• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2018 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef V8_OBJECTS_JS_OBJECTS_H_
6 #define V8_OBJECTS_JS_OBJECTS_H_
7 
8 #include "src/objects/embedder-data-slot.h"
9 // TODO(jkummerow): Consider forward-declaring instead.
10 #include "src/objects/internal-index.h"
11 #include "src/objects/objects.h"
12 #include "src/objects/property-array.h"
13 #include "torque-generated/field-offsets.h"
14 
15 // Has to be the last include (doesn't have include guards):
16 #include "src/objects/object-macros.h"
17 
18 namespace v8 {
19 namespace internal {
20 
21 // Enum for functions that offer a second mode that does not cause allocations.
22 // Used in conjunction with LookupIterator and unboxed double fields.
23 enum class AllocationPolicy { kAllocationAllowed, kAllocationDisallowed };
24 
25 enum InstanceType : uint16_t;
26 class JSGlobalObject;
27 class JSGlobalProxy;
28 class NativeContext;
29 class IsCompiledScope;
30 
31 #include "torque-generated/src/objects/js-objects-tq.inc"
32 
33 // JSReceiver includes types on which properties can be defined, i.e.,
34 // JSObject and JSProxy.
35 class JSReceiver : public HeapObject {
36  public:
37   NEVER_READ_ONLY_SPACE
38   // Returns true if there is no slow (ie, dictionary) backing store.
39   DECL_GETTER(HasFastProperties, bool)
40 
41   // Returns the properties array backing store if it
42   // exists. Otherwise, returns an empty_property_array when there's a
43   // Smi (hash code) or an empty_fixed_array for a fast properties
44   // map.
45   DECL_GETTER(property_array, PropertyArray)
46 
47   // Gets slow properties for non-global objects (if v8_dict_mode_prototypes is
48   // not set).
49   DECL_GETTER(property_dictionary, NameDictionary)
50 
51   // Gets slow properties for non-global objects (if v8_dict_mode_prototypes is
52   // set).
53   DECL_GETTER(property_dictionary_ordered, OrderedNameDictionary)
54 
55   // Sets the properties backing store and makes sure any existing hash is moved
56   // to the new properties store. To clear out the properties store, pass in the
57   // empty_fixed_array(), the hash will be maintained in this case as well.
58   void SetProperties(HeapObject properties);
59 
60   // There are five possible values for the properties offset.
61   // 1) EmptyFixedArray/EmptyPropertyDictionary - This is the standard
62   // placeholder.
63   //
64   // 2) Smi - This is the hash code of the object.
65   //
66   // 3) PropertyArray - This is similar to a FixedArray but stores
67   // the hash code of the object in its length field. This is a fast
68   // backing store.
69   //
70   // 4) NameDictionary - This is the dictionary-mode backing store.
71   //
72   // 4) GlobalDictionary - This is the backing store for the
73   // GlobalObject.
74   //
75   // This is used only in the deoptimizer and heap. Please use the
76   // above typed getters and setters to access the properties.
77   DECL_ACCESSORS(raw_properties_or_hash, Object)
78 
79   inline void initialize_properties(Isolate* isolate);
80 
81   // Deletes an existing named property in a normalized object.
82   static void DeleteNormalizedProperty(Handle<JSReceiver> object,
83                                        InternalIndex entry);
84 
85   DECL_CAST(JSReceiver)
86   DECL_VERIFIER(JSReceiver)
87 
88   // ES6 section 7.1.1 ToPrimitive
89   V8_WARN_UNUSED_RESULT static MaybeHandle<Object> ToPrimitive(
90       Handle<JSReceiver> receiver,
91       ToPrimitiveHint hint = ToPrimitiveHint::kDefault);
92 
93   // ES6 section 7.1.1.1 OrdinaryToPrimitive
94   V8_WARN_UNUSED_RESULT static MaybeHandle<Object> OrdinaryToPrimitive(
95       Handle<JSReceiver> receiver, OrdinaryToPrimitiveHint hint);
96 
97   static MaybeHandle<NativeContext> GetFunctionRealm(
98       Handle<JSReceiver> receiver);
99   V8_EXPORT_PRIVATE static MaybeHandle<NativeContext> GetContextForMicrotask(
100       Handle<JSReceiver> receiver);
101 
102   // Get the first non-hidden prototype.
103   static inline MaybeHandle<HeapObject> GetPrototype(
104       Isolate* isolate, Handle<JSReceiver> receiver);
105 
106   V8_WARN_UNUSED_RESULT static Maybe<bool> HasInPrototypeChain(
107       Isolate* isolate, Handle<JSReceiver> object, Handle<Object> proto);
108 
109   // Reads all enumerable own properties of source and adds them to
110   // target, using either Set or CreateDataProperty depending on the
111   // use_set argument. This only copies values not present in the
112   // maybe_excluded_properties list.
113   V8_WARN_UNUSED_RESULT static Maybe<bool> SetOrCopyDataProperties(
114       Isolate* isolate, Handle<JSReceiver> target, Handle<Object> source,
115       const ScopedVector<Handle<Object>>* excluded_properties = nullptr,
116       bool use_set = true);
117 
118   // Implementation of [[HasProperty]], ECMA-262 5th edition, section 8.12.6.
119   V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool> HasProperty(
120       LookupIterator* it);
121   V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasProperty(
122       Handle<JSReceiver> object, Handle<Name> name);
123   V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasElement(
124       Handle<JSReceiver> object, uint32_t index);
125 
126   V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool> HasOwnProperty(
127       Handle<JSReceiver> object, Handle<Name> name);
128   V8_WARN_UNUSED_RESULT static inline Maybe<bool> HasOwnProperty(
129       Handle<JSReceiver> object, uint32_t index);
130 
131   V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
132       Isolate* isolate, Handle<JSReceiver> receiver, const char* key);
133   V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetProperty(
134       Isolate* isolate, Handle<JSReceiver> receiver, Handle<Name> name);
135   V8_WARN_UNUSED_RESULT static inline MaybeHandle<Object> GetElement(
136       Isolate* isolate, Handle<JSReceiver> receiver, uint32_t index);
137 
138   // Implementation of ES6 [[Delete]]
139   V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool>
140   DeletePropertyOrElement(Handle<JSReceiver> object, Handle<Name> name,
141                           LanguageMode language_mode = LanguageMode::kSloppy);
142   V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
143       Handle<JSReceiver> object, Handle<Name> name,
144       LanguageMode language_mode = LanguageMode::kSloppy);
145   V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteProperty(
146       LookupIterator* it, LanguageMode language_mode);
147   V8_WARN_UNUSED_RESULT static Maybe<bool> DeleteElement(
148       Handle<JSReceiver> object, uint32_t index,
149       LanguageMode language_mode = LanguageMode::kSloppy);
150 
151   V8_WARN_UNUSED_RESULT static Object DefineProperty(Isolate* isolate,
152                                                      Handle<Object> object,
153                                                      Handle<Object> name,
154                                                      Handle<Object> attributes);
155   V8_WARN_UNUSED_RESULT static MaybeHandle<Object> DefineProperties(
156       Isolate* isolate, Handle<Object> object, Handle<Object> properties);
157 
158   // "virtual" dispatcher to the correct [[DefineOwnProperty]] implementation.
