]> git.saurik.com Git - apple/javascriptcore.git/blob - runtime/JSObject.h
projects / apple / javascriptcore.git / blob
? search:


c62dc2aeca4d6fc3baf9004fe088a2cd4cc6d6af
[apple/javascriptcore.git] / runtime / JSObject.h
1 /*
2 * Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
3 * Copyright (C) 2001 Peter Kelly (pmk@post.com)
4 * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2012 Apple Inc. All rights reserved.
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Library General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Library General Public License for more details.
15 *
16 * You should have received a copy of the GNU Library General Public License
17 * along with this library; see the file COPYING.LIB. If not, write to
18 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19 * Boston, MA 02110-1301, USA.
20 *
21 */
22
23 #ifndef JSObject_h
24 #define JSObject_h
25
26 #include "ArgList.h"
27 #include "ArrayConventions.h"
28 #include "ArrayStorage.h"
29 #include "Butterfly.h"
30 #include "ClassInfo.h"
31 #include "CommonIdentifiers.h"
32 #include "CallFrame.h"
33 #include "JSCell.h"
34 #include "PropertySlot.h"
35 #include "PropertyStorage.h"
36 #include "PutDirectIndexMode.h"
37 #include "PutPropertySlot.h"
38
39 #include "Structure.h"
40 #include "VM.h"
41 #include "JSString.h"
42 #include "SlotVisitorInlines.h"
43 #include "SparseArrayValueMap.h"
44 #include <wtf/StdLibExtras.h>
45
46 namespace JSC {
47
48 inline JSCell* getJSFunction(JSValue value)
49 {
50 if (value.isCell() && (value.asCell()->structure()->typeInfo().type() == JSFunctionType))
51 return value.asCell();
52 return 0;
53 }
54
55 JS_EXPORT_PRIVATE JSCell* getCallableObjectSlow(JSCell*);
56
57 inline JSCell* getCallableObject(JSValue value)
58 {
59 if (!value.isCell())
60 return 0;
61 return getCallableObjectSlow(value.asCell());
62 }
63
64 class GetterSetter;
65 class HashEntry;
66 class InternalFunction;
67 class LLIntOffsetsExtractor;
68 class MarkedBlock;
69 class PropertyDescriptor;
70 class PropertyNameArray;
71 class Structure;
72 struct HashTable;
73
74 JS_EXPORT_PRIVATE JSObject* throwTypeError(ExecState*, const String&);
75 extern JS_EXPORTDATA const char* StrictModeReadonlyPropertyWriteError;
76
77 // ECMA 262-3 8.6.1
78 // Property attributes
79 enum Attribute {
80 None = 0,
81 ReadOnly = 1 << 1, // property can be only read, not written
82 DontEnum = 1 << 2, // property doesn't appear in (for .. in ..)
83 DontDelete = 1 << 3, // property can't be deleted
84 Function = 1 << 4, // property is a function - only used by static hashtables
85 Accessor = 1 << 5, // property is a getter/setter
86 };
87
88 COMPILE_ASSERT(None < FirstInternalAttribute, None_is_below_FirstInternalAttribute);
89 COMPILE_ASSERT(ReadOnly < FirstInternalAttribute, ReadOnly_is_below_FirstInternalAttribute);
90 COMPILE_ASSERT(DontEnum < FirstInternalAttribute, DontEnum_is_below_FirstInternalAttribute);
91 COMPILE_ASSERT(DontDelete < FirstInternalAttribute, DontDelete_is_below_FirstInternalAttribute);
92 COMPILE_ASSERT(Function < FirstInternalAttribute, Function_is_below_FirstInternalAttribute);
93 COMPILE_ASSERT(Accessor < FirstInternalAttribute, Accessor_is_below_FirstInternalAttribute);
94
95 class JSFinalObject;
96
97 class JSObject : public JSCell {
98 friend class BatchedTransitionOptimizer;
99 friend class JIT;
100 friend class JSCell;
101 friend class JSFinalObject;
102 friend class MarkedBlock;
103 JS_EXPORT_PRIVATE friend bool setUpStaticFunctionSlot(ExecState*, const HashEntry*, JSObject*, PropertyName, PropertySlot&);
104
105 enum PutMode {
106 PutModePut,
107 PutModeDefineOwnProperty,
108 };
109
110 public:
111 typedef JSCell Base;
112
113 static size_t allocationSize(size_t inlineCapacity)
114 {
115 return sizeof(JSObject) + inlineCapacity * sizeof(WriteBarrierBase<Unknown>);
116 }
117
118 JS_EXPORT_PRIVATE static void visitChildren(JSCell*, SlotVisitor&);
119 JS_EXPORT_PRIVATE static void copyBackingStore(JSCell*, CopyVisitor&);
120
121 JS_EXPORT_PRIVATE static String className(const JSObject*);
122
123 JSValue prototype() const;
124 void setPrototype(VM&, JSValue prototype);
125 bool setPrototypeWithCycleCheck(VM&, JSValue prototype);
126
127 bool mayInterceptIndexedAccesses()
128 {
129 return structure()->mayInterceptIndexedAccesses();
130 }
131
132 JSValue get(ExecState*, PropertyName) const;
133 JSValue get(ExecState*, unsigned propertyName) const;
134
135 bool getPropertySlot(ExecState*, PropertyName, PropertySlot&);
136 bool getPropertySlot(ExecState*, unsigned propertyName, PropertySlot&);
137 JS_EXPORT_PRIVATE bool getPropertyDescriptor(ExecState*, PropertyName, PropertyDescriptor&);
138
139 static bool getOwnPropertySlot(JSCell*, ExecState*, PropertyName, PropertySlot&);
140 JS_EXPORT_PRIVATE static bool getOwnPropertySlotByIndex(JSCell*, ExecState*, unsigned propertyName, PropertySlot&);
141 JS_EXPORT_PRIVATE static bool getOwnPropertyDescriptor(JSObject*, ExecState*, PropertyName, PropertyDescriptor&);
142
143 bool allowsAccessFrom(ExecState*);
144
145 unsigned getArrayLength() const
146 {
147 if (!hasIndexedProperties(structure()->indexingType()))
148 return 0;
149 return m_butterfly->publicLength();
150 }
151
152 unsigned getVectorLength()
153 {
154 if (!hasIndexedProperties(structure()->indexingType()))
155 return 0;
156 return m_butterfly->vectorLength();
157 }
158
159 JS_EXPORT_PRIVATE static void put(JSCell*, ExecState*, PropertyName, JSValue, PutPropertySlot&);
160 JS_EXPORT_PRIVATE static void putByIndex(JSCell*, ExecState*, unsigned propertyName, JSValue, bool shouldThrow);
161
162 void putByIndexInline(ExecState* exec, unsigned propertyName, JSValue value, bool shouldThrow)
163 {
164 if (canSetIndexQuickly(propertyName)) {
165 setIndexQuickly(exec->vm(), propertyName, value);
166 return;
167 }
168 methodTable()->putByIndex(this, exec, propertyName, value, shouldThrow);
169 }
170
171 // This is similar to the putDirect* methods:
172 // - the prototype chain is not consulted
173 // - accessors are not called.
174 // - it will ignore extensibility and read-only properties if PutDirectIndexLikePutDirect is passed as the mode (the default).
175 // This method creates a property with attributes writable, enumerable and configurable all set to true.
176 bool putDirectIndex(ExecState* exec, unsigned propertyName, JSValue value, unsigned attributes, PutDirectIndexMode mode)
177 {
178 if (!attributes && canSetIndexQuicklyForPutDirect(propertyName)) {
179 setIndexQuickly(exec->vm(), propertyName, value);
180 return true;
181 }
182 return putDirectIndexBeyondVectorLength(exec, propertyName, value, attributes, mode);
183 }
184 bool putDirectIndex(ExecState* exec, unsigned propertyName, JSValue value)
185 {
186 return putDirectIndex(exec, propertyName, value, 0, PutDirectIndexLikePutDirect);
187 }
188
189 // A non-throwing version of putDirect and putDirectIndex.
