v8  3.25.30(node0.11.13)
V8 is Google's open source JavaScript engine
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
objects.h
Go to the documentation of this file.
1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are
4 // met:
5 //
6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided
11 // with the distribution.
12 // * Neither the name of Google Inc. nor the names of its
13 // contributors may be used to endorse or promote products derived
14 // from this software without specific prior written permission.
15 //
16 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
19 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
20 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
26 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 
28 #ifndef V8_OBJECTS_H_
29 #define V8_OBJECTS_H_
30 
31 #include "allocation.h"
32 #include "assert-scope.h"
33 #include "builtins.h"
34 #include "elements-kind.h"
35 #include "flags.h"
36 #include "list.h"
37 #include "property-details.h"
38 #include "smart-pointers.h"
39 #include "unicode-inl.h"
40 #if V8_TARGET_ARCH_ARM64
41 #include "arm64/constants-arm64.h"
42 #elif V8_TARGET_ARCH_ARM
43 #include "arm/constants-arm.h"
44 #elif V8_TARGET_ARCH_MIPS
45 #include "mips/constants-mips.h"
46 #endif
47 #include "v8checks.h"
48 #include "zone.h"
49 
50 
51 //
52 // Most object types in the V8 JavaScript are described in this file.
53 //
54 // Inheritance hierarchy:
55 // - MaybeObject (an object or a failure)
56 // - Failure (immediate for marking failed operation)
57 // - Object
58 // - Smi (immediate small integer)
59 // - HeapObject (superclass for everything allocated in the heap)
60 // - JSReceiver (suitable for property access)
61 // - JSObject
62 // - JSArray
63 // - JSArrayBuffer
64 // - JSArrayBufferView
65 // - JSTypedArray
66 // - JSDataView
67 // - JSSet
68 // - JSMap
69 // - JSWeakCollection
70 // - JSWeakMap
71 // - JSWeakSet
72 // - JSRegExp
73 // - JSFunction
74 // - JSGeneratorObject
75 // - JSModule
76 // - GlobalObject
77 // - JSGlobalObject
78 // - JSBuiltinsObject
79 // - JSGlobalProxy
80 // - JSValue
81 // - JSDate
82 // - JSMessageObject
83 // - JSProxy
84 // - JSFunctionProxy
85 // - FixedArrayBase
86 // - ByteArray
87 // - FixedArray
88 // - DescriptorArray
89 // - HashTable
90 // - Dictionary
91 // - StringTable
92 // - CompilationCacheTable
93 // - CodeCacheHashTable
94 // - MapCache
95 // - Context
96 // - JSFunctionResultCache
97 // - ScopeInfo
98 // - TransitionArray
99 // - FixedDoubleArray
100 // - ExternalArray
101 // - ExternalUint8ClampedArray
102 // - ExternalInt8Array
103 // - ExternalUint8Array
104 // - ExternalInt16Array
105 // - ExternalUint16Array
106 // - ExternalInt32Array
107 // - ExternalUint32Array
108 // - ExternalFloat32Array
109 // - Name
110 // - String
111 // - SeqString
112 // - SeqOneByteString
113 // - SeqTwoByteString
114 // - SlicedString
115 // - ConsString
116 // - ExternalString
117 // - ExternalAsciiString
118 // - ExternalTwoByteString
119 // - InternalizedString
120 // - SeqInternalizedString
121 // - SeqOneByteInternalizedString
122 // - SeqTwoByteInternalizedString
123 // - ConsInternalizedString
124 // - ExternalInternalizedString
125 // - ExternalAsciiInternalizedString
126 // - ExternalTwoByteInternalizedString
127 // - Symbol
128 // - HeapNumber
129 // - Cell
130 // - PropertyCell
131 // - Code
132 // - Map
133 // - Oddball
134 // - Foreign
135 // - SharedFunctionInfo
136 // - Struct
137 // - Box
138 // - DeclaredAccessorDescriptor
139 // - AccessorInfo
140 // - DeclaredAccessorInfo
141 // - ExecutableAccessorInfo
142 // - AccessorPair
143 // - AccessCheckInfo
144 // - InterceptorInfo
145 // - CallHandlerInfo
146 // - TemplateInfo
147 // - FunctionTemplateInfo
148 // - ObjectTemplateInfo
149 // - Script
150 // - SignatureInfo
151 // - TypeSwitchInfo
152 // - DebugInfo
153 // - BreakPointInfo
154 // - CodeCache
155 //
156 // Formats of Object*:
157 // Smi: [31 bit signed int] 0
158 // HeapObject: [32 bit direct pointer] (4 byte aligned) | 01
159 // Failure: [30 bit signed int] 11
160 
161 namespace v8 {
162 namespace internal {
163 
164 enum KeyedAccessStoreMode {
165  STANDARD_STORE,
166  STORE_TRANSITION_SMI_TO_OBJECT,
167  STORE_TRANSITION_SMI_TO_DOUBLE,
168  STORE_TRANSITION_DOUBLE_TO_OBJECT,
169  STORE_TRANSITION_HOLEY_SMI_TO_OBJECT,
170  STORE_TRANSITION_HOLEY_SMI_TO_DOUBLE,
171  STORE_TRANSITION_HOLEY_DOUBLE_TO_OBJECT,
172  STORE_AND_GROW_NO_TRANSITION,
173  STORE_AND_GROW_TRANSITION_SMI_TO_OBJECT,
174  STORE_AND_GROW_TRANSITION_SMI_TO_DOUBLE,
175  STORE_AND_GROW_TRANSITION_DOUBLE_TO_OBJECT,
176  STORE_AND_GROW_TRANSITION_HOLEY_SMI_TO_OBJECT,
177  STORE_AND_GROW_TRANSITION_HOLEY_SMI_TO_DOUBLE,
178  STORE_AND_GROW_TRANSITION_HOLEY_DOUBLE_TO_OBJECT,
179  STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS,
180  STORE_NO_TRANSITION_HANDLE_COW
181 };
182 
183 
184 enum ContextualMode {
185  NOT_CONTEXTUAL,
186  CONTEXTUAL
187 };
188 
189 
190 static const int kGrowICDelta = STORE_AND_GROW_NO_TRANSITION -
191  STANDARD_STORE;
192 STATIC_ASSERT(STANDARD_STORE == 0);
193 STATIC_ASSERT(kGrowICDelta ==
194  STORE_AND_GROW_TRANSITION_SMI_TO_OBJECT -
195  STORE_TRANSITION_SMI_TO_OBJECT);
196 STATIC_ASSERT(kGrowICDelta ==
197  STORE_AND_GROW_TRANSITION_SMI_TO_DOUBLE -
198  STORE_TRANSITION_SMI_TO_DOUBLE);
199 STATIC_ASSERT(kGrowICDelta ==
200  STORE_AND_GROW_TRANSITION_DOUBLE_TO_OBJECT -
201  STORE_TRANSITION_DOUBLE_TO_OBJECT);
202 
203 
204 static inline KeyedAccessStoreMode GetGrowStoreMode(
205  KeyedAccessStoreMode store_mode) {
206  if (store_mode < STORE_AND_GROW_NO_TRANSITION) {
207  store_mode = static_cast<KeyedAccessStoreMode>(
208  static_cast<int>(store_mode) + kGrowICDelta);
209  }
210  return store_mode;
211 }
212 
213 
214 static inline bool IsTransitionStoreMode(KeyedAccessStoreMode store_mode) {
215  return store_mode > STANDARD_STORE &&
216  store_mode <= STORE_AND_GROW_TRANSITION_HOLEY_DOUBLE_TO_OBJECT &&
217  store_mode != STORE_AND_GROW_NO_TRANSITION;
218 }
219 
220 
221 static inline KeyedAccessStoreMode GetNonTransitioningStoreMode(
222  KeyedAccessStoreMode store_mode) {
223  if (store_mode >= STORE_NO_TRANSITION_IGNORE_OUT_OF_BOUNDS) {
224  return store_mode;
225  }
226  if (store_mode >= STORE_AND_GROW_NO_TRANSITION) {
227  return STORE_AND_GROW_NO_TRANSITION;
228  }
229  return STANDARD_STORE;
230 }
231 
232 
233 static inline bool IsGrowStoreMode(KeyedAccessStoreMode store_mode) {
234  return store_mode >= STORE_AND_GROW_NO_TRANSITION &&
235  store_mode <= STORE_AND_GROW_TRANSITION_HOLEY_DOUBLE_TO_OBJECT;
236 }
237 
238 
239 // Setter that skips the write barrier if mode is SKIP_WRITE_BARRIER.
240 enum WriteBarrierMode { SKIP_WRITE_BARRIER, UPDATE_WRITE_BARRIER };
241 
242 
243 // Indicates whether a value can be loaded as a constant.
244 enum StoreMode {
245  ALLOW_AS_CONSTANT,
246  FORCE_FIELD
247 };
248 
249 
250 // PropertyNormalizationMode is used to specify whether to keep
251 // inobject properties when normalizing properties of a JSObject.
252 enum PropertyNormalizationMode {
253  CLEAR_INOBJECT_PROPERTIES,
254  KEEP_INOBJECT_PROPERTIES
255 };
256 
257 
258 // NormalizedMapSharingMode is used to specify whether a map may be shared
259 // by different objects with normalized properties.
260 enum NormalizedMapSharingMode {
261  UNIQUE_NORMALIZED_MAP,
262  SHARED_NORMALIZED_MAP
263 };
264 
265 
266 // Indicates whether transitions can be added to a source map or not.
267 enum TransitionFlag {
268  INSERT_TRANSITION,
269  OMIT_TRANSITION
270 };
271 
272 
273 enum DebugExtraICState {
274  DEBUG_BREAK,
275  DEBUG_PREPARE_STEP_IN
276 };
277 
278 
279 // Indicates whether the transition is simple: the target map of the transition
280 // either extends the current map with a new property, or it modifies the
281 // property that was added last to the current map.
282 enum SimpleTransitionFlag {
283  SIMPLE_TRANSITION,
284  FULL_TRANSITION
285 };
286 
287 
288 // Indicates whether we are only interested in the descriptors of a particular
289 // map, or in all descriptors in the descriptor array.
290 enum DescriptorFlag {
291  ALL_DESCRIPTORS,
292  OWN_DESCRIPTORS
293 };
294 
295 // The GC maintains a bit of information, the MarkingParity, which toggles
296 // from odd to even and back every time marking is completed. Incremental
297 // marking can visit an object twice during a marking phase, so algorithms that
298 // that piggy-back on marking can use the parity to ensure that they only
299 // perform an operation on an object once per marking phase: they record the
300 // MarkingParity when they visit an object, and only re-visit the object when it
301 // is marked again and the MarkingParity changes.
302 enum MarkingParity {
303  NO_MARKING_PARITY,
304  ODD_MARKING_PARITY,
305  EVEN_MARKING_PARITY
306 };
307 
308 // ICs store extra state in a Code object. The default extra state is
309 // kNoExtraICState.
310 typedef int ExtraICState;
311 static const ExtraICState kNoExtraICState = 0;
312 
313 // Instance size sentinel for objects of variable size.
314 const int kVariableSizeSentinel = 0;
315 
316 const int kStubMajorKeyBits = 7;
317 const int kStubMinorKeyBits = kBitsPerInt - kSmiTagSize - kStubMajorKeyBits;
318 
319 // All Maps have a field instance_type containing a InstanceType.
320 // It describes the type of the instances.
321 //
322 // As an example, a JavaScript object is a heap object and its map
323 // instance_type is JS_OBJECT_TYPE.
324 //
325 // The names of the string instance types are intended to systematically
326 // mirror their encoding in the instance_type field of the map. The default
327 // encoding is considered TWO_BYTE. It is not mentioned in the name. ASCII
328 // encoding is mentioned explicitly in the name. Likewise, the default
329 // representation is considered sequential. It is not mentioned in the
330 // name. The other representations (e.g. CONS, EXTERNAL) are explicitly
331 // mentioned. Finally, the string is either a STRING_TYPE (if it is a normal
332 // string) or a INTERNALIZED_STRING_TYPE (if it is a internalized string).
333 //
334 // NOTE: The following things are some that depend on the string types having
335 // instance_types that are less than those of all other types:
336 // HeapObject::Size, HeapObject::IterateBody, the typeof operator, and
337 // Object::IsString.
338 //
339 // NOTE: Everything following JS_VALUE_TYPE is considered a
340 // JSObject for GC purposes. The first four entries here have typeof
341 // 'object', whereas JS_FUNCTION_TYPE has typeof 'function'.
342 #define INSTANCE_TYPE_LIST(V) \
343  V(STRING_TYPE) \
344  V(ASCII_STRING_TYPE) \
345  V(CONS_STRING_TYPE) \
346  V(CONS_ASCII_STRING_TYPE) \
347  V(SLICED_STRING_TYPE) \
348  V(SLICED_ASCII_STRING_TYPE) \
349  V(EXTERNAL_STRING_TYPE) \
350  V(EXTERNAL_ASCII_STRING_TYPE) \
351  V(EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE) \
352  V(SHORT_EXTERNAL_STRING_TYPE) \
353  V(SHORT_EXTERNAL_ASCII_STRING_TYPE) \
354  V(SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE) \
355  \
356  V(INTERNALIZED_STRING_TYPE) \
357  V(ASCII_INTERNALIZED_STRING_TYPE) \
358  V(CONS_INTERNALIZED_STRING_TYPE) \
359  V(CONS_ASCII_INTERNALIZED_STRING_TYPE) \
360  V(EXTERNAL_INTERNALIZED_STRING_TYPE) \
361  V(EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE) \
362  V(EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE) \
363  V(SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE) \
364  V(SHORT_EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE) \
365  V(SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE) \
366  \
367  V(SYMBOL_TYPE) \
368  \
369  V(MAP_TYPE) \
370  V(CODE_TYPE) \
371  V(ODDBALL_TYPE) \
372  V(CELL_TYPE) \
373  V(PROPERTY_CELL_TYPE) \
374  \
375  V(HEAP_NUMBER_TYPE) \
376  V(FOREIGN_TYPE) \
377  V(BYTE_ARRAY_TYPE) \
378  V(FREE_SPACE_TYPE) \
379  /* Note: the order of these external array */ \
380  /* types is relied upon in */ \
381  /* Object::IsExternalArray(). */ \
382  V(EXTERNAL_INT8_ARRAY_TYPE) \
383  V(EXTERNAL_UINT8_ARRAY_TYPE) \
384  V(EXTERNAL_INT16_ARRAY_TYPE) \
385  V(EXTERNAL_UINT16_ARRAY_TYPE) \
386  V(EXTERNAL_INT32_ARRAY_TYPE) \
387  V(EXTERNAL_UINT32_ARRAY_TYPE) \
388  V(EXTERNAL_FLOAT32_ARRAY_TYPE) \
389  V(EXTERNAL_FLOAT64_ARRAY_TYPE) \
390  V(EXTERNAL_UINT8_CLAMPED_ARRAY_TYPE) \
391  \
392  V(FIXED_INT8_ARRAY_TYPE) \
393  V(FIXED_UINT8_ARRAY_TYPE) \
394  V(FIXED_INT16_ARRAY_TYPE) \
395  V(FIXED_UINT16_ARRAY_TYPE) \
396  V(FIXED_INT32_ARRAY_TYPE) \
397  V(FIXED_UINT32_ARRAY_TYPE) \
398  V(FIXED_FLOAT32_ARRAY_TYPE) \
399  V(FIXED_FLOAT64_ARRAY_TYPE) \
400  V(FIXED_UINT8_CLAMPED_ARRAY_TYPE) \
401  \
402  V(FILLER_TYPE) \
403  \
404  V(DECLARED_ACCESSOR_DESCRIPTOR_TYPE) \
405  V(DECLARED_ACCESSOR_INFO_TYPE) \
406  V(EXECUTABLE_ACCESSOR_INFO_TYPE) \
407  V(ACCESSOR_PAIR_TYPE) \
408  V(ACCESS_CHECK_INFO_TYPE) \
409  V(INTERCEPTOR_INFO_TYPE) \
410  V(CALL_HANDLER_INFO_TYPE) \
411  V(FUNCTION_TEMPLATE_INFO_TYPE) \
412  V(OBJECT_TEMPLATE_INFO_TYPE) \
413  V(SIGNATURE_INFO_TYPE) \
414  V(TYPE_SWITCH_INFO_TYPE) \
415  V(ALLOCATION_MEMENTO_TYPE) \
416  V(ALLOCATION_SITE_TYPE) \
417  V(SCRIPT_TYPE) \
418  V(CODE_CACHE_TYPE) \
419  V(POLYMORPHIC_CODE_CACHE_TYPE) \
420  V(TYPE_FEEDBACK_INFO_TYPE) \
421  V(ALIASED_ARGUMENTS_ENTRY_TYPE) \
422  V(BOX_TYPE) \
423  \
424  V(FIXED_ARRAY_TYPE) \
425  V(FIXED_DOUBLE_ARRAY_TYPE) \
426  V(CONSTANT_POOL_ARRAY_TYPE) \
427  V(SHARED_FUNCTION_INFO_TYPE) \
428  \
429  V(JS_MESSAGE_OBJECT_TYPE) \
430  \
431  V(JS_VALUE_TYPE) \
432  V(JS_DATE_TYPE) \
433  V(JS_OBJECT_TYPE) \
434  V(JS_CONTEXT_EXTENSION_OBJECT_TYPE) \
435  V(JS_GENERATOR_OBJECT_TYPE) \
436  V(JS_MODULE_TYPE) \
437  V(JS_GLOBAL_OBJECT_TYPE) \
438  V(JS_BUILTINS_OBJECT_TYPE) \
439  V(JS_GLOBAL_PROXY_TYPE) \
440  V(JS_ARRAY_TYPE) \
441  V(JS_ARRAY_BUFFER_TYPE) \
442  V(JS_TYPED_ARRAY_TYPE) \
443  V(JS_DATA_VIEW_TYPE) \
444  V(JS_PROXY_TYPE) \
445  V(JS_SET_TYPE) \
446  V(JS_MAP_TYPE) \
447  V(JS_WEAK_MAP_TYPE) \
448  V(JS_WEAK_SET_TYPE) \
449  V(JS_REGEXP_TYPE) \
450  \
451  V(JS_FUNCTION_TYPE) \
452  V(JS_FUNCTION_PROXY_TYPE) \
453  V(DEBUG_INFO_TYPE) \
454  V(BREAK_POINT_INFO_TYPE)
455 
456 
457 // Since string types are not consecutive, this macro is used to
458 // iterate over them.
459 #define STRING_TYPE_LIST(V) \
460  V(STRING_TYPE, \
461  kVariableSizeSentinel, \
462  string, \
463  String) \
464  V(ASCII_STRING_TYPE, \
465  kVariableSizeSentinel, \
466  ascii_string, \
467  AsciiString) \
468  V(CONS_STRING_TYPE, \
469  ConsString::kSize, \
470  cons_string, \
471  ConsString) \
472  V(CONS_ASCII_STRING_TYPE, \
473  ConsString::kSize, \
474  cons_ascii_string, \
475  ConsAsciiString) \
476  V(SLICED_STRING_TYPE, \
477  SlicedString::kSize, \
478  sliced_string, \
479  SlicedString) \
480  V(SLICED_ASCII_STRING_TYPE, \
481  SlicedString::kSize, \
482  sliced_ascii_string, \
483  SlicedAsciiString) \
484  V(EXTERNAL_STRING_TYPE, \
485  ExternalTwoByteString::kSize, \
486  external_string, \
487  ExternalString) \
488  V(EXTERNAL_ASCII_STRING_TYPE, \
489  ExternalAsciiString::kSize, \
490  external_ascii_string, \
491  ExternalAsciiString) \
492  V(EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE, \
493  ExternalTwoByteString::kSize, \
494  external_string_with_one_byte_data, \
495  ExternalStringWithOneByteData) \
496  V(SHORT_EXTERNAL_STRING_TYPE, \
497  ExternalTwoByteString::kShortSize, \
498  short_external_string, \
499  ShortExternalString) \
500  V(SHORT_EXTERNAL_ASCII_STRING_TYPE, \
501  ExternalAsciiString::kShortSize, \
502  short_external_ascii_string, \
503  ShortExternalAsciiString) \
504  V(SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE, \
505  ExternalTwoByteString::kShortSize, \
506  short_external_string_with_one_byte_data, \
507  ShortExternalStringWithOneByteData) \
508  \
509  V(INTERNALIZED_STRING_TYPE, \
510  kVariableSizeSentinel, \
511  internalized_string, \
512  InternalizedString) \
513  V(ASCII_INTERNALIZED_STRING_TYPE, \
514  kVariableSizeSentinel, \
515  ascii_internalized_string, \
516  AsciiInternalizedString) \
517  V(CONS_INTERNALIZED_STRING_TYPE, \
518  ConsString::kSize, \
519  cons_internalized_string, \
520  ConsInternalizedString) \
521  V(CONS_ASCII_INTERNALIZED_STRING_TYPE, \
522  ConsString::kSize, \
523  cons_ascii_internalized_string, \
524  ConsAsciiInternalizedString) \
525  V(EXTERNAL_INTERNALIZED_STRING_TYPE, \
526  ExternalTwoByteString::kSize, \
527  external_internalized_string, \
528  ExternalInternalizedString) \
529  V(EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE, \
530  ExternalAsciiString::kSize, \
531  external_ascii_internalized_string, \
532  ExternalAsciiInternalizedString) \
533  V(EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE, \
534  ExternalTwoByteString::kSize, \
535  external_internalized_string_with_one_byte_data, \
536  ExternalInternalizedStringWithOneByteData) \
537  V(SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE, \
538  ExternalTwoByteString::kShortSize, \
539  short_external_internalized_string, \
540  ShortExternalInternalizedString) \
541  V(SHORT_EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE, \
542  ExternalAsciiString::kShortSize, \
543  short_external_ascii_internalized_string, \
544  ShortExternalAsciiInternalizedString) \
545  V(SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE, \
546  ExternalTwoByteString::kShortSize, \
547  short_external_internalized_string_with_one_byte_data, \
548  ShortExternalInternalizedStringWithOneByteData) \
549 
550 // A struct is a simple object a set of object-valued fields. Including an
551 // object type in this causes the compiler to generate most of the boilerplate
552 // code for the class including allocation and garbage collection routines,
553 // casts and predicates. All you need to define is the class, methods and
554 // object verification routines. Easy, no?
555 //
556 // Note that for subtle reasons related to the ordering or numerical values of
557 // type tags, elements in this list have to be added to the INSTANCE_TYPE_LIST
558 // manually.
559 #define STRUCT_LIST_ALL(V) \
560  V(BOX, Box, box) \
561  V(DECLARED_ACCESSOR_DESCRIPTOR, \
562  DeclaredAccessorDescriptor, \
563  declared_accessor_descriptor) \
564  V(DECLARED_ACCESSOR_INFO, DeclaredAccessorInfo, declared_accessor_info) \
565  V(EXECUTABLE_ACCESSOR_INFO, ExecutableAccessorInfo, executable_accessor_info)\
566  V(ACCESSOR_PAIR, AccessorPair, accessor_pair) \
567  V(ACCESS_CHECK_INFO, AccessCheckInfo, access_check_info) \
568  V(INTERCEPTOR_INFO, InterceptorInfo, interceptor_info) \
569  V(CALL_HANDLER_INFO, CallHandlerInfo, call_handler_info) \
570  V(FUNCTION_TEMPLATE_INFO, FunctionTemplateInfo, function_template_info) \
571  V(OBJECT_TEMPLATE_INFO, ObjectTemplateInfo, object_template_info) \
572  V(SIGNATURE_INFO, SignatureInfo, signature_info) \
573  V(TYPE_SWITCH_INFO, TypeSwitchInfo, type_switch_info) \
574  V(SCRIPT, Script, script) \
575  V(ALLOCATION_SITE, AllocationSite, allocation_site) \
576  V(ALLOCATION_MEMENTO, AllocationMemento, allocation_memento) \
577  V(CODE_CACHE, CodeCache, code_cache) \
578  V(POLYMORPHIC_CODE_CACHE, PolymorphicCodeCache, polymorphic_code_cache) \
579  V(TYPE_FEEDBACK_INFO, TypeFeedbackInfo, type_feedback_info) \
580  V(ALIASED_ARGUMENTS_ENTRY, AliasedArgumentsEntry, aliased_arguments_entry)
581 
582 #ifdef ENABLE_DEBUGGER_SUPPORT
583 #define STRUCT_LIST_DEBUGGER(V) \
584  V(DEBUG_INFO, DebugInfo, debug_info) \
585  V(BREAK_POINT_INFO, BreakPointInfo, break_point_info)
586 #else
587 #define STRUCT_LIST_DEBUGGER(V)
588 #endif
589 
590 #define STRUCT_LIST(V) \
591  STRUCT_LIST_ALL(V) \
592  STRUCT_LIST_DEBUGGER(V)
593 
594 // We use the full 8 bits of the instance_type field to encode heap object
595 // instance types. The high-order bit (bit 7) is set if the object is not a
596 // string, and cleared if it is a string.
597 const uint32_t kIsNotStringMask = 0x80;
598 const uint32_t kStringTag = 0x0;
599 const uint32_t kNotStringTag = 0x80;
600 
601 // Bit 6 indicates that the object is an internalized string (if set) or not.
602 // Bit 7 has to be clear as well.
603 const uint32_t kIsNotInternalizedMask = 0x40;
604 const uint32_t kNotInternalizedTag = 0x40;
605 const uint32_t kInternalizedTag = 0x0;
606 
607 // If bit 7 is clear then bit 2 indicates whether the string consists of
608 // two-byte characters or one-byte characters.
609 const uint32_t kStringEncodingMask = 0x4;
610 const uint32_t kTwoByteStringTag = 0x0;
611 const uint32_t kOneByteStringTag = 0x4;
612 
613 // If bit 7 is clear, the low-order 2 bits indicate the representation
614 // of the string.
615 const uint32_t kStringRepresentationMask = 0x03;
616 enum StringRepresentationTag {
617  kSeqStringTag = 0x0,
618  kConsStringTag = 0x1,
619  kExternalStringTag = 0x2,
620  kSlicedStringTag = 0x3
621 };
622 const uint32_t kIsIndirectStringMask = 0x1;
623 const uint32_t kIsIndirectStringTag = 0x1;
624 STATIC_ASSERT((kSeqStringTag & kIsIndirectStringMask) == 0);
625 STATIC_ASSERT((kExternalStringTag & kIsIndirectStringMask) == 0);
626 STATIC_ASSERT(
627  (kConsStringTag & kIsIndirectStringMask) == kIsIndirectStringTag);
628 STATIC_ASSERT(
629  (kSlicedStringTag & kIsIndirectStringMask) == kIsIndirectStringTag);
630 
631 // Use this mask to distinguish between cons and slice only after making
632 // sure that the string is one of the two (an indirect string).
633 const uint32_t kSlicedNotConsMask = kSlicedStringTag & ~kConsStringTag;
634 STATIC_ASSERT(IS_POWER_OF_TWO(kSlicedNotConsMask) && kSlicedNotConsMask != 0);
635 
636 // If bit 7 is clear, then bit 3 indicates whether this two-byte
637 // string actually contains one byte data.
638 const uint32_t kOneByteDataHintMask = 0x08;
639 const uint32_t kOneByteDataHintTag = 0x08;
640 
641 // If bit 7 is clear and string representation indicates an external string,
642 // then bit 4 indicates whether the data pointer is cached.
643 const uint32_t kShortExternalStringMask = 0x10;
644 const uint32_t kShortExternalStringTag = 0x10;
645 
646 
647 // A ConsString with an empty string as the right side is a candidate
648 // for being shortcut by the garbage collector unless it is internalized.
649 // It's not common to have non-flat internalized strings, so we do not
650 // shortcut them thereby avoiding turning internalized strings into strings.
651 // See heap.cc and mark-compact.cc.
652 const uint32_t kShortcutTypeMask =
653  kIsNotStringMask |
654  kIsNotInternalizedMask |
655  kStringRepresentationMask;
656 const uint32_t kShortcutTypeTag = kConsStringTag | kNotInternalizedTag;
657 
658 
659 enum InstanceType {
660  // String types.
661  INTERNALIZED_STRING_TYPE = kTwoByteStringTag | kSeqStringTag
662  | kInternalizedTag,
663  ASCII_INTERNALIZED_STRING_TYPE = kOneByteStringTag | kSeqStringTag
664  | kInternalizedTag,
665  CONS_INTERNALIZED_STRING_TYPE = kTwoByteStringTag | kConsStringTag
666  | kInternalizedTag,
667  CONS_ASCII_INTERNALIZED_STRING_TYPE = kOneByteStringTag | kConsStringTag
668  | kInternalizedTag,
669  EXTERNAL_INTERNALIZED_STRING_TYPE = kTwoByteStringTag | kExternalStringTag
670  | kInternalizedTag,
671  EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE = kOneByteStringTag
672  | kExternalStringTag | kInternalizedTag,
673  EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE =
674  EXTERNAL_INTERNALIZED_STRING_TYPE | kOneByteDataHintTag
675  | kInternalizedTag,
676  SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE =
677  EXTERNAL_INTERNALIZED_STRING_TYPE | kShortExternalStringTag
678  | kInternalizedTag,
679  SHORT_EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE =
680  EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE | kShortExternalStringTag
681  | kInternalizedTag,
682  SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE =
683  EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE
684  | kShortExternalStringTag | kInternalizedTag,
685 
686  STRING_TYPE = INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
687  ASCII_STRING_TYPE = ASCII_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
688  CONS_STRING_TYPE = CONS_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
689  CONS_ASCII_STRING_TYPE =
690  CONS_ASCII_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
691 
692  SLICED_STRING_TYPE =
693  kTwoByteStringTag | kSlicedStringTag | kNotInternalizedTag,
694  SLICED_ASCII_STRING_TYPE =
695  kOneByteStringTag | kSlicedStringTag | kNotInternalizedTag,
696  EXTERNAL_STRING_TYPE =
697  EXTERNAL_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
698  EXTERNAL_ASCII_STRING_TYPE =
699  EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
700  EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE =
701  EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE
702  | kNotInternalizedTag,
703  SHORT_EXTERNAL_STRING_TYPE =
704  SHORT_EXTERNAL_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
705  SHORT_EXTERNAL_ASCII_STRING_TYPE =
706  SHORT_EXTERNAL_ASCII_INTERNALIZED_STRING_TYPE | kNotInternalizedTag,
707  SHORT_EXTERNAL_STRING_WITH_ONE_BYTE_DATA_TYPE =
708  SHORT_EXTERNAL_INTERNALIZED_STRING_WITH_ONE_BYTE_DATA_TYPE
709  | kNotInternalizedTag,
710 
711  // Non-string names
712  SYMBOL_TYPE = kNotStringTag, // FIRST_NONSTRING_TYPE, LAST_NAME_TYPE
713 
714  // Objects allocated in their own spaces (never in new space).
715  MAP_TYPE,
716  CODE_TYPE,
717  ODDBALL_TYPE,
718  CELL_TYPE,
719  PROPERTY_CELL_TYPE,
720 
721  // "Data", objects that cannot contain non-map-word pointers to heap
722  // objects.
723  HEAP_NUMBER_TYPE,
724  FOREIGN_TYPE,
725  BYTE_ARRAY_TYPE,
726  FREE_SPACE_TYPE,
727 
728  EXTERNAL_INT8_ARRAY_TYPE, // FIRST_EXTERNAL_ARRAY_TYPE
729  EXTERNAL_UINT8_ARRAY_TYPE,
730  EXTERNAL_INT16_ARRAY_TYPE,
731  EXTERNAL_UINT16_ARRAY_TYPE,
732  EXTERNAL_INT32_ARRAY_TYPE,
733  EXTERNAL_UINT32_ARRAY_TYPE,
734  EXTERNAL_FLOAT32_ARRAY_TYPE,
735  EXTERNAL_FLOAT64_ARRAY_TYPE,
736  EXTERNAL_UINT8_CLAMPED_ARRAY_TYPE, // LAST_EXTERNAL_ARRAY_TYPE
737 
738  FIXED_INT8_ARRAY_TYPE, // FIRST_FIXED_TYPED_ARRAY_TYPE
739  FIXED_UINT8_ARRAY_TYPE,
740  FIXED_INT16_ARRAY_TYPE,
741  FIXED_UINT16_ARRAY_TYPE,
742  FIXED_INT32_ARRAY_TYPE,
743  FIXED_UINT32_ARRAY_TYPE,
744  FIXED_FLOAT32_ARRAY_TYPE,
745  FIXED_FLOAT64_ARRAY_TYPE,
746  FIXED_UINT8_CLAMPED_ARRAY_TYPE, // LAST_FIXED_TYPED_ARRAY_TYPE
747 
748  FIXED_DOUBLE_ARRAY_TYPE,
749  FILLER_TYPE, // LAST_DATA_TYPE
750 
751  // Structs.
752  DECLARED_ACCESSOR_DESCRIPTOR_TYPE,
753  DECLARED_ACCESSOR_INFO_TYPE,
754  EXECUTABLE_ACCESSOR_INFO_TYPE,
755  ACCESSOR_PAIR_TYPE,
756  ACCESS_CHECK_INFO_TYPE,
757  INTERCEPTOR_INFO_TYPE,
758  CALL_HANDLER_INFO_TYPE,
759  FUNCTION_TEMPLATE_INFO_TYPE,
760  OBJECT_TEMPLATE_INFO_TYPE,
761  SIGNATURE_INFO_TYPE,
762  TYPE_SWITCH_INFO_TYPE,
763  ALLOCATION_SITE_TYPE,
764  ALLOCATION_MEMENTO_TYPE,
765  SCRIPT_TYPE,
766  CODE_CACHE_TYPE,
767  POLYMORPHIC_CODE_CACHE_TYPE,
768  TYPE_FEEDBACK_INFO_TYPE,
769  ALIASED_ARGUMENTS_ENTRY_TYPE,
770  BOX_TYPE,
771  // The following two instance types are only used when ENABLE_DEBUGGER_SUPPORT
772  // is defined. However as include/v8.h contain some of the instance type
773  // constants always having them avoids them getting different numbers
774  // depending on whether ENABLE_DEBUGGER_SUPPORT is defined or not.
775  DEBUG_INFO_TYPE,
776  BREAK_POINT_INFO_TYPE,
777 
778  FIXED_ARRAY_TYPE,
779  CONSTANT_POOL_ARRAY_TYPE,
780  SHARED_FUNCTION_INFO_TYPE,
781 
782  JS_MESSAGE_OBJECT_TYPE,
783 
784  // All the following types are subtypes of JSReceiver, which corresponds to
785  // objects in the JS sense. The first and the last type in this range are
786  // the two forms of function. This organization enables using the same
787  // compares for checking the JS_RECEIVER/SPEC_OBJECT range and the
788  // NONCALLABLE_JS_OBJECT range.
789  JS_FUNCTION_PROXY_TYPE, // FIRST_JS_RECEIVER_TYPE, FIRST_JS_PROXY_TYPE
790  JS_PROXY_TYPE, // LAST_JS_PROXY_TYPE
791 
792  JS_VALUE_TYPE, // FIRST_JS_OBJECT_TYPE
793  JS_DATE_TYPE,
794  JS_OBJECT_TYPE,
795  JS_CONTEXT_EXTENSION_OBJECT_TYPE,
796  JS_GENERATOR_OBJECT_TYPE,
797  JS_MODULE_TYPE,
798  JS_GLOBAL_OBJECT_TYPE,
799  JS_BUILTINS_OBJECT_TYPE,
800  JS_GLOBAL_PROXY_TYPE,
801  JS_ARRAY_TYPE,
802  JS_ARRAY_BUFFER_TYPE,
803  JS_TYPED_ARRAY_TYPE,
804  JS_DATA_VIEW_TYPE,
805  JS_SET_TYPE,
806  JS_MAP_TYPE,
807  JS_WEAK_MAP_TYPE,
808  JS_WEAK_SET_TYPE,
809 
810  JS_REGEXP_TYPE,
811 
812  JS_FUNCTION_TYPE, // LAST_JS_OBJECT_TYPE, LAST_JS_RECEIVER_TYPE
813 
814  // Pseudo-types
815  FIRST_TYPE = 0x0,
816  LAST_TYPE = JS_FUNCTION_TYPE,
817  FIRST_NAME_TYPE = FIRST_TYPE,
818  LAST_NAME_TYPE = SYMBOL_TYPE,
819  FIRST_UNIQUE_NAME_TYPE = INTERNALIZED_STRING_TYPE,
820  LAST_UNIQUE_NAME_TYPE = SYMBOL_TYPE,
821  FIRST_NONSTRING_TYPE = SYMBOL_TYPE,
822  // Boundaries for testing for an external array.
823  FIRST_EXTERNAL_ARRAY_TYPE = EXTERNAL_INT8_ARRAY_TYPE,
824  LAST_EXTERNAL_ARRAY_TYPE = EXTERNAL_UINT8_CLAMPED_ARRAY_TYPE,
825  // Boundaries for testing for a fixed typed array.
826  FIRST_FIXED_TYPED_ARRAY_TYPE = FIXED_INT8_ARRAY_TYPE,
827  LAST_FIXED_TYPED_ARRAY_TYPE = FIXED_UINT8_CLAMPED_ARRAY_TYPE,
828  // Boundary for promotion to old data space/old pointer space.
829  LAST_DATA_TYPE = FILLER_TYPE,
830  // Boundary for objects represented as JSReceiver (i.e. JSObject or JSProxy).
831  // Note that there is no range for JSObject or JSProxy, since their subtypes
832  // are not continuous in this enum! The enum ranges instead reflect the
833  // external class names, where proxies are treated as either ordinary objects,
834  // or functions.
835  FIRST_JS_RECEIVER_TYPE = JS_FUNCTION_PROXY_TYPE,
836  LAST_JS_RECEIVER_TYPE = LAST_TYPE,
837  // Boundaries for testing the types represented as JSObject
838  FIRST_JS_OBJECT_TYPE = JS_VALUE_TYPE,
839  LAST_JS_OBJECT_TYPE = LAST_TYPE,
840  // Boundaries for testing the types represented as JSProxy
841  FIRST_JS_PROXY_TYPE = JS_FUNCTION_PROXY_TYPE,
842  LAST_JS_PROXY_TYPE = JS_PROXY_TYPE,
843  // Boundaries for testing whether the type is a JavaScript object.
844  FIRST_SPEC_OBJECT_TYPE = FIRST_JS_RECEIVER_TYPE,
845  LAST_SPEC_OBJECT_TYPE = LAST_JS_RECEIVER_TYPE,
846  // Boundaries for testing the types for which typeof is "object".
847  FIRST_NONCALLABLE_SPEC_OBJECT_TYPE = JS_PROXY_TYPE,
848  LAST_NONCALLABLE_SPEC_OBJECT_TYPE = JS_REGEXP_TYPE,
849  // Note that the types for which typeof is "function" are not continuous.
850  // Define this so that we can put assertions on discrete checks.
851  NUM_OF_CALLABLE_SPEC_OBJECT_TYPES = 2
852 };
853 
854 const int kExternalArrayTypeCount =
855  LAST_EXTERNAL_ARRAY_TYPE - FIRST_EXTERNAL_ARRAY_TYPE + 1;
856 
857 STATIC_CHECK(JS_OBJECT_TYPE == Internals::kJSObjectType);
858 STATIC_CHECK(FIRST_NONSTRING_TYPE == Internals::kFirstNonstringType);
859 STATIC_CHECK(ODDBALL_TYPE == Internals::kOddballType);
860 STATIC_CHECK(FOREIGN_TYPE == Internals::kForeignType);
861 
862 
863 #define FIXED_ARRAY_SUB_INSTANCE_TYPE_LIST(V) \
864  V(FAST_ELEMENTS_SUB_TYPE) \
865  V(DICTIONARY_ELEMENTS_SUB_TYPE) \
866  V(FAST_PROPERTIES_SUB_TYPE) \
867  V(DICTIONARY_PROPERTIES_SUB_TYPE) \
868  V(MAP_CODE_CACHE_SUB_TYPE) \
869  V(SCOPE_INFO_SUB_TYPE) \
870  V(STRING_TABLE_SUB_TYPE) \
871  V(DESCRIPTOR_ARRAY_SUB_TYPE) \
872  V(TRANSITION_ARRAY_SUB_TYPE)
873 
874 enum FixedArraySubInstanceType {
875 #define DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE(name) name,
876  FIXED_ARRAY_SUB_INSTANCE_TYPE_LIST(DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE)
877 #undef DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE
878  LAST_FIXED_ARRAY_SUB_TYPE = TRANSITION_ARRAY_SUB_TYPE
879 };
880 
881 
882 enum CompareResult {
883  LESS = -1,
884  EQUAL = 0,
885  GREATER = 1,
886 
887  NOT_EQUAL = GREATER
888 };
889 
890 
891 #define DECL_BOOLEAN_ACCESSORS(name) \
892  inline bool name(); \
893  inline void set_##name(bool value); \
894 
895 
896 #define DECL_ACCESSORS(name, type) \
897  inline type* name(); \
898  inline void set_##name(type* value, \
899  WriteBarrierMode mode = UPDATE_WRITE_BARRIER); \
900 
901 class AccessorPair;
902 class AllocationSite;
903 class AllocationSiteCreationContext;
904 class AllocationSiteUsageContext;
905 class DictionaryElementsAccessor;
906 class ElementsAccessor;
907 class Failure;
908 class FixedArrayBase;
909 class GlobalObject;
910 class ObjectVisitor;
911 class StringStream;
912 // We cannot just say "class HeapType;" if it is created from a template... =8-?
913 template<class> class TypeImpl;
914 struct HeapTypeConfig;
915 typedef TypeImpl<HeapTypeConfig> HeapType;
916 
917 
918 // A template-ized version of the IsXXX functions.
919 template <class C> inline bool Is(Object* obj);
920 
921 #ifdef VERIFY_HEAP
922 #define DECLARE_VERIFIER(Name) void Name##Verify();
923 #else
924 #define DECLARE_VERIFIER(Name)
925 #endif
926 
927 #ifdef OBJECT_PRINT
928 #define DECLARE_PRINTER(Name) void Name##Print(FILE* out = stdout);
929 #else
930 #define DECLARE_PRINTER(Name)
931 #endif
932 
933 class MaybeObject BASE_EMBEDDED {
934  public:
935  inline bool IsFailure();
936  inline bool IsRetryAfterGC();
937  inline bool IsException();
938  INLINE(bool IsTheHole());
939  INLINE(bool IsUninitialized());
940  inline bool ToObject(Object** obj) {
941  if (IsFailure()) return false;
942  *obj = reinterpret_cast<Object*>(this);
943  return true;
944  }
945  inline Failure* ToFailureUnchecked() {
946  ASSERT(IsFailure());
947  return reinterpret_cast<Failure*>(this);
948  }
949  inline Object* ToObjectUnchecked() {
950  // TODO(jkummerow): Turn this back into an ASSERT when we can be certain
951  // that it never fires in Release mode in the wild.
952  CHECK(!IsFailure());
953  return reinterpret_cast<Object*>(this);
954  }
955  inline Object* ToObjectChecked() {
956  CHECK(!IsFailure());
957  return reinterpret_cast<Object*>(this);
958  }
959 
960  template<typename T>
961  inline bool To(T** obj) {
962  if (IsFailure()) return false;
963  *obj = T::cast(reinterpret_cast<Object*>(this));
964  return true;
965  }
966 
967  template<typename T>
968  inline bool ToHandle(Handle<T>* obj, Isolate* isolate) {
969  if (IsFailure()) return false;
970  *obj = handle(T::cast(reinterpret_cast<Object*>(this)), isolate);
971  return true;
972  }
973 
974 #ifdef OBJECT_PRINT
975  // Prints this object with details.
976  void Print();
977  void Print(FILE* out);
978  void PrintLn();
979  void PrintLn(FILE* out);
980 #endif
981 #ifdef VERIFY_HEAP
982  // Verifies the object.
983  void Verify();
984 #endif
985 };
986 
987 
988 #define OBJECT_TYPE_LIST(V) \
989  V(Smi) \
990  V(HeapObject) \
991  V(Number) \
992 
993 #define HEAP_OBJECT_TYPE_LIST(V) \
994  V(HeapNumber) \
995  V(Name) \
996  V(UniqueName) \
997  V(String) \
998  V(SeqString) \
999  V(ExternalString) \
1000  V(ConsString) \
1001  V(SlicedString) \
1002  V(ExternalTwoByteString) \
1003  V(ExternalAsciiString) \
1004  V(SeqTwoByteString) \
1005  V(SeqOneByteString) \
1006  V(InternalizedString) \
1007  V(Symbol) \
1008  \
1009  V(ExternalArray) \
1010  V(ExternalInt8Array) \
1011  V(ExternalUint8Array) \
1012  V(ExternalInt16Array) \
1013  V(ExternalUint16Array) \
1014  V(ExternalInt32Array) \
1015  V(ExternalUint32Array) \
1016  V(ExternalFloat32Array) \
1017  V(ExternalFloat64Array) \
1018  V(ExternalUint8ClampedArray) \
1019  V(FixedTypedArrayBase) \
1020  V(FixedUint8Array) \
1021  V(FixedInt8Array) \
1022  V(FixedUint16Array) \
1023  V(FixedInt16Array) \
1024  V(FixedUint32Array) \
1025  V(FixedInt32Array) \
1026  V(FixedFloat32Array) \
1027  V(FixedFloat64Array) \
1028  V(FixedUint8ClampedArray) \
1029  V(ByteArray) \
1030  V(FreeSpace) \
1031  V(JSReceiver) \
1032  V(JSObject) \
1033  V(JSContextExtensionObject) \
1034  V(JSGeneratorObject) \
1035  V(JSModule) \
1036  V(Map) \
1037  V(DescriptorArray) \
1038  V(TransitionArray) \
1039  V(DeoptimizationInputData) \
1040  V(DeoptimizationOutputData) \
1041  V(DependentCode) \
1042  V(FixedArray) \
1043  V(FixedDoubleArray) \
1044  V(ConstantPoolArray) \
1045  V(Context) \
1046  V(NativeContext) \
1047  V(ScopeInfo) \
1048  V(JSFunction) \
1049  V(Code) \
1050  V(Oddball) \
1051  V(SharedFunctionInfo) \
1052  V(JSValue) \
1053  V(JSDate) \
1054  V(JSMessageObject) \
1055  V(StringWrapper) \
1056  V(Foreign) \
1057  V(Boolean) \
1058  V(JSArray) \
1059  V(JSArrayBuffer) \
1060  V(JSArrayBufferView) \
1061  V(JSTypedArray) \
1062  V(JSDataView) \
1063  V(JSProxy) \
1064  V(JSFunctionProxy) \
1065  V(JSSet) \
1066  V(JSMap) \
1067  V(JSWeakCollection) \
1068  V(JSWeakMap) \
1069  V(JSWeakSet) \
1070  V(JSRegExp) \
1071  V(HashTable) \
1072  V(Dictionary) \
1073  V(StringTable) \
1074  V(JSFunctionResultCache) \
1075  V(NormalizedMapCache) \
1076  V(CompilationCacheTable) \
1077  V(CodeCacheHashTable) \
1078  V(PolymorphicCodeCacheHashTable) \
1079  V(MapCache) \
1080  V(Primitive) \
1081  V(GlobalObject) \
1082  V(JSGlobalObject) \
1083  V(JSBuiltinsObject) \
1084  V(JSGlobalProxy) \
1085  V(UndetectableObject) \
1086  V(AccessCheckNeeded) \
1087  V(Cell) \
1088  V(PropertyCell) \
1089  V(ObjectHashTable) \
1090  V(WeakHashTable)
1091 
1092 
1093 #define ERROR_MESSAGES_LIST(V) \
1094  V(kNoReason, "no reason") \
1095  \
1096  V(k32BitValueInRegisterIsNotZeroExtended, \
1097  "32 bit value in register is not zero-extended") \
1098  V(kAlignmentMarkerExpected, "Alignment marker expected") \
1099  V(kAllocationIsNotDoubleAligned, "Allocation is not double aligned") \
1100  V(kAPICallReturnedInvalidObject, "API call returned invalid object") \
1101  V(kArgumentsObjectValueInATestContext, \
1102  "Arguments object value in a test context") \
1103  V(kArrayBoilerplateCreationFailed, "Array boilerplate creation failed") \
1104  V(kArrayIndexConstantValueTooBig, "Array index constant value too big") \
1105  V(kAssignmentToArguments, "Assignment to arguments") \
1106  V(kAssignmentToLetVariableBeforeInitialization, \
1107  "Assignment to let variable before initialization") \
1108  V(kAssignmentToLOOKUPVariable, "Assignment to LOOKUP variable") \
1109  V(kAssignmentToParameterFunctionUsesArgumentsObject, \
1110  "Assignment to parameter, function uses arguments object") \
1111  V(kAssignmentToParameterInArgumentsObject, \
1112  "Assignment to parameter in arguments object") \
1113  V(kAttemptToUseUndefinedCache, "Attempt to use undefined cache") \
1114  V(kBadValueContextForArgumentsObjectValue, \
1115  "Bad value context for arguments object value") \
1116  V(kBadValueContextForArgumentsValue, \
1117  "Bad value context for arguments value") \
1118  V(kBailedOutDueToDependencyChange, "Bailed out due to dependency change") \
1119  V(kBailoutWasNotPrepared, "Bailout was not prepared") \
1120  V(kBinaryStubGenerateFloatingPointCode, \
1121  "BinaryStub_GenerateFloatingPointCode") \
1122  V(kBothRegistersWereSmisInSelectNonSmi, \
1123  "Both registers were smis in SelectNonSmi") \
1124  V(kCallToAJavaScriptRuntimeFunction, \
1125  "Call to a JavaScript runtime function") \
1126  V(kCannotTranslatePositionInChangedArea, \
1127  "Cannot translate position in changed area") \
1128  V(kCodeGenerationFailed, "Code generation failed") \
1129  V(kCodeObjectNotProperlyPatched, "Code object not properly patched") \
1130  V(kCompoundAssignmentToLookupSlot, "Compound assignment to lookup slot") \
1131  V(kContextAllocatedArguments, "Context-allocated arguments") \
1132  V(kCopyBuffersOverlap, "Copy buffers overlap") \
1133  V(kCouldNotGenerateZero, "Could not generate +0.0") \
1134  V(kCouldNotGenerateNegativeZero, "Could not generate -0.0") \
1135  V(kDebuggerIsActive, "Debugger is active") \
1136  V(kDebuggerStatement, "DebuggerStatement") \
1137  V(kDeclarationInCatchContext, "Declaration in catch context") \
1138  V(kDeclarationInWithContext, "Declaration in with context") \
1139  V(kDefaultNaNModeNotSet, "Default NaN mode not set") \
1140  V(kDeleteWithGlobalVariable, "Delete with global variable") \
1141  V(kDeleteWithNonGlobalVariable, "Delete with non-global variable") \
1142  V(kDestinationOfCopyNotAligned, "Destination of copy not aligned") \
1143  V(kDontDeleteCellsCannotContainTheHole, \
1144  "DontDelete cells can't contain the hole") \
1145  V(kDoPushArgumentNotImplementedForDoubleType, \
1146  "DoPushArgument not implemented for double type") \
1147  V(kEliminatedBoundsCheckFailed, "Eliminated bounds check failed") \
1148  V(kEmitLoadRegisterUnsupportedDoubleImmediate, \
1149  "EmitLoadRegister: Unsupported double immediate") \
1150  V(kEval, "eval") \
1151  V(kExpected0AsASmiSentinel, "Expected 0 as a Smi sentinel") \
1152  V(kExpectedAlignmentMarker, "Expected alignment marker") \
1153  V(kExpectedAllocationSite, "Expected allocation site") \
1154  V(kExpectedFunctionObject, "Expected function object in register") \
1155  V(kExpectedHeapNumber, "Expected HeapNumber") \
1156  V(kExpectedNativeContext, "Expected native context") \
1157  V(kExpectedNonIdenticalObjects, "Expected non-identical objects") \
1158  V(kExpectedNonNullContext, "Expected non-null context") \
1159  V(kExpectedPositiveZero, "Expected +0.0") \
1160  V(kExpectedAllocationSiteInCell, \
1161  "Expected AllocationSite in property cell") \
1162  V(kExpectedFixedArrayInFeedbackVector, \
1163  "Expected fixed array in feedback vector") \
1164  V(kExpectedFixedArrayInRegisterA2, \
1165  "Expected fixed array in register a2") \
1166  V(kExpectedFixedArrayInRegisterEbx, \
1167  "Expected fixed array in register ebx") \
1168  V(kExpectedFixedArrayInRegisterR2, \
1169  "Expected fixed array in register r2") \
1170  V(kExpectedFixedArrayInRegisterRbx, \
1171  "Expected fixed array in register rbx") \
1172  V(kExpectedSmiOrHeapNumber, "Expected smi or HeapNumber") \
1173  V(kExpectedUndefinedOrCell, \
1174  "Expected undefined or cell in register") \
1175  V(kExpectingAlignmentForCopyBytes, \
1176  "Expecting alignment for CopyBytes") \
1177  V(kExportDeclaration, "Export declaration") \
1178  V(kExternalStringExpectedButNotFound, \
1179  "External string expected, but not found") \
1180  V(kFailedBailedOutLastTime, "Failed/bailed out last time") \
1181  V(kForInStatementIsNotFastCase, "ForInStatement is not fast case") \
1182  V(kForInStatementOptimizationIsDisabled, \
1183  "ForInStatement optimization is disabled") \
1184  V(kForInStatementWithNonLocalEachVariable, \
1185  "ForInStatement with non-local each variable") \
1186  V(kForOfStatement, "ForOfStatement") \
1187  V(kFrameIsExpectedToBeAligned, "Frame is expected to be aligned") \
1188  V(kFunctionCallsEval, "Function calls eval") \
1189  V(kFunctionIsAGenerator, "Function is a generator") \
1190  V(kFunctionWithIllegalRedeclaration, "Function with illegal redeclaration") \
1191  V(kGeneratedCodeIsTooLarge, "Generated code is too large") \
1192  V(kGeneratorFailedToResume, "Generator failed to resume") \
1193  V(kGenerator, "Generator") \
1194  V(kGlobalFunctionsMustHaveInitialMap, \
1195  "Global functions must have initial map") \
1196  V(kHeapNumberMapRegisterClobbered, "HeapNumberMap register clobbered") \
1197  V(kHydrogenFilter, "Optimization disabled by filter") \
1198  V(kImportDeclaration, "Import declaration") \
1199  V(kImproperObjectOnPrototypeChainForStore, \
1200  "Improper object on prototype chain for store") \
1201  V(kIndexIsNegative, "Index is negative") \
1202  V(kIndexIsTooLarge, "Index is too large") \
1203  V(kInlinedRuntimeFunctionClassOf, "Inlined runtime function: ClassOf") \
1204  V(kInlinedRuntimeFunctionFastAsciiArrayJoin, \
1205  "Inlined runtime function: FastAsciiArrayJoin") \
1206  V(kInlinedRuntimeFunctionGeneratorNext, \
1207  "Inlined runtime function: GeneratorNext") \
1208  V(kInlinedRuntimeFunctionGeneratorThrow, \
1209  "Inlined runtime function: GeneratorThrow") \
1210  V(kInlinedRuntimeFunctionGetFromCache, \
1211  "Inlined runtime function: GetFromCache") \
1212  V(kInlinedRuntimeFunctionIsNonNegativeSmi, \
1213  "Inlined runtime function: IsNonNegativeSmi") \
1214  V(kInlinedRuntimeFunctionIsStringWrapperSafeForDefaultValueOf, \
1215  "Inlined runtime function: IsStringWrapperSafeForDefaultValueOf") \
1216  V(kInliningBailedOut, "Inlining bailed out") \
1217  V(kInputGPRIsExpectedToHaveUpper32Cleared, \
1218  "Input GPR is expected to have upper32 cleared") \
1219  V(kInputStringTooLong, "Input string too long") \
1220  V(kInstanceofStubUnexpectedCallSiteCacheCheck, \
1221  "InstanceofStub unexpected call site cache (check)") \
1222  V(kInstanceofStubUnexpectedCallSiteCacheCmp1, \
1223  "InstanceofStub unexpected call site cache (cmp 1)") \
1224  V(kInstanceofStubUnexpectedCallSiteCacheCmp2, \
1225  "InstanceofStub unexpected call site cache (cmp 2)") \
1226  V(kInstanceofStubUnexpectedCallSiteCacheMov, \
1227  "InstanceofStub unexpected call site cache (mov)") \
1228  V(kInteger32ToSmiFieldWritingToNonSmiLocation, \
1229  "Integer32ToSmiField writing to non-smi location") \
1230  V(kInvalidCaptureReferenced, "Invalid capture referenced") \
1231  V(kInvalidElementsKindForInternalArrayOrInternalPackedArray, \
1232  "Invalid ElementsKind for InternalArray or InternalPackedArray") \
1233  V(kInvalidFullCodegenState, "invalid full-codegen state") \
1234  V(kInvalidHandleScopeLevel, "Invalid HandleScope level") \
1235  V(kInvalidLeftHandSideInAssignment, "Invalid left-hand side in assignment") \
1236  V(kInvalidLhsInCompoundAssignment, "Invalid lhs in compound assignment") \
1237  V(kInvalidLhsInCountOperation, "Invalid lhs in count operation") \
1238  V(kInvalidMinLength, "Invalid min_length") \
1239  V(kJSGlobalObjectNativeContextShouldBeANativeContext, \
1240  "JSGlobalObject::native_context should be a native context") \
1241  V(kJSGlobalProxyContextShouldNotBeNull, \
1242  "JSGlobalProxy::context() should not be null") \
1243  V(kJSObjectWithFastElementsMapHasSlowElements, \
1244  "JSObject with fast elements map has slow elements") \
1245  V(kLetBindingReInitialization, "Let binding re-initialization") \
1246  V(kLhsHasBeenClobbered, "lhs has been clobbered") \
1247  V(kLiveBytesCountOverflowChunkSize, "Live Bytes Count overflow chunk size") \
1248  V(kLiveEditFrameDroppingIsNotSupportedOnARM64, \
1249  "LiveEdit frame dropping is not supported on arm64") \
1250  V(kLiveEditFrameDroppingIsNotSupportedOnArm, \
1251  "LiveEdit frame dropping is not supported on arm") \
1252  V(kLiveEditFrameDroppingIsNotSupportedOnMips, \
1253  "LiveEdit frame dropping is not supported on mips") \
1254  V(kLiveEdit, "LiveEdit") \
1255  V(kLookupVariableInCountOperation, \
1256  "Lookup variable in count operation") \
1257  V(kMapIsNoLongerInEax, "Map is no longer in eax") \
1258  V(kModuleDeclaration, "Module declaration") \
1259  V(kModuleLiteral, "Module literal") \
1260  V(kModulePath, "Module path") \
1261  V(kModuleStatement, "Module statement") \
1262  V(kModuleVariable, "Module variable") \
1263  V(kModuleUrl, "Module url") \
1264  V(kNativeFunctionLiteral, "Native function literal") \
1265  V(kNoCasesLeft, "No cases left") \
1266  V(kNoEmptyArraysHereInEmitFastAsciiArrayJoin, \
1267  "No empty arrays here in EmitFastAsciiArrayJoin") \
1268  V(kNonInitializerAssignmentToConst, \
1269  "Non-initializer assignment to const") \
1270  V(kNonSmiIndex, "Non-smi index") \
1271  V(kNonSmiKeyInArrayLiteral, "Non-smi key in array literal") \
1272  V(kNonSmiValue, "Non-smi value") \
1273  V(kNonObject, "Non-object value") \
1274  V(kNotEnoughVirtualRegistersForValues, \
1275  "Not enough virtual registers for values") \
1276  V(kNotEnoughSpillSlotsForOsr, \
1277  "Not enough spill slots for OSR") \
1278  V(kNotEnoughVirtualRegistersRegalloc, \
1279  "Not enough virtual registers (regalloc)") \
1280  V(kObjectFoundInSmiOnlyArray, "Object found in smi-only array") \
1281  V(kObjectLiteralWithComplexProperty, \
1282  "Object literal with complex property") \
1283  V(kOddballInStringTableIsNotUndefinedOrTheHole, \
1284  "Oddball in string table is not undefined or the hole") \
1285  V(kOffsetOutOfRange, "Offset out of range") \
1286  V(kOperandIsASmiAndNotAName, "Operand is a smi and not a name") \
1287  V(kOperandIsASmiAndNotAString, "Operand is a smi and not a string") \
1288  V(kOperandIsASmi, "Operand is a smi") \
1289  V(kOperandIsNotAName, "Operand is not a name") \
1290  V(kOperandIsNotANumber, "Operand is not a number") \
1291  V(kOperandIsNotASmi, "Operand is not a smi") \
1292  V(kOperandIsNotAString, "Operand is not a string") \
1293  V(kOperandIsNotSmi, "Operand is not smi") \
1294  V(kOperandNotANumber, "Operand not a number") \
1295  V(kOptimizationDisabled, "Optimization is disabled") \
1296  V(kOptimizedTooManyTimes, "Optimized too many times") \
1297  V(kOutOfVirtualRegistersWhileTryingToAllocateTempRegister, \
1298  "Out of virtual registers while trying to allocate temp register") \
1299  V(kParseScopeError, "Parse/scope error") \
1300  V(kPossibleDirectCallToEval, "Possible direct call to eval") \
1301  V(kPreconditionsWereNotMet, "Preconditions were not met") \
1302  V(kPropertyAllocationCountFailed, "Property allocation count failed") \
1303  V(kReceivedInvalidReturnAddress, "Received invalid return address") \
1304  V(kReferenceToAVariableWhichRequiresDynamicLookup, \
1305  "Reference to a variable which requires dynamic lookup") \
1306  V(kReferenceToGlobalLexicalVariable, \
1307  "Reference to global lexical variable") \
1308  V(kReferenceToUninitializedVariable, "Reference to uninitialized variable") \
1309  V(kRegisterDidNotMatchExpectedRoot, "Register did not match expected root") \
1310  V(kRegisterWasClobbered, "Register was clobbered") \
1311  V(kRememberedSetPointerInNewSpace, "Remembered set pointer is in new space") \
1312  V(kReturnAddressNotFoundInFrame, "Return address not found in frame") \
1313  V(kRhsHasBeenClobbered, "Rhs has been clobbered") \
1314  V(kScopedBlock, "ScopedBlock") \
1315  V(kSmiAdditionOverflow, "Smi addition overflow") \
1316  V(kSmiSubtractionOverflow, "Smi subtraction overflow") \
1317  V(kStackAccessBelowStackPointer, "Stack access below stack pointer") \
1318  V(kStackFrameTypesMustMatch, "Stack frame types must match") \
1319  V(kSwitchStatementMixedOrNonLiteralSwitchLabels, \
1320  "SwitchStatement: mixed or non-literal switch labels") \
1321  V(kSwitchStatementTooManyClauses, "SwitchStatement: too many clauses") \
1322  V(kTheCurrentStackPointerIsBelowCsp, \
1323  "The current stack pointer is below csp") \
1324  V(kTheInstructionShouldBeALui, "The instruction should be a lui") \
1325  V(kTheInstructionShouldBeAnOri, "The instruction should be an ori") \
1326  V(kTheInstructionToPatchShouldBeALoadFromPc, \
1327  "The instruction to patch should be a load from pc") \
1328  V(kTheInstructionToPatchShouldBeALoadFromPp, \
1329  "The instruction to patch should be a load from pp") \
1330  V(kTheInstructionToPatchShouldBeAnLdrLiteral, \
1331  "The instruction to patch should be a ldr literal") \
1332  V(kTheInstructionToPatchShouldBeALui, \
1333  "The instruction to patch should be a lui") \
1334  V(kTheInstructionToPatchShouldBeAnOri, \
1335  "The instruction to patch should be an ori") \
1336  V(kTheSourceAndDestinationAreTheSame, \
1337  "The source and destination are the same") \
1338  V(kTheStackPointerIsNotAligned, "The stack pointer is not aligned.") \
1339  V(kTheStackWasCorruptedByMacroAssemblerCall, \
1340  "The stack was corrupted by MacroAssembler::Call()") \
1341  V(kTooManyParametersLocals, "Too many parameters/locals") \
1342  V(kTooManyParameters, "Too many parameters") \
1343  V(kTooManySpillSlotsNeededForOSR, "Too many spill slots needed for OSR") \
1344  V(kToOperand32UnsupportedImmediate, "ToOperand32 unsupported immediate.") \
1345  V(kToOperandIsDoubleRegisterUnimplemented, \
1346  "ToOperand IsDoubleRegister unimplemented") \
1347  V(kToOperandUnsupportedDoubleImmediate, \
1348  "ToOperand Unsupported double immediate") \
1349  V(kTryCatchStatement, "TryCatchStatement") \
1350  V(kTryFinallyStatement, "TryFinallyStatement") \
1351  V(kUnableToEncodeValueAsSmi, "Unable to encode value as smi") \
1352  V(kUnalignedAllocationInNewSpace, "Unaligned allocation in new space") \
1353  V(kUnalignedCellInWriteBarrier, "Unaligned cell in write barrier") \
1354  V(kUndefinedValueNotLoaded, "Undefined value not loaded") \
1355  V(kUndoAllocationOfNonAllocatedMemory, \
1356  "Undo allocation of non allocated memory") \
1357  V(kUnexpectedAllocationTop, "Unexpected allocation top") \
1358  V(kUnexpectedColorFound, "Unexpected color bit pattern found") \
1359  V(kUnexpectedElementsKindInArrayConstructor, \
1360  "Unexpected ElementsKind in array constructor") \
1361  V(kUnexpectedFallthroughFromCharCodeAtSlowCase, \
1362  "Unexpected fallthrough from CharCodeAt slow case") \
1363  V(kUnexpectedFallthroughFromCharFromCodeSlowCase, \
1364  "Unexpected fallthrough from CharFromCode slow case") \
1365  V(kUnexpectedFallThroughFromStringComparison, \
1366  "Unexpected fall-through from string comparison") \
1367  V(kUnexpectedFallThroughInBinaryStubGenerateFloatingPointCode, \
1368  "Unexpected fall-through in BinaryStub_GenerateFloatingPointCode") \
1369  V(kUnexpectedFallthroughToCharCodeAtSlowCase, \
1370  "Unexpected fallthrough to CharCodeAt slow case") \
1371  V(kUnexpectedFallthroughToCharFromCodeSlowCase, \
1372  "Unexpected fallthrough to CharFromCode slow case") \
1373  V(kUnexpectedFPUStackDepthAfterInstruction, \
1374  "Unexpected FPU stack depth after instruction") \
1375  V(kUnexpectedInitialMapForArrayFunction1, \
1376  "Unexpected initial map for Array function (1)") \
1377  V(kUnexpectedInitialMapForArrayFunction2, \
1378  "Unexpected initial map for Array function (2)") \
1379  V(kUnexpectedInitialMapForArrayFunction, \
1380  "Unexpected initial map for Array function") \
1381  V(kUnexpectedInitialMapForInternalArrayFunction, \
1382  "Unexpected initial map for InternalArray function") \
1383  V(kUnexpectedLevelAfterReturnFromApiCall, \
1384  "Unexpected level after return from api call") \
1385  V(kUnexpectedNegativeValue, "Unexpected negative value") \
1386  V(kUnexpectedNumberOfPreAllocatedPropertyFields, \
1387  "Unexpected number of pre-allocated property fields") \
1388  V(kUnexpectedSmi, "Unexpected smi value") \
1389  V(kUnexpectedStringFunction, "Unexpected String function") \
1390  V(kUnexpectedStringType, "Unexpected string type") \
1391  V(kUnexpectedStringWrapperInstanceSize, \
1392  "Unexpected string wrapper instance size") \
1393  V(kUnexpectedTypeForRegExpDataFixedArrayExpected, \
1394  "Unexpected type for RegExp data, FixedArray expected") \
1395  V(kUnexpectedValue, "Unexpected value") \
1396  V(kUnexpectedUnusedPropertiesOfStringWrapper, \
1397  "Unexpected unused properties of string wrapper") \
1398  V(kUnimplemented, "unimplemented") \
1399  V(kUninitializedKSmiConstantRegister, "Uninitialized kSmiConstantRegister") \
1400  V(kUnknown, "Unknown") \
1401  V(kUnsupportedConstCompoundAssignment, \
1402  "Unsupported const compound assignment") \
1403  V(kUnsupportedCountOperationWithConst, \
1404  "Unsupported count operation with const") \
1405  V(kUnsupportedDoubleImmediate, "Unsupported double immediate") \
1406  V(kUnsupportedLetCompoundAssignment, "Unsupported let compound assignment") \
1407  V(kUnsupportedLookupSlotInDeclaration, \
1408  "Unsupported lookup slot in declaration") \
1409  V(kUnsupportedNonPrimitiveCompare, "Unsupported non-primitive compare") \
1410  V(kUnsupportedPhiUseOfArguments, "Unsupported phi use of arguments") \
1411  V(kUnsupportedPhiUseOfConstVariable, \
1412  "Unsupported phi use of const variable") \
1413  V(kUnsupportedTaggedImmediate, "Unsupported tagged immediate") \
1414  V(kVariableResolvedToWithContext, "Variable resolved to with context") \
1415  V(kWeShouldNotHaveAnEmptyLexicalContext, \
1416  "We should not have an empty lexical context") \
1417  V(kWithStatement, "WithStatement") \
1418  V(kWrongAddressOrValuePassedToRecordWrite, \
1419  "Wrong address or value passed to RecordWrite") \
1420  V(kYield, "Yield")
1421 
1422 
1423 #define ERROR_MESSAGES_CONSTANTS(C, T) C,
1424 enum BailoutReason {
1425  ERROR_MESSAGES_LIST(ERROR_MESSAGES_CONSTANTS)
1426  kLastErrorMessage
1427 };
1428 #undef ERROR_MESSAGES_CONSTANTS
1429 
1430 
1431 const char* GetBailoutReason(BailoutReason reason);
1432 
1433 
1434 // Object is the abstract superclass for all classes in the
1435 // object hierarchy.