159   V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnProperty(
160       Isolate* isolate, Handle<JSReceiver> object, Handle<Object> key,
161       PropertyDescriptor* desc, Maybe<ShouldThrow> should_throw);
162 
163   // ES6 7.3.4 (when passed kDontThrow)
164   V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
165       Isolate* isolate, Handle<JSReceiver> object, Handle<Name> key,
166       Handle<Object> value, Maybe<ShouldThrow> should_throw);
167   V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
168       LookupIterator* it, Handle<Object> value,
169       Maybe<ShouldThrow> should_throw);
170 
171   // ES6 9.1.6.1
172   V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
173       Isolate* isolate, Handle<JSObject> object, Handle<Object> key,
174       PropertyDescriptor* desc, Maybe<ShouldThrow> should_throw);
175   V8_WARN_UNUSED_RESULT static Maybe<bool> OrdinaryDefineOwnProperty(
176       LookupIterator* it, PropertyDescriptor* desc,
177       Maybe<ShouldThrow> should_throw);
178   // ES6 9.1.6.2
179   V8_WARN_UNUSED_RESULT static Maybe<bool> IsCompatiblePropertyDescriptor(
180       Isolate* isolate, bool extensible, PropertyDescriptor* desc,
181       PropertyDescriptor* current, Handle<Name> property_name,
182       Maybe<ShouldThrow> should_throw);
183   // ES6 9.1.6.3
184   // |it| can be NULL in cases where the ES spec passes |undefined| as the
185   // receiver. Exactly one of |it| and |property_name| must be provided.
186   V8_WARN_UNUSED_RESULT static Maybe<bool> ValidateAndApplyPropertyDescriptor(
187       Isolate* isolate, LookupIterator* it, bool extensible,
188       PropertyDescriptor* desc, PropertyDescriptor* current,
189       Maybe<ShouldThrow> should_throw, Handle<Name> property_name);
190 
191   V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool>
192   GetOwnPropertyDescriptor(Isolate* isolate, Handle<JSReceiver> object,
193                            Handle<Object> key, PropertyDescriptor* desc);
194   V8_WARN_UNUSED_RESULT static Maybe<bool> GetOwnPropertyDescriptor(
195       LookupIterator* it, PropertyDescriptor* desc);
196 
197   using IntegrityLevel = PropertyAttributes;
198 
199   // ES6 7.3.14 (when passed kDontThrow)
200   // 'level' must be SEALED or FROZEN.
201   V8_WARN_UNUSED_RESULT static Maybe<bool> SetIntegrityLevel(
202       Handle<JSReceiver> object, IntegrityLevel lvl, ShouldThrow should_throw);
203 
204   // ES6 7.3.15
205   // 'level' must be SEALED or FROZEN.
206   V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
207       Handle<JSReceiver> object, IntegrityLevel lvl);
208 
209   // ES6 [[PreventExtensions]] (when passed kDontThrow)
210   V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
211       Handle<JSReceiver> object, ShouldThrow should_throw);
212 
213   V8_WARN_UNUSED_RESULT static Maybe<bool> IsExtensible(
214       Handle<JSReceiver> object);
215 
216   // Returns the class name.
217   V8_EXPORT_PRIVATE String class_name();
218 
219   // Returns the constructor (the function that was used to instantiate the
220   // object).
221   static MaybeHandle<JSFunction> GetConstructor(Handle<JSReceiver> receiver);
222 
223   // Returns the constructor name (the (possibly inferred) name of the function
224   // that was used to instantiate the object), if any. If a FunctionTemplate is
225   // used to instantiate the object, the class_name of the FunctionTemplate is
226   // returned instead.
227   static Handle<String> GetConstructorName(Handle<JSReceiver> receiver);
228 
229   V8_EXPORT_PRIVATE Handle<NativeContext> GetCreationContext();
230 
231   V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
232   GetPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
233   V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
234   GetOwnPropertyAttributes(Handle<JSReceiver> object, Handle<Name> name);
235   V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
236   GetOwnPropertyAttributes(Handle<JSReceiver> object, uint32_t index);
237 
238   V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
239   GetElementAttributes(Handle<JSReceiver> object, uint32_t index);
240   V8_WARN_UNUSED_RESULT static inline Maybe<PropertyAttributes>
241   GetOwnElementAttributes(Handle<JSReceiver> object, uint32_t index);
242 
243   V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes> GetPropertyAttributes(
244       LookupIterator* it);
245 
246   // Set the object's prototype (only JSReceiver and null are allowed values).
247   V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
248       Handle<JSReceiver> object, Handle<Object> value, bool from_javascript,
249       ShouldThrow should_throw);
250 
251   inline static Handle<Object> GetDataProperty(Handle<JSReceiver> object,
252                                                Handle<Name> name);
253   V8_EXPORT_PRIVATE static Handle<Object> GetDataProperty(
254       LookupIterator* it, AllocationPolicy allocation_policy =
255                               AllocationPolicy::kAllocationAllowed);
256 
257   // Retrieves a permanent object identity hash code. The undefined value might
258   // be returned in case no hash was created yet.
259   V8_EXPORT_PRIVATE Object GetIdentityHash();
260 
261   // Retrieves a permanent object identity hash code. May create and store a
262   // hash code if needed and none exists.
263   static Smi CreateIdentityHash(Isolate* isolate, JSReceiver key);
264   V8_EXPORT_PRIVATE Smi GetOrCreateIdentityHash(Isolate* isolate);
265 
266   // Stores the hash code. The hash passed in must be masked with
267   // JSReceiver::kHashMask.
268   V8_EXPORT_PRIVATE void SetIdentityHash(int masked_hash);
269 
270   // ES6 [[OwnPropertyKeys]] (modulo return type)
271   V8_WARN_UNUSED_RESULT static inline MaybeHandle<FixedArray> OwnPropertyKeys(
272       Handle<JSReceiver> object);
273 
274   V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnValues(
275       Handle<JSReceiver> object, PropertyFilter filter,
276       bool try_fast_path = true);
277 
278   V8_WARN_UNUSED_RESULT static MaybeHandle<FixedArray> GetOwnEntries(
279       Handle<JSReceiver> object, PropertyFilter filter,
280       bool try_fast_path = true);
281 
282   static const int kHashMask = PropertyArray::HashField::kMask;
283 
284   DEFINE_FIELD_OFFSET_CONSTANTS(HeapObject::kHeaderSize,
285                                 TORQUE_GENERATED_JS_RECEIVER_FIELDS)
286   bool HasProxyInPrototype(Isolate* isolate);
287 
288   // TC39 "Dynamic Code Brand Checks"
289   bool IsCodeLike(Isolate* isolate) const;
290 
291   OBJECT_CONSTRUCTORS(JSReceiver, HeapObject);
292 };
293 
294 // The JSObject describes real heap allocated JavaScript objects with
295 // properties.
