } @@ -1147,8 +1176,8 @@ RUNTIME_FUNCTION(Runtime_WasmGetNumberOfInstances) { CONVERT_ARG_HANDLE_CHECKED(WasmModuleObject, module_obj, 0); int instance_count = 0; WeakArrayList weak_instance_list = module_obj->weak_instance_list(); - for (int i = 0; i < weak_instance_list->length(); ++i) { - if (weak_instance_list->Get(i)->IsWeak()) instance_count++; + for (int i = 0; i < weak_instance_list.length(); ++i) { + if (weak_instance_list.Get(i)->IsWeak()) instance_count++; } return Smi::FromInt(instance_count); } @@ -1158,7 +1187,7 @@ RUNTIME_FUNCTION(Runtime_WasmNumInterpretedCalls) { HandleScope scope(isolate); CONVERT_ARG_HANDLE_CHECKED(WasmInstanceObject, instance, 0); if (!instance->has_debug_info()) return Object(); - uint64_t num = instance->debug_info()->NumInterpretedCalls(); + uint64_t num = instance->debug_info().NumInterpretedCalls(); return *isolate->factory()->NewNumberFromSize(static_cast<size_t>(num)); } @@ -1190,12 +1219,12 @@ RUNTIME_FUNCTION(Runtime_WasmTraceMemory) { WasmCompiledFrame* frame = WasmCompiledFrame::cast(it.frame()); uint8_t* mem_start = reinterpret_cast<uint8_t*>( - frame->wasm_instance()->memory_object()->array_buffer()->backing_store()); + frame->wasm_instance().memory_object().array_buffer().backing_store()); int func_index = frame->function_index(); int pos = frame->position(); // TODO(titzer): eliminate dependency on WasmModule definition here. int func_start = - frame->wasm_instance()->module()->functions[func_index].code.offset(); + frame->wasm_instance().module()->functions[func_index].code.offset(); wasm::ExecutionTier tier = frame->wasm_code()->is_liftoff() ? wasm::ExecutionTier::kLiftoff : wasm::ExecutionTier::kTurbofan; @@ -1209,7 +1238,7 @@ RUNTIME_FUNCTION(Runtime_WasmTierUpFunction) { DCHECK_EQ(2, args.length()); CONVERT_ARG_HANDLE_CHECKED(WasmInstanceObject, instance, 0); CONVERT_SMI_ARG_CHECKED(function_index, 1); - auto* native_module = instance->module_object()->native_module(); + auto* native_module = instance->module_object().native_module(); isolate->wasm_engine()->CompileFunction( isolate, native_module, function_index, wasm::ExecutionTier::kTurbofan); CHECK(!native_module->compilation_state()->failed()); @@ -1224,7 +1253,7 @@ RUNTIME_FUNCTION(Runtime_IsLiftoffFunction) { Handle<WasmExportedFunction> exp_fun = Handle<WasmExportedFunction>::cast(function); wasm::NativeModule* native_module = - exp_fun->instance()->module_object()->native_module(); + exp_fun->instance().module_object().native_module(); uint32_t func_index = exp_fun->function_index(); wasm::WasmCodeRefScope code_ref_scope; wasm::WasmCode* code = native_module->GetCode(func_index); @@ -1236,7 +1265,7 @@ RUNTIME_FUNCTION(Runtime_CompleteInobjectSlackTracking) { DCHECK_EQ(1, args.length()); CONVERT_ARG_HANDLE_CHECKED(JSObject, object, 0); - object->map()->CompleteInobjectSlackTracking(isolate); + object->map().CompleteInobjectSlackTracking(isolate); return ReadOnlyRoots(isolate).undefined_value(); } @@ -1246,7 +1275,50 @@ RUNTIME_FUNCTION(Runtime_FreezeWasmLazyCompilation) { DisallowHeapAllocation no_gc; CONVERT_ARG_CHECKED(WasmInstanceObject, instance, 0); - instance->module_object()->native_module()->set_lazy_compile_frozen(true); + instance.module_object().native_module()->set_lazy_compile_frozen(true); + return ReadOnlyRoots(isolate).undefined_value(); +} + +RUNTIME_FUNCTION(Runtime_TurbofanStaticAssert) { + SealHandleScope shs(isolate); + // Always lowered to StaticAssert node in Turbofan, so we should never get + // here in compiled code. + return ReadOnlyRoots(isolate).undefined_value(); +} + +RUNTIME_FUNCTION(Runtime_EnableCodeLoggingForTesting) { + // The {NoopListener} currently does nothing on any callback, but reports + // {true} on {is_listening_to_code_events()}. Feel free to add assertions to + // any method to further test the code logging callbacks. + class NoopListener final : public CodeEventListener { + void