190 JS_EXPORT_PRIVATE void putDirectMayBeIndex(ExecState*, PropertyName, JSValue);
191
192 bool canGetIndexQuickly(unsigned i)
193 {
194 switch (structure()->indexingType()) {
195 case ALL_BLANK_INDEXING_TYPES:
196 case ALL_UNDECIDED_INDEXING_TYPES:
197 return false;
198 case ALL_INT32_INDEXING_TYPES:
199 case ALL_CONTIGUOUS_INDEXING_TYPES:
200 return i < m_butterfly->vectorLength() && m_butterfly->contiguous()[i];
201 case ALL_DOUBLE_INDEXING_TYPES: {
202 if (i >= m_butterfly->vectorLength())
203 return false;
204 double value = m_butterfly->contiguousDouble()[i];
205 if (value != value)
206 return false;
207 return true;
208 }
209 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
210 return i < m_butterfly->arrayStorage()->vectorLength() && m_butterfly->arrayStorage()->m_vector[i];
211 default:
212 RELEASE_ASSERT_NOT_REACHED();
213 return false;
214 }
215 }
216
217 JSValue getIndexQuickly(unsigned i)
218 {
219 switch (structure()->indexingType()) {
220 case ALL_INT32_INDEXING_TYPES:
221 case ALL_CONTIGUOUS_INDEXING_TYPES:
222 return m_butterfly->contiguous()[i].get();
223 case ALL_DOUBLE_INDEXING_TYPES:
224 return JSValue(JSValue::EncodeAsDouble, m_butterfly->contiguousDouble()[i]);
225 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
226 return m_butterfly->arrayStorage()->m_vector[i].get();
227 default:
228 RELEASE_ASSERT_NOT_REACHED();
229 return JSValue();
230 }
231 }
232
233 JSValue tryGetIndexQuickly(unsigned i)
234 {
235 switch (structure()->indexingType()) {
236 case ALL_BLANK_INDEXING_TYPES:
237 case ALL_UNDECIDED_INDEXING_TYPES:
238 break;
239 case ALL_INT32_INDEXING_TYPES:
240 case ALL_CONTIGUOUS_INDEXING_TYPES:
241 if (i < m_butterfly->publicLength())
242 return m_butterfly->contiguous()[i].get();
243 break;
244 case ALL_DOUBLE_INDEXING_TYPES: {
245 if (i >= m_butterfly->publicLength())
246 break;
247 double result = m_butterfly->contiguousDouble()[i];
248 if (result != result)
249 break;
250 return JSValue(JSValue::EncodeAsDouble, result);
251 }
252 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
253 if (i < m_butterfly->arrayStorage()->vectorLength())
254 return m_butterfly->arrayStorage()->m_vector[i].get();
255 break;
256 default:
257 RELEASE_ASSERT_NOT_REACHED();
258 break;
259 }
260 return JSValue();
261 }
262
263 JSValue getDirectIndex(ExecState* exec, unsigned i)
264 {
265 if (JSValue result = tryGetIndexQuickly(i))
266 return result;
267 PropertySlot slot(this);
268 if (methodTable()->getOwnPropertySlotByIndex(this, exec, i, slot))
269 return slot.getValue(exec, i);
270 return JSValue();
271 }
272
273 JSValue getIndex(ExecState* exec, unsigned i)
274 {
275 if (JSValue result = tryGetIndexQuickly(i))
276 return result;
277 return get(exec, i);
278 }
279
280 bool canSetIndexQuickly(unsigned i)
281 {
282 switch (structure()->indexingType()) {
283 case ALL_BLANK_INDEXING_TYPES:
284 case ALL_UNDECIDED_INDEXING_TYPES:
285 return false;
286 case ALL_INT32_INDEXING_TYPES:
287 case ALL_DOUBLE_INDEXING_TYPES:
288 case ALL_CONTIGUOUS_INDEXING_TYPES:
289 case NonArrayWithArrayStorage:
290 case ArrayWithArrayStorage:
291 return i < m_butterfly->vectorLength();
292 case NonArrayWithSlowPutArrayStorage:
293 case ArrayWithSlowPutArrayStorage:
294 return i < m_butterfly->arrayStorage()->vectorLength()
295 && !!m_butterfly->arrayStorage()->m_vector[i];
296 default:
297 RELEASE_ASSERT_NOT_REACHED();
298 return false;
299 }
300 }
301
302 bool canSetIndexQuicklyForPutDirect(unsigned i)
303 {
304 switch (structure()->indexingType()) {
305 case ALL_BLANK_INDEXING_TYPES:
306 case ALL_UNDECIDED_INDEXING_TYPES:
307 return false;
308 case ALL_INT32_INDEXING_TYPES:
309 case ALL_DOUBLE_INDEXING_TYPES:
310 case ALL_CONTIGUOUS_INDEXING_TYPES:
311 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
312 return i < m_butterfly->vectorLength();
313 default:
314 RELEASE_ASSERT_NOT_REACHED();
315 return false;
316 }
317 }
318
319 void setIndexQuickly(VM& vm, unsigned i, JSValue v)
320 {
321 switch (structure()->indexingType()) {
322 case ALL_INT32_INDEXING_TYPES: {
323 ASSERT(i < m_butterfly->vectorLength());
324 if (!v.isInt32()) {
325 convertInt32ToDoubleOrContiguousWhilePerformingSetIndex(vm, i, v);
326 return;
327 }
328 // Fall through to contiguous case.
329 }
330 case ALL_CONTIGUOUS_INDEXING_TYPES: {
331 ASSERT(i < m_butterfly->vectorLength());
332 m_butterfly->contiguous()[i].set(vm, this, v);
333 if (i >= m_butterfly->publicLength())
334 m_butterfly->setPublicLength(i + 1);
335 break;
336 }
337 case ALL_DOUBLE_INDEXING_TYPES: {
338 ASSERT(i < m_butterfly->vectorLength());
339 if (!v.isNumber()) {
340 convertDoubleToContiguousWhilePerformingSetIndex(vm, i, v);
341 return;
342 }
343 double value = v.asNumber();
344 if (value != value) {
345 convertDoubleToContiguousWhilePerformingSetIndex(vm, i, v);
346 return;
347 }
348 m_butterfly->contiguousDouble()[i] = value;
349 if (i >= m_butterfly->publicLength())
350 m_butterfly->setPublicLength(i + 1);
351 break;
352 }
353 case ALL_ARRAY_STORAGE_INDEXING_TYPES: {
354 ArrayStorage* storage = m_butterfly->arrayStorage();
355 WriteBarrier<Unknown>& x = storage->m_vector[i];
356 JSValue old = x.get();
357 x.set(vm, this, v);
358 if (!old) {
359 ++storage->m_numValuesInVector;
360 if (i >= storage->length())
361 storage->setLength(i + 1);
362 }
363 break;
364 }
365 default:
366 RELEASE_ASSERT_NOT_REACHED();
367 }
368 }
369
370 void initializeIndex(VM& vm, unsigned i, JSValue v)
371 {
372 switch (structure()->indexingType()) {
373 case ALL_UNDECIDED_INDEXING_TYPES: {
374 setIndexQuicklyToUndecided(vm, i, v);
375 break;
376 }
377 case ALL_INT32_INDEXING_TYPES: {
378 ASSERT(i < m_butterfly->publicLength());
379 ASSERT(i < m_butterfly->vectorLength());
380 if (!v.isInt32()) {
381 convertInt32ToDoubleOrContiguousWhilePerformingSetIndex(vm, i, v);
382 break;
383 }
384 // Fall through.