296 // Note that the map of JSObject changes during execution to enable inline
297 // caching.
298 class JSObject : public TorqueGeneratedJSObject<JSObject, JSReceiver> {
299  public:
300   static bool IsUnmodifiedApiObject(FullObjectSlot o);
301 
302   V8_EXPORT_PRIVATE static V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> New(
303       Handle<JSFunction> constructor, Handle<JSReceiver> new_target,
304       Handle<AllocationSite> site);
305 
306   static MaybeHandle<NativeContext> GetFunctionRealm(Handle<JSObject> object);
307 
308   // 9.1.12 ObjectCreate ( proto [ , internalSlotsList ] )
309   // Notice: This is NOT 19.1.2.2 Object.create ( O, Properties )
310   static V8_WARN_UNUSED_RESULT MaybeHandle<JSObject> ObjectCreate(
311       Isolate* isolate, Handle<Object> prototype);
312 
313   inline void initialize_elements();
314   static inline void SetMapAndElements(Handle<JSObject> object, Handle<Map> map,
315                                        Handle<FixedArrayBase> elements);
316   DECL_GETTER(GetElementsKind, ElementsKind)
317   DECL_GETTER(GetElementsAccessor, ElementsAccessor*)
318 
319   // Returns true if an object has elements of PACKED_SMI_ELEMENTS or
320   // HOLEY_SMI_ELEMENTS ElementsKind.
321   DECL_GETTER(HasSmiElements, bool)
322   // Returns true if an object has elements of PACKED_ELEMENTS or
323   // HOLEY_ELEMENTS ElementsKind.
324   DECL_GETTER(HasObjectElements, bool)
325   // Returns true if an object has elements of PACKED_SMI_ELEMENTS,
326   // HOLEY_SMI_ELEMENTS, PACKED_ELEMENTS, or HOLEY_ELEMENTS.
327   DECL_GETTER(HasSmiOrObjectElements, bool)
328   // Returns true if an object has any of the "fast" elements kinds.
329   DECL_GETTER(HasFastElements, bool)
330   // Returns true if an object has any of the PACKED elements kinds.
331   DECL_GETTER(HasFastPackedElements, bool)
332   // Returns true if an object has elements of PACKED_DOUBLE_ELEMENTS or
333   // HOLEY_DOUBLE_ELEMENTS ElementsKind.
334   DECL_GETTER(HasDoubleElements, bool)
335   // Returns true if an object has elements of HOLEY_SMI_ELEMENTS,
336   // HOLEY_DOUBLE_ELEMENTS, or HOLEY_ELEMENTS ElementsKind.
337   DECL_GETTER(HasHoleyElements, bool)
338   DECL_GETTER(HasSloppyArgumentsElements, bool)
339   DECL_GETTER(HasStringWrapperElements, bool)
340   DECL_GETTER(HasDictionaryElements, bool)
341 
342   // Returns true if an object has elements of PACKED_ELEMENTS
343   DECL_GETTER(HasPackedElements, bool)
344   DECL_GETTER(HasAnyNonextensibleElements, bool)
345   DECL_GETTER(HasSealedElements, bool)
346   DECL_GETTER(HasNonextensibleElements, bool)
347 
348   DECL_GETTER(HasTypedArrayElements, bool)
349 
350   DECL_GETTER(HasFixedUint8ClampedElements, bool)
351   DECL_GETTER(HasFixedArrayElements, bool)
352   DECL_GETTER(HasFixedInt8Elements, bool)
353   DECL_GETTER(HasFixedUint8Elements, bool)
354   DECL_GETTER(HasFixedInt16Elements, bool)
355   DECL_GETTER(HasFixedUint16Elements, bool)
356   DECL_GETTER(HasFixedInt32Elements, bool)
357   DECL_GETTER(HasFixedUint32Elements, bool)
358   DECL_GETTER(HasFixedFloat32Elements, bool)
359   DECL_GETTER(HasFixedFloat64Elements, bool)
360   DECL_GETTER(HasFixedBigInt64Elements, bool)
361   DECL_GETTER(HasFixedBigUint64Elements, bool)
362 
363   DECL_GETTER(HasFastArgumentsElements, bool)
364   DECL_GETTER(HasSlowArgumentsElements, bool)
365   DECL_GETTER(HasFastStringWrapperElements, bool)
366   DECL_GETTER(HasSlowStringWrapperElements, bool)
367   bool HasEnumerableElements();
368 
369   // Gets slow elements.
370   DECL_GETTER(element_dictionary, NumberDictionary)
371 
372   // Requires: HasFastElements().
373   static void EnsureWritableFastElements(Handle<JSObject> object);
374 
375   V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithInterceptor(
376       LookupIterator* it, Maybe<ShouldThrow> should_throw,
377       Handle<Object> value);
378 
379   // The API currently still wants DefineOwnPropertyIgnoreAttributes to convert
380   // AccessorInfo objects to data fields. We allow FORCE_FIELD as an exception
381   // to the default behavior that calls the setter.
382   enum AccessorInfoHandling { FORCE_FIELD, DONT_FORCE_FIELD };
383 
384   V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
385   DefineOwnPropertyIgnoreAttributes(
386       LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
387       AccessorInfoHandling handling = DONT_FORCE_FIELD);
388 
389   V8_WARN_UNUSED_RESULT static Maybe<bool> DefineOwnPropertyIgnoreAttributes(
390       LookupIterator* it, Handle<Object> value, PropertyAttributes attributes,
391       Maybe<ShouldThrow> should_throw,
392       AccessorInfoHandling handling = DONT_FORCE_FIELD);
393 
394   V8_WARN_UNUSED_RESULT static MaybeHandle<Object> V8_EXPORT_PRIVATE
395   SetOwnPropertyIgnoreAttributes(Handle<JSObject> object, Handle<Name> name,
396                                  Handle<Object> value,
397                                  PropertyAttributes attributes);
398 
399   V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
400   SetOwnElementIgnoreAttributes(Handle<JSObject> object, size_t index,
401                                 Handle<Object> value,
402                                 PropertyAttributes attributes);
403 
404   // Equivalent to one of the above depending on whether |name| can be converted
405   // to an array index.
406   V8_EXPORT_PRIVATE V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
407   DefinePropertyOrElementIgnoreAttributes(Handle<JSObject> object,
408                                           Handle<Name> name,
409                                           Handle<Object> value,
410                                           PropertyAttributes attributes = NONE);
411 
412   // Adds or reconfigures a property to attributes NONE. It will fail when it
413   // cannot.
414   V8_WARN_UNUSED_RESULT static Maybe<bool> CreateDataProperty(
415       LookupIterator* it, Handle<Object> value,
416       Maybe<ShouldThrow> should_throw = Just(kDontThrow));
417 
418   V8_EXPORT_PRIVATE static void AddProperty(Isolate* isolate,
419                                             Handle<JSObject> object,
420                                             Handle<Name> name,
421                                             Handle<Object> value,
422                                             PropertyAttributes attributes);
423 
424   // {name} must be a UTF-8 encoded, null-terminated string.