CodeCreateEvent(LogEventsAndTags tag, AbstractCode code, + const char* comment) final {} + void CodeCreateEvent(LogEventsAndTags tag, AbstractCode code, + Name name) final {} + void CodeCreateEvent(LogEventsAndTags tag, AbstractCode code, + SharedFunctionInfo shared, Name source) final {} + void CodeCreateEvent(LogEventsAndTags tag, AbstractCode code, + SharedFunctionInfo shared, Name source, int line, + int column) final {} + void CodeCreateEvent(LogEventsAndTags tag, const wasm::WasmCode* code, + wasm::WasmName name) final {} + void CallbackEvent(Name name, Address entry_point) final {} + void GetterCallbackEvent(Name name, Address entry_point) final {} + void SetterCallbackEvent(Name name, Address entry_point) final {} + void RegExpCodeCreateEvent(AbstractCode code, String source) final {} + void CodeMoveEvent(AbstractCode from, AbstractCode to) final {} + void SharedFunctionInfoMoveEvent(Address from, Address to) final {} + void CodeMovingGCEvent() final {} + void CodeDisableOptEvent(AbstractCode code, + SharedFunctionInfo shared) final {} + void CodeDeoptEvent(Code code, DeoptimizeKind kind, Address pc, + int fp_to_sp_delta) final {} + + bool is_listening_to_code_events() final { return true; } + }; + static base::LeakyObject<NoopListener> noop_listener; + isolate->wasm_engine()->EnableCodeLogging(isolate); + isolate->code_event_dispatcher()->AddListener(noop_listener.get()); return ReadOnlyRoots(isolate).undefined_value(); } diff --git a/chromium/v8/src/runtime/runtime-typedarray.cc b/chromium/v8/src/runtime/runtime-typedarray.cc index 3d99b1bc7d9..1736ee3939a 100644 --- a/chromium/v8/src/runtime/runtime-typedarray.cc +++ b/chromium/v8/src/runtime/runtime-typedarray.cc @@ -2,14 +2,14 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/elements.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/message-template.h" #include "src/heap/factory.h" #include "src/heap/heap-inl.h" -#include "src/message-template.h" -#include "src/objects-inl.h" +#include "src/logging/counters.h" +#include "src/objects/elements.h" #include "src/objects/js-array-buffer-inl.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" #include "src/runtime/runtime.h" @@ -60,19 +60,6 @@ RUNTIME_FUNCTION(Runtime_TypedArrayCopyElements) { return accessor->CopyElements(source, target, length); } -RUNTIME_FUNCTION(Runtime_TypedArrayGetLength) { - HandleScope scope(isolate); - DCHECK_EQ(1, args.length()); - CONVERT_ARG_HANDLE_CHECKED(JSTypedArray, holder, 0); - return holder->length(); -} - -RUNTIME_FUNCTION(Runtime_ArrayBufferViewWasDetached) { - HandleScope scope(isolate); - DCHECK_EQ(1, args.length()); - return isolate->heap()->ToBoolean(JSTypedArray::cast(args[0])->WasDetached()); -} - RUNTIME_FUNCTION(Runtime_TypedArrayGetBuffer) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); @@ -108,26 +95,40 @@ RUNTIME_FUNCTION(Runtime_TypedArraySortFast) { HandleScope scope(isolate); DCHECK_EQ(1, args.length()); - CONVERT_ARG_HANDLE_CHECKED(Object, target_obj, 0); + // Validation is handled in the Torque builtin. + CONVERT_ARG_HANDLE_CHECKED(JSTypedArray, array, 0); + DCHECK(!array->WasDetached()); - Handle<JSTypedArray> array; - const char* method = "%TypedArray%.prototype.sort"; - ASSIGN_RETURN_FAILURE_ON_EXCEPTION( - isolate, array, JSTypedArray::Validate(isolate, target_obj, method)); + size_t length = array->length(); + if (length <= 1) return *array; - // This line can be removed when JSTypedArray::Validate throws - // if array.