385 }
386 case ALL_CONTIGUOUS_INDEXING_TYPES: {
387 ASSERT(i < m_butterfly->publicLength());
388 ASSERT(i < m_butterfly->vectorLength());
389 m_butterfly->contiguous()[i].set(vm, this, v);
390 break;
391 }
392 case ALL_DOUBLE_INDEXING_TYPES: {
393 ASSERT(i < m_butterfly->publicLength());
394 ASSERT(i < m_butterfly->vectorLength());
395 if (!v.isNumber()) {
396 convertDoubleToContiguousWhilePerformingSetIndex(vm, i, v);
397 return;
398 }
399 double value = v.asNumber();
400 if (value != value) {
401 convertDoubleToContiguousWhilePerformingSetIndex(vm, i, v);
402 return;
403 }
404 m_butterfly->contiguousDouble()[i] = value;
405 break;
406 }
407 case ALL_ARRAY_STORAGE_INDEXING_TYPES: {
408 ArrayStorage* storage = m_butterfly->arrayStorage();
409 ASSERT(i < storage->length());
410 ASSERT(i < storage->m_numValuesInVector);
411 storage->m_vector[i].set(vm, this, v);
412 break;
413 }
414 default:
415 RELEASE_ASSERT_NOT_REACHED();
416 }
417 }
418
419 bool hasSparseMap()
420 {
421 switch (structure()->indexingType()) {
422 case ALL_BLANK_INDEXING_TYPES:
423 case ALL_UNDECIDED_INDEXING_TYPES:
424 case ALL_INT32_INDEXING_TYPES:
425 case ALL_DOUBLE_INDEXING_TYPES:
426 case ALL_CONTIGUOUS_INDEXING_TYPES:
427 return false;
428 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
429 return m_butterfly->arrayStorage()->m_sparseMap;
430 default:
431 RELEASE_ASSERT_NOT_REACHED();
432 return false;
433 }
434 }
435
436 bool inSparseIndexingMode()
437 {
438 switch (structure()->indexingType()) {
439 case ALL_BLANK_INDEXING_TYPES:
440 case ALL_UNDECIDED_INDEXING_TYPES:
441 case ALL_INT32_INDEXING_TYPES:
442 case ALL_DOUBLE_INDEXING_TYPES:
443 case ALL_CONTIGUOUS_INDEXING_TYPES:
444 return false;
445 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
446 return m_butterfly->arrayStorage()->inSparseMode();
447 default:
448 RELEASE_ASSERT_NOT_REACHED();
449 return false;
450 }
451 }
452
453 void enterDictionaryIndexingMode(VM&);
454
455 // putDirect is effectively an unchecked vesion of 'defineOwnProperty':
456 // - the prototype chain is not consulted
457 // - accessors are not called.
458 // - attributes will be respected (after the call the property will exist with the given attributes)
459 // - the property name is assumed to not be an index.
460 JS_EXPORT_PRIVATE static void putDirectVirtual(JSObject*, ExecState*, PropertyName, JSValue, unsigned attributes);
461 void putDirect(VM&, PropertyName, JSValue, unsigned attributes = 0);
462 void putDirect(VM&, PropertyName, JSValue, PutPropertySlot&);
463 void putDirectWithoutTransition(VM&, PropertyName, JSValue, unsigned attributes = 0);
464 void putDirectAccessor(ExecState*, PropertyName, JSValue, unsigned attributes);
465
466 bool propertyIsEnumerable(ExecState*, const Identifier& propertyName) const;
467
468 JS_EXPORT_PRIVATE bool hasProperty(ExecState*, PropertyName) const;
469 JS_EXPORT_PRIVATE bool hasProperty(ExecState*, unsigned propertyName) const;
470 bool hasOwnProperty(ExecState*, PropertyName) const;
471
472 JS_EXPORT_PRIVATE static bool deleteProperty(JSCell*, ExecState*, PropertyName);
473 JS_EXPORT_PRIVATE static bool deletePropertyByIndex(JSCell*, ExecState*, unsigned propertyName);
474
475 JS_EXPORT_PRIVATE static JSValue defaultValue(const JSObject*, ExecState*, PreferredPrimitiveType);
476
477 bool hasInstance(ExecState*, JSValue);
478 static bool defaultHasInstance(ExecState*, JSValue, JSValue prototypeProperty);
479
480 JS_EXPORT_PRIVATE static void getOwnPropertyNames(JSObject*, ExecState*, PropertyNameArray&, EnumerationMode);
481 JS_EXPORT_PRIVATE static void getOwnNonIndexPropertyNames(JSObject*, ExecState*, PropertyNameArray&, EnumerationMode);
482 JS_EXPORT_PRIVATE static void getPropertyNames(JSObject*, ExecState*, PropertyNameArray&, EnumerationMode);
483
484 JSValue toPrimitive(ExecState*, PreferredPrimitiveType = NoPreference) const;
485 bool getPrimitiveNumber(ExecState*, double& number, JSValue&) const;
486 JS_EXPORT_PRIVATE double toNumber(ExecState*) const;
487 JS_EXPORT_PRIVATE JSString* toString(ExecState*) const;
488
489 // NOTE: JSObject and its subclasses must be able to gracefully handle ExecState* = 0,
490 // because this call may come from inside the compiler.
491 JS_EXPORT_PRIVATE static JSObject* toThisObject(JSCell*, ExecState*);
492
493 bool getPropertySpecificValue(ExecState*, PropertyName, JSCell*& specificFunction) const;
494
495 // This get function only looks at the property map.
496 JSValue getDirect(VM& vm, PropertyName propertyName) const
497 {
498 PropertyOffset offset = structure()->get(vm, propertyName);
499 checkOffset(offset, structure()->inlineCapacity());
500 return offset != invalidOffset ? getDirect(offset) : JSValue();
501 }
502
503 PropertyOffset getDirectOffset(VM& vm, PropertyName propertyName)
504 {
505 PropertyOffset offset = structure()->get(vm, propertyName);
506 checkOffset(offset, structure()->inlineCapacity());
507 return offset;
508 }
509
510 bool hasInlineStorage() const { return structure()->hasInlineStorage(); }
511 ConstPropertyStorage inlineStorageUnsafe() const
512 {
513 return bitwise_cast<ConstPropertyStorage>(this + 1);
514 }
515 PropertyStorage inlineStorageUnsafe()
516 {
517 return bitwise_cast<PropertyStorage>(this + 1);
518 }
519 ConstPropertyStorage inlineStorage() const
520 {
521 ASSERT(hasInlineStorage());
522 return inlineStorageUnsafe();
523 }
524 PropertyStorage inlineStorage()
525 {
526 ASSERT(hasInlineStorage());
527 return inlineStorageUnsafe();
528 }
529
530 const Butterfly* butterfly() const { return m_butterfly; }
531 Butterfly* butterfly() { return m_butterfly; }
532
533 ConstPropertyStorage outOfLineStorage() const { return m_butterfly->propertyStorage(); }
534 PropertyStorage outOfLineStorage() { return m_butterfly->propertyStorage(); }
535
536 const WriteBarrierBase<Unknown>* locationForOffset(PropertyOffset offset) const
537 {
538 if (isInlineOffset(offset))
539 return &inlineStorage()[offsetInInlineStorage(offset)];
540 return &outOfLineStorage()[offsetInOutOfLineStorage(offset)];
541 }
542
543 WriteBarrierBase<Unknown>* locationForOffset(PropertyOffset offset)
544 {
545 if (isInlineOffset(offset))
546 return &inlineStorage()[offsetInInlineStorage(offset)];
547 return &outOfLineStorage()[offsetInOutOfLineStorage(offset)];
548 }
549
550 void transitionTo(VM&, Structure*);
551
552 bool removeDirect(VM&, PropertyName); // Return true if anything is removed.
553 bool hasCustomProperties() { return structure()->didTransition(); }
554 bool hasGetterSetterProperties() { return structure()->hasGetterSetterProperties(); }
555
556 // putOwnDataProperty has 'put' like semantics, however this method:
557 // - assumes the object contains no own getter/setter properties.
558 // - provides no special handling for __proto__
559 // - does not walk the prototype chain (to check for accessors or non-writable properties).
560 // This is used by JSActivation.
561 bool putOwnDataProperty(VM&, PropertyName, JSValue, PutPropertySlot&);
562
563 // Fast access to known property offsets.