425   static void AddProperty(Isolate* isolate, Handle<JSObject> object,
426                           const char* name, Handle<Object> value,
427                           PropertyAttributes attributes);
428 
429   V8_EXPORT_PRIVATE static void AddDataElement(Handle<JSObject> receiver,
430                                                uint32_t index,
431                                                Handle<Object> value,
432                                                PropertyAttributes attributes);
433 
434   // Extend the receiver with a single fast property appeared first in the
435   // passed map. This also extends the property backing store if necessary.
436   static void AllocateStorageForMap(Handle<JSObject> object, Handle<Map> map);
437 
438   // Migrates the given object to a map whose field representations are the
439   // lowest upper bound of all known representations for that field.
440   static void MigrateInstance(Isolate* isolate, Handle<JSObject> instance);
441 
442   // Migrates the given object only if the target map is already available,
443   // or returns false if such a map is not yet available.
444   static bool TryMigrateInstance(Isolate* isolate, Handle<JSObject> instance);
445 
446   // Sets the property value in a normalized object given (key, value, details).
447   // Handles the special representation of JS global objects.
448   static void SetNormalizedProperty(Handle<JSObject> object, Handle<Name> name,
449                                     Handle<Object> value,
450                                     PropertyDetails details);
451   static void SetDictionaryElement(Handle<JSObject> object, uint32_t index,
452                                    Handle<Object> value,
453                                    PropertyAttributes attributes);
454   static void SetDictionaryArgumentsElement(Handle<JSObject> object,
455                                             uint32_t index,
456                                             Handle<Object> value,
457                                             PropertyAttributes attributes);
458 
459   static void OptimizeAsPrototype(Handle<JSObject> object,
460                                   bool enable_setup_mode = true);
461   static void ReoptimizeIfPrototype(Handle<JSObject> object);
462   static void MakePrototypesFast(Handle<Object> receiver,
463                                  WhereToStart where_to_start, Isolate* isolate);
464   static void LazyRegisterPrototypeUser(Handle<Map> user, Isolate* isolate);
465   static void UpdatePrototypeUserRegistration(Handle<Map> old_map,
466                                               Handle<Map> new_map,
467                                               Isolate* isolate);
468   static bool UnregisterPrototypeUser(Handle<Map> user, Isolate* isolate);
469   static Map InvalidatePrototypeChains(Map map);
470   static void InvalidatePrototypeValidityCell(JSGlobalObject global);
471 
472   // Updates prototype chain tracking information when an object changes its
473   // map from |old_map| to |new_map|.
474   static void NotifyMapChange(Handle<Map> old_map, Handle<Map> new_map,
475                               Isolate* isolate);
476 
477   // Utility used by many Array builtins and runtime functions
478   static inline bool PrototypeHasNoElements(Isolate* isolate, JSObject object);
479 
480   // To be passed to PrototypeUsers::Compact.
481   static void PrototypeRegistryCompactionCallback(HeapObject value,
482                                                   int old_index, int new_index);
483 
484   // Retrieve interceptors.
485   DECL_GETTER(GetNamedInterceptor, InterceptorInfo)
486   DECL_GETTER(GetIndexedInterceptor, InterceptorInfo)
487 
488   // Used from JSReceiver.
489   V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
490   GetPropertyAttributesWithInterceptor(LookupIterator* it);
491   V8_WARN_UNUSED_RESULT static Maybe<PropertyAttributes>
492   GetPropertyAttributesWithFailedAccessCheck(LookupIterator* it);
493 
494   // Defines an AccessorPair property on the given object.
495   V8_EXPORT_PRIVATE static MaybeHandle<Object> DefineAccessor(
496       Handle<JSObject> object, Handle<Name> name, Handle<Object> getter,
497       Handle<Object> setter, PropertyAttributes attributes);
498   static MaybeHandle<Object> DefineAccessor(LookupIterator* it,
499                                             Handle<Object> getter,
500                                             Handle<Object> setter,
501                                             PropertyAttributes attributes);
502 
503   // Defines an AccessorInfo property on the given object.
504   V8_WARN_UNUSED_RESULT static MaybeHandle<Object> SetAccessor(
505       Handle<JSObject> object, Handle<Name> name, Handle<AccessorInfo> info,
506       PropertyAttributes attributes);
507 
508   // The result must be checked first for exceptions. If there's no exception,
509   // the output parameter |done| indicates whether the interceptor has a result
510   // or not.
511   V8_WARN_UNUSED_RESULT static MaybeHandle<Object> GetPropertyWithInterceptor(
512       LookupIterator* it, bool* done);
513 
514   static void ValidateElements(JSObject object);
515 
516   // Makes sure that this object can contain HeapObject as elements.
517   static inline void EnsureCanContainHeapObjectElements(Handle<JSObject> obj);
518 
519   // Makes sure that this object can contain the specified elements.
520   // TSlot here is either ObjectSlot or FullObjectSlot.
521   template <typename TSlot>
522   static inline void EnsureCanContainElements(Handle<JSObject> object,
523                                               TSlot elements, uint32_t count,
524                                               EnsureElementsMode mode);
525   static inline void EnsureCanContainElements(Handle<JSObject> object,
526                                               Handle<FixedArrayBase> elements,
527                                               uint32_t length,
528                                               EnsureElementsMode mode);
529   static void EnsureCanContainElements(Handle<JSObject> object,
530                                        JavaScriptArguments* arguments,
531                                        uint32_t arg_count,
532                                        EnsureElementsMode mode);
533 
534   // Would we convert a fast elements array to dictionary mode given
535   // an access at key?
536   bool WouldConvertToSlowElements(uint32_t index);
537 
538   static const uint32_t kMinAddedElementsCapacity = 16;
539 
540   // Computes the new capacity when expanding the elements of a JSObject.
NewElementsCapacity(uint32_t old_capacity)541   static uint32_t NewElementsCapacity(uint32_t old_capacity) {
542     // (old_capacity + 50%) + kMinAddedElementsCapacity
543     return old_capacity + (old_capacity >> 1) + kMinAddedElementsCapacity;
544   }
545 
546   // These methods do not perform access checks!
547   template <AllocationSiteUpdateMode update_or_check =
548                 AllocationSiteUpdateMode::kUpdate>
549   static bool UpdateAllocationSite(Handle<JSObject> object,
550                                    ElementsKind to_kind);
551 
552   // Lookup interceptors are used for handling properties controlled by host
553   // objects.
554   DECL_GETTER(HasNamedInterceptor, bool)
555   DECL_GETTER(HasIndexedInterceptor, bool)
556 
557   // Support functions for v8 api (needed for correct interceptor behavior).
558   V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedProperty(
559       Handle<JSObject> object, Handle<Name> name);
560   V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealElementProperty(
561       Handle<JSObject> object, uint32_t index);
562   V8_WARN_UNUSED_RESULT static Maybe<bool> HasRealNamedCallbackProperty(
563       Handle<JSObject> object, Handle<Name> name);
564 
565   // Get the header size for a JSObject.  Used to compute the index of
566   // embedder fields as well as the number of embedder fields.