[[ViewedArrayBuffer]] is detached(v8:4648) - if (V8_UNLIKELY(array->WasDetached())) return *array; + // In case of a SAB, the data is copied into temporary memory, as + // std::sort might crash in case the underlying data is concurrently + // modified while sorting. + CHECK(array->buffer().IsJSArrayBuffer()); + Handle<JSArrayBuffer> buffer(JSArrayBuffer::cast(array->buffer()), isolate); + const bool copy_data = buffer->is_shared(); + + Handle<ByteArray> array_copy; + if (copy_data) { + const size_t bytes = array->byte_length(); + // TODO(szuend): Re-check this approach once support for larger typed + // arrays has landed. + CHECK_LE(bytes, INT_MAX); + array_copy = isolate->factory()->NewByteArray(static_cast<int>(bytes)); + std::memcpy(static_cast<void*>(array_copy->GetDataStartAddress()), + static_cast<void*>(array->DataPtr()), bytes); + } - size_t length = array->length_value(); - if (length <= 1) return *array; + DisallowHeapAllocation no_gc; - Handle<FixedTypedArrayBase> elements( - FixedTypedArrayBase::cast(array->elements()), isolate); switch (array->type()) { #define TYPED_ARRAY_SORT(Type, type, TYPE, ctype) \ case kExternal##Type##Array: { \ - ctype* data = static_cast<ctype*>(elements->DataPtr()); \ + ctype* data = \ + copy_data \ + ? reinterpret_cast<ctype*>(array_copy->GetDataStartAddress()) \ + : static_cast<ctype*>(array->DataPtr()); \ if (kExternal##Type##Array == kExternalFloat64Array || \ kExternal##Type##Array == kExternalFloat32Array) { \ if (COMPRESS_POINTERS_BOOL && alignof(ctype) > kTaggedSize) { \ @@ -153,13 +154,14 @@ RUNTIME_FUNCTION(Runtime_TypedArraySortFast) { #undef TYPED_ARRAY_SORT } - return *array; -} + if (copy_data) { + DCHECK(!array_copy.is_null()); + const size_t bytes = array->byte_length(); + std::memcpy(static_cast<void*>(array->DataPtr()), + static_cast<void*>(array_copy->GetDataStartAddress()), bytes); + } -RUNTIME_FUNCTION(Runtime_IsTypedArray) { - HandleScope scope(isolate); - DCHECK_EQ(1, args.length()); - return isolate->heap()->ToBoolean(args[0]->IsJSTypedArray()); + return *array; } // 22.2.3.23 %TypedArray%.prototype.set ( overloaded [ , offset ] ) @@ -194,7 +196,7 @@ RUNTIME_FUNCTION(Runtime_TypedArraySet) { ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, len, Object::ToLength(isolate, len)); - if (uint_offset + len->Number() > target->length_value()) { + if (uint_offset + len->Number() > target->length()) { THROW_NEW_ERROR_RETURN_FAILURE( isolate, NewRangeError(MessageTemplate::kTypedArraySetSourceTooLarge)); } diff --git a/chromium/v8/src/runtime/runtime-utils.h b/chromium/v8/src/runtime/runtime-utils.h index 7d35010435f..2d6fbc585ff 100644 --- a/chromium/v8/src/runtime/runtime-utils.h +++ b/chromium/v8/src/runtime/runtime-utils.h @@ -6,8 +6,8 @@ #define V8_RUNTIME_RUNTIME_UTILS_H_ #include "src/base/logging.h" -#include "src/globals.h" -#include "src/objects.h" +#include "src/common/globals.h" +#include "src/objects/objects.h" #include "src/runtime/runtime.h" namespace v8 { @@ -17,40 +17,40 @@ namespace internal { // it in a variable with the given name. If the object is not of the // expected type we crash safely. #define CONVERT_ARG_CHECKED(Type, name, index) \ - CHECK(args[index]->Is##Type()); \ + CHECK(args[index].Is##Type()); \ Type name = Type::cast(args[index]); #define CONVERT_ARG_HANDLE_CHECKED(Type, name, index) \ - CHECK(args[index]->Is##Type()); \ + CHECK(args[index].Is##Type()); \ Handle<Type> name = args.at<Type>(index); #define CONVERT_NUMBER_ARG_HANDLE_CHECKED(name, index) \ - CHECK(args[index]->IsNumber()); \ + CHECK(args[index].IsNumber()); \ Handle<Object> name = args.at(index); // Cast the given object to a boolean and store it in a variable with // the given name. If the object is not a boolean we crash safely. #define CONVERT_BOOLEAN_ARG_CHECKED(name, index) \ - CHECK(args[index]->IsBoolean()); \ - bool name = args[index]->IsTrue(isolate); + CHECK(args[index].IsBoolean()); \ + bool name = args[index].IsTrue(isolate); // Cast the given argument to a Smi and store its value in an int variable // with the given name. If the argument is not a Smi we crash safely. #define CONVERT_SMI_ARG_CHECKED(name, index) \ - CHECK(args[index]->IsSmi()); \ + CHECK(args[index].IsSmi()); \ int name = args.smi_at(index); // Cast the given argument to a double and store it in a variable with // the given name. If the argument is not a number (as opposed