1436 // Object does not use any virtual functions to avoid the
1437 // allocation of the C++ vtable.
1438 // Since Smi and Failure are subclasses of Object no
1439 // data members can be present in Object.
1440 class Object : public MaybeObject {
1441  public:
1442  // Type testing.
1443  bool IsObject() { return true; }
1444 
1445 #define IS_TYPE_FUNCTION_DECL(type_) inline bool Is##type_();
1446  OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
1447  HEAP_OBJECT_TYPE_LIST(IS_TYPE_FUNCTION_DECL)
1448 #undef IS_TYPE_FUNCTION_DECL
1449 
1450  inline bool IsFixedArrayBase();
1451  inline bool IsExternal();
1452  inline bool IsAccessorInfo();
1453 
1454  inline bool IsStruct();
1455 #define DECLARE_STRUCT_PREDICATE(NAME, Name, name) inline bool Is##Name();
1456  STRUCT_LIST(DECLARE_STRUCT_PREDICATE)
1457 #undef DECLARE_STRUCT_PREDICATE
1458 
1459  INLINE(bool IsSpecObject());
1460  INLINE(bool IsSpecFunction());
1461  bool IsCallable();
1462 
1463  // Oddball testing.
1464  INLINE(bool IsUndefined());
1465  INLINE(bool IsNull());
1466  INLINE(bool IsTheHole()); // Shadows MaybeObject's implementation.
1467  INLINE(bool IsUninitialized());
1468  INLINE(bool IsTrue());
1469  INLINE(bool IsFalse());
1470  inline bool IsArgumentsMarker();
1471  inline bool NonFailureIsHeapObject();
1472 
1473  // Filler objects (fillers and free space objects).
1474  inline bool IsFiller();
1475 
1476  // Extract the number.
1477  inline double Number();
1478  inline bool IsNaN();
1479  bool ToInt32(int32_t* value);
1480  bool ToUint32(uint32_t* value);
1481 
1482  // Indicates whether OptimalRepresentation can do its work, or whether it
1483  // always has to return Representation::Tagged().
1484  enum ValueType {
1485  OPTIMAL_REPRESENTATION,
1486  FORCE_TAGGED
1487  };
1488 
1489  inline Representation OptimalRepresentation(
1490  ValueType type = OPTIMAL_REPRESENTATION) {
1491  if (!FLAG_track_fields) return Representation::Tagged();
1492  if (type == FORCE_TAGGED) return Representation::Tagged();
1493  if (IsSmi()) {
1494  return Representation::Smi();
1495  } else if (FLAG_track_double_fields && IsHeapNumber()) {
1496  return Representation::Double();
1497  } else if (FLAG_track_computed_fields && IsUninitialized()) {
1498  return Representation::None();
1499  } else if (FLAG_track_heap_object_fields) {
1500  ASSERT(IsHeapObject());
1501  return Representation::HeapObject();
1502  } else {
1503  return Representation::Tagged();
1504  }
1505  }
1506 
1507  inline bool FitsRepresentation(Representation representation) {
1508  if (FLAG_track_fields && representation.IsNone()) {
1509  return false;
1510  } else if (FLAG_track_fields && representation.IsSmi()) {
1511  return IsSmi();
1512  } else if (FLAG_track_double_fields && representation.IsDouble()) {
1513  return IsNumber();
1514  } else if (FLAG_track_heap_object_fields && representation.IsHeapObject()) {
1515  return IsHeapObject();
1516  }
1517  return true;
1518  }
1519 
1520  inline MaybeObject* AllocateNewStorageFor(Heap* heap,
1521  Representation representation);
1522 
1523  // Returns true if the object is of the correct type to be used as a
1524  // implementation of a JSObject's elements.
1525  inline bool HasValidElements();
1526 
1527  inline bool HasSpecificClassOf(String* name);
1528 
1529  MUST_USE_RESULT MaybeObject* ToObject(Isolate* isolate); // ECMA-262 9.9.
1530  bool BooleanValue(); // ECMA-262 9.2.
1531 
1532  // Convert to a JSObject if needed.
1533  // native_context is used when creating wrapper object.
1534  MUST_USE_RESULT MaybeObject* ToObject(Context* native_context);
1535 
1536  // Converts this to a Smi if possible.
1537  // Failure is returned otherwise.
1538  static MUST_USE_RESULT inline Handle<Object> ToSmi(Isolate* isolate,
1539  Handle<Object> object);
1540  MUST_USE_RESULT inline MaybeObject* ToSmi();
1541 
1542  void Lookup(Name* name, LookupResult* result);
1543 
1544  // Property access.
1545  MUST_USE_RESULT inline MaybeObject* GetProperty(Name* key);
1546  MUST_USE_RESULT inline MaybeObject* GetProperty(
1547  Name* key,
1548  PropertyAttributes* attributes);
1549 
1550  // TODO(yangguo): this should eventually replace the non-handlified version.
1551  static Handle<Object> GetPropertyWithReceiver(Handle<Object> object,
1552  Handle<Object> receiver,
1553  Handle<Name> name,
1554  PropertyAttributes* attributes);
1555  MUST_USE_RESULT MaybeObject* GetPropertyWithReceiver(
1556  Object* receiver,
1557  Name* key,
1558  PropertyAttributes* attributes);
1559 
1560  static Handle<Object> GetProperty(Handle<Object> object,
1561  Handle<Name> key);
1562  static Handle<Object> GetProperty(Handle<Object> object,
1563  Handle<Object> receiver,
1564  LookupResult* result,
1565  Handle<Name> key,
1566  PropertyAttributes* attributes);
1567 
1568  MUST_USE_RESULT static MaybeObject* GetPropertyOrFail(
1569  Handle<Object> object,
1570  Handle<Object> receiver,
1571  LookupResult* result,
1572  Handle<Name> key,
1573  PropertyAttributes* attributes);
1574 
1575  MUST_USE_RESULT MaybeObject* GetProperty(Object* receiver,
1576  LookupResult* result,
1577  Name* key,
1578  PropertyAttributes* attributes);
1579 
1580  MUST_USE_RESULT MaybeObject* GetPropertyWithDefinedGetter(Object* receiver,
1581  JSReceiver* getter);
1582 
1583  static inline Handle<Object> GetElement(Isolate* isolate,
1584  Handle<Object> object,
1585  uint32_t index);
1586 
1587  // For use when we know that no exception can be thrown.
1588  static inline Handle<Object> GetElementNoExceptionThrown(
1589  Isolate* isolate,
1590  Handle<Object> object,
1591  uint32_t index);
1592 
1593  static Handle<Object> GetElementWithReceiver(Isolate* isolate,
1594  Handle<Object> object,
1595  Handle<Object> receiver,
1596  uint32_t index);
1597 
1598  // Return the object's prototype (might be Heap::null_value()).
1599  Object* GetPrototype(Isolate* isolate);
1600  Map* GetMarkerMap(Isolate* isolate);
1601 
1602  // Returns the permanent hash code associated with this object. May return
1603  // undefined if not yet created.
1604  Object* GetHash();
1605 
1606  // Returns the permanent hash code associated with this object depending on
1607  // the actual object type. May create and store a hash code if needed and none
1608  // exists.
1609  // TODO(rafaelw): Remove isolate parameter when objects.cc is fully
1610  // handlified.
1611  static Handle<Object> GetOrCreateHash(Handle<Object> object,
1612  Isolate* isolate);
1613 
1614  // Checks whether this object has the same value as the given one. This
1615  // function is implemented according to ES5, section 9.12 and can be used
1616  // to implement the Harmony "egal" function.
1617  bool SameValue(Object* other);
1618 
1619  // Tries to convert an object to an array index. Returns true and sets
1620  // the output parameter if it succeeds.
1621  inline bool ToArrayIndex(uint32_t* index);
1622 
1623  // Returns true if this is a JSValue containing a string and the index is
1624  // < the length of the string. Used to implement [] on strings.
1625  inline bool IsStringObjectWithCharacterAt(uint32_t index);
1626 
1627 #ifdef VERIFY_HEAP
1628  // Verify a pointer is a valid object pointer.
1629  static void VerifyPointer(Object* p);
1630 #endif
1631 
1632  inline void VerifyApiCallResultType();
1633 
1634  // Prints this object without details.
1635  void ShortPrint(FILE* out = stdout);
1636 
1637  // Prints this object without details to a message accumulator.
1638  void ShortPrint(StringStream* accumulator);
1639 
1640  // Casting: This cast is only needed to satisfy macros in objects-inl.h.
1641  static Object* cast(Object* value) { return value; }
1642 
1643  // Layout description.
1644  static const int kHeaderSize = 0; // Object does not take up any space.
1645 
1646  private:
1647  DISALLOW_IMPLICIT_CONSTRUCTORS(Object);
1648 };
1649 
1650 
1651 // Smi represents integer Numbers that can be stored in 31 bits.
1652 // Smis are immediate which means they are NOT allocated in the heap.
1653 // The this pointer has the following format: [31 bit signed int] 0
1654 // For long smis it has the following format:
1655 // [32 bit signed int] [31 bits zero padding] 0
1656 // Smi stands for small integer.
1657 class Smi: public Object {
1658  public:
1659  // Returns the integer value.
1660  inline int value();
1661 
1662  // Convert a value to a Smi object.
1663  static inline Smi* FromInt(int value);
1664 
1665  static inline Smi* FromIntptr(intptr_t value);
1666 
1667  // Returns whether value can be represented in a Smi.
1668  static inline bool IsValid(intptr_t value);
1669 
1670  // Casting.
1671  static inline Smi* cast(Object* object);
1672 
1673  // Dispatched behavior.
1674  void SmiPrint(FILE* out = stdout);
1675  void SmiPrint(StringStream* accumulator);
1676 
1677  DECLARE_VERIFIER(Smi)
1678 
1679  static const int kMinValue =
1680  (static_cast<unsigned int>(-1)) << (kSmiValueSize - 1);
1681  static const int kMaxValue = -(kMinValue + 1);
1682 
1683  private:
1684  DISALLOW_IMPLICIT_CONSTRUCTORS(Smi);
1685 };
1686 
1687 
1688 // Failure is used for reporting out of memory situations and
1689 // propagating exceptions through the runtime system. Failure objects
1690 // are transient and cannot occur as part of the object graph.
1691 //
1692 // Failures are a single word, encoded as follows:
1693 // +-------------------------+---+--+--+
1694 // |.........unused..........|sss|tt|11|
1695 // +-------------------------+---+--+--+
1696 // 7 6 4 32 10
1697 //
1698 //
1699 // The low two bits, 0-1, are the failure tag, 11. The next two bits,
1700 // 2-3, are a failure type tag 'tt' with possible values:
1701 // 00 RETRY_AFTER_GC
1702 // 01 EXCEPTION
1703 // 10 INTERNAL_ERROR
1704 // 11 OUT_OF_MEMORY_EXCEPTION
1705 //
1706 // The next three bits, 4-6, are an allocation space tag 'sss'. The
1707 // allocation space tag is 000 for all failure types except
1708 // RETRY_AFTER_GC. For RETRY_AFTER_GC, the possible values are the
1709 // allocation spaces (the encoding is found in globals.h).
1710 
1711 // Failure type tag info.
1712 const int kFailureTypeTagSize = 2;
1713 const int kFailureTypeTagMask = (1 << kFailureTypeTagSize) - 1;
1714 
1715 class Failure: public MaybeObject {
1716  public:
1717  // RuntimeStubs assumes EXCEPTION = 1 in the compiler-generated code.
1718  enum Type {
1719  RETRY_AFTER_GC = 0,
1720  EXCEPTION = 1, // Returning this marker tells the real exception
1721  // is in Isolate::pending_exception.
1722  INTERNAL_ERROR = 2,
1723  OUT_OF_MEMORY_EXCEPTION = 3
1724  };
1725 
1726  inline Type type() const;
1727 
1728  // Returns the space that needs to be collected for RetryAfterGC failures.
1729  inline AllocationSpace allocation_space() const;
1730 
1731  inline bool IsInternalError() const;
1732 
1733  static inline Failure* RetryAfterGC(AllocationSpace space);
1734  static inline Failure* RetryAfterGC(); // NEW_SPACE
1735  static inline Failure* Exception();
1736  static inline Failure* InternalError();
1737  // Casting.
1738  static inline Failure* cast(MaybeObject* object);
1739 
1740  // Dispatched behavior.
1741  void FailurePrint(FILE* out = stdout);
1742  void FailurePrint(StringStream* accumulator);
1743 
1744  DECLARE_VERIFIER(Failure)
1745 
1746  private:
1747  inline intptr_t value() const;
1748  static inline Failure* Construct(Type type, intptr_t value = 0);
1749 
1750  DISALLOW_IMPLICIT_CONSTRUCTORS(Failure);
1751 };
1752 
1753 
1754 // Heap objects typically have a map pointer in their first word. However,
1755 // during GC other data (e.g. mark bits, forwarding addresses) is sometimes
1756 // encoded in the first word. The class MapWord is an abstraction of the
1757 // value in a heap object's first word.
1758 class MapWord BASE_EMBEDDED {
1759  public:
1760  // Normal state: the map word contains a map pointer.
1761 
1762  // Create a map word from a map pointer.
1763  static inline MapWord FromMap(Map* map);
1764 
1765  // View this map word as a map pointer.
1766  inline Map* ToMap();
1767 
1768 
1769  // Scavenge collection: the map word of live objects in the from space
1770  // contains a forwarding address (a heap object pointer in the to space).
1771 
1772  // True if this map word is a forwarding address for a scavenge
1773  // collection. Only valid during a scavenge collection (specifically,
1774  // when all map words are heap object pointers, i.e. not during a full GC).
1775  inline bool IsForwardingAddress();
1776 
1777  // Create a map word from a forwarding address.
1778  static inline MapWord FromForwardingAddress(HeapObject* object);
1779 
1780  // View this map word as a forwarding address.
1781  inline HeapObject* ToForwardingAddress();
1782 
1783  static inline MapWord FromRawValue(uintptr_t value) {
1784  return MapWord(value);
1785  }
1786 
1787  inline uintptr_t ToRawValue() {
1788  return value_;
1789  }
1790 
1791  private:
1792  // HeapObject calls the private constructor and directly reads the value.
1793  friend class HeapObject;
1794 
1795  explicit MapWord(uintptr_t value) : value_(value) {}
1796 
1797  uintptr_t value_;
1798 };
1799 
1800 
1801 // HeapObject is the superclass for all classes describing heap allocated
1802 // objects.
1803 class HeapObject: public Object {
1804  public:
1805  // [map]: Contains a map which contains the object's reflective
1806  // information.
1807  inline Map* map();
1808  inline void set_map(Map* value);
1809  // The no-write-barrier version. This is OK if the object is white and in
1810  // new space, or if the value is an immortal immutable object, like the maps
1811  // of primitive (non-JS) objects like strings, heap numbers etc.
1812  inline void set_map_no_write_barrier(Map* value);
1813 
1814  // During garbage collection, the map word of a heap object does not
1815  // necessarily contain a map pointer.
1816  inline MapWord map_word();
1817  inline void set_map_word(MapWord map_word);
1818 
1819  // The Heap the object was allocated in. Used also to access Isolate.
1820  inline Heap* GetHeap();
1821 
1822  // Convenience method to get current isolate.
1823  inline Isolate* GetIsolate();
1824 
1825  // Converts an address to a HeapObject pointer.
1826  static inline HeapObject* FromAddress(Address address);
1827 
1828  // Returns the address of this HeapObject.
1829  inline Address address();
1830 
1831  // Iterates over pointers contained in the object (including the Map)
1832  void Iterate(ObjectVisitor* v);
1833 
1834  // Iterates over all pointers contained in the object except the
1835  // first map pointer. The object type is given in the first
1836  // parameter. This function does not access the map pointer in the
1837  // object, and so is safe to call while the map pointer is modified.
1838  void IterateBody(InstanceType type, int object_size, ObjectVisitor* v);
1839 
1840  // Returns the heap object's size in bytes
1841  inline int Size();
1842 
1843  // Given a heap object's map pointer, returns the heap size in bytes
1844  // Useful when the map pointer field is used for other purposes.
1845  // GC internal.
1846  inline int SizeFromMap(Map* map);
1847 
1848  // Returns the field at offset in obj, as a read/write Object* reference.
1849  // Does no checking, and is safe to use during GC, while maps are invalid.
1850  // Does not invoke write barrier, so should only be assigned to
1851  // during marking GC.
1852  static inline Object** RawField(HeapObject* obj, int offset);
1853 
1854  // Adds the |code| object related to |name| to the code cache of this map. If
1855  // this map is a dictionary map that is shared, the map copied and installed
1856  // onto the object.
1857  static void UpdateMapCodeCache(Handle<HeapObject> object,
1858  Handle<Name> name,
1859  Handle<Code> code);
1860 
1861  // Casting.
1862  static inline HeapObject* cast(Object* obj);
1863 
1864  // Return the write barrier mode for this. Callers of this function
1865  // must be able to present a reference to an DisallowHeapAllocation
1866  // object as a sign that they are not going to use this function
1867  // from code that allocates and thus invalidates the returned write
1868  // barrier mode.
1869  inline WriteBarrierMode GetWriteBarrierMode(
1870  const DisallowHeapAllocation& promise);
1871 
1872  // Dispatched behavior.
1873  void HeapObjectShortPrint(StringStream* accumulator);
1874 #ifdef OBJECT_PRINT
1875  void PrintHeader(FILE* out, const char* id);
1876 #endif
1877  DECLARE_PRINTER(HeapObject)
1878  DECLARE_VERIFIER(HeapObject)
1879 #ifdef VERIFY_HEAP
1880  inline void VerifyObjectField(int offset);
1881  inline void VerifySmiField(int offset);
1882 
1883  // Verify a pointer is a valid HeapObject pointer that points to object
1884  // areas in the heap.
1885  static void VerifyHeapPointer(Object* p);
1886 #endif
1887 
1888  // Layout description.
1889  // First field in a heap object is map.
1890  static const int kMapOffset = Object::kHeaderSize;
1891  static const int kHeaderSize = kMapOffset + kPointerSize;
1892 
1893  STATIC_CHECK(kMapOffset == Internals::kHeapObjectMapOffset);
1894 
1895  protected:
1896  // helpers for calling an ObjectVisitor to iterate over pointers in the
1897  // half-open range [start, end) specified as integer offsets
1898  inline void IteratePointers(ObjectVisitor* v, int start, int end);
1899  // as above, for the single element at "offset"
1900  inline void IteratePointer(ObjectVisitor* v, int offset);
1901  // as above, for the next code link of a code object.
1902  inline void IterateNextCodeLink(ObjectVisitor* v, int offset);
1903 
1904  private:
1905  DISALLOW_IMPLICIT_CONSTRUCTORS(HeapObject);
1906 };
1907 
1908 
1909 // This class describes a body of an object of a fixed size
1910 // in which all pointer fields are located in the [start_offset, end_offset)
1911 // interval.
1912 template<int start_offset, int end_offset, int size>
1913 class FixedBodyDescriptor {
1914  public:
1915  static const int kStartOffset = start_offset;
1916  static const int kEndOffset = end_offset;
1917  static const int kSize = size;
1918 
1919  static inline void IterateBody(HeapObject* obj, ObjectVisitor* v);
1920 
1921  template<typename StaticVisitor>
1922  static inline void IterateBody(HeapObject* obj) {
1923  StaticVisitor::VisitPointers(HeapObject::RawField(obj, start_offset),
1924  HeapObject::RawField(obj, end_offset));
1925  }
1926 };
1927 
1928 
1929 // This class describes a body of an object of a variable size
1930 // in which all pointer fields are located in the [start_offset, object_size)
1931 // interval.
1932 template<int start_offset>
1933 class FlexibleBodyDescriptor {
1934  public:
1935  static const int kStartOffset = start_offset;
1936 
1937  static inline void IterateBody(HeapObject* obj,
1938  int object_size,
1939  ObjectVisitor* v);
1940 
1941  template<typename StaticVisitor>
1942  static inline void IterateBody(HeapObject* obj, int object_size) {
1943  StaticVisitor::VisitPointers(HeapObject::RawField(obj, start_offset),
1944  HeapObject::RawField(obj, object_size));
1945  }
1946 };
1947 
1948 
1949 // The HeapNumber class describes heap allocated numbers that cannot be
1950 // represented in a Smi (small integer)
1951 class HeapNumber: public HeapObject {
1952  public:
1953  // [value]: number value.
1954  inline double value();
1955  inline void set_value(double value);
1956 
1957  // Casting.
1958  static inline HeapNumber* cast(Object* obj);
1959 
1960  // Dispatched behavior.
1961  bool HeapNumberBooleanValue();
1962 
1963  void HeapNumberPrint(FILE* out = stdout);
1964  void HeapNumberPrint(StringStream* accumulator);
1965  DECLARE_VERIFIER(HeapNumber)
1966 
1967  inline int get_exponent();
1968  inline int get_sign();
1969 
1970  // Layout description.
1971  static const int kValueOffset = HeapObject::kHeaderSize;
1972  // IEEE doubles are two 32 bit words. The first is just mantissa, the second
1973  // is a mixture of sign, exponent and mantissa. Our current platforms are all
1974  // little endian apart from non-EABI arm which is little endian with big
1975  // endian floating point word ordering!
1976  static const int kMantissaOffset = kValueOffset;
1977  static const int kExponentOffset = kValueOffset + 4;
1978 
1979  static const int kSize = kValueOffset + kDoubleSize;
1980  static const uint32_t kSignMask = 0x80000000u;
1981  static const uint32_t kExponentMask = 0x7ff00000u;
1982  static const uint32_t kMantissaMask = 0xfffffu;
1983  static const int kMantissaBits = 52;
1984  static const int kExponentBits = 11;
1985  static const int kExponentBias = 1023;
1986  static const int kExponentShift = 20;
1987  static const int kInfinityOrNanExponent =
1988  (kExponentMask >> kExponentShift) - kExponentBias;
1989  static const int kMantissaBitsInTopWord = 20;
1990  static const int kNonMantissaBitsInTopWord = 12;
1991 
1992  private:
1993  DISALLOW_IMPLICIT_CONSTRUCTORS(HeapNumber);
1994 };
1995 
1996 
1997 enum EnsureElementsMode {
1998  DONT_ALLOW_DOUBLE_ELEMENTS,
1999  ALLOW_COPIED_DOUBLE_ELEMENTS,
2000  ALLOW_CONVERTED_DOUBLE_ELEMENTS
2001 };
2002 
2003 
2004 // Indicates whether a property should be set or (re)defined. Setting of a
2005 // property causes attributes to remain unchanged, writability to be checked
2006 // and callbacks to be called. Defining of a property causes attributes to
2007 // be updated and callbacks to be overridden.
2008 enum SetPropertyMode {
2009  SET_PROPERTY,
2010  DEFINE_PROPERTY
2011 };
2012 
2013 
2014 // Indicator for one component of an AccessorPair.
2015 enum AccessorComponent {
2016  ACCESSOR_GETTER,
2017  ACCESSOR_SETTER
2018 };
2019 
2020 
2021 // JSReceiver includes types on which properties can be defined, i.e.,
2022 // JSObject and JSProxy.
2023 class JSReceiver: public HeapObject {
2024  public:
2025  enum DeleteMode {
2026  NORMAL_DELETION,
2027  STRICT_DELETION,
2028  FORCE_DELETION
2029  };
2030 
2031  // A non-keyed store is of the form a.x = foo or a["x"] = foo whereas
2032  // a keyed store is of the form a[expression] = foo.
2033  enum StoreFromKeyed {
2034  MAY_BE_STORE_FROM_KEYED,
2035  CERTAINLY_NOT_STORE_FROM_KEYED
2036  };
2037 
2038  // Internal properties (e.g. the hidden properties dictionary) might
2039  // be added even though the receiver is non-extensible.
2040  enum ExtensibilityCheck {
2041  PERFORM_EXTENSIBILITY_CHECK,
2042  OMIT_EXTENSIBILITY_CHECK
2043  };
2044 
2045  // Casting.
2046  static inline JSReceiver* cast(Object* obj);
2047 
2048  // Implementation of [[Put]], ECMA-262 5th edition, section 8.12.5.
2049  static Handle<Object> SetProperty(Handle<JSReceiver> object,
2050  Handle<Name> key,
2051  Handle<Object> value,
2052  PropertyAttributes attributes,
2053  StrictMode strict_mode,
2054  StoreFromKeyed store_mode =
2055  MAY_BE_STORE_FROM_KEYED);
2056  static Handle<Object> SetElement(Handle<JSReceiver> object,
2057  uint32_t index,
2058  Handle<Object> value,
2059  PropertyAttributes attributes,
2060  StrictMode strict_mode);
2061 
2062  // Implementation of [[HasProperty]], ECMA-262 5th edition, section 8.12.6.
2063  static inline bool HasProperty(Handle<JSReceiver> object, Handle<Name> name);
2064  static inline bool HasLocalProperty(Handle<JSReceiver>, Handle<Name> name);
2065  static inline bool HasElement(Handle<JSReceiver> object, uint32_t index);
2066  static inline bool HasLocalElement(Handle<JSReceiver> object, uint32_t index);
2067 
2068  // Implementation of [[Delete]], ECMA-262 5th edition, section 8.12.7.
2069  static Handle<Object> DeleteProperty(Handle<JSReceiver> object,
2070  Handle<Name> name,
2071  DeleteMode mode = NORMAL_DELETION);
2072  static Handle<Object> DeleteElement(Handle<JSReceiver> object,
2073  uint32_t index,
2074  DeleteMode mode = NORMAL_DELETION);
2075 
2076  // Tests for the fast common case for property enumeration.
2077  bool IsSimpleEnum();
2078 
2079  // Returns the class name ([[Class]] property in the specification).
2080  String* class_name();
2081 
2082  // Returns the constructor name (the name (possibly, inferred name) of the
2083  // function that was used to instantiate the object).
2084  String* constructor_name();
2085 
2086  static inline PropertyAttributes GetPropertyAttribute(
2087  Handle<JSReceiver> object,
2088  Handle<Name> name);
2089  static PropertyAttributes GetPropertyAttributeWithReceiver(
2090  Handle<JSReceiver> object,
2091  Handle<JSReceiver> receiver,
2092  Handle<Name> name);
2093  static PropertyAttributes GetLocalPropertyAttribute(
2094  Handle<JSReceiver> object,
2095  Handle<Name> name);
2096 
2097  static inline PropertyAttributes GetElementAttribute(
2098  Handle<JSReceiver> object,
2099  uint32_t index);
2100  static inline PropertyAttributes GetLocalElementAttribute(
2101  Handle<JSReceiver> object,
2102  uint32_t index);
2103 
2104  // Return the object's prototype (might be Heap::null_value()).
2105  inline Object* GetPrototype();
2106 
2107  // Return the constructor function (may be Heap::null_value()).
2108  inline Object* GetConstructor();
2109 
2110  // Retrieves a permanent object identity hash code. The undefined value might
2111  // be returned in case no hash was created yet.
2112  inline Object* GetIdentityHash();
2113 
2114  // Retrieves a permanent object identity hash code. May create and store a
2115  // hash code if needed and none exists.
2116  inline static Handle<Object> GetOrCreateIdentityHash(
2117  Handle<JSReceiver> object);
2118 
2119  // Lookup a property. If found, the result is valid and has
2120  // detailed information.
2121  void LocalLookup(Name* name, LookupResult* result,
2122  bool search_hidden_prototypes = false);
2123  void Lookup(Name* name, LookupResult* result);
2124 
2125  protected:
2126  Smi* GenerateIdentityHash();
2127 
2128  static Handle<Object> SetPropertyWithDefinedSetter(Handle<JSReceiver> object,
2129  Handle<JSReceiver> setter,
2130  Handle<Object> value);
2131 
2132  private:
2133  static PropertyAttributes GetPropertyAttributeForResult(
2134  Handle<JSReceiver> object,
2135  Handle<JSReceiver> receiver,
2136  LookupResult* result,
2137  Handle<Name> name,
2138  bool continue_search);
2139 
2140  static Handle<Object> SetProperty(Handle<JSReceiver> receiver,
2141  LookupResult* result,
2142  Handle<Name> key,
2143  Handle<Object> value,
2144  PropertyAttributes attributes,
2145  StrictMode strict_mode,
2146  StoreFromKeyed store_from_keyed);
2147 
2148  DISALLOW_IMPLICIT_CONSTRUCTORS(JSReceiver);
2149 };
2150 
2151 // Forward declaration for JSObject::GetOrCreateHiddenPropertiesHashTable.
2152 class ObjectHashTable;
2153 
2154 // The JSObject describes real heap allocated JavaScript objects with
2155 // properties.
2156 // Note that the map of JSObject changes during execution to enable inline
2157 // caching.
2158 class JSObject: public JSReceiver {
2159  public:
2160  // [properties]: Backing storage for properties.
2161  // properties is a FixedArray in the fast case and a Dictionary in the
2162  // slow case.
2163  DECL_ACCESSORS(properties, FixedArray) // Get and set fast properties.
2164  inline void initialize_properties();
2165  inline bool HasFastProperties();
2166  inline NameDictionary* property_dictionary(); // Gets slow properties.
2167 
2168  // [elements]: The elements (properties with names that are integers).
2169  //
2170  // Elements can be in two general modes: fast and slow. Each mode
2171  // corrensponds to a set of object representations of elements that
2172  // have something in common.
2173  //
2174  // In the fast mode elements is a FixedArray and so each element can
2175  // be quickly accessed. This fact is used in the generated code. The
2176  // elements array can have one of three maps in this mode:
2177  // fixed_array_map, sloppy_arguments_elements_map or
2178  // fixed_cow_array_map (for copy-on-write arrays). In the latter case
2179  // the elements array may be shared by a few objects and so before
2180  // writing to any element the array must be copied. Use
2181  // EnsureWritableFastElements in this case.
2182  //
2183  // In the slow mode the elements is either a NumberDictionary, an
2184  // ExternalArray, or a FixedArray parameter map for a (sloppy)
2185  // arguments object.
2186  DECL_ACCESSORS(elements, FixedArrayBase)
2187  inline void initialize_elements();
2188  MUST_USE_RESULT inline MaybeObject* ResetElements();
2189  inline ElementsKind GetElementsKind();
2190  inline ElementsAccessor* GetElementsAccessor();
2191  // Returns true if an object has elements of FAST_SMI_ELEMENTS ElementsKind.
2192  inline bool HasFastSmiElements();
2193  // Returns true if an object has elements of FAST_ELEMENTS ElementsKind.
2194  inline bool HasFastObjectElements();
2195  // Returns true if an object has elements of FAST_ELEMENTS or
2196  // FAST_SMI_ONLY_ELEMENTS.
2197  inline bool HasFastSmiOrObjectElements();
2198  // Returns true if an object has any of the fast elements kinds.
2199  inline bool HasFastElements();
2200  // Returns true if an object has elements of FAST_DOUBLE_ELEMENTS
2201  // ElementsKind.
2202  inline bool HasFastDoubleElements();
2203  // Returns true if an object has elements of FAST_HOLEY_*_ELEMENTS
2204  // ElementsKind.
2205  inline bool HasFastHoleyElements();
2206  inline bool HasSloppyArgumentsElements();
2207  inline bool HasDictionaryElements();
2208 
2209  inline bool HasExternalUint8ClampedElements();
2210  inline bool HasExternalArrayElements();
2211  inline bool HasExternalInt8Elements();
2212  inline bool HasExternalUint8Elements();
2213  inline bool HasExternalInt16Elements();
2214  inline bool HasExternalUint16Elements();
2215  inline bool HasExternalInt32Elements();
2216  inline bool HasExternalUint32Elements();
2217  inline bool HasExternalFloat32Elements();
2218  inline bool HasExternalFloat64Elements();
2219 
2220  inline bool HasFixedTypedArrayElements();
2221 
2222  inline bool HasFixedUint8ClampedElements();
2223  inline bool HasFixedArrayElements();
2224  inline bool HasFixedInt8Elements();
2225  inline bool HasFixedUint8Elements();
2226  inline bool HasFixedInt16Elements();
2227  inline bool HasFixedUint16Elements();
2228  inline bool HasFixedInt32Elements();
2229  inline bool HasFixedUint32Elements();
2230  inline bool HasFixedFloat32Elements();
2231  inline bool HasFixedFloat64Elements();
2232 
2233  bool HasFastArgumentsElements();
2234  bool HasDictionaryArgumentsElements();
2235  inline SeededNumberDictionary* element_dictionary(); // Gets slow elements.
2236 
2237  inline void set_map_and_elements(
2238  Map* map,
2239  FixedArrayBase* value,
2240  WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
2241 
2242  // Requires: HasFastElements().
2243  static Handle<FixedArray> EnsureWritableFastElements(
2244  Handle<JSObject> object);
2245  MUST_USE_RESULT inline MaybeObject* EnsureWritableFastElements();
2246 
2247  // Collects elements starting at index 0.
2248  // Undefined values are placed after non-undefined values.
2249  // Returns the number of non-undefined values.
2250  static Handle<Object> PrepareElementsForSort(Handle<JSObject> object,
2251  uint32_t limit);
2252  // As PrepareElementsForSort, but only on objects where elements is
2253  // a dictionary, and it will stay a dictionary.
2254  static Handle<Object> PrepareSlowElementsForSort(Handle<JSObject> object,
2255  uint32_t limit);
2256  MUST_USE_RESULT MaybeObject* PrepareSlowElementsForSort(uint32_t limit);
2257 
2258  static Handle<Object> GetPropertyWithCallback(Handle<JSObject> object,
2259  Handle<Object> receiver,
2260  Handle<Object> structure,
2261  Handle<Name> name);
2262 
2263  static Handle<Object> SetPropertyWithCallback(
2264  Handle<JSObject> object,
2265  Handle<Object> structure,
2266  Handle<Name> name,
2267  Handle<Object> value,
2268  Handle<JSObject> holder,
2269  StrictMode strict_mode);
2270 
2271  static Handle<Object> SetPropertyWithInterceptor(
2272  Handle<JSObject> object,
2273  Handle<Name> name,
2274  Handle<Object> value,
2275  PropertyAttributes attributes,
2276  StrictMode strict_mode);
2277 
2278  static Handle<Object> SetPropertyForResult(
2279  Handle<JSObject> object,
2280  LookupResult* result,
2281  Handle<Name> name,
2282  Handle<Object> value,
2283  PropertyAttributes attributes,
2284  StrictMode strict_mode,
2285  StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
2286 
2287  static Handle<Object> SetLocalPropertyIgnoreAttributes(
2288  Handle<JSObject> object,
2289  Handle<Name> key,
2290  Handle<Object> value,
2291  PropertyAttributes attributes,
2292  ValueType value_type = OPTIMAL_REPRESENTATION,
2293  StoreMode mode = ALLOW_AS_CONSTANT,
2294  ExtensibilityCheck extensibility_check = PERFORM_EXTENSIBILITY_CHECK);
2295 
2296  static inline Handle<String> ExpectedTransitionKey(Handle<Map> map);
2297  static inline Handle<Map> ExpectedTransitionTarget(Handle<Map> map);
2298 
2299  // Try to follow an existing transition to a field with attributes NONE. The
2300  // return value indicates whether the transition was successful.
2301  static inline Handle<Map> FindTransitionToField(Handle<Map> map,
2302  Handle<Name> key);
2303 
2304  // Extend the receiver with a single fast property appeared first in the
2305  // passed map. This also extends the property backing store if necessary.
2306  static void AllocateStorageForMap(Handle<JSObject> object, Handle<Map> map);
2307 
2308  // Migrates the given object to a map whose field representations are the
2309  // lowest upper bound of all known representations for that field.
2310  static void MigrateInstance(Handle<JSObject> instance);
2311 
2312  // Migrates the given object only if the target map is already available,
2313  // or returns an empty handle if such a map is not yet available.
2314  static Handle<Object> TryMigrateInstance(Handle<JSObject> instance);
2315 
2316  // Retrieve a value in a normalized object given a lookup result.
2317  // Handles the special representation of JS global objects.
2318  Object* GetNormalizedProperty(const LookupResult* result);
2319 
2320  // Sets the property value in a normalized object given a lookup result.
2321  // Handles the special representation of JS global objects.
2322  static void SetNormalizedProperty(Handle<JSObject> object,
2323  const LookupResult* result,
2324  Handle<Object> value);
2325 
2326  // Sets the property value in a normalized object given (key, value, details).
2327  // Handles the special representation of JS global objects.
2328  static void SetNormalizedProperty(Handle<JSObject> object,
2329  Handle<Name> key,
2330  Handle<Object> value,
2331  PropertyDetails details);
2332 
2333  static void OptimizeAsPrototype(Handle<JSObject> object);
2334 
2335  // Retrieve interceptors.
2336  InterceptorInfo* GetNamedInterceptor();
2337  InterceptorInfo* GetIndexedInterceptor();
2338 
2339  // Used from JSReceiver.
2340  static PropertyAttributes GetPropertyAttributePostInterceptor(
2341  Handle<JSObject> object,
2342  Handle<JSObject> receiver,
2343  Handle<Name> name,
2344  bool continue_search);
2345  static PropertyAttributes GetPropertyAttributeWithInterceptor(
2346  Handle<JSObject> object,
2347  Handle<JSObject> receiver,
2348  Handle<Name> name,
2349  bool continue_search);
2350  static PropertyAttributes GetPropertyAttributeWithFailedAccessCheck(
2351  Handle<JSObject> object,
2352  LookupResult* result,
2353  Handle<Name> name,
2354  bool continue_search);
2355  static PropertyAttributes GetElementAttributeWithReceiver(
2356  Handle<JSObject> object,
2357  Handle<JSReceiver> receiver,
2358  uint32_t index,
2359  bool continue_search);
2360 
2361  // Retrieves an AccessorPair property from the given object. Might return
2362  // undefined if the property doesn't exist or is of a different kind.
2363  static Handle<Object> GetAccessor(Handle<JSObject> object,
2364  Handle<Name> name,
2365  AccessorComponent component);
2366 
2367  // Defines an AccessorPair property on the given object.
2368  // TODO(mstarzinger): Rename to SetAccessor() and return empty handle on
2369  // exception instead of letting callers check for scheduled exception.
2370  static void DefineAccessor(Handle<JSObject> object,
2371  Handle<Name> name,
2372  Handle<Object> getter,
2373  Handle<Object> setter,
2374  PropertyAttributes attributes,
2375  v8::AccessControl access_control = v8::DEFAULT);
2376 
2377  // Defines an AccessorInfo property on the given object.
2378  static Handle<Object> SetAccessor(Handle<JSObject> object,
2379  Handle<AccessorInfo> info);
2380 
2381  static Handle<Object> GetPropertyWithInterceptor(
2382  Handle<JSObject> object,
2383  Handle<Object> receiver,
2384  Handle<Name> name,
2385  PropertyAttributes* attributes);
2386  static Handle<Object> GetPropertyPostInterceptor(
2387  Handle<JSObject> object,
2388  Handle<Object> receiver,
2389  Handle<Name> name,
2390  PropertyAttributes* attributes);
2391  MUST_USE_RESULT MaybeObject* GetLocalPropertyPostInterceptor(
2392  Object* receiver,
2393  Name* name,
2394  PropertyAttributes* attributes);
2395 
2396  // Returns true if this is an instance of an api function and has
2397  // been modified since it was created. May give false positives.
2398  bool IsDirty();
2399 
2400  // Accessors for hidden properties object.
2401  //
2402  // Hidden properties are not local properties of the object itself.
2403  // Instead they are stored in an auxiliary structure kept as a local
2404  // property with a special name Heap::hidden_string(). But if the
2405  // receiver is a JSGlobalProxy then the auxiliary object is a property
2406  // of its prototype, and if it's a detached proxy, then you can't have
2407  // hidden properties.
2408 
2409  // Sets a hidden property on this object. Returns this object if successful,
2410  // undefined if called on a detached proxy.
2411  static Handle<Object> SetHiddenProperty(Handle<JSObject> object,
2412  Handle<Name> key,
2413  Handle<Object> value);
2414  // Gets the value of a hidden property with the given key. Returns the hole
2415  // if the property doesn't exist (or if called on a detached proxy),
2416  // otherwise returns the value set for the key.
2417  Object* GetHiddenProperty(Name* key);
2418  // Deletes a hidden property. Deleting a non-existing property is
2419  // considered successful.
2420  static void DeleteHiddenProperty(Handle<JSObject> object,
2421  Handle<Name> key);
2422  // Returns true if the object has a property with the hidden string as name.
2423  static bool HasHiddenProperties(Handle<JSObject> object);
2424 
2425  static void SetIdentityHash(Handle<JSObject> object, Handle<Smi> hash);
2426 
2427  inline void ValidateElements();
2428 
2429  // Makes sure that this object can contain HeapObject as elements.
2430  static inline void EnsureCanContainHeapObjectElements(Handle<JSObject> obj);
2431 
2432  // Makes sure that this object can contain the specified elements.
2433  static inline void EnsureCanContainElements(
2434  Handle<JSObject> object,
2435  Object** elements,
2436  uint32_t count,
2437  EnsureElementsMode mode);
2438  static inline void EnsureCanContainElements(
2439  Handle<JSObject> object,
2440  Handle<FixedArrayBase> elements,
2441  uint32_t length,
2442  EnsureElementsMode mode);
2443  static void EnsureCanContainElements(
2444  Handle<JSObject> object,
2445  Arguments* arguments,
2446  uint32_t first_arg,
2447  uint32_t arg_count,
2448  EnsureElementsMode mode);
2449 
2450  // Would we convert a fast elements array to dictionary mode given
2451  // an access at key?
2452  bool WouldConvertToSlowElements(Handle<Object> key);
2453  // Do we want to keep the elements in fast case when increasing the
2454  // capacity?
2455  bool ShouldConvertToSlowElements(int new_capacity);
2456  // Returns true if the backing storage for the slow-case elements of
2457  // this object takes up nearly as much space as a fast-case backing
2458  // storage would. In that case the JSObject should have fast
2459  // elements.
2460  bool ShouldConvertToFastElements();
2461  // Returns true if the elements of JSObject contains only values that can be
2462  // represented in a FixedDoubleArray and has at least one value that can only
2463  // be represented as a double and not a Smi.
2464  bool ShouldConvertToFastDoubleElements(bool* has_smi_only_elements);
2465 
2466  // Computes the new capacity when expanding the elements of a JSObject.
2467  static int NewElementsCapacity(int old_capacity) {
2468  // (old_capacity + 50%) + 16
2469  return old_capacity + (old_capacity >> 1) + 16;
2470  }
2471 
2472  // These methods do not perform access checks!
2473  AccessorPair* GetLocalPropertyAccessorPair(Name* name);
2474  AccessorPair* GetLocalElementAccessorPair(uint32_t index);
2475 
2476  static Handle<Object> SetFastElement(Handle<JSObject> object, uint32_t index,
2477  Handle<Object> value,
2478  StrictMode strict_mode,
2479  bool check_prototype);
2480 
2481  static Handle<Object> SetOwnElement(Handle<JSObject> object,
2482  uint32_t index,
2483  Handle<Object> value,
2484  StrictMode strict_mode);
2485 
2486  // Empty handle is returned if the element cannot be set to the given value.
2487  static Handle<Object> SetElement(
2488  Handle<JSObject> object,
2489  uint32_t index,
2490  Handle<Object> value,
2491  PropertyAttributes attributes,
2492  StrictMode strict_mode,
2493  bool check_prototype = true,
2494  SetPropertyMode set_mode = SET_PROPERTY);
2495 
2496  // Returns the index'th element.
2497  // The undefined object if index is out of bounds.
2498  static Handle<Object> GetElementWithInterceptor(Handle<JSObject> object,
2499  Handle<Object> receiver,
2500  uint32_t index);
2501 
2502  enum SetFastElementsCapacitySmiMode {
2503  kAllowSmiElements,
2504  kForceSmiElements,
2505  kDontAllowSmiElements
2506  };
2507 
2508  // Replace the elements' backing store with fast elements of the given
2509  // capacity. Update the length for JSArrays. Returns the new backing
2510  // store.
2511  static Handle<FixedArray> SetFastElementsCapacityAndLength(
2512  Handle<JSObject> object,
2513  int capacity,
2514  int length,
2515  SetFastElementsCapacitySmiMode smi_mode);
2516  static void SetFastDoubleElementsCapacityAndLength(
2517  Handle<JSObject> object,
2518  int capacity,
2519  int length);
2520  MUST_USE_RESULT MaybeObject* SetFastDoubleElementsCapacityAndLength(
2521  int capacity,
2522  int length);
2523 
2524  // Lookup interceptors are used for handling properties controlled by host
2525  // objects.
2526  inline bool HasNamedInterceptor();
2527  inline bool HasIndexedInterceptor();
2528 
2529  // Support functions for v8 api (needed for correct interceptor behavior).
2530  static bool HasRealNamedProperty(Handle<JSObject> object,
2531  Handle<Name> key);
2532  static bool HasRealElementProperty(Handle<JSObject> object, uint32_t index);
2533  static bool HasRealNamedCallbackProperty(Handle<JSObject> object,
2534  Handle<Name> key);
2535 
2536  // Get the header size for a JSObject. Used to compute the index of
2537  // internal fields as well as the number of internal fields.
2538  inline int GetHeaderSize();
2539 
2540  inline int GetInternalFieldCount();
2541  inline int GetInternalFieldOffset(int index);
2542  inline Object* GetInternalField(int index);
2543  inline void SetInternalField(int index, Object* value);
2544  inline void SetInternalField(int index, Smi* value);
2545 
2546  // The following lookup functions skip interceptors.
2547  void LocalLookupRealNamedProperty(Name* name, LookupResult* result);
2548  void LookupRealNamedProperty(Name* name, LookupResult* result);
2549  void LookupRealNamedPropertyInPrototypes(Name* name, LookupResult* result);
2550  void LookupCallbackProperty(Name* name, LookupResult* result);
2551 
2552  // Returns the number of properties on this object filtering out properties
2553  // with the specified attributes (ignoring interceptors).
2554  int NumberOfLocalProperties(PropertyAttributes filter = NONE);
2555  // Fill in details for properties into storage starting at the specified
2556  // index.
2557  void GetLocalPropertyNames(
2558  FixedArray* storage, int index, PropertyAttributes filter = NONE);
2559 
2560  // Returns the number of properties on this object filtering out properties
2561  // with the specified attributes (ignoring interceptors).
2562  int NumberOfLocalElements(PropertyAttributes filter);
2563  // Returns the number of enumerable elements (ignoring interceptors).
2564  int NumberOfEnumElements();
2565  // Returns the number of elements on this object filtering out elements
2566  // with the specified attributes (ignoring interceptors).
2567  int GetLocalElementKeys(FixedArray* storage, PropertyAttributes filter);
2568  // Count and fill in the enumerable elements into storage.
2569  // (storage->length() == NumberOfEnumElements()).
2570  // If storage is NULL, will count the elements without adding
2571  // them to any storage.
2572  // Returns the number of enumerable elements.
2573  int GetEnumElementKeys(FixedArray* storage);
2574 
2575  // Returns a new map with all transitions dropped from the object's current
2576  // map and the ElementsKind set.
2577  static Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
2578  ElementsKind to_kind);
2579  inline MUST_USE_RESULT MaybeObject* GetElementsTransitionMap(
2580  Isolate* isolate,
2581  ElementsKind elements_kind);
2582  MUST_USE_RESULT MaybeObject* GetElementsTransitionMapSlow(
2583  ElementsKind elements_kind);
2584 
2585  static void TransitionElementsKind(Handle<JSObject> object,
2586  ElementsKind to_kind);
2587 
2588  // TODO(mstarzinger): Both public because of ConvertAnsSetLocalProperty().
2589  static void MigrateToMap(Handle<JSObject> object, Handle<Map> new_map);
2590  static void GeneralizeFieldRepresentation(Handle<JSObject> object,
2591  int modify_index,
2592  Representation new_representation,
2593  StoreMode store_mode);
2594 
2595  // Convert the object to use the canonical dictionary
2596  // representation. If the object is expected to have additional properties
2597  // added this number can be indicated to have the backing store allocated to
2598  // an initial capacity for holding these properties.
2599  static void NormalizeProperties(Handle<JSObject> object,
2600  PropertyNormalizationMode mode,
2601  int expected_additional_properties);
2602 
2603  // Convert and update the elements backing store to be a
2604  // SeededNumberDictionary dictionary. Returns the backing after conversion.
2605  static Handle<SeededNumberDictionary> NormalizeElements(
2606  Handle<JSObject> object);
2607 
2608  // Transform slow named properties to fast variants.
2609  static void TransformToFastProperties(Handle<JSObject> object,
2610  int unused_property_fields);
2611 
2612  // Access fast-case object properties at index.
2613  MUST_USE_RESULT inline MaybeObject* FastPropertyAt(
2614  Representation representation,
2615  int index);
2616  inline Object* RawFastPropertyAt(int index);
2617  inline void FastPropertyAtPut(int index, Object* value);
2618 
2619  // Access to in object properties.
2620  inline int GetInObjectPropertyOffset(int index);
2621  inline Object* InObjectPropertyAt(int index);
2622  inline Object* InObjectPropertyAtPut(int index,
2623  Object* value,
2624  WriteBarrierMode mode
2625  = UPDATE_WRITE_BARRIER);
2626 
2627  // Set the object's prototype (only JSReceiver and null are allowed values).
2628  static Handle<Object> SetPrototype(Handle<JSObject> object,
2629  Handle<Object> value,
2630  bool skip_hidden_prototypes = false);
2631 
2632  // Initializes the body after properties slot, properties slot is
2633  // initialized by set_properties. Fill the pre-allocated fields with
2634  // pre_allocated_value and the rest with filler_value.
2635  // Note: this call does not update write barrier, the caller is responsible
2636  // to ensure that |filler_value| can be collected without WB here.
2637  inline void InitializeBody(Map* map,
2638  Object* pre_allocated_value,
2639  Object* filler_value);
2640 
2641  // Check whether this object references another object
2642  bool ReferencesObject(Object* obj);
2643 
2644  // Disalow further properties to be added to the object.
2645  static Handle<Object> PreventExtensions(Handle<JSObject> object);
2646 
2647  // ES5 Object.freeze
2648  static Handle<Object> Freeze(Handle<JSObject> object);
2649 
2650  // Called the first time an object is observed with ES7 Object.observe.
2651  static void SetObserved(Handle<JSObject> object);
2652 
2653  // Copy object.
2654  enum DeepCopyHints {
2655  kNoHints = 0,
2656  kObjectIsShallowArray = 1
2657  };
2658 
2659  static Handle<JSObject> Copy(Handle<JSObject> object);
2660  static Handle<JSObject> DeepCopy(Handle<JSObject> object,
2661  AllocationSiteUsageContext* site_context,
2662  DeepCopyHints hints = kNoHints);
2663  static Handle<JSObject> DeepWalk(Handle<JSObject> object,
2664  AllocationSiteCreationContext* site_context);
2665 
2666  // Casting.
2667  static inline JSObject* cast(Object* obj);
2668 
2669  // Dispatched behavior.
2670  void JSObjectShortPrint(StringStream* accumulator);
2671  DECLARE_PRINTER(JSObject)
2672  DECLARE_VERIFIER(JSObject)
2673 #ifdef OBJECT_PRINT
2674  void PrintProperties(FILE* out = stdout);
2675  void PrintElements(FILE* out = stdout);
2676  void PrintTransitions(FILE* out = stdout);
2677 #endif
2678 
2679  static void PrintElementsTransition(
2680  FILE* file, Handle<JSObject> object,
2681  ElementsKind from_kind, Handle<FixedArrayBase> from_elements,
2682  ElementsKind to_kind, Handle<FixedArrayBase> to_elements);
2683 
2684  void PrintInstanceMigration(FILE* file, Map* original_map, Map* new_map);
2685 
2686 #ifdef DEBUG
2687  // Structure for collecting spill information about JSObjects.
2688  class SpillInformation {
2689  public:
2690  void Clear();
2691  void Print();
2692  int number_of_objects_;
2693  int number_of_objects_with_fast_properties_;
2694  int number_of_objects_with_fast_elements_;
2695  int number_of_fast_used_fields_;
2696  int number_of_fast_unused_fields_;
2697  int number_of_slow_used_properties_;
2698  int number_of_slow_unused_properties_;
2699  int number_of_fast_used_elements_;
2700  int number_of_fast_unused_elements_;
2701  int number_of_slow_used_elements_;
2702  int number_of_slow_unused_elements_;
2703  };
2704 
2705  void IncrementSpillStatistics(SpillInformation* info);
2706 #endif
2707 
2708 #ifdef VERIFY_HEAP
2709  // If a GC was caused while constructing this object, the elements pointer
2710  // may point to a one pointer filler map. The object won't be rooted, but
2711  // our heap verification code could stumble across it.
2712  bool ElementsAreSafeToExamine();
2713 #endif
2714 
2715  Object* SlowReverseLookup(Object* value);
2716 
2717  // Maximal number of fast properties for the JSObject. Used to
2718  // restrict the number of map transitions to avoid an explosion in
2719  // the number of maps for objects used as dictionaries.
2720  inline bool TooManyFastProperties(
2721  StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED);
2722 
2723  // Maximal number of elements (numbered 0 .. kMaxElementCount - 1).
2724  // Also maximal value of JSArray's length property.
2725  static const uint32_t kMaxElementCount = 0xffffffffu;
2726 
2727  // Constants for heuristics controlling conversion of fast elements
2728  // to slow elements.
2729 
2730  // Maximal gap that can be introduced by adding an element beyond
2731  // the current elements length.
2732  static const uint32_t kMaxGap = 1024;
2733 
2734  // Maximal length of fast elements array that won't be checked for
2735  // being dense enough on expansion.
2736  static const int kMaxUncheckedFastElementsLength = 5000;
2737 
2738  // Same as above but for old arrays. This limit is more strict. We
2739  // don't want to be wasteful with long lived objects.
2740  static const int kMaxUncheckedOldFastElementsLength = 500;
2741 
2742  // Note that Page::kMaxRegularHeapObjectSize puts a limit on
2743  // permissible values (see the ASSERT in heap.cc).
2744  static const int kInitialMaxFastElementArray = 100000;
2745 
2746  static const int kFastPropertiesSoftLimit = 12;
2747  static const int kMaxFastProperties = 64;
2748  static const int kMaxInstanceSize = 255 * kPointerSize;
2749  // When extending the backing storage for property values, we increase
2750  // its size by more than the 1 entry necessary, so sequentially adding fields
2751  // to the same object requires fewer allocations and copies.
2752  static const int kFieldsAdded = 3;
2753 
2754  // Layout description.
2755  static const int kPropertiesOffset = HeapObject::kHeaderSize;
2756  static const int kElementsOffset = kPropertiesOffset + kPointerSize;
2757  static const int kHeaderSize = kElementsOffset + kPointerSize;
2758 
2759  STATIC_CHECK(kHeaderSize == Internals::kJSObjectHeaderSize);
2760 
2761  class BodyDescriptor : public FlexibleBodyDescriptor<kPropertiesOffset> {
2762  public:
2763  static inline int SizeOf(Map* map, HeapObject* object);
2764  };
2765 
2766  // Enqueue change record for Object.observe. May cause GC.
2767  static void EnqueueChangeRecord(Handle<JSObject> object,
2768  const char* type,
2769  Handle<Name> name,
2770  Handle<Object> old_value);
2771 
2772  private:
2773  friend class DictionaryElementsAccessor;
2774  friend class JSReceiver;
2775  friend class Object;
2776 
2777  static void UpdateAllocationSite(Handle<JSObject> object,
2778  ElementsKind to_kind);
2779 
2780  // Used from Object::GetProperty().
2781  static Handle<Object> GetPropertyWithFailedAccessCheck(
2782  Handle<JSObject> object,
2783  Handle<Object> receiver,
2784  LookupResult* result,
2785  Handle<Name> name,
2786  PropertyAttributes* attributes);
2787 
2788  MUST_USE_RESULT MaybeObject* GetElementWithCallback(Object* receiver,
2789  Object* structure,
2790  uint32_t index,
2791  Object* holder);
2792  static PropertyAttributes GetElementAttributeWithInterceptor(
2793  Handle<JSObject> object,
2794  Handle<JSReceiver> receiver,
2795  uint32_t index,
2796  bool continue_search);
2797  static PropertyAttributes GetElementAttributeWithoutInterceptor(
2798  Handle<JSObject> object,
2799  Handle<JSReceiver> receiver,
2800  uint32_t index,
2801  bool continue_search);
2802  static Handle<Object> SetElementWithCallback(
2803  Handle<JSObject> object,
2804  Handle<Object> structure,
2805  uint32_t index,
2806  Handle<Object> value,
2807  Handle<JSObject> holder,
2808  StrictMode strict_mode);
2809  static Handle<Object> SetElementWithInterceptor(
2810  Handle<JSObject> object,
2811  uint32_t index,
2812  Handle<Object> value,
2813  PropertyAttributes attributes,
2814  StrictMode strict_mode,
2815  bool check_prototype,
2816  SetPropertyMode set_mode);
2817  static Handle<Object> SetElementWithoutInterceptor(
2818  Handle<JSObject> object,
2819  uint32_t index,
2820  Handle<Object> value,
2821  PropertyAttributes attributes,
2822  StrictMode strict_mode,
2823  bool check_prototype,
2824  SetPropertyMode set_mode);
2825  static Handle<Object> SetElementWithCallbackSetterInPrototypes(
2826  Handle<JSObject> object,
2827  uint32_t index,
2828  Handle<Object> value,
2829  bool* found,
2830  StrictMode strict_mode);
2831  static Handle<Object> SetDictionaryElement(
2832  Handle<JSObject> object,
2833  uint32_t index,
2834  Handle<Object> value,
2835  PropertyAttributes attributes,
2836  StrictMode strict_mode,
2837  bool check_prototype,
2838  SetPropertyMode set_mode = SET_PROPERTY);
2839  static Handle<Object> SetFastDoubleElement(
2840  Handle<JSObject> object,
2841  uint32_t index,
2842  Handle<Object> value,
2843  StrictMode strict_mode,
2844  bool check_prototype = true);
2845 
2846  // Searches the prototype chain for property 'name'. If it is found and
2847  // has a setter, invoke it and set '*done' to true. If it is found and is
2848  // read-only, reject and set '*done' to true. Otherwise, set '*done' to
2849  // false. Can throw and return an empty handle with '*done==true'.
2850  static Handle<Object> SetPropertyViaPrototypes(
2851  Handle<JSObject> object,
2852  Handle<Name> name,
2853  Handle<Object> value,
2854  PropertyAttributes attributes,
2855  StrictMode strict_mode,
2856  bool* done);
2857  static Handle<Object> SetPropertyPostInterceptor(
2858  Handle<JSObject> object,
2859  Handle<Name> name,
2860  Handle<Object> value,
2861  PropertyAttributes attributes,
2862  StrictMode strict_mode);
2863  static Handle<Object> SetPropertyUsingTransition(
2864  Handle<JSObject> object,
2865  LookupResult* lookup,
2866  Handle<Name> name,
2867  Handle<Object> value,
2868  PropertyAttributes attributes);
2869  static Handle<Object> SetPropertyWithFailedAccessCheck(
2870  Handle<JSObject> object,
2871  LookupResult* result,
2872  Handle<Name> name,
2873  Handle<Object> value,
2874  bool check_prototype,
2875  StrictMode strict_mode);
2876 
2877  // Add a property to an object.