567   // The |function_has_prototype_slot| parameter is needed only for
568   // JSFunction objects.
569   static int GetHeaderSize(InstanceType instance_type,
570                            bool function_has_prototype_slot = false);
571   static inline int GetHeaderSize(Map map);
572 
573   static inline int GetEmbedderFieldsStartOffset(Map map);
574   inline int GetEmbedderFieldsStartOffset();
575 
576   static inline int GetEmbedderFieldCount(Map map);
577   inline int GetEmbedderFieldCount() const;
578   inline int GetEmbedderFieldOffset(int index);
579   inline void InitializeEmbedderField(Isolate* isolate, int index);
580   inline Object GetEmbedderField(int index);
581   inline void SetEmbedderField(int index, Object value);
582   inline void SetEmbedderField(int index, Smi value);
583 
584   // Returns true when the object is potentially a wrapper that gets special
585   // garbage collection treatment.
586   // TODO(mlippautz): Make check exact and replace the pattern match in
587   // Heap::TracePossibleWrapper.
588   bool IsApiWrapper();
589 
590   // Same as IsApiWrapper() but also allow dropping the wrapper on minor GCs.
591   bool IsDroppableApiWrapper();
592 
593   // Returns a new map with all transitions dropped from the object's current
594   // map and the ElementsKind set.
595   static Handle<Map> GetElementsTransitionMap(Handle<JSObject> object,
596                                               ElementsKind to_kind);
597   V8_EXPORT_PRIVATE static void TransitionElementsKind(Handle<JSObject> object,
598                                                        ElementsKind to_kind);
599 
600   // Always use this to migrate an object to a new map.
601   // |expected_additional_properties| is only used for fast-to-slow transitions
602   // and ignored otherwise.
603   V8_EXPORT_PRIVATE static void MigrateToMap(
604       Isolate* isolate, Handle<JSObject> object, Handle<Map> new_map,
605       int expected_additional_properties = 0);
606 
607   // Forces a prototype without any of the checks that the regular SetPrototype
608   // would do.
609   static void ForceSetPrototype(Handle<JSObject> object,
610                                 Handle<HeapObject> proto);
611 
612   // Convert the object to use the canonical dictionary
613   // representation. If the object is expected to have additional properties
614   // added this number can be indicated to have the backing store allocated to
615   // an initial capacity for holding these properties.
616   V8_EXPORT_PRIVATE static void NormalizeProperties(
617       Isolate* isolate, Handle<JSObject> object, PropertyNormalizationMode mode,
618       int expected_additional_properties, const char* reason);
619 
620   // Convert and update the elements backing store to be a
621   // NumberDictionary dictionary.  Returns the backing after conversion.
622   V8_EXPORT_PRIVATE static Handle<NumberDictionary> NormalizeElements(
623       Handle<JSObject> object);
624 
625   void RequireSlowElements(NumberDictionary dictionary);
626 
627   // Transform slow named properties to fast variants.
628   V8_EXPORT_PRIVATE static void MigrateSlowToFast(Handle<JSObject> object,
629                                                   int unused_property_fields,
630                                                   const char* reason);
631 
632   inline bool IsUnboxedDoubleField(FieldIndex index) const;
633   inline bool IsUnboxedDoubleField(IsolateRoot isolate, FieldIndex index) const;
634 
635   // Access fast-case object properties at index.
636   static Handle<Object> FastPropertyAt(Handle<JSObject> object,
637                                        Representation representation,
638                                        FieldIndex index);
639   inline Object RawFastPropertyAt(FieldIndex index) const;
640   inline Object RawFastPropertyAt(IsolateRoot isolate, FieldIndex index) const;
641   inline double RawFastDoublePropertyAt(FieldIndex index) const;
642   inline uint64_t RawFastDoublePropertyAsBitsAt(FieldIndex index) const;
643 
644   inline void FastPropertyAtPut(FieldIndex index, Object value);
645   inline void RawFastPropertyAtPut(
646       FieldIndex index, Object value,
647       WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
648   inline void RawFastInobjectPropertyAtPut(
649       FieldIndex index, Object value,
650       WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
651   inline void RawFastDoublePropertyAsBitsAtPut(FieldIndex index, uint64_t bits);
652   inline void WriteToField(InternalIndex descriptor, PropertyDetails details,
653                            Object value);
654 
655   // Access to in object properties.
656   inline int GetInObjectPropertyOffset(int index);
657   inline Object InObjectPropertyAt(int index);
658   inline Object InObjectPropertyAtPut(
659       int index, Object value, WriteBarrierMode mode = UPDATE_WRITE_BARRIER);
660 
661   // Set the object's prototype (only JSReceiver and null are allowed values).
662   V8_WARN_UNUSED_RESULT static Maybe<bool> SetPrototype(
663       Handle<JSObject> object, Handle<Object> value, bool from_javascript,
664       ShouldThrow should_throw);
665 
666   // Makes the object prototype immutable
667   // Never called from JavaScript
668   static void SetImmutableProto(Handle<JSObject> object);
669 
670   // Initializes the body starting at |start_offset|. It is responsibility of
671   // the caller to initialize object header. Fill the pre-allocated fields with
672   // pre_allocated_value and the rest with filler_value.
673   // Note: this call does not update write barrier, the caller is responsible
674   // to ensure that |filler_value| can be collected without WB here.
675   inline void InitializeBody(Map map, int start_offset,
676                              Object pre_allocated_value, Object filler_value);
677 
678   // Check whether this object references another object
679   bool ReferencesObject(Object obj);
680 
681   V8_WARN_UNUSED_RESULT static Maybe<bool> TestIntegrityLevel(
682       Handle<JSObject> object, IntegrityLevel lvl);
683 
684   V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensions(
685       Handle<JSObject> object, ShouldThrow should_throw);
686 
687   static bool IsExtensible(Handle<JSObject> object);
688 
689   // Dispatched behavior.
690   void JSObjectShortPrint(StringStream* accumulator);
691   DECL_PRINTER(JSObject)
692   DECL_VERIFIER(JSObject)
693 #ifdef OBJECT_PRINT
694   bool PrintProperties(std::ostream& os);  // NOLINT
695   void PrintElements(std::ostream& os);    // NOLINT
696 #endif
697 #if defined(DEBUG) || defined(OBJECT_PRINT)
698   void PrintTransitions(std::ostream& os);  // NOLINT
699 #endif
700 
701   static void PrintElementsTransition(FILE* file, Handle<JSObject> object,
702                                       ElementsKind from_kind,
703                                       Handle<FixedArrayBase> from_elements,
704                                       ElementsKind to_kind,
705                                       Handle<FixedArrayBase> to_elements);
706 
707   void PrintInstanceMigration(FILE* file, Map original_map, Map new_map);
708 
709 #ifdef DEBUG
710   // Structure for collecting spill information about JSObjects.