564 JSValue getDirect(PropertyOffset offset) const { return locationForOffset(offset)->get(); }
565 void putDirect(VM& vm, PropertyOffset offset, JSValue value) { locationForOffset(offset)->set(vm, this, value); }
566 void putDirectUndefined(PropertyOffset offset) { locationForOffset(offset)->setUndefined(); }
567
568 void putDirectNativeFunction(ExecState*, JSGlobalObject*, const PropertyName&, unsigned functionLength, NativeFunction, Intrinsic, unsigned attributes);
569
570 JS_EXPORT_PRIVATE static bool defineOwnProperty(JSObject*, ExecState*, PropertyName, PropertyDescriptor&, bool shouldThrow);
571
572 bool isGlobalObject() const;
573 bool isVariableObject() const;
574 bool isStaticScopeObject() const;
575 bool isNameScopeObject() const;
576 bool isActivationObject() const;
577 bool isErrorInstance() const;
578
579 void seal(VM&);
580 void freeze(VM&);
581 JS_EXPORT_PRIVATE void preventExtensions(VM&);
582 bool isSealed(VM& vm) { return structure()->isSealed(vm); }
583 bool isFrozen(VM& vm) { return structure()->isFrozen(vm); }
584 bool isExtensible() { return structure()->isExtensible(); }
585 bool indexingShouldBeSparse()
586 {
587 return !isExtensible()
588 || structure()->typeInfo().interceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero();
589 }
590
591 bool staticFunctionsReified() { return structure()->staticFunctionsReified(); }
592 void reifyStaticFunctionsForDelete(ExecState* exec);
593
594 JS_EXPORT_PRIVATE Butterfly* growOutOfLineStorage(VM&, size_t oldSize, size_t newSize);
595 void setButterfly(VM&, Butterfly*, Structure*);
596 void setButterflyWithoutChangingStructure(Butterfly*); // You probably don't want to call this.
597
598 void setStructureAndReallocateStorageIfNecessary(VM&, unsigned oldCapacity, Structure*);
599 void setStructureAndReallocateStorageIfNecessary(VM&, Structure*);
600
601 void flattenDictionaryObject(VM& vm)
602 {
603 structure()->flattenDictionaryStructure(vm, this);
604 }
605
606 JSGlobalObject* globalObject() const
607 {
608 ASSERT(structure()->globalObject());
609 ASSERT(!isGlobalObject() || ((JSObject*)structure()->globalObject()) == this);
610 return structure()->globalObject();
611 }
612
613 void switchToSlowPutArrayStorage(VM&);
614
615 // The receiver is the prototype in this case. The following:
616 //
617 // asObject(foo->structure()->storedPrototype())->attemptToInterceptPutByIndexOnHoleForPrototype(...)
618 //
619 // is equivalent to:
620 //
621 // foo->attemptToInterceptPutByIndexOnHole(...);
622 bool attemptToInterceptPutByIndexOnHoleForPrototype(ExecState*, JSValue thisValue, unsigned propertyName, JSValue, bool shouldThrow);
623
624 // Returns 0 if int32 storage cannot be created - either because
625 // indexing should be sparse, we're having a bad time, or because
626 // we already have a more general form of storage (double,
627 // contiguous, array storage).
628 ContiguousJSValues ensureInt32(VM& vm)
629 {
630 if (LIKELY(hasInt32(structure()->indexingType())))
631 return m_butterfly->contiguousInt32();
632
633 return ensureInt32Slow(vm);
634 }
635
636 // Returns 0 if double storage cannot be created - either because
637 // indexing should be sparse, we're having a bad time, or because
638 // we already have a more general form of storage (contiguous,
639 // or array storage).
640 ContiguousDoubles ensureDouble(VM& vm)
641 {
642 if (LIKELY(hasDouble(structure()->indexingType())))
643 return m_butterfly->contiguousDouble();
644
645 return ensureDoubleSlow(vm);
646 }
647
648 // Returns 0 if contiguous storage cannot be created - either because
649 // indexing should be sparse or because we're having a bad time.
650 ContiguousJSValues ensureContiguous(VM& vm)
651 {
652 if (LIKELY(hasContiguous(structure()->indexingType())))
653 return m_butterfly->contiguous();
654
655 return ensureContiguousSlow(vm);
656 }
657
658 // Same as ensureContiguous(), except that if the indexed storage is in
659 // double mode, then it does a rage conversion to contiguous: it
660 // attempts to convert each double to an int32.
661 ContiguousJSValues rageEnsureContiguous(VM& vm)
662 {
663 if (LIKELY(hasContiguous(structure()->indexingType())))
664 return m_butterfly->contiguous();
665
666 return rageEnsureContiguousSlow(vm);
667 }
668
669 // Ensure that the object is in a mode where it has array storage. Use
670 // this if you're about to perform actions that would have required the
671 // object to be converted to have array storage, if it didn't have it
672 // already.
673 ArrayStorage* ensureArrayStorage(VM& vm)
674 {
675 if (LIKELY(hasArrayStorage(structure()->indexingType())))
676 return m_butterfly->arrayStorage();
677
678 return ensureArrayStorageSlow(vm);
679 }
680
681 static size_t offsetOfInlineStorage();
682
683 static ptrdiff_t butterflyOffset()
684 {
685 return OBJECT_OFFSETOF(JSObject, m_butterfly);
686 }
687
688 void* butterflyAddress()
689 {
690 return &m_butterfly;
691 }
692
693 static JS_EXPORTDATA const ClassInfo s_info;
694
695 protected:
696 void finishCreation(VM& vm)
697 {
698 Base::finishCreation(vm);
699 ASSERT(inherits(&s_info));
700 ASSERT(!structure()->outOfLineCapacity());
701 ASSERT(structure()->isEmpty());
702 ASSERT(prototype().isNull() || Heap::heap(this) == Heap::heap(prototype()));
703 ASSERT(structure()->isObject());
704 ASSERT(classInfo());
705 }
706
707 static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
708 {
709 return Structure::create(vm, globalObject, prototype, TypeInfo(ObjectType, StructureFlags), &s_info);
710 }
711
712 // To instantiate objects you likely want JSFinalObject, below.
713 // To create derived types you likely want JSNonFinalObject, below.
714 JSObject(VM&, Structure*, Butterfly* = 0);
715
716 void visitButterfly(SlotVisitor&, Butterfly*, size_t storageSize);
717 void copyButterfly(CopyVisitor&, Butterfly*, size_t storageSize);
718
719 // Call this if you know that the object is in a mode where it has array
720 // storage. This will assert otherwise.
721 ArrayStorage* arrayStorage()
722 {
723 ASSERT(hasArrayStorage(structure()->indexingType()));
724 return m_butterfly->arrayStorage();
725 }
726
727 // Call this if you want to predicate some actions on whether or not the
728 // object is in a mode where it has array storage.