2878  static Handle<Object> AddProperty(
2879  Handle<JSObject> object,
2880  Handle<Name> name,
2881  Handle<Object> value,
2882  PropertyAttributes attributes,
2883  StrictMode strict_mode,
2884  StoreFromKeyed store_mode = MAY_BE_STORE_FROM_KEYED,
2885  ExtensibilityCheck extensibility_check = PERFORM_EXTENSIBILITY_CHECK,
2886  ValueType value_type = OPTIMAL_REPRESENTATION,
2887  StoreMode mode = ALLOW_AS_CONSTANT,
2888  TransitionFlag flag = INSERT_TRANSITION);
2889 
2890  // Add a constant function property to a fast-case object.
2891  // This leaves a CONSTANT_TRANSITION in the old map, and
2892  // if it is called on a second object with this map, a
2893  // normal property is added instead, with a map transition.
2894  // This avoids the creation of many maps with the same constant
2895  // function, all orphaned.
2896  static void AddConstantProperty(Handle<JSObject> object,
2897  Handle<Name> name,
2898  Handle<Object> constant,
2899  PropertyAttributes attributes,
2900  TransitionFlag flag);
2901 
2902  // Add a property to a fast-case object.
2903  static void AddFastProperty(Handle<JSObject> object,
2904  Handle<Name> name,
2905  Handle<Object> value,
2906  PropertyAttributes attributes,
2907  StoreFromKeyed store_mode,
2908  ValueType value_type,
2909  TransitionFlag flag);
2910 
2911  // Add a property to a slow-case object.
2912  static void AddSlowProperty(Handle<JSObject> object,
2913  Handle<Name> name,
2914  Handle<Object> value,
2915  PropertyAttributes attributes);
2916 
2917  static Handle<Object> DeleteProperty(Handle<JSObject> object,
2918  Handle<Name> name,
2919  DeleteMode mode);
2920  static Handle<Object> DeletePropertyPostInterceptor(Handle<JSObject> object,
2921  Handle<Name> name,
2922  DeleteMode mode);
2923  static Handle<Object> DeletePropertyWithInterceptor(Handle<JSObject> object,
2924  Handle<Name> name);
2925 
2926  // Deletes the named property in a normalized object.
2927  static Handle<Object> DeleteNormalizedProperty(Handle<JSObject> object,
2928  Handle<Name> name,
2929  DeleteMode mode);
2930 
2931  static Handle<Object> DeleteElement(Handle<JSObject> object,
2932  uint32_t index,
2933  DeleteMode mode);
2934  static Handle<Object> DeleteElementWithInterceptor(Handle<JSObject> object,
2935  uint32_t index);
2936 
2937  bool ReferencesObjectFromElements(FixedArray* elements,
2938  ElementsKind kind,
2939  Object* object);
2940 
2941  // Returns true if most of the elements backing storage is used.
2942  bool HasDenseElements();
2943 
2944  // Gets the current elements capacity and the number of used elements.
2945  void GetElementsCapacityAndUsage(int* capacity, int* used);
2946 
2947  static bool CanSetCallback(Handle<JSObject> object, Handle<Name> name);
2948  static void SetElementCallback(Handle<JSObject> object,
2949  uint32_t index,
2950  Handle<Object> structure,
2951  PropertyAttributes attributes);
2952  static void SetPropertyCallback(Handle<JSObject> object,
2953  Handle<Name> name,
2954  Handle<Object> structure,
2955  PropertyAttributes attributes);
2956  static void DefineElementAccessor(Handle<JSObject> object,
2957  uint32_t index,
2958  Handle<Object> getter,
2959  Handle<Object> setter,
2960  PropertyAttributes attributes,
2961  v8::AccessControl access_control);
2962  static Handle<AccessorPair> CreateAccessorPairFor(Handle<JSObject> object,
2963  Handle<Name> name);
2964  static void DefinePropertyAccessor(Handle<JSObject> object,
2965  Handle<Name> name,
2966  Handle<Object> getter,
2967  Handle<Object> setter,
2968  PropertyAttributes attributes,
2969  v8::AccessControl access_control);
2970 
2971  // Try to define a single accessor paying attention to map transitions.
2972  // Returns false if this was not possible and we have to use the slow case.
2973  static bool DefineFastAccessor(Handle<JSObject> object,
2974  Handle<Name> name,
2975  AccessorComponent component,
2976  Handle<Object> accessor,
2977  PropertyAttributes attributes);
2978 
2979 
2980  // Return the hash table backing store or the inline stored identity hash,
2981  // whatever is found.
2982  MUST_USE_RESULT Object* GetHiddenPropertiesHashTable();
2983 
2984  // Return the hash table backing store for hidden properties. If there is no
2985  // backing store, allocate one.
2986  static Handle<ObjectHashTable> GetOrCreateHiddenPropertiesHashtable(
2987  Handle<JSObject> object);
2988 
2989  // Set the hidden property backing store to either a hash table or
2990  // the inline-stored identity hash.
2991  static Handle<Object> SetHiddenPropertiesHashTable(
2992  Handle<JSObject> object,
2993  Handle<Object> value);
2994 
2995  MUST_USE_RESULT Object* GetIdentityHash();
2996 
2997  static Handle<Object> GetOrCreateIdentityHash(Handle<JSObject> object);
2998 
2999  DISALLOW_IMPLICIT_CONSTRUCTORS(JSObject);
3000 };
3001 
3002 
3003 // Common superclass for FixedArrays that allow implementations to share
3004 // common accessors and some code paths.
3005 class FixedArrayBase: public HeapObject {
3006  public:
3007  // [length]: length of the array.
3008  inline int length();
3009  inline void set_length(int value);
3010 
3011  inline static FixedArrayBase* cast(Object* object);
3012 
3013  // Layout description.
3014  // Length is smi tagged when it is stored.
3015  static const int kLengthOffset = HeapObject::kHeaderSize;
3016  static const int kHeaderSize = kLengthOffset + kPointerSize;
3017 };
3018 
3019 
3020 class FixedDoubleArray;
3021 class IncrementalMarking;
3022 
3023 
3024 // FixedArray describes fixed-sized arrays with element type Object*.
3025 class FixedArray: public FixedArrayBase {
3026  public:
3027  // Setter and getter for elements.
3028  inline Object* get(int index);
3029  // Setter that uses write barrier.
3030  inline void set(int index, Object* value);
3031  inline bool is_the_hole(int index);
3032 
3033  // Setter that doesn't need write barrier.
3034  inline void set(int index, Smi* value);
3035  // Setter with explicit barrier mode.
3036  inline void set(int index, Object* value, WriteBarrierMode mode);
3037 
3038  // Setters for frequently used oddballs located in old space.
3039  inline void set_undefined(int index);
3040  inline void set_null(int index);
3041  inline void set_the_hole(int index);
3042 
3043  inline Object** GetFirstElementAddress();
3044  inline bool ContainsOnlySmisOrHoles();
3045 
3046  // Gives access to raw memory which stores the array's data.
3047  inline Object** data_start();
3048 
3049  // Shrink length and insert filler objects.
3050  void Shrink(int length);
3051 
3052  // Copy operations.
3053  MUST_USE_RESULT inline MaybeObject* Copy();
3054  MUST_USE_RESULT MaybeObject* CopySize(int new_length,
3055  PretenureFlag pretenure = NOT_TENURED);
3056 
3057  // Add the elements of a JSArray to this FixedArray.
3058  MUST_USE_RESULT MaybeObject* AddKeysFromJSArray(JSArray* array);
3059 
3060  // Compute the union of this and other.
3061  MUST_USE_RESULT MaybeObject* UnionOfKeys(FixedArray* other);
3062 
3063  // Copy a sub array from the receiver to dest.
3064  void CopyTo(int pos, FixedArray* dest, int dest_pos, int len);
3065 
3066  // Garbage collection support.
3067  static int SizeFor(int length) { return kHeaderSize + length * kPointerSize; }
3068 
3069  // Code Generation support.
3070  static int OffsetOfElementAt(int index) { return SizeFor(index); }
3071 
3072  // Garbage collection support.
3073  Object** RawFieldOfElementAt(int index) {
3074  return HeapObject::RawField(this, OffsetOfElementAt(index));
3075  }
3076 
3077  // Casting.
3078  static inline FixedArray* cast(Object* obj);
3079 
3080  // Maximal allowed size, in bytes, of a single FixedArray.
3081  // Prevents overflowing size computations, as well as extreme memory
3082  // consumption.
3083  static const int kMaxSize = 128 * MB * kPointerSize;
3084  // Maximally allowed length of a FixedArray.
3085  static const int kMaxLength = (kMaxSize - kHeaderSize) / kPointerSize;
3086 
3087  // Dispatched behavior.
3088  DECLARE_PRINTER(FixedArray)
3089  DECLARE_VERIFIER(FixedArray)
3090 #ifdef DEBUG
3091  // Checks if two FixedArrays have identical contents.
3092  bool IsEqualTo(FixedArray* other);
3093 #endif
3094 
3095  // Swap two elements in a pair of arrays. If this array and the
3096  // numbers array are the same object, the elements are only swapped
3097  // once.
3098  void SwapPairs(FixedArray* numbers, int i, int j);
3099 
3100  // Sort prefix of this array and the numbers array as pairs wrt. the
3101  // numbers. If the numbers array and the this array are the same
3102  // object, the prefix of this array is sorted.
3103  void SortPairs(FixedArray* numbers, uint32_t len);
3104 
3105  class BodyDescriptor : public FlexibleBodyDescriptor<kHeaderSize> {
3106  public:
3107  static inline int SizeOf(Map* map, HeapObject* object) {
3108  return SizeFor(reinterpret_cast<FixedArray*>(object)->length());
3109  }
3110  };
3111 
3112  protected:
3113  // Set operation on FixedArray without using write barriers. Can
3114  // only be used for storing old space objects or smis.
3115  static inline void NoWriteBarrierSet(FixedArray* array,
3116  int index,
3117  Object* value);
3118 
3119  // Set operation on FixedArray without incremental write barrier. Can
3120  // only be used if the object is guaranteed to be white (whiteness witness
3121  // is present).
3122  static inline void NoIncrementalWriteBarrierSet(FixedArray* array,
3123  int index,
3124  Object* value);
3125 
3126  private:
3127  STATIC_CHECK(kHeaderSize == Internals::kFixedArrayHeaderSize);
3128 
3129  DISALLOW_IMPLICIT_CONSTRUCTORS(FixedArray);
3130 };
3131 
3132 
3133 // FixedDoubleArray describes fixed-sized arrays with element type double.
3134 class FixedDoubleArray: public FixedArrayBase {
3135  public:
3136  // Setter and getter for elements.
3137  inline double get_scalar(int index);
3138  inline int64_t get_representation(int index);
3139  MUST_USE_RESULT inline MaybeObject* get(int index);
3140  // TODO(ishell): Rename as get() once all usages handlified.
3141  inline Handle<Object> get_as_handle(int index);
3142  inline void set(int index, double value);
3143  inline void set_the_hole(int index);
3144 
3145  // Checking for the hole.
3146  inline bool is_the_hole(int index);
3147 
3148  // Copy operations
3149  MUST_USE_RESULT inline MaybeObject* Copy();
3150 
3151  // Garbage collection support.
3152  inline static int SizeFor(int length) {
3153  return kHeaderSize + length * kDoubleSize;
3154  }
3155 
3156  // Gives access to raw memory which stores the array's data.
3157  inline double* data_start();
3158 
3159  // Code Generation support.
3160  static int OffsetOfElementAt(int index) { return SizeFor(index); }
3161 
3162  inline static bool is_the_hole_nan(double value);
3163  inline static double hole_nan_as_double();
3164  inline static double canonical_not_the_hole_nan_as_double();
3165 
3166  // Casting.
3167  static inline FixedDoubleArray* cast(Object* obj);
3168 
3169  // Maximal allowed size, in bytes, of a single FixedDoubleArray.
3170  // Prevents overflowing size computations, as well as extreme memory
3171  // consumption.
3172  static const int kMaxSize = 512 * MB;
3173  // Maximally allowed length of a FixedArray.
3174  static const int kMaxLength = (kMaxSize - kHeaderSize) / kDoubleSize;
3175 
3176  // Dispatched behavior.
3177  DECLARE_PRINTER(FixedDoubleArray)
3178  DECLARE_VERIFIER(FixedDoubleArray)
3179 
3180  private:
3181  DISALLOW_IMPLICIT_CONSTRUCTORS(FixedDoubleArray);
3182 };
3183 
3184 
3185 // ConstantPoolArray describes a fixed-sized array containing constant pool
3186 // entires.
3187 // The format of the pool is:
3188 // [0]: Field holding the first index which is a raw code target pointer entry
3189 // [1]: Field holding the first index which is a heap pointer entry
3190 // [2]: Field holding the first index which is a int32 entry
3191 // [3] ... [first_code_ptr_index() - 1] : 64 bit entries
3192 // [first_code_ptr_index()] ... [first_heap_ptr_index() - 1] : code pointers
3193 // [first_heap_ptr_index()] ... [first_int32_index() - 1] : heap pointers
3194 // [first_int32_index()] ... [length - 1] : 32 bit entries
3195 class ConstantPoolArray: public FixedArrayBase {
3196  public:
3197  // Getters for the field storing the first index for different type entries.
3198  inline int first_code_ptr_index();
3199  inline int first_heap_ptr_index();
3200  inline int first_int64_index();
3201  inline int first_int32_index();
3202 
3203  // Getters for counts of different type entries.
3204  inline int count_of_code_ptr_entries();
3205  inline int count_of_heap_ptr_entries();
3206  inline int count_of_int64_entries();
3207  inline int count_of_int32_entries();
3208 
3209  // Setter and getter for pool elements.
3210  inline Address get_code_ptr_entry(int index);
3211  inline Object* get_heap_ptr_entry(int index);
3212  inline int64_t get_int64_entry(int index);
3213  inline int32_t get_int32_entry(int index);
3214  inline double get_int64_entry_as_double(int index);
3215 
3216  inline void set(int index, Address value);
3217  inline void set(int index, Object* value);
3218  inline void set(int index, int64_t value);
3219  inline void set(int index, double value);
3220  inline void set(int index, int32_t value);
3221 
3222  // Set up initial state.
3223  inline void SetEntryCounts(int number_of_int64_entries,
3224  int number_of_code_ptr_entries,
3225  int number_of_heap_ptr_entries,
3226  int number_of_int32_entries);
3227 
3228  // Copy operations
3229  MUST_USE_RESULT inline MaybeObject* Copy();
3230 
3231  // Garbage collection support.
3232  inline static int SizeFor(int number_of_int64_entries,
3233  int number_of_code_ptr_entries,
3234  int number_of_heap_ptr_entries,
3235  int number_of_int32_entries) {
3236  return RoundUp(OffsetAt(number_of_int64_entries,
3237  number_of_code_ptr_entries,
3238  number_of_heap_ptr_entries,
3239  number_of_int32_entries),
3240  kPointerSize);
3241  }
3242 
3243  // Code Generation support.
3244  inline int OffsetOfElementAt(int index) {
3245  ASSERT(index < length());
3246  if (index >= first_int32_index()) {
3247  return OffsetAt(count_of_int64_entries(), count_of_code_ptr_entries(),
3248  count_of_heap_ptr_entries(), index - first_int32_index());
3249  } else if (index >= first_heap_ptr_index()) {
3250  return OffsetAt(count_of_int64_entries(), count_of_code_ptr_entries(),
3251  index - first_heap_ptr_index(), 0);
3252  } else if (index >= first_code_ptr_index()) {
3253  return OffsetAt(count_of_int64_entries(), index - first_code_ptr_index(),
3254  0, 0);
3255  } else {
3256  return OffsetAt(index, 0, 0, 0);
3257  }
3258  }
3259 
3260  // Casting.
3261  static inline ConstantPoolArray* cast(Object* obj);
3262 
3263  // Garbage collection support.
3264  Object** RawFieldOfElementAt(int index) {
3265  return HeapObject::RawField(this, OffsetOfElementAt(index));
3266  }
3267 
3268  // Layout description.
3269  static const int kFirstCodePointerIndexOffset = FixedArray::kHeaderSize;
3270  static const int kFirstHeapPointerIndexOffset =
3271  kFirstCodePointerIndexOffset + kPointerSize;
3272  static const int kFirstInt32IndexOffset =
3273  kFirstHeapPointerIndexOffset + kPointerSize;
3274  static const int kFirstOffset = kFirstInt32IndexOffset + kPointerSize;
3275 
3276  // Dispatched behavior.
3277  void ConstantPoolIterateBody(ObjectVisitor* v);
3278 
3279  DECLARE_PRINTER(ConstantPoolArray)
3280  DECLARE_VERIFIER(ConstantPoolArray)
3281 
3282  private:
3283  inline void set_first_code_ptr_index(int value);
3284  inline void set_first_heap_ptr_index(int value);
3285  inline void set_first_int32_index(int value);
3286 
3287  inline static int OffsetAt(int number_of_int64_entries,
3288  int number_of_code_ptr_entries,
3289  int number_of_heap_ptr_entries,
3290  int number_of_int32_entries) {
3291  return kFirstOffset
3292  + (number_of_int64_entries * kInt64Size)
3293  + (number_of_code_ptr_entries * kPointerSize)
3294  + (number_of_heap_ptr_entries * kPointerSize)
3295  + (number_of_int32_entries * kInt32Size);
3296  }
3297 
3298  DISALLOW_IMPLICIT_CONSTRUCTORS(ConstantPoolArray);
3299 };
3300 
3301 
3302 // DescriptorArrays are fixed arrays used to hold instance descriptors.
3303 // The format of the these objects is:
3304 // [0]: Number of descriptors
3305 // [1]: Either Smi(0) if uninitialized, or a pointer to small fixed array:
3306 // [0]: pointer to fixed array with enum cache
3307 // [1]: either Smi(0) or pointer to fixed array with indices
3308 // [2]: first key
3309 // [2 + number of descriptors * kDescriptorSize]: start of slack
3310 class DescriptorArray: public FixedArray {
3311  public:
3312  // WhitenessWitness is used to prove that a descriptor array is white
3313  // (unmarked), so incremental write barriers can be skipped because the
3314  // marking invariant cannot be broken and slots pointing into evacuation
3315  // candidates will be discovered when the object is scanned. A witness is
3316  // always stack-allocated right after creating an array. By allocating a
3317  // witness, incremental marking is globally disabled. The witness is then
3318  // passed along wherever needed to statically prove that the array is known to
3319  // be white.
3320  class WhitenessWitness {
3321  public:
3322  inline explicit WhitenessWitness(FixedArray* array);
3323  inline ~WhitenessWitness();
3324 
3325  private:
3326  IncrementalMarking* marking_;
3327  };
3328 
3329  // Returns true for both shared empty_descriptor_array and for smis, which the
3330  // map uses to encode additional bit fields when the descriptor array is not
3331  // yet used.
3332  inline bool IsEmpty();
3333 
3334  // Returns the number of descriptors in the array.
3335  int number_of_descriptors() {
3336  ASSERT(length() >= kFirstIndex || IsEmpty());
3337  int len = length();
3338  return len == 0 ? 0 : Smi::cast(get(kDescriptorLengthIndex))->value();
3339  }
3340 
3341  int number_of_descriptors_storage() {
3342  int len = length();
3343  return len == 0 ? 0 : (len - kFirstIndex) / kDescriptorSize;
3344  }
3345 
3346  int NumberOfSlackDescriptors() {
3347  return number_of_descriptors_storage() - number_of_descriptors();
3348  }
3349 
3350  inline void SetNumberOfDescriptors(int number_of_descriptors);
3351  inline int number_of_entries() { return number_of_descriptors(); }
3352 
3353  bool HasEnumCache() {
3354  return !IsEmpty() && !get(kEnumCacheIndex)->IsSmi();
3355  }
3356 
3357  void CopyEnumCacheFrom(DescriptorArray* array) {
3358  set(kEnumCacheIndex, array->get(kEnumCacheIndex));
3359  }
3360 
3361  FixedArray* GetEnumCache() {
3362  ASSERT(HasEnumCache());
3363  FixedArray* bridge = FixedArray::cast(get(kEnumCacheIndex));
3364  return FixedArray::cast(bridge->get(kEnumCacheBridgeCacheIndex));
3365  }
3366 
3367  bool HasEnumIndicesCache() {
3368  if (IsEmpty()) return false;
3369  Object* object = get(kEnumCacheIndex);
3370  if (object->IsSmi()) return false;
3371  FixedArray* bridge = FixedArray::cast(object);
3372  return !bridge->get(kEnumCacheBridgeIndicesCacheIndex)->IsSmi();
3373  }
3374 
3375  FixedArray* GetEnumIndicesCache() {
3376  ASSERT(HasEnumIndicesCache());
3377  FixedArray* bridge = FixedArray::cast(get(kEnumCacheIndex));
3378  return FixedArray::cast(bridge->get(kEnumCacheBridgeIndicesCacheIndex));
3379  }
3380 
3381  Object** GetEnumCacheSlot() {
3382  ASSERT(HasEnumCache());
3383  return HeapObject::RawField(reinterpret_cast<HeapObject*>(this),
3384  kEnumCacheOffset);
3385  }
3386 
3387  void ClearEnumCache();
3388 
3389  // Initialize or change the enum cache,
3390  // using the supplied storage for the small "bridge".
3391  void SetEnumCache(FixedArray* bridge_storage,
3392  FixedArray* new_cache,
3393  Object* new_index_cache);
3394 
3395  // Accessors for fetching instance descriptor at descriptor number.
3396  inline Name* GetKey(int descriptor_number);
3397  inline Object** GetKeySlot(int descriptor_number);
3398  inline Object* GetValue(int descriptor_number);
3399  inline Object** GetValueSlot(int descriptor_number);
3400  inline Object** GetDescriptorStartSlot(int descriptor_number);
3401  inline Object** GetDescriptorEndSlot(int descriptor_number);
3402  inline PropertyDetails GetDetails(int descriptor_number);
3403  inline PropertyType GetType(int descriptor_number);
3404  inline int GetFieldIndex(int descriptor_number);
3405  inline Object* GetConstant(int descriptor_number);
3406  inline Object* GetCallbacksObject(int descriptor_number);
3407  inline AccessorDescriptor* GetCallbacks(int descriptor_number);
3408 
3409  inline Name* GetSortedKey(int descriptor_number);
3410  inline int GetSortedKeyIndex(int descriptor_number);
3411  inline void SetSortedKey(int pointer, int descriptor_number);
3412  inline void InitializeRepresentations(Representation representation);
3413  inline void SetRepresentation(int descriptor_number,
3414  Representation representation);
3415 
3416  // Accessor for complete descriptor.
3417  inline void Get(int descriptor_number, Descriptor* desc);
3418  inline void Set(int descriptor_number,
3419  Descriptor* desc,
3420  const WhitenessWitness&);
3421  inline void Set(int descriptor_number, Descriptor* desc);
3422 
3423  // Append automatically sets the enumeration index. This should only be used
3424  // to add descriptors in bulk at the end, followed by sorting the descriptor
3425  // array.
3426  inline void Append(Descriptor* desc, const WhitenessWitness&);
3427  inline void Append(Descriptor* desc);
3428 
3429  // Transfer a complete descriptor from the src descriptor array to this
3430  // descriptor array.
3431  void CopyFrom(int dst_index,
3432  DescriptorArray* src,
3433  int src_index,
3434  const WhitenessWitness&);
3435  static Handle<DescriptorArray> Merge(Handle<DescriptorArray> desc,
3436  int verbatim,
3437  int valid,
3438  int new_size,
3439  int modify_index,
3440  StoreMode store_mode,
3441  Handle<DescriptorArray> other);
3442  MUST_USE_RESULT MaybeObject* Merge(int verbatim,
3443  int valid,
3444  int new_size,
3445  int modify_index,
3446  StoreMode store_mode,
3447  DescriptorArray* other);
3448 
3449  bool IsMoreGeneralThan(int verbatim,
3450  int valid,
3451  int new_size,
3452  DescriptorArray* other);
3453 
3454  MUST_USE_RESULT MaybeObject* CopyUpTo(int enumeration_index) {
3455  return CopyUpToAddAttributes(enumeration_index, NONE);
3456  }
3457 
3458  static Handle<DescriptorArray> CopyUpToAddAttributes(
3459  Handle<DescriptorArray> desc,
3460  int enumeration_index,
3461  PropertyAttributes attributes);
3462  MUST_USE_RESULT MaybeObject* CopyUpToAddAttributes(
3463  int enumeration_index,
3464  PropertyAttributes attributes);
3465 
3466  // Sort the instance descriptors by the hash codes of their keys.
3467  void Sort();
3468 
3469  // Search the instance descriptors for given name.
3470  INLINE(int Search(Name* name, int number_of_own_descriptors));
3471 
3472  // As the above, but uses DescriptorLookupCache and updates it when
3473  // necessary.
3474  INLINE(int SearchWithCache(Name* name, Map* map));
3475 
3476  // Allocates a DescriptorArray, but returns the singleton
3477  // empty descriptor array object if number_of_descriptors is 0.
3478  MUST_USE_RESULT static MaybeObject* Allocate(Isolate* isolate,
3479  int number_of_descriptors,
3480  int slack = 0);
3481 
3482  // Casting.
3483  static inline DescriptorArray* cast(Object* obj);
3484 
3485  // Constant for denoting key was not found.
3486  static const int kNotFound = -1;
3487 
3488  static const int kDescriptorLengthIndex = 0;
3489  static const int kEnumCacheIndex = 1;
3490  static const int kFirstIndex = 2;
3491 
3492  // The length of the "bridge" to the enum cache.
3493  static const int kEnumCacheBridgeLength = 2;
3494  static const int kEnumCacheBridgeCacheIndex = 0;
3495  static const int kEnumCacheBridgeIndicesCacheIndex = 1;
3496 
3497  // Layout description.
3498  static const int kDescriptorLengthOffset = FixedArray::kHeaderSize;
3499  static const int kEnumCacheOffset = kDescriptorLengthOffset + kPointerSize;
3500  static const int kFirstOffset = kEnumCacheOffset + kPointerSize;
3501 
3502  // Layout description for the bridge array.
3503  static const int kEnumCacheBridgeCacheOffset = FixedArray::kHeaderSize;
3504 
3505  // Layout of descriptor.
3506  static const int kDescriptorKey = 0;
3507  static const int kDescriptorDetails = 1;
3508  static const int kDescriptorValue = 2;
3509  static const int kDescriptorSize = 3;
3510 
3511 #ifdef OBJECT_PRINT
3512  // Print all the descriptors.
3513  void PrintDescriptors(FILE* out = stdout);
3514 #endif
3515 
3516 #ifdef DEBUG
3517  // Is the descriptor array sorted and without duplicates?
3518  bool IsSortedNoDuplicates(int valid_descriptors = -1);
3519 
3520  // Is the descriptor array consistent with the back pointers in targets?
3521  bool IsConsistentWithBackPointers(Map* current_map);
3522 
3523  // Are two DescriptorArrays equal?
3524  bool IsEqualTo(DescriptorArray* other);
3525 #endif
3526 
3527  // Returns the fixed array length required to hold number_of_descriptors
3528  // descriptors.
3529  static int LengthFor(int number_of_descriptors) {
3530  return ToKeyIndex(number_of_descriptors);
3531  }
3532 
3533  private:
3534  // An entry in a DescriptorArray, represented as an (array, index) pair.
3535  class Entry {
3536  public:
3537  inline explicit Entry(DescriptorArray* descs, int index) :
3538  descs_(descs), index_(index) { }
3539 
3540  inline PropertyType type() { return descs_->GetType(index_); }
3541  inline Object* GetCallbackObject() { return descs_->GetValue(index_); }
3542 
3543  private:
3544  DescriptorArray* descs_;
3545  int index_;
3546  };
3547 
3548  // Conversion from descriptor number to array indices.
3549  static int ToKeyIndex(int descriptor_number) {
3550  return kFirstIndex +
3551  (descriptor_number * kDescriptorSize) +
3552  kDescriptorKey;
3553  }
3554 
3555  static int ToDetailsIndex(int descriptor_number) {
3556  return kFirstIndex +
3557  (descriptor_number * kDescriptorSize) +
3558  kDescriptorDetails;
3559  }
3560 
3561  static int ToValueIndex(int descriptor_number) {
3562  return kFirstIndex +
3563  (descriptor_number * kDescriptorSize) +
3564  kDescriptorValue;
3565  }
3566 
3567  // Swap first and second descriptor.
3568  inline void SwapSortedKeys(int first, int second);
3569 
3570  DISALLOW_IMPLICIT_CONSTRUCTORS(DescriptorArray);
3571 };
3572 
3573 
3574 enum SearchMode { ALL_ENTRIES, VALID_ENTRIES };
3575 
3576 template<SearchMode search_mode, typename T>
3577 inline int LinearSearch(T* array, Name* name, int len, int valid_entries);
3578 
3579 
3580 template<SearchMode search_mode, typename T>
3581 inline int Search(T* array, Name* name, int valid_entries = 0);
3582 
3583 
3584 // HashTable is a subclass of FixedArray that implements a hash table
3585 // that uses open addressing and quadratic probing.
3586 //
3587 // In order for the quadratic probing to work, elements that have not
3588 // yet been used and elements that have been deleted are
3589 // distinguished. Probing continues when deleted elements are
3590 // encountered and stops when unused elements are encountered.
3591 //
3592 // - Elements with key == undefined have not been used yet.
3593 // - Elements with key == the_hole have been deleted.
3594 //
3595 // The hash table class is parameterized with a Shape and a Key.
3596 // Shape must be a class with the following interface:
3597 // class ExampleShape {
3598 // public:
3599 // // Tells whether key matches other.
3600 // static bool IsMatch(Key key, Object* other);
3601 // // Returns the hash value for key.
3602 // static uint32_t Hash(Key key);
3603 // // Returns the hash value for object.
3604 // static uint32_t HashForObject(Key key, Object* object);
3605 // // Convert key to an object.
3606 // static inline Object* AsObject(Heap* heap, Key key);
3607 // // The prefix size indicates number of elements in the beginning
3608 // // of the backing storage.
3609 // static const int kPrefixSize = ..;
3610 // // The Element size indicates number of elements per entry.
3611 // static const int kEntrySize = ..;
3612 // };
3613 // The prefix size indicates an amount of memory in the
3614 // beginning of the backing storage that can be used for non-element
3615 // information by subclasses.
3616 
3617 template<typename Key>
3618 class BaseShape {
3619  public:
3620  static const bool UsesSeed = false;
3621  static uint32_t Hash(Key key) { return 0; }
3622  static uint32_t SeededHash(Key key, uint32_t seed) {
3623  ASSERT(UsesSeed);
3624  return Hash(key);
3625  }
3626  static uint32_t HashForObject(Key key, Object* object) { return 0; }
3627  static uint32_t SeededHashForObject(Key key, uint32_t seed, Object* object) {
3628  ASSERT(UsesSeed);
3629  return HashForObject(key, object);
3630  }
3631 };
3632 
3633 template<typename Shape, typename Key>
3634 class HashTable: public FixedArray {
3635  public:
3636  // Wrapper methods
3637  inline uint32_t Hash(Key key) {
3638  if (Shape::UsesSeed) {
3639  return Shape::SeededHash(key,
3640  GetHeap()->HashSeed());
3641  } else {
3642  return Shape::Hash(key);
3643  }
3644  }
3645 
3646  inline uint32_t HashForObject(Key key, Object* object) {
3647  if (Shape::UsesSeed) {
3648  return Shape::SeededHashForObject(key,
3649  GetHeap()->HashSeed(), object);
3650  } else {
3651  return Shape::HashForObject(key, object);
3652  }
3653  }
3654 
3655  // Returns the number of elements in the hash table.
3656  int NumberOfElements() {
3657  return Smi::cast(get(kNumberOfElementsIndex))->value();
3658  }
3659 
3660  // Returns the number of deleted elements in the hash table.
3661  int NumberOfDeletedElements() {
3662  return Smi::cast(get(kNumberOfDeletedElementsIndex))->value();
3663  }
3664 
3665  // Returns the capacity of the hash table.
3666  int Capacity() {
3667  return Smi::cast(get(kCapacityIndex))->value();
3668  }
3669 
3670  // ElementAdded should be called whenever an element is added to a
3671  // hash table.
3672  void ElementAdded() { SetNumberOfElements(NumberOfElements() + 1); }
3673 
3674  // ElementRemoved should be called whenever an element is removed from
3675  // a hash table.
3676  void ElementRemoved() {
3677  SetNumberOfElements(NumberOfElements() - 1);
3678  SetNumberOfDeletedElements(NumberOfDeletedElements() + 1);
3679  }
3680  void ElementsRemoved(int n) {
3681  SetNumberOfElements(NumberOfElements() - n);
3682  SetNumberOfDeletedElements(NumberOfDeletedElements() + n);
3683  }
3684 
3685  // Returns a new HashTable object. Might return Failure.
3686  MUST_USE_RESULT static MaybeObject* Allocate(
3687  Heap* heap,
3688  int at_least_space_for,
3689  MinimumCapacity capacity_option = USE_DEFAULT_MINIMUM_CAPACITY,
3690  PretenureFlag pretenure = NOT_TENURED);
3691 
3692  // Computes the required capacity for a table holding the given
3693  // number of elements. May be more than HashTable::kMaxCapacity.
3694  static int ComputeCapacity(int at_least_space_for);
3695 
3696  // Returns the key at entry.
3697  Object* KeyAt(int entry) { return get(EntryToIndex(entry)); }
3698 
3699  // Tells whether k is a real key. The hole and undefined are not allowed
3700  // as keys and can be used to indicate missing or deleted elements.
3701  bool IsKey(Object* k) {
3702  return !k->IsTheHole() && !k->IsUndefined();
3703  }
3704 
3705  // Garbage collection support.
3706  void IteratePrefix(ObjectVisitor* visitor);
3707  void IterateElements(ObjectVisitor* visitor);
3708 
3709  // Casting.
3710  static inline HashTable* cast(Object* obj);
3711 
3712  // Compute the probe offset (quadratic probing).
3713  INLINE(static uint32_t GetProbeOffset(uint32_t n)) {
3714  return (n + n * n) >> 1;
3715  }
3716 
3717  static const int kNumberOfElementsIndex = 0;
3718  static const int kNumberOfDeletedElementsIndex = 1;
3719  static const int kCapacityIndex = 2;
3720  static const int kPrefixStartIndex = 3;
3721  static const int kElementsStartIndex =
3722  kPrefixStartIndex + Shape::kPrefixSize;
3723  static const int kEntrySize = Shape::kEntrySize;
3724  static const int kElementsStartOffset =
3725  kHeaderSize + kElementsStartIndex * kPointerSize;
3726  static const int kCapacityOffset =
3727  kHeaderSize + kCapacityIndex * kPointerSize;
3728 
3729  // Constant used for denoting a absent entry.
3730  static const int kNotFound = -1;
3731 
3732  // Maximal capacity of HashTable. Based on maximal length of underlying
3733  // FixedArray. Staying below kMaxCapacity also ensures that EntryToIndex
3734  // cannot overflow.
3735  static const int kMaxCapacity =
3736  (FixedArray::kMaxLength - kElementsStartOffset) / kEntrySize;
3737 
3738  // Find entry for key otherwise return kNotFound.
3739  inline int FindEntry(Key key);
3740  int FindEntry(Isolate* isolate, Key key);
3741 
3742  // Rehashes the table in-place.
3743  void Rehash(Key key);
3744 
3745  protected:
3746  friend class ObjectHashSet;
3747  friend class ObjectHashTable;
3748 
3749  // Find the entry at which to insert element with the given key that
3750  // has the given hash value.
3751  uint32_t FindInsertionEntry(uint32_t hash);
3752 
3753  // Returns the index for an entry (of the key)
3754  static inline int EntryToIndex(int entry) {
3755  return (entry * kEntrySize) + kElementsStartIndex;
3756  }
3757 
3758  // Update the number of elements in the hash table.
3759  void SetNumberOfElements(int nof) {
3760  set(kNumberOfElementsIndex, Smi::FromInt(nof));
3761  }
3762 
3763  // Update the number of deleted elements in the hash table.
3764  void SetNumberOfDeletedElements(int nod) {
3765  set(kNumberOfDeletedElementsIndex, Smi::FromInt(nod));
3766  }
3767 
3768  // Sets the capacity of the hash table.
3769  void SetCapacity(int capacity) {
3770  // To scale a computed hash code to fit within the hash table, we
3771  // use bit-wise AND with a mask, so the capacity must be positive
3772  // and non-zero.
3773  ASSERT(capacity > 0);
3774  ASSERT(capacity <= kMaxCapacity);
3775  set(kCapacityIndex, Smi::FromInt(capacity));
3776  }
3777 
3778 
3779  // Returns probe entry.
3780  static uint32_t GetProbe(uint32_t hash, uint32_t number, uint32_t size) {
3781  ASSERT(IsPowerOf2(size));
3782  return (hash + GetProbeOffset(number)) & (size - 1);
3783  }
3784 
3785  inline static uint32_t FirstProbe(uint32_t hash, uint32_t size) {
3786  return hash & (size - 1);
3787  }
3788 
3789  inline static uint32_t NextProbe(
3790  uint32_t last, uint32_t number, uint32_t size) {
3791  return (last + number) & (size - 1);
3792  }
3793 
3794  // Returns _expected_ if one of entries given by the first _probe_ probes is
3795  // equal to _expected_. Otherwise, returns the entry given by the probe
3796  // number _probe_.
3797  uint32_t EntryForProbe(Key key, Object* k, int probe, uint32_t expected);
3798 
3799  void Swap(uint32_t entry1, uint32_t entry2, WriteBarrierMode mode);
3800 
3801  // Rehashes this hash-table into the new table.
3802  MUST_USE_RESULT MaybeObject* Rehash(HashTable* new_table, Key key);
3803 
3804  // Attempt to shrink hash table after removal of key.
3805  MUST_USE_RESULT MaybeObject* Shrink(Key key);
3806 
3807  // Ensure enough space for n additional elements.
3808  MUST_USE_RESULT MaybeObject* EnsureCapacity(
3809  int n,
3810  Key key,
3811  PretenureFlag pretenure = NOT_TENURED);
3812 };
3813 
3814 
3815 // HashTableKey is an abstract superclass for virtual key behavior.
3816 class HashTableKey {
3817  public:
3818  // Returns whether the other object matches this key.
3819  virtual bool IsMatch(Object* other) = 0;
3820  // Returns the hash value for this key.
3821  virtual uint32_t Hash() = 0;
3822  // Returns the hash value for object.
3823  virtual uint32_t HashForObject(Object* key) = 0;
3824  // Returns the key object for storing into the hash table.
3825  // If allocations fails a failure object is returned.
3826  MUST_USE_RESULT virtual MaybeObject* AsObject(Heap* heap) = 0;
3827  // Required.
3828  virtual ~HashTableKey() {}
3829 };
3830 
3831 
3832 class StringTableShape : public BaseShape<HashTableKey*> {
3833  public:
3834  static inline bool IsMatch(HashTableKey* key, Object* value) {
3835  return key->IsMatch(value);
3836  }
3837  static inline uint32_t Hash(HashTableKey* key) {
3838  return key->Hash();
3839  }
3840  static inline uint32_t HashForObject(HashTableKey* key, Object* object) {
3841  return key->HashForObject(object);
3842  }
3843  MUST_USE_RESULT static inline MaybeObject* AsObject(Heap* heap,
3844  HashTableKey* key) {
3845  return key->AsObject(heap);
3846  }
3847 
3848  static const int kPrefixSize = 0;
3849  static const int kEntrySize = 1;
3850 };
3851 
3852 class SeqOneByteString;
3853 
3854 // StringTable.
3855 //
3856 // No special elements in the prefix and the element size is 1
3857 // because only the string itself (the key) needs to be stored.
3858 class StringTable: public HashTable<StringTableShape, HashTableKey*> {
3859  public:
3860  // Find string in the string table. If it is not there yet, it is
3861  // added. The return value is the string table which might have
3862  // been enlarged. If the return value is not a failure, the string
3863  // pointer *s is set to the string found.
3864  MUST_USE_RESULT MaybeObject* LookupString(String* key, Object** s);
3865  MUST_USE_RESULT MaybeObject* LookupKey(HashTableKey* key, Object** s);
3866 
3867  // Looks up a string that is equal to the given string and returns
3868  // true if it is found, assigning the string to the given output
3869  // parameter.
3870  bool LookupStringIfExists(String* str, String** result);
3871  bool LookupTwoCharsStringIfExists(uint16_t c1, uint16_t c2, String** result);
3872 
3873  // Casting.
3874  static inline StringTable* cast(Object* obj);
3875 
3876  private:
3877  template <bool seq_ascii> friend class JsonParser;
3878 
3879  DISALLOW_IMPLICIT_CONSTRUCTORS(StringTable);
3880 };
3881 
3882 
3883 class MapCacheShape : public BaseShape<HashTableKey*> {
3884  public:
3885  static inline bool IsMatch(HashTableKey* key, Object* value) {
3886  return key->IsMatch(value);
3887  }
3888  static inline uint32_t Hash(HashTableKey* key) {
3889  return key->Hash();
3890  }
3891 
3892  static inline uint32_t HashForObject(HashTableKey* key, Object* object) {
3893  return key->HashForObject(object);
3894  }
3895 
3896  MUST_USE_RESULT static inline MaybeObject* AsObject(Heap* heap,
3897  HashTableKey* key) {
3898  return key->AsObject(heap);
3899  }
3900 
3901  static const int kPrefixSize = 0;
3902  static const int kEntrySize = 2;
3903 };
3904 
3905 
3906 // MapCache.
3907 //
3908 // Maps keys that are a fixed array of unique names to a map.
3909 // Used for canonicalize maps for object literals.
3910 class MapCache: public HashTable<MapCacheShape, HashTableKey*> {
3911  public:
3912  // Find cached value for a name key, otherwise return null.
3913  Object* Lookup(FixedArray* key);
3914  MUST_USE_RESULT MaybeObject* Put(FixedArray* key, Map* value);
3915  static inline MapCache* cast(Object* obj);
3916 
3917  private:
3918  DISALLOW_IMPLICIT_CONSTRUCTORS(MapCache);
3919 };
3920 
3921 
3922 template <typename Shape, typename Key>
3923 class Dictionary: public HashTable<Shape, Key> {
3924  public:
3925  static inline Dictionary<Shape, Key>* cast(Object* obj) {
3926  return reinterpret_cast<Dictionary<Shape, Key>*>(obj);
3927  }
3928 
3929  // Returns the value at entry.
3930  Object* ValueAt(int entry) {
3931  return this->get(HashTable<Shape, Key>::EntryToIndex(entry) + 1);
3932  }
3933 
3934  // Set the value for entry.
3935  void ValueAtPut(int entry, Object* value) {
3936  this->set(HashTable<Shape, Key>::EntryToIndex(entry) + 1, value);
3937  }
3938 
3939  // Returns the property details for the property at entry.
3940  PropertyDetails DetailsAt(int entry) {
3941  ASSERT(entry >= 0); // Not found is -1, which is not caught by get().
3942  return PropertyDetails(
3943  Smi::cast(this->get(HashTable<Shape, Key>::EntryToIndex(entry) + 2)));
3944  }
3945 
3946  // Set the details for entry.
3947  void DetailsAtPut(int entry, PropertyDetails value) {
3948  this->set(HashTable<Shape, Key>::EntryToIndex(entry) + 2, value.AsSmi());
3949  }
3950 
3951  // Sorting support
3952  void CopyValuesTo(FixedArray* elements);
3953 
3954  // Delete a property from the dictionary.
3955  Object* DeleteProperty(int entry, JSObject::DeleteMode mode);
3956 
3957  // Attempt to shrink the dictionary after deletion of key.
3958  MUST_USE_RESULT MaybeObject* Shrink(Key key);
3959 
3960  // Returns the number of elements in the dictionary filtering out properties
3961  // with the specified attributes.
3962  int NumberOfElementsFilterAttributes(PropertyAttributes filter);
3963 
3964  // Returns the number of enumerable elements in the dictionary.
3965  int NumberOfEnumElements();
3966 
3967  enum SortMode { UNSORTED, SORTED };
3968  // Copies keys to preallocated fixed array.
3969  void CopyKeysTo(FixedArray* storage,
3970  PropertyAttributes filter,
3971  SortMode sort_mode);
3972  // Fill in details for properties into storage.
3973  void CopyKeysTo(FixedArray* storage,
3974  int index,
3975  PropertyAttributes filter,
3976  SortMode sort_mode);
3977 
3978  // Accessors for next enumeration index.
3979  void SetNextEnumerationIndex(int index) {
3980  ASSERT(index != 0);
3981  this->set(kNextEnumerationIndexIndex, Smi::FromInt(index));
3982  }
3983 
3984  int NextEnumerationIndex() {
3985  return Smi::cast(FixedArray::get(kNextEnumerationIndexIndex))->value();
3986  }
3987 
3988  // Returns a new array for dictionary usage. Might return Failure.
3989  MUST_USE_RESULT static MaybeObject* Allocate(
3990  Heap* heap,
3991  int at_least_space_for,
3992  PretenureFlag pretenure = NOT_TENURED);
3993 
3994  // Ensure enough space for n additional elements.
3995  MUST_USE_RESULT MaybeObject* EnsureCapacity(int n, Key key);
3996 
3997 #ifdef OBJECT_PRINT
3998  void Print(FILE* out = stdout);
3999 #endif
4000  // Returns the key (slow).
4001  Object* SlowReverseLookup(Object* value);
4002 
4003  // Sets the entry to (key, value) pair.
4004  inline void SetEntry(int entry,
4005  Object* key,
4006  Object* value);
4007  inline void SetEntry(int entry,
4008  Object* key,
4009  Object* value,
4010  PropertyDetails details);
4011 
4012  MUST_USE_RESULT MaybeObject* Add(Key key,
4013  Object* value,
4014  PropertyDetails details);
4015 
4016  protected:
4017  // Generic at put operation.
4018  MUST_USE_RESULT MaybeObject* AtPut(Key key, Object* value);
4019 
4020  // Add entry to dictionary.
4021  MUST_USE_RESULT MaybeObject* AddEntry(Key key,
4022  Object* value,
4023  PropertyDetails details,
4024  uint32_t hash);
4025 
4026  // Generate new enumeration indices to avoid enumeration index overflow.
4027  MUST_USE_RESULT MaybeObject* GenerateNewEnumerationIndices();
4028  static const int kMaxNumberKeyIndex =
4029  HashTable<Shape, Key>::kPrefixStartIndex;
4030  static const int kNextEnumerationIndexIndex = kMaxNumberKeyIndex + 1;
4031 };
4032 
4033 
4034 class NameDictionaryShape : public BaseShape<Name*> {
4035  public:
4036  static inline bool IsMatch(Name* key, Object* other);
4037  static inline uint32_t Hash(Name* key);
4038  static inline uint32_t HashForObject(Name* key, Object* object);
4039  MUST_USE_RESULT static inline MaybeObject* AsObject(Heap* heap,
4040  Name* key);
4041  static const int kPrefixSize = 2;
4042  static const int kEntrySize = 3;
4043  static const bool kIsEnumerable = true;
4044 };
4045 
4046 
4047 class NameDictionary: public Dictionary<NameDictionaryShape, Name*> {
4048  public:
4049  static inline NameDictionary* cast(Object* obj) {
4050  ASSERT(obj->IsDictionary());
4051  return reinterpret_cast<NameDictionary*>(obj);
4052  }
4053 
4054  // Copies enumerable keys to preallocated fixed array.
4055  void CopyEnumKeysTo(FixedArray* storage);
4056  static void DoGenerateNewEnumerationIndices(
4057  Handle<NameDictionary> dictionary);
4058 
4059  // For transforming properties of a JSObject.
4060  MUST_USE_RESULT MaybeObject* TransformPropertiesToFastFor(
4061  JSObject* obj,
4062  int unused_property_fields);
4063 
4064  // Find entry for key, otherwise return kNotFound. Optimized version of
4065  // HashTable::FindEntry.
4066  int FindEntry(Name* key);
4067 };
4068 
4069 
4070 class NumberDictionaryShape : public BaseShape<uint32_t> {
4071  public:
4072  static inline bool IsMatch(uint32_t key, Object* other);
4073  MUST_USE_RESULT static inline MaybeObject* AsObject(Heap* heap,
4074  uint32_t key);
4075  static const int kEntrySize = 3;
4076  static const bool kIsEnumerable = false;
4077 };
4078 
4079 
4080 class SeededNumberDictionaryShape : public NumberDictionaryShape {
4081  public:
4082  static const bool UsesSeed = true;
4083  static const int kPrefixSize = 2;
4084 
4085  static inline uint32_t SeededHash(uint32_t key, uint32_t seed);
4086  static inline uint32_t SeededHashForObject(uint32_t key,
4087  uint32_t seed,
4088  Object* object);
4089 };
4090 
4091 
4092 class UnseededNumberDictionaryShape : public NumberDictionaryShape {
4093  public:
4094  static const int kPrefixSize = 0;
4095 
4096  static inline uint32_t Hash(uint32_t key);
4097  static inline uint32_t HashForObject(uint32_t key, Object* object);
4098 };
4099 
4100 
4101 class SeededNumberDictionary
4102  : public Dictionary<SeededNumberDictionaryShape, uint32_t> {
4103  public:
4104  static SeededNumberDictionary* cast(Object* obj) {
4105  ASSERT(obj->IsDictionary());
4106  return reinterpret_cast<SeededNumberDictionary*>(obj);
4107  }
4108 
4109  // Type specific at put (default NONE attributes is used when adding).
4110  MUST_USE_RESULT MaybeObject* AtNumberPut(uint32_t key, Object* value);
4111  MUST_USE_RESULT static Handle<SeededNumberDictionary> AddNumberEntry(
4112  Handle<SeededNumberDictionary> dictionary,
4113  uint32_t key,
4114  Handle<Object> value,
4115  PropertyDetails details);
4116  MUST_USE_RESULT MaybeObject* AddNumberEntry(uint32_t key,
4117  Object* value,
4118  PropertyDetails details);
4119 
4120  // Set an existing entry or add a new one if needed.
4121  // Return the updated dictionary.
4122  MUST_USE_RESULT static Handle<SeededNumberDictionary> Set(
4123  Handle<SeededNumberDictionary> dictionary,
4124  uint32_t index,
4125  Handle<Object> value,
4126  PropertyDetails details);
4127 
4128  MUST_USE_RESULT MaybeObject* Set(uint32_t key,
4129  Object* value,
4130  PropertyDetails details);
4131 
4132  void UpdateMaxNumberKey(uint32_t key);
4133 
4134  // If slow elements are required we will never go back to fast-case
4135  // for the elements kept in this dictionary. We require slow
4136  // elements if an element has been added at an index larger than
4137  // kRequiresSlowElementsLimit or set_requires_slow_elements() has been called
4138  // when defining a getter or setter with a number key.
4139  inline bool requires_slow_elements();
4140  inline void set_requires_slow_elements();
4141 
4142  // Get the value of the max number key that has been added to this
4143  // dictionary. max_number_key can only be called if
4144  // requires_slow_elements returns false.
4145  inline uint32_t max_number_key();
4146 
4147  // Bit masks.
4148  static const int kRequiresSlowElementsMask = 1;
4149  static const int kRequiresSlowElementsTagSize = 1;
4150  static const uint32_t kRequiresSlowElementsLimit = (1 << 29) - 1;
4151 };
4152 
4153 
4154 class UnseededNumberDictionary
4155  : public Dictionary<UnseededNumberDictionaryShape, uint32_t> {
4156  public:
4157  static UnseededNumberDictionary* cast(Object* obj) {
4158  ASSERT(obj->IsDictionary());
4159  return reinterpret_cast<UnseededNumberDictionary*>(obj);
4160  }
4161 
4162  // Type specific at put (default NONE attributes is used when adding).
4163  MUST_USE_RESULT MaybeObject* AtNumberPut(uint32_t key, Object* value);
4164  MUST_USE_RESULT MaybeObject* AddNumberEntry(uint32_t key, Object* value);
4165 
4166  // Set an existing entry or add a new one if needed.
4167  // Return the updated dictionary.
4168  MUST_USE_RESULT static Handle<UnseededNumberDictionary> Set(
4169  Handle<UnseededNumberDictionary> dictionary,
4170  uint32_t index,
4171  Handle<Object> value);
4172 
4173  MUST_USE_RESULT MaybeObject* Set(uint32_t key, Object* value);
4174 };
4175 
4176 
4177 template <int entrysize>
4178 class ObjectHashTableShape : public BaseShape<Object*> {
4179  public:
4180  static inline bool IsMatch(Object* key, Object* other);
4181  static inline uint32_t Hash(Object* key);
4182  static inline uint32_t HashForObject(Object* key, Object* object);
4183  MUST_USE_RESULT static inline MaybeObject* AsObject(Heap* heap,
4184  Object* key);
4185  static const int kPrefixSize = 0;
4186  static const int kEntrySize = entrysize;
4187 };
4188 
4189 
4190 // ObjectHashSet holds keys that are arbitrary objects by using the identity
4191 // hash of the key for hashing purposes.
4192 class ObjectHashSet: public HashTable<ObjectHashTableShape<1>, Object*> {
4193  public:
4194  static inline ObjectHashSet* cast(Object* obj) {
4195  ASSERT(obj->IsHashTable());
4196  return reinterpret_cast<ObjectHashSet*>(obj);
4197  }
4198 
4199  // Looks up whether the given key is part of this hash set.
4200  bool Contains(Object* key);
4201 
4202  static Handle<ObjectHashSet> EnsureCapacity(
4203  Handle<ObjectHashSet> table,
4204  int n,
4205  Handle<Object> key,
4206  PretenureFlag pretenure = NOT_TENURED);
4207 
4208  // Attempt to shrink hash table after removal of key.
4209  static Handle<ObjectHashSet> Shrink(Handle<ObjectHashSet> table,
4210  Handle<Object> key);
4211 
4212  // Adds the given key to this hash set.
4213  static Handle<ObjectHashSet> Add(Handle<ObjectHashSet> table,
4214  Handle<Object> key);
4215 
4216  // Removes the given key from this hash set.
4217  static Handle<ObjectHashSet> Remove(Handle<ObjectHashSet> table,
4218  Handle<Object> key);
4219 };
4220 
4221 
4222 // ObjectHashTable maps keys that are arbitrary objects to object values by
4223 // using the identity hash of the key for hashing purposes.
4224 class ObjectHashTable: public HashTable<ObjectHashTableShape<2>, Object*> {
4225  public:
4226  static inline ObjectHashTable* cast(Object* obj) {
4227  ASSERT(obj->IsHashTable());
4228  return reinterpret_cast<ObjectHashTable*>(obj);
4229  }
4230 
4231  static Handle<ObjectHashTable> EnsureCapacity(
4232  Handle<ObjectHashTable> table,
4233  int n,
4234  Handle<Object> key,
4235  PretenureFlag pretenure = NOT_TENURED);
4236 
4237  // Attempt to shrink hash table after removal of key.
4238  static Handle<ObjectHashTable> Shrink(Handle<ObjectHashTable> table,
4239  Handle<Object> key);
4240 
4241  // Looks up the value associated with the given key. The hole value is
4242  // returned in case the key is not present.
4243  Object* Lookup(Object* key);
4244 
4245  // Adds (or overwrites) the value associated with the given key. Mapping a
4246  // key to the hole value causes removal of the whole entry.
4247  static Handle<ObjectHashTable> Put(Handle<ObjectHashTable> table,
4248  Handle<Object> key,
4249  Handle<Object> value);
4250 
4251  private:
4252  friend class MarkCompactCollector;
4253 
4254  void AddEntry(int entry, Object* key, Object* value);
4255  void RemoveEntry(int entry);
4256 
4257  // Returns the index to the value of an entry.
4258  static inline int EntryToValueIndex(int entry) {
4259  return EntryToIndex(entry) + 1;
4260  }
4261 };
4262 
4263 
4264 template <int entrysize>
4265 class WeakHashTableShape : public BaseShape<Object*> {
4266  public:
4267  static inline bool IsMatch(Object* key, Object* other);
4268  static inline uint32_t Hash(Object* key);
4269  static inline uint32_t HashForObject(Object* key, Object* object);
4270  MUST_USE_RESULT static inline MaybeObject* AsObject(Heap* heap,
4271  Object* key);
4272  static const int kPrefixSize = 0;
4273  static const int kEntrySize = entrysize;
4274 };
4275 
4276 
4277 // WeakHashTable maps keys that are arbitrary objects to object values.
4278 // It is used for the global weak hash table that maps objects
4279 // embedded in optimized code to dependent code lists.
4280 class WeakHashTable: public HashTable<WeakHashTableShape<2>, Object*> {
4281  public:
4282  static inline WeakHashTable* cast(Object* obj) {
4283  ASSERT(obj->IsHashTable());
4284  return reinterpret_cast<WeakHashTable*>(obj);
4285  }
4286 
4287  // Looks up the value associated with the given key. The hole value is
4288  // returned in case the key is not present.
4289  Object* Lookup(Object* key);
4290 
4291  // Adds (or overwrites) the value associated with the given key. Mapping a
4292  // key to the hole value causes removal of the whole entry.
4293  MUST_USE_RESULT MaybeObject* Put(Object* key, Object* value);
4294 
4295  // This function is called when heap verification is turned on.
4296  void Zap(Object* value) {
4297  int capacity = Capacity();
4298  for (int i = 0; i < capacity; i++) {
4299  set(EntryToIndex(i), value);
4300  set(EntryToValueIndex(i), value);
4301  }
4302  }
4303 
4304  private:
4305  friend class MarkCompactCollector;
4306 
4307  void AddEntry(int entry, Object* key, Object* value);
4308 
4309  // Returns the index to the value of an entry.
4310  static inline int EntryToValueIndex(int entry) {
4311  return EntryToIndex(entry) + 1;
4312  }
4313 };
4314 
4315 
4316 // JSFunctionResultCache caches results of some JSFunction invocation.
4317 // It is a fixed array with fixed structure:
4318 // [0]: factory function
4319 // [1]: finger index
4320 // [2]: current cache size
4321 // [3]: dummy field.
4322 // The rest of array are key/value pairs.
4323 class JSFunctionResultCache: public FixedArray {
4324  public:
4325  static const int kFactoryIndex = 0;
4326  static const int kFingerIndex = kFactoryIndex + 1;
4327  static const int kCacheSizeIndex = kFingerIndex + 1;
4328  static const int kDummyIndex = kCacheSizeIndex + 1;
4329  static const int kEntriesIndex = kDummyIndex + 1;
4330 
4331  static const int kEntrySize = 2; // key + value
4332 
4333  static const int kFactoryOffset = kHeaderSize;
4334  static const int kFingerOffset = kFactoryOffset + kPointerSize;
4335  static const int kCacheSizeOffset = kFingerOffset + kPointerSize;
4336 
4337  inline void MakeZeroSize();
4338  inline void Clear();
4339 
4340  inline int size();
4341  inline void set_size(int size);
4342  inline int finger_index();
4343  inline void set_finger_index(int finger_index);
4344 
4345  // Casting
4346  static inline JSFunctionResultCache* cast(Object* obj);
4347 
4348  DECLARE_VERIFIER(JSFunctionResultCache)
4349 };
4350 
4351 
4352 // ScopeInfo represents information about different scopes of a source
4353 // program and the allocation of the scope's variables. Scope information
4354 // is stored in a compressed form in ScopeInfo objects and is used
4355 // at runtime (stack dumps, deoptimization, etc.).
4356 
4357 // This object provides quick access to scope info details for runtime
4358 // routines.
4359 class ScopeInfo : public FixedArray {
4360  public:
4361  static inline ScopeInfo* cast(Object* object);
4362 
4363  // Return the type of this scope.
4364  ScopeType scope_type();
4365 
4366  // Does this scope call eval?
4367  bool CallsEval();
4368 
4369  // Return the strict mode of this scope.
4370  StrictMode strict_mode();
4371 
4372  // Does this scope make a sloppy eval call?
4373  bool CallsSloppyEval() { return CallsEval() && strict_mode() == SLOPPY; }
4374 
4375  // Return the total number of locals allocated on the stack and in the
4376  // context. This includes the parameters that are allocated in the context.
4377  int LocalCount();
4378 
4379  // Return the number of stack slots for code. This number consists of two
4380  // parts:
4381  // 1. One stack slot per stack allocated local.
4382  // 2. One stack slot for the function name if it is stack allocated.
4383  int StackSlotCount();
4384 
4385  // Return the number of context slots for code if a context is allocated. This
4386  // number consists of three parts:
4387  // 1. Size of fixed header for every context: Context::MIN_CONTEXT_SLOTS
4388  // 2. One context slot per context allocated local.
4389  // 3. One context slot for the function name if it is context allocated.
4390  // Parameters allocated in the context count as context allocated locals. If
4391  // no contexts are allocated for this scope ContextLength returns 0.
4392  int ContextLength();
4393 
4394  // Is this scope the scope of a named function expression?
4395  bool HasFunctionName();
4396 
4397  // Return if this has context allocated locals.
4398  bool HasHeapAllocatedLocals();
4399 
4400  // Return if contexts are allocated for this scope.
4401  bool HasContext();
4402 
4403  // Return the function_name if present.
4404  String* FunctionName();
4405 
4406  // Return the name of the given parameter.
4407  String* ParameterName(int var);
4408 
4409  // Return the name of the given local.
4410  String* LocalName(int var);
4411 
4412  // Return the name of the given stack local.
4413  String* StackLocalName(int var);
4414 
4415  // Return the name of the given context local.
4416  String* ContextLocalName(int var);
4417 
4418  // Return the mode of the given context local.
4419  VariableMode ContextLocalMode(int var);
4420 
4421  // Return the initialization flag of the given context local.
4422  InitializationFlag ContextLocalInitFlag(int var);
4423 
4424  // Lookup support for serialized scope info. Returns the
4425  // the stack slot index for a given slot name if the slot is
4426  // present; otherwise returns a value < 0. The name must be an internalized
4427  // string.
4428  int StackSlotIndex(String* name);
4429 
4430  // Lookup support for serialized scope info. Returns the
4431  // context slot index for a given slot name if the slot is present; otherwise
4432  // returns a value < 0. The name must be an internalized string.
4433  // If the slot is present and mode != NULL, sets *mode to the corresponding
4434  // mode for that variable.
4435  int ContextSlotIndex(String* name,
4436  VariableMode* mode,
4437  InitializationFlag* init_flag);
4438 
4439  // Lookup support for serialized scope info. Returns the
4440  // parameter index for a given parameter name if the parameter is present;
4441  // otherwise returns a value < 0. The name must be an internalized string.
4442  int ParameterIndex(String* name);
4443 
4444  // Lookup support for serialized scope info. Returns the function context
4445  // slot index if the function name is present and context-allocated (named
4446  // function expressions, only), otherwise returns a value < 0. The name
4447  // must be an internalized string.
4448  int FunctionContextSlotIndex(String* name, VariableMode* mode);
4449 
4450 
4451  // Copies all the context locals into an object used to materialize a scope.
4452  static bool CopyContextLocalsToScopeObject(Handle<ScopeInfo> scope_info,
4453  Handle<Context> context,
4454  Handle<JSObject> scope_object);
4455 
4456 
4457  static Handle<ScopeInfo> Create(Scope* scope, Zone* zone);
4458 
4459  // Serializes empty scope info.
4460  static ScopeInfo* Empty(Isolate* isolate);
4461 
4462 #ifdef DEBUG
4463  void Print();
4464 #endif
4465 
4466  // The layout of the static part of a ScopeInfo is as follows. Each entry is
4467  // numeric and occupies one array slot.
4468  // 1. A set of properties of the scope
4469  // 2. The number of parameters. This only applies to function scopes. For
4470  // non-function scopes this is 0.
4471  // 3. The number of non-parameter variables allocated on the stack.
4472  // 4. The number of non-parameter and parameter variables allocated in the
4473  // context.
4474 #define FOR_EACH_NUMERIC_FIELD(V) \
4475  V(Flags) \
4476  V(ParameterCount) \
4477  V(StackLocalCount) \
4478  V(ContextLocalCount)
4479 
4480 #define FIELD_ACCESSORS(name) \
4481  void Set##name(int value) { \
4482  set(k##name, Smi::FromInt(value)); \
4483  } \
4484  int name() { \
4485  if (length() > 0) { \
4486  return Smi::cast(get(k##name))->value(); \
4487  } else { \
4488  return 0; \
4489  } \
4490  }
4491  FOR_EACH_NUMERIC_FIELD(FIELD_ACCESSORS)
4492 #undef FIELD_ACCESSORS
4493 
4494  private:
4495  enum {
4496 #define DECL_INDEX(name) k##name,
4497  FOR_EACH_NUMERIC_FIELD(DECL_INDEX)
4498 #undef DECL_INDEX
4499 #undef FOR_EACH_NUMERIC_FIELD
4500  kVariablePartIndex
4501  };
4502 
4503  // The layout of the variable part of a ScopeInfo is as follows:
4504  // 1. ParameterEntries:
4505  // This part stores the names of the parameters for function scopes. One
4506  // slot is used per parameter, so in total this part occupies
4507  // ParameterCount() slots in the array. For other scopes than function
4508  // scopes ParameterCount() is 0.