711   class SpillInformation {
712    public:
713     void Clear();
714     void Print();
715     int number_of_objects_;
716     int number_of_objects_with_fast_properties_;
717     int number_of_objects_with_fast_elements_;
718     int number_of_fast_used_fields_;
719     int number_of_fast_unused_fields_;
720     int number_of_slow_used_properties_;
721     int number_of_slow_unused_properties_;
722     int number_of_fast_used_elements_;
723     int number_of_fast_unused_elements_;
724     int number_of_slow_used_elements_;
725     int number_of_slow_unused_elements_;
726   };
727 
728   void IncrementSpillStatistics(Isolate* isolate, SpillInformation* info);
729 #endif
730 
731 #ifdef VERIFY_HEAP
732   // If a GC was caused while constructing this object, the elements pointer
733   // may point to a one pointer filler map. The object won't be rooted, but
734   // our heap verification code could stumble across it.
735   V8_EXPORT_PRIVATE bool ElementsAreSafeToExamine(IsolateRoot isolate) const;
736 #endif
737 
738   Object SlowReverseLookup(Object value);
739 
740   // Maximal number of elements (numbered 0 .. kMaxElementCount - 1).
741   // Also maximal value of JSArray's length property.
742   static const uint32_t kMaxElementCount = 0xffffffffu;
743 
744   // Constants for heuristics controlling conversion of fast elements
745   // to slow elements.
746 
747   // Maximal gap that can be introduced by adding an element beyond
748   // the current elements length.
749   static const uint32_t kMaxGap = 1024;
750 
751   // Maximal length of fast elements array that won't be checked for
752   // being dense enough on expansion.
753   static const int kMaxUncheckedFastElementsLength = 5000;
754 
755   // Same as above but for old arrays. This limit is more strict. We
756   // don't want to be wasteful with long lived objects.
757   static const int kMaxUncheckedOldFastElementsLength = 500;
758 
759   // This constant applies only to the initial map of "global.Object" and
760   // not to arbitrary other JSObject maps.
761   static const int kInitialGlobalObjectUnusedPropertiesCount = 4;
762 
763   static const int kMaxInstanceSize = 255 * kTaggedSize;
764 
765   // When extending the backing storage for property values, we increase
766   // its size by more than the 1 entry necessary, so sequentially adding fields
767   // to the same object requires fewer allocations and copies.
768   static const int kFieldsAdded = 3;
769   STATIC_ASSERT(kMaxNumberOfDescriptors + kFieldsAdded <=
770                 PropertyArray::kMaxLength);
771 
772   STATIC_ASSERT(kHeaderSize == Internals::kJSObjectHeaderSize);
773   static const int kMaxInObjectProperties =
774       (kMaxInstanceSize - kHeaderSize) >> kTaggedSizeLog2;
775   STATIC_ASSERT(kMaxInObjectProperties <= kMaxNumberOfDescriptors);
776 
777   static const int kMaxFirstInobjectPropertyOffset =
778       (1 << kFirstInobjectPropertyOffsetBitCount) - 1;
779   static const int kMaxEmbedderFields =
780       (kMaxFirstInobjectPropertyOffset - kHeaderSize) / kEmbedderDataSlotSize;
781   STATIC_ASSERT(kHeaderSize +
782                     kMaxEmbedderFields * kEmbedderDataSlotSizeInTaggedSlots <=
783                 kMaxInstanceSize);
784 
785   class BodyDescriptor;
786 
787   class FastBodyDescriptor;
788 
789   // Gets the number of currently used elements.
790   int GetFastElementsUsage();
791 
792   static bool AllCanRead(LookupIterator* it);
793   static bool AllCanWrite(LookupIterator* it);
794 
795   template <typename Dictionary>
796   static void ApplyAttributesToDictionary(Isolate* isolate, ReadOnlyRoots roots,
797                                           Handle<Dictionary> dictionary,
798                                           const PropertyAttributes attributes);
799 
800  private:
801   friend class JSReceiver;
802   friend class Object;
803 
804   // Used from Object::GetProperty().
805   V8_WARN_UNUSED_RESULT static MaybeHandle<Object>
806   GetPropertyWithFailedAccessCheck(LookupIterator* it);
807 
808   V8_WARN_UNUSED_RESULT static Maybe<bool> SetPropertyWithFailedAccessCheck(
809       LookupIterator* it, Handle<Object> value,
810       Maybe<ShouldThrow> should_throw);
811 
812   V8_WARN_UNUSED_RESULT static Maybe<bool> DeletePropertyWithInterceptor(
813       LookupIterator* it, ShouldThrow should_throw);
814 
815   bool ReferencesObjectFromElements(FixedArray elements, ElementsKind kind,
816                                     Object object);
817 
818   // Helper for fast versions of preventExtensions, seal, and freeze.
819   // attrs is one of NONE, SEALED, or FROZEN (depending on the operation).
820   template <PropertyAttributes attrs>
821   V8_WARN_UNUSED_RESULT static Maybe<bool> PreventExtensionsWithTransition(
822       Handle<JSObject> object, ShouldThrow should_throw);
823 
824   TQ_OBJECT_CONSTRUCTORS(JSObject)
825 };
826 
827 // An abstract superclass for JSObjects that may have elements while having an
828 // empty fixed array as elements backing store. It doesn't carry any
829 // functionality but allows function classes to be identified in the type
830 // system.
831 class JSCustomElementsObject
832     : public TorqueGeneratedJSCustomElementsObject<JSCustomElementsObject,
833                                                    JSObject> {
834  public:
835   STATIC_ASSERT(kHeaderSize == JSObject::kHeaderSize);
836   TQ_OBJECT_CONSTRUCTORS(JSCustomElementsObject)
837 };
838 
839 // An abstract superclass for JSObjects that require non-standard element
840 // access. It doesn't carry any functionality but allows function classes to be
841 // identified in the type system.
842 class JSSpecialObject
843     : public TorqueGeneratedJSSpecialObject<JSSpecialObject,
844                                             JSCustomElementsObject> {
845  public:
846   STATIC_ASSERT(kHeaderSize == JSObject::kHeaderSize);
847   TQ_OBJECT_CONSTRUCTORS(JSSpecialObject)
848 };
849 
850 // JSAccessorPropertyDescriptor is just a JSObject with a specific initial
851 // map. This initial map adds in-object properties for "get", "set",
852 // "enumerable" and "configurable" properties, as assigned by the
853 // FromPropertyDescriptor function for regular accessor properties.
854 class JSAccessorPropertyDescriptor : public JSObject {
855  public:
856   // Layout description.
857 #define JS_ACCESSOR_PROPERTY_DESCRIPTOR_FIELDS(V) \
858   V(kGetOffset, kTaggedSize)                      \
859   V(kSetOffset, kTaggedSize)                      \
860   V(kEnumerableOffset, kTaggedSize)               \
861   V(kConfigurableOffset, kTaggedSize)             \
862   /* Total size. */                               \
863   V(kSize, 0)
864 
865   DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize,
866                                 JS_ACCESSOR_PROPERTY_DESCRIPTOR_FIELDS)
867 #undef JS_ACCESSOR_PROPERTY_DESCRIPTOR_FIELDS
868 
869   // Indices of in-object properties.