729 ArrayStorage* arrayStorageOrNull()
730 {
731 switch (structure()->indexingType()) {
732 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
733 return m_butterfly->arrayStorage();
734
735 default:
736 return 0;
737 }
738 }
739
740 Butterfly* createInitialUndecided(VM&, unsigned length);
741 ContiguousJSValues createInitialInt32(VM&, unsigned length);
742 ContiguousDoubles createInitialDouble(VM&, unsigned length);
743 ContiguousJSValues createInitialContiguous(VM&, unsigned length);
744
745 void convertUndecidedForValue(VM&, JSValue);
746 void convertInt32ForValue(VM&, JSValue);
747
748 ArrayStorage* createArrayStorage(VM&, unsigned length, unsigned vectorLength);
749 ArrayStorage* createInitialArrayStorage(VM&);
750
751 ContiguousJSValues convertUndecidedToInt32(VM&);
752 ContiguousDoubles convertUndecidedToDouble(VM&);
753 ContiguousJSValues convertUndecidedToContiguous(VM&);
754 ArrayStorage* convertUndecidedToArrayStorage(VM&, NonPropertyTransition, unsigned neededLength);
755 ArrayStorage* convertUndecidedToArrayStorage(VM&, NonPropertyTransition);
756 ArrayStorage* convertUndecidedToArrayStorage(VM&);
757
758 ContiguousDoubles convertInt32ToDouble(VM&);
759 ContiguousJSValues convertInt32ToContiguous(VM&);
760 ArrayStorage* convertInt32ToArrayStorage(VM&, NonPropertyTransition, unsigned neededLength);
761 ArrayStorage* convertInt32ToArrayStorage(VM&, NonPropertyTransition);
762 ArrayStorage* convertInt32ToArrayStorage(VM&);
763
764 ContiguousJSValues convertDoubleToContiguous(VM&);
765 ContiguousJSValues rageConvertDoubleToContiguous(VM&);
766 ArrayStorage* convertDoubleToArrayStorage(VM&, NonPropertyTransition, unsigned neededLength);
767 ArrayStorage* convertDoubleToArrayStorage(VM&, NonPropertyTransition);
768 ArrayStorage* convertDoubleToArrayStorage(VM&);
769
770 ArrayStorage* convertContiguousToArrayStorage(VM&, NonPropertyTransition, unsigned neededLength);
771 ArrayStorage* convertContiguousToArrayStorage(VM&, NonPropertyTransition);
772 ArrayStorage* convertContiguousToArrayStorage(VM&);
773
774
775 ArrayStorage* ensureArrayStorageExistsAndEnterDictionaryIndexingMode(VM&);
776
777 bool defineOwnNonIndexProperty(ExecState*, PropertyName, PropertyDescriptor&, bool throwException);
778
779 template<IndexingType indexingShape>
780 void putByIndexBeyondVectorLengthWithoutAttributes(ExecState*, unsigned propertyName, JSValue);
781 void putByIndexBeyondVectorLengthWithArrayStorage(ExecState*, unsigned propertyName, JSValue, bool shouldThrow, ArrayStorage*);
782
783 bool increaseVectorLength(VM&, unsigned newLength);
784 void deallocateSparseIndexMap();
785 bool defineOwnIndexedProperty(ExecState*, unsigned, PropertyDescriptor&, bool throwException);
786 SparseArrayValueMap* allocateSparseIndexMap(VM&);
787
788 void notifyPresenceOfIndexedAccessors(VM&);
789
790 bool attemptToInterceptPutByIndexOnHole(ExecState*, unsigned index, JSValue, bool shouldThrow);
791
792 // Call this if you want setIndexQuickly to succeed and you're sure that
793 // the array is contiguous.
794 void ensureLength(VM& vm, unsigned length)
795 {
796 ASSERT(length < MAX_ARRAY_INDEX);
797 ASSERT(hasContiguous(structure()->indexingType()) || hasInt32(structure()->indexingType()) || hasDouble(structure()->indexingType()) || hasUndecided(structure()->indexingType()));
798
799 if (m_butterfly->vectorLength() < length)
800 ensureLengthSlow(vm, length);
801
802 if (m_butterfly->publicLength() < length)
803 m_butterfly->setPublicLength(length);
804 }
805
806 template<IndexingType indexingShape>
807 unsigned countElements(Butterfly*);
808
809 // This is relevant to undecided, int32, double, and contiguous.
810 unsigned countElements();
811
812 // This strange method returns a pointer to the start of the indexed data
813 // as if it contained JSValues. But it won't always contain JSValues.
814 // Make sure you cast this to the appropriate type before using.
815 template<IndexingType indexingType>
816 ContiguousJSValues indexingData()
817 {
818 switch (indexingType) {
819 case ALL_INT32_INDEXING_TYPES:
820 case ALL_DOUBLE_INDEXING_TYPES:
821 case ALL_CONTIGUOUS_INDEXING_TYPES:
822 return m_butterfly->contiguous();
823
824 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
825 return m_butterfly->arrayStorage()->vector();
826
827 default:
828 CRASH();
829 return ContiguousJSValues();
830 }
831 }
832
833 ContiguousJSValues currentIndexingData()
834 {
835 switch (structure()->indexingType()) {
836 case ALL_INT32_INDEXING_TYPES:
837 case ALL_CONTIGUOUS_INDEXING_TYPES:
838 return m_butterfly->contiguous();
839
840 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
841 return m_butterfly->arrayStorage()->vector();
842
843 default:
844 CRASH();
845 return ContiguousJSValues();
846 }
847 }
848
849 JSValue getHolyIndexQuickly(unsigned i)
850 {
851 ASSERT(i < m_butterfly->vectorLength());
852 switch (structure()->indexingType()) {
853 case ALL_INT32_INDEXING_TYPES:
854 case ALL_CONTIGUOUS_INDEXING_TYPES:
855 return m_butterfly->contiguous()[i].get();
856 case ALL_DOUBLE_INDEXING_TYPES: {
857 double value = m_butterfly->contiguousDouble()[i];
858 if (value == value)
859 return JSValue(JSValue::EncodeAsDouble, value);
860 return JSValue();
861 }
862 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
863 return m_butterfly->arrayStorage()->m_vector[i].get();
864 default:
865 CRASH();
866 return JSValue();
867 }
868 }
869
870 template<IndexingType indexingType>
871 unsigned relevantLength()
872 {
873 switch (indexingType) {
874 case ALL_INT32_INDEXING_TYPES:
875 case ALL_DOUBLE_INDEXING_TYPES:
876 case ALL_CONTIGUOUS_INDEXING_TYPES:
877 return m_butterfly->publicLength();
878
879 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
880 return std::min(
881 m_butterfly->arrayStorage()->length(),
882 m_butterfly->arrayStorage()->vectorLength());
883
884 default:
885 CRASH();
886 return 0;
887 }
888 }
889
890 unsigned currentRelevantLength()
891 {
892 switch (structure()->indexingType()) {
893 case ALL_INT32_INDEXING_TYPES:
894 case ALL_DOUBLE_INDEXING_TYPES:
895 case ALL_CONTIGUOUS_INDEXING_TYPES:
896 return m_butterfly->publicLength();
897
898 case ALL_ARRAY_STORAGE_INDEXING_TYPES:
899 return std::min(
900 m_butterfly->arrayStorage()->length(),
901 m_butterfly->arrayStorage()->vectorLength());
902
903 default:
904 CRASH();
905 return 0;
906 }
907 }
908
909 private:
910 friend class LLIntOffsetsExtractor;
911
912 // Nobody should ever ask any of these questions on something already known to be a JSObject.