4509  // 2. StackLocalEntries:
4510  // Contains the names of local variables that are allocated on the stack,
4511  // in increasing order of the stack slot index. One slot is used per stack
4512  // local, so in total this part occupies StackLocalCount() slots in the
4513  // array.
4514  // 3. ContextLocalNameEntries:
4515  // Contains the names of local variables and parameters that are allocated
4516  // in the context. They are stored in increasing order of the context slot
4517  // index starting with Context::MIN_CONTEXT_SLOTS. One slot is used per
4518  // context local, so in total this part occupies ContextLocalCount() slots
4519  // in the array.
4520  // 4. ContextLocalInfoEntries:
4521  // Contains the variable modes and initialization flags corresponding to
4522  // the context locals in ContextLocalNameEntries. One slot is used per
4523  // context local, so in total this part occupies ContextLocalCount()
4524  // slots in the array.
4525  // 5. FunctionNameEntryIndex:
4526  // If the scope belongs to a named function expression this part contains
4527  // information about the function variable. It always occupies two array
4528  // slots: a. The name of the function variable.
4529  // b. The context or stack slot index for the variable.
4530  int ParameterEntriesIndex();
4531  int StackLocalEntriesIndex();
4532  int ContextLocalNameEntriesIndex();
4533  int ContextLocalInfoEntriesIndex();
4534  int FunctionNameEntryIndex();
4535 
4536  // Location of the function variable for named function expressions.
4537  enum FunctionVariableInfo {
4538  NONE, // No function name present.
4539  STACK, // Function
4540  CONTEXT,
4541  UNUSED
4542  };
4543 
4544  // Properties of scopes.
4545  class ScopeTypeField: public BitField<ScopeType, 0, 3> {};
4546  class CallsEvalField: public BitField<bool, 3, 1> {};
4547  class StrictModeField: public BitField<StrictMode, 4, 1> {};
4548  class FunctionVariableField: public BitField<FunctionVariableInfo, 5, 2> {};
4549  class FunctionVariableMode: public BitField<VariableMode, 7, 3> {};
4550 
4551  // BitFields representing the encoded information for context locals in the
4552  // ContextLocalInfoEntries part.
4553  class ContextLocalMode: public BitField<VariableMode, 0, 3> {};
4554  class ContextLocalInitFlag: public BitField<InitializationFlag, 3, 1> {};
4555 };
4556 
4557 
4558 // The cache for maps used by normalized (dictionary mode) objects.
4559 // Such maps do not have property descriptors, so a typical program
4560 // needs very limited number of distinct normalized maps.
4561 class NormalizedMapCache: public FixedArray {
4562  public:
4563  static const int kEntries = 64;
4564 
4565  static Handle<Map> Get(Handle<NormalizedMapCache> cache,
4566  Handle<JSObject> object,
4567  PropertyNormalizationMode mode);
4568 
4569  void Clear();
4570 
4571  // Casting
4572  static inline NormalizedMapCache* cast(Object* obj);
4573 
4574  DECLARE_VERIFIER(NormalizedMapCache)
4575 };
4576 
4577 
4578 // ByteArray represents fixed sized byte arrays. Used for the relocation info
4579 // that is attached to code objects.
4580 class ByteArray: public FixedArrayBase {
4581  public:
4582  inline int Size() { return RoundUp(length() + kHeaderSize, kPointerSize); }
4583 
4584  // Setter and getter.
4585  inline byte get(int index);
4586  inline void set(int index, byte value);
4587 
4588  // Treat contents as an int array.
4589  inline int get_int(int index);
4590 
4591  static int SizeFor(int length) {
4592  return OBJECT_POINTER_ALIGN(kHeaderSize + length);
4593  }
4594  // We use byte arrays for free blocks in the heap. Given a desired size in
4595  // bytes that is a multiple of the word size and big enough to hold a byte
4596  // array, this function returns the number of elements a byte array should
4597  // have.
4598  static int LengthFor(int size_in_bytes) {
4599  ASSERT(IsAligned(size_in_bytes, kPointerSize));
4600  ASSERT(size_in_bytes >= kHeaderSize);
4601  return size_in_bytes - kHeaderSize;
4602  }
4603 
4604  // Returns data start address.
4605  inline Address GetDataStartAddress();
4606 
4607  // Returns a pointer to the ByteArray object for a given data start address.
4608  static inline ByteArray* FromDataStartAddress(Address address);
4609 
4610  // Casting.
4611  static inline ByteArray* cast(Object* obj);
4612 
4613  // Dispatched behavior.
4614  inline int ByteArraySize() {
4615  return SizeFor(this->length());
4616  }
4617  DECLARE_PRINTER(ByteArray)
4618  DECLARE_VERIFIER(ByteArray)
4619 
4620  // Layout description.
4621  static const int kAlignedSize = OBJECT_POINTER_ALIGN(kHeaderSize);
4622 
4623  // Maximal memory consumption for a single ByteArray.
4624  static const int kMaxSize = 512 * MB;
4625  // Maximal length of a single ByteArray.
4626  static const int kMaxLength = kMaxSize - kHeaderSize;
4627 
4628  private:
4629  DISALLOW_IMPLICIT_CONSTRUCTORS(ByteArray);
4630 };
4631 
4632 
4633 // FreeSpace represents fixed sized areas of the heap that are not currently in
4634 // use. Used by the heap and GC.
4635 class FreeSpace: public HeapObject {
4636  public:
4637  // [size]: size of the free space including the header.
4638  inline int size();
4639  inline void set_size(int value);
4640 
4641  inline int Size() { return size(); }
4642 
4643  // Casting.
4644  static inline FreeSpace* cast(Object* obj);
4645 
4646  // Dispatched behavior.
4647  DECLARE_PRINTER(FreeSpace)
4648  DECLARE_VERIFIER(FreeSpace)
4649 
4650  // Layout description.
4651  // Size is smi tagged when it is stored.
4652  static const int kSizeOffset = HeapObject::kHeaderSize;
4653  static const int kHeaderSize = kSizeOffset + kPointerSize;
4654 
4655  static const int kAlignedSize = OBJECT_POINTER_ALIGN(kHeaderSize);
4656 
4657  private:
4658  DISALLOW_IMPLICIT_CONSTRUCTORS(FreeSpace);
4659 };
4660 
4661 
4662 // V has parameters (Type, type, TYPE, C type, element_size)
4663 #define TYPED_ARRAYS(V) \
4664  V(Uint8, uint8, UINT8, uint8_t, 1) \
4665  V(Int8, int8, INT8, int8_t, 1) \
4666  V(Uint16, uint16, UINT16, uint16_t, 2) \
4667  V(Int16, int16, INT16, int16_t, 2) \
4668  V(Uint32, uint32, UINT32, uint32_t, 4) \
4669  V(Int32, int32, INT32, int32_t, 4) \
4670  V(Float32, float32, FLOAT32, float, 4) \
4671  V(Float64, float64, FLOAT64, double, 8) \
4672  V(Uint8Clamped, uint8_clamped, UINT8_CLAMPED, uint8_t, 1)
4673 
4674 
4675 
4676 // An ExternalArray represents a fixed-size array of primitive values
4677 // which live outside the JavaScript heap. Its subclasses are used to
4678 // implement the CanvasArray types being defined in the WebGL
4679 // specification. As of this writing the first public draft is not yet
4680 // available, but Khronos members can access the draft at:
4681 // https://cvs.khronos.org/svn/repos/3dweb/trunk/doc/spec/WebGL-spec.html
4682 //
4683 // The semantics of these arrays differ from CanvasPixelArray.
4684 // Out-of-range values passed to the setter are converted via a C
4685 // cast, not clamping. Out-of-range indices cause exceptions to be
4686 // raised rather than being silently ignored.
4687 class ExternalArray: public FixedArrayBase {
4688  public:
4689  inline bool is_the_hole(int index) { return false; }
4690 
4691  // [external_pointer]: The pointer to the external memory area backing this
4692  // external array.
4693  DECL_ACCESSORS(external_pointer, void) // Pointer to the data store.
4694 
4695  // Casting.
4696  static inline ExternalArray* cast(Object* obj);
4697 
4698  // Maximal acceptable length for an external array.
4699  static const int kMaxLength = 0x3fffffff;
4700 
4701  // ExternalArray headers are not quadword aligned.
4702  static const int kExternalPointerOffset =
4703  POINTER_SIZE_ALIGN(FixedArrayBase::kLengthOffset + kPointerSize);
4704  static const int kHeaderSize = kExternalPointerOffset + kPointerSize;
4705  static const int kAlignedSize = OBJECT_POINTER_ALIGN(kHeaderSize);
4706 
4707  private:
4708  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalArray);
4709 };
4710 
4711 
4712 // A ExternalUint8ClampedArray represents a fixed-size byte array with special
4713 // semantics used for implementing the CanvasPixelArray object. Please see the
4714 // specification at:
4715 
4716 // http://www.whatwg.org/specs/web-apps/current-work/
4717 // multipage/the-canvas-element.html#canvaspixelarray
4718 // In particular, write access clamps the value written to 0 or 255 if the
4719 // value written is outside this range.
4720 class ExternalUint8ClampedArray: public ExternalArray {
4721  public:
4722  inline uint8_t* external_uint8_clamped_pointer();
4723 
4724  // Setter and getter.
4725  inline uint8_t get_scalar(int index);
4726  MUST_USE_RESULT inline MaybeObject* get(int index);
4727  inline void set(int index, uint8_t value);
4728 
4729  // This accessor applies the correct conversion from Smi, HeapNumber and
4730  // undefined and clamps the converted value between 0 and 255.
4731  Object* SetValue(uint32_t index, Object* value);
4732 
4733  static Handle<Object> SetValue(Handle<ExternalUint8ClampedArray> array,
4734  uint32_t index,
4735  Handle<Object> value);
4736 
4737  // Casting.
4738  static inline ExternalUint8ClampedArray* cast(Object* obj);
4739 
4740  // Dispatched behavior.
4741  DECLARE_PRINTER(ExternalUint8ClampedArray)
4742  DECLARE_VERIFIER(ExternalUint8ClampedArray)
4743 
4744  private:
4745  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalUint8ClampedArray);
4746 };
4747 
4748 
4749 class ExternalInt8Array: public ExternalArray {
4750  public:
4751  // Setter and getter.
4752  inline int8_t get_scalar(int index);
4753  MUST_USE_RESULT inline MaybeObject* get(int index);
4754  inline void set(int index, int8_t value);
4755 
4756  static Handle<Object> SetValue(Handle<ExternalInt8Array> array,
4757  uint32_t index,
4758  Handle<Object> value);
4759 
4760  // This accessor applies the correct conversion from Smi, HeapNumber
4761  // and undefined.
4762  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4763 
4764  // Casting.
4765  static inline ExternalInt8Array* cast(Object* obj);
4766 
4767  // Dispatched behavior.
4768  DECLARE_PRINTER(ExternalInt8Array)
4769  DECLARE_VERIFIER(ExternalInt8Array)
4770 
4771  private:
4772  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalInt8Array);
4773 };
4774 
4775 
4776 class ExternalUint8Array: public ExternalArray {
4777  public:
4778  // Setter and getter.
4779  inline uint8_t get_scalar(int index);
4780  MUST_USE_RESULT inline MaybeObject* get(int index);
4781  inline void set(int index, uint8_t value);
4782 
4783  static Handle<Object> SetValue(Handle<ExternalUint8Array> array,
4784  uint32_t index,
4785  Handle<Object> value);
4786 
4787  // This accessor applies the correct conversion from Smi, HeapNumber
4788  // and undefined.
4789  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4790 
4791  // Casting.
4792  static inline ExternalUint8Array* cast(Object* obj);
4793 
4794  // Dispatched behavior.
4795  DECLARE_PRINTER(ExternalUint8Array)
4796  DECLARE_VERIFIER(ExternalUint8Array)
4797 
4798  private:
4799  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalUint8Array);
4800 };
4801 
4802 
4803 class ExternalInt16Array: public ExternalArray {
4804  public:
4805  // Setter and getter.
4806  inline int16_t get_scalar(int index);
4807  MUST_USE_RESULT inline MaybeObject* get(int index);
4808  inline void set(int index, int16_t value);
4809 
4810  static Handle<Object> SetValue(Handle<ExternalInt16Array> array,
4811  uint32_t index,
4812  Handle<Object> value);
4813 
4814  // This accessor applies the correct conversion from Smi, HeapNumber
4815  // and undefined.
4816  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4817 
4818  // Casting.
4819  static inline ExternalInt16Array* cast(Object* obj);
4820 
4821  // Dispatched behavior.
4822  DECLARE_PRINTER(ExternalInt16Array)
4823  DECLARE_VERIFIER(ExternalInt16Array)
4824 
4825  private:
4826  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalInt16Array);
4827 };
4828 
4829 
4830 class ExternalUint16Array: public ExternalArray {
4831  public:
4832  // Setter and getter.
4833  inline uint16_t get_scalar(int index);
4834  MUST_USE_RESULT inline MaybeObject* get(int index);
4835  inline void set(int index, uint16_t value);
4836 
4837  static Handle<Object> SetValue(Handle<ExternalUint16Array> array,
4838  uint32_t index,
4839  Handle<Object> value);
4840 
4841  // This accessor applies the correct conversion from Smi, HeapNumber
4842  // and undefined.
4843  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4844 
4845  // Casting.
4846  static inline ExternalUint16Array* cast(Object* obj);
4847 
4848  // Dispatched behavior.
4849  DECLARE_PRINTER(ExternalUint16Array)
4850  DECLARE_VERIFIER(ExternalUint16Array)
4851 
4852  private:
4853  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalUint16Array);
4854 };
4855 
4856 
4857 class ExternalInt32Array: public ExternalArray {
4858  public:
4859  // Setter and getter.
4860  inline int32_t get_scalar(int index);
4861  MUST_USE_RESULT inline MaybeObject* get(int index);
4862  inline void set(int index, int32_t value);
4863 
4864  static Handle<Object> SetValue(Handle<ExternalInt32Array> array,
4865  uint32_t index,
4866  Handle<Object> value);
4867 
4868  // This accessor applies the correct conversion from Smi, HeapNumber
4869  // and undefined.
4870  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4871 
4872  // Casting.
4873  static inline ExternalInt32Array* cast(Object* obj);
4874 
4875  // Dispatched behavior.
4876  DECLARE_PRINTER(ExternalInt32Array)
4877  DECLARE_VERIFIER(ExternalInt32Array)
4878 
4879  private:
4880  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalInt32Array);
4881 };
4882 
4883 
4884 class ExternalUint32Array: public ExternalArray {
4885  public:
4886  // Setter and getter.
4887  inline uint32_t get_scalar(int index);
4888  MUST_USE_RESULT inline MaybeObject* get(int index);
4889  inline void set(int index, uint32_t value);
4890 
4891  static Handle<Object> SetValue(Handle<ExternalUint32Array> array,
4892  uint32_t index,
4893  Handle<Object> value);
4894 
4895  // This accessor applies the correct conversion from Smi, HeapNumber
4896  // and undefined.
4897  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4898 
4899  // Casting.
4900  static inline ExternalUint32Array* cast(Object* obj);
4901 
4902  // Dispatched behavior.
4903  DECLARE_PRINTER(ExternalUint32Array)
4904  DECLARE_VERIFIER(ExternalUint32Array)
4905 
4906  private:
4907  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalUint32Array);
4908 };
4909 
4910 
4911 class ExternalFloat32Array: public ExternalArray {
4912  public:
4913  // Setter and getter.
4914  inline float get_scalar(int index);
4915  MUST_USE_RESULT inline MaybeObject* get(int index);
4916  inline void set(int index, float value);
4917 
4918  static Handle<Object> SetValue(Handle<ExternalFloat32Array> array,
4919  uint32_t index,
4920  Handle<Object> value);
4921 
4922  // This accessor applies the correct conversion from Smi, HeapNumber
4923  // and undefined.
4924  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4925 
4926  // Casting.
4927  static inline ExternalFloat32Array* cast(Object* obj);
4928 
4929  // Dispatched behavior.
4930  DECLARE_PRINTER(ExternalFloat32Array)
4931  DECLARE_VERIFIER(ExternalFloat32Array)
4932 
4933  private:
4934  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalFloat32Array);
4935 };
4936 
4937 
4938 class ExternalFloat64Array: public ExternalArray {
4939  public:
4940  // Setter and getter.
4941  inline double get_scalar(int index);
4942  MUST_USE_RESULT inline MaybeObject* get(int index);
4943  inline void set(int index, double value);
4944 
4945  static Handle<Object> SetValue(Handle<ExternalFloat64Array> array,
4946  uint32_t index,
4947  Handle<Object> value);
4948 
4949  // This accessor applies the correct conversion from Smi, HeapNumber
4950  // and undefined.
4951  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
4952 
4953  // Casting.
4954  static inline ExternalFloat64Array* cast(Object* obj);
4955 
4956  // Dispatched behavior.
4957  DECLARE_PRINTER(ExternalFloat64Array)
4958  DECLARE_VERIFIER(ExternalFloat64Array)
4959 
4960  private:
4961  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalFloat64Array);
4962 };
4963 
4964 
4965 class FixedTypedArrayBase: public FixedArrayBase {
4966  public:
4967  // Casting:
4968  static inline FixedTypedArrayBase* cast(Object* obj);
4969 
4970  static const int kDataOffset = kHeaderSize;
4971 
4972  inline int size();
4973 
4974  // Use with care: returns raw pointer into heap.
4975  inline void* DataPtr();
4976 
4977  inline int DataSize();
4978 
4979  private:
4980  DISALLOW_IMPLICIT_CONSTRUCTORS(FixedTypedArrayBase);
4981 };
4982 
4983 
4984 template <class Traits>
4985 class FixedTypedArray: public FixedTypedArrayBase {
4986  public:
4987  typedef typename Traits::ElementType ElementType;
4988  static const InstanceType kInstanceType = Traits::kInstanceType;
4989 
4990  // Casting:
4991  static inline FixedTypedArray<Traits>* cast(Object* obj);
4992 
4993  static inline int ElementOffset(int index) {
4994  return kDataOffset + index * sizeof(ElementType);
4995  }
4996 
4997  static inline int SizeFor(int length) {
4998  return ElementOffset(length);
4999  }
5000 
5001  inline ElementType get_scalar(int index);
5002  MUST_USE_RESULT inline MaybeObject* get(int index);
5003  inline void set(int index, ElementType value);
5004 
5005  static inline ElementType from_int(int value);
5006  static inline ElementType from_double(double value);
5007 
5008  // This accessor applies the correct conversion from Smi, HeapNumber
5009  // and undefined.
5010  MUST_USE_RESULT MaybeObject* SetValue(uint32_t index, Object* value);
5011 
5012  static Handle<Object> SetValue(Handle<FixedTypedArray<Traits> > array,
5013  uint32_t index,
5014  Handle<Object> value);
5015 
5016  DECLARE_PRINTER(FixedTypedArray)
5017  DECLARE_VERIFIER(FixedTypedArray)
5018 
5019  private:
5020  DISALLOW_IMPLICIT_CONSTRUCTORS(FixedTypedArray);
5021 };
5022 
5023 #define FIXED_TYPED_ARRAY_TRAITS(Type, type, TYPE, elementType, size) \
5024  class Type##ArrayTraits { \
5025  public: \
5026  typedef elementType ElementType; \
5027  static const InstanceType kInstanceType = FIXED_##TYPE##_ARRAY_TYPE; \
5028  static const char* Designator() { return #type " array"; } \
5029  static inline MaybeObject* ToObject(Heap* heap, elementType scalar); \
5030  static inline elementType defaultValue(); \
5031  }; \
5032  \
5033  typedef FixedTypedArray<Type##ArrayTraits> Fixed##Type##Array;
5034 
5035 TYPED_ARRAYS(FIXED_TYPED_ARRAY_TRAITS)
5036 
5037 #undef FIXED_TYPED_ARRAY_TRAITS
5038 
5039 // DeoptimizationInputData is a fixed array used to hold the deoptimization
5040 // data for code generated by the Hydrogen/Lithium compiler. It also
5041 // contains information about functions that were inlined. If N different
5042 // functions were inlined then first N elements of the literal array will
5043 // contain these functions.
5044 //
5045 // It can be empty.
5046 class DeoptimizationInputData: public FixedArray {
5047  public:
5048  // Layout description. Indices in the array.
5049  static const int kTranslationByteArrayIndex = 0;
5050  static const int kInlinedFunctionCountIndex = 1;
5051  static const int kLiteralArrayIndex = 2;
5052  static const int kOsrAstIdIndex = 3;
5053  static const int kOsrPcOffsetIndex = 4;
5054  static const int kOptimizationIdIndex = 5;
5055  static const int kSharedFunctionInfoIndex = 6;
5056  static const int kFirstDeoptEntryIndex = 7;
5057 
5058  // Offsets of deopt entry elements relative to the start of the entry.
5059  static const int kAstIdRawOffset = 0;
5060  static const int kTranslationIndexOffset = 1;
5061  static const int kArgumentsStackHeightOffset = 2;
5062  static const int kPcOffset = 3;
5063  static const int kDeoptEntrySize = 4;
5064 
5065  // Simple element accessors.
5066 #define DEFINE_ELEMENT_ACCESSORS(name, type) \
5067  type* name() { \
5068  return type::cast(get(k##name##Index)); \
5069  } \
5070  void Set##name(type* value) { \
5071  set(k##name##Index, value); \
5072  }
5073 
5074  DEFINE_ELEMENT_ACCESSORS(TranslationByteArray, ByteArray)
5075  DEFINE_ELEMENT_ACCESSORS(InlinedFunctionCount, Smi)
5076  DEFINE_ELEMENT_ACCESSORS(LiteralArray, FixedArray)
5077  DEFINE_ELEMENT_ACCESSORS(OsrAstId, Smi)
5078  DEFINE_ELEMENT_ACCESSORS(OsrPcOffset, Smi)
5079  DEFINE_ELEMENT_ACCESSORS(OptimizationId, Smi)
5080  DEFINE_ELEMENT_ACCESSORS(SharedFunctionInfo, Object)
5081 
5082 #undef DEFINE_ELEMENT_ACCESSORS
5083 
5084  // Accessors for elements of the ith deoptimization entry.
5085 #define DEFINE_ENTRY_ACCESSORS(name, type) \
5086  type* name(int i) { \
5087  return type::cast(get(IndexForEntry(i) + k##name##Offset)); \
5088  } \
5089  void Set##name(int i, type* value) { \
5090  set(IndexForEntry(i) + k##name##Offset, value); \
5091  }
5092 
5093  DEFINE_ENTRY_ACCESSORS(AstIdRaw, Smi)
5094  DEFINE_ENTRY_ACCESSORS(TranslationIndex, Smi)
5095  DEFINE_ENTRY_ACCESSORS(ArgumentsStackHeight, Smi)
5096  DEFINE_ENTRY_ACCESSORS(Pc, Smi)
5097 
5098 #undef DEFINE_ENTRY_ACCESSORS
5099 
5100  BailoutId AstId(int i) {
5101  return BailoutId(AstIdRaw(i)->value());
5102  }
5103 
5104  void SetAstId(int i, BailoutId value) {
5105  SetAstIdRaw(i, Smi::FromInt(value.ToInt()));
5106  }
5107 
5108  int DeoptCount() {
5109  return (length() - kFirstDeoptEntryIndex) / kDeoptEntrySize;
5110  }
5111 
5112  // Allocates a DeoptimizationInputData.
5113  MUST_USE_RESULT static MaybeObject* Allocate(Isolate* isolate,
5114  int deopt_entry_count,
5115  PretenureFlag pretenure);
5116 
5117  // Casting.
5118  static inline DeoptimizationInputData* cast(Object* obj);
5119 
5120 #ifdef ENABLE_DISASSEMBLER
5121  void DeoptimizationInputDataPrint(FILE* out);
5122 #endif
5123 
5124  private:
5125  static int IndexForEntry(int i) {
5126  return kFirstDeoptEntryIndex + (i * kDeoptEntrySize);
5127  }
5128 
5129  static int LengthFor(int entry_count) {
5130  return IndexForEntry(entry_count);
5131  }
5132 };
5133 
5134 
5135 // DeoptimizationOutputData is a fixed array used to hold the deoptimization
5136 // data for code generated by the full compiler.
5137 // The format of the these objects is
5138 // [i * 2]: Ast ID for ith deoptimization.
5139 // [i * 2 + 1]: PC and state of ith deoptimization
5140 class DeoptimizationOutputData: public FixedArray {
5141  public:
5142  int DeoptPoints() { return length() / 2; }
5143 
5144  BailoutId AstId(int index) {
5145  return BailoutId(Smi::cast(get(index * 2))->value());
5146  }
5147 
5148  void SetAstId(int index, BailoutId id) {
5149  set(index * 2, Smi::FromInt(id.ToInt()));
5150  }
5151 
5152  Smi* PcAndState(int index) { return Smi::cast(get(1 + index * 2)); }
5153  void SetPcAndState(int index, Smi* offset) { set(1 + index * 2, offset); }
5154 
5155  static int LengthOfFixedArray(int deopt_points) {
5156  return deopt_points * 2;
5157  }
5158 
5159  // Allocates a DeoptimizationOutputData.
5160  MUST_USE_RESULT static MaybeObject* Allocate(Isolate* isolate,
5161  int number_of_deopt_points,
5162  PretenureFlag pretenure);
5163 
5164  // Casting.
5165  static inline DeoptimizationOutputData* cast(Object* obj);
5166 
5167 #if defined(OBJECT_PRINT) || defined(ENABLE_DISASSEMBLER)
5168  void DeoptimizationOutputDataPrint(FILE* out);
5169 #endif
5170 };
5171 
5172 
5173 // Forward declaration.
5174 class Cell;
5175 class PropertyCell;
5176 class SafepointEntry;
5177 class TypeFeedbackInfo;
5178 
5179 // Code describes objects with on-the-fly generated machine code.
5180 class Code: public HeapObject {
5181  public:
5182  // Opaque data type for encapsulating code flags like kind, inline
5183  // cache state, and arguments count.
5184  typedef uint32_t Flags;
5185 
5186 #define NON_IC_KIND_LIST(V) \
5187  V(FUNCTION) \
5188  V(OPTIMIZED_FUNCTION) \
5189  V(STUB) \
5190  V(HANDLER) \
5191  V(BUILTIN) \
5192  V(REGEXP)
5193 
5194 #define IC_KIND_LIST(V) \
5195  V(LOAD_IC) \
5196  V(KEYED_LOAD_IC) \
5197  V(STORE_IC) \
5198  V(KEYED_STORE_IC) \
5199  V(BINARY_OP_IC) \
5200  V(COMPARE_IC) \
5201  V(COMPARE_NIL_IC) \
5202  V(TO_BOOLEAN_IC)
5203 
5204 #define CODE_KIND_LIST(V) \
5205  NON_IC_KIND_LIST(V) \
5206  IC_KIND_LIST(V)
5207 
5208  enum Kind {
5209 #define DEFINE_CODE_KIND_ENUM(name) name,
5210  CODE_KIND_LIST(DEFINE_CODE_KIND_ENUM)
5211 #undef DEFINE_CODE_KIND_ENUM
5212  NUMBER_OF_KINDS
5213  };
5214 
5215  // No more than 16 kinds. The value is currently encoded in four bits in
5216  // Flags.
5217  STATIC_ASSERT(NUMBER_OF_KINDS <= 16);
5218 
5219  static const char* Kind2String(Kind kind);
5220 
5221  // Types of stubs.
5222  enum StubType {
5223  NORMAL,
5224  FAST
5225  };
5226 
5227  static const int kPrologueOffsetNotSet = -1;
5228 
5229 #ifdef ENABLE_DISASSEMBLER
5230  // Printing
5231  static const char* ICState2String(InlineCacheState state);
5232  static const char* StubType2String(StubType type);
5233  static void PrintExtraICState(FILE* out, Kind kind, ExtraICState extra);
5234  void Disassemble(const char* name, FILE* out = stdout);
5235 #endif // ENABLE_DISASSEMBLER
5236 
5237  // [instruction_size]: Size of the native instructions
5238  inline int instruction_size();
5239  inline void set_instruction_size(int value);
5240 
5241  // [relocation_info]: Code relocation information
5242  DECL_ACCESSORS(relocation_info, ByteArray)
5243  void InvalidateRelocation();
5244  void InvalidateEmbeddedObjects();
5245 
5246  // [handler_table]: Fixed array containing offsets of exception handlers.
5247  DECL_ACCESSORS(handler_table, FixedArray)
5248 
5249  // [deoptimization_data]: Array containing data for deopt.
5250  DECL_ACCESSORS(deoptimization_data, FixedArray)
5251 
5252  // [raw_type_feedback_info]: This field stores various things, depending on
5253  // the kind of the code object.
5254  // FUNCTION => type feedback information.
5255  // STUB => various things, e.g. a SMI
5256  DECL_ACCESSORS(raw_type_feedback_info, Object)
5257  inline Object* type_feedback_info();
5258  inline void set_type_feedback_info(
5259  Object* value, WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
5260  inline int stub_info();
5261  inline void set_stub_info(int info);
5262 
5263  // [next_code_link]: Link for lists of optimized or deoptimized code.
5264  // Note that storage for this field is overlapped with typefeedback_info.
5265  DECL_ACCESSORS(next_code_link, Object)
5266 
5267  // [gc_metadata]: Field used to hold GC related metadata. The contents of this
5268  // field does not have to be traced during garbage collection since
5269  // it is only used by the garbage collector itself.
5270  DECL_ACCESSORS(gc_metadata, Object)
5271 
5272  // [ic_age]: Inline caching age: the value of the Heap::global_ic_age
5273  // at the moment when this object was created.
5274  inline void set_ic_age(int count);
5275  inline int ic_age();
5276 
5277  // [prologue_offset]: Offset of the function prologue, used for aging
5278  // FUNCTIONs and OPTIMIZED_FUNCTIONs.
5279  inline int prologue_offset();
5280  inline void set_prologue_offset(int offset);
5281 
5282  // Unchecked accessors to be used during GC.
5283  inline ByteArray* unchecked_relocation_info();
5284 
5285  inline int relocation_size();
5286 
5287  // [flags]: Various code flags.
5288  inline Flags flags();
5289  inline void set_flags(Flags flags);
5290 
5291  // [flags]: Access to specific code flags.
5292  inline Kind kind();
5293  inline InlineCacheState ic_state(); // Only valid for IC stubs.
5294  inline ExtraICState extra_ic_state(); // Only valid for IC stubs.
5295 
5296  inline StubType type(); // Only valid for monomorphic IC stubs.
5297 
5298  // Testers for IC stub kinds.
5299  inline bool is_inline_cache_stub();
5300  inline bool is_debug_stub();
5301  inline bool is_handler() { return kind() == HANDLER; }
5302  inline bool is_load_stub() { return kind() == LOAD_IC; }
5303  inline bool is_keyed_load_stub() { return kind() == KEYED_LOAD_IC; }
5304  inline bool is_store_stub() { return kind() == STORE_IC; }
5305  inline bool is_keyed_store_stub() { return kind() == KEYED_STORE_IC; }
5306  inline bool is_binary_op_stub() { return kind() == BINARY_OP_IC; }
5307  inline bool is_compare_ic_stub() { return kind() == COMPARE_IC; }
5308  inline bool is_compare_nil_ic_stub() { return kind() == COMPARE_NIL_IC; }
5309  inline bool is_to_boolean_ic_stub() { return kind() == TO_BOOLEAN_IC; }
5310  inline bool is_keyed_stub();
5311  inline bool is_optimized_code() { return kind() == OPTIMIZED_FUNCTION; }
5312 
5313  inline void set_raw_kind_specific_flags1(int value);
5314  inline void set_raw_kind_specific_flags2(int value);
5315 
5316  // [major_key]: For kind STUB or BINARY_OP_IC, the major key.
5317  inline int major_key();
5318  inline void set_major_key(int value);
5319  inline bool has_major_key();
5320 
5321  // For kind STUB or ICs, tells whether or not a code object was generated by
5322  // the optimizing compiler (but it may not be an optimized function).
5323  bool is_crankshafted();
5324  inline void set_is_crankshafted(bool value);
5325 
5326  // [optimizable]: For FUNCTION kind, tells if it is optimizable.
5327  inline bool optimizable();
5328  inline void set_optimizable(bool value);
5329 
5330  // [has_deoptimization_support]: For FUNCTION kind, tells if it has
5331  // deoptimization support.
5332  inline bool has_deoptimization_support();
5333  inline void set_has_deoptimization_support(bool value);
5334 
5335  // [has_debug_break_slots]: For FUNCTION kind, tells if it has
5336  // been compiled with debug break slots.
5337  inline bool has_debug_break_slots();
5338  inline void set_has_debug_break_slots(bool value);
5339 
5340  // [compiled_with_optimizing]: For FUNCTION kind, tells if it has
5341  // been compiled with IsOptimizing set to true.
5342  inline bool is_compiled_optimizable();
5343  inline void set_compiled_optimizable(bool value);
5344 
5345  // [allow_osr_at_loop_nesting_level]: For FUNCTION kind, tells for
5346  // how long the function has been marked for OSR and therefore which
5347  // level of loop nesting we are willing to do on-stack replacement
5348  // for.
5349  inline void set_allow_osr_at_loop_nesting_level(int level);
5350  inline int allow_osr_at_loop_nesting_level();
5351 
5352  // [profiler_ticks]: For FUNCTION kind, tells for how many profiler ticks
5353  // the code object was seen on the stack with no IC patching going on.
5354  inline int profiler_ticks();
5355  inline void set_profiler_ticks(int ticks);
5356 
5357  // [stack_slots]: For kind OPTIMIZED_FUNCTION, the number of stack slots
5358  // reserved in the code prologue.
5359  inline unsigned stack_slots();
5360  inline void set_stack_slots(unsigned slots);
5361 
5362  // [safepoint_table_start]: For kind OPTIMIZED_CODE, the offset in
5363  // the instruction stream where the safepoint table starts.
5364  inline unsigned safepoint_table_offset();
5365  inline void set_safepoint_table_offset(unsigned offset);
5366 
5367  // [back_edge_table_start]: For kind FUNCTION, the offset in the
5368  // instruction stream where the back edge table starts.
5369  inline unsigned back_edge_table_offset();
5370  inline void set_back_edge_table_offset(unsigned offset);
5371 
5372  inline bool back_edges_patched_for_osr();
5373  inline void set_back_edges_patched_for_osr(bool value);
5374 
5375  // [to_boolean_foo]: For kind TO_BOOLEAN_IC tells what state the stub is in.
5376  inline byte to_boolean_state();
5377 
5378  // [has_function_cache]: For kind STUB tells whether there is a function
5379  // cache is passed to the stub.
5380  inline bool has_function_cache();
5381  inline void set_has_function_cache(bool flag);
5382 
5383 
5384  // [marked_for_deoptimization]: For kind OPTIMIZED_FUNCTION tells whether
5385  // the code is going to be deoptimized because of dead embedded maps.
5386  inline bool marked_for_deoptimization();
5387  inline void set_marked_for_deoptimization(bool flag);
5388 
5389  // [constant_pool]: The constant pool for this function.
5390  inline ConstantPoolArray* constant_pool();
5391  inline void set_constant_pool(Object* constant_pool);
5392 
5393  // Get the safepoint entry for the given pc.
5394  SafepointEntry GetSafepointEntry(Address pc);
5395 
5396  // Find an object in a stub with a specified map
5397  Object* FindNthObject(int n, Map* match_map);
5398 
5399  // Find the first allocation site in an IC stub.
5400  AllocationSite* FindFirstAllocationSite();
5401 
5402  // Find the first map in an IC stub.
5403  Map* FindFirstMap();
5404  void FindAllMaps(MapHandleList* maps);
5405  void FindAllTypes(TypeHandleList* types);
5406 
5407  // Find the first handler in an IC stub.
5408  Code* FindFirstHandler();
5409 
5410  // Find |length| handlers and put them into |code_list|. Returns false if not
5411  // enough handlers can be found.
5412  bool FindHandlers(CodeHandleList* code_list, int length = -1);
5413 
5414  // Find the first name in an IC stub.
5415  Name* FindFirstName();
5416 
5417  class FindAndReplacePattern;
5418  // For each (map-to-find, object-to-replace) pair in the pattern, this
5419  // function replaces the corresponding placeholder in the code with the
5420  // object-to-replace. The function assumes that pairs in the pattern come in
5421  // the same order as the placeholders in the code.
5422  void FindAndReplace(const FindAndReplacePattern& pattern);
5423 
5424  // The entire code object including its header is copied verbatim to the
5425  // snapshot so that it can be written in one, fast, memcpy during
5426  // deserialization. The deserializer will overwrite some pointers, rather
5427  // like a runtime linker, but the random allocation addresses used in the
5428  // mksnapshot process would still be present in the unlinked snapshot data,
5429  // which would make snapshot production non-reproducible. This method wipes
5430  // out the to-be-overwritten header data for reproducible snapshots.
5431  inline void WipeOutHeader();
5432 
5433  // Flags operations.
5434  static inline Flags ComputeFlags(
5435  Kind kind,
5436  InlineCacheState ic_state = UNINITIALIZED,
5437  ExtraICState extra_ic_state = kNoExtraICState,
5438  StubType type = NORMAL,
5439  InlineCacheHolderFlag holder = OWN_MAP);
5440 
5441  static inline Flags ComputeMonomorphicFlags(
5442  Kind kind,
5443  ExtraICState extra_ic_state = kNoExtraICState,
5444  InlineCacheHolderFlag holder = OWN_MAP,
5445  StubType type = NORMAL);
5446 
5447  static inline Flags ComputeHandlerFlags(
5448  Kind handler_kind,
5449  StubType type = NORMAL,
5450  InlineCacheHolderFlag holder = OWN_MAP);
5451 
5452  static inline InlineCacheState ExtractICStateFromFlags(Flags flags);
5453  static inline StubType ExtractTypeFromFlags(Flags flags);
5454  static inline Kind ExtractKindFromFlags(Flags flags);
5455  static inline InlineCacheHolderFlag ExtractCacheHolderFromFlags(Flags flags);
5456  static inline ExtraICState ExtractExtraICStateFromFlags(Flags flags);
5457 
5458  static inline Flags RemoveTypeFromFlags(Flags flags);
5459 
5460  // Convert a target address into a code object.
5461  static inline Code* GetCodeFromTargetAddress(Address address);
5462 
5463  // Convert an entry address into an object.
5464  static inline Object* GetObjectFromEntryAddress(Address location_of_address);
5465 
5466  // Returns the address of the first instruction.
5467  inline byte* instruction_start();
5468 
5469  // Returns the address right after the last instruction.
5470  inline byte* instruction_end();
5471 
5472  // Returns the size of the instructions, padding, and relocation information.
5473  inline int body_size();
5474 
5475  // Returns the address of the first relocation info (read backwards!).
5476  inline byte* relocation_start();
5477 
5478  // Code entry point.
5479  inline byte* entry();
5480 
5481  // Returns true if pc is inside this object's instructions.
5482  inline bool contains(byte* pc);
5483 
5484  // Relocate the code by delta bytes. Called to signal that this code
5485  // object has been moved by delta bytes.
5486  void Relocate(intptr_t delta);
5487 
5488  // Migrate code described by desc.
5489  void CopyFrom(const CodeDesc& desc);
5490 
5491  // Returns the object size for a given body (used for allocation).
5492  static int SizeFor(int body_size) {
5493  ASSERT_SIZE_TAG_ALIGNED(body_size);
5494  return RoundUp(kHeaderSize + body_size, kCodeAlignment);
5495  }
5496 
5497  // Calculate the size of the code object to report for log events. This takes
5498  // the layout of the code object into account.
5499  int ExecutableSize() {
5500  // Check that the assumptions about the layout of the code object holds.
5501  ASSERT_EQ(static_cast<int>(instruction_start() - address()),
5502  Code::kHeaderSize);
5503  return instruction_size() + Code::kHeaderSize;
5504  }
5505 
5506  // Locating source position.
5507  int SourcePosition(Address pc);
5508  int SourceStatementPosition(Address pc);
5509 
5510  // Casting.
5511  static inline Code* cast(Object* obj);
5512 
5513  // Dispatched behavior.
5514  int CodeSize() { return SizeFor(body_size()); }
5515  inline void CodeIterateBody(ObjectVisitor* v);
5516 
5517  template<typename StaticVisitor>
5518  inline void CodeIterateBody(Heap* heap);
5519 
5520  DECLARE_PRINTER(Code)
5521  DECLARE_VERIFIER(Code)
5522 
5523  void ClearInlineCaches();
5524  void ClearInlineCaches(Kind kind);
5525 
5526  void ClearTypeFeedbackInfo(Heap* heap);
5527 
5528  BailoutId TranslatePcOffsetToAstId(uint32_t pc_offset);
5529  uint32_t TranslateAstIdToPcOffset(BailoutId ast_id);
5530 
5531 #define DECLARE_CODE_AGE_ENUM(X) k##X##CodeAge,
5532  enum Age {
5533  kNotExecutedCodeAge = -2,
5534  kExecutedOnceCodeAge = -1,
5535  kNoAgeCodeAge = 0,
5536  CODE_AGE_LIST(DECLARE_CODE_AGE_ENUM)
5537  kAfterLastCodeAge,
5538  kFirstCodeAge = kNotExecutedCodeAge,
5539  kLastCodeAge = kAfterLastCodeAge - 1,
5540  kCodeAgeCount = kAfterLastCodeAge - kNotExecutedCodeAge - 1,
5541  kIsOldCodeAge = kSexagenarianCodeAge,
5542  kPreAgedCodeAge = kIsOldCodeAge - 1
5543  };
5544 #undef DECLARE_CODE_AGE_ENUM
5545 
5546  // Code aging. Indicates how many full GCs this code has survived without
5547  // being entered through the prologue. Used to determine when it is
5548  // relatively safe to flush this code object and replace it with the lazy
5549  // compilation stub.
5550  static void MakeCodeAgeSequenceYoung(byte* sequence, Isolate* isolate);
5551  static void MarkCodeAsExecuted(byte* sequence, Isolate* isolate);
5552  void MakeOlder(MarkingParity);
5553  static bool IsYoungSequence(byte* sequence);
5554  bool IsOld();
5555  Age GetAge();
5556  // Gets the raw code age, including psuedo code-age values such as
5557  // kNotExecutedCodeAge and kExecutedOnceCodeAge.
5558  Age GetRawAge();
5559  static inline Code* GetPreAgedCodeAgeStub(Isolate* isolate) {
5560  return GetCodeAgeStub(isolate, kNotExecutedCodeAge, NO_MARKING_PARITY);
5561  }
5562 
5563  void PrintDeoptLocation(FILE* out, int bailout_id);
5564  bool CanDeoptAt(Address pc);
5565 
5566 #ifdef VERIFY_HEAP
5567  void VerifyEmbeddedObjectsDependency();
5568 #endif
5569 
5570  inline bool IsWeakObject(Object* object) {
5571  return is_optimized_code() && IsWeakObjectInOptimizedCode(object);
5572  }
5573 
5574  inline bool IsWeakObjectInOptimizedCode(Object* object);
5575 
5576  // Max loop nesting marker used to postpose OSR. We don't take loop
5577  // nesting that is deeper than 5 levels into account.
5578  static const int kMaxLoopNestingMarker = 6;
5579 
5580  // Layout description.
5581  static const int kInstructionSizeOffset = HeapObject::kHeaderSize;
5582  static const int kRelocationInfoOffset = kInstructionSizeOffset + kIntSize;
5583  static const int kHandlerTableOffset = kRelocationInfoOffset + kPointerSize;
5584  static const int kDeoptimizationDataOffset =
5585  kHandlerTableOffset + kPointerSize;
5586  static const int kTypeFeedbackInfoOffset =
5587  kDeoptimizationDataOffset + kPointerSize;
5588  static const int kNextCodeLinkOffset = kTypeFeedbackInfoOffset + kPointerSize;
5589  static const int kGCMetadataOffset = kNextCodeLinkOffset + kPointerSize;
5590  static const int kICAgeOffset =
5591  kGCMetadataOffset + kPointerSize;
5592  static const int kFlagsOffset = kICAgeOffset + kIntSize;
5593  static const int kKindSpecificFlags1Offset = kFlagsOffset + kIntSize;
5594  static const int kKindSpecificFlags2Offset =
5595  kKindSpecificFlags1Offset + kIntSize;
5596  // Note: We might be able to squeeze this into the flags above.
5597  static const int kPrologueOffset = kKindSpecificFlags2Offset + kIntSize;
5598  static const int kConstantPoolOffset = kPrologueOffset + kPointerSize;
5599 
5600  static const int kHeaderPaddingStart = kConstantPoolOffset + kIntSize;
5601 
5602  // Add padding to align the instruction start following right after
5603  // the Code object header.
5604  static const int kHeaderSize =
5605  (kHeaderPaddingStart + kCodeAlignmentMask) & ~kCodeAlignmentMask;
5606 
5607  // Byte offsets within kKindSpecificFlags1Offset.
5608  static const int kOptimizableOffset = kKindSpecificFlags1Offset;
5609 
5610  static const int kFullCodeFlags = kOptimizableOffset + 1;
5611  class FullCodeFlagsHasDeoptimizationSupportField:
5612  public BitField<bool, 0, 1> {}; // NOLINT
5613  class FullCodeFlagsHasDebugBreakSlotsField: public BitField<bool, 1, 1> {};
5614  class FullCodeFlagsIsCompiledOptimizable: public BitField<bool, 2, 1> {};
5615 
5616  static const int kAllowOSRAtLoopNestingLevelOffset = kFullCodeFlags + 1;
5617  static const int kProfilerTicksOffset = kAllowOSRAtLoopNestingLevelOffset + 1;
5618 
5619  // Flags layout. BitField<type, shift, size>.
5620  class ICStateField: public BitField<InlineCacheState, 0, 3> {};
5621  class TypeField: public BitField<StubType, 3, 1> {};
5622  class CacheHolderField: public BitField<InlineCacheHolderFlag, 5, 1> {};
5623  class KindField: public BitField<Kind, 6, 4> {};
5624  // TODO(bmeurer): Bit 10 is available for free use. :-)
5625  class ExtraICStateField: public BitField<ExtraICState, 11,
5626  PlatformSmiTagging::kSmiValueSize - 11 + 1> {}; // NOLINT
5627 
5628  // KindSpecificFlags1 layout (STUB and OPTIMIZED_FUNCTION)
5629  static const int kStackSlotsFirstBit = 0;
5630  static const int kStackSlotsBitCount = 24;
5631  static const int kHasFunctionCacheFirstBit =
5632  kStackSlotsFirstBit + kStackSlotsBitCount;
5633  static const int kHasFunctionCacheBitCount = 1;
5634  static const int kMarkedForDeoptimizationFirstBit =
5635  kStackSlotsFirstBit + kStackSlotsBitCount + 1;
5636  static const int kMarkedForDeoptimizationBitCount = 1;
5637 
5638  STATIC_ASSERT(kStackSlotsFirstBit + kStackSlotsBitCount <= 32);
5639  STATIC_ASSERT(kHasFunctionCacheFirstBit + kHasFunctionCacheBitCount <= 32);
5640  STATIC_ASSERT(kMarkedForDeoptimizationFirstBit +
5641  kMarkedForDeoptimizationBitCount <= 32);
5642 
5643  class StackSlotsField: public BitField<int,
5644  kStackSlotsFirstBit, kStackSlotsBitCount> {}; // NOLINT
5645  class HasFunctionCacheField: public BitField<bool,
5646  kHasFunctionCacheFirstBit, kHasFunctionCacheBitCount> {}; // NOLINT
5647  class MarkedForDeoptimizationField: public BitField<bool,
5648  kMarkedForDeoptimizationFirstBit,
5649  kMarkedForDeoptimizationBitCount> {}; // NOLINT
5650 
5651  // KindSpecificFlags2 layout (ALL)
5652  static const int kIsCrankshaftedBit = 0;
5653  class IsCrankshaftedField: public BitField<bool,
5654  kIsCrankshaftedBit, 1> {}; // NOLINT
5655 
5656  // KindSpecificFlags2 layout (STUB and OPTIMIZED_FUNCTION)
5657  static const int kStubMajorKeyFirstBit = kIsCrankshaftedBit + 1;
5658  static const int kSafepointTableOffsetFirstBit =
5659  kStubMajorKeyFirstBit + kStubMajorKeyBits;
5660  static const int kSafepointTableOffsetBitCount = 24;
5661 
5662  STATIC_ASSERT(kStubMajorKeyFirstBit + kStubMajorKeyBits <= 32);
5663  STATIC_ASSERT(kSafepointTableOffsetFirstBit +
5664  kSafepointTableOffsetBitCount <= 32);
5665  STATIC_ASSERT(1 + kStubMajorKeyBits +
5666  kSafepointTableOffsetBitCount <= 32);
5667 
5668  class SafepointTableOffsetField: public BitField<int,
5669  kSafepointTableOffsetFirstBit,
5670  kSafepointTableOffsetBitCount> {}; // NOLINT
5671  class StubMajorKeyField: public BitField<int,
5672  kStubMajorKeyFirstBit, kStubMajorKeyBits> {}; // NOLINT
5673 
5674  // KindSpecificFlags2 layout (FUNCTION)
5675  class BackEdgeTableOffsetField: public BitField<int,
5676  kIsCrankshaftedBit + 1, 29> {}; // NOLINT
5677  class BackEdgesPatchedForOSRField: public BitField<bool,
5678  kIsCrankshaftedBit + 1 + 29, 1> {}; // NOLINT
5679 
5680  static const int kArgumentsBits = 16;
5681  static const int kMaxArguments = (1 << kArgumentsBits) - 1;
5682 
5683  // This constant should be encodable in an ARM instruction.
5684  static const int kFlagsNotUsedInLookup =
5685  TypeField::kMask | CacheHolderField::kMask;
5686 
5687  private:
5688  friend class RelocIterator;
5689  friend class Deoptimizer; // For FindCodeAgeSequence.
5690 
5691  void ClearInlineCaches(Kind* kind);
5692 
5693  // Code aging
5694  byte* FindCodeAgeSequence();
5695  static void GetCodeAgeAndParity(Code* code, Age* age,
5696  MarkingParity* parity);
5697  static void GetCodeAgeAndParity(byte* sequence, Age* age,
5698  MarkingParity* parity);
5699  static Code* GetCodeAgeStub(Isolate* isolate, Age age, MarkingParity parity);
5700 
5701  // Code aging -- platform-specific
5702  static void PatchPlatformCodeAge(Isolate* isolate,
5703  byte* sequence, Age age,
5704  MarkingParity parity);
5705 
5706  DISALLOW_IMPLICIT_CONSTRUCTORS(Code);
5707 };
5708 
5709 
5710 class CompilationInfo;
5711 
5712 // This class describes the layout of dependent codes array of a map. The
5713 // array is partitioned into several groups of dependent codes. Each group
5714 // contains codes with the same dependency on the map. The array has the
5715 // following layout for n dependency groups:
5716 //
5717 // +----+----+-----+----+---------+----------+-----+---------+-----------+
5718 // | C1 | C2 | ... | Cn | group 1 | group 2 | ... | group n | undefined |
5719 // +----+----+-----+----+---------+----------+-----+---------+-----------+
5720 //
5721 // The first n elements are Smis, each of them specifies the number of codes
5722 // in the corresponding group. The subsequent elements contain grouped code
5723 // objects. The suffix of the array can be filled with the undefined value if
5724 // the number of codes is less than the length of the array. The order of the
5725 // code objects within a group is not preserved.
5726 //
5727 // All code indexes used in the class are counted starting from the first
5728 // code object of the first group. In other words, code index 0 corresponds
5729 // to array index n = kCodesStartIndex.
5730 
5731 class DependentCode: public FixedArray {
5732  public:
5733  enum DependencyGroup {
5734  // Group of code that weakly embed this map and depend on being
5735  // deoptimized when the map is garbage collected.
5736  kWeaklyEmbeddedGroup,
5737  // Group of code that embed a transition to this map, and depend on being
5738  // deoptimized when the transition is replaced by a new version.
5739  kTransitionGroup,
5740  // Group of code that omit run-time prototype checks for prototypes
5741  // described by this map. The group is deoptimized whenever an object
5742  // described by this map changes shape (and transitions to a new map),
5743  // possibly invalidating the assumptions embedded in the code.
5744  kPrototypeCheckGroup,
5745  // Group of code that depends on elements not being added to objects with
5746  // this map.
5747  kElementsCantBeAddedGroup,
5748  // Group of code that depends on global property values in property cells
5749  // not being changed.
5750  kPropertyCellChangedGroup,
5751  // Group of code that depends on tenuring information in AllocationSites
5752  // not being changed.
5753  kAllocationSiteTenuringChangedGroup,
5754  // Group of code that depends on element transition information in
5755  // AllocationSites not being changed.
5756  kAllocationSiteTransitionChangedGroup,
5757  kGroupCount = kAllocationSiteTransitionChangedGroup + 1
5758  };
5759 
5760  // Array for holding the index of the first code object of each group.
5761  // The last element stores the total number of code objects.
5762  class GroupStartIndexes {
5763  public:
5764  explicit GroupStartIndexes(DependentCode* entries);
5765  void Recompute(DependentCode* entries);
5766  int at(int i) { return start_indexes_[i]; }
5767  int number_of_entries() { return start_indexes_[kGroupCount]; }
5768  private:
5769  int start_indexes_[kGroupCount + 1];
5770  };
5771 
5772  bool Contains(DependencyGroup group, Code* code);
5773  static Handle<DependentCode> Insert(Handle<DependentCode> entries,
5774  DependencyGroup group,
5775  Handle<Object> object);
5776  void UpdateToFinishedCode(DependencyGroup group,
5777  CompilationInfo* info,
5778  Code* code);
5779  void RemoveCompilationInfo(DependentCode::DependencyGroup group,
5780  CompilationInfo* info);
5781 
5782  void DeoptimizeDependentCodeGroup(Isolate* isolate,
5783  DependentCode::DependencyGroup group);
5784 
5785  bool MarkCodeForDeoptimization(Isolate* isolate,
5786  DependentCode::DependencyGroup group);
5787 
5788  // The following low-level accessors should only be used by this class
5789  // and the mark compact collector.
5790  inline int number_of_entries(DependencyGroup group);
5791  inline void set_number_of_entries(DependencyGroup group, int value);
5792  inline bool is_code_at(int i);
5793  inline Code* code_at(int i);
5794  inline CompilationInfo* compilation_info_at(int i);
5795  inline void set_object_at(int i, Object* object);
5796  inline Object** slot_at(int i);
5797  inline Object* object_at(int i);
5798  inline void clear_at(int i);
5799  inline void copy(int from, int to);
5800  static inline DependentCode* cast(Object* object);
5801 
5802  static DependentCode* ForObject(Handle<HeapObject> object,
5803  DependencyGroup group);
5804 
5805  private:
5806  // Make a room at the end of the given group by moving out the first
5807  // code objects of the subsequent groups.
5808  inline void ExtendGroup(DependencyGroup group);
5809  static const int kCodesStartIndex = kGroupCount;
5810 };
5811 
5812 
5813 // All heap objects have a Map that describes their structure.
5814 // A Map contains information about:
5815 // - Size information about the object
5816 // - How to iterate over an object (for garbage collection)
5817 class Map: public HeapObject {
5818  public:
5819  // Instance size.
5820  // Size in bytes or kVariableSizeSentinel if instances do not have
5821  // a fixed size.
5822  inline int instance_size();
5823  inline void set_instance_size(int value);
5824 
5825  // Count of properties allocated in the object.
5826  inline int inobject_properties();
5827  inline void set_inobject_properties(int value);
5828 
5829  // Count of property fields pre-allocated in the object when first allocated.
5830  inline int pre_allocated_property_fields();
5831  inline void set_pre_allocated_property_fields(int value);
5832 
5833  // Instance type.
5834  inline InstanceType instance_type();
5835  inline void set_instance_type(InstanceType value);
5836 
5837  // Tells how many unused property fields are available in the
5838  // instance (only used for JSObject in fast mode).
5839  inline int unused_property_fields();
5840  inline void set_unused_property_fields(int value);
5841 
5842  // Bit field.
5843  inline byte bit_field();
5844  inline void set_bit_field(byte value);
5845 
5846  // Bit field 2.
5847  inline byte bit_field2();
5848  inline void set_bit_field2(byte value);
5849 
5850  // Bit field 3.
5851  inline uint32_t bit_field3();
5852  inline void set_bit_field3(uint32_t bits);
5853 
5854  class EnumLengthBits: public BitField<int,
5855  0, kDescriptorIndexBitCount> {}; // NOLINT
5856  class NumberOfOwnDescriptorsBits: public BitField<int,
5857  kDescriptorIndexBitCount, kDescriptorIndexBitCount> {}; // NOLINT
5858  STATIC_ASSERT(kDescriptorIndexBitCount + kDescriptorIndexBitCount == 20);
5859  class IsShared: public BitField<bool, 20, 1> {};
5860  class FunctionWithPrototype: public BitField<bool, 21, 1> {};
5861  class DictionaryMap: public BitField<bool, 22, 1> {};
5862  class OwnsDescriptors: public BitField<bool, 23, 1> {};
5863  class HasInstanceCallHandler: public BitField<bool, 24, 1> {};
5864  class Deprecated: public BitField<bool, 25, 1> {};
5865  class IsFrozen: public BitField<bool, 26, 1> {};
5866  class IsUnstable: public BitField<bool, 27, 1> {};
5867  class IsMigrationTarget: public BitField<bool, 28, 1> {};
5868 
5869  // Tells whether the object in the prototype property will be used
5870  // for instances created from this function. If the prototype
5871  // property is set to a value that is not a JSObject, the prototype
5872  // property will not be used to create instances of the function.
5873  // See ECMA-262, 13.2.2.
5874  inline void set_non_instance_prototype(bool value);
5875  inline bool has_non_instance_prototype();
5876 
5877  // Tells whether function has special prototype property. If not, prototype
5878  // property will not be created when accessed (will return undefined),
5879  // and construction from this function will not be allowed.
5880  inline void set_function_with_prototype(bool value);
5881  inline bool function_with_prototype();
5882 
5883  // Tells whether the instance with this map should be ignored by the
5884  // Object.getPrototypeOf() function and the __proto__ accessor.
5885  inline void set_is_hidden_prototype() {
5886  set_bit_field(bit_field() | (1 << kIsHiddenPrototype));
5887  }
5888 
5889  inline bool is_hidden_prototype() {
5890  return ((1 << kIsHiddenPrototype) & bit_field()) != 0;
5891  }
5892 
5893  // Records and queries whether the instance has a named interceptor.
5894  inline void set_has_named_interceptor() {
5895  set_bit_field(bit_field() | (1 << kHasNamedInterceptor));
5896  }
5897 
5898  inline bool has_named_interceptor() {
5899  return ((1 << kHasNamedInterceptor) & bit_field()) != 0;
5900  }
5901 
5902  // Records and queries whether the instance has an indexed interceptor.
5903  inline void set_has_indexed_interceptor() {
5904  set_bit_field(bit_field() | (1 << kHasIndexedInterceptor));
5905  }
5906 
5907  inline bool has_indexed_interceptor() {
5908  return ((1 << kHasIndexedInterceptor) & bit_field()) != 0;
5909  }
5910 
5911  // Tells whether the instance is undetectable.
5912  // An undetectable object is a special class of JSObject: 'typeof' operator
5913  // returns undefined, ToBoolean returns false. Otherwise it behaves like
5914  // a normal JS object. It is useful for implementing undetectable
5915  // document.all in Firefox & Safari.
5916  // See https://bugzilla.mozilla.org/show_bug.cgi?id=248549.
5917  inline void set_is_undetectable() {
5918  set_bit_field(bit_field() | (1 << kIsUndetectable));
5919  }
5920 
5921  inline bool is_undetectable() {
5922  return ((1 << kIsUndetectable) & bit_field()) != 0;
5923  }
5924 
5925  // Tells whether the instance has a call-as-function handler.
5926  inline void set_is_observed() {
5927  set_bit_field(bit_field() | (1 << kIsObserved));
5928  }
5929 
5930  inline bool is_observed() {
5931  return ((1 << kIsObserved) & bit_field()) != 0;
5932  }
5933 
5934  inline void set_is_extensible(bool value);
5935  inline bool is_extensible();
5936 
5937  inline void set_elements_kind(ElementsKind elements_kind) {
5938  ASSERT(elements_kind < kElementsKindCount);
5939  ASSERT(kElementsKindCount <= (1 << kElementsKindBitCount));
5940  set_bit_field2((bit_field2() & ~kElementsKindMask) |
5941  (elements_kind << kElementsKindShift));
5942  ASSERT(this->elements_kind() == elements_kind);
5943  }
5944 
5945  inline ElementsKind elements_kind() {
5946  return static_cast<ElementsKind>(
5947  (bit_field2() & kElementsKindMask) >> kElementsKindShift);
5948  }
5949 
5950  // Tells whether the instance has fast elements that are only Smis.
5951  inline bool has_fast_smi_elements() {
5952  return IsFastSmiElementsKind(elements_kind());
5953  }
5954 
5955  // Tells whether the instance has fast elements.
5956  inline bool has_fast_object_elements() {
5957  return IsFastObjectElementsKind(elements_kind());
5958  }
5959 
5960  inline bool has_fast_smi_or_object_elements() {
5961  return IsFastSmiOrObjectElementsKind(elements_kind());
5962  }
5963 
5964  inline bool has_fast_double_elements() {
5965  return IsFastDoubleElementsKind(elements_kind());
5966  }
5967 
5968  inline bool has_fast_elements() {
5969  return IsFastElementsKind(elements_kind());
5970  }
5971 
5972  inline bool has_sloppy_arguments_elements() {
5973  return elements_kind() == SLOPPY_ARGUMENTS_ELEMENTS;
5974  }
5975 
5976  inline bool has_external_array_elements() {
5977  return IsExternalArrayElementsKind(elements_kind());
5978  }
5979 
5980  inline bool has_fixed_typed_array_elements() {
5981  return IsFixedTypedArrayElementsKind(elements_kind());
5982  }
5983 
5984  inline bool has_dictionary_elements() {
5985  return IsDictionaryElementsKind(elements_kind());
5986  }
5987 
5988  inline bool has_slow_elements_kind() {
5989  return elements_kind() == DICTIONARY_ELEMENTS
5990  || elements_kind() == SLOPPY_ARGUMENTS_ELEMENTS;
5991  }
5992 
5993  static bool IsValidElementsTransition(ElementsKind from_kind,
5994  ElementsKind to_kind);
5995 
5996  // Returns true if the current map doesn't have DICTIONARY_ELEMENTS but if a
5997  // map with DICTIONARY_ELEMENTS was found in the prototype chain.
5998  bool DictionaryElementsInPrototypeChainOnly();
5999 
6000  inline bool HasTransitionArray();
6001  inline bool HasElementsTransition();
6002  inline Map* elements_transition_map();
6003  MUST_USE_RESULT inline MaybeObject* set_elements_transition_map(
6004  Map* transitioned_map);
6005  inline void SetTransition(int transition_index, Map* target);
6006  inline Map* GetTransition(int transition_index);
6007 
6008  static Handle<TransitionArray> AddTransition(Handle<Map> map,
6009  Handle<Name> key,
6010  Handle<Map> target,
6011  SimpleTransitionFlag flag);
6012 
6013  MUST_USE_RESULT inline MaybeObject* AddTransition(Name* key,
6014  Map* target,
6015  SimpleTransitionFlag flag);
6016  DECL_ACCESSORS(transitions, TransitionArray)
6017  inline void ClearTransitions(Heap* heap,
6018  WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
6019 
6020  void DeprecateTransitionTree();
6021  void DeprecateTarget(Name* key, DescriptorArray* new_descriptors);
6022 
6023  Map* FindRootMap();
6024  Map* FindUpdatedMap(int verbatim, int length, DescriptorArray* descriptors);
6025  Map* FindLastMatchMap(int verbatim, int length, DescriptorArray* descriptors);
6026 
6027  inline int GetInObjectPropertyOffset(int index);
6028 
6029  int NumberOfFields();
6030 
6031  bool InstancesNeedRewriting(Map* target,
6032  int target_number_of_fields,
6033  int target_inobject,
6034  int target_unused);
6035  static Handle<Map> GeneralizeAllFieldRepresentations(
6036  Handle<Map> map,
6037  Representation new_representation);
6038  static Handle<Map> GeneralizeRepresentation(
6039  Handle<Map> map,
6040  int modify_index,
6041  Representation new_representation,
6042  StoreMode store_mode);
6043  static Handle<Map> CopyGeneralizeAllRepresentations(
6044  Handle<Map> map,
6045  int modify_index,
6046  StoreMode store_mode,
6047  PropertyAttributes attributes,
6048  const char* reason);
6049 
6050  void PrintGeneralization(FILE* file,
6051  const char* reason,
6052  int modify_index,
6053  int split,
6054  int descriptors,
6055  bool constant_to_field,
6056  Representation old_representation,
6057  Representation new_representation);
6058 
6059  // Returns the constructor name (the name (possibly, inferred name) of the
6060  // function that was used to instantiate the object).