to // the number not-a-number) we crash safely. #define CONVERT_DOUBLE_ARG_CHECKED(name, index) \ - CHECK(args[index]->IsNumber()); \ + CHECK(args[index].IsNumber()); \ double name = args.number_at(index); // Cast the given argument to a size_t and store its value in a variable with // the given name. If the argument is not a size_t we crash safely. #define CONVERT_SIZE_ARG_CHECKED(name, index) \ - CHECK(args[index]->IsNumber()); \ + CHECK(args[index].IsNumber()); \ Handle<Object> name##_object = args.at(index); \ size_t name = 0; \ CHECK(TryNumberToSize(*name##_object, &name)); @@ -59,7 +59,7 @@ namespace internal { // a variable of the specified type with the given name. If the // object is not a Number we crash safely. #define CONVERT_NUMBER_CHECKED(type, name, Type, obj) \ - CHECK(obj->IsNumber()); \ + CHECK(obj.IsNumber()); \ type name = NumberTo##Type(obj); // Cast the given argument to PropertyDetails and store its value in a @@ -80,23 +80,23 @@ namespace internal { // Assert that the given argument is a number within the Int32 range // and convert it to int32_t. If the argument is not an Int32 we crash safely. #define CONVERT_INT32_ARG_CHECKED(name, index) \ - CHECK(args[index]->IsNumber()); \ + CHECK(args[index].IsNumber()); \ int32_t name = 0; \ - CHECK(args[index]->ToInt32(&name)); + CHECK(args[index].ToInt32(&name)); // Assert that the given argument is a number within the Uint32 range // and convert it to uint32_t. If the argument is not an Uint32 call // IllegalOperation and return. #define CONVERT_UINT32_ARG_CHECKED(name, index) \ - CHECK(args[index]->IsNumber()); \ + CHECK(args[index].IsNumber()); \ uint32_t name = 0; \ - CHECK(args[index]->ToUint32(&name)); + CHECK(args[index].ToUint32(&name)); // Cast the given argument to PropertyAttributes and store its value in a // variable with the given name. If the argument is not a Smi or the // enum value is out of range, we crash safely. #define CONVERT_PROPERTY_ATTRIBUTES_CHECKED(name, index) \ - CHECK(args[index]->IsSmi()); \ + CHECK(args[index].IsSmi()); \ CHECK_EQ(args.smi_at(index) & ~(READ_ONLY | DONT_ENUM | DONT_DELETE), 0); \ PropertyAttributes name = static_cast<PropertyAttributes>(args.smi_at(index)); @@ -115,16 +115,16 @@ struct ObjectPair { }; static inline ObjectPair MakePair(Object x, Object y) { - ObjectPair result = {x->ptr(), y->ptr()}; + ObjectPair result = {x.ptr(), y.ptr()}; // Pointers x and y returned in rax and rdx, in AMD-x64-abi. // In Win64 they are assigned to a hidden first argument. return result; } #else -typedef uint64_t ObjectPair; +using ObjectPair = uint64_t; static inline ObjectPair MakePair(Object x, Object y) { #if defined(V8_TARGET_LITTLE_ENDIAN) - return x->ptr() | (static_cast<ObjectPair>(y->ptr()) << 32); + return x.ptr() | (static_cast<ObjectPair>(y.ptr()) << 32); #elif defined(V8_TARGET_BIG_ENDIAN) return y->ptr() | (static_cast<ObjectPair>(x->ptr()) << 32); #else diff --git a/chromium/v8/src/runtime/runtime-wasm.cc b/chromium/v8/src/runtime/runtime-wasm.cc index 1f107a4c52c..288bfa11416 100644 --- a/chromium/v8/src/runtime/runtime-wasm.cc +++ b/chromium/v8/src/runtime/runtime-wasm.cc @@ -2,19 +2,19 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "src/arguments-inl.h" +#include "src/common/v8memory.h" #include "src/compiler/wasm-compiler.h" -#include "src/conversions.h" -#include "src/counters.h" #include "src/debug/debug.h" -#include "src/frame-constants.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/frame-constants.h" +#include "src/execution/message-template.h" #include "src/heap/factory.h" -#include "src/message-template.h" -#include "src/objects-inl.h" +#include "src/logging/counters.h" +#include "src/numbers/conversions.h" #include "src/objects/frame-array-inl.