913 using JSCell::isAPIValueWrapper;
914 using JSCell::isGetterSetter;
915 void getObject();
916 void getString(ExecState* exec);
917 void isObject();
918 void isString();
919
920 Butterfly* createInitialIndexedStorage(VM&, unsigned length, size_t elementSize);
921
922 ArrayStorage* enterDictionaryIndexingModeWhenArrayStorageAlreadyExists(VM&, ArrayStorage*);
923
924 template<PutMode>
925 bool putDirectInternal(VM&, PropertyName, JSValue, unsigned attr, PutPropertySlot&, JSCell*);
926
927 bool inlineGetOwnPropertySlot(ExecState*, PropertyName, PropertySlot&);
928 JS_EXPORT_PRIVATE void fillGetterPropertySlot(PropertySlot&, PropertyOffset);
929
930 const HashEntry* findPropertyHashEntry(ExecState*, PropertyName) const;
931
932 void putIndexedDescriptor(ExecState*, SparseArrayEntry*, PropertyDescriptor&, PropertyDescriptor& old);
933
934 void putByIndexBeyondVectorLength(ExecState*, unsigned propertyName, JSValue, bool shouldThrow);
935 bool putDirectIndexBeyondVectorLengthWithArrayStorage(ExecState*, unsigned propertyName, JSValue, unsigned attributes, PutDirectIndexMode, ArrayStorage*);
936 JS_EXPORT_PRIVATE bool putDirectIndexBeyondVectorLength(ExecState*, unsigned propertyName, JSValue, unsigned attributes, PutDirectIndexMode);
937
938 unsigned getNewVectorLength(unsigned currentVectorLength, unsigned currentLength, unsigned desiredLength);
939 unsigned getNewVectorLength(unsigned desiredLength);
940
941 JS_EXPORT_PRIVATE bool getOwnPropertySlotSlow(ExecState*, PropertyName, PropertySlot&);
942
943 ArrayStorage* constructConvertedArrayStorageWithoutCopyingElements(VM&, unsigned neededLength);
944
945 JS_EXPORT_PRIVATE void setIndexQuicklyToUndecided(VM&, unsigned index, JSValue);
946 JS_EXPORT_PRIVATE void convertInt32ToDoubleOrContiguousWhilePerformingSetIndex(VM&, unsigned index, JSValue);
947 JS_EXPORT_PRIVATE void convertDoubleToContiguousWhilePerformingSetIndex(VM&, unsigned index, JSValue);
948
949 void ensureLengthSlow(VM&, unsigned length);
950
951 ContiguousJSValues ensureInt32Slow(VM&);
952 ContiguousDoubles ensureDoubleSlow(VM&);
953 ContiguousJSValues ensureContiguousSlow(VM&);
954 ContiguousJSValues rageEnsureContiguousSlow(VM&);
955 ArrayStorage* ensureArrayStorageSlow(VM&);
956
957 enum DoubleToContiguousMode { EncodeValueAsDouble, RageConvertDoubleToValue };
958 template<DoubleToContiguousMode mode>
959 ContiguousJSValues genericConvertDoubleToContiguous(VM&);
960 ContiguousJSValues ensureContiguousSlow(VM&, DoubleToContiguousMode);
961
962 protected:
963 Butterfly* m_butterfly;
964 };
965
966 // JSNonFinalObject is a type of JSObject that has some internal storage,
967 // but also preserves some space in the collector cell for additional
968 // data members in derived types.
969 class JSNonFinalObject : public JSObject {
970 friend class JSObject;
971
972 public:
973 typedef JSObject Base;
974
975 static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
976 {
977 return Structure::create(vm, globalObject, prototype, TypeInfo(ObjectType, StructureFlags), &s_info);
978 }
979
980 protected:
981 explicit JSNonFinalObject(VM& vm, Structure* structure, Butterfly* butterfly = 0)
982 : JSObject(vm, structure, butterfly)
983 {
984 }
985
986 void finishCreation(VM& vm)
987 {
988 Base::finishCreation(vm);
989 ASSERT(!this->structure()->totalStorageCapacity());
990 ASSERT(classInfo());
991 }
992 };
993
994 class JSFinalObject;
995
996 // JSFinalObject is a type of JSObject that contains sufficent internal
997 // storage to fully make use of the colloctor cell containing it.
998 class JSFinalObject : public JSObject {
999 friend class JSObject;
1000
1001 public:
1002 typedef JSObject Base;
1003
1004 static const unsigned defaultSize = 64;
1005 static inline unsigned defaultInlineCapacity()
1006 {
1007 return (defaultSize - allocationSize(0)) / sizeof(WriteBarrier<Unknown>);
1008 }
1009
1010 static const unsigned maxSize = 512;
1011 static inline unsigned maxInlineCapacity()
1012 {
1013 return (maxSize - allocationSize(0)) / sizeof(WriteBarrier<Unknown>);
1014 }
1015
1016 static JSFinalObject* create(ExecState*, Structure*);
1017 static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype, unsigned inlineCapacity)
1018 {
1019 return Structure::create(vm, globalObject, prototype, TypeInfo(FinalObjectType, StructureFlags), &s_info, NonArray, inlineCapacity);
1020 }
1021
1022 JS_EXPORT_PRIVATE static void visitChildren(JSCell*, SlotVisitor&);
1023
1024 static JS_EXPORTDATA const ClassInfo s_info;
1025
1026 protected:
1027 void visitChildrenCommon(SlotVisitor&);
1028
1029 void finishCreation(VM& vm)
1030 {
1031 Base::finishCreation(vm);
1032 ASSERT(structure()->totalStorageCapacity() == structure()->inlineCapacity());
1033 ASSERT(classInfo());
1034 }
1035
1036 private:
1037 friend class LLIntOffsetsExtractor;
1038
1039 explicit JSFinalObject(VM& vm, Structure* structure)
1040 : JSObject(vm, structure)
1041 {
1042 }
1043
1044 static const unsigned StructureFlags = JSObject::StructureFlags;
1045 };
1046
1047 inline JSFinalObject* JSFinalObject::create(ExecState* exec, Structure* structure)
1048 {
1049 JSFinalObject* finalObject = new (
1050 NotNull,
1051 allocateCell<JSFinalObject>(
1052 *exec->heap(),
1053 allocationSize(structure->inlineCapacity())
1054 )
1055 ) JSFinalObject(exec->vm(), structure);
1056 finalObject->finishCreation(exec->vm());
1057 return finalObject;
1058 }
1059
1060 inline bool isJSFinalObject(JSCell* cell)
1061 {
1062 return cell->classInfo() == &JSFinalObject::s_info;
1063 }
1064
1065 inline bool isJSFinalObject(JSValue value)
1066 {
1067 return value.isCell() && isJSFinalObject(value.asCell());
1068 }
1069
1070 inline size_t JSObject::offsetOfInlineStorage()
1071 {
1072 return sizeof(JSObject);
1073 }
1074
1075 inline bool JSObject::isGlobalObject() const
1076 {
1077 return structure()->typeInfo().type() == GlobalObjectType;
1078 }
1079
1080 inline bool JSObject::isVariableObject() const
1081 {
1082 return structure()->typeInfo().type() >= VariableObjectType;
1083 }
1084
1085
1086 inline bool JSObject::isStaticScopeObject() const
1087 {
1088 JSType type = structure()->typeInfo().type();
1089 return type == NameScopeObjectType || type == ActivationObjectType;
1090 }
1091
1092
1093 inline bool JSObject::isNameScopeObject() const
1094 {
1095 return structure()->typeInfo().type() == NameScopeObjectType;
1096 }
1097
1098 inline bool JSObject::isActivationObject() const
1099 {
1100 return structure()->typeInfo().type() == ActivationObjectType;
1101 }
1102
1103 inline bool JSObject::isErrorInstance() const
1104 {
1105 return structure()->typeInfo().type() == ErrorInstanceType;
1106 }
1107
1108 inline void JSObject::setButterfly(VM& vm, Butterfly* butterfly, Structure* structure)
1109 {
1110 ASSERT(structure);
1111 ASSERT(!butterfly == (!structure->outOfLineCapacity() && !hasIndexingHeader(structure->indexingType())));
1112 setStructure(vm, structure);
1113 m_butterfly = butterfly;
1114 }
1115
1116 inline void JSObject::setButterflyWithoutChangingStructure(Butterfly* butterfly)
1117 {
1118 m_butterfly = butterfly;
1119 }
1120
1121 inline CallType getCallData(JSValue value, CallData& callData)
1122 {
1123 CallType result = value.isCell() ? value.asCell()->methodTable()->getCallData(value.asCell(), callData) : CallTypeNone;
1124 ASSERT(result == CallTypeNone || value.isValidCallee());
1125 return result;
1126 }
1127
1128 inline ConstructType getConstructData(JSValue value, ConstructData& constructData)
1129 {
1130 ConstructType result = value.isCell() ? value.asCell()->methodTable()->getConstructData(value.asCell(), constructData) : ConstructTypeNone;
1131 ASSERT(result == ConstructTypeNone || value.isValidCallee());
1132 return result;
1133 }
1134
1135 inline JSObject* asObject(JSCell* cell)
1136 {
1137 ASSERT(cell->isObject());
1138 return jsCast<JSObject*>(cell);
1139 }
1140
1141 inline JSObject* asObject(JSValue value)
1142 {
1143 return asObject(value.asCell());
1144 }
1145
1146 inline JSObject::JSObject(VM& vm, Structure* structure, Butterfly* butterfly)
1147 : JSCell(vm, structure)
1148 , m_butterfly(butterfly)
1149 {
1150 }
1151
1152 inline JSValue JSObject::prototype() const
1153 {
1154 return structure()->storedPrototype();
1155 }
1156
1157 ALWAYS_INLINE bool JSObject::inlineGetOwnPropertySlot(ExecState* exec, PropertyName propertyName, PropertySlot& slot)
1158 {
1159 PropertyOffset offset = structure()->get(exec->vm(), propertyName);
1160 if (LIKELY(isValidOffset(offset))) {
1161 JSValue value = getDirect(offset);
1162 if (structure()->hasGetterSetterProperties() && value.isGetterSetter())
1163 fillGetterPropertySlot(slot, offset);
1164 else
1165 slot.setValue(this, value, offset);
1166 return true;
1167 }
1168
1169 return getOwnPropertySlotSlow(exec, propertyName, slot);
1170 }
1171
1172 // It may seem crazy to inline a function this large, especially a virtual function,
1173 // but it makes a big difference to property lookup that derived classes can inline their
1174 // base class call to this.