6061  String* constructor_name();
6062 
6063  // Tells whether the map is attached to SharedFunctionInfo
6064  // (for inobject slack tracking).
6065  inline void set_attached_to_shared_function_info(bool value);
6066 
6067  inline bool attached_to_shared_function_info();
6068 
6069  // Tells whether the map is shared between objects that may have different
6070  // behavior. If true, the map should never be modified, instead a clone
6071  // should be created and modified.
6072  inline void set_is_shared(bool value);
6073  inline bool is_shared();
6074 
6075  // Tells whether the map is used for JSObjects in dictionary mode (ie
6076  // normalized objects, ie objects for which HasFastProperties returns false).
6077  // A map can never be used for both dictionary mode and fast mode JSObjects.
6078  // False by default and for HeapObjects that are not JSObjects.
6079  inline void set_dictionary_map(bool value);
6080  inline bool is_dictionary_map();
6081 
6082  // Tells whether the instance needs security checks when accessing its
6083  // properties.
6084  inline void set_is_access_check_needed(bool access_check_needed);
6085  inline bool is_access_check_needed();
6086 
6087  // Returns true if map has a non-empty stub code cache.
6088  inline bool has_code_cache();
6089 
6090  // [prototype]: implicit prototype object.
6091  DECL_ACCESSORS(prototype, Object)
6092 
6093  // [constructor]: points back to the function responsible for this map.
6094  DECL_ACCESSORS(constructor, Object)
6095 
6096  // [instance descriptors]: describes the object.
6097  DECL_ACCESSORS(instance_descriptors, DescriptorArray)
6098  inline void InitializeDescriptors(DescriptorArray* descriptors);
6099 
6100  // [stub cache]: contains stubs compiled for this map.
6101  DECL_ACCESSORS(code_cache, Object)
6102 
6103  // [dependent code]: list of optimized codes that have this map embedded.
6104  DECL_ACCESSORS(dependent_code, DependentCode)
6105 
6106  // [back pointer]: points back to the parent map from which a transition
6107  // leads to this map. The field overlaps with prototype transitions and the
6108  // back pointer will be moved into the prototype transitions array if
6109  // required.
6110  inline Object* GetBackPointer();
6111  inline void SetBackPointer(Object* value,
6112  WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
6113  inline void init_back_pointer(Object* undefined);
6114 
6115  // [prototype transitions]: cache of prototype transitions.
6116  // Prototype transition is a transition that happens
6117  // when we change object's prototype to a new one.
6118  // Cache format:
6119  // 0: finger - index of the first free cell in the cache
6120  // 1: back pointer that overlaps with prototype transitions field.
6121  // 2 + 2 * i: prototype
6122  // 3 + 2 * i: target map
6123  inline FixedArray* GetPrototypeTransitions();
6124  MUST_USE_RESULT inline MaybeObject* SetPrototypeTransitions(
6125  FixedArray* prototype_transitions);
6126  inline bool HasPrototypeTransitions();
6127 
6128  inline HeapObject* UncheckedPrototypeTransitions();
6129  inline TransitionArray* unchecked_transition_array();
6130 
6131  static const int kProtoTransitionHeaderSize = 1;
6132  static const int kProtoTransitionNumberOfEntriesOffset = 0;
6133  static const int kProtoTransitionElementsPerEntry = 2;
6134  static const int kProtoTransitionPrototypeOffset = 0;
6135  static const int kProtoTransitionMapOffset = 1;
6136 
6137  inline int NumberOfProtoTransitions() {
6138  FixedArray* cache = GetPrototypeTransitions();
6139  if (cache->length() == 0) return 0;
6140  return
6141  Smi::cast(cache->get(kProtoTransitionNumberOfEntriesOffset))->value();
6142  }
6143 
6144  inline void SetNumberOfProtoTransitions(int value) {
6145  FixedArray* cache = GetPrototypeTransitions();
6146  ASSERT(cache->length() != 0);
6147  cache->set(kProtoTransitionNumberOfEntriesOffset, Smi::FromInt(value));
6148  }
6149 
6150  // Lookup in the map's instance descriptors and fill out the result
6151  // with the given holder if the name is found. The holder may be
6152  // NULL when this function is used from the compiler.
6153  inline void LookupDescriptor(JSObject* holder,
6154  Name* name,
6155  LookupResult* result);
6156 
6157  inline void LookupTransition(JSObject* holder,
6158  Name* name,
6159  LookupResult* result);
6160 
6161  inline PropertyDetails GetLastDescriptorDetails();
6162 
6163  // The size of transition arrays are limited so they do not end up in large
6164  // object space. Otherwise ClearNonLiveTransitions would leak memory while
6165  // applying in-place right trimming.
6166  inline bool CanHaveMoreTransitions();
6167 
6168  int LastAdded() {
6169  int number_of_own_descriptors = NumberOfOwnDescriptors();
6170  ASSERT(number_of_own_descriptors > 0);
6171  return number_of_own_descriptors - 1;
6172  }
6173 
6174  int NumberOfOwnDescriptors() {
6175  return NumberOfOwnDescriptorsBits::decode(bit_field3());
6176  }
6177 
6178  void SetNumberOfOwnDescriptors(int number) {
6179  ASSERT(number <= instance_descriptors()->number_of_descriptors());
6180  set_bit_field3(NumberOfOwnDescriptorsBits::update(bit_field3(), number));
6181  }
6182 
6183  inline Cell* RetrieveDescriptorsPointer();
6184 
6185  int EnumLength() {
6186  return EnumLengthBits::decode(bit_field3());
6187  }
6188 
6189  void SetEnumLength(int length) {
6190  if (length != kInvalidEnumCacheSentinel) {
6191  ASSERT(length >= 0);
6192  ASSERT(length == 0 || instance_descriptors()->HasEnumCache());
6193  ASSERT(length <= NumberOfOwnDescriptors());
6194  }
6195  set_bit_field3(EnumLengthBits::update(bit_field3(), length));
6196  }
6197 
6198  inline bool owns_descriptors();
6199  inline void set_owns_descriptors(bool is_shared);
6200  inline bool has_instance_call_handler();
6201  inline void set_has_instance_call_handler();
6202  inline void freeze();
6203  inline bool is_frozen();
6204  inline void mark_unstable();
6205  inline bool is_stable();
6206  inline void set_migration_target(bool value);
6207  inline bool is_migration_target();
6208  inline void deprecate();
6209  inline bool is_deprecated();
6210  inline bool CanBeDeprecated();
6211  // Returns a non-deprecated version of the input. If the input was not
6212  // deprecated, it is directly returned. Otherwise, the non-deprecated version
6213  // is found by re-transitioning from the root of the transition tree using the
6214  // descriptor array of the map. Returns NULL if no updated map is found.
6215  // This method also applies any pending migrations along the prototype chain.
6216  static Handle<Map> CurrentMapForDeprecated(Handle<Map> map);
6217  // Same as above, but does not touch the prototype chain.
6218  static Handle<Map> CurrentMapForDeprecatedInternal(Handle<Map> map);
6219 
6220  static Handle<Map> RawCopy(Handle<Map> map, int instance_size);
6221  MUST_USE_RESULT MaybeObject* RawCopy(int instance_size);
6222  MUST_USE_RESULT MaybeObject* CopyWithPreallocatedFieldDescriptors();
6223  static Handle<Map> CopyDropDescriptors(Handle<Map> map);
6224  MUST_USE_RESULT MaybeObject* CopyDropDescriptors();
6225  static Handle<Map> CopyReplaceDescriptors(Handle<Map> map,
6226  Handle<DescriptorArray> descriptors,
6227  TransitionFlag flag,
6228  Handle<Name> name);
6229  MUST_USE_RESULT MaybeObject* CopyReplaceDescriptors(
6230  DescriptorArray* descriptors,
6231  TransitionFlag flag,
6232  Name* name = NULL,
6233  SimpleTransitionFlag simple_flag = FULL_TRANSITION);
6234  static Handle<Map> CopyInstallDescriptors(
6235  Handle<Map> map,
6236  int new_descriptor,
6237  Handle<DescriptorArray> descriptors);
6238  MUST_USE_RESULT MaybeObject* ShareDescriptor(DescriptorArray* descriptors,
6239  Descriptor* descriptor);
6240  MUST_USE_RESULT MaybeObject* CopyAddDescriptor(Descriptor* descriptor,
6241  TransitionFlag flag);
6242  MUST_USE_RESULT MaybeObject* CopyInsertDescriptor(Descriptor* descriptor,
6243  TransitionFlag flag);
6244  MUST_USE_RESULT MaybeObject* CopyReplaceDescriptor(
6245  DescriptorArray* descriptors,
6246  Descriptor* descriptor,
6247  int index,
6248  TransitionFlag flag);
6249 
6250  MUST_USE_RESULT MaybeObject* AsElementsKind(ElementsKind kind);
6251 
6252  static Handle<Map> AsElementsKind(Handle<Map> map, ElementsKind kind);
6253 
6254  MUST_USE_RESULT MaybeObject* CopyAsElementsKind(ElementsKind kind,
6255  TransitionFlag flag);
6256 
6257  static Handle<Map> CopyForObserved(Handle<Map> map);
6258 
6259  static Handle<Map> CopyNormalized(Handle<Map> map,
6260  PropertyNormalizationMode mode,
6261  NormalizedMapSharingMode sharing);
6262 
6263  inline void AppendDescriptor(Descriptor* desc,
6264  const DescriptorArray::WhitenessWitness&);
6265 
6266  // Returns a copy of the map, with all transitions dropped from the
6267  // instance descriptors.
6268  static Handle<Map> Copy(Handle<Map> map);
6269  MUST_USE_RESULT MaybeObject* Copy();
6270 
6271  // Returns the next free property index (only valid for FAST MODE).
6272  int NextFreePropertyIndex();
6273 
6274  // Returns the number of properties described in instance_descriptors
6275  // filtering out properties with the specified attributes.
6276  int NumberOfDescribedProperties(DescriptorFlag which = OWN_DESCRIPTORS,
6277  PropertyAttributes filter = NONE);
6278 
6279  // Returns the number of slots allocated for the initial properties
6280  // backing storage for instances of this map.
6281  int InitialPropertiesLength() {
6282  return pre_allocated_property_fields() + unused_property_fields() -
6283  inobject_properties();
6284  }
6285 
6286  // Casting.
6287  static inline Map* cast(Object* obj);
6288 
6289  // Locate an accessor in the instance descriptor.
6290  AccessorDescriptor* FindAccessor(Name* name);
6291 
6292  // Code cache operations.
6293 
6294  // Clears the code cache.
6295  inline void ClearCodeCache(Heap* heap);
6296 
6297  // Update code cache.
6298  static void UpdateCodeCache(Handle<Map> map,
6299  Handle<Name> name,
6300  Handle<Code> code);
6301  MUST_USE_RESULT MaybeObject* UpdateCodeCache(Name* name, Code* code);
6302 
6303  // Extend the descriptor array of the map with the list of descriptors.
6304  // In case of duplicates, the latest descriptor is used.
6305  static void AppendCallbackDescriptors(Handle<Map> map,
6306  Handle<Object> descriptors);
6307 
6308  static void EnsureDescriptorSlack(Handle<Map> map, int slack);
6309 
6310  // Returns the found code or undefined if absent.
6311  Object* FindInCodeCache(Name* name, Code::Flags flags);
6312 
6313  // Returns the non-negative index of the code object if it is in the
6314  // cache and -1 otherwise.
6315  int IndexInCodeCache(Object* name, Code* code);
6316 
6317  // Removes a code object from the code cache at the given index.
6318  void RemoveFromCodeCache(Name* name, Code* code, int index);
6319 
6320  // Set all map transitions from this map to dead maps to null. Also clear
6321  // back pointers in transition targets so that we do not process this map
6322  // again while following back pointers.
6323  void ClearNonLiveTransitions(Heap* heap);
6324 
6325  // Computes a hash value for this map, to be used in HashTables and such.
6326  int Hash();
6327 
6328  bool EquivalentToForTransition(Map* other);
6329 
6330  // Compares this map to another to see if they describe equivalent objects.
6331  // If |mode| is set to CLEAR_INOBJECT_PROPERTIES, |other| is treated as if
6332  // it had exactly zero inobject properties.
6333  // The "shared" flags of both this map and |other| are ignored.
6334  bool EquivalentToForNormalization(Map* other, PropertyNormalizationMode mode);
6335 
6336  // Returns the map that this map transitions to if its elements_kind
6337  // is changed to |elements_kind|, or NULL if no such map is cached yet.
6338  // |safe_to_add_transitions| is set to false if adding transitions is not
6339  // allowed.
6340  Map* LookupElementsTransitionMap(ElementsKind elements_kind);
6341 
6342  // Returns the transitioned map for this map with the most generic
6343  // elements_kind that's found in |candidates|, or null handle if no match is
6344  // found at all.
6345  Handle<Map> FindTransitionedMap(MapHandleList* candidates);
6346  Map* FindTransitionedMap(MapList* candidates);
6347 
6348  // Zaps the contents of backing data structures. Note that the
6349  // heap verifier (i.e. VerifyMarkingVisitor) relies on zapping of objects
6350  // holding weak references when incremental marking is used, because it also
6351  // iterates over objects that are otherwise unreachable.
6352  // In general we only want to call these functions in release mode when
6353  // heap verification is turned on.
6354  void ZapPrototypeTransitions();
6355  void ZapTransitions();
6356 
6357  bool CanTransition() {
6358  // Only JSObject and subtypes have map transitions and back pointers.
6359  STATIC_ASSERT(LAST_TYPE == LAST_JS_OBJECT_TYPE);
6360  return instance_type() >= FIRST_JS_OBJECT_TYPE;
6361  }
6362 
6363  bool IsJSObjectMap() {
6364  return instance_type() >= FIRST_JS_OBJECT_TYPE;
6365  }
6366  bool IsJSGlobalProxyMap() {
6367  return instance_type() == JS_GLOBAL_PROXY_TYPE;
6368  }
6369  bool IsJSGlobalObjectMap() {
6370  return instance_type() == JS_GLOBAL_OBJECT_TYPE;
6371  }
6372  bool IsGlobalObjectMap() {
6373  const InstanceType type = instance_type();
6374  return type == JS_GLOBAL_OBJECT_TYPE || type == JS_BUILTINS_OBJECT_TYPE;
6375  }
6376 
6377  // Fires when the layout of an object with a leaf map changes.
6378  // This includes adding transitions to the leaf map or changing
6379  // the descriptor array.
6380  inline void NotifyLeafMapLayoutChange();
6381 
6382  inline bool CanOmitMapChecks();
6383 
6384  void AddDependentCompilationInfo(DependentCode::DependencyGroup group,
6385  CompilationInfo* info);
6386 
6387  void AddDependentCode(DependentCode::DependencyGroup group,
6388  Handle<Code> code);
6389 
6390  bool IsMapInArrayPrototypeChain();
6391 
6392  // Dispatched behavior.
6393  DECLARE_PRINTER(Map)
6394  DECLARE_VERIFIER(Map)
6395 
6396 #ifdef VERIFY_HEAP
6397  void SharedMapVerify();
6398  void VerifyOmittedMapChecks();
6399 #endif
6400 
6401  inline int visitor_id();
6402  inline void set_visitor_id(int visitor_id);
6403 
6404  typedef void (*TraverseCallback)(Map* map, void* data);
6405 
6406  void TraverseTransitionTree(TraverseCallback callback, void* data);
6407 
6408  // When you set the prototype of an object using the __proto__ accessor you
6409  // need a new map for the object (the prototype is stored in the map). In
6410  // order not to multiply maps unnecessarily we store these as transitions in
6411  // the original map. That way we can transition to the same map if the same
6412  // prototype is set, rather than creating a new map every time. The
6413  // transitions are in the form of a map where the keys are prototype objects
6414  // and the values are the maps the are transitioned to.
6415  static const int kMaxCachedPrototypeTransitions = 256;
6416  static Handle<Map> GetPrototypeTransition(Handle<Map> map,
6417  Handle<Object> prototype);
6418  static Handle<Map> PutPrototypeTransition(Handle<Map> map,
6419  Handle<Object> prototype,
6420  Handle<Map> target_map);
6421 
6422  static const int kMaxPreAllocatedPropertyFields = 255;
6423 
6424  // Layout description.
6425  static const int kInstanceSizesOffset = HeapObject::kHeaderSize;
6426  static const int kInstanceAttributesOffset = kInstanceSizesOffset + kIntSize;
6427  static const int kPrototypeOffset = kInstanceAttributesOffset + kIntSize;
6428  static const int kConstructorOffset = kPrototypeOffset + kPointerSize;
6429  // Storage for the transition array is overloaded to directly contain a back
6430  // pointer if unused. When the map has transitions, the back pointer is
6431  // transferred to the transition array and accessed through an extra
6432  // indirection.
6433  static const int kTransitionsOrBackPointerOffset =
6434  kConstructorOffset + kPointerSize;
6435  static const int kDescriptorsOffset =
6436  kTransitionsOrBackPointerOffset + kPointerSize;
6437  static const int kCodeCacheOffset = kDescriptorsOffset + kPointerSize;
6438  static const int kDependentCodeOffset = kCodeCacheOffset + kPointerSize;
6439  static const int kBitField3Offset = kDependentCodeOffset + kPointerSize;
6440  static const int kSize = kBitField3Offset + kPointerSize;
6441 
6442  // Layout of pointer fields. Heap iteration code relies on them
6443  // being continuously allocated.
6444  static const int kPointerFieldsBeginOffset = Map::kPrototypeOffset;
6445  static const int kPointerFieldsEndOffset = kBitField3Offset + kPointerSize;
6446 
6447  // Byte offsets within kInstanceSizesOffset.
6448  static const int kInstanceSizeOffset = kInstanceSizesOffset + 0;
6449  static const int kInObjectPropertiesByte = 1;
6450  static const int kInObjectPropertiesOffset =
6451  kInstanceSizesOffset + kInObjectPropertiesByte;
6452  static const int kPreAllocatedPropertyFieldsByte = 2;
6453  static const int kPreAllocatedPropertyFieldsOffset =
6454  kInstanceSizesOffset + kPreAllocatedPropertyFieldsByte;
6455  static const int kVisitorIdByte = 3;
6456  static const int kVisitorIdOffset = kInstanceSizesOffset + kVisitorIdByte;
6457 
6458  // Byte offsets within kInstanceAttributesOffset attributes.
6459  static const int kInstanceTypeOffset = kInstanceAttributesOffset + 0;
6460  static const int kUnusedPropertyFieldsOffset = kInstanceAttributesOffset + 1;
6461  static const int kBitFieldOffset = kInstanceAttributesOffset + 2;
6462  static const int kBitField2Offset = kInstanceAttributesOffset + 3;
6463 
6464  STATIC_CHECK(kInstanceTypeOffset == Internals::kMapInstanceTypeOffset);
6465 
6466  // Bit positions for bit field.
6467  static const int kUnused = 0; // To be used for marking recently used maps.
6468  static const int kHasNonInstancePrototype = 1;
6469  static const int kIsHiddenPrototype = 2;
6470  static const int kHasNamedInterceptor = 3;
6471  static const int kHasIndexedInterceptor = 4;
6472  static const int kIsUndetectable = 5;
6473  static const int kIsObserved = 6;
6474  static const int kIsAccessCheckNeeded = 7;
6475 
6476  // Bit positions for bit field 2
6477  static const int kIsExtensible = 0;
6478  static const int kStringWrapperSafeForDefaultValueOf = 1;
6479  static const int kAttachedToSharedFunctionInfo = 2;
6480  // No bits can be used after kElementsKindFirstBit, they are all reserved for
6481  // storing ElementKind.
6482  static const int kElementsKindShift = 3;
6483  static const int kElementsKindBitCount = 5;
6484 
6485  // Derived values from bit field 2
6486  static const int kElementsKindMask = (-1 << kElementsKindShift) &
6487  ((1 << (kElementsKindShift + kElementsKindBitCount)) - 1);
6488  static const int8_t kMaximumBitField2FastElementValue = static_cast<int8_t>(
6489  (FAST_ELEMENTS + 1) << Map::kElementsKindShift) - 1;
6490  static const int8_t kMaximumBitField2FastSmiElementValue =
6491  static_cast<int8_t>((FAST_SMI_ELEMENTS + 1) <<
6492  Map::kElementsKindShift) - 1;
6493  static const int8_t kMaximumBitField2FastHoleyElementValue =
6494  static_cast<int8_t>((FAST_HOLEY_ELEMENTS + 1) <<
6495  Map::kElementsKindShift) - 1;
6496  static const int8_t kMaximumBitField2FastHoleySmiElementValue =
6497  static_cast<int8_t>((FAST_HOLEY_SMI_ELEMENTS + 1) <<
6498  Map::kElementsKindShift) - 1;
6499 
6500  typedef FixedBodyDescriptor<kPointerFieldsBeginOffset,
6501  kPointerFieldsEndOffset,
6502  kSize> BodyDescriptor;
6503 
6504  private:
6505  DISALLOW_IMPLICIT_CONSTRUCTORS(Map);
6506 };
6507 
6508 
6509 // An abstract superclass, a marker class really, for simple structure classes.
6510 // It doesn't carry much functionality but allows struct classes to be
6511 // identified in the type system.
6512 class Struct: public HeapObject {
6513  public:
6514  inline void InitializeBody(int object_size);
6515  static inline Struct* cast(Object* that);
6516 };
6517 
6518 
6519 // A simple one-element struct, useful where smis need to be boxed.
6520 class Box : public Struct {
6521  public:
6522  // [value]: the boxed contents.
6523  DECL_ACCESSORS(value, Object)
6524 
6525  static inline Box* cast(Object* obj);
6526 
6527  // Dispatched behavior.
6528  DECLARE_PRINTER(Box)
6529  DECLARE_VERIFIER(Box)
6530 
6531  static const int kValueOffset = HeapObject::kHeaderSize;
6532  static const int kSize = kValueOffset + kPointerSize;
6533 
6534  private:
6535  DISALLOW_IMPLICIT_CONSTRUCTORS(Box);
6536 };
6537 
6538 
6539 // Script describes a script which has been added to the VM.
6540 class Script: public Struct {
6541  public:
6542  // Script types.
6543  enum Type {
6544  TYPE_NATIVE = 0,
6545  TYPE_EXTENSION = 1,
6546  TYPE_NORMAL = 2
6547  };
6548 
6549  // Script compilation types.
6550  enum CompilationType {
6551  COMPILATION_TYPE_HOST = 0,
6552  COMPILATION_TYPE_EVAL = 1
6553  };
6554 
6555  // Script compilation state.
6556  enum CompilationState {
6557  COMPILATION_STATE_INITIAL = 0,
6558  COMPILATION_STATE_COMPILED = 1
6559  };
6560 
6561  // [source]: the script source.
6562  DECL_ACCESSORS(source, Object)
6563 
6564  // [name]: the script name.
6565  DECL_ACCESSORS(name, Object)
6566 
6567  // [id]: the script id.
6568  DECL_ACCESSORS(id, Smi)
6569 
6570  // [line_offset]: script line offset in resource from where it was extracted.
6571  DECL_ACCESSORS(line_offset, Smi)
6572 
6573  // [column_offset]: script column offset in resource from where it was
6574  // extracted.
6575  DECL_ACCESSORS(column_offset, Smi)
6576 
6577  // [context_data]: context data for the context this script was compiled in.
6578  DECL_ACCESSORS(context_data, Object)
6579 
6580  // [wrapper]: the wrapper cache.
6581  DECL_ACCESSORS(wrapper, Foreign)
6582 
6583  // [type]: the script type.
6584  DECL_ACCESSORS(type, Smi)
6585 
6586  // [line_ends]: FixedArray of line ends positions.
6587  DECL_ACCESSORS(line_ends, Object)
6588 
6589  // [eval_from_shared]: for eval scripts the shared funcion info for the
6590  // function from which eval was called.
6591  DECL_ACCESSORS(eval_from_shared, Object)
6592 
6593  // [eval_from_instructions_offset]: the instruction offset in the code for the
6594  // function from which eval was called where eval was called.
6595  DECL_ACCESSORS(eval_from_instructions_offset, Smi)
6596 
6597  // [flags]: Holds an exciting bitfield.
6598  DECL_ACCESSORS(flags, Smi)
6599 
6600  // [compilation_type]: how the the script was compiled. Encoded in the
6601  // 'flags' field.
6602  inline CompilationType compilation_type();
6603  inline void set_compilation_type(CompilationType type);
6604 
6605  // [compilation_state]: determines whether the script has already been
6606  // compiled. Encoded in the 'flags' field.
6607  inline CompilationState compilation_state();
6608  inline void set_compilation_state(CompilationState state);
6609 
6610  // [is_shared_cross_origin]: An opaque boolean set by the embedder via
6611  // ScriptOrigin, and used by the embedder to make decisions about the
6612  // script's level of privilege. V8 just passes this through. Encoded in
6613  // the 'flags' field.
6614  DECL_BOOLEAN_ACCESSORS(is_shared_cross_origin)
6615 
6616  static inline Script* cast(Object* obj);
6617 
6618  // If script source is an external string, check that the underlying
6619  // resource is accessible. Otherwise, always return true.
6620  inline bool HasValidSource();
6621 
6622  // Dispatched behavior.
6623  DECLARE_PRINTER(Script)
6624  DECLARE_VERIFIER(Script)
6625 
6626  static const int kSourceOffset = HeapObject::kHeaderSize;
6627  static const int kNameOffset = kSourceOffset + kPointerSize;
6628  static const int kLineOffsetOffset = kNameOffset + kPointerSize;
6629  static const int kColumnOffsetOffset = kLineOffsetOffset + kPointerSize;
6630  static const int kContextOffset = kColumnOffsetOffset + kPointerSize;
6631  static const int kWrapperOffset = kContextOffset + kPointerSize;
6632  static const int kTypeOffset = kWrapperOffset + kPointerSize;
6633  static const int kLineEndsOffset = kTypeOffset + kPointerSize;
6634  static const int kIdOffset = kLineEndsOffset + kPointerSize;
6635  static const int kEvalFromSharedOffset = kIdOffset + kPointerSize;
6636  static const int kEvalFrominstructionsOffsetOffset =
6637  kEvalFromSharedOffset + kPointerSize;
6638  static const int kFlagsOffset =
6639  kEvalFrominstructionsOffsetOffset + kPointerSize;
6640  static const int kSize = kFlagsOffset + kPointerSize;
6641 
6642  private:
6643  // Bit positions in the flags field.
6644  static const int kCompilationTypeBit = 0;
6645  static const int kCompilationStateBit = 1;
6646  static const int kIsSharedCrossOriginBit = 2;
6647 
6648  DISALLOW_IMPLICIT_CONSTRUCTORS(Script);
6649 };
6650 
6651 
6652 // List of builtin functions we want to identify to improve code
6653 // generation.
6654 //
6655 // Each entry has a name of a global object property holding an object
6656 // optionally followed by ".prototype", a name of a builtin function
6657 // on the object (the one the id is set for), and a label.
6658 //
6659 // Installation of ids for the selected builtin functions is handled
6660 // by the bootstrapper.
6661 #define FUNCTIONS_WITH_ID_LIST(V) \
6662  V(Array.prototype, push, ArrayPush) \
6663  V(Array.prototype, pop, ArrayPop) \
6664  V(Function.prototype, apply, FunctionApply) \
6665  V(String.prototype, charCodeAt, StringCharCodeAt) \
6666  V(String.prototype, charAt, StringCharAt) \
6667  V(String, fromCharCode, StringFromCharCode) \
6668  V(Math, floor, MathFloor) \
6669  V(Math, round, MathRound) \
6670  V(Math, ceil, MathCeil) \
6671  V(Math, abs, MathAbs) \
6672  V(Math, log, MathLog) \
6673  V(Math, exp, MathExp) \
6674  V(Math, sqrt, MathSqrt) \
6675  V(Math, pow, MathPow) \
6676  V(Math, max, MathMax) \
6677  V(Math, min, MathMin) \
6678  V(Math, imul, MathImul)
6679 
6680 enum BuiltinFunctionId {
6681  kArrayCode,
6682 #define DECLARE_FUNCTION_ID(ignored1, ignore2, name) \
6683  k##name,
6684  FUNCTIONS_WITH_ID_LIST(DECLARE_FUNCTION_ID)
6685 #undef DECLARE_FUNCTION_ID
6686  // Fake id for a special case of Math.pow. Note, it continues the
6687  // list of math functions.
6688  kMathPowHalf,
6689  // Installed only on --harmony-maths.
6690  kMathClz32
6691 };
6692 
6693 
6694 // SharedFunctionInfo describes the JSFunction information that can be
6695 // shared by multiple instances of the function.
6696 class SharedFunctionInfo: public HeapObject {
6697  public:
6698  // [name]: Function name.
6699  DECL_ACCESSORS(name, Object)
6700 
6701  // [code]: Function code.
6702  DECL_ACCESSORS(code, Code)
6703  inline void ReplaceCode(Code* code);
6704 
6705  // [optimized_code_map]: Map from native context to optimized code
6706  // and a shared literals array or Smi(0) if none.
6707  DECL_ACCESSORS(optimized_code_map, Object)
6708 
6709  // Returns index i of the entry with the specified context and OSR entry.
6710  // At position i - 1 is the context, position i the code, and i + 1 the
6711  // literals array. Returns -1 when no matching entry is found.
6712  int SearchOptimizedCodeMap(Context* native_context, BailoutId osr_ast_id);
6713 
6714  // Installs optimized code from the code map on the given closure. The
6715  // index has to be consistent with a search result as defined above.
6716  FixedArray* GetLiteralsFromOptimizedCodeMap(int index);
6717 
6718  Code* GetCodeFromOptimizedCodeMap(int index);
6719 
6720  // Clear optimized code map.
6721  void ClearOptimizedCodeMap();
6722 
6723  // Removed a specific optimized code object from the optimized code map.
6724  void EvictFromOptimizedCodeMap(Code* optimized_code, const char* reason);
6725 
6726  // Trims the optimized code map after entries have been removed.
6727  void TrimOptimizedCodeMap(int shrink_by);
6728 
6729  // Add a new entry to the optimized code map.
6730  MUST_USE_RESULT MaybeObject* AddToOptimizedCodeMap(Context* native_context,
6731  Code* code,
6732  FixedArray* literals,
6733  BailoutId osr_ast_id);
6734  static void AddToOptimizedCodeMap(Handle<SharedFunctionInfo> shared,
6735  Handle<Context> native_context,
6736  Handle<Code> code,
6737  Handle<FixedArray> literals,
6738  BailoutId osr_ast_id);
6739 
6740  // Layout description of the optimized code map.
6741  static const int kNextMapIndex = 0;
6742  static const int kEntriesStart = 1;
6743  static const int kContextOffset = 0;
6744  static const int kCachedCodeOffset = 1;
6745  static const int kLiteralsOffset = 2;
6746  static const int kOsrAstIdOffset = 3;
6747  static const int kEntryLength = 4;
6748  static const int kInitialLength = kEntriesStart + kEntryLength;
6749 
6750  // [scope_info]: Scope info.
6751  DECL_ACCESSORS(scope_info, ScopeInfo)
6752 
6753  // [construct stub]: Code stub for constructing instances of this function.
6754  DECL_ACCESSORS(construct_stub, Code)
6755 
6756  // Returns if this function has been compiled to native code yet.
6757  inline bool is_compiled();
6758 
6759  // [length]: The function length - usually the number of declared parameters.
6760  // Use up to 2^30 parameters.
6761  inline int length();
6762  inline void set_length(int value);
6763 
6764  // [formal parameter count]: The declared number of parameters.
6765  inline int formal_parameter_count();
6766  inline void set_formal_parameter_count(int value);
6767 
6768  // Set the formal parameter count so the function code will be
6769  // called without using argument adaptor frames.
6770  inline void DontAdaptArguments();
6771 
6772  // [expected_nof_properties]: Expected number of properties for the function.
6773  inline int expected_nof_properties();
6774  inline void set_expected_nof_properties(int value);
6775 
6776  // Inobject slack tracking is the way to reclaim unused inobject space.
6777  //
6778  // The instance size is initially determined by adding some slack to
6779  // expected_nof_properties (to allow for a few extra properties added
6780  // after the constructor). There is no guarantee that the extra space
6781  // will not be wasted.
6782  //
6783  // Here is the algorithm to reclaim the unused inobject space:
6784  // - Detect the first constructor call for this SharedFunctionInfo.
6785  // When it happens enter the "in progress" state: remember the
6786  // constructor's initial_map and install a special construct stub that
6787  // counts constructor calls.
6788  // - While the tracking is in progress create objects filled with
6789  // one_pointer_filler_map instead of undefined_value. This way they can be
6790  // resized quickly and safely.
6791  // - Once enough (kGenerousAllocationCount) objects have been created
6792  // compute the 'slack' (traverse the map transition tree starting from the
6793  // initial_map and find the lowest value of unused_property_fields).
6794  // - Traverse the transition tree again and decrease the instance size
6795  // of every map. Existing objects will resize automatically (they are
6796  // filled with one_pointer_filler_map). All further allocations will
6797  // use the adjusted instance size.
6798  // - Decrease expected_nof_properties so that an allocations made from
6799  // another context will use the adjusted instance size too.
6800  // - Exit "in progress" state by clearing the reference to the initial_map
6801  // and setting the regular construct stub (generic or inline).
6802  //
6803  // The above is the main event sequence. Some special cases are possible
6804  // while the tracking is in progress:
6805  //
6806  // - GC occurs.
6807  // Check if the initial_map is referenced by any live objects (except this
6808  // SharedFunctionInfo). If it is, continue tracking as usual.
6809  // If it is not, clear the reference and reset the tracking state. The
6810  // tracking will be initiated again on the next constructor call.
6811  //
6812  // - The constructor is called from another context.
6813  // Immediately complete the tracking, perform all the necessary changes
6814  // to maps. This is necessary because there is no efficient way to track
6815  // multiple initial_maps.
6816  // Proceed to create an object in the current context (with the adjusted
6817  // size).
6818  //
6819  // - A different constructor function sharing the same SharedFunctionInfo is
6820  // called in the same context. This could be another closure in the same
6821  // context, or the first function could have been disposed.
6822  // This is handled the same way as the previous case.
6823  //
6824  // Important: inobject slack tracking is not attempted during the snapshot
6825  // creation.
6826 
6827  static const int kGenerousAllocationCount = 8;
6828 
6829  // [construction_count]: Counter for constructor calls made during
6830  // the tracking phase.
6831  inline int construction_count();
6832  inline void set_construction_count(int value);
6833 
6834  // [initial_map]: initial map of the first function called as a constructor.
6835  // Saved for the duration of the tracking phase.
6836  // This is a weak link (GC resets it to undefined_value if no other live
6837  // object reference this map).
6838  DECL_ACCESSORS(initial_map, Object)
6839 
6840  // True if the initial_map is not undefined and the countdown stub is
6841  // installed.
6842  inline bool IsInobjectSlackTrackingInProgress();
6843 
6844  // Starts the tracking.
6845  // Stores the initial map and installs the countdown stub.
6846  // IsInobjectSlackTrackingInProgress is normally true after this call,
6847  // except when tracking have not been started (e.g. the map has no unused
6848  // properties or the snapshot is being built).
6849  void StartInobjectSlackTracking(Map* map);
6850 
6851  // Completes the tracking.
6852  // IsInobjectSlackTrackingInProgress is false after this call.
6853  void CompleteInobjectSlackTracking();
6854 
6855  // Invoked before pointers in SharedFunctionInfo are being marked.
6856  // Also clears the optimized code map.
6857  inline void BeforeVisitingPointers();
6858 
6859  // Clears the initial_map before the GC marking phase to ensure the reference
6860  // is weak. IsInobjectSlackTrackingInProgress is false after this call.
6861  void DetachInitialMap();
6862 
6863  // Restores the link to the initial map after the GC marking phase.
6864  // IsInobjectSlackTrackingInProgress is true after this call.
6865  void AttachInitialMap(Map* map);
6866 
6867  // False if there are definitely no live objects created from this function.
6868  // True if live objects _may_ exist (existence not guaranteed).
6869  // May go back from true to false after GC.
6870  DECL_BOOLEAN_ACCESSORS(live_objects_may_exist)
6871 
6872  // [instance class name]: class name for instances.
6873  DECL_ACCESSORS(instance_class_name, Object)
6874 
6875  // [function data]: This field holds some additional data for function.
6876  // Currently it either has FunctionTemplateInfo to make benefit the API
6877  // or Smi identifying a builtin function.
6878  // In the long run we don't want all functions to have this field but
6879  // we can fix that when we have a better model for storing hidden data
6880  // on objects.
6881  DECL_ACCESSORS(function_data, Object)
6882 
6883  inline bool IsApiFunction();
6884  inline FunctionTemplateInfo* get_api_func_data();
6885  inline bool HasBuiltinFunctionId();
6886  inline BuiltinFunctionId builtin_function_id();
6887 
6888  // [script info]: Script from which the function originates.
6889  DECL_ACCESSORS(script, Object)
6890 
6891  // [num_literals]: Number of literals used by this function.
6892  inline int num_literals();
6893  inline void set_num_literals(int value);
6894 
6895  // [start_position_and_type]: Field used to store both the source code
6896  // position, whether or not the function is a function expression,
6897  // and whether or not the function is a toplevel function. The two
6898  // least significants bit indicates whether the function is an
6899  // expression and the rest contains the source code position.
6900  inline int start_position_and_type();
6901  inline void set_start_position_and_type(int value);
6902 
6903  // [debug info]: Debug information.
6904  DECL_ACCESSORS(debug_info, Object)
6905 
6906  // [inferred name]: Name inferred from variable or property
6907  // assignment of this function. Used to facilitate debugging and
6908  // profiling of JavaScript code written in OO style, where almost
6909  // all functions are anonymous but are assigned to object
6910  // properties.
6911  DECL_ACCESSORS(inferred_name, String)
6912 
6913  // The function's name if it is non-empty, otherwise the inferred name.
6914  String* DebugName();
6915 
6916  // Position of the 'function' token in the script source.
6917  inline int function_token_position();
6918  inline void set_function_token_position(int function_token_position);
6919 
6920  // Position of this function in the script source.
6921  inline int start_position();
6922  inline void set_start_position(int start_position);
6923 
6924  // End position of this function in the script source.
6925  inline int end_position();
6926  inline void set_end_position(int end_position);
6927 
6928  // Is this function a function expression in the source code.
6929  DECL_BOOLEAN_ACCESSORS(is_expression)
6930 
6931  // Is this function a top-level function (scripts, evals).
6932  DECL_BOOLEAN_ACCESSORS(is_toplevel)
6933 
6934  // Bit field containing various information collected by the compiler to
6935  // drive optimization.
6936  inline int compiler_hints();
6937  inline void set_compiler_hints(int value);
6938 
6939  inline int ast_node_count();
6940  inline void set_ast_node_count(int count);
6941 
6942  inline int profiler_ticks();
6943 
6944  // Inline cache age is used to infer whether the function survived a context
6945  // disposal or not. In the former case we reset the opt_count.
6946  inline int ic_age();
6947  inline void set_ic_age(int age);
6948 
6949  // Indicates if this function can be lazy compiled.
6950  // This is used to determine if we can safely flush code from a function
6951  // when doing GC if we expect that the function will no longer be used.
6952  DECL_BOOLEAN_ACCESSORS(allows_lazy_compilation)
6953 
6954  // Indicates if this function can be lazy compiled without a context.
6955  // This is used to determine if we can force compilation without reaching
6956  // the function through program execution but through other means (e.g. heap
6957  // iteration by the debugger).
6958  DECL_BOOLEAN_ACCESSORS(allows_lazy_compilation_without_context)
6959 
6960  // Indicates whether optimizations have been disabled for this
6961  // shared function info. If a function is repeatedly optimized or if
6962  // we cannot optimize the function we disable optimization to avoid
6963  // spending time attempting to optimize it again.
6964  DECL_BOOLEAN_ACCESSORS(optimization_disabled)
6965 
6966  // Indicates the language mode.
6967  inline StrictMode strict_mode();
6968  inline void set_strict_mode(StrictMode strict_mode);
6969 
6970  // False if the function definitely does not allocate an arguments object.
6971  DECL_BOOLEAN_ACCESSORS(uses_arguments)
6972 
6973  // True if the function has any duplicated parameter names.
6974  DECL_BOOLEAN_ACCESSORS(has_duplicate_parameters)
6975 
6976  // Indicates whether the function is a native function.
6977  // These needs special treatment in .call and .apply since
6978  // null passed as the receiver should not be translated to the
6979  // global object.
6980  DECL_BOOLEAN_ACCESSORS(native)
6981 
6982  // Indicate that this builtin needs to be inlined in crankshaft.
6983  DECL_BOOLEAN_ACCESSORS(inline_builtin)
6984 
6985  // Indicates that the function was created by the Function function.
6986  // Though it's anonymous, toString should treat it as if it had the name
6987  // "anonymous". We don't set the name itself so that the system does not
6988  // see a binding for it.
6989  DECL_BOOLEAN_ACCESSORS(name_should_print_as_anonymous)
6990 
6991  // Indicates whether the function is a bound function created using
6992  // the bind function.
6993  DECL_BOOLEAN_ACCESSORS(bound)
6994 
6995  // Indicates that the function is anonymous (the name field can be set
6996  // through the API, which does not change this flag).
6997  DECL_BOOLEAN_ACCESSORS(is_anonymous)
6998 
6999  // Is this a function or top-level/eval code.
7000  DECL_BOOLEAN_ACCESSORS(is_function)
7001 
7002  // Indicates that the function cannot be optimized.
7003  DECL_BOOLEAN_ACCESSORS(dont_optimize)
7004 
7005  // Indicates that the function cannot be inlined.
7006  DECL_BOOLEAN_ACCESSORS(dont_inline)
7007 
7008  // Indicates that code for this function cannot be cached.
7009  DECL_BOOLEAN_ACCESSORS(dont_cache)
7010 
7011  // Indicates that code for this function cannot be flushed.
7012  DECL_BOOLEAN_ACCESSORS(dont_flush)
7013 
7014  // Indicates that this function is a generator.
7015  DECL_BOOLEAN_ACCESSORS(is_generator)
7016 
7017  // Indicates whether or not the code in the shared function support
7018  // deoptimization.
7019  inline bool has_deoptimization_support();
7020 
7021  // Enable deoptimization support through recompiled code.
7022  void EnableDeoptimizationSupport(Code* recompiled);
7023 
7024  // Disable (further) attempted optimization of all functions sharing this
7025  // shared function info.
7026  void DisableOptimization(BailoutReason reason);
7027 
7028  inline BailoutReason DisableOptimizationReason();
7029 
7030  // Lookup the bailout ID and ASSERT that it exists in the non-optimized
7031  // code, returns whether it asserted (i.e., always true if assertions are
7032  // disabled).
7033  bool VerifyBailoutId(BailoutId id);
7034 
7035  // [source code]: Source code for the function.
7036  bool HasSourceCode();
7037  Handle<Object> GetSourceCode();
7038 
7039  // Number of times the function was optimized.
7040  inline int opt_count();
7041  inline void set_opt_count(int opt_count);
7042 
7043  // Number of times the function was deoptimized.
7044  inline void set_deopt_count(int value);
7045  inline int deopt_count();
7046  inline void increment_deopt_count();
7047 
7048  // Number of time we tried to re-enable optimization after it
7049  // was disabled due to high number of deoptimizations.
7050  inline void set_opt_reenable_tries(int value);
7051  inline int opt_reenable_tries();
7052 
7053  inline void TryReenableOptimization();
7054 
7055  // Stores deopt_count, opt_reenable_tries and ic_age as bit-fields.
7056  inline void set_counters(int value);
7057  inline int counters();
7058 
7059  // Stores opt_count and bailout_reason as bit-fields.
7060  inline void set_opt_count_and_bailout_reason(int value);
7061  inline int opt_count_and_bailout_reason();
7062 
7063  void set_bailout_reason(BailoutReason reason) {
7064  set_opt_count_and_bailout_reason(
7065  DisabledOptimizationReasonBits::update(opt_count_and_bailout_reason(),
7066  reason));
7067  }
7068 
7069  void set_dont_optimize_reason(BailoutReason reason) {
7070  set_bailout_reason(reason);
7071  set_dont_optimize(reason != kNoReason);
7072  }
7073 
7074  // Check whether or not this function is inlineable.
7075  bool IsInlineable();
7076 
7077  // Source size of this function.
7078  int SourceSize();
7079 
7080  // Calculate the instance size.
7081  int CalculateInstanceSize();
7082 
7083  // Calculate the number of in-object properties.
7084  int CalculateInObjectProperties();
7085 
7086  // Dispatched behavior.
7087  // Set max_length to -1 for unlimited length.
7088  void SourceCodePrint(StringStream* accumulator, int max_length);
7089  DECLARE_PRINTER(SharedFunctionInfo)
7090  DECLARE_VERIFIER(SharedFunctionInfo)
7091 
7092  void ResetForNewContext(int new_ic_age);
7093 
7094  // Casting.
7095  static inline SharedFunctionInfo* cast(Object* obj);
7096 
7097  // Constants.
7098  static const int kDontAdaptArgumentsSentinel = -1;
7099 
7100  // Layout description.
7101  // Pointer fields.
7102  static const int kNameOffset = HeapObject::kHeaderSize;
7103  static const int kCodeOffset = kNameOffset + kPointerSize;
7104  static const int kOptimizedCodeMapOffset = kCodeOffset + kPointerSize;
7105  static const int kScopeInfoOffset = kOptimizedCodeMapOffset + kPointerSize;
7106  static const int kConstructStubOffset = kScopeInfoOffset + kPointerSize;
7107  static const int kInstanceClassNameOffset =
7108  kConstructStubOffset + kPointerSize;
7109  static const int kFunctionDataOffset =
7110  kInstanceClassNameOffset + kPointerSize;
7111  static const int kScriptOffset = kFunctionDataOffset + kPointerSize;
7112  static const int kDebugInfoOffset = kScriptOffset + kPointerSize;
7113  static const int kInferredNameOffset = kDebugInfoOffset + kPointerSize;
7114  static const int kInitialMapOffset =
7115  kInferredNameOffset + kPointerSize;
7116  // ast_node_count is a Smi field. It could be grouped with another Smi field
7117  // into a PSEUDO_SMI_ACCESSORS pair (on x64), if one becomes available.
7118  static const int kAstNodeCountOffset =
7119  kInitialMapOffset + kPointerSize;
7120 #if V8_HOST_ARCH_32_BIT
7121  // Smi fields.
7122  static const int kLengthOffset =
7123  kAstNodeCountOffset + kPointerSize;
7124  static const int kFormalParameterCountOffset = kLengthOffset + kPointerSize;
7125  static const int kExpectedNofPropertiesOffset =
7126  kFormalParameterCountOffset + kPointerSize;
7127  static const int kNumLiteralsOffset =
7128  kExpectedNofPropertiesOffset + kPointerSize;
7129  static const int kStartPositionAndTypeOffset =
7130  kNumLiteralsOffset + kPointerSize;
7131  static const int kEndPositionOffset =
7132  kStartPositionAndTypeOffset + kPointerSize;
7133  static const int kFunctionTokenPositionOffset =
7134  kEndPositionOffset + kPointerSize;
7135  static const int kCompilerHintsOffset =
7136  kFunctionTokenPositionOffset + kPointerSize;
7137  static const int kOptCountAndBailoutReasonOffset =
7138  kCompilerHintsOffset + kPointerSize;
7139  static const int kCountersOffset =
7140  kOptCountAndBailoutReasonOffset + kPointerSize;
7141 
7142  // Total size.
7143  static const int kSize = kCountersOffset + kPointerSize;
7144 #else
7145  // The only reason to use smi fields instead of int fields
7146  // is to allow iteration without maps decoding during
7147  // garbage collections.
7148  // To avoid wasting space on 64-bit architectures we use
7149  // the following trick: we group integer fields into pairs
7150  // First integer in each pair is shifted left by 1.
7151  // By doing this we guarantee that LSB of each kPointerSize aligned
7152  // word is not set and thus this word cannot be treated as pointer
7153  // to HeapObject during old space traversal.
7154  static const int kLengthOffset =
7155  kAstNodeCountOffset + kPointerSize;
7156  static const int kFormalParameterCountOffset =
7157  kLengthOffset + kIntSize;
7158 
7159  static const int kExpectedNofPropertiesOffset =
7160  kFormalParameterCountOffset + kIntSize;
7161  static const int kNumLiteralsOffset =
7162  kExpectedNofPropertiesOffset + kIntSize;
7163 
7164  static const int kEndPositionOffset =
7165  kNumLiteralsOffset + kIntSize;
7166  static const int kStartPositionAndTypeOffset =
7167  kEndPositionOffset + kIntSize;
7168 
7169  static const int kFunctionTokenPositionOffset =
7170  kStartPositionAndTypeOffset + kIntSize;
7171  static const int kCompilerHintsOffset =
7172  kFunctionTokenPositionOffset + kIntSize;
7173 
7174  static const int kOptCountAndBailoutReasonOffset =
7175  kCompilerHintsOffset + kIntSize;
7176 
7177  static const int kCountersOffset =
7178  kOptCountAndBailoutReasonOffset + kIntSize;
7179 
7180  // Total size.
7181  static const int kSize = kCountersOffset + kIntSize;
7182 
7183 #endif
7184 
7185  // The construction counter for inobject slack tracking is stored in the
7186  // most significant byte of compiler_hints which is otherwise unused.
7187  // Its offset depends on the endian-ness of the architecture.
7188 #if __BYTE_ORDER == __LITTLE_ENDIAN
7189  static const int kConstructionCountOffset = kCompilerHintsOffset + 3;
7190 #elif __BYTE_ORDER == __BIG_ENDIAN
7191  static const int kConstructionCountOffset = kCompilerHintsOffset + 0;
7192 #else
7193 #error Unknown byte ordering
7194 #endif
7195 
7196  static const int kAlignedSize = POINTER_SIZE_ALIGN(kSize);
7197 
7198  typedef FixedBodyDescriptor<kNameOffset,
7199  kInitialMapOffset + kPointerSize,
7200  kSize> BodyDescriptor;
7201 
7202  // Bit positions in start_position_and_type.
7203  // The source code start position is in the 30 most significant bits of
7204  // the start_position_and_type field.
7205  static const int kIsExpressionBit = 0;
7206  static const int kIsTopLevelBit = 1;
7207  static const int kStartPositionShift = 2;
7208  static const int kStartPositionMask = ~((1 << kStartPositionShift) - 1);
7209 
7210  // Bit positions in compiler_hints.
7211  enum CompilerHints {
7212  kAllowLazyCompilation,
7213  kAllowLazyCompilationWithoutContext,
7214  kLiveObjectsMayExist,
7215  kOptimizationDisabled,
7216  kStrictModeFunction,
7217  kUsesArguments,
7218  kHasDuplicateParameters,
7219  kNative,
7220  kInlineBuiltin,
7221  kBoundFunction,
7222  kIsAnonymous,
7223  kNameShouldPrintAsAnonymous,
7224  kIsFunction,
7225  kDontOptimize,
7226  kDontInline,
7227  kDontCache,
7228  kDontFlush,
7229  kIsGenerator,
7230  kCompilerHintsCount // Pseudo entry
7231  };
7232 
7233  class DeoptCountBits: public BitField<int, 0, 4> {};
7234  class OptReenableTriesBits: public BitField<int, 4, 18> {};
7235  class ICAgeBits: public BitField<int, 22, 8> {};
7236 
7237  class OptCountBits: public BitField<int, 0, 22> {};
7238  class DisabledOptimizationReasonBits: public BitField<int, 22, 8> {};
7239 
7240  private:
7241 #if V8_HOST_ARCH_32_BIT
7242  // On 32 bit platforms, compiler hints is a smi.
7243  static const int kCompilerHintsSmiTagSize = kSmiTagSize;
7244  static const int kCompilerHintsSize = kPointerSize;
7245 #else
7246  // On 64 bit platforms, compiler hints is not a smi, see comment above.
7247  static const int kCompilerHintsSmiTagSize = 0;
7248  static const int kCompilerHintsSize = kIntSize;
7249 #endif
7250 
7251  STATIC_ASSERT(SharedFunctionInfo::kCompilerHintsCount <=
7252  SharedFunctionInfo::kCompilerHintsSize * kBitsPerByte);
7253 
7254  public:
7255  // Constants for optimizing codegen for strict mode function and
7256  // native tests.
7257  // Allows to use byte-width instructions.
7258  static const int kStrictModeBitWithinByte =
7259  (kStrictModeFunction + kCompilerHintsSmiTagSize) % kBitsPerByte;
7260 
7261  static const int kNativeBitWithinByte =
7262  (kNative + kCompilerHintsSmiTagSize) % kBitsPerByte;
7263 
7264 #if __BYTE_ORDER == __LITTLE_ENDIAN
7265  static const int kStrictModeByteOffset = kCompilerHintsOffset +
7266  (kStrictModeFunction + kCompilerHintsSmiTagSize) / kBitsPerByte;
7267  static const int kNativeByteOffset = kCompilerHintsOffset +
7268  (kNative + kCompilerHintsSmiTagSize) / kBitsPerByte;
7269 #elif __BYTE_ORDER == __BIG_ENDIAN
7270  static const int kStrictModeByteOffset = kCompilerHintsOffset +
7271  (kCompilerHintsSize - 1) -
7272  ((kStrictModeFunction + kCompilerHintsSmiTagSize) / kBitsPerByte);
7273  static const int kNativeByteOffset = kCompilerHintsOffset +
7274  (kCompilerHintsSize - 1) -
7275  ((kNative + kCompilerHintsSmiTagSize) / kBitsPerByte);
7276 #else
7277 #error Unknown byte ordering
7278 #endif
7279 
7280  private:
7281  DISALLOW_IMPLICIT_CONSTRUCTORS(SharedFunctionInfo);
7282 };
7283 
7284 
7285 class JSGeneratorObject: public JSObject {
7286  public:
7287  // [function]: The function corresponding to this generator object.
7288  DECL_ACCESSORS(function, JSFunction)
7289 
7290  // [context]: The context of the suspended computation.
7291  DECL_ACCESSORS(context, Context)
7292 
7293  // [receiver]: The receiver of the suspended computation.
7294  DECL_ACCESSORS(receiver, Object)
7295 
7296  // [continuation]: Offset into code of continuation.
7297  //
7298  // A positive offset indicates a suspended generator. The special
7299  // kGeneratorExecuting and kGeneratorClosed values indicate that a generator
7300  // cannot be resumed.
7301  inline int continuation();
7302  inline void set_continuation(int continuation);
7303 
7304  // [operand_stack]: Saved operand stack.
7305  DECL_ACCESSORS(operand_stack, FixedArray)
7306 
7307  // [stack_handler_index]: Index of first stack handler in operand_stack, or -1
7308  // if the captured activation had no stack handler.
7309  inline int stack_handler_index();
7310  inline void set_stack_handler_index(int stack_handler_index);
7311 
7312  // Casting.
7313  static inline JSGeneratorObject* cast(Object* obj);
7314 
7315  // Dispatched behavior.
7316  DECLARE_PRINTER(JSGeneratorObject)
7317  DECLARE_VERIFIER(JSGeneratorObject)
7318 
7319  // Magic sentinel values for the continuation.
7320  static const int kGeneratorExecuting = -1;
7321  static const int kGeneratorClosed = 0;
7322 
7323  // Layout description.
7324  static const int kFunctionOffset = JSObject::kHeaderSize;
7325  static const int kContextOffset = kFunctionOffset + kPointerSize;
7326  static const int kReceiverOffset = kContextOffset + kPointerSize;
7327  static const int kContinuationOffset = kReceiverOffset + kPointerSize;
7328  static const int kOperandStackOffset = kContinuationOffset + kPointerSize;
7329  static const int kStackHandlerIndexOffset =
7330  kOperandStackOffset + kPointerSize;
7331  static const int kSize = kStackHandlerIndexOffset + kPointerSize;
7332 
7333  // Resume mode, for use by runtime functions.
7334  enum ResumeMode { NEXT, THROW };
7335 
7336  // Yielding from a generator returns an object with the following inobject
7337  // properties. See Context::generator_result_map() for the map.
7338  static const int kResultValuePropertyIndex = 0;
7339  static const int kResultDonePropertyIndex = 1;
7340  static const int kResultPropertyCount = 2;
7341 
7342  static const int kResultValuePropertyOffset = JSObject::kHeaderSize;
7343  static const int kResultDonePropertyOffset =
7344  kResultValuePropertyOffset + kPointerSize;
7345  static const int kResultSize = kResultDonePropertyOffset + kPointerSize;
7346 
7347  private:
7348  DISALLOW_IMPLICIT_CONSTRUCTORS(JSGeneratorObject);
7349 };
7350 
7351 
7352 // Representation for module instance objects.
7353 class JSModule: public JSObject {
7354  public:
7355  // [context]: the context holding the module's locals, or undefined if none.
7356  DECL_ACCESSORS(context, Object)
7357 
7358  // [scope_info]: Scope info.
7359  DECL_ACCESSORS(scope_info, ScopeInfo)
7360 
7361  // Casting.
7362  static inline JSModule* cast(Object* obj);
7363 
7364  // Dispatched behavior.
7365  DECLARE_PRINTER(JSModule)
7366  DECLARE_VERIFIER(JSModule)
7367 
7368  // Layout description.
7369  static const int kContextOffset = JSObject::kHeaderSize;
7370  static const int kScopeInfoOffset = kContextOffset + kPointerSize;
7371  static const int kSize = kScopeInfoOffset + kPointerSize;
7372 
7373  private:
7374  DISALLOW_IMPLICIT_CONSTRUCTORS(JSModule);
7375 };
7376 
7377 
7378 // JSFunction describes JavaScript functions.
7379 class JSFunction: public JSObject {
7380  public:
7381  // [prototype_or_initial_map]:
7382  DECL_ACCESSORS(prototype_or_initial_map, Object)
7383 
7384  // [shared]: The information about the function that
7385  // can be shared by instances.
7386  DECL_ACCESSORS(shared, SharedFunctionInfo)
7387 
7388  // [context]: The context for this function.
7389  inline Context* context();
7390  inline void set_context(Object* context);
7391 
7392  // [code]: The generated code object for this function. Executed
7393  // when the function is invoked, e.g. foo() or new foo(). See
7394  // [[Call]] and [[Construct]] description in ECMA-262, section
7395  // 8.6.2, page 27.
7396  inline Code* code();
7397  inline void set_code(Code* code);
7398  inline void set_code_no_write_barrier(Code* code);
7399  inline void ReplaceCode(Code* code);
7400 
7401  // Tells whether this function is builtin.
7402  inline bool IsBuiltin();
7403 
7404  // Tells whether or not the function needs arguments adaption.
7405  inline bool NeedsArgumentsAdaption();
7406 
7407  // Tells whether or not this function has been optimized.
7408  inline bool IsOptimized();
7409 
7410  // Tells whether or not this function can be optimized.
7411  inline bool IsOptimizable();
7412 
7413  // Mark this function for lazy recompilation. The function will be
7414  // recompiled the next time it is executed.
7415  void MarkForOptimization();
7416  void MarkForConcurrentOptimization();
7417  void MarkInOptimizationQueue();
7418 
7419  // Tells whether or not the function is already marked for lazy
7420  // recompilation.
7421  inline bool IsMarkedForOptimization();
7422  inline bool IsMarkedForConcurrentOptimization();
7423 
7424  // Tells whether or not the function is on the concurrent recompilation queue.
7425  inline bool IsInOptimizationQueue();
7426 
7427  // [literals_or_bindings]: Fixed array holding either
7428  // the materialized literals or the bindings of a bound function.
7429  //
7430  // If the function contains object, regexp or array literals, the
7431  // literals array prefix contains the object, regexp, and array
7432  // function to be used when creating these literals. This is
7433  // necessary so that we do not dynamically lookup the object, regexp
7434  // or array functions. Performing a dynamic lookup, we might end up
7435  // using the functions from a new context that we should not have
7436  // access to.
7437  //
7438  // On bound functions, the array is a (copy-on-write) fixed-array containing
7439  // the function that was bound, bound this-value and any bound
7440  // arguments. Bound functions never contain literals.
7441  DECL_ACCESSORS(literals_or_bindings, FixedArray)
7442 
7443  inline FixedArray* literals();
7444  inline void set_literals(FixedArray* literals);
7445 
7446  inline FixedArray* function_bindings();
7447  inline void set_function_bindings(FixedArray* bindings);
7448 
7449  // The initial map for an object created by this constructor.
7450  inline Map* initial_map();
7451  inline void set_initial_map(Map* value);
7452  inline bool has_initial_map();
7453  static void EnsureHasInitialMap(Handle<JSFunction> function);
7454 
7455  // Get and set the prototype property on a JSFunction. If the
7456  // function has an initial map the prototype is set on the initial
7457  // map. Otherwise, the prototype is put in the initial map field
7458  // until an initial map is needed.
7459  inline bool has_prototype();
7460  inline bool has_instance_prototype();
7461  inline Object* prototype();
7462  inline Object* instance_prototype();
7463  static void SetPrototype(Handle<JSFunction> function,
7464  Handle<Object> value);
7465  static void SetInstancePrototype(Handle<JSFunction> function,
7466  Handle<Object> value);
7467 
7468  // After prototype is removed, it will not be created when accessed, and
7469  // [[Construct]] from this function will not be allowed.
7470  void RemovePrototype();
7471  inline bool should_have_prototype();
7472 
7473  // Accessor for this function's initial map's [[class]]
7474  // property. This is primarily used by ECMA native functions. This
7475  // method sets the class_name field of this function's initial map
7476  // to a given value. It creates an initial map if this function does
7477  // not have one. Note that this method does not copy the initial map
7478  // if it has one already, but simply replaces it with the new value.
7479  // Instances created afterwards will have a map whose [[class]] is
7480  // set to 'value', but there is no guarantees on instances created
7481  // before.
7482  void SetInstanceClassName(String* name);
7483 
7484  // Returns if this function has been compiled to native code yet.
7485  inline bool is_compiled();
7486 
7487  // [next_function_link]: Links functions into various lists, e.g. the list
7488  // of optimized functions hanging off the native_context. The CodeFlusher
7489  // uses this link to chain together flushing candidates. Treated weakly
7490  // by the garbage collector.
7491  DECL_ACCESSORS(next_function_link, Object)
7492 
7493  // Prints the name of the function using PrintF.
7494  void PrintName(FILE* out = stdout);
7495 
7496  // Casting.
7497  static inline JSFunction* cast(Object* obj);
7498 
7499  // Iterates the objects, including code objects indirectly referenced
7500  // through pointers to the first instruction in the code object.
7501  void JSFunctionIterateBody(int object_size, ObjectVisitor* v);
7502 
7503  // Dispatched behavior.
7504  DECLARE_PRINTER(JSFunction)
7505  DECLARE_VERIFIER(JSFunction)
7506 
7507  // Returns the number of allocated literals.
7508  inline int NumberOfLiterals();
7509 
7510  // Retrieve the native context from a function's literal array.
7511  static Context* NativeContextFromLiterals(FixedArray* literals);
7512 
7513  // Used for flags such as --hydrogen-filter.
7514  bool PassesFilter(const char* raw_filter);
7515 
7516  // Layout descriptors. The last property (from kNonWeakFieldsEndOffset to
7517  // kSize) is weak and has special handling during garbage collection.
7518  static const int kCodeEntryOffset = JSObject::kHeaderSize;
7519  static const int kPrototypeOrInitialMapOffset =
7520  kCodeEntryOffset + kPointerSize;
7521  static const int kSharedFunctionInfoOffset =
7522  kPrototypeOrInitialMapOffset + kPointerSize;
7523  static const int kContextOffset = kSharedFunctionInfoOffset + kPointerSize;
7524  static const int kLiteralsOffset = kContextOffset + kPointerSize;
7525  static const int kNonWeakFieldsEndOffset = kLiteralsOffset + kPointerSize;
7526  static const int kNextFunctionLinkOffset = kNonWeakFieldsEndOffset;
7527  static const int kSize = kNextFunctionLinkOffset + kPointerSize;
7528 
7529  // Layout of the literals array.