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" #include "src/trap-handler/trap-handler.h" -#include "src/v8memory.h" #include "src/wasm/module-compiler.h" #include "src/wasm/wasm-code-manager.h" #include "src/wasm/wasm-constants.h" @@ -39,7 +39,7 @@ WasmInstanceObject GetWasmInstanceOnStackTop(Isolate* isolate) { } Context GetNativeContextFromWasmInstanceOnStackTop(Isolate* isolate) { - return GetWasmInstanceOnStackTop(isolate)->native_context(); + return GetWasmInstanceOnStackTop(isolate).native_context(); } class ClearThreadInWasmScope { @@ -310,7 +310,8 @@ RUNTIME_FUNCTION(Runtime_WasmCompileLazy) { CONVERT_ARG_HANDLE_CHECKED(WasmInstanceObject, instance, 0); CONVERT_SMI_ARG_CHECKED(func_index, 1); - ClearThreadInWasmScope wasm_flag; + // This runtime function is always called from wasm code. + ClearThreadInWasmScope flag_scope; #ifdef DEBUG StackFrameIterator it(isolate, isolate->thread_local_top()); @@ -322,10 +323,17 @@ RUNTIME_FUNCTION(Runtime_WasmCompileLazy) { DCHECK_EQ(*instance, WasmCompileLazyFrame::cast(it.frame())->wasm_instance()); #endif - auto* native_module = instance->module_object()->native_module(); - wasm::CompileLazy(isolate, native_module, func_index); + DCHECK(isolate->context().is_null()); + isolate->set_context(instance->native_context()); + auto* native_module = instance->module_object().native_module(); + bool success = wasm::CompileLazy(isolate, native_module, func_index); + if (!success) { + DCHECK(isolate->has_pending_exception()); + return ReadOnlyRoots(isolate).exception(); + } Address entrypoint = native_module->GetCallTargetForFunction(func_index); + return Object(entrypoint); } @@ -333,7 +341,7 @@ RUNTIME_FUNCTION(Runtime_WasmCompileLazy) { Handle<JSArrayBuffer> getSharedArrayBuffer(Handle<WasmInstanceObject> instance, Isolate* isolate, uint32_t address) { DCHECK(instance->has_memory_object()); - Handle<JSArrayBuffer> array_buffer(instance->memory_object()->array_buffer(), + Handle<JSArrayBuffer> array_buffer(instance->memory_object().array_buffer(), isolate); // Validation should have failed if the memory was not shared. @@ -407,6 +415,24 @@ Object ThrowTableOutOfBounds(Isolate* isolate, } } // namespace +RUNTIME_FUNCTION(Runtime_WasmRefFunc) { + // This runtime function is always being called from wasm code. + ClearThreadInWasmScope flag_scope; + HandleScope scope(isolate); + DCHECK_EQ(1, args.length()); + auto instance = + Handle<WasmInstanceObject>(GetWasmInstanceOnStackTop(isolate), isolate); + DCHECK(isolate->context().is_null()); + isolate->set_context(instance->native_context()); + CONVERT_UINT32_ARG_CHECKED(function_index, 0); + + Handle<WasmExportedFunction> function = + WasmInstanceObject::GetOrCreateWasmExportedFunction(isolate, instance, + function_index); + + return *function; +} + RUNTIME_FUNCTION(Runtime_WasmFunctionTableGet) { // This runtime function is always being called from wasm code. ClearThreadInWasmScope flag_scope; @@ -416,9 +442,9 @@ RUNTIME_FUNCTION(Runtime_WasmFunctionTableGet) { CONVERT_ARG_HANDLE_CHECKED(WasmInstanceObject, instance, 0); CONVERT_UINT32_ARG_CHECKED(table_index, 1); CONVERT_UINT32_ARG_CHECKED(entry_index, 2); - DCHECK_LT(table_index, instance->tables()->length()); + DCHECK_LT(table_index, instance->tables().length()); auto table = handle( - WasmTableObject::cast(instance->tables()->get(table_index)), isolate); + WasmTableObject::cast(instance->tables().get(table_index)), isolate); if (!WasmTableObject::IsInBounds(isolate, table, entry_index)) { return ThrowWasmError(isolate, MessageTemplate::kWasmTrapTableOutOfBounds); @@ -439,9 +465,9 @@ RUNTIME_FUNCTION(Runtime_WasmFunctionTableSet) { CONVERT_ARG_CHECKED(Object, element_raw, 3); // TODO(mstarzinger): Manually box because parameters are not visited yet. Handle<Object> element(element_raw, isolate); - DCHECK_LT(table_index, instance->tables()->length()); + DCHECK_LT(table_index, instance->tables().length()); auto table = handle( - WasmTableObject::cast(instance->tables()->get(table_index)), isolate); + WasmTableObject::cast(instance->tables().get(table_index)), isolate); if (!WasmTableObject::IsInBounds(isolate, table, entry_index)) { return ThrowWasmError(isolate, MessageTemplate::kWasmTrapTableOutOfBounds); @@ -461,9 +487,9 @@ RUNTIME_FUNCTION(Runtime_WasmIndirectCallCheckSignatureAndGetTargetInstance) { DCHECK(isolate->context().is_null()); isolate->set_context(instance->native_context()); - DCHECK_LT(table_index, instance->tables()->length()); + DCHECK_LT(table_index, instance->tables().length()); auto table_obj = handle( - WasmTableObject::cast(instance->tables()->get(table_index)), isolate); + WasmTableObject::cast(instance->tables().get(table_index)), isolate); // This check is already done in generated code. DCHECK(WasmTableObject::IsInBounds(isolate, table_obj, entry_index)); @@ -490,7 +516,7 @@ RUNTIME_FUNCTION(Runtime_WasmIndirectCallCheckSignatureAndGetTargetInstance) { maybe_target_instance.ToHandleChecked(); const wasm::WasmModule* target_module = - target_instance->module_object()->native_module()->module(); + target_instance->module_object().native_module()->module(); wasm::FunctionSig* target_sig = target_module->functions[function_index].sig; @@ -519,9 +545,9 @@ RUNTIME_FUNCTION(Runtime_WasmIndirectCallGetTargetAddress) { CONVERT_UINT32_ARG_CHECKED(table_index, 0); CONVERT_UINT32_ARG_CHECKED(entry_index, 1); - DCHECK_LT(table_index, instance->tables()->length()); + DCHECK_LT(table_index, instance->tables().length()); auto table_obj = handle( - WasmTableObject::cast(instance->tables()->get(table_index)), isolate); + WasmTableObject::cast(instance->tables().get(table_index)), isolate); DCHECK(WasmTableObject::IsInBounds(isolate, table_obj, entry_index)); @@ -596,5 +622,55 @@ RUNTIME_FUNCTION(Runtime_WasmTableCopy) { if (oob) return ThrowTableOutOfBounds(isolate, instance); return ReadOnlyRoots(isolate).undefined_value(); } + +RUNTIME_FUNCTION(Runtime_WasmTableGrow) { + HandleScope scope(isolate); + DCHECK_EQ(3, args.length()); + auto instance = + Handle<WasmInstanceObject>(GetWasmInstanceOnStackTop(isolate), isolate); + CONVERT_UINT32_ARG_CHECKED(table_index, 0); + CONVERT_ARG_CHECKED(Object, value_raw, 1); + // TODO(mstarzinger): Manually box because parameters are not visited yet. + Handle<Object> value(value_raw, isolate); + CONVERT_UINT32_ARG_CHECKED(delta, 2); + + Handle<WasmTableObject> table( + WasmTableObject::cast(instance->tables().get(table_index)), isolate); + int result = WasmTableObject::Grow(isolate, table, delta, value); + + return Smi::FromInt(result); +} + +RUNTIME_FUNCTION(Runtime_WasmTableFill) { + HandleScope scope(isolate); + DCHECK_EQ(4, args.length()); + auto instance = + Handle<WasmInstanceObject>(GetWasmInstanceOnStackTop(isolate), isolate); + CONVERT_UINT32_ARG_CHECKED(table_index, 0); + CONVERT_UINT32_ARG_CHECKED(start, 1); + CONVERT_ARG_CHECKED(Object, value_raw, 2); + // TODO(mstarzinger): Manually box because parameters are not visited yet. + Handle<Object> value(value_raw, isolate); + CONVERT_UINT32_ARG_CHECKED(count, 3); + + Handle<WasmTableObject> table( + WasmTableObject::cast(instance->tables().get(table_index)), isolate); + + uint32_t table_size = static_cast<uint32_t>(table->entries().length()); + + if (start > table_size) { + return ThrowTableOutOfBounds(isolate, instance); + } + + // Even when table.fill goes out-of-bounds, as many entries as possible are + // put into the table. Only afterwards we trap. + uint32_t fill_count = std::min(count, table_size - start); + WasmTableObject::Fill(isolate, table, start, value, fill_count); + + if (fill_count < count) { + return ThrowTableOutOfBounds(isolate, instance); + } + return ReadOnlyRoots(isolate).undefined_value(); +} } // namespace internal } // namespace v8 diff --git a/chromium/v8/src/runtime/runtime-weak-refs.cc b/chromium/v8/src/runtime/runtime-weak-refs.cc index df7ed76bf37..fbb5b42344f 100644 --- a/chromium/v8/src/runtime/runtime-weak-refs.cc +++ b/chromium/v8/src/runtime/runtime-weak-refs.cc @@ -3,13 +3,13 @@ // found in the LICENSE file. #include "include/v8.h" -#include "src/api.h" -#include "src/arguments-inl.h" -#include "src/counters.h" -#include "src/execution.h" -#include "src/handles-inl.h" -#include "src/objects-inl.h" +#include "src/api/api.h" +#include "src/execution/arguments-inl.h" +#include "src/execution/execution.h" +#include "src/handles/handles-inl.h" +#include "src/logging/counters.h" #include "src/objects/js-weak-refs-inl.