1175 ALWAYS_INLINE bool JSObject::getOwnPropertySlot(JSCell* cell, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
1176 {
1177 return jsCast<JSObject*>(cell)->inlineGetOwnPropertySlot(exec, propertyName, slot);
1178 }
1179
1180 // It may seem crazy to inline a function this large but it makes a big difference
1181 // since this is function very hot in variable lookup
1182 ALWAYS_INLINE bool JSObject::getPropertySlot(ExecState* exec, PropertyName propertyName, PropertySlot& slot)
1183 {
1184 JSObject* object = this;
1185 while (true) {
1186 if (object->fastGetOwnPropertySlot(exec, propertyName, slot))
1187 return true;
1188 JSValue prototype = object->prototype();
1189 if (!prototype.isObject())
1190 return false;
1191 object = asObject(prototype);
1192 }
1193 }
1194
1195 ALWAYS_INLINE bool JSObject::getPropertySlot(ExecState* exec, unsigned propertyName, PropertySlot& slot)
1196 {
1197 JSObject* object = this;
1198 while (true) {
1199 if (object->methodTable()->getOwnPropertySlotByIndex(object, exec, propertyName, slot))
1200 return true;
1201 JSValue prototype = object->prototype();
1202 if (!prototype.isObject())
1203 return false;
1204 object = asObject(prototype);
1205 }
1206 }
1207
1208 inline JSValue JSObject::get(ExecState* exec, PropertyName propertyName) const
1209 {
1210 PropertySlot slot(this);
1211 if (const_cast<JSObject*>(this)->getPropertySlot(exec, propertyName, slot))
1212 return slot.getValue(exec, propertyName);
1213
1214 return jsUndefined();
1215 }
1216
1217 inline JSValue JSObject::get(ExecState* exec, unsigned propertyName) const
1218 {
1219 PropertySlot slot(this);
1220 if (const_cast<JSObject*>(this)->getPropertySlot(exec, propertyName, slot))
1221 return slot.getValue(exec, propertyName);
1222
1223 return jsUndefined();
1224 }
1225
1226 template<JSObject::PutMode mode>
1227 inline bool JSObject::putDirectInternal(VM& vm, PropertyName propertyName, JSValue value, unsigned attributes, PutPropertySlot& slot, JSCell* specificFunction)
1228 {
1229 ASSERT(value);
1230 ASSERT(value.isGetterSetter() == !!(attributes & Accessor));
1231 ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(this));
1232 ASSERT(propertyName.asIndex() == PropertyName::NotAnIndex);
1233
1234 if (structure()->isDictionary()) {
1235 unsigned currentAttributes;
1236 JSCell* currentSpecificFunction;
1237 PropertyOffset offset = structure()->get(vm, propertyName, currentAttributes, currentSpecificFunction);
1238 if (offset != invalidOffset) {
1239 // If there is currently a specific function, and there now either isn't,
1240 // or the new value is different, then despecify.
1241 if (currentSpecificFunction && (specificFunction != currentSpecificFunction))
1242 structure()->despecifyDictionaryFunction(vm, propertyName);
1243 if ((mode == PutModePut) && currentAttributes & ReadOnly)
1244 return false;
1245
1246 putDirect(vm, offset, value);
1247 // At this point, the objects structure only has a specific value set if previously there
1248 // had been one set, and if the new value being specified is the same (otherwise we would
1249 // have despecified, above). So, if currentSpecificFunction is not set, or if the new
1250 // value is different (or there is no new value), then the slot now has no value - and
1251 // as such it is cachable.
1252 // If there was previously a value, and the new value is the same, then we cannot cache.
1253 if (!currentSpecificFunction || (specificFunction != currentSpecificFunction))
1254 slot.setExistingProperty(this, offset);
1255 return true;
1256 }
1257
1258 if ((mode == PutModePut) && !isExtensible())
1259 return false;
1260
1261 Butterfly* newButterfly = m_butterfly;
1262 if (structure()->putWillGrowOutOfLineStorage())
1263 newButterfly = growOutOfLineStorage(vm, structure()->outOfLineCapacity(), structure()->suggestedNewOutOfLineStorageCapacity());
1264 offset = structure()->addPropertyWithoutTransition(vm, propertyName, attributes, specificFunction);
1265 setButterfly(vm, newButterfly, structure());
1266
1267 validateOffset(offset);
1268 ASSERT(structure()->isValidOffset(offset));
1269 putDirect(vm, offset, value);
1270 // See comment on setNewProperty call below.
1271 if (!specificFunction)
1272 slot.setNewProperty(this, offset);
1273 if (attributes & ReadOnly)
1274 structure()->setContainsReadOnlyProperties();
1275 return true;
1276 }
1277
1278 PropertyOffset offset;
1279 size_t currentCapacity = structure()->outOfLineCapacity();
1280 if (Structure* structure = Structure::addPropertyTransitionToExistingStructure(this->structure(), propertyName, attributes, specificFunction, offset)) {
1281 Butterfly* newButterfly = m_butterfly;
1282 if (currentCapacity != structure->outOfLineCapacity())
1283 newButterfly = growOutOfLineStorage(vm, currentCapacity, structure->outOfLineCapacity());
1284
1285 validateOffset(offset);
1286 ASSERT(structure->isValidOffset(offset));
1287 setButterfly(vm, newButterfly, structure);
1288 putDirect(vm, offset, value);
1289 // This is a new property; transitions with specific values are not currently cachable,
1290 // so leave the slot in an uncachable state.
1291 if (!specificFunction)
1292 slot.setNewProperty(this, offset);
1293 return true;
1294 }
1295
1296 unsigned currentAttributes;
1297 JSCell* currentSpecificFunction;
1298 offset = structure()->get(vm, propertyName, currentAttributes, currentSpecificFunction);
1299 if (offset != invalidOffset) {
1300 if ((mode == PutModePut) && currentAttributes & ReadOnly)
1301 return false;
1302
1303 // There are three possibilities here:
1304 // (1) There is an existing specific value set, and we're overwriting with *the same value*.
1305 // * Do nothing - no need to despecify, but that means we can't cache (a cached
1306 // put could write a different value). Leave the slot in an uncachable state.
1307 // (2) There is a specific value currently set, but we're writing a different value.
1308 // * First, we have to despecify. Having done so, this is now a regular slot
1309 // with no specific value, so go ahead & cache like normal.
1310 // (3) Normal case, there is no specific value set.
1311 // * Go ahead & cache like normal.
1312 if (currentSpecificFunction) {
1313 // case (1) Do the put, then return leaving the slot uncachable.
1314 if (specificFunction == currentSpecificFunction) {
1315 putDirect(vm, offset, value);
1316 return true;
1317 }
1318 // case (2) Despecify, fall through to (3).
1319 setStructure(vm, Structure::despecifyFunctionTransition(vm, structure(), propertyName));
1320 }
1321
1322 // case (3) set the slot, do the put, return.