870   static const int kGetIndex = 0;
871   static const int kSetIndex = 1;
872   static const int kEnumerableIndex = 2;
873   static const int kConfigurableIndex = 3;
874 
875  private:
876   DISALLOW_IMPLICIT_CONSTRUCTORS(JSAccessorPropertyDescriptor);
877 };
878 
879 // JSDataPropertyDescriptor is just a JSObject with a specific initial map.
880 // This initial map adds in-object properties for "value", "writable",
881 // "enumerable" and "configurable" properties, as assigned by the
882 // FromPropertyDescriptor function for regular data properties.
883 class JSDataPropertyDescriptor : public JSObject {
884  public:
885   // Layout description.
886 #define JS_DATA_PROPERTY_DESCRIPTOR_FIELDS(V) \
887   V(kValueOffset, kTaggedSize)                \
888   V(kWritableOffset, kTaggedSize)             \
889   V(kEnumerableOffset, kTaggedSize)           \
890   V(kConfigurableOffset, kTaggedSize)         \
891   /* Total size. */                           \
892   V(kSize, 0)
893 
894   DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize,
895                                 JS_DATA_PROPERTY_DESCRIPTOR_FIELDS)
896 #undef JS_DATA_PROPERTY_DESCRIPTOR_FIELDS
897 
898   // Indices of in-object properties.
899   static const int kValueIndex = 0;
900   static const int kWritableIndex = 1;
901   static const int kEnumerableIndex = 2;
902   static const int kConfigurableIndex = 3;
903 
904  private:
905   DISALLOW_IMPLICIT_CONSTRUCTORS(JSDataPropertyDescriptor);
906 };
907 
908 // JSIteratorResult is just a JSObject with a specific initial map.
909 // This initial map adds in-object properties for "done" and "value",
910 // as specified by ES6 section 25.1.1.3 The IteratorResult Interface.
911 class JSIteratorResult : public JSObject {
912  public:
913   DECL_ACCESSORS(value, Object)
914 
915   DECL_ACCESSORS(done, Object)
916 
917   // Layout description.
918 #define JS_ITERATOR_RESULT_FIELDS(V) \
919   V(kValueOffset, kTaggedSize)       \
920   V(kDoneOffset, kTaggedSize)        \
921   /* Total size. */                  \
922   V(kSize, 0)
923 
924   DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize,
925                                 JS_ITERATOR_RESULT_FIELDS)
926 #undef JS_ITERATOR_RESULT_FIELDS
927 
928   // Indices of in-object properties.
929   static const int kValueIndex = 0;
930   static const int kDoneIndex = 1;
931 
932   DECL_CAST(JSIteratorResult)
933 
934   OBJECT_CONSTRUCTORS(JSIteratorResult, JSObject);
935 };
936 
937 // JSGlobalProxy's prototype must be a JSGlobalObject or null,
938 // and the prototype is hidden. JSGlobalProxy always delegates
939 // property accesses to its prototype if the prototype is not null.
940 //
941 // A JSGlobalProxy can be reinitialized which will preserve its identity.
942 //
943 // Accessing a JSGlobalProxy requires security check.
944 
945 class JSGlobalProxy
946     : public TorqueGeneratedJSGlobalProxy<JSGlobalProxy, JSSpecialObject> {
947  public:
948   inline bool IsDetachedFrom(JSGlobalObject global) const;
949   V8_EXPORT_PRIVATE bool IsDetached() const;
950 
951   static int SizeWithEmbedderFields(int embedder_field_count);
952 
953   // Dispatched behavior.
954   DECL_PRINTER(JSGlobalProxy)
955   DECL_VERIFIER(JSGlobalProxy)
956 
957   TQ_OBJECT_CONSTRUCTORS(JSGlobalProxy)
958 };
959 
960 // JavaScript global object.
961 class JSGlobalObject : public JSSpecialObject {
962  public:
963   // [native context]: the natives corresponding to this global object.
964   DECL_ACCESSORS(native_context, NativeContext)
965 
966   // [global proxy]: the global proxy object of the context
967   DECL_ACCESSORS(global_proxy, JSGlobalProxy)
968 
969   // Gets global object properties.
970   DECL_GETTER(global_dictionary, GlobalDictionary)
971   inline void set_global_dictionary(GlobalDictionary dictionary);
972 
973   static void InvalidatePropertyCell(Handle<JSGlobalObject> object,
974                                      Handle<Name> name);
975 
976   DECL_CAST(JSGlobalObject)
977 
978   inline bool IsDetached();
979 
980   // May be called by the concurrent GC when the global object is not
981   // fully initialized.
982   DECL_GETTER(native_context_unchecked, Object)
983 
984   // Dispatched behavior.
985   DECL_PRINTER(JSGlobalObject)
986   DECL_VERIFIER(JSGlobalObject)
987 
988   // Layout description.
989   DEFINE_FIELD_OFFSET_CONSTANTS(JSSpecialObject::kHeaderSize,
990                                 TORQUE_GENERATED_JS_GLOBAL_OBJECT_FIELDS)
991 
992   OBJECT_CONSTRUCTORS(JSGlobalObject, JSSpecialObject);
993 };
994 
995 // Representation for JS Wrapper objects, String, Number, Boolean, etc.
996 class JSPrimitiveWrapper
997     : public TorqueGeneratedJSPrimitiveWrapper<JSPrimitiveWrapper,
998                                                JSCustomElementsObject> {
999  public:
1000   // Dispatched behavior.
1001   DECL_PRINTER(JSPrimitiveWrapper)
1002 
1003   TQ_OBJECT_CONSTRUCTORS(JSPrimitiveWrapper)
1004 };
1005 
1006 class DateCache;
1007 
1008 // Representation for JS date objects.
1009 class JSDate : public TorqueGeneratedJSDate<JSDate, JSObject> {
1010  public:
1011   static V8_WARN_UNUSED_RESULT MaybeHandle<JSDate> New(
1012       Handle<JSFunction> constructor, Handle<JSReceiver> new_target, double tv);
1013 
1014   // Returns the time value (UTC) identifying the current time.
1015   static double CurrentTimeValue(Isolate* isolate);
1016 
1017   // Returns the date field with the specified index.
1018   // See FieldIndex for the list of date fields.
1019   // Arguments and result are raw Address values because this is called
1020   // via ExternalReference.
1021   // {raw_date} is a tagged Object pointer.
1022   // {smi_index} is a tagged Smi.
1023   // The return value is a tagged Object pointer.
1024   static Address GetField(Isolate* isolate, Address raw_date,
1025                           Address smi_index);
1026 
1027   static Handle<Object> SetValue(Handle<JSDate> date, double v);
1028 
1029   void SetValue(Object value, bool is_value_nan);
1030 
1031   // Dispatched behavior.