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" namespace v8 { diff --git a/chromium/v8/src/runtime/runtime.cc b/chromium/v8/src/runtime/runtime.cc index 058e02733e9..ad49a0299cd 100644 --- a/chromium/v8/src/runtime/runtime.cc +++ b/chromium/v8/src/runtime/runtime.cc @@ -5,12 +5,12 @@ #include "src/runtime/runtime.h" #include "src/base/hashmap.h" -#include "src/contexts.h" -#include "src/handles-inl.h" +#include "src/codegen/reloc-info.h" +#include "src/execution/isolate.h" +#include "src/handles/handles-inl.h" #include "src/heap/heap.h" -#include "src/isolate.h" -#include "src/objects-inl.h" -#include "src/reloc-info.h" +#include "src/objects/contexts.h" +#include "src/objects/objects-inl.h" #include "src/runtime/runtime-utils.h" namespace v8 { @@ -106,6 +106,7 @@ bool Runtime::NeedsExactContext(FunctionId id) { // try-catch in async function. return false; case Runtime::kAddPrivateField: + case Runtime::kAddPrivateBrand: case Runtime::kCopyDataProperties: case Runtime::kCreateDataProperty: case Runtime::kCreatePrivateNameSymbol: @@ -177,6 +178,16 @@ bool Runtime::IsNonReturning(FunctionId id) { } } +bool Runtime::MayAllocate(FunctionId id) { + switch (id) { + case Runtime::kCompleteInobjectSlackTracking: + case Runtime::kCompleteInobjectSlackTrackingForMap: + return false; + default: + return true; + } +} + const Runtime::Function* Runtime::FunctionForName(const unsigned char* name, int length) { base::CallOnce(&initialize_function_name_map_once, diff --git a/chromium/v8/src/runtime/runtime.h b/chromium/v8/src/runtime/runtime.h index 9c8ff6b48f5..773a5065e23 100644 --- a/chromium/v8/src/runtime/runtime.h +++ b/chromium/v8/src/runtime/runtime.h @@ -7,11 +7,11 @@ #include <memory> -#include "src/allocation.h" #include "src/base/platform/time.h" -#include "src/elements-kind.h" -#include "src/globals.h" -#include "src/unicode.h" +#include "src/common/globals.h" +#include "src/objects/elements-kind.h" +#include "src/strings/unicode.h" +#include "src/utils/allocation.h" #include "src/zone/zone.h" namespace v8 { @@ -42,17 +42,12 @@ namespace internal { F(ArrayIndexOf, 3, 1) \ F(ArrayIsArray, 1, 1) \ F(ArraySpeciesConstructor, 1, 1) \ - F(EstimateNumberOfElements, 1, 1) \ - F(GetArrayKeys, 2, 1) \ F(GrowArrayElements, 2, 1) \ - F(HasComplexElements, 1, 1) \ I(IsArray, 1, 1) \ F(NewArray, -1 /* >= 3 */, 1) \ F(NormalizeElements, 1, 1) \ - F(PrepareElementsForSort, 2, 1) \ F(TransitionElementsKind, 2, 1) \ F(TransitionElementsKindWithKind, 2, 1) \ - F(TrySliceSimpleNonFastElements, 3, 1) #define FOR_EACH_INTRINSIC_ATOMICS(F, I) \ F(AtomicsLoad64, 2, 1) \ @@ -143,7 +138,7 @@ namespace internal { F(ScheduleBreak, 0, 1) \ F(ScriptLocationFromLine2, 4, 1) \ F(SetGeneratorScopeVariableValue, 4, 1) \ - F(IncBlockCounter, 2, 1) + I(IncBlockCounter, 2, 1) #define FOR_EACH_INTRINSIC_FORIN(F, I) \ F(ForInEnumerate, 1, 1) \ @@ -206,12 +201,12 @@ namespace internal { #define FOR_EACH_INTRINSIC_INTERNAL(F, I) \ F(AccessCheck, 1, 1) \ + F(AllocateByteArray, 1, 1) \ F(AllocateInYoungGeneration, 1, 1) \ F(AllocateInOldGeneration, 2, 1) \ F(AllocateSeqOneByteString, 1, 1) \ F(AllocateSeqTwoByteString, 1, 1) \ F(AllowDynamicFunction, 1, 1) \ - F(CheckIsBootstrapping, 0, 1) \ I(CreateAsyncFromSyncIterator, 1, 1) \ F(CreateListFromArrayLike, 1, 1) \ F(FatalProcessOutOfMemoryInAllocateRaw, 0, 1) \ @@ -219,7 +214,6 @@ namespace internal { F(GetAndResetRuntimeCallStats, -1 /* <= 2 */, 1) \ F(GetTemplateObject, 3, 1) \ F(IncrementUseCounter, 