7530  static const int kLiteralsPrefixSize = 1;
7531  static const int kLiteralNativeContextIndex = 0;
7532 
7533  // Layout of the bound-function binding array.
7534  static const int kBoundFunctionIndex = 0;
7535  static const int kBoundThisIndex = 1;
7536  static const int kBoundArgumentsStartIndex = 2;
7537 
7538  private:
7539  DISALLOW_IMPLICIT_CONSTRUCTORS(JSFunction);
7540 };
7541 
7542 
7543 // JSGlobalProxy's prototype must be a JSGlobalObject or null,
7544 // and the prototype is hidden. JSGlobalProxy always delegates
7545 // property accesses to its prototype if the prototype is not null.
7546 //
7547 // A JSGlobalProxy can be reinitialized which will preserve its identity.
7548 //
7549 // Accessing a JSGlobalProxy requires security check.
7550 
7551 class JSGlobalProxy : public JSObject {
7552  public:
7553  // [native_context]: the owner native context of this global proxy object.
7554  // It is null value if this object is not used by any context.
7555  DECL_ACCESSORS(native_context, Object)
7556 
7557  // Casting.
7558  static inline JSGlobalProxy* cast(Object* obj);
7559 
7560  inline bool IsDetachedFrom(GlobalObject* global);
7561 
7562  // Dispatched behavior.
7563  DECLARE_PRINTER(JSGlobalProxy)
7564  DECLARE_VERIFIER(JSGlobalProxy)
7565 
7566  // Layout description.
7567  static const int kNativeContextOffset = JSObject::kHeaderSize;
7568  static const int kSize = kNativeContextOffset + kPointerSize;
7569 
7570  private:
7571  DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalProxy);
7572 };
7573 
7574 
7575 // Forward declaration.
7576 class JSBuiltinsObject;
7577 
7578 // Common super class for JavaScript global objects and the special
7579 // builtins global objects.
7580 class GlobalObject: public JSObject {
7581  public:
7582  // [builtins]: the object holding the runtime routines written in JS.
7583  DECL_ACCESSORS(builtins, JSBuiltinsObject)
7584 
7585  // [native context]: the natives corresponding to this global object.
7586  DECL_ACCESSORS(native_context, Context)
7587 
7588  // [global context]: the most recent (i.e. innermost) global context.
7589  DECL_ACCESSORS(global_context, Context)
7590 
7591  // [global receiver]: the global receiver object of the context
7592  DECL_ACCESSORS(global_receiver, JSObject)
7593 
7594  // Retrieve the property cell used to store a property.
7595  PropertyCell* GetPropertyCell(LookupResult* result);
7596 
7597  // This is like GetProperty, but is used when you know the lookup won't fail
7598  // by throwing an exception. This is for the debug and builtins global
7599  // objects, where it is known which properties can be expected to be present
7600  // on the object.
7601  Object* GetPropertyNoExceptionThrown(Name* key) {
7602  Object* answer = GetProperty(key)->ToObjectUnchecked();
7603  return answer;
7604  }
7605 
7606  // Casting.
7607  static inline GlobalObject* cast(Object* obj);
7608 
7609  // Layout description.
7610  static const int kBuiltinsOffset = JSObject::kHeaderSize;
7611  static const int kNativeContextOffset = kBuiltinsOffset + kPointerSize;
7612  static const int kGlobalContextOffset = kNativeContextOffset + kPointerSize;
7613  static const int kGlobalReceiverOffset = kGlobalContextOffset + kPointerSize;
7614  static const int kHeaderSize = kGlobalReceiverOffset + kPointerSize;
7615 
7616  private:
7617  DISALLOW_IMPLICIT_CONSTRUCTORS(GlobalObject);
7618 };
7619 
7620 
7621 // JavaScript global object.
7622 class JSGlobalObject: public GlobalObject {
7623  public:
7624  // Casting.
7625  static inline JSGlobalObject* cast(Object* obj);
7626 
7627  // Ensure that the global object has a cell for the given property name.
7628  static Handle<PropertyCell> EnsurePropertyCell(Handle<JSGlobalObject> global,
7629  Handle<Name> name);
7630 
7631  inline bool IsDetached();
7632 
7633  // Dispatched behavior.
7634  DECLARE_PRINTER(JSGlobalObject)
7635  DECLARE_VERIFIER(JSGlobalObject)
7636 
7637  // Layout description.
7638  static const int kSize = GlobalObject::kHeaderSize;
7639 
7640  private:
7641  DISALLOW_IMPLICIT_CONSTRUCTORS(JSGlobalObject);
7642 };
7643 
7644 
7645 // Builtins global object which holds the runtime routines written in
7646 // JavaScript.
7647 class JSBuiltinsObject: public GlobalObject {
7648  public:
7649  // Accessors for the runtime routines written in JavaScript.
7650  inline Object* javascript_builtin(Builtins::JavaScript id);
7651  inline void set_javascript_builtin(Builtins::JavaScript id, Object* value);
7652 
7653  // Accessors for code of the runtime routines written in JavaScript.
7654  inline Code* javascript_builtin_code(Builtins::JavaScript id);
7655  inline void set_javascript_builtin_code(Builtins::JavaScript id, Code* value);
7656 
7657  // Casting.
7658  static inline JSBuiltinsObject* cast(Object* obj);
7659 
7660  // Dispatched behavior.
7661  DECLARE_PRINTER(JSBuiltinsObject)
7662  DECLARE_VERIFIER(JSBuiltinsObject)
7663 
7664  // Layout description. The size of the builtins object includes
7665  // room for two pointers per runtime routine written in javascript
7666  // (function and code object).
7667  static const int kJSBuiltinsCount = Builtins::id_count;
7668  static const int kJSBuiltinsOffset = GlobalObject::kHeaderSize;
7669  static const int kJSBuiltinsCodeOffset =
7670  GlobalObject::kHeaderSize + (kJSBuiltinsCount * kPointerSize);
7671  static const int kSize =
7672  kJSBuiltinsCodeOffset + (kJSBuiltinsCount * kPointerSize);
7673 
7674  static int OffsetOfFunctionWithId(Builtins::JavaScript id) {
7675  return kJSBuiltinsOffset + id * kPointerSize;
7676  }
7677 
7678  static int OffsetOfCodeWithId(Builtins::JavaScript id) {
7679  return kJSBuiltinsCodeOffset + id * kPointerSize;
7680  }
7681 
7682  private:
7683  DISALLOW_IMPLICIT_CONSTRUCTORS(JSBuiltinsObject);
7684 };
7685 
7686 
7687 // Representation for JS Wrapper objects, String, Number, Boolean, etc.
7688 class JSValue: public JSObject {
7689  public:
7690  // [value]: the object being wrapped.
7691  DECL_ACCESSORS(value, Object)
7692 
7693  // Casting.
7694  static inline JSValue* cast(Object* obj);
7695 
7696  // Dispatched behavior.
7697  DECLARE_PRINTER(JSValue)
7698  DECLARE_VERIFIER(JSValue)
7699 
7700  // Layout description.
7701  static const int kValueOffset = JSObject::kHeaderSize;
7702  static const int kSize = kValueOffset + kPointerSize;
7703 
7704  private:
7705  DISALLOW_IMPLICIT_CONSTRUCTORS(JSValue);
7706 };
7707 
7708 
7709 class DateCache;
7710 
7711 // Representation for JS date objects.
7712 class JSDate: public JSObject {
7713  public:
7714  // If one component is NaN, all of them are, indicating a NaN time value.
7715  // [value]: the time value.
7716  DECL_ACCESSORS(value, Object)
7717  // [year]: caches year. Either undefined, smi, or NaN.
7718  DECL_ACCESSORS(year, Object)
7719  // [month]: caches month. Either undefined, smi, or NaN.
7720  DECL_ACCESSORS(month, Object)
7721  // [day]: caches day. Either undefined, smi, or NaN.
7722  DECL_ACCESSORS(day, Object)
7723  // [weekday]: caches day of week. Either undefined, smi, or NaN.
7724  DECL_ACCESSORS(weekday, Object)
7725  // [hour]: caches hours. Either undefined, smi, or NaN.
7726  DECL_ACCESSORS(hour, Object)
7727  // [min]: caches minutes. Either undefined, smi, or NaN.
7728  DECL_ACCESSORS(min, Object)
7729  // [sec]: caches seconds. Either undefined, smi, or NaN.
7730  DECL_ACCESSORS(sec, Object)
7731  // [cache stamp]: sample of the date cache stamp at the
7732  // moment when local fields were cached.
7733  DECL_ACCESSORS(cache_stamp, Object)
7734 
7735  // Casting.
7736  static inline JSDate* cast(Object* obj);
7737 
7738  // Returns the date field with the specified index.
7739  // See FieldIndex for the list of date fields.
7740  static Object* GetField(Object* date, Smi* index);
7741 
7742  void SetValue(Object* value, bool is_value_nan);
7743 
7744 
7745  // Dispatched behavior.
7746  DECLARE_PRINTER(JSDate)
7747  DECLARE_VERIFIER(JSDate)
7748 
7749  // The order is important. It must be kept in sync with date macros
7750  // in macros.py.
7751  enum FieldIndex {
7752  kDateValue,
7753  kYear,
7754  kMonth,
7755  kDay,
7756  kWeekday,
7757  kHour,
7758  kMinute,
7759  kSecond,
7760  kFirstUncachedField,
7761  kMillisecond = kFirstUncachedField,
7762  kDays,
7763  kTimeInDay,
7764  kFirstUTCField,
7765  kYearUTC = kFirstUTCField,
7766  kMonthUTC,
7767  kDayUTC,
7768  kWeekdayUTC,
7769  kHourUTC,
7770  kMinuteUTC,
7771  kSecondUTC,
7772  kMillisecondUTC,
7773  kDaysUTC,
7774  kTimeInDayUTC,
7775  kTimezoneOffset
7776  };
7777 
7778  // Layout description.
7779  static const int kValueOffset = JSObject::kHeaderSize;
7780  static const int kYearOffset = kValueOffset + kPointerSize;
7781  static const int kMonthOffset = kYearOffset + kPointerSize;
7782  static const int kDayOffset = kMonthOffset + kPointerSize;
7783  static const int kWeekdayOffset = kDayOffset + kPointerSize;
7784  static const int kHourOffset = kWeekdayOffset + kPointerSize;
7785  static const int kMinOffset = kHourOffset + kPointerSize;
7786  static const int kSecOffset = kMinOffset + kPointerSize;
7787  static const int kCacheStampOffset = kSecOffset + kPointerSize;
7788  static const int kSize = kCacheStampOffset + kPointerSize;
7789 
7790  private:
7791  inline Object* DoGetField(FieldIndex index);
7792 
7793  Object* GetUTCField(FieldIndex index, double value, DateCache* date_cache);
7794 
7795  // Computes and caches the cacheable fields of the date.
7796  inline void SetLocalFields(int64_t local_time_ms, DateCache* date_cache);
7797 
7798 
7799  DISALLOW_IMPLICIT_CONSTRUCTORS(JSDate);
7800 };
7801 
7802 
7803 // Representation of message objects used for error reporting through
7804 // the API. The messages are formatted in JavaScript so this object is
7805 // a real JavaScript object. The information used for formatting the
7806 // error messages are not directly accessible from JavaScript to
7807 // prevent leaking information to user code called during error
7808 // formatting.
7809 class JSMessageObject: public JSObject {
7810  public:
7811  // [type]: the type of error message.
7812  DECL_ACCESSORS(type, String)
7813 
7814  // [arguments]: the arguments for formatting the error message.
7815  DECL_ACCESSORS(arguments, JSArray)
7816 
7817  // [script]: the script from which the error message originated.
7818  DECL_ACCESSORS(script, Object)
7819 
7820  // [stack_frames]: an array of stack frames for this error object.
7821  DECL_ACCESSORS(stack_frames, Object)
7822 
7823  // [start_position]: the start position in the script for the error message.
7824  inline int start_position();
7825  inline void set_start_position(int value);
7826 
7827  // [end_position]: the end position in the script for the error message.
7828  inline int end_position();
7829  inline void set_end_position(int value);
7830 
7831  // Casting.
7832  static inline JSMessageObject* cast(Object* obj);
7833 
7834  // Dispatched behavior.
7835  DECLARE_PRINTER(JSMessageObject)
7836  DECLARE_VERIFIER(JSMessageObject)
7837 
7838  // Layout description.
7839  static const int kTypeOffset = JSObject::kHeaderSize;
7840  static const int kArgumentsOffset = kTypeOffset + kPointerSize;
7841  static const int kScriptOffset = kArgumentsOffset + kPointerSize;
7842  static const int kStackFramesOffset = kScriptOffset + kPointerSize;
7843  static const int kStartPositionOffset = kStackFramesOffset + kPointerSize;
7844  static const int kEndPositionOffset = kStartPositionOffset + kPointerSize;
7845  static const int kSize = kEndPositionOffset + kPointerSize;
7846 
7847  typedef FixedBodyDescriptor<HeapObject::kMapOffset,
7848  kStackFramesOffset + kPointerSize,
7849  kSize> BodyDescriptor;
7850 };
7851 
7852 
7853 // Regular expressions
7854 // The regular expression holds a single reference to a FixedArray in
7855 // the kDataOffset field.
7856 // The FixedArray contains the following data:
7857 // - tag : type of regexp implementation (not compiled yet, atom or irregexp)
7858 // - reference to the original source string
7859 // - reference to the original flag string
7860 // If it is an atom regexp
7861 // - a reference to a literal string to search for
7862 // If it is an irregexp regexp:
7863 // - a reference to code for ASCII inputs (bytecode or compiled), or a smi
7864 // used for tracking the last usage (used for code flushing).
7865 // - a reference to code for UC16 inputs (bytecode or compiled), or a smi
7866 // used for tracking the last usage (used for code flushing)..
7867 // - max number of registers used by irregexp implementations.
7868 // - number of capture registers (output values) of the regexp.
7869 class JSRegExp: public JSObject {
7870  public:
7871  // Meaning of Type:
7872  // NOT_COMPILED: Initial value. No data has been stored in the JSRegExp yet.
7873  // ATOM: A simple string to match against using an indexOf operation.
7874  // IRREGEXP: Compiled with Irregexp.
7875  // IRREGEXP_NATIVE: Compiled to native code with Irregexp.
7876  enum Type { NOT_COMPILED, ATOM, IRREGEXP };
7877  enum Flag { NONE = 0, GLOBAL = 1, IGNORE_CASE = 2, MULTILINE = 4 };
7878 
7879  class Flags {
7880  public:
7881  explicit Flags(uint32_t value) : value_(value) { }
7882  bool is_global() { return (value_ & GLOBAL) != 0; }
7883  bool is_ignore_case() { return (value_ & IGNORE_CASE) != 0; }
7884  bool is_multiline() { return (value_ & MULTILINE) != 0; }
7885  uint32_t value() { return value_; }
7886  private:
7887  uint32_t value_;
7888  };
7889 
7890  DECL_ACCESSORS(data, Object)
7891 
7892  inline Type TypeTag();
7893  inline int CaptureCount();
7894  inline Flags GetFlags();
7895  inline String* Pattern();
7896  inline Object* DataAt(int index);
7897  // Set implementation data after the object has been prepared.
7898  inline void SetDataAt(int index, Object* value);
7899 
7900  static int code_index(bool is_ascii) {
7901  if (is_ascii) {
7902  return kIrregexpASCIICodeIndex;
7903  } else {
7904  return kIrregexpUC16CodeIndex;
7905  }
7906  }
7907 
7908  static int saved_code_index(bool is_ascii) {
7909  if (is_ascii) {
7910  return kIrregexpASCIICodeSavedIndex;
7911  } else {
7912  return kIrregexpUC16CodeSavedIndex;
7913  }
7914  }
7915 
7916  static inline JSRegExp* cast(Object* obj);
7917 
7918  // Dispatched behavior.
7919  DECLARE_VERIFIER(JSRegExp)
7920 
7921  static const int kDataOffset = JSObject::kHeaderSize;
7922  static const int kSize = kDataOffset + kPointerSize;
7923 
7924  // Indices in the data array.
7925  static const int kTagIndex = 0;
7926  static const int kSourceIndex = kTagIndex + 1;
7927  static const int kFlagsIndex = kSourceIndex + 1;
7928  static const int kDataIndex = kFlagsIndex + 1;
7929  // The data fields are used in different ways depending on the
7930  // value of the tag.
7931  // Atom regexps (literal strings).
7932  static const int kAtomPatternIndex = kDataIndex;
7933 
7934  static const int kAtomDataSize = kAtomPatternIndex + 1;
7935 
7936  // Irregexp compiled code or bytecode for ASCII. If compilation
7937  // fails, this fields hold an exception object that should be
7938  // thrown if the regexp is used again.
7939  static const int kIrregexpASCIICodeIndex = kDataIndex;
7940  // Irregexp compiled code or bytecode for UC16. If compilation
7941  // fails, this fields hold an exception object that should be
7942  // thrown if the regexp is used again.
7943  static const int kIrregexpUC16CodeIndex = kDataIndex + 1;
7944 
7945  // Saved instance of Irregexp compiled code or bytecode for ASCII that
7946  // is a potential candidate for flushing.
7947  static const int kIrregexpASCIICodeSavedIndex = kDataIndex + 2;
7948  // Saved instance of Irregexp compiled code or bytecode for UC16 that is
7949  // a potential candidate for flushing.
7950  static const int kIrregexpUC16CodeSavedIndex = kDataIndex + 3;
7951 
7952  // Maximal number of registers used by either ASCII or UC16.
7953  // Only used to check that there is enough stack space
7954  static const int kIrregexpMaxRegisterCountIndex = kDataIndex + 4;
7955  // Number of captures in the compiled regexp.
7956  static const int kIrregexpCaptureCountIndex = kDataIndex + 5;
7957 
7958  static const int kIrregexpDataSize = kIrregexpCaptureCountIndex + 1;
7959 
7960  // Offsets directly into the data fixed array.
7961  static const int kDataTagOffset =
7962  FixedArray::kHeaderSize + kTagIndex * kPointerSize;
7963  static const int kDataAsciiCodeOffset =
7964  FixedArray::kHeaderSize + kIrregexpASCIICodeIndex * kPointerSize;
7965  static const int kDataUC16CodeOffset =
7966  FixedArray::kHeaderSize + kIrregexpUC16CodeIndex * kPointerSize;
7967  static const int kIrregexpCaptureCountOffset =
7968  FixedArray::kHeaderSize + kIrregexpCaptureCountIndex * kPointerSize;
7969 
7970  // In-object fields.
7971  static const int kSourceFieldIndex = 0;
7972  static const int kGlobalFieldIndex = 1;
7973  static const int kIgnoreCaseFieldIndex = 2;
7974  static const int kMultilineFieldIndex = 3;
7975  static const int kLastIndexFieldIndex = 4;
7976  static const int kInObjectFieldCount = 5;
7977 
7978  // The uninitialized value for a regexp code object.
7979  static const int kUninitializedValue = -1;
7980 
7981  // The compilation error value for the regexp code object. The real error
7982  // object is in the saved code field.
7983  static const int kCompilationErrorValue = -2;
7984 
7985  // When we store the sweep generation at which we moved the code from the
7986  // code index to the saved code index we mask it of to be in the [0:255]
7987  // range.
7988  static const int kCodeAgeMask = 0xff;
7989 };
7990 
7991 
7992 class CompilationCacheShape : public BaseShape<HashTableKey*> {
7993  public:
7994  static inline bool IsMatch(HashTableKey* key, Object* value) {
7995  return key->IsMatch(value);
7996  }
7997 
7998  static inline uint32_t Hash(HashTableKey* key) {
7999  return key->Hash();
8000  }
8001 
8002  static inline uint32_t HashForObject(HashTableKey* key, Object* object) {
8003  return key->HashForObject(object);
8004  }
8005 
8006  MUST_USE_RESULT static MaybeObject* AsObject(Heap* heap,
8007  HashTableKey* key) {
8008  return key->AsObject(heap);
8009  }
8010 
8011  static const int kPrefixSize = 0;
8012  static const int kEntrySize = 2;
8013 };
8014 
8015 
8016 class CompilationCacheTable: public HashTable<CompilationCacheShape,
8017  HashTableKey*> {
8018  public:
8019  // Find cached value for a string key, otherwise return null.
8020  Object* Lookup(String* src, Context* context);
8021  Object* LookupEval(String* src,
8022  Context* context,
8023  StrictMode strict_mode,
8024  int scope_position);
8025  Object* LookupRegExp(String* source, JSRegExp::Flags flags);
8026  MUST_USE_RESULT MaybeObject* Put(String* src,
8027  Context* context,
8028  Object* value);
8029  MUST_USE_RESULT MaybeObject* PutEval(String* src,
8030  Context* context,
8031  SharedFunctionInfo* value,
8032  int scope_position);
8033  MUST_USE_RESULT MaybeObject* PutRegExp(String* src,
8034  JSRegExp::Flags flags,
8035  FixedArray* value);
8036 
8037  // Remove given value from cache.
8038  void Remove(Object* value);
8039 
8040  static inline CompilationCacheTable* cast(Object* obj);
8041 
8042  private:
8043  DISALLOW_IMPLICIT_CONSTRUCTORS(CompilationCacheTable);
8044 };
8045 
8046 
8047 class CodeCache: public Struct {
8048  public:
8049  DECL_ACCESSORS(default_cache, FixedArray)
8050  DECL_ACCESSORS(normal_type_cache, Object)
8051 
8052  // Add the code object to the cache.
8053  MUST_USE_RESULT MaybeObject* Update(Name* name, Code* code);
8054 
8055  // Lookup code object in the cache. Returns code object if found and undefined
8056  // if not.
8057  Object* Lookup(Name* name, Code::Flags flags);
8058 
8059  // Get the internal index of a code object in the cache. Returns -1 if the
8060  // code object is not in that cache. This index can be used to later call
8061  // RemoveByIndex. The cache cannot be modified between a call to GetIndex and
8062  // RemoveByIndex.
8063  int GetIndex(Object* name, Code* code);
8064 
8065  // Remove an object from the cache with the provided internal index.
8066  void RemoveByIndex(Object* name, Code* code, int index);
8067 
8068  static inline CodeCache* cast(Object* obj);
8069 
8070  // Dispatched behavior.
8071  DECLARE_PRINTER(CodeCache)
8072  DECLARE_VERIFIER(CodeCache)
8073 
8074  static const int kDefaultCacheOffset = HeapObject::kHeaderSize;
8075  static const int kNormalTypeCacheOffset =
8076  kDefaultCacheOffset + kPointerSize;
8077  static const int kSize = kNormalTypeCacheOffset + kPointerSize;
8078 
8079  private:
8080  MUST_USE_RESULT MaybeObject* UpdateDefaultCache(Name* name, Code* code);
8081  MUST_USE_RESULT MaybeObject* UpdateNormalTypeCache(Name* name, Code* code);
8082  Object* LookupDefaultCache(Name* name, Code::Flags flags);
8083  Object* LookupNormalTypeCache(Name* name, Code::Flags flags);
8084 
8085  // Code cache layout of the default cache. Elements are alternating name and
8086  // code objects for non normal load/store/call IC's.
8087  static const int kCodeCacheEntrySize = 2;
8088  static const int kCodeCacheEntryNameOffset = 0;
8089  static const int kCodeCacheEntryCodeOffset = 1;
8090 
8091  DISALLOW_IMPLICIT_CONSTRUCTORS(CodeCache);
8092 };
8093 
8094 
8095 class CodeCacheHashTableShape : public BaseShape<HashTableKey*> {
8096  public:
8097  static inline bool IsMatch(HashTableKey* key, Object* value) {
8098  return key->IsMatch(value);
8099  }
8100 
8101  static inline uint32_t Hash(HashTableKey* key) {
8102  return key->Hash();
8103  }
8104 
8105  static inline uint32_t HashForObject(HashTableKey* key, Object* object) {
8106  return key->HashForObject(object);
8107  }
8108 
8109  MUST_USE_RESULT static MaybeObject* AsObject(Heap* heap,
8110  HashTableKey* key) {
8111  return key->AsObject(heap);
8112  }
8113 
8114  static const int kPrefixSize = 0;
8115  static const int kEntrySize = 2;
8116 };
8117 
8118 
8119 class CodeCacheHashTable: public HashTable<CodeCacheHashTableShape,
8120  HashTableKey*> {
8121  public:
8122  Object* Lookup(Name* name, Code::Flags flags);
8123  MUST_USE_RESULT MaybeObject* Put(Name* name, Code* code);
8124 
8125  int GetIndex(Name* name, Code::Flags flags);
8126  void RemoveByIndex(int index);
8127 
8128  static inline CodeCacheHashTable* cast(Object* obj);
8129 
8130  // Initial size of the fixed array backing the hash table.
8131  static const int kInitialSize = 64;
8132 
8133  private:
8134  DISALLOW_IMPLICIT_CONSTRUCTORS(CodeCacheHashTable);
8135 };
8136 
8137 
8138 class PolymorphicCodeCache: public Struct {
8139  public:
8140  DECL_ACCESSORS(cache, Object)
8141 
8142  static void Update(Handle<PolymorphicCodeCache> cache,
8143  MapHandleList* maps,
8144  Code::Flags flags,
8145  Handle<Code> code);
8146 
8147  MUST_USE_RESULT MaybeObject* Update(MapHandleList* maps,
8148  Code::Flags flags,
8149  Code* code);
8150 
8151  // Returns an undefined value if the entry is not found.
8152  Handle<Object> Lookup(MapHandleList* maps, Code::Flags flags);
8153 
8154  static inline PolymorphicCodeCache* cast(Object* obj);
8155 
8156  // Dispatched behavior.
8157  DECLARE_PRINTER(PolymorphicCodeCache)
8158  DECLARE_VERIFIER(PolymorphicCodeCache)
8159 
8160  static const int kCacheOffset = HeapObject::kHeaderSize;
8161  static const int kSize = kCacheOffset + kPointerSize;
8162 
8163  private:
8164  DISALLOW_IMPLICIT_CONSTRUCTORS(PolymorphicCodeCache);
8165 };
8166 
8167 
8168 class PolymorphicCodeCacheHashTable
8169  : public HashTable<CodeCacheHashTableShape, HashTableKey*> {
8170  public:
8171  Object* Lookup(MapHandleList* maps, int code_kind);
8172 
8173  MUST_USE_RESULT MaybeObject* Put(MapHandleList* maps,
8174  int code_kind,
8175  Code* code);
8176 
8177  static inline PolymorphicCodeCacheHashTable* cast(Object* obj);
8178 
8179  static const int kInitialSize = 64;
8180  private:
8181  DISALLOW_IMPLICIT_CONSTRUCTORS(PolymorphicCodeCacheHashTable);
8182 };
8183 
8184 
8185 class TypeFeedbackInfo: public Struct {
8186  public:
8187  inline int ic_total_count();
8188  inline void set_ic_total_count(int count);
8189 
8190  inline int ic_with_type_info_count();
8191  inline void change_ic_with_type_info_count(int count);
8192 
8193  inline void initialize_storage();
8194 
8195  inline void change_own_type_change_checksum();
8196  inline int own_type_change_checksum();
8197 
8198  inline void set_inlined_type_change_checksum(int checksum);
8199  inline bool matches_inlined_type_change_checksum(int checksum);
8200 
8201  DECL_ACCESSORS(feedback_vector, FixedArray)
8202 
8203  static inline TypeFeedbackInfo* cast(Object* obj);
8204 
8205  // Dispatched behavior.
8206  DECLARE_PRINTER(TypeFeedbackInfo)
8207  DECLARE_VERIFIER(TypeFeedbackInfo)
8208 
8209  static const int kStorage1Offset = HeapObject::kHeaderSize;
8210  static const int kStorage2Offset = kStorage1Offset + kPointerSize;
8211  static const int kFeedbackVectorOffset =
8212  kStorage2Offset + kPointerSize;
8213  static const int kSize = kFeedbackVectorOffset + kPointerSize;
8214 
8215  // The object that indicates an uninitialized cache.
8216  static inline Handle<Object> UninitializedSentinel(Isolate* isolate);
8217 
8218  // The object that indicates a megamorphic state.
8219  static inline Handle<Object> MegamorphicSentinel(Isolate* isolate);
8220 
8221  // The object that indicates a monomorphic state of Array with
8222  // ElementsKind
8223  static inline Handle<Object> MonomorphicArraySentinel(Isolate* isolate,
8224  ElementsKind elements_kind);
8225 
8226  // A raw version of the uninitialized sentinel that's safe to read during
8227  // garbage collection (e.g., for patching the cache).
8228  static inline Object* RawUninitializedSentinel(Heap* heap);
8229 
8230  static const int kForInFastCaseMarker = 0;
8231  static const int kForInSlowCaseMarker = 1;
8232 
8233  private:
8234  static const int kTypeChangeChecksumBits = 7;
8235 
8236  class ICTotalCountField: public BitField<int, 0,
8237  kSmiValueSize - kTypeChangeChecksumBits> {}; // NOLINT
8238  class OwnTypeChangeChecksum: public BitField<int,
8239  kSmiValueSize - kTypeChangeChecksumBits,
8240  kTypeChangeChecksumBits> {}; // NOLINT
8241  class ICsWithTypeInfoCountField: public BitField<int, 0,
8242  kSmiValueSize - kTypeChangeChecksumBits> {}; // NOLINT
8243  class InlinedTypeChangeChecksum: public BitField<int,
8244  kSmiValueSize - kTypeChangeChecksumBits,
8245  kTypeChangeChecksumBits> {}; // NOLINT
8246 
8247  DISALLOW_IMPLICIT_CONSTRUCTORS(TypeFeedbackInfo);
8248 };
8249 
8250 
8251 enum AllocationSiteMode {
8252  DONT_TRACK_ALLOCATION_SITE,
8253  TRACK_ALLOCATION_SITE,
8254  LAST_ALLOCATION_SITE_MODE = TRACK_ALLOCATION_SITE
8255 };
8256 
8257 
8258 class AllocationSite: public Struct {
8259  public:
8260  static const uint32_t kMaximumArrayBytesToPretransition = 8 * 1024;
8261  static const double kPretenureRatio;
8262  static const int kPretenureMinimumCreated = 100;
8263 
8264  // Values for pretenure decision field.
8265  enum PretenureDecision {
8266  kUndecided = 0,
8267  kDontTenure = 1,
8268  kTenure = 2,
8269  kZombie = 3,
8270  kLastPretenureDecisionValue = kZombie
8271  };
8272 
8273  DECL_ACCESSORS(transition_info, Object)
8274  // nested_site threads a list of sites that represent nested literals
8275  // walked in a particular order. So [[1, 2], 1, 2] will have one
8276  // nested_site, but [[1, 2], 3, [4]] will have a list of two.
8277  DECL_ACCESSORS(nested_site, Object)
8278  DECL_ACCESSORS(pretenure_data, Smi)
8279  DECL_ACCESSORS(pretenure_create_count, Smi)
8280  DECL_ACCESSORS(dependent_code, DependentCode)
8281  DECL_ACCESSORS(weak_next, Object)
8282 
8283  inline void Initialize();
8284 
8285  // This method is expensive, it should only be called for reporting.
8286  bool IsNestedSite();
8287 
8288  // transition_info bitfields, for constructed array transition info.
8289  class ElementsKindBits: public BitField<ElementsKind, 0, 15> {};
8290  class UnusedBits: public BitField<int, 15, 14> {};
8291  class DoNotInlineBit: public BitField<bool, 29, 1> {};
8292 
8293  // Bitfields for pretenure_data
8294  class MementoFoundCountBits: public BitField<int, 0, 27> {};
8295  class PretenureDecisionBits: public BitField<PretenureDecision, 27, 2> {};
8296  class DeoptDependentCodeBit: public BitField<bool, 29, 1> {};
8297  STATIC_ASSERT(PretenureDecisionBits::kMax >= kLastPretenureDecisionValue);
8298 
8299  // Increments the mementos found counter and returns true when the first
8300  // memento was found for a given allocation site.
8301  inline bool IncrementMementoFoundCount();
8302 
8303  inline void IncrementMementoCreateCount();
8304 
8305  PretenureFlag GetPretenureMode();
8306 
8307  void ResetPretenureDecision();
8308 
8309  PretenureDecision pretenure_decision() {
8310  int value = pretenure_data()->value();
8311  return PretenureDecisionBits::decode(value);
8312  }
8313 
8314  void set_pretenure_decision(PretenureDecision decision) {
8315  int value = pretenure_data()->value();
8316  set_pretenure_data(
8317  Smi::FromInt(PretenureDecisionBits::update(value, decision)),
8318  SKIP_WRITE_BARRIER);
8319  }
8320 
8321  bool deopt_dependent_code() {
8322  int value = pretenure_data()->value();
8323  return DeoptDependentCodeBit::decode(value);
8324  }
8325 
8326  void set_deopt_dependent_code(bool deopt) {
8327  int value = pretenure_data()->value();
8328  set_pretenure_data(
8329  Smi::FromInt(DeoptDependentCodeBit::update(value, deopt)),
8330  SKIP_WRITE_BARRIER);
8331  }
8332 
8333  int memento_found_count() {
8334  int value = pretenure_data()->value();
8335  return MementoFoundCountBits::decode(value);
8336  }
8337 
8338  inline void set_memento_found_count(int count);
8339 
8340  int memento_create_count() {
8341  return pretenure_create_count()->value();
8342  }
8343 
8344  void set_memento_create_count(int count) {
8345  set_pretenure_create_count(Smi::FromInt(count), SKIP_WRITE_BARRIER);
8346  }
8347 
8348  // The pretenuring decision is made during gc, and the zombie state allows
8349  // us to recognize when an allocation site is just being kept alive because
8350  // a later traversal of new space may discover AllocationMementos that point
8351  // to this AllocationSite.
8352  bool IsZombie() {
8353  return pretenure_decision() == kZombie;
8354  }
8355 
8356  inline void MarkZombie();
8357 
8358  inline bool DigestPretenuringFeedback();
8359 
8360  ElementsKind GetElementsKind() {
8361  ASSERT(!SitePointsToLiteral());
8362  int value = Smi::cast(transition_info())->value();
8363  return ElementsKindBits::decode(value);
8364  }
8365 
8366  void SetElementsKind(ElementsKind kind) {
8367  int value = Smi::cast(transition_info())->value();
8368  set_transition_info(Smi::FromInt(ElementsKindBits::update(value, kind)),
8369  SKIP_WRITE_BARRIER);
8370  }
8371 
8372  bool CanInlineCall() {
8373  int value = Smi::cast(transition_info())->value();
8374  return DoNotInlineBit::decode(value) == 0;
8375  }
8376 
8377  void SetDoNotInlineCall() {
8378  int value = Smi::cast(transition_info())->value();
8379  set_transition_info(Smi::FromInt(DoNotInlineBit::update(value, true)),
8380  SKIP_WRITE_BARRIER);
8381  }
8382 
8383  bool SitePointsToLiteral() {
8384  // If transition_info is a smi, then it represents an ElementsKind
8385  // for a constructed array. Otherwise, it must be a boilerplate
8386  // for an object or array literal.
8387  return transition_info()->IsJSArray() || transition_info()->IsJSObject();
8388  }
8389 
8390  static void DigestTransitionFeedback(Handle<AllocationSite> site,
8391  ElementsKind to_kind);
8392 
8393  enum Reason {
8394  TENURING,
8395  TRANSITIONS
8396  };
8397 
8398  static void AddDependentCompilationInfo(Handle<AllocationSite> site,
8399  Reason reason,
8400  CompilationInfo* info);
8401 
8402  DECLARE_PRINTER(AllocationSite)
8403  DECLARE_VERIFIER(AllocationSite)
8404 
8405  static inline AllocationSite* cast(Object* obj);
8406  static inline AllocationSiteMode GetMode(
8407  ElementsKind boilerplate_elements_kind);
8408  static inline AllocationSiteMode GetMode(ElementsKind from, ElementsKind to);
8409  static inline bool CanTrack(InstanceType type);
8410 
8411  static const int kTransitionInfoOffset = HeapObject::kHeaderSize;
8412  static const int kNestedSiteOffset = kTransitionInfoOffset + kPointerSize;
8413  static const int kPretenureDataOffset = kNestedSiteOffset + kPointerSize;
8414  static const int kPretenureCreateCountOffset =
8415  kPretenureDataOffset + kPointerSize;
8416  static const int kDependentCodeOffset =
8417  kPretenureCreateCountOffset + kPointerSize;
8418  static const int kWeakNextOffset = kDependentCodeOffset + kPointerSize;
8419  static const int kSize = kWeakNextOffset + kPointerSize;
8420 
8421  // During mark compact we need to take special care for the dependent code
8422  // field.
8423  static const int kPointerFieldsBeginOffset = kTransitionInfoOffset;
8424  static const int kPointerFieldsEndOffset = kDependentCodeOffset;
8425 
8426  // For other visitors, use the fixed body descriptor below.
8427  typedef FixedBodyDescriptor<HeapObject::kHeaderSize,
8428  kDependentCodeOffset + kPointerSize,
8429  kSize> BodyDescriptor;
8430 
8431  private:
8432  inline DependentCode::DependencyGroup ToDependencyGroup(Reason reason);
8433  bool PretenuringDecisionMade() {
8434  return pretenure_decision() != kUndecided;
8435  }
8436 
8437  DISALLOW_IMPLICIT_CONSTRUCTORS(AllocationSite);
8438 };
8439 
8440 
8441 class AllocationMemento: public Struct {
8442  public:
8443  static const int kAllocationSiteOffset = HeapObject::kHeaderSize;
8444  static const int kSize = kAllocationSiteOffset + kPointerSize;
8445 
8446  DECL_ACCESSORS(allocation_site, Object)
8447 
8448  bool IsValid() {
8449  return allocation_site()->IsAllocationSite() &&
8450  !AllocationSite::cast(allocation_site())->IsZombie();
8451  }
8452  AllocationSite* GetAllocationSite() {
8453  ASSERT(IsValid());
8454  return AllocationSite::cast(allocation_site());
8455  }
8456 
8457  DECLARE_PRINTER(AllocationMemento)
8458  DECLARE_VERIFIER(AllocationMemento)
8459 
8460  static inline AllocationMemento* cast(Object* obj);
8461 
8462  private:
8463  DISALLOW_IMPLICIT_CONSTRUCTORS(AllocationMemento);
8464 };
8465 
8466 
8467 // Representation of a slow alias as part of a sloppy arguments objects.
8468 // For fast aliases (if HasSloppyArgumentsElements()):
8469 // - the parameter map contains an index into the context
8470 // - all attributes of the element have default values
8471 // For slow aliases (if HasDictionaryArgumentsElements()):
8472 // - the parameter map contains no fast alias mapping (i.e. the hole)
8473 // - this struct (in the slow backing store) contains an index into the context
8474 // - all attributes are available as part if the property details
8475 class AliasedArgumentsEntry: public Struct {
8476  public:
8477  inline int aliased_context_slot();
8478  inline void set_aliased_context_slot(int count);
8479 
8480  static inline AliasedArgumentsEntry* cast(Object* obj);
8481 
8482  // Dispatched behavior.
8483  DECLARE_PRINTER(AliasedArgumentsEntry)
8484  DECLARE_VERIFIER(AliasedArgumentsEntry)
8485 
8486  static const int kAliasedContextSlot = HeapObject::kHeaderSize;
8487  static const int kSize = kAliasedContextSlot + kPointerSize;
8488 
8489  private:
8490  DISALLOW_IMPLICIT_CONSTRUCTORS(AliasedArgumentsEntry);
8491 };
8492 
8493 
8494 enum AllowNullsFlag {ALLOW_NULLS, DISALLOW_NULLS};
8495 enum RobustnessFlag {ROBUST_STRING_TRAVERSAL, FAST_STRING_TRAVERSAL};
8496 
8497 
8498 class StringHasher {
8499  public:
8500  explicit inline StringHasher(int length, uint32_t seed);
8501 
8502  template <typename schar>
8503  static inline uint32_t HashSequentialString(const schar* chars,
8504  int length,
8505  uint32_t seed);
8506 
8507  // Reads all the data, even for long strings and computes the utf16 length.
8508  static uint32_t ComputeUtf8Hash(Vector<const char> chars,
8509  uint32_t seed,
8510  int* utf16_length_out);
8511 
8512  // Calculated hash value for a string consisting of 1 to
8513  // String::kMaxArrayIndexSize digits with no leading zeros (except "0").
8514  // value is represented decimal value.
8515  static uint32_t MakeArrayIndexHash(uint32_t value, int length);
8516 
8517  // No string is allowed to have a hash of zero. That value is reserved
8518  // for internal properties. If the hash calculation yields zero then we
8519  // use 27 instead.
8520  static const int kZeroHash = 27;
8521 
8522  // Reusable parts of the hashing algorithm.
8523  INLINE(static uint32_t AddCharacterCore(uint32_t running_hash, uint16_t c));
8524  INLINE(static uint32_t GetHashCore(uint32_t running_hash));
8525 
8526  protected:
8527  // Returns the value to store in the hash field of a string with
8528  // the given length and contents.
8529  uint32_t GetHashField();
8530  // Returns true if the hash of this string can be computed without
8531  // looking at the contents.
8532  inline bool has_trivial_hash();
8533  // Adds a block of characters to the hash.
8534  template<typename Char>
8535  inline void AddCharacters(const Char* chars, int len);
8536 
8537  private:
8538  // Add a character to the hash.
8539  inline void AddCharacter(uint16_t c);
8540  // Update index. Returns true if string is still an index.
8541  inline bool UpdateIndex(uint16_t c);
8542 
8543  int length_;
8544  uint32_t raw_running_hash_;
8545  uint32_t array_index_;
8546  bool is_array_index_;
8547  bool is_first_char_;
8548  DISALLOW_COPY_AND_ASSIGN(StringHasher);
8549 };
8550 
8551 
8552 // The characteristics of a string are stored in its map. Retrieving these
8553 // few bits of information is moderately expensive, involving two memory
8554 // loads where the second is dependent on the first. To improve efficiency
8555 // the shape of the string is given its own class so that it can be retrieved
8556 // once and used for several string operations. A StringShape is small enough
8557 // to be passed by value and is immutable, but be aware that flattening a
8558 // string can potentially alter its shape. Also be aware that a GC caused by
8559 // something else can alter the shape of a string due to ConsString
8560 // shortcutting. Keeping these restrictions in mind has proven to be error-
8561 // prone and so we no longer put StringShapes in variables unless there is a
8562 // concrete performance benefit at that particular point in the code.
8563 class StringShape BASE_EMBEDDED {
8564  public:
8565  inline explicit StringShape(String* s);
8566  inline explicit StringShape(Map* s);
8567  inline explicit StringShape(InstanceType t);
8568  inline bool IsSequential();
8569  inline bool IsExternal();
8570  inline bool IsCons();
8571  inline bool IsSliced();
8572  inline bool IsIndirect();
8573  inline bool IsExternalAscii();
8574  inline bool IsExternalTwoByte();
8575  inline bool IsSequentialAscii();
8576  inline bool IsSequentialTwoByte();
8577  inline bool IsInternalized();
8578  inline StringRepresentationTag representation_tag();
8579  inline uint32_t encoding_tag();
8580  inline uint32_t full_representation_tag();
8581  inline uint32_t size_tag();
8582 #ifdef DEBUG
8583  inline uint32_t type() { return type_; }
8584  inline void invalidate() { valid_ = false; }
8585  inline bool valid() { return valid_; }
8586 #else
8587  inline void invalidate() { }
8588 #endif
8589 
8590  private:
8591  uint32_t type_;
8592 #ifdef DEBUG
8593  inline void set_valid() { valid_ = true; }
8594  bool valid_;
8595 #else
8596  inline void set_valid() { }
8597 #endif
8598 };
8599 
8600 
8601 // The Name abstract class captures anything that can be used as a property
8602 // name, i.e., strings and symbols. All names store a hash value.
8603 class Name: public HeapObject {
8604  public:
8605  // Get and set the hash field of the name.
8606  inline uint32_t hash_field();
8607  inline void set_hash_field(uint32_t value);
8608 
8609  // Tells whether the hash code has been computed.
8610  inline bool HasHashCode();
8611 
8612  // Returns a hash value used for the property table
8613  inline uint32_t Hash();
8614 
8615  // Equality operations.
8616  inline bool Equals(Name* other);
8617 
8618  // Conversion.
8619  inline bool AsArrayIndex(uint32_t* index);
8620 
8621  // Casting.
8622  static inline Name* cast(Object* obj);
8623 
8624  bool IsCacheable(Isolate* isolate);
8625 
8626  DECLARE_PRINTER(Name)
8627 
8628  // Layout description.
8629  static const int kHashFieldOffset = HeapObject::kHeaderSize;
8630  static const int kSize = kHashFieldOffset + kPointerSize;
8631 
8632  // Mask constant for checking if a name has a computed hash code
8633  // and if it is a string that is an array index. The least significant bit
8634  // indicates whether a hash code has been computed. If the hash code has
8635  // been computed the 2nd bit tells whether the string can be used as an
8636  // array index.
8637  static const int kHashNotComputedMask = 1;
8638  static const int kIsNotArrayIndexMask = 1 << 1;
8639  static const int kNofHashBitFields = 2;
8640 
8641  // Shift constant retrieving hash code from hash field.
8642  static const int kHashShift = kNofHashBitFields;
8643 
8644  // Only these bits are relevant in the hash, since the top two are shifted
8645  // out.
8646  static const uint32_t kHashBitMask = 0xffffffffu >> kHashShift;
8647 
8648  // Array index strings this short can keep their index in the hash field.
8649  static const int kMaxCachedArrayIndexLength = 7;
8650 
8651  // For strings which are array indexes the hash value has the string length
8652  // mixed into the hash, mainly to avoid a hash value of zero which would be
8653  // the case for the string '0'. 24 bits are used for the array index value.
8654  static const int kArrayIndexValueBits = 24;
8655  static const int kArrayIndexLengthBits =
8656  kBitsPerInt - kArrayIndexValueBits - kNofHashBitFields;
8657 
8658  STATIC_CHECK((kArrayIndexLengthBits > 0));
8659 
8660  static const int kArrayIndexHashLengthShift =
8661  kArrayIndexValueBits + kNofHashBitFields;
8662 
8663  static const int kArrayIndexHashMask = (1 << kArrayIndexHashLengthShift) - 1;
8664 
8665  static const int kArrayIndexValueMask =
8666  ((1 << kArrayIndexValueBits) - 1) << kHashShift;
8667 
8668  // Check that kMaxCachedArrayIndexLength + 1 is a power of two so we
8669  // could use a mask to test if the length of string is less than or equal to
8670  // kMaxCachedArrayIndexLength.
8671  STATIC_CHECK(IS_POWER_OF_TWO(kMaxCachedArrayIndexLength + 1));
8672 
8673  static const unsigned int kContainsCachedArrayIndexMask =
8674  (~kMaxCachedArrayIndexLength << kArrayIndexHashLengthShift) |
8675  kIsNotArrayIndexMask;
8676 
8677  // Value of empty hash field indicating that the hash is not computed.
8678  static const int kEmptyHashField =
8679  kIsNotArrayIndexMask | kHashNotComputedMask;
8680 
8681  protected:
8682  static inline bool IsHashFieldComputed(uint32_t field);
8683 
8684  private:
8685  DISALLOW_IMPLICIT_CONSTRUCTORS(Name);
8686 };
8687 
8688 
8689 // ES6 symbols.
8690 class Symbol: public Name {
8691  public:
8692  // [name]: the print name of a symbol, or undefined if none.
8693  DECL_ACCESSORS(name, Object)
8694 
8695  DECL_ACCESSORS(flags, Smi)
8696 
8697  // [is_private]: whether this is a private symbol.
8698  DECL_BOOLEAN_ACCESSORS(is_private)
8699 
8700  // Casting.
8701  static inline Symbol* cast(Object* obj);
8702 
8703  // Dispatched behavior.
8704  DECLARE_PRINTER(Symbol)
8705  DECLARE_VERIFIER(Symbol)
8706 
8707  // Layout description.
8708  static const int kNameOffset = Name::kSize;
8709  static const int kFlagsOffset = kNameOffset + kPointerSize;
8710  static const int kSize = kFlagsOffset + kPointerSize;
8711 
8712  typedef FixedBodyDescriptor<kNameOffset, kFlagsOffset, kSize> BodyDescriptor;
8713 
8714  private:
8715  static const int kPrivateBit = 0;
8716 
8717  DISALLOW_IMPLICIT_CONSTRUCTORS(Symbol);
8718 };
8719 
8720 
8721 class ConsString;
8722 
8723 // The String abstract class captures JavaScript string values:
8724 //
8725 // Ecma-262:
8726 // 4.3.16 String Value
8727 // A string value is a member of the type String and is a finite
8728 // ordered sequence of zero or more 16-bit unsigned integer values.
8729 //
8730 // All string values have a length field.
8731 class String: public Name {
8732  public:
8733  enum Encoding { ONE_BYTE_ENCODING, TWO_BYTE_ENCODING };
8734 
8735  // Representation of the flat content of a String.
8736  // A non-flat string doesn't have flat content.
8737  // A flat string has content that's encoded as a sequence of either
8738  // ASCII chars or two-byte UC16.
8739  // Returned by String::GetFlatContent().
8740  class FlatContent {
8741  public:
8742  // Returns true if the string is flat and this structure contains content.
8743  bool IsFlat() { return state_ != NON_FLAT; }
8744  // Returns true if the structure contains ASCII content.
8745  bool IsAscii() { return state_ == ASCII; }
8746  // Returns true if the structure contains two-byte content.
8747  bool IsTwoByte() { return state_ == TWO_BYTE; }
8748 
8749  // Return the one byte content of the string. Only use if IsAscii() returns
8750  // true.
8751  Vector<const uint8_t> ToOneByteVector() {
8752  ASSERT_EQ(ASCII, state_);
8753  return buffer_;
8754  }
8755  // Return the two-byte content of the string. Only use if IsTwoByte()
8756  // returns true.
8757  Vector<const uc16> ToUC16Vector() {
8758  ASSERT_EQ(TWO_BYTE, state_);
8759  return Vector<const uc16>::cast(buffer_);
8760  }
8761 
8762  private:
8763  enum State { NON_FLAT, ASCII, TWO_BYTE };
8764 
8765  // Constructors only used by String::GetFlatContent().
8766  explicit FlatContent(Vector<const uint8_t> chars)
8767  : buffer_(chars),
8768  state_(ASCII) { }
8769  explicit FlatContent(Vector<const uc16> chars)
8770  : buffer_(Vector<const byte>::cast(chars)),
8771  state_(TWO_BYTE) { }
8772  FlatContent() : buffer_(), state_(NON_FLAT) { }
8773 
8774  Vector<const uint8_t> buffer_;
8775  State state_;
8776 
8777  friend class String;
8778  };
8779 
8780  // Get and set the length of the string.
8781  inline int length();
8782  inline void set_length(int value);
8783 
8784  // Returns whether this string has only ASCII chars, i.e. all of them can
8785  // be ASCII encoded. This might be the case even if the string is
8786  // two-byte. Such strings may appear when the embedder prefers
8787  // two-byte external representations even for ASCII data.
8788  inline bool IsOneByteRepresentation();
8789  inline bool IsTwoByteRepresentation();
8790 
8791  // Cons and slices have an encoding flag that may not represent the actual
8792  // encoding of the underlying string. This is taken into account here.
8793  // Requires: this->IsFlat()
8794  inline bool IsOneByteRepresentationUnderneath();
8795  inline bool IsTwoByteRepresentationUnderneath();
8796 
8797  // NOTE: this should be considered only a hint. False negatives are
8798  // possible.
8799  inline bool HasOnlyOneByteChars();
8800 
8801  // Get and set individual two byte chars in the string.
8802  inline void Set(int index, uint16_t value);
8803  // Get individual two byte char in the string. Repeated calls
8804  // to this method are not efficient unless the string is flat.
8805  INLINE(uint16_t Get(int index));
8806 
8807  // Try to flatten the string. Checks first inline to see if it is
8808  // necessary. Does nothing if the string is not a cons string.
8809  // Flattening allocates a sequential string with the same data as
8810  // the given string and mutates the cons string to a degenerate
8811  // form, where the first component is the new sequential string and
8812  // the second component is the empty string. If allocation fails,
8813  // this function returns a failure. If flattening succeeds, this
8814  // function returns the sequential string that is now the first
8815  // component of the cons string.
8816  //
8817  // Degenerate cons strings are handled specially by the garbage
8818  // collector (see IsShortcutCandidate).
8819  //
8820  // Use FlattenString from Handles.cc to flatten even in case an
8821  // allocation failure happens.
8822  inline MaybeObject* TryFlatten(PretenureFlag pretenure = NOT_TENURED);
8823 
8824  // Convenience function. Has exactly the same behavior as
8825  // TryFlatten(), except in the case of failure returns the original
8826  // string.
8827  inline String* TryFlattenGetString(PretenureFlag pretenure = NOT_TENURED);
8828 
8829  // Tries to return the content of a flat string as a structure holding either
8830  // a flat vector of char or of uc16.
8831  // If the string isn't flat, and therefore doesn't have flat content, the
8832  // returned structure will report so, and can't provide a vector of either
8833  // kind.
8834  FlatContent GetFlatContent();
8835 
8836  // Returns the parent of a sliced string or first part of a flat cons string.
8837  // Requires: StringShape(this).IsIndirect() && this->IsFlat()
8838  inline String* GetUnderlying();
8839 
8840  // Mark the string as an undetectable object. It only applies to
8841  // ASCII and two byte string types.
8842  bool MarkAsUndetectable();
8843 
8844  // String equality operations.
8845  inline bool Equals(String* other);
8846  bool IsUtf8EqualTo(Vector<const char> str, bool allow_prefix_match = false);
8847  bool IsOneByteEqualTo(Vector<const uint8_t> str);
8848  bool IsTwoByteEqualTo(Vector<const uc16> str);
8849 
8850  // Return a UTF8 representation of the string. The string is null
8851  // terminated but may optionally contain nulls. Length is returned
8852  // in length_output if length_output is not a null pointer The string
8853  // should be nearly flat, otherwise the performance of this method may
8854  // be very slow (quadratic in the length). Setting robustness_flag to
8855  // ROBUST_STRING_TRAVERSAL invokes behaviour that is robust This means it
8856  // handles unexpected data without causing assert failures and it does not
8857  // do any heap allocations. This is useful when printing stack traces.
8858  SmartArrayPointer<char> ToCString(AllowNullsFlag allow_nulls,
8859  RobustnessFlag robustness_flag,
8860  int offset,
8861  int length,
8862  int* length_output = 0);
8863  SmartArrayPointer<char> ToCString(
8864  AllowNullsFlag allow_nulls = DISALLOW_NULLS,
8865  RobustnessFlag robustness_flag = FAST_STRING_TRAVERSAL,
8866  int* length_output = 0);
8867 
8868  // Return a 16 bit Unicode representation of the string.
8869  // The string should be nearly flat, otherwise the performance of
8870  // of this method may be very bad. Setting robustness_flag to
8871  // ROBUST_STRING_TRAVERSAL invokes behaviour that is robust This means it
8872  // handles unexpected data without causing assert failures and it does not
8873  // do any heap allocations. This is useful when printing stack traces.
8874  SmartArrayPointer<uc16> ToWideCString(
8875  RobustnessFlag robustness_flag = FAST_STRING_TRAVERSAL);
8876 
8877  bool ComputeArrayIndex(uint32_t* index);
8878 
8879  // Externalization.
8880  bool MakeExternal(v8::String::ExternalStringResource* resource);
8881  bool MakeExternal(v8::String::ExternalAsciiStringResource* resource);
8882 
8883  // Conversion.
8884  inline bool AsArrayIndex(uint32_t* index);
8885 
8886  // Casting.
8887  static inline String* cast(Object* obj);
8888 
8889  void PrintOn(FILE* out);
8890 
8891  // For use during stack traces. Performs rudimentary sanity check.
8892  bool LooksValid();
8893 
8894  // Dispatched behavior.
8895  void StringShortPrint(StringStream* accumulator);
8896 #ifdef OBJECT_PRINT
8897  char* ToAsciiArray();
8898 #endif
8899  DECLARE_PRINTER(String)
8900  DECLARE_VERIFIER(String)
8901 
8902  inline bool IsFlat();
8903 
8904  // Layout description.
8905  static const int kLengthOffset = Name::kSize;
8906  static const int kSize = kLengthOffset + kPointerSize;
8907 
8908  // Maximum number of characters to consider when trying to convert a string
8909  // value into an array index.
8910  static const int kMaxArrayIndexSize = 10;
8911  STATIC_CHECK(kMaxArrayIndexSize < (1 << kArrayIndexLengthBits));
8912 
8913  // Max char codes.
8914  static const int32_t kMaxOneByteCharCode = unibrow::Latin1::kMaxChar;
8915  static const uint32_t kMaxOneByteCharCodeU = unibrow::Latin1::kMaxChar;
8916  static const int kMaxUtf16CodeUnit = 0xffff;
8917 
8918  // Value of hash field containing computed hash equal to zero.
8919  static const int kEmptyStringHash = kIsNotArrayIndexMask;
8920 
8921  // Maximal string length.
8922  static const int kMaxLength = (1 << 28) - 16;
8923 
8924  // Max length for computing hash. For strings longer than this limit the
8925  // string length is used as the hash value.
8926  static const int kMaxHashCalcLength = 16383;
8927 
8928  // Limit for truncation in short printing.
8929  static const int kMaxShortPrintLength = 1024;
8930 
8931  // Support for regular expressions.
8932  const uc16* GetTwoByteData(unsigned start);
8933 
8934  // Helper function for flattening strings.
8935  template <typename sinkchar>
8936  static void WriteToFlat(String* source,
8937  sinkchar* sink,
8938  int from,
8939  int to);
8940 
8941  // The return value may point to the first aligned word containing the
8942  // first non-ascii character, rather than directly to the non-ascii character.
8943  // If the return value is >= the passed length, the entire string was ASCII.
8944  static inline int NonAsciiStart(const char* chars, int length) {
8945  const char* start = chars;
8946  const char* limit = chars + length;
8947 #ifdef V8_HOST_CAN_READ_UNALIGNED
8948  ASSERT(unibrow::Utf8::kMaxOneByteChar == 0x7F);
8949  const uintptr_t non_ascii_mask = kUintptrAllBitsSet / 0xFF * 0x80;
8950  while (chars + sizeof(uintptr_t) <= limit) {
8951  if (*reinterpret_cast<const uintptr_t*>(chars) & non_ascii_mask) {
8952  return static_cast<int>(chars - start);
8953  }
8954  chars += sizeof(uintptr_t);
8955  }
8956 #endif
8957  while (chars < limit) {
8958  if (static_cast<uint8_t>(*chars) > unibrow::Utf8::kMaxOneByteChar) {
8959  return static_cast<int>(chars - start);
8960  }
8961  ++chars;
8962  }
8963  return static_cast<int>(chars - start);
8964  }
8965 
8966  static inline bool IsAscii(const char* chars, int length) {
8967  return NonAsciiStart(chars, length) >= length;
8968  }
8969 
8970  static inline bool IsAscii(const uint8_t* chars, int length) {
8971  return
8972  NonAsciiStart(reinterpret_cast<const char*>(chars), length) >= length;
8973  }
8974 
8975  static inline int NonOneByteStart(const uc16* chars, int length) {
8976  const uc16* limit = chars + length;
8977  const uc16* start = chars;
8978  while (chars < limit) {
8979  if (*chars > kMaxOneByteCharCodeU) return static_cast<int>(chars - start);
8980  ++chars;
8981  }
8982  return static_cast<int>(chars - start);
8983  }
8984 
8985  static inline bool IsOneByte(const uc16* chars, int length) {
8986  return NonOneByteStart(chars, length) >= length;
8987  }
8988 
8989  // TODO(dcarney): Replace all instances of this with VisitFlat.
8990  template<class Visitor, class ConsOp>
8991  static inline void Visit(String* string,
8992  unsigned offset,
8993  Visitor& visitor,
8994  ConsOp& cons_op,
8995  int32_t type,
8996  unsigned length);
8997 
8998  template<class Visitor>
8999  static inline ConsString* VisitFlat(Visitor* visitor,
9000  String* string,
9001  int offset,
9002  int length,
9003  int32_t type);
9004 
9005  template<class Visitor>
9006  static inline ConsString* VisitFlat(Visitor* visitor,
9007  String* string,
9008  int offset = 0) {
9009  int32_t type = string->map()->instance_type();
9010  return VisitFlat(visitor, string, offset, string->length(), type);
9011  }
9012 
9013  private:
9014  friend class Name;
9015 
9016  // Try to flatten the top level ConsString that is hiding behind this
9017  // string. This is a no-op unless the string is a ConsString. Flatten
9018  // mutates the ConsString and might return a failure.
9019  MUST_USE_RESULT MaybeObject* SlowTryFlatten(PretenureFlag pretenure);
9020 
9021  // Slow case of String::Equals. This implementation works on any strings
9022  // but it is most efficient on strings that are almost flat.
9023  bool SlowEquals(String* other);
9024 
9025  // Slow case of AsArrayIndex.
9026  bool SlowAsArrayIndex(uint32_t* index);
9027 
9028  // Compute and set the hash code.
9029  uint32_t ComputeAndSetHash();
9030 
9031  DISALLOW_IMPLICIT_CONSTRUCTORS(String);
9032 };
9033 
9034 
9035 // The SeqString abstract class captures sequential string values.
9036 class SeqString: public String {
9037  public:
9038  // Casting.
9039  static inline SeqString* cast(Object* obj);
9040 
9041  // Layout description.
9042  static const int kHeaderSize = String::kSize;
9043 
9044  // Truncate the string in-place if possible and return the result.
9045  // In case of new_length == 0, the empty string is returned without
9046  // truncating the original string.
9047  MUST_USE_RESULT static Handle<String> Truncate(Handle<SeqString> string,
9048  int new_length);
9049  private:
9050  DISALLOW_IMPLICIT_CONSTRUCTORS(SeqString);
9051 };
9052 
9053 
9054 // The AsciiString class captures sequential ASCII string objects.
9055 // Each character in the AsciiString is an ASCII character.
9056 class SeqOneByteString: public SeqString {
9057  public:
9058  static const bool kHasAsciiEncoding = true;
9059 
9060  // Dispatched behavior.
9061  inline uint16_t SeqOneByteStringGet(int index);
9062  inline void SeqOneByteStringSet(int index, uint16_t value);
9063 
9064  // Get the address of the characters in this string.
9065  inline Address GetCharsAddress();
9066 
9067  inline uint8_t* GetChars();
9068 
9069  // Casting
9070  static inline SeqOneByteString* cast(Object* obj);
9071 
9072  // Garbage collection support. This method is called by the
9073  // garbage collector to compute the actual size of an AsciiString
9074  // instance.
9075  inline int SeqOneByteStringSize(InstanceType instance_type);
9076 
9077  // Computes the size for an AsciiString instance of a given length.
9078  static int SizeFor(int length) {
9079  return OBJECT_POINTER_ALIGN(kHeaderSize + length * kCharSize);
9080  }
9081 
9082  // Maximal memory usage for a single sequential ASCII string.
9083  static const int kMaxSize = 512 * MB - 1;
9084  STATIC_CHECK((kMaxSize - kHeaderSize) >= String::kMaxLength);
9085 
9086  private:
9087  DISALLOW_IMPLICIT_CONSTRUCTORS(SeqOneByteString);
9088 };
9089 
9090 
9091 // The TwoByteString class captures sequential unicode string objects.
9092 // Each character in the TwoByteString is a two-byte uint16_t.
9093 class SeqTwoByteString: public SeqString {
9094  public:
9095  static const bool kHasAsciiEncoding = false;
9096 
9097  // Dispatched behavior.
9098  inline uint16_t SeqTwoByteStringGet(int index);
9099  inline void SeqTwoByteStringSet(int index, uint16_t value);
9100 
9101  // Get the address of the characters in this string.
9102  inline Address GetCharsAddress();
9103 
9104  inline uc16* GetChars();
9105 
9106  // For regexp code.
9107  const uint16_t* SeqTwoByteStringGetData(unsigned start);
9108 
9109  // Casting
9110  static inline SeqTwoByteString* cast(Object* obj);
9111 
9112  // Garbage collection support. This method is called by the
9113  // garbage collector to compute the actual size of a TwoByteString
9114  // instance.
9115  inline int SeqTwoByteStringSize(InstanceType instance_type);
9116 
9117  // Computes the size for a TwoByteString instance of a given length.