1032   DECL_PRINTER(JSDate)
1033   DECL_VERIFIER(JSDate)
1034 
1035   // The order is important. It must be kept in sync with date macros
1036   // in macros.py.
1037   enum FieldIndex {
1038     kDateValue,
1039     kYear,
1040     kMonth,
1041     kDay,
1042     kWeekday,
1043     kHour,
1044     kMinute,
1045     kSecond,
1046     kFirstUncachedField,
1047     kMillisecond = kFirstUncachedField,
1048     kDays,
1049     kTimeInDay,
1050     kFirstUTCField,
1051     kYearUTC = kFirstUTCField,
1052     kMonthUTC,
1053     kDayUTC,
1054     kWeekdayUTC,
1055     kHourUTC,
1056     kMinuteUTC,
1057     kSecondUTC,
1058     kMillisecondUTC,
1059     kDaysUTC,
1060     kTimeInDayUTC,
1061     kTimezoneOffset
1062   };
1063 
1064  private:
1065   Object DoGetField(Isolate* isolate, FieldIndex index);
1066   Object GetUTCField(FieldIndex index, double value, DateCache* date_cache);
1067 
1068   // Computes and caches the cacheable fields of the date.
1069   inline void SetCachedFields(int64_t local_time_ms, DateCache* date_cache);
1070 
1071   TQ_OBJECT_CONSTRUCTORS(JSDate)
1072 };
1073 
1074 // Representation of message objects used for error reporting through
1075 // the API. The messages are formatted in JavaScript so this object is
1076 // a real JavaScript object. The information used for formatting the
1077 // error messages are not directly accessible from JavaScript to
1078 // prevent leaking information to user code called during error
1079 // formatting.
1080 class JSMessageObject : public JSObject {
1081  public:
1082   // [type]: the type of error message.
1083   inline MessageTemplate type() const;
1084   inline void set_type(MessageTemplate value);
1085 
1086   // [arguments]: the arguments for formatting the error message.
1087   DECL_ACCESSORS(argument, Object)
1088 
1089   // [script]: the script from which the error message originated.
1090   DECL_ACCESSORS(script, Script)
1091 
1092   // [stack_frames]: an array of stack frames for this error object.
1093   DECL_ACCESSORS(stack_frames, Object)
1094 
1095   // Initializes the source positions in the object if possible. Does nothing if
1096   // called more than once. If called when stack space is exhausted, then the
1097   // source positions will be not be set and calling it again when there is more
1098   // stack space will not have any effect.
1099   static void EnsureSourcePositionsAvailable(Isolate* isolate,
1100                                              Handle<JSMessageObject> message);
1101 
1102   // Gets the start and end positions for the message.
1103   // EnsureSourcePositionsAvailable must have been called before calling these.
1104   inline int GetStartPosition() const;
1105   inline int GetEndPosition() const;
1106 
1107   // Returns the line number for the error message (1-based), or
1108   // Message::kNoLineNumberInfo if the line cannot be determined.
1109   // EnsureSourcePositionsAvailable must have been called before calling this.
1110   V8_EXPORT_PRIVATE int GetLineNumber() const;
1111 
1112   // Returns the offset of the given position within the containing line.
1113   // EnsureSourcePositionsAvailable must have been called before calling this.
1114   V8_EXPORT_PRIVATE int GetColumnNumber() const;
1115 
1116   // Returns the source code line containing the given source
1117   // position, or the empty string if the position is invalid.
1118   // EnsureSourcePositionsAvailable must have been called before calling this.
1119   Handle<String> GetSourceLine() const;
1120 
1121   DECL_INT_ACCESSORS(error_level)
1122 
1123   DECL_CAST(JSMessageObject)
1124 
1125   // Dispatched behavior.
1126   DECL_PRINTER(JSMessageObject)
1127   DECL_VERIFIER(JSMessageObject)
1128 
1129   DEFINE_FIELD_OFFSET_CONSTANTS(JSObject::kHeaderSize,
1130                                 TORQUE_GENERATED_JS_MESSAGE_OBJECT_FIELDS)
1131   // TODO(v8:8989): [torque] Support marker constants.
1132   static const int kPointerFieldsEndOffset = kStartPositionOffset;
1133 
1134   using BodyDescriptor =
1135       FixedBodyDescriptor<HeapObject::kMapOffset, kPointerFieldsEndOffset,
1136                           kHeaderSize>;
1137 
1138  private:
1139   friend class Factory;
1140 
1141   inline bool DidEnsureSourcePositionsAvailable() const;
1142 
1143   // [shared]: optional SharedFunctionInfo that can be used to reconstruct the
1144   // source position if not available when the message was generated.
1145   DECL_ACCESSORS(shared_info, HeapObject)
1146 
1147   // [bytecode_offset]: optional offset using along with |shared| to generation
1148   // source positions.
1149   DECL_ACCESSORS(bytecode_offset, Smi)
1150 
1151   // [start_position]: the start position in the script for the error message.
1152   DECL_INT_ACCESSORS(start_position)
1153 
1154   // [end_position]: the end position in the script for the error message.
1155   DECL_INT_ACCESSORS(end_position)
1156 
1157   DECL_INT_ACCESSORS(raw_type)
1158 
1159   OBJECT_CONSTRUCTORS(JSMessageObject, JSObject);
1160 };
1161 
1162 // The [Async-from-Sync Iterator] object
1163 // (proposal-async-iteration/#sec-async-from-sync-iterator-objects)
1164 // An object which wraps an ordinary Iterator and converts it to behave
1165 // according to the Async Iterator protocol.
1166 // (See https://tc39.github.io/proposal-async-iteration/#sec-iteration)
1167 class JSAsyncFromSyncIterator
1168     : public TorqueGeneratedJSAsyncFromSyncIterator<JSAsyncFromSyncIterator,
1169                                                     JSObject> {
1170  public:
1171   DECL_PRINTER(JSAsyncFromSyncIterator)
1172 
1173   // Async-from-Sync Iterator instances are ordinary objects that inherit
1174   // properties from the %AsyncFromSyncIteratorPrototype% intrinsic object.
1175   // Async-from-Sync Iterator instances are initially created with the internal
1176   // slots listed in Table 4.
1177   // (proposal-async-iteration/#table-async-from-sync-iterator-internal-slots)
1178 
1179   TQ_OBJECT_CONSTRUCTORS(JSAsyncFromSyncIterator)
1180 };
1181 
1182 class JSStringIterator
1183     : public TorqueGeneratedJSStringIterator<JSStringIterator, JSObject> {
1184  public:
1185   // Dispatched behavior.
1186   DECL_PRINTER(JSStringIterator)
1187   DECL_VERIFIER(JSStringIterator)
1188 
1189   TQ_OBJECT_CONSTRUCTORS(JSStringIterator)
1190 };
1191 
1192 }  // namespace internal
1193 }  // namespace v8
1194 
1195 #include "src/objects/object-macros-undef.h"
1196 
1197 #endif  // V8_OBJECTS_JS_OBJECTS_H_
1198