Merge revision 3813 to 3930 from bleeding_edge to partial snapshots branch.

src/builtins.cc

 // Copyright 2006-2008 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 150 matching lines @@
   const Smi* kConstructMarker = Smi::FromInt(StackFrame::CONSTRUCT);
   Object* marker = Memory::Object_at(caller_fp + kMarkerOffset);
   bool result = (marker == kConstructMarker);
   ASSERT_EQ(result, reference_result);
   return result;
 }
 
 // ----------------------------------------------------------------------------
 
 
-Handle<Code> Builtins::GetCode(JavaScript id, bool* resolved) {
-  Code* code = Builtins::builtin(Builtins::Illegal);
-  *resolved = false;
-
-  if (Top::context() != NULL) {
-    Object* object = Top::builtins()->javascript_builtin(id);
-    if (object->IsJSFunction()) {
-      Handle<SharedFunctionInfo> shared(JSFunction::cast(object)->shared());
-      // Make sure the number of parameters match the formal parameter count.
-      ASSERT(shared->formal_parameter_count() ==
-             Builtins::GetArgumentsCount(id));
-      if (EnsureCompiled(shared, CLEAR_EXCEPTION)) {
-        code = shared->code();
-        *resolved = true;
-      }
-    }
-  }
-
-  return Handle<Code>(code);
-}
-
-
 BUILTIN(Illegal) {
   UNREACHABLE();
   return Heap::undefined_value();  // Make compiler happy.
 }
 
 
 BUILTIN(EmptyFunction) {
   return Heap::undefined_value();
 }
 
@@ skipping 58 matching lines @@
   array->set_length(len);
 
   return array;
 }
 
 
 BUILTIN(ArrayPush) {
   JSArray* array = JSArray::cast(*args.receiver());
   ASSERT(array->HasFastElements());
 
-  // Make sure we have space for the elements.
   int len = Smi::cast(array->length())->value();
+  int to_add = args.length() - 1;
+  if (to_add == 0) {
+    return Smi::FromInt(len);
+  }
+  // Currently fixed arrays cannot grow too big, so
+  // we should never hit this case.
+  ASSERT(to_add <= (Smi::kMaxValue - len));
 
-  // Set new length.
-  int new_length = len + args.length() - 1;
+  int new_length = len + to_add;
   FixedArray* elms = FixedArray::cast(array->elements());
 
-  if (new_length <= elms->length()) {
-    // Backing storage has extra space for the provided values.
-    for (int index = 0; index < args.length() - 1; index++) {
-      elms->set(index + len, args[index+1]);
-    }
-  } else {
+  if (new_length > elms->length()) {
     // New backing storage is needed.
     int capacity = new_length + (new_length >> 1) + 16;
     Object* obj = Heap::AllocateFixedArrayWithHoles(capacity);
     if (obj->IsFailure()) return obj;
 
     AssertNoAllocation no_gc;
     FixedArray* new_elms = FixedArray::cast(obj);
     WriteBarrierMode mode = new_elms->GetWriteBarrierMode(no_gc);
     // Fill out the new array with old elements.
     for (int i = 0; i < len; i++) new_elms->set(i, elms->get(i), mode);
-    // Add the provided values.
-    for (int index = 0; index < args.length() - 1; index++) {
-      new_elms->set(index + len, args[index+1], mode);
-    }
-    // Set the new backing storage.
-    array->set_elements(new_elms);
+    elms = new_elms;
+    array->set_elements(elms);
   }
+
+  AssertNoAllocation no_gc;
+  WriteBarrierMode mode = elms->GetWriteBarrierMode(no_gc);
+
+  // Add the provided values.
+  for (int index = 0; index < to_add; index++) {
+    elms->set(index + len, args[index + 1], mode);
+  }
+
   // Set the length.
   array->set_length(Smi::FromInt(new_length));
-  return array->length();
+  return Smi::FromInt(new_length);
 }
 
 
 BUILTIN(ArrayPop) {
   JSArray* array = JSArray::cast(*args.receiver());
   ASSERT(array->HasFastElements());
   Object* undefined = Heap::undefined_value();
 
   int len = Smi::cast(array->length())->value();
   if (len == 0) return undefined;
@@ skipping 14 matching lines @@
   // Remember to check the prototype chain.
   JSFunction* array_function =
       Top::context()->global_context()->array_function();
   JSObject* prototype = JSObject::cast(array_function->prototype());
   top = prototype->GetElement(len - 1);
 