9118  static int SizeFor(int length) {
9119  return OBJECT_POINTER_ALIGN(kHeaderSize + length * kShortSize);
9120  }
9121 
9122  // Maximal memory usage for a single sequential two-byte string.
9123  static const int kMaxSize = 512 * MB - 1;
9124  STATIC_CHECK(static_cast<int>((kMaxSize - kHeaderSize)/sizeof(uint16_t)) >=
9125  String::kMaxLength);
9126 
9127  private:
9128  DISALLOW_IMPLICIT_CONSTRUCTORS(SeqTwoByteString);
9129 };
9130 
9131 
9132 // The ConsString class describes string values built by using the
9133 // addition operator on strings. A ConsString is a pair where the
9134 // first and second components are pointers to other string values.
9135 // One or both components of a ConsString can be pointers to other
9136 // ConsStrings, creating a binary tree of ConsStrings where the leaves
9137 // are non-ConsString string values. The string value represented by
9138 // a ConsString can be obtained by concatenating the leaf string
9139 // values in a left-to-right depth-first traversal of the tree.
9140 class ConsString: public String {
9141  public:
9142  // First string of the cons cell.
9143  inline String* first();
9144  // Doesn't check that the result is a string, even in debug mode. This is
9145  // useful during GC where the mark bits confuse the checks.
9146  inline Object* unchecked_first();
9147  inline void set_first(String* first,
9148  WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
9149 
9150  // Second string of the cons cell.
9151  inline String* second();
9152  // Doesn't check that the result is a string, even in debug mode. This is
9153  // useful during GC where the mark bits confuse the checks.
9154  inline Object* unchecked_second();
9155  inline void set_second(String* second,
9156  WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
9157 
9158  // Dispatched behavior.
9159  uint16_t ConsStringGet(int index);
9160 
9161  // Casting.
9162  static inline ConsString* cast(Object* obj);
9163 
9164  // Layout description.
9165  static const int kFirstOffset = POINTER_SIZE_ALIGN(String::kSize);
9166  static const int kSecondOffset = kFirstOffset + kPointerSize;
9167  static const int kSize = kSecondOffset + kPointerSize;
9168 
9169  // Minimum length for a cons string.
9170  static const int kMinLength = 13;
9171 
9172  typedef FixedBodyDescriptor<kFirstOffset, kSecondOffset + kPointerSize, kSize>
9173  BodyDescriptor;
9174 
9175  DECLARE_VERIFIER(ConsString)
9176 
9177  private:
9178  DISALLOW_IMPLICIT_CONSTRUCTORS(ConsString);
9179 };
9180 
9181 
9182 // The Sliced String class describes strings that are substrings of another
9183 // sequential string. The motivation is to save time and memory when creating
9184 // a substring. A Sliced String is described as a pointer to the parent,
9185 // the offset from the start of the parent string and the length. Using
9186 // a Sliced String therefore requires unpacking of the parent string and
9187 // adding the offset to the start address. A substring of a Sliced String
9188 // are not nested since the double indirection is simplified when creating
9189 // such a substring.
9190 // Currently missing features are:
9191 // - handling externalized parent strings
9192 // - external strings as parent
9193 // - truncating sliced string to enable otherwise unneeded parent to be GC'ed.
9194 class SlicedString: public String {
9195  public:
9196  inline String* parent();
9197  inline void set_parent(String* parent,
9198  WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
9199  inline int offset();
9200  inline void set_offset(int offset);
9201 
9202  // Dispatched behavior.
9203  uint16_t SlicedStringGet(int index);
9204 
9205  // Casting.
9206  static inline SlicedString* cast(Object* obj);
9207 
9208  // Layout description.
9209  static const int kParentOffset = POINTER_SIZE_ALIGN(String::kSize);
9210  static const int kOffsetOffset = kParentOffset + kPointerSize;
9211  static const int kSize = kOffsetOffset + kPointerSize;
9212 
9213  // Minimum length for a sliced string.
9214  static const int kMinLength = 13;
9215 
9216  typedef FixedBodyDescriptor<kParentOffset,
9217  kOffsetOffset + kPointerSize, kSize>
9218  BodyDescriptor;
9219 
9220  DECLARE_VERIFIER(SlicedString)
9221 
9222  private:
9223  DISALLOW_IMPLICIT_CONSTRUCTORS(SlicedString);
9224 };
9225 
9226 
9227 // The ExternalString class describes string values that are backed by
9228 // a string resource that lies outside the V8 heap. ExternalStrings
9229 // consist of the length field common to all strings, a pointer to the
9230 // external resource. It is important to ensure (externally) that the
9231 // resource is not deallocated while the ExternalString is live in the
9232 // V8 heap.
9233 //
9234 // The API expects that all ExternalStrings are created through the
9235 // API. Therefore, ExternalStrings should not be used internally.
9236 class ExternalString: public String {
9237  public:
9238  // Casting
9239  static inline ExternalString* cast(Object* obj);
9240 
9241  // Layout description.
9242  static const int kResourceOffset = POINTER_SIZE_ALIGN(String::kSize);
9243  static const int kShortSize = kResourceOffset + kPointerSize;
9244  static const int kResourceDataOffset = kResourceOffset + kPointerSize;
9245  static const int kSize = kResourceDataOffset + kPointerSize;
9246 
9247  static const int kMaxShortLength =
9248  (kShortSize - SeqString::kHeaderSize) / kCharSize;
9249 
9250  // Return whether external string is short (data pointer is not cached).
9251  inline bool is_short();
9252 
9253  STATIC_CHECK(kResourceOffset == Internals::kStringResourceOffset);
9254 
9255  private:
9256  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalString);
9257 };
9258 
9259 
9260 // The ExternalAsciiString class is an external string backed by an
9261 // ASCII string.
9262 class ExternalAsciiString: public ExternalString {
9263  public:
9264  static const bool kHasAsciiEncoding = true;
9265 
9266  typedef v8::String::ExternalAsciiStringResource Resource;
9267 
9268  // The underlying resource.
9269  inline const Resource* resource();
9270  inline void set_resource(const Resource* buffer);
9271 
9272  // Update the pointer cache to the external character array.
9273  // The cached pointer is always valid, as the external character array does =
9274  // not move during lifetime. Deserialization is the only exception, after
9275  // which the pointer cache has to be refreshed.
9276  inline void update_data_cache();
9277 
9278  inline const uint8_t* GetChars();
9279 
9280  // Dispatched behavior.
9281  inline uint16_t ExternalAsciiStringGet(int index);
9282 
9283  // Casting.
9284  static inline ExternalAsciiString* cast(Object* obj);
9285 
9286  // Garbage collection support.
9287  inline void ExternalAsciiStringIterateBody(ObjectVisitor* v);
9288 
9289  template<typename StaticVisitor>
9290  inline void ExternalAsciiStringIterateBody();
9291 
9292  private:
9293  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalAsciiString);
9294 };
9295 
9296 
9297 // The ExternalTwoByteString class is an external string backed by a UTF-16
9298 // encoded string.
9299 class ExternalTwoByteString: public ExternalString {
9300  public:
9301  static const bool kHasAsciiEncoding = false;
9302 
9303  typedef v8::String::ExternalStringResource Resource;
9304 
9305  // The underlying string resource.
9306  inline const Resource* resource();
9307  inline void set_resource(const Resource* buffer);
9308 
9309  // Update the pointer cache to the external character array.
9310  // The cached pointer is always valid, as the external character array does =
9311  // not move during lifetime. Deserialization is the only exception, after
9312  // which the pointer cache has to be refreshed.
9313  inline void update_data_cache();
9314 
9315  inline const uint16_t* GetChars();
9316 
9317  // Dispatched behavior.
9318  inline uint16_t ExternalTwoByteStringGet(int index);
9319 
9320  // For regexp code.
9321  inline const uint16_t* ExternalTwoByteStringGetData(unsigned start);
9322 
9323  // Casting.
9324  static inline ExternalTwoByteString* cast(Object* obj);
9325 
9326  // Garbage collection support.
9327  inline void ExternalTwoByteStringIterateBody(ObjectVisitor* v);
9328 
9329  template<typename StaticVisitor>
9330  inline void ExternalTwoByteStringIterateBody();
9331 
9332  private:
9333  DISALLOW_IMPLICIT_CONSTRUCTORS(ExternalTwoByteString);
9334 };
9335 
9336 
9337 // Utility superclass for stack-allocated objects that must be updated
9338 // on gc. It provides two ways for the gc to update instances, either
9339 // iterating or updating after gc.
9340 class Relocatable BASE_EMBEDDED {
9341  public:
9342  explicit inline Relocatable(Isolate* isolate);
9343  inline virtual ~Relocatable();
9344  virtual void IterateInstance(ObjectVisitor* v) { }
9345  virtual void PostGarbageCollection() { }
9346 
9347  static void PostGarbageCollectionProcessing(Isolate* isolate);
9348  static int ArchiveSpacePerThread();
9349  static char* ArchiveState(Isolate* isolate, char* to);
9350  static char* RestoreState(Isolate* isolate, char* from);
9351  static void Iterate(Isolate* isolate, ObjectVisitor* v);
9352  static void Iterate(ObjectVisitor* v, Relocatable* top);
9353  static char* Iterate(ObjectVisitor* v, char* t);
9354 
9355  private:
9356  Isolate* isolate_;
9357  Relocatable* prev_;
9358 };
9359 
9360 
9361 // A flat string reader provides random access to the contents of a
9362 // string independent of the character width of the string. The handle
9363 // must be valid as long as the reader is being used.
9364 class FlatStringReader : public Relocatable {
9365  public:
9366  FlatStringReader(Isolate* isolate, Handle<String> str);
9367  FlatStringReader(Isolate* isolate, Vector<const char> input);
9368  void PostGarbageCollection();
9369  inline uc32 Get(int index);
9370  int length() { return length_; }
9371  private:
9372  String** str_;
9373  bool is_ascii_;
9374  int length_;
9375  const void* start_;
9376 };
9377 
9378 
9379 // A ConsStringOp that returns null.
9380 // Useful when the operation to apply on a ConsString
9381 // requires an expensive data structure.
9382 class ConsStringNullOp {
9383  public:
9384  inline ConsStringNullOp() {}
9385  static inline String* Operate(String*, unsigned*, int32_t*, unsigned*);
9386  private:
9387  DISALLOW_COPY_AND_ASSIGN(ConsStringNullOp);
9388 };
9389 
9390 
9391 // This maintains an off-stack representation of the stack frames required
9392 // to traverse a ConsString, allowing an entirely iterative and restartable
9393 // traversal of the entire string
9394 // Note: this class is not GC-safe.
9395 class ConsStringIteratorOp {
9396  public:
9397  inline ConsStringIteratorOp() {}
9398  String* Operate(String* string,
9399  unsigned* offset_out,
9400  int32_t* type_out,
9401  unsigned* length_out);
9402  inline String* ContinueOperation(int32_t* type_out, unsigned* length_out);
9403  inline void Reset();
9404  inline bool HasMore();
9405 
9406  private:
9407  // TODO(dcarney): Templatize this out for different stack sizes.
9408  static const unsigned kStackSize = 32;
9409  // Use a mask instead of doing modulo operations for stack wrapping.
9410  static const unsigned kDepthMask = kStackSize-1;
9411  STATIC_ASSERT(IS_POWER_OF_TWO(kStackSize));
9412  static inline unsigned OffsetForDepth(unsigned depth);
9413 
9414  inline void PushLeft(ConsString* string);
9415  inline void PushRight(ConsString* string);
9416  inline void AdjustMaximumDepth();
9417  inline void Pop();
9418  String* NextLeaf(bool* blew_stack, int32_t* type_out, unsigned* length_out);
9419  String* Search(unsigned* offset_out,
9420  int32_t* type_out,
9421  unsigned* length_out);
9422 
9423  unsigned depth_;
9424  unsigned maximum_depth_;
9425  // Stack must always contain only frames for which right traversal
9426  // has not yet been performed.
9427  ConsString* frames_[kStackSize];
9428  unsigned consumed_;
9429  ConsString* root_;
9430  DISALLOW_COPY_AND_ASSIGN(ConsStringIteratorOp);
9431 };
9432 
9433 
9434 // Note: this class is not GC-safe.
9435 class StringCharacterStream {
9436  public:
9437  inline StringCharacterStream(String* string,
9438  ConsStringIteratorOp* op,
9439  unsigned offset = 0);
9440  inline uint16_t GetNext();
9441  inline bool HasMore();
9442  inline void Reset(String* string, unsigned offset = 0);
9443  inline void VisitOneByteString(const uint8_t* chars, unsigned length);
9444  inline void VisitTwoByteString(const uint16_t* chars, unsigned length);
9445 
9446  private:
9447  bool is_one_byte_;
9448  union {
9449  const uint8_t* buffer8_;
9450  const uint16_t* buffer16_;
9451  };
9452  const uint8_t* end_;
9453  ConsStringIteratorOp* op_;
9454  DISALLOW_COPY_AND_ASSIGN(StringCharacterStream);
9455 };
9456 
9457 
9458 template <typename T>
9459 class VectorIterator {
9460  public:
9461  VectorIterator(T* d, int l) : data_(Vector<const T>(d, l)), index_(0) { }
9462  explicit VectorIterator(Vector<const T> data) : data_(data), index_(0) { }
9463  T GetNext() { return data_[index_++]; }
9464  bool has_more() { return index_ < data_.length(); }
9465  private:
9466  Vector<const T> data_;
9467  int index_;
9468 };
9469 
9470 
9471 // The Oddball describes objects null, undefined, true, and false.
9472 class Oddball: public HeapObject {
9473  public:
9474  // [to_string]: Cached to_string computed at startup.
9475  DECL_ACCESSORS(to_string, String)
9476 
9477  // [to_number]: Cached to_number computed at startup.
9478  DECL_ACCESSORS(to_number, Object)
9479 
9480  inline byte kind();
9481  inline void set_kind(byte kind);
9482 
9483  // Casting.
9484  static inline Oddball* cast(Object* obj);
9485 
9486  // Dispatched behavior.
9487  DECLARE_VERIFIER(Oddball)
9488 
9489  // Initialize the fields.
9490  MUST_USE_RESULT MaybeObject* Initialize(Heap* heap,
9491  const char* to_string,
9492  Object* to_number,
9493  byte kind);
9494 
9495  // Layout description.
9496  static const int kToStringOffset = HeapObject::kHeaderSize;
9497  static const int kToNumberOffset = kToStringOffset + kPointerSize;
9498  static const int kKindOffset = kToNumberOffset + kPointerSize;
9499  static const int kSize = kKindOffset + kPointerSize;
9500 
9501  static const byte kFalse = 0;
9502  static const byte kTrue = 1;
9503  static const byte kNotBooleanMask = ~1;
9504  static const byte kTheHole = 2;
9505  static const byte kNull = 3;
9506  static const byte kArgumentMarker = 4;
9507  static const byte kUndefined = 5;
9508  static const byte kUninitialized = 6;
9509  static const byte kOther = 7;
9510 
9511  typedef FixedBodyDescriptor<kToStringOffset,
9512  kToNumberOffset + kPointerSize,
9513  kSize> BodyDescriptor;
9514 
9515  STATIC_CHECK(kKindOffset == Internals::kOddballKindOffset);
9516  STATIC_CHECK(kNull == Internals::kNullOddballKind);
9517  STATIC_CHECK(kUndefined == Internals::kUndefinedOddballKind);
9518 
9519  private:
9520  DISALLOW_IMPLICIT_CONSTRUCTORS(Oddball);
9521 };
9522 
9523 
9524 class Cell: public HeapObject {
9525  public:
9526  // [value]: value of the global property.
9527  DECL_ACCESSORS(value, Object)
9528 
9529  // Casting.
9530  static inline Cell* cast(Object* obj);
9531 
9532  static inline Cell* FromValueAddress(Address value) {
9533  Object* result = FromAddress(value - kValueOffset);
9534  ASSERT(result->IsCell() || result->IsPropertyCell());
9535  return static_cast<Cell*>(result);
9536  }
9537 
9538  inline Address ValueAddress() {
9539  return address() + kValueOffset;
9540  }
9541 
9542  // Dispatched behavior.
9543  DECLARE_PRINTER(Cell)
9544  DECLARE_VERIFIER(Cell)
9545 
9546  // Layout description.
9547  static const int kValueOffset = HeapObject::kHeaderSize;
9548  static const int kSize = kValueOffset + kPointerSize;
9549 
9550  typedef FixedBodyDescriptor<kValueOffset,
9551  kValueOffset + kPointerSize,
9552  kSize> BodyDescriptor;
9553 
9554  private:
9555  DISALLOW_IMPLICIT_CONSTRUCTORS(Cell);
9556 };
9557 
9558 
9559 class PropertyCell: public Cell {
9560  public:
9561  // [type]: type of the global property.
9562  HeapType* type();
9563  void set_type(HeapType* value, WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
9564 
9565  // [dependent_code]: dependent code that depends on the type of the global
9566  // property.
9567  DECL_ACCESSORS(dependent_code, DependentCode)
9568 
9569  // Sets the value of the cell and updates the type field to be the union
9570  // of the cell's current type and the value's type. If the change causes
9571  // a change of the type of the cell's contents, code dependent on the cell
9572  // will be deoptimized.
9573  static void SetValueInferType(Handle<PropertyCell> cell,
9574  Handle<Object> value);
9575 
9576  // Computes the new type of the cell's contents for the given value, but
9577  // without actually modifying the 'type' field.
9578  static Handle<HeapType> UpdatedType(Handle<PropertyCell> cell,
9579  Handle<Object> value);
9580 
9581  void AddDependentCompilationInfo(CompilationInfo* info);
9582 
9583  void AddDependentCode(Handle<Code> code);
9584 
9585  // Casting.
9586  static inline PropertyCell* cast(Object* obj);
9587 
9588  inline Address TypeAddress() {
9589  return address() + kTypeOffset;
9590  }
9591 
9592  // Dispatched behavior.
9593  DECLARE_PRINTER(PropertyCell)
9594  DECLARE_VERIFIER(PropertyCell)
9595 
9596  // Layout description.
9597  static const int kTypeOffset = kValueOffset + kPointerSize;
9598  static const int kDependentCodeOffset = kTypeOffset + kPointerSize;
9599  static const int kSize = kDependentCodeOffset + kPointerSize;
9600 
9601  static const int kPointerFieldsBeginOffset = kValueOffset;
9602  static const int kPointerFieldsEndOffset = kDependentCodeOffset;
9603 
9604  typedef FixedBodyDescriptor<kValueOffset,
9605  kSize,
9606  kSize> BodyDescriptor;
9607 
9608  private:
9609  DECL_ACCESSORS(type_raw, Object)
9610  DISALLOW_IMPLICIT_CONSTRUCTORS(PropertyCell);
9611 };
9612 
9613 
9614 // The JSProxy describes EcmaScript Harmony proxies
9615 class JSProxy: public JSReceiver {
9616  public:
9617  // [handler]: The handler property.
9618  DECL_ACCESSORS(handler, Object)
9619 
9620  // [hash]: The hash code property (undefined if not initialized yet).
9621  DECL_ACCESSORS(hash, Object)
9622 
9623  // Casting.
9624  static inline JSProxy* cast(Object* obj);
9625 
9626  MUST_USE_RESULT MaybeObject* GetPropertyWithHandler(
9627  Object* receiver,
9628  Name* name);
9629  MUST_USE_RESULT MaybeObject* GetElementWithHandler(
9630  Object* receiver,
9631  uint32_t index);
9632 
9633  // If the handler defines an accessor property with a setter, invoke it.
9634  // If it defines an accessor property without a setter, or a data property
9635  // that is read-only, throw. In all these cases set '*done' to true,
9636  // otherwise set it to false.
9637  static Handle<Object> SetPropertyViaPrototypesWithHandler(
9638  Handle<JSProxy> proxy,
9639  Handle<JSReceiver> receiver,
9640  Handle<Name> name,
9641  Handle<Object> value,
9642  PropertyAttributes attributes,
9643  StrictMode strict_mode,
9644  bool* done);
9645 
9646  static PropertyAttributes GetPropertyAttributeWithHandler(
9647  Handle<JSProxy> proxy,
9648  Handle<JSReceiver> receiver,
9649  Handle<Name> name);
9650  static PropertyAttributes GetElementAttributeWithHandler(
9651  Handle<JSProxy> proxy,
9652  Handle<JSReceiver> receiver,
9653  uint32_t index);
9654 
9655  // Turn the proxy into an (empty) JSObject.
9656  static void Fix(Handle<JSProxy> proxy);
9657 
9658  // Initializes the body after the handler slot.
9659  inline void InitializeBody(int object_size, Object* value);
9660 
9661  // Invoke a trap by name. If the trap does not exist on this's handler,
9662  // but derived_trap is non-NULL, invoke that instead. May cause GC.
9663  Handle<Object> CallTrap(const char* name,
9664  Handle<Object> derived_trap,
9665  int argc,
9666  Handle<Object> args[]);
9667 
9668  // Dispatched behavior.
9669  DECLARE_PRINTER(JSProxy)
9670  DECLARE_VERIFIER(JSProxy)
9671 
9672  // Layout description. We add padding so that a proxy has the same
9673  // size as a virgin JSObject. This is essential for becoming a JSObject
9674  // upon freeze.
9675  static const int kHandlerOffset = HeapObject::kHeaderSize;
9676  static const int kHashOffset = kHandlerOffset + kPointerSize;
9677  static const int kPaddingOffset = kHashOffset + kPointerSize;
9678  static const int kSize = JSObject::kHeaderSize;
9679  static const int kHeaderSize = kPaddingOffset;
9680  static const int kPaddingSize = kSize - kPaddingOffset;
9681 
9682  STATIC_CHECK(kPaddingSize >= 0);
9683 
9684  typedef FixedBodyDescriptor<kHandlerOffset,
9685  kPaddingOffset,
9686  kSize> BodyDescriptor;
9687 
9688  private:
9689  friend class JSReceiver;
9690 
9691  static Handle<Object> SetPropertyWithHandler(Handle<JSProxy> proxy,
9692  Handle<JSReceiver> receiver,
9693  Handle<Name> name,
9694  Handle<Object> value,
9695  PropertyAttributes attributes,
9696  StrictMode strict_mode);
9697  static Handle<Object> SetElementWithHandler(Handle<JSProxy> proxy,
9698  Handle<JSReceiver> receiver,
9699  uint32_t index,
9700  Handle<Object> value,
9701  StrictMode strict_mode);
9702 
9703  static bool HasPropertyWithHandler(Handle<JSProxy> proxy, Handle<Name> name);
9704  static bool HasElementWithHandler(Handle<JSProxy> proxy, uint32_t index);
9705 
9706  static Handle<Object> DeletePropertyWithHandler(Handle<JSProxy> proxy,
9707  Handle<Name> name,
9708  DeleteMode mode);
9709  static Handle<Object> DeleteElementWithHandler(Handle<JSProxy> proxy,
9710  uint32_t index,
9711  DeleteMode mode);
9712 
9713  MUST_USE_RESULT Object* GetIdentityHash();
9714 
9715  static Handle<Object> GetOrCreateIdentityHash(Handle<JSProxy> proxy);
9716 
9717  DISALLOW_IMPLICIT_CONSTRUCTORS(JSProxy);
9718 };
9719 
9720 
9721 class JSFunctionProxy: public JSProxy {
9722  public:
9723  // [call_trap]: The call trap.
9724  DECL_ACCESSORS(call_trap, Object)
9725 
9726  // [construct_trap]: The construct trap.
9727  DECL_ACCESSORS(construct_trap, Object)
9728 
9729  // Casting.
9730  static inline JSFunctionProxy* cast(Object* obj);
9731 
9732  // Dispatched behavior.
9733  DECLARE_PRINTER(JSFunctionProxy)
9734  DECLARE_VERIFIER(JSFunctionProxy)
9735 
9736  // Layout description.
9737  static const int kCallTrapOffset = JSProxy::kPaddingOffset;
9738  static const int kConstructTrapOffset = kCallTrapOffset + kPointerSize;
9739  static const int kPaddingOffset = kConstructTrapOffset + kPointerSize;
9740  static const int kSize = JSFunction::kSize;
9741  static const int kPaddingSize = kSize - kPaddingOffset;
9742 
9743  STATIC_CHECK(kPaddingSize >= 0);
9744 
9745  typedef FixedBodyDescriptor<kHandlerOffset,
9746  kConstructTrapOffset + kPointerSize,
9747  kSize> BodyDescriptor;
9748 
9749  private:
9750  DISALLOW_IMPLICIT_CONSTRUCTORS(JSFunctionProxy);
9751 };
9752 
9753 
9754 // The JSSet describes EcmaScript Harmony sets
9755 class JSSet: public JSObject {
9756  public:
9757  // [set]: the backing hash set containing keys.
9758  DECL_ACCESSORS(table, Object)
9759 
9760  // Casting.
9761  static inline JSSet* cast(Object* obj);
9762 
9763  // Dispatched behavior.
9764  DECLARE_PRINTER(JSSet)
9765  DECLARE_VERIFIER(JSSet)
9766 
9767  static const int kTableOffset = JSObject::kHeaderSize;
9768  static const int kSize = kTableOffset + kPointerSize;
9769 
9770  private:
9771  DISALLOW_IMPLICIT_CONSTRUCTORS(JSSet);
9772 };
9773 
9774 
9775 // The JSMap describes EcmaScript Harmony maps
9776 class JSMap: public JSObject {
9777  public:
9778  // [table]: the backing hash table mapping keys to values.
9779  DECL_ACCESSORS(table, Object)
9780 
9781  // Casting.
9782  static inline JSMap* cast(Object* obj);
9783 
9784  // Dispatched behavior.
9785  DECLARE_PRINTER(JSMap)
9786  DECLARE_VERIFIER(JSMap)
9787 
9788  static const int kTableOffset = JSObject::kHeaderSize;
9789  static const int kSize = kTableOffset + kPointerSize;
9790 
9791  private:
9792  DISALLOW_IMPLICIT_CONSTRUCTORS(JSMap);
9793 };
9794 
9795 
9796 // Base class for both JSWeakMap and JSWeakSet
9797 class JSWeakCollection: public JSObject {
9798  public:
9799  // [table]: the backing hash table mapping keys to values.
9800  DECL_ACCESSORS(table, Object)
9801 
9802  // [next]: linked list of encountered weak maps during GC.
9803  DECL_ACCESSORS(next, Object)
9804 
9805  static const int kTableOffset = JSObject::kHeaderSize;
9806  static const int kNextOffset = kTableOffset + kPointerSize;
9807  static const int kSize = kNextOffset + kPointerSize;
9808 
9809  private:
9810  DISALLOW_IMPLICIT_CONSTRUCTORS(JSWeakCollection);
9811 };
9812 
9813 
9814 // The JSWeakMap describes EcmaScript Harmony weak maps
9815 class JSWeakMap: public JSWeakCollection {
9816  public:
9817  // Casting.
9818  static inline JSWeakMap* cast(Object* obj);
9819 
9820  // Dispatched behavior.
9821  DECLARE_PRINTER(JSWeakMap)
9822  DECLARE_VERIFIER(JSWeakMap)
9823 
9824  private:
9825  DISALLOW_IMPLICIT_CONSTRUCTORS(JSWeakMap);
9826 };
9827 
9828 
9829 // The JSWeakSet describes EcmaScript Harmony weak sets
9830 class JSWeakSet: public JSWeakCollection {
9831  public:
9832  // Casting.
9833  static inline JSWeakSet* cast(Object* obj);
9834 
9835  // Dispatched behavior.
9836  DECLARE_PRINTER(JSWeakSet)
9837  DECLARE_VERIFIER(JSWeakSet)
9838 
9839  private:
9840  DISALLOW_IMPLICIT_CONSTRUCTORS(JSWeakSet);
9841 };
9842 
9843 
9844 class JSArrayBuffer: public JSObject {
9845  public:
9846  // [backing_store]: backing memory for this array
9847  DECL_ACCESSORS(backing_store, void)
9848 
9849  // [byte_length]: length in bytes
9850  DECL_ACCESSORS(byte_length, Object)
9851 
9852  // [flags]
9853  DECL_ACCESSORS(flag, Smi)
9854 
9855  inline bool is_external();
9856  inline void set_is_external(bool value);
9857 
9858  inline bool should_be_freed();
9859  inline void set_should_be_freed(bool value);
9860 
9861  // [weak_next]: linked list of array buffers.
9862  DECL_ACCESSORS(weak_next, Object)
9863 
9864  // [weak_first_array]: weak linked list of views.
9865  DECL_ACCESSORS(weak_first_view, Object)
9866 
9867  // Casting.
9868  static inline JSArrayBuffer* cast(Object* obj);
9869 
9870  // Neutering. Only neuters the buffer, not associated typed arrays.
9871  void Neuter();
9872 
9873  // Dispatched behavior.
9874  DECLARE_PRINTER(JSArrayBuffer)
9875  DECLARE_VERIFIER(JSArrayBuffer)
9876 
9877  static const int kBackingStoreOffset = JSObject::kHeaderSize;
9878  static const int kByteLengthOffset = kBackingStoreOffset + kPointerSize;
9879  static const int kFlagOffset = kByteLengthOffset + kPointerSize;
9880  static const int kWeakNextOffset = kFlagOffset + kPointerSize;
9881  static const int kWeakFirstViewOffset = kWeakNextOffset + kPointerSize;
9882  static const int kSize = kWeakFirstViewOffset + kPointerSize;
9883 
9884  static const int kSizeWithInternalFields =
9885  kSize + v8::ArrayBuffer::kInternalFieldCount * kPointerSize;
9886 
9887  private:
9888  // Bit position in a flag
9889  static const int kIsExternalBit = 0;
9890  static const int kShouldBeFreed = 1;
9891 
9892  DISALLOW_IMPLICIT_CONSTRUCTORS(JSArrayBuffer);
9893 };
9894 
9895 
9896 class JSArrayBufferView: public JSObject {
9897  public:
9898  // [buffer]: ArrayBuffer that this typed array views.
9899  DECL_ACCESSORS(buffer, Object)
9900 
9901  // [byte_length]: offset of typed array in bytes.
9902  DECL_ACCESSORS(byte_offset, Object)
9903 
9904  // [byte_length]: length of typed array in bytes.
9905  DECL_ACCESSORS(byte_length, Object)
9906 
9907  // [weak_next]: linked list of typed arrays over the same array buffer.
9908  DECL_ACCESSORS(weak_next, Object)
9909 
9910  // Casting.
9911  static inline JSArrayBufferView* cast(Object* obj);
9912 
9913  DECLARE_VERIFIER(JSArrayBufferView)
9914 
9915  static const int kBufferOffset = JSObject::kHeaderSize;
9916  static const int kByteOffsetOffset = kBufferOffset + kPointerSize;
9917  static const int kByteLengthOffset = kByteOffsetOffset + kPointerSize;
9918  static const int kWeakNextOffset = kByteLengthOffset + kPointerSize;
9919  static const int kViewSize = kWeakNextOffset + kPointerSize;
9920 
9921  protected:
9922  void NeuterView();
9923 
9924  private:
9925  DISALLOW_IMPLICIT_CONSTRUCTORS(JSArrayBufferView);
9926 };
9927 
9928 
9929 class JSTypedArray: public JSArrayBufferView {
9930  public:
9931  // [length]: length of typed array in elements.
9932  DECL_ACCESSORS(length, Object)
9933 
9934  // Neutering. Only neuters this typed array.
9935  void Neuter();
9936 
9937  // Casting.
9938  static inline JSTypedArray* cast(Object* obj);
9939 
9940  ExternalArrayType type();
9941  size_t element_size();
9942 
9943  Handle<JSArrayBuffer> GetBuffer();
9944 
9945  // Dispatched behavior.
9946  DECLARE_PRINTER(JSTypedArray)
9947  DECLARE_VERIFIER(JSTypedArray)
9948 
9949  static const int kLengthOffset = kViewSize + kPointerSize;
9950  static const int kSize = kLengthOffset + kPointerSize;
9951 
9952  static const int kSizeWithInternalFields =
9953  kSize + v8::ArrayBufferView::kInternalFieldCount * kPointerSize;
9954 
9955  private:
9956  static Handle<JSArrayBuffer> MaterializeArrayBuffer(
9957  Handle<JSTypedArray> typed_array);
9958 
9959  DISALLOW_IMPLICIT_CONSTRUCTORS(JSTypedArray);
9960 };
9961 
9962 
9963 class JSDataView: public JSArrayBufferView {
9964  public:
9965  // Only neuters this DataView
9966  void Neuter();
9967 
9968  // Casting.
9969  static inline JSDataView* cast(Object* obj);
9970 
9971  // Dispatched behavior.
9972  DECLARE_PRINTER(JSDataView)
9973  DECLARE_VERIFIER(JSDataView)
9974 
9975  static const int kSize = kViewSize;
9976 
9977  static const int kSizeWithInternalFields =
9978  kSize + v8::ArrayBufferView::kInternalFieldCount * kPointerSize;
9979 
9980  private:
9981  DISALLOW_IMPLICIT_CONSTRUCTORS(JSDataView);
9982 };
9983 
9984 
9985 // Foreign describes objects pointing from JavaScript to C structures.
9986 // Since they cannot contain references to JS HeapObjects they can be
9987 // placed in old_data_space.
9988 class Foreign: public HeapObject {
9989  public:
9990  // [address]: field containing the address.
9991  inline Address foreign_address();
9992  inline void set_foreign_address(Address value);
9993 
9994  // Casting.
9995  static inline Foreign* cast(Object* obj);
9996 
9997  // Dispatched behavior.
9998  inline void ForeignIterateBody(ObjectVisitor* v);
9999 
10000  template<typename StaticVisitor>
10001  inline void ForeignIterateBody();
10002 
10003  // Dispatched behavior.
10004  DECLARE_PRINTER(Foreign)
10005  DECLARE_VERIFIER(Foreign)
10006 
10007  // Layout description.
10008 
10009  static const int kForeignAddressOffset = HeapObject::kHeaderSize;
10010  static const int kSize = kForeignAddressOffset + kPointerSize;
10011 
10012  STATIC_CHECK(kForeignAddressOffset == Internals::kForeignAddressOffset);
10013 
10014  private:
10015  DISALLOW_IMPLICIT_CONSTRUCTORS(Foreign);
10016 };
10017 
10018 
10019 // The JSArray describes JavaScript Arrays
10020 // Such an array can be in one of two modes:
10021 // - fast, backing storage is a FixedArray and length <= elements.length();
10022 // Please note: push and pop can be used to grow and shrink the array.
10023 // - slow, backing storage is a HashTable with numbers as keys.
10024 class JSArray: public JSObject {
10025  public:
10026  // [length]: The length property.
10027  DECL_ACCESSORS(length, Object)
10028 
10029  // Overload the length setter to skip write barrier when the length
10030  // is set to a smi. This matches the set function on FixedArray.
10031  inline void set_length(Smi* length);
10032 
10033  static void JSArrayUpdateLengthFromIndex(Handle<JSArray> array,
10034  uint32_t index,
10035  Handle<Object> value);
10036 
10037  MUST_USE_RESULT MaybeObject* JSArrayUpdateLengthFromIndex(uint32_t index,
10038  Object* value);
10039 
10040  // Initialize the array with the given capacity. The function may
10041  // fail due to out-of-memory situations, but only if the requested
10042  // capacity is non-zero.
10043  static void Initialize(Handle<JSArray> array, int capacity, int length = 0);
10044 
10045  // Initializes the array to a certain length.
10046  inline bool AllowsSetElementsLength();
10047  // Can cause GC.
10048  static Handle<Object> SetElementsLength(Handle<JSArray> array,
10049  Handle<Object> length);
10050 
10051  // Set the content of the array to the content of storage.
10052  static inline void SetContent(Handle<JSArray> array,
10053  Handle<FixedArrayBase> storage);
10054 
10055  // Casting.
10056  static inline JSArray* cast(Object* obj);
10057 
10058  // Ensures that the fixed array backing the JSArray has at
10059  // least the stated size.
10060  static inline void EnsureSize(Handle<JSArray> array,
10061  int minimum_size_of_backing_fixed_array);
10062 
10063  // Expand the fixed array backing of a fast-case JSArray to at least
10064  // the requested size.
10065  static void Expand(Handle<JSArray> array,
10066  int minimum_size_of_backing_fixed_array);
10067 
10068  // Dispatched behavior.
10069  DECLARE_PRINTER(JSArray)
10070  DECLARE_VERIFIER(JSArray)
10071 
10072  // Number of element slots to pre-allocate for an empty array.
10073  static const int kPreallocatedArrayElements = 4;
10074 
10075  // Layout description.
10076  static const int kLengthOffset = JSObject::kHeaderSize;
10077  static const int kSize = kLengthOffset + kPointerSize;
10078 
10079  private:
10080  DISALLOW_IMPLICIT_CONSTRUCTORS(JSArray);
10081 };
10082 
10083 
10084 Handle<Object> CacheInitialJSArrayMaps(Handle<Context> native_context,
10085  Handle<Map> initial_map);
10086 
10087 
10088 // JSRegExpResult is just a JSArray with a specific initial map.
10089 // This initial map adds in-object properties for "index" and "input"
10090 // properties, as assigned by RegExp.prototype.exec, which allows
10091 // faster creation of RegExp exec results.
10092 // This class just holds constants used when creating the result.
10093 // After creation the result must be treated as a JSArray in all regards.
10094 class JSRegExpResult: public JSArray {
10095  public:
10096  // Offsets of object fields.
10097  static const int kIndexOffset = JSArray::kSize;
10098  static const int kInputOffset = kIndexOffset + kPointerSize;
10099  static const int kSize = kInputOffset + kPointerSize;
10100  // Indices of in-object properties.
10101  static const int kIndexIndex = 0;
10102  static const int kInputIndex = 1;
10103  private:
10104  DISALLOW_IMPLICIT_CONSTRUCTORS(JSRegExpResult);
10105 };
10106 
10107 
10108 class AccessorInfo: public Struct {
10109  public:
10110  DECL_ACCESSORS(name, Object)
10111  DECL_ACCESSORS(flag, Smi)
10112  DECL_ACCESSORS(expected_receiver_type, Object)
10113 
10114  inline bool all_can_read();
10115  inline void set_all_can_read(bool value);
10116 
10117  inline bool all_can_write();
10118  inline void set_all_can_write(bool value);
10119 
10120  inline bool prohibits_overwriting();
10121  inline void set_prohibits_overwriting(bool value);
10122 
10123  inline PropertyAttributes property_attributes();
10124  inline void set_property_attributes(PropertyAttributes attributes);
10125 
10126  // Checks whether the given receiver is compatible with this accessor.
10127  inline bool IsCompatibleReceiver(Object* receiver);
10128 
10129  static inline AccessorInfo* cast(Object* obj);
10130 
10131  // Dispatched behavior.
10132  DECLARE_VERIFIER(AccessorInfo)
10133 
10134  // Append all descriptors to the array that are not already there.
10135  // Return number added.
10136  static int AppendUnique(Handle<Object> descriptors,
10137  Handle<FixedArray> array,
10138  int valid_descriptors);
10139 
10140  static const int kNameOffset = HeapObject::kHeaderSize;
10141  static const int kFlagOffset = kNameOffset + kPointerSize;
10142  static const int kExpectedReceiverTypeOffset = kFlagOffset + kPointerSize;
10143  static const int kSize = kExpectedReceiverTypeOffset + kPointerSize;
10144 
10145  private:
10146  // Bit positions in flag.
10147  static const int kAllCanReadBit = 0;
10148  static const int kAllCanWriteBit = 1;
10149  static const int kProhibitsOverwritingBit = 2;
10150  class AttributesField: public BitField<PropertyAttributes, 3, 3> {};
10151 
10152  DISALLOW_IMPLICIT_CONSTRUCTORS(AccessorInfo);
10153 };
10154 
10155 
10156 enum AccessorDescriptorType {
10157  kDescriptorBitmaskCompare,
10158  kDescriptorPointerCompare,
10159  kDescriptorPrimitiveValue,
10160  kDescriptorObjectDereference,
10161  kDescriptorPointerDereference,
10162  kDescriptorPointerShift,
10163  kDescriptorReturnObject
10164 };
10165 
10166 
10167 struct BitmaskCompareDescriptor {
10168  uint32_t bitmask;
10169  uint32_t compare_value;
10170  uint8_t size; // Must be in {1,2,4}.
10171 };
10172 
10173 
10174 struct PointerCompareDescriptor {
10175  void* compare_value;
10176 };
10177 
10178 
10179 struct PrimitiveValueDescriptor {
10180  v8::DeclaredAccessorDescriptorDataType data_type;
10181  uint8_t bool_offset; // Must be in [0,7], used for kDescriptorBoolType.
10182 };
10183 
10184 
10185 struct ObjectDerefenceDescriptor {
10186  uint8_t internal_field;
10187 };
10188 
10189 
10190 struct PointerShiftDescriptor {
10191  int16_t byte_offset;
10192 };
10193 
10194 
10195 struct DeclaredAccessorDescriptorData {
10196  AccessorDescriptorType type;
10197  union {
10198  struct BitmaskCompareDescriptor bitmask_compare_descriptor;
10199  struct PointerCompareDescriptor pointer_compare_descriptor;
10200  struct PrimitiveValueDescriptor primitive_value_descriptor;
10201  struct ObjectDerefenceDescriptor object_dereference_descriptor;
10202  struct PointerShiftDescriptor pointer_shift_descriptor;
10203  };
10204 };
10205 
10206 
10207 class DeclaredAccessorDescriptor;
10208 
10209 
10210 class DeclaredAccessorDescriptorIterator {
10211  public:
10212  explicit DeclaredAccessorDescriptorIterator(
10213  DeclaredAccessorDescriptor* descriptor);
10214  const DeclaredAccessorDescriptorData* Next();
10215  bool Complete() const { return length_ == offset_; }
10216  private:
10217  uint8_t* array_;
10218  const int length_;
10219  int offset_;
10220  DISALLOW_IMPLICIT_CONSTRUCTORS(DeclaredAccessorDescriptorIterator);
10221 };
10222 
10223 
10224 class DeclaredAccessorDescriptor: public Struct {
10225  public:
10226  DECL_ACCESSORS(serialized_data, ByteArray)
10227 
10228  static inline DeclaredAccessorDescriptor* cast(Object* obj);
10229 
10230  static Handle<DeclaredAccessorDescriptor> Create(
10231  Isolate* isolate,
10232  const DeclaredAccessorDescriptorData& data,
10233  Handle<DeclaredAccessorDescriptor> previous);
10234 
10235  // Dispatched behavior.
10236  DECLARE_PRINTER(DeclaredAccessorDescriptor)
10237  DECLARE_VERIFIER(DeclaredAccessorDescriptor)
10238 
10239  static const int kSerializedDataOffset = HeapObject::kHeaderSize;
10240  static const int kSize = kSerializedDataOffset + kPointerSize;
10241 
10242  private:
10243  DISALLOW_IMPLICIT_CONSTRUCTORS(DeclaredAccessorDescriptor);
10244 };
10245 
10246 
10247 class DeclaredAccessorInfo: public AccessorInfo {
10248  public:
10249  DECL_ACCESSORS(descriptor, DeclaredAccessorDescriptor)
10250 
10251  static inline DeclaredAccessorInfo* cast(Object* obj);
10252 
10253  // Dispatched behavior.
10254  DECLARE_PRINTER(DeclaredAccessorInfo)
10255  DECLARE_VERIFIER(DeclaredAccessorInfo)
10256 
10257  static const int kDescriptorOffset = AccessorInfo::kSize;
10258  static const int kSize = kDescriptorOffset + kPointerSize;
10259 
10260  private:
10261  DISALLOW_IMPLICIT_CONSTRUCTORS(DeclaredAccessorInfo);
10262 };
10263 
10264 
10265 // An accessor must have a getter, but can have no setter.
10266 //
10267 // When setting a property, V8 searches accessors in prototypes.
10268 // If an accessor was found and it does not have a setter,
10269 // the request is ignored.
10270 //
10271 // If the accessor in the prototype has the READ_ONLY property attribute, then
10272 // a new value is added to the local object when the property is set.
10273 // This shadows the accessor in the prototype.
10274 class ExecutableAccessorInfo: public AccessorInfo {
10275  public:
10276  DECL_ACCESSORS(getter, Object)
10277  DECL_ACCESSORS(setter, Object)
10278  DECL_ACCESSORS(data, Object)
10279 
10280  static inline ExecutableAccessorInfo* cast(Object* obj);
10281 
10282  // Dispatched behavior.
10283  DECLARE_PRINTER(ExecutableAccessorInfo)
10284  DECLARE_VERIFIER(ExecutableAccessorInfo)
10285 
10286  static const int kGetterOffset = AccessorInfo::kSize;
10287  static const int kSetterOffset = kGetterOffset + kPointerSize;
10288  static const int kDataOffset = kSetterOffset + kPointerSize;
10289  static const int kSize = kDataOffset + kPointerSize;
10290 
10291  private:
10292  DISALLOW_IMPLICIT_CONSTRUCTORS(ExecutableAccessorInfo);
10293 };
10294 
10295 
10296 // Support for JavaScript accessors: A pair of a getter and a setter. Each
10297 // accessor can either be
10298 // * a pointer to a JavaScript function or proxy: a real accessor
10299 // * undefined: considered an accessor by the spec, too, strangely enough
10300 // * the hole: an accessor which has not been set
10301 // * a pointer to a map: a transition used to ensure map sharing
10302 // access_flags provides the ability to override access checks on access check
10303 // failure.
10304 class AccessorPair: public Struct {
10305  public:
10306  DECL_ACCESSORS(getter, Object)
10307  DECL_ACCESSORS(setter, Object)
10308  DECL_ACCESSORS(access_flags, Smi)
10309 
10310  inline void set_access_flags(v8::AccessControl access_control);
10311  inline bool all_can_read();
10312  inline bool all_can_write();
10313  inline bool prohibits_overwriting();
10314 
10315  static inline AccessorPair* cast(Object* obj);
10316 
10317  static Handle<AccessorPair> Copy(Handle<AccessorPair> pair);
10318 
10319  Object* get(AccessorComponent component) {
10320  return component == ACCESSOR_GETTER ? getter() : setter();
10321  }
10322 
10323  void set(AccessorComponent component, Object* value) {
10324  if (component == ACCESSOR_GETTER) {
10325  set_getter(value);
10326  } else {
10327  set_setter(value);
10328  }
10329  }
10330 
10331  // Note: Returns undefined instead in case of a hole.
10332  Object* GetComponent(AccessorComponent component);
10333 
10334  // Set both components, skipping arguments which are a JavaScript null.
10335  void SetComponents(Object* getter, Object* setter) {
10336  if (!getter->IsNull()) set_getter(getter);
10337  if (!setter->IsNull()) set_setter(setter);
10338  }
10339 
10340  bool ContainsAccessor() {
10341  return IsJSAccessor(getter()) || IsJSAccessor(setter());
10342  }
10343 
10344  // Dispatched behavior.
10345  DECLARE_PRINTER(AccessorPair)
10346  DECLARE_VERIFIER(AccessorPair)
10347 
10348  static const int kGetterOffset = HeapObject::kHeaderSize;
10349  static const int kSetterOffset = kGetterOffset + kPointerSize;
10350  static const int kAccessFlagsOffset = kSetterOffset + kPointerSize;
10351  static const int kSize = kAccessFlagsOffset + kPointerSize;
10352 
10353  private:
10354  static const int kAllCanReadBit = 0;
10355  static const int kAllCanWriteBit = 1;
10356  static const int kProhibitsOverwritingBit = 2;
10357 
10358  // Strangely enough, in addition to functions and harmony proxies, the spec
10359  // requires us to consider undefined as a kind of accessor, too:
10360  // var obj = {};
10361  // Object.defineProperty(obj, "foo", {get: undefined});
10362  // assertTrue("foo" in obj);
10363  bool IsJSAccessor(Object* obj) {
10364  return obj->IsSpecFunction() || obj->IsUndefined();
10365  }
10366 
10367  DISALLOW_IMPLICIT_CONSTRUCTORS(AccessorPair);
10368 };
10369 
10370 
10371 class AccessCheckInfo: public Struct {
10372  public:
10373  DECL_ACCESSORS(named_callback, Object)
10374  DECL_ACCESSORS(indexed_callback, Object)
10375  DECL_ACCESSORS(data, Object)
10376 
10377  static inline AccessCheckInfo* cast(Object* obj);
10378 
10379  // Dispatched behavior.
10380  DECLARE_PRINTER(AccessCheckInfo)
10381  DECLARE_VERIFIER(AccessCheckInfo)
10382 
10383  static const int kNamedCallbackOffset = HeapObject::kHeaderSize;
10384  static const int kIndexedCallbackOffset = kNamedCallbackOffset + kPointerSize;
10385  static const int kDataOffset = kIndexedCallbackOffset + kPointerSize;
10386  static const int kSize = kDataOffset + kPointerSize;
10387 
10388  private:
10389  DISALLOW_IMPLICIT_CONSTRUCTORS(AccessCheckInfo);
10390 };
10391 
10392 
10393 class InterceptorInfo: public Struct {
10394  public:
10395  DECL_ACCESSORS(getter, Object)
10396  DECL_ACCESSORS(setter, Object)
10397  DECL_ACCESSORS(query, Object)
10398  DECL_ACCESSORS(deleter, Object)
10399  DECL_ACCESSORS(enumerator, Object)
10400  DECL_ACCESSORS(data, Object)
10401 
10402  static inline InterceptorInfo* cast(Object* obj);
10403 
10404  // Dispatched behavior.
10405  DECLARE_PRINTER(InterceptorInfo)
10406  DECLARE_VERIFIER(InterceptorInfo)
10407 
10408  static const int kGetterOffset = HeapObject::kHeaderSize;
10409  static const int kSetterOffset = kGetterOffset + kPointerSize;
10410  static const int kQueryOffset = kSetterOffset + kPointerSize;
10411  static const int kDeleterOffset = kQueryOffset + kPointerSize;
10412  static const int kEnumeratorOffset = kDeleterOffset + kPointerSize;
10413  static const int kDataOffset = kEnumeratorOffset + kPointerSize;
10414  static const int kSize = kDataOffset + kPointerSize;
10415 
10416  private:
10417  DISALLOW_IMPLICIT_CONSTRUCTORS(InterceptorInfo);
10418 };
10419 
10420 
10421 class CallHandlerInfo: public Struct {
10422  public:
10423  DECL_ACCESSORS(callback, Object)
10424  DECL_ACCESSORS(data, Object)
10425 
10426  static inline CallHandlerInfo* cast(Object* obj);
10427 
10428  // Dispatched behavior.
10429  DECLARE_PRINTER(CallHandlerInfo)
10430  DECLARE_VERIFIER(CallHandlerInfo)
10431 
10432  static const int kCallbackOffset = HeapObject::kHeaderSize;
10433  static const int kDataOffset = kCallbackOffset + kPointerSize;
10434  static const int kSize = kDataOffset + kPointerSize;
10435 
10436  private:
10437  DISALLOW_IMPLICIT_CONSTRUCTORS(CallHandlerInfo);
10438 };
10439 
10440 
10441 class TemplateInfo: public Struct {
10442  public:
10443  DECL_ACCESSORS(tag, Object)
10444  DECL_ACCESSORS(property_list, Object)
10445  DECL_ACCESSORS(property_accessors, Object)
10446 
10447  DECLARE_VERIFIER(TemplateInfo)
10448 
10449  static const int kTagOffset = HeapObject::kHeaderSize;
10450  static const int kPropertyListOffset = kTagOffset + kPointerSize;
10451  static const int kPropertyAccessorsOffset =
10452  kPropertyListOffset + kPointerSize;
10453  static const int kHeaderSize = kPropertyAccessorsOffset + kPointerSize;
10454 
10455  private:
10456  DISALLOW_IMPLICIT_CONSTRUCTORS(TemplateInfo);
10457 };
10458 
10459 
10460 class FunctionTemplateInfo: public TemplateInfo {
10461  public:
10462  DECL_ACCESSORS(serial_number, Object)
10463  DECL_ACCESSORS(call_code, Object)
10464  DECL_ACCESSORS(prototype_template, Object)
10465  DECL_ACCESSORS(parent_template, Object)
10466  DECL_ACCESSORS(named_property_handler, Object)
10467  DECL_ACCESSORS(indexed_property_handler, Object)
10468  DECL_ACCESSORS(instance_template, Object)
10469  DECL_ACCESSORS(class_name, Object)
10470  DECL_ACCESSORS(signature, Object)
10471  DECL_ACCESSORS(instance_call_handler, Object)
10472  DECL_ACCESSORS(access_check_info, Object)
10473  DECL_ACCESSORS(flag, Smi)
10474 
10475  inline int length();
10476  inline void set_length(int value);
10477 
10478  // Following properties use flag bits.
10479  DECL_BOOLEAN_ACCESSORS(hidden_prototype)
10480  DECL_BOOLEAN_ACCESSORS(undetectable)
10481  // If the bit is set, object instances created by this function
10482  // requires access check.
10483  DECL_BOOLEAN_ACCESSORS(needs_access_check)
10484  DECL_BOOLEAN_ACCESSORS(read_only_prototype)
10485  DECL_BOOLEAN_ACCESSORS(remove_prototype)
10486  DECL_BOOLEAN_ACCESSORS(do_not_cache)
10487 
10488  static inline FunctionTemplateInfo* cast(Object* obj);
10489 
10490  // Dispatched behavior.
10491  DECLARE_PRINTER(FunctionTemplateInfo)
10492  DECLARE_VERIFIER(FunctionTemplateInfo)
10493 
10494  static const int kSerialNumberOffset = TemplateInfo::kHeaderSize;
10495  static const int kCallCodeOffset = kSerialNumberOffset + kPointerSize;
10496  static const int kPrototypeTemplateOffset =
10497  kCallCodeOffset + kPointerSize;
10498  static const int kParentTemplateOffset =
10499  kPrototypeTemplateOffset + kPointerSize;
10500  static const int kNamedPropertyHandlerOffset =
10501  kParentTemplateOffset + kPointerSize;
10502  static const int kIndexedPropertyHandlerOffset =
10503  kNamedPropertyHandlerOffset + kPointerSize;
10504  static const int kInstanceTemplateOffset =
10505  kIndexedPropertyHandlerOffset + kPointerSize;
10506  static const int kClassNameOffset = kInstanceTemplateOffset + kPointerSize;
10507  static const int kSignatureOffset = kClassNameOffset + kPointerSize;
10508  static const int kInstanceCallHandlerOffset = kSignatureOffset + kPointerSize;
10509  static const int kAccessCheckInfoOffset =
10510  kInstanceCallHandlerOffset + kPointerSize;
10511  static const int kFlagOffset = kAccessCheckInfoOffset + kPointerSize;
10512  static const int kLengthOffset = kFlagOffset + kPointerSize;
10513  static const int kSize = kLengthOffset + kPointerSize;
10514 
10515  // Returns true if |object| is an instance of this function template.
10516  bool IsTemplateFor(Object* object);
10517  bool IsTemplateFor(Map* map);
10518 
10519  private:
10520  // Bit position in the flag, from least significant bit position.
10521  static const int kHiddenPrototypeBit = 0;
10522  static const int kUndetectableBit = 1;
10523  static const int kNeedsAccessCheckBit = 2;
10524  static const int kReadOnlyPrototypeBit = 3;
10525  static const int kRemovePrototypeBit = 4;
10526  static const int kDoNotCacheBit = 5;
10527 
10528  DISALLOW_IMPLICIT_CONSTRUCTORS(FunctionTemplateInfo);
10529 };
10530 
10531 
10532 class ObjectTemplateInfo: public TemplateInfo {
10533  public:
10534  DECL_ACCESSORS(constructor, Object)
10535  DECL_ACCESSORS(internal_field_count, Object)
10536 
10537  static inline ObjectTemplateInfo* cast(Object* obj);
10538 
10539  // Dispatched behavior.
10540  DECLARE_PRINTER(ObjectTemplateInfo)
10541  DECLARE_VERIFIER(ObjectTemplateInfo)
10542 
10543  static const int kConstructorOffset = TemplateInfo::kHeaderSize;
10544  static const int kInternalFieldCountOffset =
10545  kConstructorOffset + kPointerSize;
10546  static const int kSize = kInternalFieldCountOffset + kPointerSize;
10547 };
10548 
10549 
10550 class SignatureInfo: public Struct {
10551  public:
10552  DECL_ACCESSORS(receiver, Object)
10553  DECL_ACCESSORS(args, Object)
10554 
10555  static inline SignatureInfo* cast(Object* obj);
10556 
10557  // Dispatched behavior.
10558  DECLARE_PRINTER(SignatureInfo)
10559  DECLARE_VERIFIER(SignatureInfo)
10560 
10561  static const int kReceiverOffset = Struct::kHeaderSize;
10562  static const int kArgsOffset = kReceiverOffset + kPointerSize;
10563  static const int kSize = kArgsOffset + kPointerSize;
10564 
10565  private:
10566  DISALLOW_IMPLICIT_CONSTRUCTORS(SignatureInfo);
10567 };
10568 
10569 
10570 class TypeSwitchInfo: public Struct {
10571  public:
10572  DECL_ACCESSORS(types, Object)
10573 
10574  static inline TypeSwitchInfo* cast(Object* obj);
10575 
10576  // Dispatched behavior.
10577  DECLARE_PRINTER(TypeSwitchInfo)
10578  DECLARE_VERIFIER(TypeSwitchInfo)
10579 
10580  static const int kTypesOffset = Struct::kHeaderSize;
10581  static const int kSize = kTypesOffset + kPointerSize;
10582 };
10583 
10584 
10585 #ifdef ENABLE_DEBUGGER_SUPPORT
10586 // The DebugInfo class holds additional information for a function being
10587 // debugged.
10588 class DebugInfo: public Struct {
10589  public:
10590  // The shared function info for the source being debugged.
10591  DECL_ACCESSORS(shared, SharedFunctionInfo)
10592  // Code object for the original code.
10593  DECL_ACCESSORS(original_code, Code)
10594  // Code object for the patched code. This code object is the code object
10595  // currently active for the function.
10596  DECL_ACCESSORS(code, Code)
10597  // Fixed array holding status information for each active break point.
10598  DECL_ACCESSORS(break_points, FixedArray)
10599 
10600  // Check if there is a break point at a code position.
10601  bool HasBreakPoint(int code_position);
10602  // Get the break point info object for a code position.
10603  Object* GetBreakPointInfo(int code_position);
10604  // Clear a break point.
10605  static void ClearBreakPoint(Handle<DebugInfo> debug_info,
10606  int code_position,
10607  Handle<Object> break_point_object);
10608  // Set a break point.
10609  static void SetBreakPoint(Handle<DebugInfo> debug_info, int code_position,
10610  int source_position, int statement_position,
10611  Handle<Object> break_point_object);
10612  // Get the break point objects for a code position.
10613  Object* GetBreakPointObjects(int code_position);
10614  // Find the break point info holding this break point object.
10615  static Object* FindBreakPointInfo(Handle<DebugInfo> debug_info,
10616  Handle<Object> break_point_object);
10617  // Get the number of break points for this function.
10618  int GetBreakPointCount();
10619 
10620  static inline DebugInfo* cast(Object* obj);
10621 
10622  // Dispatched behavior.
10623  DECLARE_PRINTER(DebugInfo)
10624  DECLARE_VERIFIER(DebugInfo)
10625 
10626  static const int kSharedFunctionInfoIndex = Struct::kHeaderSize;
10627  static const int kOriginalCodeIndex = kSharedFunctionInfoIndex + kPointerSize;
10628  static const int kPatchedCodeIndex = kOriginalCodeIndex + kPointerSize;
10629  static const int kActiveBreakPointsCountIndex =
10630  kPatchedCodeIndex + kPointerSize;
10631  static const int kBreakPointsStateIndex =
10632  kActiveBreakPointsCountIndex + kPointerSize;
10633  static const int kSize = kBreakPointsStateIndex + kPointerSize;
10634 
10635  private:
10636  static const int kNoBreakPointInfo = -1;
10637 
10638  // Lookup the index in the break_points array for a code position.
10639  int GetBreakPointInfoIndex(int code_position);
10640 
10641  DISALLOW_IMPLICIT_CONSTRUCTORS(DebugInfo);
10642 };
10643 
10644 
10645 // The BreakPointInfo class holds information for break points set in a
10646 // function. The DebugInfo object holds a BreakPointInfo object for each code
10647 // position with one or more break points.
10648 class BreakPointInfo: public Struct {
10649  public:
10650  // The position in the code for the break point.
10651  DECL_ACCESSORS(code_position, Smi)
10652  // The position in the source for the break position.
10653  DECL_ACCESSORS(source_position, Smi)
10654  // The position in the source for the last statement before this break
10655  // position.
10656  DECL_ACCESSORS(statement_position, Smi)
10657  // List of related JavaScript break points.
10658  DECL_ACCESSORS(break_point_objects, Object)
10659 
10660  // Removes a break point.
10661  static void ClearBreakPoint(Handle<BreakPointInfo> info,
10662  Handle<Object> break_point_object);
10663  // Set a break point.
10664  static void SetBreakPoint(Handle<BreakPointInfo> info,
10665  Handle<Object> break_point_object);
10666  // Check if break point info has this break point object.
10667  static bool HasBreakPointObject(Handle<BreakPointInfo> info,
10668  Handle<Object> break_point_object);
10669  // Get the number of break points for this code position.
10670  int GetBreakPointCount();
10671 
10672  static inline BreakPointInfo* cast(Object* obj);
10673 
10674  // Dispatched behavior.
10675  DECLARE_PRINTER(BreakPointInfo)
10676  DECLARE_VERIFIER(BreakPointInfo)
10677 
10678  static const int kCodePositionIndex = Struct::kHeaderSize;
10679  static const int kSourcePositionIndex = kCodePositionIndex + kPointerSize;
10680  static const int kStatementPositionIndex =
10681  kSourcePositionIndex + kPointerSize;
10682  static const int kBreakPointObjectsIndex =
10683  kStatementPositionIndex + kPointerSize;
10684  static const int kSize = kBreakPointObjectsIndex + kPointerSize;
10685 
10686  private:
10687  DISALLOW_IMPLICIT_CONSTRUCTORS(BreakPointInfo);
10688 };
10689 #endif // ENABLE_DEBUGGER_SUPPORT
10690 
10691 
10692 #undef DECL_BOOLEAN_ACCESSORS
10693 #undef DECL_ACCESSORS
10694 #undef DECLARE_VERIFIER
10695 
10696 #define VISITOR_SYNCHRONIZATION_TAGS_LIST(V) \
10697  V(kStringTable, "string_table", "(Internalized strings)") \
10698  V(kExternalStringsTable, "external_strings_table", "(External strings)") \
10699  V(kStrongRootList, "strong_root_list", "(Strong roots)") \
10700  V(kSmiRootList, "smi_root_list", "(Smi roots)") \
10701  V(kInternalizedString, "internalized_string", "(Internal string)") \
10702  V(kBootstrapper, "bootstrapper", "(Bootstrapper)") \
10703  V(kTop, "top", "(Isolate)") \
10704  V(kRelocatable, "relocatable", "(Relocatable)") \
10705  V(kDebug, "debug", "(Debugger)") \
10706  V(kCompilationCache, "compilationcache", "(Compilation cache)") \
10707  V(kHandleScope, "handlescope", "(Handle scope)") \
10708  V(kBuiltins, "builtins", "(Builtins)") \
10709  V(kGlobalHandles, "globalhandles", "(Global handles)") \
10710  V(kEternalHandles, "eternalhandles", "(Eternal handles)") \
10711  V(kThreadManager, "threadmanager", "(Thread manager)") \
10712  V(kExtensions, "Extensions", "(Extensions)")
10713 
10714 class VisitorSynchronization : public AllStatic {
10715  public:
10716 #define DECLARE_ENUM(enum_item, ignore1, ignore2) enum_item,
10717  enum SyncTag {
10718  VISITOR_SYNCHRONIZATION_TAGS_LIST(DECLARE_ENUM)
10719  kNumberOfSyncTags
10720  };
10721 #undef DECLARE_ENUM
10722 
10723  static const char* const kTags[kNumberOfSyncTags];
10724  static const char* const kTagNames[kNumberOfSyncTags];
10725 };
10726 
10727 // Abstract base class for visiting, and optionally modifying, the
10728 // pointers contained in Objects. Used in GC and serialization/deserialization.
10729 class ObjectVisitor BASE_EMBEDDED {
10730  public:
10731  virtual ~ObjectVisitor() {}
10732 
10733  // Visits a contiguous arrays of pointers in the half-open range
10734  // [start, end). Any or all of the values may be modified on return.