1, 1) \ - F(Interrupt, 0, 1) \ F(BytecodeBudgetInterrupt, 1, 1) \ F(NewReferenceError, 2, 1) \ F(NewSyntaxError, 2, 1) \ @@ -274,7 +268,6 @@ namespace internal { F(IsValidSmi, 1, 1) \ F(MaxSmi, 0, 1) \ F(NumberToString, 1, 1) \ - F(SmiLexicographicCompare, 2, 1) \ F(StringParseFloat, 1, 1) \ F(StringParseInt, 2, 1) \ F(StringToNumber, 1, 1) @@ -282,11 +275,12 @@ namespace internal { #define FOR_EACH_INTRINSIC_OBJECT(F, I) \ F(AddDictionaryProperty, 3, 1) \ F(AddPrivateField, 3, 1) \ + F(AddPrivateBrand, 2, 1) \ F(AllocateHeapNumber, 0, 1) \ F(ClassOf, 1, 1) \ F(CollectTypeProfile, 3, 1) \ F(CompleteInobjectSlackTrackingForMap, 1, 1) \ - F(CopyDataProperties, 2, 1) \ + I(CopyDataProperties, 2, 1) \ F(CopyDataPropertiesWithExcludedProperties, -1 /* >= 1 */, 1) \ I(CreateDataProperty, 3, 1) \ I(CreateIterResultObject, 2, 1) \ @@ -295,6 +289,7 @@ namespace internal { F(DefineGetterPropertyUnchecked, 4, 1) \ F(DefineSetterPropertyUnchecked, 4, 1) \ F(DeleteProperty, 3, 1) \ + F(GetDerivedMap, 2, 1) \ F(GetFunctionName, 1, 1) \ F(GetOwnPropertyDescriptor, 2, 1) \ F(GetOwnPropertyKeys, 2, 1) \ @@ -327,7 +322,7 @@ namespace internal { I(ToNumber, 1, 1) \ F(ToNumeric, 1, 1) \ I(ToObject, 1, 1) \ - I(ToString, 1, 1) \ + I(ToStringRT, 1, 1) \ F(TryMigrateInstance, 1, 1) #define FOR_EACH_INTRINSIC_OPERATORS(F, I) \ @@ -359,11 +354,8 @@ namespace internal { #define FOR_EACH_INTRINSIC_PROXY(F, I) \ F(CheckProxyGetSetTrapResult, 2, 1) \ - F(CheckProxyHasTrap, 2, 1) \ + F(CheckProxyHasTrapResult, 2, 1) \ F(GetPropertyWithReceiver, 3, 1) \ - F(IsJSProxy, 1, 1) \ - F(JSProxyGetHandler, 1, 1) \ - F(JSProxyGetTarget, 1, 1) \ F(SetPropertyWithReceiver, 4, 1) #define FOR_EACH_INTRINSIC_REGEXP(F, I) \ @@ -452,7 +444,6 @@ namespace internal { F(DisassembleFunction, 1, 1) \ F(FreezeWasmLazyCompilation, 1, 1) \ F(GetCallable, 0, 1) \ - F(GetDeoptCount, 1, 1) \ F(GetInitializerFunction, 1, 1) \ F(GetOptimizationStatus, -1, 1) \ F(GetUndetectable, 0, 1) \ @@ -463,6 +454,7 @@ namespace internal { F(HasDictionaryElements, 1, 1) \ F(HasPackedElements, 1, 1) \ F(HasDoubleElements, 1, 1) \ + F(HasElementsInALargeObjectSpace, 1, 1) \ F(HasFastElements, 1, 1) \ F(HasFastProperties, 1, 1) \ F(HasFixedBigInt64Elements, 1, 1) \ @@ -484,7 +476,7 @@ namespace internal { F(HaveSameMap, 2, 1) \ F(HeapObjectVerify, 1, 1) \ F(ICsAreEnabled, 0, 1) \ - F(InNewSpace, 1, 1) \ + F(InYoungGeneration, 1, 1) \ F(IsAsmWasmCode, 1, 1) \ F(IsConcurrentRecompilationSupported, 0, 1) \ F(WasmTierUpFunction, 2, 1) \ @@ -517,15 +509,14 @@ namespace internal { F(WasmGetNumberOfInstances, 1, 1) \ F(WasmNumInterpretedCalls, 1, 1) \ F(WasmTraceMemory, 1, 1) \ - F(SetWasmThreadsEnabled, 1, 1) + F(SetWasmThreadsEnabled, 1, 1) \ + F(TurbofanStaticAssert, 1, 1) \ + F(EnableCodeLoggingForTesting, 0, 1) #define FOR_EACH_INTRINSIC_TYPEDARRAY(F, I) \ F(ArrayBufferDetach, 1, 1) \ - F(ArrayBufferViewWasDetached, 1, 1) \ - I(IsTypedArray, 1, 1) \ F(TypedArrayCopyElements, 3, 1) \ F(TypedArrayGetBuffer, 1, 1) \ - F(TypedArrayGetLength, 1, 1) \ F(TypedArraySet, 2, 1) \ F(TypedArraySortFast, 1, 1) @@ -542,10 +533,13 @@ namespace internal { F(WasmStackGuard, 0, 1) \ F(WasmThrowCreate, 2, 1) \ F(WasmThrowTypeError, 0, 1) \ + F(WasmRefFunc, 1, 1) \ F(WasmFunctionTableGet, 3, 1) \ F(WasmFunctionTableSet, 4, 1) \ F(WasmTableInit, 5, 1) \ F(WasmTableCopy, 5, 1) \ + F(WasmTableGrow, 3, 1) \ + F(WasmTableFill, 4, 1) \ F(WasmIndirectCallCheckSignatureAndGetTargetInstance, 3, 1) \ F(WasmIndirectCallGetTargetAddress, 2, 1) \ F(WasmIsValidAnyFuncValue, 1, 1) \ @@ -689,6 +683,10 @@ class Runtime : public AllStatic { // sentinel, always. static bool IsNonReturning(FunctionId id); + // Check if a runtime function with the given {id} may trigger a heap + // allocation. + static bool MayAllocate(FunctionId id); + // Get the intrinsic function with the given name. static const Function* FunctionForName(const unsigned char* name, int length); |