1323 slot.setExistingProperty(this, offset);
1324 putDirect(vm, offset, value);
1325 return true;
1326 }
1327
1328 if ((mode == PutModePut) && !isExtensible())
1329 return false;
1330
1331 Structure* structure = Structure::addPropertyTransition(vm, this->structure(), propertyName, attributes, specificFunction, offset);
1332
1333 validateOffset(offset);
1334 ASSERT(structure->isValidOffset(offset));
1335 setStructureAndReallocateStorageIfNecessary(vm, structure);
1336
1337 putDirect(vm, offset, value);
1338 // This is a new property; transitions with specific values are not currently cachable,
1339 // so leave the slot in an uncachable state.
1340 if (!specificFunction)
1341 slot.setNewProperty(this, offset);
1342 if (attributes & ReadOnly)
1343 structure->setContainsReadOnlyProperties();
1344 return true;
1345 }
1346
1347 inline void JSObject::setStructureAndReallocateStorageIfNecessary(VM& vm, unsigned oldCapacity, Structure* newStructure)
1348 {
1349 ASSERT(oldCapacity <= newStructure->outOfLineCapacity());
1350
1351 if (oldCapacity == newStructure->outOfLineCapacity()) {
1352 setStructure(vm, newStructure);
1353 return;
1354 }
1355
1356 Butterfly* newButterfly = growOutOfLineStorage(
1357 vm, oldCapacity, newStructure->outOfLineCapacity());
1358 setButterfly(vm, newButterfly, newStructure);
1359 }
1360
1361 inline void JSObject::setStructureAndReallocateStorageIfNecessary(VM& vm, Structure* newStructure)
1362 {
1363 setStructureAndReallocateStorageIfNecessary(
1364 vm, structure()->outOfLineCapacity(), newStructure);
1365 }
1366
1367 inline bool JSObject::putOwnDataProperty(VM& vm, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
1368 {
1369 ASSERT(value);
1370 ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(this));
1371 ASSERT(!structure()->hasGetterSetterProperties());
1372
1373 return putDirectInternal<PutModePut>(vm, propertyName, value, 0, slot, getCallableObject(value));
1374 }
1375
1376 inline void JSObject::putDirect(VM& vm, PropertyName propertyName, JSValue value, unsigned attributes)
1377 {
1378 ASSERT(!value.isGetterSetter() && !(attributes & Accessor));
1379 PutPropertySlot slot;
1380 putDirectInternal<PutModeDefineOwnProperty>(vm, propertyName, value, attributes, slot, getCallableObject(value));
1381 }
1382
1383 inline void JSObject::putDirect(VM& vm, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
1384 {
1385 ASSERT(!value.isGetterSetter());
1386 putDirectInternal<PutModeDefineOwnProperty>(vm, propertyName, value, 0, slot, getCallableObject(value));
1387 }
1388
1389 inline void JSObject::putDirectWithoutTransition(VM& vm, PropertyName propertyName, JSValue value, unsigned attributes)
1390 {
1391 ASSERT(!value.isGetterSetter() && !(attributes & Accessor));
1392 Butterfly* newButterfly = m_butterfly;
1393 if (structure()->putWillGrowOutOfLineStorage())
1394 newButterfly = growOutOfLineStorage(vm, structure()->outOfLineCapacity(), structure()->suggestedNewOutOfLineStorageCapacity());
1395 PropertyOffset offset = structure()->addPropertyWithoutTransition(vm, propertyName, attributes, getCallableObject(value));
1396 setButterfly(vm, newButterfly, structure());
1397 putDirect(vm, offset, value);
1398 }
1399
1400 inline JSValue JSObject::toPrimitive(ExecState* exec, PreferredPrimitiveType preferredType) const
1401 {
1402 return methodTable()->defaultValue(this, exec, preferredType);
1403 }
1404
1405 ALWAYS_INLINE JSObject* Register::function() const
1406 {
1407 if (!jsValue())
1408 return 0;
1409 return asObject(jsValue());
1410 }
1411
1412 ALWAYS_INLINE Register Register::withCallee(JSObject* callee)
1413 {
1414 Register r;
1415 r = JSValue(callee);
1416 return r;
1417 }
1418
1419 inline size_t offsetInButterfly(PropertyOffset offset)
1420 {
1421 return offsetInOutOfLineStorage(offset) + Butterfly::indexOfPropertyStorage();
1422 }
1423
1424 // Helpers for patching code where you want to emit a load or store and
1425 // the base is:
1426 // For inline offsets: a pointer to the out-of-line storage pointer.
1427 // For out-of-line offsets: the base of the out-of-line storage.
1428 inline size_t offsetRelativeToPatchedStorage(PropertyOffset offset)
1429 {
1430 if (isOutOfLineOffset(offset))
1431 return sizeof(EncodedJSValue) * offsetInButterfly(offset);
1432 return JSObject::offsetOfInlineStorage() - JSObject::butterflyOffset() + sizeof(EncodedJSValue) * offsetInInlineStorage(offset);
1433 }
1434
1435 // Returns the maximum offset (away from zero) a load instruction will encode.
1436 inline size_t maxOffsetRelativeToPatchedStorage(PropertyOffset offset)
1437 {
1438 ptrdiff_t addressOffset = static_cast<ptrdiff_t>(offsetRelativeToPatchedStorage(offset));
1439 #if USE(JSVALUE32_64)
1440 if (addressOffset >= 0)
1441 return static_cast<size_t>(addressOffset) + OBJECT_OFFSETOF(EncodedValueDescriptor, asBits.tag);
1442 #endif
1443 return static_cast<size_t>(addressOffset);
1444 }
1445
1446 inline int indexRelativeToBase(PropertyOffset offset)
1447 {
1448 if (isOutOfLineOffset(offset))
1449 return offsetInOutOfLineStorage(offset) + Butterfly::indexOfPropertyStorage();
1450 ASSERT(!(JSObject::offsetOfInlineStorage() % sizeof(EncodedJSValue)));
1451 return JSObject::offsetOfInlineStorage() / sizeof(EncodedJSValue) + offsetInInlineStorage(offset);
1452 }
1453
1454 inline int offsetRelativeToBase(PropertyOffset offset)
1455 {
1456 if (isOutOfLineOffset(offset))
1457 return offsetInOutOfLineStorage(offset) * sizeof(EncodedJSValue) + Butterfly::offsetOfPropertyStorage();
1458 return JSObject::offsetOfInlineStorage() + offsetInInlineStorage(offset) * sizeof(EncodedJSValue);
1459 }
1460
1461 COMPILE_ASSERT(!(sizeof(JSObject) % sizeof(WriteBarrierBase<Unknown>)), JSObject_inline_storage_has_correct_alignment);
1462
1463 ALWAYS_INLINE Identifier makeIdentifier(ExecState* exec, const char* name)
1464 {
1465 return Identifier(exec, name);
1466 }
1467
1468 ALWAYS_INLINE Identifier makeIdentifier(ExecState*, const Identifier& name)
1469 {
1470 return name;
1471 }
1472
1473 // Helper for defining native functions, if you're not using a static hash table.
1474 // Use this macro from within finishCreation() methods in prototypes. This assumes
1475 // you've defined variables called exec, globalObject, and vm, and they
1476 // have the expected meanings.
1477 #define JSC_NATIVE_INTRINSIC_FUNCTION(jsName, cppName, attributes, length, intrinsic) \
1478 putDirectNativeFunction(\
1479 exec, globalObject, makeIdentifier(exec, (jsName)), (length), cppName, \
1480 (intrinsic), (attributes))
1481
1482 // As above, but this assumes that the function you're defining doesn't have an
1483 // intrinsic.
1484 #define JSC_NATIVE_FUNCTION(jsName, cppName, attributes, length) \
1485 JSC_NATIVE_INTRINSIC_FUNCTION(jsName, cppName, (attributes), (length), NoIntrinsic)
1486
1487 } // namespace JSC
1488
1489 #endif // JSObject_h
mirror of JavaScriptCore