10735  virtual void VisitPointers(Object** start, Object** end) = 0;
10736 
10737  // Handy shorthand for visiting a single pointer.
10738  virtual void VisitPointer(Object** p) { VisitPointers(p, p + 1); }
10739 
10740  // Visit weak next_code_link in Code object.
10741  virtual void VisitNextCodeLink(Object** p) { VisitPointers(p, p + 1); }
10742 
10743  // To allow lazy clearing of inline caches the visitor has
10744  // a rich interface for iterating over Code objects..
10745 
10746  // Visits a code target in the instruction stream.
10747  virtual void VisitCodeTarget(RelocInfo* rinfo);
10748 
10749  // Visits a code entry in a JS function.
10750  virtual void VisitCodeEntry(Address entry_address);
10751 
10752  // Visits a global property cell reference in the instruction stream.
10753  virtual void VisitCell(RelocInfo* rinfo);
10754 
10755  // Visits a runtime entry in the instruction stream.
10756  virtual void VisitRuntimeEntry(RelocInfo* rinfo) {}
10757 
10758  // Visits the resource of an ASCII or two-byte string.
10759  virtual void VisitExternalAsciiString(
10760  v8::String::ExternalAsciiStringResource** resource) {}
10761  virtual void VisitExternalTwoByteString(
10762  v8::String::ExternalStringResource** resource) {}
10763 
10764  // Visits a debug call target in the instruction stream.
10765  virtual void VisitDebugTarget(RelocInfo* rinfo);
10766 
10767  // Visits the byte sequence in a function's prologue that contains information
10768  // about the code's age.
10769  virtual void VisitCodeAgeSequence(RelocInfo* rinfo);
10770 
10771  // Visit pointer embedded into a code object.
10772  virtual void VisitEmbeddedPointer(RelocInfo* rinfo);
10773 
10774  // Visits an external reference embedded into a code object.
10775  virtual void VisitExternalReference(RelocInfo* rinfo);
10776 
10777  // Visits an external reference. The value may be modified on return.
10778  virtual void VisitExternalReference(Address* p) {}
10779 
10780  // Visits a handle that has an embedder-assigned class ID.
10781  virtual void VisitEmbedderReference(Object** p, uint16_t class_id) {}
10782 
10783  // Intended for serialization/deserialization checking: insert, or
10784  // check for the presence of, a tag at this position in the stream.
10785  // Also used for marking up GC roots in heap snapshots.
10786  virtual void Synchronize(VisitorSynchronization::SyncTag tag) {}
10787 };
10788 
10789 
10790 class StructBodyDescriptor : public
10791  FlexibleBodyDescriptor<HeapObject::kHeaderSize> {
10792  public:
10793  static inline int SizeOf(Map* map, HeapObject* object) {
10794  return map->instance_size();
10795  }
10796 };
10797 
10798 
10799 // BooleanBit is a helper class for setting and getting a bit in an
10800 // integer or Smi.
10801 class BooleanBit : public AllStatic {
10802  public:
10803  static inline bool get(Smi* smi, int bit_position) {
10804  return get(smi->value(), bit_position);
10805  }
10806 
10807  static inline bool get(int value, int bit_position) {
10808  return (value & (1 << bit_position)) != 0;
10809  }
10810 
10811  static inline Smi* set(Smi* smi, int bit_position, bool v) {
10812  return Smi::FromInt(set(smi->value(), bit_position, v));
10813  }
10814 
10815  static inline int set(int value, int bit_position, bool v) {
10816  if (v) {
10817  value |= (1 << bit_position);
10818  } else {
10819  value &= ~(1 << bit_position);
10820  }
10821  return value;
10822  }
10823 };
10824 
10825 } } // namespace v8::internal
10826 
10827 #endif // V8_OBJECTS_H_
v8::internal::Address
byte * Address
Definition: globals.h:186
v8::internal::AllocationSite::kPretenureRatio
static const double kPretenureRatio
Definition: objects.h:8261
v8::internal::NULL
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object Array DOM strings and string pretenure call new trace pretenuring decisions of HAllocate instructions track fields with only smi values track fields with heap values track_fields track_fields Enables optimizations which favor memory size over execution speed use string slices optimization filter maximum number of GVN fix point iterations use function inlining use allocation folding eliminate write barriers targeting allocations in optimized code maximum source size in bytes considered for a single inlining maximum cumulative number of AST nodes considered for inlining crankshaft harvests type feedback from stub cache trace check elimination phase hydrogen tracing filter NULL
Definition: flags.cc:269
v8::internal::BASE_EMBEDDED::FromRawValue
static MapWord FromRawValue(uintptr_t value)
Definition: objects.h:1783
v8::internal::kShortcutTypeTag
const uint32_t kShortcutTypeTag
Definition: objects.h:656
v8::internal::Object::GetElementWithReceiver
static Handle< Object > GetElementWithReceiver(Isolate *isolate, Handle< Object > object, Handle< Object > receiver, uint32_t index)
Definition: objects.cc:965
v8::internal::Map::set_elements_kind
void set_elements_kind(ElementsKind elements_kind)
Definition: objects.h:5937
v8::internal::StructBodyDescriptor
Definition: objects.h:10790
v8::internal::BASE_EMBEDDED::VisitExternalAsciiString
virtual void VisitExternalAsciiString(v8::String::ExternalAsciiStringResource **resource)
Definition: objects.h:10759
v8::internal::FixedArraySubInstanceType
FixedArraySubInstanceType
Definition: objects.h:874
v8::internal::HashTable::KeyAt
Object * KeyAt(int entry)
Definition: objects.h:3697
v8::internal::STATIC_CHECK
STATIC_CHECK((kStringRepresentationMask|kStringEncodingMask)==Internals::kFullStringRepresentationMask)
v8::internal::FixedArray::kMaxLength
static const int kMaxLength
Definition: objects.h:3085
FOR_EACH_NUMERIC_FIELD
#define FOR_EACH_NUMERIC_FIELD(V)
Definition: objects.h:4474
v8::internal::AllocationSite::set_deopt_dependent_code
void set_deopt_dependent_code(bool deopt)
Definition: objects.h:8326
v8::internal::BASE_EMBEDDED::VisitExternalTwoByteString
virtual void VisitExternalTwoByteString(v8::String::ExternalStringResource **resource)
Definition: objects.h:10761
v8::internal::IsExternalArrayElementsKind
bool IsExternalArrayElementsKind(ElementsKind kind)
Definition: elements-kind.h:113
v8::internal::String::kSize
static const int kSize
Definition: objects.h:8906
v8::internal::BaseShape::SeededHash
static uint32_t SeededHash(Key key, uint32_t seed)
Definition: objects.h:3622
v8::internal::Map::has_external_array_elements
bool has_external_array_elements()
Definition: objects.h:5976
v8::internal::HashTable::EntryToIndex
static int EntryToIndex(int entry)
Definition: objects.h:3754
ToCString
const char * ToCString(const v8::String::Utf8Value &value)
Definition: lineprocessor.cc:338
v8::internal::HashTableKey::Hash
virtual uint32_t Hash()=0
v8::internal::BASE_EMBEDDED::Synchronize
virtual void Synchronize(VisitorSynchronization::SyncTag tag)
Definition: objects.h:10786
v8::internal::FixedArray::RawFieldOfElementAt
Object ** RawFieldOfElementAt(int index)
Definition: objects.h:3073
v8::internal::SlicedString::BodyDescriptor
FixedBodyDescriptor< kParentOffset, kOffsetOffset+kPointerSize, kSize > BodyDescriptor
Definition: objects.h:9218
v8::internal::AllocationMemento::GetAllocationSite
AllocationSite * GetAllocationSite()
Definition: objects.h:8452
v8::internal::JSObject::BodyDescriptor
Definition: objects.h:2761
v8::internal::FixedArray::set
void set(int index, Object *value)
Definition: objects-inl.h:2147
v8::internal::Map::is_hidden_prototype
bool is_hidden_prototype()
Definition: objects.h:5889
v8::internal::Representation::Smi
static Representation Smi()
Definition: property-details.h:111
v8::internal::CompilationCacheShape::Hash
static uint32_t Hash(HashTableKey *key)
Definition: objects.h:7998
v8::internal::DeoptimizationOutputData::SetAstId
void SetAstId(int index, BailoutId id)
Definition: objects.h:5148
DECLARE_FUNCTION_ID
#define DECLARE_FUNCTION_ID(ignored1, ignore2, name)
Definition: objects.h:6682
v8::internal::map
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object Array DOM strings and string pretenure call new trace pretenuring decisions of HAllocate instructions track fields with only smi values track fields with heap values track_fields track_fields Enables optimizations which favor memory size over execution speed use string slices optimization filter maximum number of GVN fix point iterations use function inlining use allocation folding eliminate write barriers targeting allocations in optimized code maximum source size in bytes considered for a single inlining maximum cumulative number of AST nodes considered for inlining crankshaft harvests type feedback from stub cache trace check elimination phase hydrogen tracing filter trace hydrogen to given file name trace inlining decisions trace store elimination trace all use positions trace global value numbering trace hydrogen escape analysis trace the tracking of allocation sites trace map generalization environment for every instruction deoptimize every n garbage collections put a break point before deoptimizing deoptimize uncommon cases use on stack replacement trace array bounds check elimination perform array index dehoisting use load elimination use store elimination use constant folding eliminate unreachable code number of stress runs when picking a function to watch for shared function not JSFunction itself flushes the cache of optimized code for closures on every GC functions with arguments object maximum number of escape analysis fix point iterations allow uint32 values on optimize frames if they are used only in safe operations track concurrent recompilation artificial compilation delay in ms concurrent on stack replacement do not emit check maps for constant values that have a leaf map
Definition: flags.cc:350
v8::internal::BASE_EMBEDDED::VisitExternalReference
virtual void VisitExternalReference(Address *p)
Definition: objects.h:10778
DECLARE_CODE_AGE_ENUM
#define DECLARE_CODE_AGE_ENUM(X)
Definition: objects.h:5531
v8::internal::is_expression
kInstanceClassNameOffset kNeedsAccessCheckBit kRemovePrototypeBit is_expression
Definition: objects-inl.h:5123
v8::internal::Dictionary::DetailsAtPut
void DetailsAtPut(int entry, PropertyDetails value)
Definition: objects.h:3947
v8::internal::needs_access_check
kInstanceClassNameOffset needs_access_check
Definition: objects-inl.h:5115
v8::internal::Oddball::BodyDescriptor
FixedBodyDescriptor< kToStringOffset, kToNumberOffset+kPointerSize, kSize > BodyDescriptor
Definition: objects.h:9513
v8::internal::kTwoByteStringTag
const uint32_t kTwoByteStringTag
Definition: objects.h:610
v8::internal::AddKeysFromJSArray
Handle< FixedArray > AddKeysFromJSArray(Handle< FixedArray > content, Handle< JSArray > array)
Definition: handles.cc:127
v8::internal::kFailureTypeTagSize
const int kFailureTypeTagSize
Definition: objects.h:1712
v8::internal::HashTableKey::HashForObject
virtual uint32_t HashForObject(Object *key)=0
v8::internal::kStubMajorKeyBits
const int kStubMajorKeyBits
Definition: objects.h:316
v8::internal::FixedArray::BodyDescriptor::SizeOf
static int SizeOf(Map *map, HeapObject *object)
Definition: objects.h:3107
v8::internal::BASE_EMBEDDED::VisitRuntimeEntry
virtual void VisitRuntimeEntry(RelocInfo *rinfo)
Definition: objects.h:10756
v8::internal::Object::ToUint32
bool ToUint32(uint32_t *value)
Definition: objects.cc:200
v8::internal::Map::set_is_observed
void set_is_observed()
Definition: objects.h:5926
v8::internal::Smi::FromInt
static Smi * FromInt(int value)
Definition: objects-inl.h:1209
v8::internal::IsFastObjectElementsKind
bool IsFastObjectElementsKind(ElementsKind kind)
Definition: elements-kind.h:180
v8::internal::MapCacheShape::AsObject
static MUST_USE_RESULT MaybeObject * AsObject(Heap *heap, HashTableKey *key)
Definition: objects.h:3896
v8::internal::Internals::kOddballKindOffset
static const int kOddballKindOffset
Definition: v8.h:5557
v8::internal::NormalizedMapSharingMode
NormalizedMapSharingMode
Definition: objects.h:260
v8::internal::Object::ToSmi
MUST_USE_RESULT MaybeObject * ToSmi()
Definition: objects-inl.h:1042
v8::internal::AllocationSite::set_memento_create_count
void set_memento_create_count(int count)
Definition: objects.h:8344
v8::internal::AllocationSite::pretenure_decision
PretenureDecision pretenure_decision()
Definition: objects.h:8309
v8::internal::kCodeAlignmentMask
const intptr_t kCodeAlignmentMask
Definition: v8globals.h:59
v8::internal::Object::GetHash
Object * GetHash()
Definition: objects.cc:1070
v8::internal::remove_prototype
kInstanceClassNameOffset kNeedsAccessCheckBit remove_prototype
Definition: objects-inl.h:5119
v8::internal::Map::NumberOfOwnDescriptors
int NumberOfOwnDescriptors()
Definition: objects.h:6174
v8::internal::start_position_and_type
kInstanceClassNameOffset kNeedsAccessCheckBit kRemovePrototypeBit start_position_and_type
Definition: objects-inl.h:5123
v8::internal::BASE_EMBEDDED::VisitPointer
virtual void VisitPointer(Object **p)
Definition: objects.h:10738
v8::internal::CodeCacheHashTableShape::Hash
static uint32_t Hash(HashTableKey *key)
Definition: objects.h:8101
v8::internal::Object::GetPropertyWithDefinedGetter
MUST_USE_RESULT MaybeObject * GetPropertyWithDefinedGetter(Object *receiver, JSReceiver *getter)
Definition: objects.cc:529
v8::internal::Map::InitialPropertiesLength
int InitialPropertiesLength()
Definition: objects.h:6281
v8::internal::Object::VerifyApiCallResultType
void VerifyApiCallResultType()
Definition: objects-inl.h:2104
v8::internal::Internals::kFirstNonstringType
static const int kFirstNonstringType
Definition: v8.h:5586
v8::internal::Object::AllocateNewStorageFor
MaybeObject * AllocateNewStorageFor(Heap *heap, Representation representation)
Definition: objects-inl.h:279
v8::internal::Map::set_has_named_interceptor
void set_has_named_interceptor()
Definition: objects.h:5894
v8::internal::ExternalArray::is_the_hole
bool is_the_hole(int index)
Definition: objects.h:4689
v8::internal::kSmiValueSize
const int kSmiValueSize
Definition: v8.h:5540
v8::internal::kVariableSizeSentinel
const int kVariableSizeSentinel
Definition: objects.h:314
v8::internal::Cell::ValueAddress
Address ValueAddress()
Definition: objects.h:9538
v8::internal::BASE_EMBEDDED::invalidate
void invalidate()
Definition: objects.h:8587
v8::internal::uc32
int32_t uc32
Definition: globals.h:310
v8::internal::Object
kSerializedDataOffset Object
Definition: objects-inl.h:5016
DECL_INDEX
#define DECL_INDEX(name)
Definition: objects.h:4496
v8::internal::Object::ToInt32
bool ToInt32(int32_t *value)
Definition: objects.cc:184
v8::internal::Code::GetPreAgedCodeAgeStub
static Code * GetPreAgedCodeAgeStub(Isolate *isolate)
Definition: objects.h:5559
v8::internal::Map::has_fast_object_elements
bool has_fast_object_elements()
Definition: objects.h:5956
v8::internal::Code::is_optimized_code
bool is_optimized_code()
Definition: objects.h:5311
unibrow::int32_t
int int32_t
Definition: unicode.cc:47
v8::internal::AllocationSite::cast
static AllocationSite * cast(Object *obj)
v8::internal::PrimitiveValueDescriptor::data_type
v8::DeclaredAccessorDescriptorDataType data_type
Definition: objects.h:10180
v8::internal::DeleteProperty
Handle< Object > DeleteProperty(Handle< JSObject > object, Handle< Object > key)
Definition: handles.cc:170
v8::internal::KeyedAccessStoreMode
KeyedAccessStoreMode
Definition: objects.h:164
v8::internal::Object::SameValue
bool SameValue(Object *other)
Definition: objects.cc:1102
v8::internal::Object::ToObject
MUST_USE_RESULT MaybeObject * ToObject(Isolate *isolate)
Definition: objects.cc:91
v8::internal::StringTableShape::HashForObject
static uint32_t HashForObject(HashTableKey *key, Object *object)
Definition: objects.h:3840
v8::internal::StringTableShape::Hash
static uint32_t Hash(HashTableKey *key)
Definition: objects.h:3837
v8::internal::MapCacheShape::IsMatch
static bool IsMatch(HashTableKey *key, Object *value)
Definition: objects.h:3885
v8::internal::BASE_EMBEDDED::~ObjectVisitor
virtual ~ObjectVisitor()
Definition: objects.h:10731
v8::internal::kIsNotInternalizedMask
const uint32_t kIsNotInternalizedMask
Definition: objects.h:603
v8::internal::FixedArray::BodyDescriptor
Definition: objects.h:3105
v8::internal::Object::GetElementNoExceptionThrown
static Handle< Object > GetElementNoExceptionThrown(Isolate *isolate, Handle< Object > object, uint32_t index)
Definition: objects-inl.h:1071
v8::internal::kSignMask
const int kSignMask
Definition: constants-mips.h:259
v8::internal::Code::Flags
uint32_t Flags
Definition: objects.h:5184
v8::internal::Map::has_fast_double_elements
bool has_fast_double_elements()
Definition: objects.h:5964
v8::internal::Smi::FromIntptr
static Smi * FromIntptr(intptr_t value)
Definition: objects-inl.h:1215
v8::internal::Map::SetEnumLength
void SetEnumLength(int length)
Definition: objects.h:6189
v8::internal::UnionOfKeys
Handle< FixedArray > UnionOfKeys(Handle< FixedArray > first, Handle< FixedArray > second)
Definition: handles.cc:134
v8::internal::BASE_EMBEDDED::PostGarbageCollection
virtual void PostGarbageCollection()
Definition: objects.h:9345
ASSERT
#define ASSERT(condition)
Definition: checks.h:329
DECLARE_PRINTER
#define DECLARE_PRINTER(Name)
Definition: objects.h:930
v8::internal::Object::GetPropertyWithReceiver
static Handle< Object > GetPropertyWithReceiver(Handle< Object > object, Handle< Object > receiver, Handle< Name > name, PropertyAttributes *attributes)
Definition: objects.cc:159
v8::internal::BASE_EMBEDDED
Definition: arguments.h:48
v8::ExternalArrayType
ExternalArrayType
Definition: v8.h:2113
unibrow::uint16_t
unsigned short uint16_t
Definition: unicode.cc:46
OBJECT_TYPE_LIST
#define OBJECT_TYPE_LIST(V)
Definition: objects.h:988
VISITOR_SYNCHRONIZATION_TAGS_LIST
#define VISITOR_SYNCHRONIZATION_TAGS_LIST(V)
Definition: objects.h:10696
v8::internal::VectorIterator::VectorIterator
VectorIterator(Vector< const T > data)
Definition: objects.h:9462
v8::internal::Dictionary::cast
static Dictionary< Shape, Key > * cast(Object *obj)
Definition: objects.h:3925
v8::internal::Code::IsWeakObject
bool IsWeakObject(Object *object)
Definition: objects.h:5570
v8::internal::kCodeAlignment
const intptr_t kCodeAlignment
Definition: v8globals.h:58
POINTER_SIZE_ALIGN
#define POINTER_SIZE_ALIGN(value)
Definition: v8globals.h:390
v8::internal::Map::has_sloppy_arguments_elements
bool has_sloppy_arguments_elements()
Definition: objects.h:5972
IS_TYPE_FUNCTION_DECL
#define IS_TYPE_FUNCTION_DECL(type_)
Definition: objects.h:1445
FIXED_TYPED_ARRAY_TRAITS
#define FIXED_TYPED_ARRAY_TRAITS(Type, type, TYPE, elementType, size)
Definition: objects.h:5023
v8::internal::kStringRepresentationMask
const uint32_t kStringRepresentationMask
Definition: objects.h:615
v8::internal::Object::NonFailureIsHeapObject
bool NonFailureIsHeapObject()
Definition: objects-inl.h:173
v8::internal::MapCacheShape::Hash
static uint32_t Hash(HashTableKey *key)
Definition: objects.h:3888
ERROR_MESSAGES_LIST
#define ERROR_MESSAGES_LIST(V)
Definition: objects.h:1093
CHECK
#define CHECK(condition)
Definition: checks.h:75
v8::internal::kExternalArrayTypeCount
const int kExternalArrayTypeCount
Definition: objects.h:854
v8::internal::Representation::Double
static Representation Double()
Definition: property-details.h:113
v8::internal::Map::set_is_undetectable
void set_is_undetectable()
Definition: objects.h:5917
v8::internal::Internals::kStringResourceOffset
static const int kStringResourceOffset
Definition: v8.h:5555
v8::internal::Code::is_load_stub
bool is_load_stub()
Definition: objects.h:5302
DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE
#define DEFINE_FIXED_ARRAY_SUB_INSTANCE_TYPE(name)
Definition: objects.h:875
v8::internal::Object::HasSpecificClassOf
bool HasSpecificClassOf(String *name)
Definition: objects-inl.h:1055
v8::internal::ExternalTwoByteString::Resource
v8::String::ExternalStringResource Resource
Definition: objects.h:9303
DEFINE_ELEMENT_ACCESSORS
#define DEFINE_ELEMENT_ACCESSORS(name, type)
Definition: objects.h:5066
v8::internal::HashTable::Hash
uint32_t Hash(Key key)
Definition: objects.h:3637
v8::internal::Internals::kJSObjectHeaderSize
static const int kJSObjectHeaderSize
Definition: v8.h:5559
v8::internal::IsFastElementsKind
bool IsFastElementsKind(ElementsKind kind)
Definition: elements-kind.h:131
PropertyAttributes
PropertyAttributes
Definition: property-details.h:36
v8::internal::kShortExternalStringMask
const uint32_t kShortExternalStringMask
Definition: objects.h:643
v8::internal::StringTableShape::IsMatch
static bool IsMatch(HashTableKey *key, Object *value)
Definition: objects.h:3834
v8::internal::SharedFunctionInfo::BodyDescriptor
FixedBodyDescriptor< kNameOffset, kInitialMapOffset+kPointerSize, kSize > BodyDescriptor
Definition: objects.h:7200
v8::internal::internal_field_count
kSerializedDataOffset kPrototypeTemplateOffset kIndexedPropertyHandlerOffset kInstanceCallHandlerOffset internal_field_count
Definition: objects-inl.h:5034
v8::internal::Map::has_fast_elements
bool has_fast_elements()
Definition: objects.h:5968
v8::internal::BailoutId::ToInt
int ToInt() const
Definition: utils.h:1162
v8::internal::HeapObject::RawField
static Object ** RawField(HeapObject *obj, int offset)
Definition: objects-inl.h:1199
v8::internal::kIntSize
const int kIntSize
Definition: globals.h:263
v8::internal::Smi::cast
static Smi * cast(Object *object)
v8::internal::HasProperty
Handle< Object > HasProperty(Handle< JSReceiver > obj, Handle< Object > key)
Definition: handles.cc:189
v8::internal::HeapObject::kHeaderSize
static const int kHeaderSize
Definition: objects.h:1891
v8::internal::String::IsAscii
static bool IsAscii(const char *chars, int length)
Definition: objects.h:8966
v8::internal::Object::GetMarkerMap
Map * GetMarkerMap(Isolate *isolate)
Definition: objects.cc:1064
v8::internal::flag
kInstanceClassNameOffset flag
Definition: objects-inl.h:5115
v8::internal::JSArray::kSize
static const int kSize
Definition: objects.h:10077
v8::internal::WeakHashTable::Zap
void Zap(Object *value)
Definition: objects.h:4296
v8::internal::Map::has_slow_elements_kind
bool has_slow_elements_kind()
Definition: objects.h:5988
v8::internal::byte
uint8_t byte
Definition: globals.h:185
v8::internal::String::IsOneByte
static bool IsOneByte(const uc16 *chars, int length)
Definition: objects.h:8985
v8::internal::BooleanBit::set
static int set(int value, int bit_position, bool v)
Definition: objects.h:10815
v8::internal::Dictionary::ValueAt
Object * ValueAt(int entry)
Definition: objects.h:3930
v8::internal::DeoptimizationInputData::SetAstId
void SetAstId(int i, BailoutId value)
Definition: objects.h:5104
v8::internal::Object::kHeaderSize
static const int kHeaderSize
Definition: objects.h:1644
v8::internal::kNotStringTag
const uint32_t kNotStringTag
Definition: objects.h:599
v8::internal::DescriptorArray::CopyEnumCacheFrom
void CopyEnumCacheFrom(DescriptorArray *array)
Definition: objects.h:3357
v8::internal::DeoptimizationOutputData::SetPcAndState
void SetPcAndState(int index, Smi *offset)
Definition: objects.h:5153
v8::internal::Internals::kFixedArrayHeaderSize
static const int kFixedArrayHeaderSize
Definition: v8.h:5560
v8::internal::mode
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object Array DOM strings and string pretenure call new trace pretenuring decisions of HAllocate instructions track fields with only smi values track fields with heap values track_fields track_fields Enables optimizations which favor memory size over execution speed use string slices optimization filter maximum number of GVN fix point iterations use function inlining use allocation folding eliminate write barriers targeting allocations in optimized code maximum source size in bytes considered for a single inlining maximum cumulative number of AST nodes considered for inlining crankshaft harvests type feedback from stub cache trace check elimination phase hydrogen tracing filter trace hydrogen to given file name trace inlining decisions trace store elimination trace all use positions trace global value numbering trace hydrogen escape analysis trace the tracking of allocation sites trace map generalization environment for every instruction deoptimize every n garbage collections put a break point before deoptimizing deoptimize uncommon cases use on stack replacement trace array bounds check elimination perform array index dehoisting use load elimination use store elimination use constant folding eliminate unreachable code number of stress runs when picking a function to watch for shared function not JSFunction itself flushes the cache of optimized code for closures on every GC functions with arguments object maximum number of escape analysis fix point iterations allow uint32 values on optimize frames if they are used only in safe operations track concurrent recompilation artificial compilation delay in ms concurrent on stack replacement do not emit check maps for constant values that have a leaf deoptimize the optimized code if the layout of the maps changes number of stack frames inspected by the profiler percentage of ICs that must have type info to allow optimization extra verbose compilation tracing generate extra emit comments in code disassembly enable use of SSE3 instructions if available enable use of CMOV instruction if available enable use of VFP3 instructions if available enable use of NEON instructions if enable use of SDIV and UDIV instructions if enable loading bit constant by means of movw movt instruction enable unaligned accesses for enable use of d16 d31 registers on ARM this requires VFP3 force all emitted branches to be in long mode(MIPS only)") DEFINE_string(expose_natives_as
v8::internal::StructBodyDescriptor::SizeOf
static int SizeOf(Map *map, HeapObject *object)
Definition: objects.h:10793
v8::internal::size
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object size
Definition: flags.cc:211
v8::internal::BASE_EMBEDDED::IterateInstance
virtual void IterateInstance(ObjectVisitor *v)
Definition: objects.h:9344
v8::internal::ByteArray::LengthFor
static int LengthFor(int size_in_bytes)
Definition: objects.h:4598
v8::internal::Map::has_fixed_typed_array_elements
bool has_fixed_typed_array_elements()
Definition: objects.h:5980
GLOBAL
#define GLOBAL
Definition: hydrogen-check-elimination.cc:32
v8::internal::SeededNumberDictionary::cast
static SeededNumberDictionary * cast(Object *obj)
Definition: objects.h:4104
v8::internal::Map::has_fast_smi_elements
bool has_fast_smi_elements()
Definition: objects.h:5951
v8::internal::STATIC_ASSERT
STATIC_ASSERT(sizeof(CPURegister)==sizeof(Register))
v8::internal::Object::IsStringObjectWithCharacterAt
bool IsStringObjectWithCharacterAt(uint32_t index)
Definition: objects-inl.h:2091
MUST_USE_RESULT
#define MUST_USE_RESULT
Definition: globals.h:381
v8::internal::flags
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object Array DOM strings and string pretenure call new trace pretenuring decisions of HAllocate instructions track fields with only smi values track fields with heap values track_fields track_fields Enables optimizations which favor memory size over execution speed use string slices optimization filter maximum number of GVN fix point iterations use function inlining use allocation folding eliminate write barriers targeting allocations in optimized code maximum source size in bytes considered for a single inlining maximum cumulative number of AST nodes considered for inlining crankshaft harvests type feedback from stub cache trace check elimination phase hydrogen tracing filter trace hydrogen to given file name trace inlining decisions trace store elimination trace all use positions trace global value numbering trace hydrogen escape analysis trace the tracking of allocation sites trace map generalization environment for every instruction deoptimize every n garbage collections put a break point before deoptimizing deoptimize uncommon cases use on stack replacement trace array bounds check elimination perform array index dehoisting use load elimination use store elimination use constant folding eliminate unreachable code number of stress runs when picking a function to watch for shared function not JSFunction itself flushes the cache of optimized code for closures on every GC functions with arguments object maximum number of escape analysis fix point iterations allow uint32 values on optimize frames if they are used only in safe operations track concurrent recompilation artificial compilation delay in ms concurrent on stack replacement do not emit check maps for constant values that have a leaf deoptimize the optimized code if the layout of the maps changes number of stack frames inspected by the profiler percentage of ICs that must have type info to allow optimization extra verbose compilation tracing generate extra emit comments in code disassembly enable use of SSE3 instructions if available enable use of CMOV instruction if available enable use of VFP3 instructions if available enable use of NEON instructions if enable use of SDIV and UDIV instructions if enable loading bit constant by means of movw movt instruction enable unaligned accesses for enable use of d16 d31 registers on ARM this requires VFP3 force all emitted branches to be in long expose natives in global object expose freeBuffer extension expose gc extension under the specified name expose externalize string extension number of stack frames to capture disable builtin natives files print name of functions for which code is generated use random jit cookie to mask large constants trace lazy optimization use adaptive optimizations always try to OSR functions trace optimize function deoptimization minimum length for automatic enable preparsing maximum number of optimization attempts before giving up cache prototype transitions trace debugging JSON request response trace out of bounds accesses to external arrays trace_js_array_abuse automatically set the debug break flag when debugger commands are in the queue abort by crashing maximum length of function source code printed in a stack trace max size of the new max size of the old max size of executable always perform global GCs print one trace line following each garbage collection do not print trace line after scavenger collection print statistics of the maximum memory committed for the heap in only print modified registers Don t break for ASM_UNIMPLEMENTED_BREAK macros print stack trace when an illegal exception is thrown randomize hashes to avoid predictable hash Fixed seed to use to hash property Print the time it takes to deserialize the snapshot testing_bool_flag testing_int_flag string flag tmp file in which to serialize heap Print the time it takes to lazily compile hydrogen code stubs concurrent_recompilation concurrent_sweeping Print usage including flags
Definition: flags.cc:665
v8::internal::Object::GetPropertyOrFail
static MUST_USE_RESULT MaybeObject * GetPropertyOrFail(Handle< Object > object, Handle< Object > receiver, LookupResult *result, Handle< Name > key, PropertyAttributes *attributes)
Definition: objects.cc:842
v8::internal::kDoubleSize
const int kDoubleSize
Definition: globals.h:266
v8::internal::FixedTypedArray::SizeFor
static int SizeFor(int length)
Definition: objects.h:4997
v8::internal::Object::FitsRepresentation
bool FitsRepresentation(Representation representation)
Definition: objects.h:1507
v8::internal::Representation::HeapObject
static Representation HeapObject()
Definition: property-details.h:114
DECLARE_ENUM
#define DECLARE_ENUM(enum_item, ignore1, ignore2)
Definition: objects.h:10716
v8::internal::Map::SetNumberOfProtoTransitions
void SetNumberOfProtoTransitions(int value)
Definition: objects.h:6144
v8::internal::HashTable::SetNumberOfElements
void SetNumberOfElements(int nof)
Definition: objects.h:3759
v8::internal::Internals::kMapInstanceTypeOffset
static const int kMapInstanceTypeOffset
Definition: v8.h:5554
v8::internal::Smi::IsValid
static bool IsValid(intptr_t value)
Definition: objects-inl.h:1278
v8::internal::String::IsAscii
static bool IsAscii(const uint8_t *chars, int length)
Definition: objects.h:8970
v8::internal::kIsIndirectStringMask
const uint32_t kIsIndirectStringMask
Definition: objects.h:622
v8::internal::Smi::kMinValue
static const int kMinValue
Definition: objects.h:1679
v8::internal::Object::ToArrayIndex
bool ToArrayIndex(uint32_t *index)
Definition: objects-inl.h:2072
v8::internal::Code::is_store_stub
bool is_store_stub()
Definition: objects.h:5304
v8::internal::kPointerSize
const int kPointerSize
Definition: globals.h:268
v8::internal::DescriptorArray::CopyUpTo
MUST_USE_RESULT MaybeObject * CopyUpTo(int enumeration_index)
Definition: objects.h:3454
DECLARE_VERIFIER
#define DECLARE_VERIFIER(Name)
Definition: objects.h:924
v8::internal::StringTableShape::AsObject
static MUST_USE_RESULT MaybeObject * AsObject(Heap *heap, HashTableKey *key)
Definition: objects.h:3843
v8::internal::HashTable::HashForObject
uint32_t HashForObject(Key key, Object *object)
Definition: objects.h:3646
v8::internal::Map::BodyDescriptor
FixedBodyDescriptor< kPointerFieldsBeginOffset, kPointerFieldsEndOffset, kSize > BodyDescriptor
Definition: objects.h:6502
v8::internal::UnseededNumberDictionary::cast
static UnseededNumberDictionary * cast(Object *obj)
Definition: objects.h:4157
v8::internal::String::FlatContent::IsTwoByte
bool IsTwoByte()
Definition: objects.h:8747
v8::internal::ConstantPoolArray::RawFieldOfElementAt
Object ** RawFieldOfElementAt(int index)
Definition: objects.h:3264
v8::internal::String::VisitFlat
static ConsString * VisitFlat(Visitor *visitor, String *string, int offset=0)
Definition: objects.h:9006
v8::internal::IsAligned
bool IsAligned(T value, U alignment)
Definition: utils.h:211
v8::internal::Object::GetPrototype
Object * GetPrototype(Isolate *isolate)
Definition: objects.cc:1032
v8::internal::Map::IsJSObjectMap
bool IsJSObjectMap()
Definition: objects.h:6363
DISALLOW_IMPLICIT_CONSTRUCTORS
#define DISALLOW_IMPLICIT_CONSTRUCTORS(TypeName)
Definition: globals.h:370
v8::internal::kUintptrAllBitsSet
const uintptr_t kUintptrAllBitsSet
Definition: globals.h:283
v8::internal::HashTable::INLINE
INLINE(static uint32_t GetProbeOffset(uint32_t n))
Definition: objects.h:3713
v8::internal::code
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object Array DOM strings and string pretenure call new trace pretenuring decisions of HAllocate instructions track fields with only smi values track fields with heap values track_fields track_fields Enables optimizations which favor memory size over execution speed use string slices optimization filter maximum number of GVN fix point iterations use function inlining use allocation folding eliminate write barriers targeting allocations in optimized code maximum source size in bytes considered for a single inlining maximum cumulative number of AST nodes considered for inlining crankshaft harvests type feedback from stub cache trace check elimination phase hydrogen tracing filter trace hydrogen to given file name trace inlining decisions trace store elimination trace all use positions trace global value numbering trace hydrogen escape analysis trace the tracking of allocation sites trace map generalization environment for every instruction deoptimize every n garbage collections put a break point before deoptimizing deoptimize uncommon cases use on stack replacement trace array bounds check elimination perform array index dehoisting use load elimination use store elimination use constant folding eliminate unreachable code number of stress runs when picking a function to watch for shared function not JSFunction itself flushes the cache of optimized code for closures on every GC functions with arguments object maximum number of escape analysis fix point iterations allow uint32 values on optimize frames if they are used only in safe operations track concurrent recompilation artificial compilation delay in ms concurrent on stack replacement do not emit check maps for constant values that have a leaf deoptimize the optimized code if the layout of the maps changes number of stack frames inspected by the profiler percentage of ICs that must have type info to allow optimization extra verbose compilation tracing generate extra code(assertions) for debugging") DEFINE_bool(code_comments
v8::internal::kOneByteDataHintMask
const uint32_t kOneByteDataHintMask
Definition: objects.h:638
DISALLOW_COPY_AND_ASSIGN
#define DISALLOW_COPY_AND_ASSIGN(TypeName)
Definition: globals.h:359
v8::internal::HashTable::SetCapacity
void SetCapacity(int capacity)
Definition: objects.h:3769
v8::internal::kShortcutTypeMask
const uint32_t kShortcutTypeMask
Definition: objects.h:652
v8::internal::Search
int Search(T *array, Name *name, int valid_entries)
Definition: objects-inl.h:2510
v8::internal::pc
const Register pc
Definition: assembler-arm.h:244
v8::internal::String::FlatContent::ToUC16Vector
Vector< const uc16 > ToUC16Vector()
Definition: objects.h:8757
v8::internal::FlexibleBodyDescriptor::IterateBody
static void IterateBody(HeapObject *obj, int object_size)
Definition: objects.h:1942
v8::internal::IsFixedTypedArrayElementsKind
bool IsFixedTypedArrayElementsKind(ElementsKind kind)
Definition: elements-kind.h:125
v8::internal::RoundUp
T RoundUp(T x, intptr_t m)
Definition: utils.h:144
v8::internal::Code::is_compare_nil_ic_stub
bool is_compare_nil_ic_stub()
Definition: objects.h:5308
v8::internal::NameDictionary::cast
static NameDictionary * cast(Object *obj)
Definition: objects.h:4049
v8::internal::AllocationSite::GetElementsKind
ElementsKind GetElementsKind()
Definition: objects.h:8360
v8::internal::IsFastSmiElementsKind
bool IsFastSmiElementsKind(ElementsKind kind)
Definition: elements-kind.h:174
v8::internal::FixedDoubleArray::OffsetOfElementAt
static int OffsetOfElementAt(int index)
Definition: objects.h:3160
FIELD_ACCESSORS
#define FIELD_ACCESSORS(name)
Definition: objects.h:4480
v8::internal::kShortExternalStringTag
const uint32_t kShortExternalStringTag
Definition: objects.h:644
v8::internal::Map::SetNumberOfOwnDescriptors
void SetNumberOfOwnDescriptors(int number)
Definition: objects.h:6178
v8::internal::DescriptorArray::GetEnumIndicesCache
FixedArray * GetEnumIndicesCache()
Definition: objects.h:3375
v8::internal::Internals::kOddballType
static const int kOddballType
Definition: v8.h:5587
v8::internal::SeqString::kHeaderSize
static const int kHeaderSize
Definition: objects.h:9042
v8::internal::kBitsPerByte
const int kBitsPerByte
Definition: globals.h:287
v8::internal::StringRepresentationTag
StringRepresentationTag
Definition: objects.h:616
v8::internal::FixedDoubleArray::SizeFor
static int SizeFor(int length)
Definition: objects.h:3152
v8::internal::IsPowerOf2
bool IsPowerOf2(T x)
Definition: utils.h:51
v8::internal::Is
bool Is(Object *obj)
DEFINE_CODE_KIND_ENUM
#define DEFINE_CODE_KIND_ENUM(name)
Definition: objects.h:5209
v8::internal::HashTable::SetNumberOfDeletedElements
void SetNumberOfDeletedElements(int nod)
Definition: objects.h:3764
v8::internal::kStringTag
const uint32_t kStringTag
Definition: objects.h:598
BASE_EMBEDDED
#define BASE_EMBEDDED
Definition: allocation.h:68
v8::internal::BASE_EMBEDDED::ToObjectUnchecked
Object * ToObjectUnchecked()
Definition: objects.h:949
v8::internal::FixedBodyDescriptor
Definition: objects.h:1913
v8::internal::FlexibleBodyDescriptor
Definition: objects.h:1933
v8::internal::Map::set_has_indexed_interceptor
void set_has_indexed_interceptor()
Definition: objects.h:5903
v8::internal::kBitsPerInt
const int kBitsPerInt
Definition: globals.h:290
v8::internal::String::NonOneByteStart
static int NonOneByteStart(const uc16 *chars, int length)
Definition: objects.h:8975
v8::internal::Object::GetOrCreateHash
static Handle< Object > GetOrCreateHash(Handle< Object > object, Isolate *isolate)
Definition: objects.cc:1091
v8::internal::kInternalizedTag
const uint32_t kInternalizedTag
Definition: objects.h:605
v8::internal::Code::is_binary_op_stub
bool is_binary_op_stub()
Definition: objects.h:5306
v8::internal::Object::GetProperty
MUST_USE_RESULT MaybeObject * GetProperty(Name *key)
Definition: objects-inl.h:1081
v8::internal::AccessorDescriptorType
AccessorDescriptorType
Definition: objects.h:10156
v8::internal::VectorIterator::VectorIterator
VectorIterator(T *d, int l)
Definition: objects.h:9461
v8::internal::FixedArray::OffsetOfElementAt
static int OffsetOfElementAt(int index)
Definition: objects.h:3070
v8::internal::FixedArray::SizeFor
static int SizeFor(int length)
Definition: objects.h:3067
T
#define T(name, string, precedence)
Definition: token.cc:48
v8::internal::IsFastSmiOrObjectElementsKind
bool IsFastSmiOrObjectElementsKind(ElementsKind kind)
Definition: elements-kind.h:166
v8::internal::Dictionary::SetNextEnumerationIndex
void SetNextEnumerationIndex(int index)
Definition: objects.h:3979
v8::internal::Map::IsGlobalObjectMap
bool IsGlobalObjectMap()
Definition: objects.h:6372
v8::internal::BaseShape::SeededHashForObject
static uint32_t SeededHashForObject(Key key, uint32_t seed, Object *object)
Definition: objects.h:3627
v8::internal::SharedFunctionInfo::set_dont_optimize_reason
void set_dont_optimize_reason(BailoutReason reason)
Definition: objects.h:7069
v8::internal::String::FlatContent
Definition: objects.h:8740
v8::internal::kElementsKindCount
const int kElementsKindCount
Definition: elements-kind.h:89
v8::internal::FixedArrayBase::kHeaderSize
static const int kHeaderSize
Definition: objects.h:3016
v8::internal::PropertyNormalizationMode
PropertyNormalizationMode
Definition: objects.h:252
v8::internal::Object::Lookup
void Lookup(Name *name, LookupResult *result)
Definition: objects.cc:135
v8::internal::AllocationSite::SetElementsKind
void SetElementsKind(ElementsKind kind)
Definition: objects.h:8366
v8::internal::HashTable::IsKey
bool IsKey(Object *k)
Definition: objects.h:3701
v8::internal::SimpleTransitionFlag
SimpleTransitionFlag
Definition: objects.h:282
v8::internal::ByteArray::SizeFor
static int SizeFor(int length)
Definition: objects.h:4591
v8::internal::Map::has_named_interceptor
bool has_named_interceptor()
Definition: objects.h:5898
FIXED_ARRAY_SUB_INSTANCE_TYPE_LIST
#define FIXED_ARRAY_SUB_INSTANCE_TYPE_LIST(V)
Definition: objects.h:863
v8::internal::kIsNotStringMask
const uint32_t kIsNotStringMask
Definition: objects.h:597
v8::internal::BASE_EMBEDDED::VisitNextCodeLink
virtual void VisitNextCodeLink(Object **p)
Definition: objects.h:10741
v8::internal::Map::CanTransition
bool CanTransition()
Definition: objects.h:6357
v8::internal::GetBailoutReason
const char * GetBailoutReason(BailoutReason reason)
Definition: objects.cc:16437
v8::internal::kSlicedNotConsMask
const uint32_t kSlicedNotConsMask
Definition: objects.h:633
v8::internal::kNotInternalizedTag
const uint32_t kNotInternalizedTag
Definition: objects.h:604
v8::internal::CodeCacheHashTableShape::HashForObject
static uint32_t HashForObject(HashTableKey *key, Object *object)
Definition: objects.h:8105
v8::internal::Code::is_compare_ic_stub
bool is_compare_ic_stub()
Definition: objects.h:5307
v8::internal::BaseShape::HashForObject
static uint32_t HashForObject(Key key, Object *object)
Definition: objects.h:3626
v8::internal::ObjectHashTable::cast
static ObjectHashTable * cast(Object *obj)
Definition: objects.h:4226
v8::internal::ConsString::BodyDescriptor
FixedBodyDescriptor< kFirstOffset, kSecondOffset+kPointerSize, kSize > BodyDescriptor
Definition: objects.h:9173
v8::internal::Internals::kHeapObjectMapOffset
static const int kHeapObjectMapOffset
Definition: v8.h:5553
v8::internal::handle
Handle< T > handle(T *t, Isolate *isolate)
Definition: handles.h:103
v8::internal::kStubMinorKeyBits
const int kStubMinorKeyBits
Definition: objects.h:317
STRUCT_LIST
#define STRUCT_LIST(V)
Definition: objects.h:590
v8::internal::info
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object Array DOM strings and string pretenure call new trace pretenuring decisions of HAllocate instructions track fields with only smi values track fields with heap values track_fields track_fields Enables optimizations which favor memory size over execution speed use string slices optimization filter maximum number of GVN fix point iterations use function inlining use allocation folding eliminate write barriers targeting allocations in optimized code maximum source size in bytes considered for a single inlining maximum cumulative number of AST nodes considered for inlining crankshaft harvests type feedback from stub cache trace check elimination phase hydrogen tracing filter trace hydrogen to given file name trace inlining decisions trace store elimination trace all use positions trace global value numbering trace hydrogen escape analysis trace the tracking of allocation sites trace map generalization environment for every instruction deoptimize every n garbage collections put a break point before deoptimizing deoptimize uncommon cases use on stack replacement trace array bounds check elimination perform array index dehoisting use load elimination use store elimination use constant folding eliminate unreachable code number of stress runs when picking a function to watch for shared function info
Definition: flags.cc:317
CODE_KIND_LIST
#define CODE_KIND_LIST(V)
Definition: objects.h:5204
OBJECT_POINTER_ALIGN
#define OBJECT_POINTER_ALIGN(value)
Definition: v8globals.h:386
IS_POWER_OF_TWO
#define IS_POWER_OF_TWO(x)
Definition: utils.h:46
v8::internal::BASE_EMBEDDED::ToObjectChecked
Object * ToObjectChecked()
Definition: objects.h:955
v8::internal::Map::has_fast_smi_or_object_elements
bool has_fast_smi_or_object_elements()
Definition: objects.h:5960
v8::internal::INLINE
INLINE(static HeapObject *EnsureDoubleAligned(Heap *heap, HeapObject *object, int size))
v8::internal::Vector::cast
static Vector< T > cast(Vector< S > input)
Definition: utils.h:477
v8::internal::Object::cast
static Object * cast(Object *value)
Definition: objects.h:1641
v8::internal::name_should_print_as_anonymous
name_should_print_as_anonymous
Definition: objects-inl.h:5283
v8::internal::GlobalObject::GetPropertyNoExceptionThrown
Object * GetPropertyNoExceptionThrown(Name *key)
Definition: objects.h:7601
v8::internal::Map::has_indexed_interceptor
bool has_indexed_interceptor()
Definition: objects.h:5907
v8::internal::String::FlatContent::IsFlat
bool IsFlat()
Definition: objects.h:8743
v8::internal::uc16
uint16_t uc16
Definition: globals.h:309
v8::internal::Code::ExecutableSize
int ExecutableSize()
Definition: objects.h:5499
v8::internal::CompilationCacheShape::IsMatch
static bool IsMatch(HashTableKey *key, Object *value)
Definition: objects.h:7994
v8::internal::FixedTypedArray::ElementType
Traits::ElementType ElementType
Definition: objects.h:4987
v8::internal::ExternalAsciiString::Resource
v8::String::ExternalAsciiStringResource Resource
Definition: objects.h:9266
v8::internal::Dictionary::DetailsAt
PropertyDetails DetailsAt(int entry)
Definition: objects.h:3940
v8::internal::SeqTwoByteString::SizeFor
static int SizeFor(int length)
Definition: objects.h:9118
v8::internal::instance_call_handler
kSerializedDataOffset kPrototypeTemplateOffset kIndexedPropertyHandlerOffset instance_call_handler
Definition: objects-inl.h:5027
v8::internal::kOneByteDataHintTag
const uint32_t kOneByteDataHintTag
Definition: objects.h:639
v8::internal::kSmiTagSize
const int kSmiTagSize
Definition: v8.h:5479
v8::internal::kInt64Size
const int kInt64Size
Definition: globals.h:265
v8::internal::Code::kHeaderSize
static const int kHeaderSize
Definition: objects.h:5604
v8::internal::Object::ShortPrint
void ShortPrint(FILE *out=stdout)
Definition: objects.cc:1123
v8::internal::Dictionary::ValueAtPut
void ValueAtPut(int entry, Object *value)
Definition: objects.h:3935
v8::internal::Map::is_observed
bool is_observed()
Definition: objects.h:5930
TYPED_ARRAYS
#define TYPED_ARRAYS(V)
Definition: objects.h:4663
v8::internal::Map::is_undetectable
bool is_undetectable()
Definition: objects.h:5921
v8::internal::Code::is_keyed_store_stub
bool is_keyed_store_stub()
Definition: objects.h:5305
v8::internal::CompilationCacheShape::HashForObject
static uint32_t HashForObject(HashTableKey *key, Object *object)
Definition: objects.h:8002
v8::internal::ConstantPoolArray::SizeFor
static int SizeFor(int number_of_int64_entries, int number_of_code_ptr_entries, int number_of_heap_ptr_entries, int number_of_int32_entries)
Definition: objects.h:3232
v8::internal::Object::OptimalRepresentation
Representation OptimalRepresentation(ValueType type=OPTIMAL_REPRESENTATION)
Definition: objects.h:1489
ASSERT_EQ
#define ASSERT_EQ(v1, v2)
Definition: checks.h:330
v8::internal::kShortSize
const int kShortSize
Definition: globals.h:262
v8::internal::CodeCacheHashTableShape::IsMatch
static bool IsMatch(HashTableKey *key, Object *value)
Definition: objects.h:8097
v8::internal::BASE_EMBEDDED::ToFailureUnchecked
Failure * ToFailureUnchecked()
Definition: objects.h:945
v8::internal::Map::kElementsKindShift
static const int kElementsKindShift
Definition: objects.h:6482
v8::internal::Code::is_to_boolean_ic_stub
bool is_to_boolean_ic_stub()
Definition: objects.h:5309
v8::internal::FixedBodyDescriptor::IterateBody
static void IterateBody(HeapObject *obj)
Definition: objects.h:1922
v8::internal::formal_parameter_count
kInstanceClassNameOffset kNeedsAccessCheckBit kRemovePrototypeBit kIsExpressionBit kAllowLazyCompilation kUsesArguments formal_parameter_count
Definition: objects-inl.h:5190
v8::internal::kOneByteStringTag
const uint32_t kOneByteStringTag
Definition: objects.h:611
v8::internal::HashTable::NextProbe
static uint32_t NextProbe(uint32_t last, uint32_t number, uint32_t size)
Definition: objects.h:3789
v8::internal::Smi::SmiPrint
void SmiPrint(FILE *out=stdout)
Definition: objects.cc:1142
DECL_ACCESSORS
#define DECL_ACCESSORS(name, type)
Definition: objects.h:896
v8::DeclaredAccessorDescriptorDataType
DeclaredAccessorDescriptorDataType
Definition: v8.h:3805
v8::internal::HashTableKey::IsMatch
virtual bool IsMatch(Object *other)=0
v8::internal::FixedTypedArray::ElementOffset
static int ElementOffset(int index)
Definition: objects.h:4993
v8::internal::FixedArray::cast
static FixedArray * cast(Object *obj)
end_
bool end_
Definition: v8conversions.cc:60
v8::internal::CompilationCacheShape::AsObject
static MUST_USE_RESULT MaybeObject * AsObject(Heap *heap, HashTableKey *key)
Definition: objects.h:8006
v8::internal::Internals::kUndefinedOddballKind
static const int kUndefinedOddballKind
Definition: v8.h:5590
unibrow::Utf8::kMaxOneByteChar
static const unsigned kMaxOneByteChar
Definition: unicode.h:164
HEAP_OBJECT_TYPE_LIST
#define HEAP_OBJECT_TYPE_LIST(V)
Definition: objects.h:993
v8::internal::JSObject::kHeaderSize
static const int kHeaderSize
Definition: objects.h:2757
Print
void Print(const v8::FunctionCallbackInfo< v8::Value > &args)
Definition: lineprocessor.cc:402
v8::internal::BooleanBit::set
static Smi * set(Smi *smi, int bit_position, bool v)
Definition: objects.h:10811
v8::internal::dependent_code
kSerializedDataOffset kPrototypeTemplateOffset kIndexedPropertyHandlerOffset kInstanceCallHandlerOffset kInternalFieldCountOffset dependent_code
Definition: objects-inl.h:5047
v8::internal::BASE_EMBEDDED::ToObject
bool ToObject(Object **obj)
Definition: objects.h:940
v8::internal::Map::elements_kind
ElementsKind elements_kind()
Definition: objects.h:5945
v8::internal::DescriptorArray::GetEnumCache
FixedArray * GetEnumCache()
Definition: objects.h:3361
v8::internal::ExtraICState
int ExtraICState
Definition: objects.h:310
v8::internal::ConstantPoolArray::OffsetOfElementAt
int OffsetOfElementAt(int index)
Definition: objects.h:3244
v8::internal::kIsIndirectStringTag
const uint32_t kIsIndirectStringTag
Definition: objects.h:623
v8::internal::BASE_EMBEDDED::VisitEmbedderReference
virtual void VisitEmbedderReference(Object **p, uint16_t class_id)
Definition: objects.h:10781
v8::internal::indexed_property_handler
kSerializedDataOffset kPrototypeTemplateOffset indexed_property_handler
Definition: objects-inl.h:5021
v8::internal::Map::IsJSGlobalObjectMap
bool IsJSGlobalObjectMap()
Definition: objects.h:6369
v8::internal::FixedArray::get
Object * get(int index)
Definition: objects-inl.h:2127
v8::internal::Map::kPrototypeOffset
static const int kPrototypeOffset
Definition: objects.h:6427
v8::internal::Map::IsJSGlobalProxyMap
bool IsJSGlobalProxyMap()
Definition: objects.h:6366
v8::internal::Object::GetElement
static Handle< Object > GetElement(Isolate *isolate, Handle< Object > object, uint32_t index)
Definition: objects-inl.h:1060
v8::internal::MapCacheShape::HashForObject
static uint32_t HashForObject(HashTableKey *key, Object *object)
Definition: objects.h:3892
v8::internal::HashTable::GetProbe
static uint32_t GetProbe(uint32_t hash, uint32_t number, uint32_t size)
Definition: objects.h:3780
obj
HeapObject * obj
Definition: heap-snapshot-generator.cc:533
v8::internal::WeakHashTable::cast
static WeakHashTable * cast(Object *obj)
Definition: objects.h:4282
v8::internal::uses_arguments
kInstanceClassNameOffset kNeedsAccessCheckBit kRemovePrototypeBit kIsExpressionBit kAllowLazyCompilation uses_arguments
Definition: objects-inl.h:5137
v8::internal::literals
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric literals(0o77, 0b11)") DEFINE_bool(harmony_strings
v8::internal::AccessorPair::set
void set(AccessorComponent component, Object *value)
Definition: objects.h:10323
v8::internal::DeoptimizationOutputData::LengthOfFixedArray
static int LengthOfFixedArray(int deopt_points)
Definition: objects.h:5155
v8::internal::BaseShape::Hash
static uint32_t Hash(Key key)
Definition: objects.h:3621
v8::internal::Representation::None
static Representation None()
Definition: property-details.h:105
v8::internal::String::kMaxLength
static const int kMaxLength
Definition: objects.h:8922
v8::internal::String::FlatContent::IsAscii
bool IsAscii()
Definition: objects.h:8745
v8::internal::Code::SizeFor
static int SizeFor(int body_size)
Definition: objects.h:5492
v8::internal::DescriptorArray::LengthFor
static int LengthFor(int number_of_descriptors)
Definition: objects.h:3529
CODE_AGE_LIST
#define CODE_AGE_LIST(V)
Definition: builtins.h:50
v8::internal::kFailureTypeTagMask
const int kFailureTypeTagMask
Definition: objects.h:1713
v8::internal::BASE_EMBEDDED::ToHandle
bool ToHandle(Handle< T > *obj, Isolate *isolate)
Definition: objects.h:968
v8::internal::AliasedArgumentsEntry
Definition: objects.h:8475
v8::internal::compiler_hints
kInstanceClassNameOffset kNeedsAccessCheckBit kRemovePrototypeBit kIsExpressionBit compiler_hints
Definition: objects-inl.h:5129
v8::internal::Representation::Tagged
static Representation Tagged()
Definition: property-details.h:106
v8::internal::Internals::kForeignType
static const int kForeignType
Definition: v8.h:5588
v8::internal::kInt32Size
const int kInt32Size
Definition: globals.h:264
v8::internal::prototype_template
kSerializedDataOffset prototype_template
Definition: objects-inl.h:5016
v8::internal::allows_lazy_compilation
kInstanceClassNameOffset kNeedsAccessCheckBit kRemovePrototypeBit kIsExpressionBit allows_lazy_compilation
Definition: objects-inl.h:5129
v8::internal::SeqOneByteString::SizeFor
static int SizeFor(int length)
Definition: objects.h:9078
v8::internal::String::FlatContent::ToOneByteVector
Vector< const uint8_t > ToOneByteVector()
Definition: objects.h:8751
unibrow::int16_t
signed short int16_t
Definition: unicode.cc:45
FUNCTIONS_WITH_ID_LIST
#define FUNCTIONS_WITH_ID_LIST(V)
Definition: objects.h:6661
v8::internal::HashTable::FirstProbe
static uint32_t FirstProbe(uint32_t hash, uint32_t size)
Definition: objects.h:3785
v8::internal::AllocationSite::set_pretenure_decision
void set_pretenure_decision(PretenureDecision decision)
Definition: objects.h:8314
v8::internal::JSObject::NewElementsCapacity
static int NewElementsCapacity(int old_capacity)
Definition: objects.h:2467
DEFINE_ENTRY_ACCESSORS
#define DEFINE_ENTRY_ACCESSORS(name, type)
Definition: objects.h:5085
v8::internal::HeapType
TypeImpl< HeapTypeConfig > HeapType
Definition: list.h:212
v8::internal::Smi::kMaxValue
static const int kMaxValue
Definition: objects.h:1681
v8::internal::name
enable upcoming ES6 features enable harmony block scoping enable harmony enable harmony proxies enable harmony generators enable harmony numeric enable harmony string enable harmony math functions harmony_scoping harmony_symbols harmony_collections harmony_iteration harmony_strings harmony_scoping harmony_maths tracks arrays with only smi values Optimize object Array DOM strings and string pretenure call new trace pretenuring decisions of HAllocate instructions track fields with only smi values track fields with heap values track_fields track_fields Enables optimizations which favor memory size over execution speed use string slices optimization filter maximum number of GVN fix point iterations use function inlining use allocation folding eliminate write barriers targeting allocations in optimized code maximum source size in bytes considered for a single inlining maximum cumulative number of AST nodes considered for inlining crankshaft harvests type feedback from stub cache trace check elimination phase hydrogen tracing filter trace hydrogen to given file name trace inlining decisions trace store elimination trace all use positions trace global value numbering trace hydrogen escape analysis trace the tracking of allocation sites trace map generalization environment for every instruction deoptimize every n garbage collections put a break point before deoptimizing deoptimize uncommon cases use on stack replacement trace array bounds check elimination perform array index dehoisting use load elimination use store elimination use constant folding eliminate unreachable code number of stress runs when picking a function to watch for shared function not JSFunction itself flushes the cache of optimized code for closures on every GC functions with arguments object maximum number of escape analysis fix point iterations allow uint32 values on optimize frames if they are used only in safe operations track concurrent recompilation artificial compilation delay in ms concurrent on stack replacement do not emit check maps for constant values that have a leaf deoptimize the optimized code if the layout of the maps changes number of stack frames inspected by the profiler percentage of ICs that must have type info to allow optimization extra verbose compilation tracing generate extra emit comments in code disassembly enable use of SSE3 instructions if available enable use of CMOV instruction if available enable use of VFP3 instructions if available enable use of NEON instructions if enable use of SDIV and UDIV instructions if enable loading bit constant by means of movw movt instruction enable unaligned accesses for enable use of d16 d31 registers on ARM this requires VFP3 force all emitted branches to be in long expose natives in global object expose freeBuffer extension expose gc extension under the specified name expose externalize string extension number of stack frames to capture disable builtin natives files print name of functions for which code is generated use random jit cookie to mask large constants trace lazy optimization use adaptive optimizations always try to OSR functions trace optimize function deoptimization minimum length for automatic enable preparsing maximum number of optimization attempts before giving up cache prototype transitions trace debugging JSON request response trace out of bounds accesses to external arrays trace_js_array_abuse automatically set the debug break flag when debugger commands are in the queue abort by crashing maximum length of function source code printed in a stack trace max size of the new max size of the old max size of executable always perform global GCs print one trace line following each garbage collection do not print trace line after scavenger collection print statistics of the maximum memory committed for the heap in name
Definition: flags.cc:505
v8::internal::Map::has_dictionary_elements
bool has_dictionary_elements()
Definition: objects.h:5984
v8::internal::Internals::kNullOddballKind
static const int kNullOddballKind
Definition: v8.h:5591
v8::internal::Object::INLINE
INLINE(bool IsSpecObject())
v8::internal::Cell::FromValueAddress
static Cell * FromValueAddress(Address value)
Definition: objects.h:9532
v8::internal::kCharSize
const int kCharSize
Definition: globals.h:261
v8::internal::JSRegExp::saved_code_index
static int saved_code_index(bool is_ascii)
Definition: objects.h:7908
ASSERT_SIZE_TAG_ALIGNED
#define ASSERT_SIZE_TAG_ALIGNED(size)
Definition: v8checks.h:60
v8::internal::LinearSearch
int LinearSearch(T *array, Name *name, int len, int valid_entries)
Definition: objects-inl.h:2487
v8::AccessControl
AccessControl
Definition: v8.h:2165
v8::internal::HashTable::ElementsRemoved
void ElementsRemoved(int n)
Definition: objects.h:3680
v8::internal::ObjectHashSet::cast
static ObjectHashSet * cast(Object *obj)
Definition: objects.h:4194
v8::internal::BASE_EMBEDDED::ToRawValue
uintptr_t ToRawValue()
Definition: objects.h:1787
ERROR_MESSAGES_CONSTANTS
#define ERROR_MESSAGES_CONSTANTS(C, T)
Definition: objects.h:1423
v8::internal::BASE_EMBEDDED::To
bool To(T **obj)
Definition: objects.h:961
v8::internal::IsDictionaryElementsKind
bool IsDictionaryElementsKind(ElementsKind kind)
Definition: elements-kind.h:108
v8::internal::JSBuiltinsObject::OffsetOfCodeWithId
static int OffsetOfCodeWithId(Builtins::JavaScript id)
Definition: objects.h:7678
v8::internal::IsFastDoubleElementsKind
bool IsFastDoubleElementsKind(ElementsKind kind)
Definition: elements-kind.h:142
v8::internal::Code::is_keyed_load_stub
bool is_keyed_load_stub()
Definition: objects.h:5303
v8::internal::kStringEncodingMask
const uint32_t kStringEncodingMask
Definition: objects.h:609
v8::internal::Internals::kJSObjectType
static const int kJSObjectType
Definition: v8.h:5585
v8::internal::AccessorPair::SetComponents
void SetComponents(Object *getter, Object *setter)
Definition: objects.h:10335
v8::internal::CodeCacheHashTableShape::AsObject
static MUST_USE_RESULT MaybeObject * AsObject(Heap *heap, HashTableKey *key)
Definition: objects.h:8109
DECLARE_STRUCT_PREDICATE
#define DECLARE_STRUCT_PREDICATE(NAME, Name, name)
Definition: objects.h:1455
v8::internal::HashTableKey::AsObject
virtual MUST_USE_RESULT MaybeObject * AsObject(Heap *heap)=0
v8::internal::Map::set_is_hidden_prototype
void set_is_hidden_prototype()
Definition: objects.h:5885
DECL_BOOLEAN_ACCESSORS
#define DECL_BOOLEAN_ACCESSORS(name)
Definition: objects.h:891
v8::internal::MB
const int MB
Definition: globals.h:246