   return top;
 }
 
 
+static Object* GetElementToMove(uint32_t index,
+                                FixedArray* elms,
+                                JSObject* prototype) {
+  Object* e = elms->get(index);
+  if (e->IsTheHole() && prototype->HasElement(index)) {
+    e = prototype->GetElement(index);
+  }
+  return e;
+}
+
+
+BUILTIN(ArrayShift) {
+  JSArray* array = JSArray::cast(*args.receiver());
+  ASSERT(array->HasFastElements());
+
+  int len = Smi::cast(array->length())->value();
+  if (len == 0) return Heap::undefined_value();
+
+  // Fetch the prototype.
+  JSFunction* array_function =
+      Top::context()->global_context()->array_function();
+  JSObject* prototype = JSObject::cast(array_function->prototype());
+
+  FixedArray* elms = FixedArray::cast(array->elements());
+
+  // Get first element
+  Object* first = elms->get(0);
+  if (first->IsTheHole()) {
+    first = prototype->GetElement(0);
+  }
+
+  // Shift the elements.
+  for (int i = 0; i < len - 1; i++) {
+    elms->set(i, GetElementToMove(i + 1, elms, prototype));
+  }
+  elms->set(len - 1, Heap::the_hole_value());
+
+  // Set the length.
+  array->set_length(Smi::FromInt(len - 1));
+
+  return first;
+}
+
+
+BUILTIN(ArrayUnshift) {
+  JSArray* array = JSArray::cast(*args.receiver());
+  ASSERT(array->HasFastElements());
+
+  int len = Smi::cast(array->length())->value();
+  int to_add = args.length() - 1;
+  // Note that we cannot quit early if to_add == 0 as
+  // values should be lifted from prototype into
+  // the array.
+
+  int new_length = len + to_add;
+  // Currently fixed arrays cannot grow too big, so
+  // we should never hit this case.
+  ASSERT(to_add <= (Smi::kMaxValue - len));
+
+  FixedArray* elms = FixedArray::cast(array->elements());
+
+  // Fetch the prototype.
+  JSFunction* array_function =
+      Top::context()->global_context()->array_function();
+  JSObject* prototype = JSObject::cast(array_function->prototype());
+
+  if (new_length > elms->length()) {
+    // New backing storage is needed.
+    int capacity = new_length + (new_length >> 1) + 16;
+    Object* obj = Heap::AllocateFixedArrayWithHoles(capacity);
+    if (obj->IsFailure()) return obj;
+
+    AssertNoAllocation no_gc;
+    FixedArray* new_elms = FixedArray::cast(obj);
+    WriteBarrierMode mode = new_elms->GetWriteBarrierMode(no_gc);
+    // Fill out the new array with old elements.
+    for (int i = 0; i < len; i++)
+      new_elms->set(to_add + i,
+                    GetElementToMove(i, elms, prototype),
+                    mode);
+
+    elms = new_elms;
+    array->set_elements(elms);
+  } else {
+    AssertNoAllocation no_gc;
+    WriteBarrierMode mode = elms->GetWriteBarrierMode(no_gc);
+
+    // Move elements to the right
+    for (int i = 0; i < len; i++) {
+      elms->set(new_length - i - 1,
+                GetElementToMove(len - i - 1, elms, prototype),
+                mode);
+    }
+  }
+
+  // Add the provided values.
+  AssertNoAllocation no_gc;
+  WriteBarrierMode mode = elms->GetWriteBarrierMode(no_gc);
+  for (int i = 0; i < to_add; i++) {
+    elms->set(i, args[i + 1], mode);
+  }
+
+  // Set the length.
+  array->set_length(Smi::FromInt(new_length));
+  return Smi::FromInt(new_length);
+}
+
+
+static Object* CallJsBuiltin(const char* name,
+                             BuiltinArguments<NO_EXTRA_ARGUMENTS> args) {
+  HandleScope handleScope;
+
+  Handle<Object> js_builtin =
+      GetProperty(Handle<JSObject>(Top::global_context()->builtins()),
+                  name);
+  ASSERT(js_builtin->IsJSFunction());
+  Handle<JSFunction> function(Handle<JSFunction>::cast(js_builtin));
+  Vector<Object**> argv(Vector<Object**>::New(args.length() - 1));
+  int n_args = args.length() - 1;
+  for (int i = 0; i < n_args; i++) {
+    argv[i] = &args[i + 1];
+  }
+  bool pending_exception = false;
+  Handle<Object> result = Execution::Call(function,
+                                          args.receiver(),
+                                          n_args,
+                                          argv.start(),
+                                          &pending_exception);
+  if (pending_exception) return Failure::Exception();
+  return *result;
+}
+
+
+BUILTIN(ArraySlice) {
+  JSArray* array = JSArray::cast(*args.receiver());
+  ASSERT(array->HasFastElements());
+
+  int len = Smi::cast(array->length())->value();
+
+  int n_arguments = args.length() - 1;
+
+  // Note carefully choosen defaults---if argument is missing,
+  // it's undefined which gets converted to 0 for relativeStart
+  // and to len for relativeEnd.
+  int relativeStart = 0;
+  int relativeEnd = len;
+  if (n_arguments > 0) {
+    Object* arg1 = args[1];
+    if (arg1->IsSmi()) {
+      relativeStart = Smi::cast(arg1)->value();
+    } else if (!arg1->IsUndefined()) {
+      return CallJsBuiltin("ArraySlice", args);
+    }
+    if (n_arguments > 1) {
+      Object* arg2 = args[2];
+      if (arg2->IsSmi()) {
+        relativeEnd = Smi::cast(arg2)->value();
+      } else if (!arg2->IsUndefined()) {
+        return CallJsBuiltin("ArraySlice", args);
+      }
+    }
+  }
+
+  // ECMAScript 232, 3rd Edition, Section 15.4.4.10, step 6.
+  int k = (relativeStart < 0) ? Max(len + relativeStart, 0)
+                              : Min(relativeStart, len);
+
+  // ECMAScript 232, 3rd Edition, Section 15.4.4.10, step 8.
+  int final = (relativeEnd < 0) ? Max(len + relativeEnd, 0)
+                                : Min(relativeEnd, len);
+
+  // Calculate the length of result array.
+  int result_len = final - k;
+  if (result_len < 0) {
+    result_len = 0;
+  }
+
+  JSFunction* array_function =
+      Top::context()->global_context()->array_function();
+  Object* result = Heap::AllocateJSObject(array_function);
+  if (result->IsFailure()) return result;
+  JSArray* result_array = JSArray::cast(result);
+
+  result = Heap::AllocateFixedArrayWithHoles(result_len);
+  if (result->IsFailure()) return result;
+  FixedArray* result_elms = FixedArray::cast(result);
+
+  FixedArray* elms = FixedArray::cast(array->elements());
+
+  // Fetch the prototype.
+  JSObject* prototype = JSObject::cast(array_function->prototype());
+
+  AssertNoAllocation no_gc;
+  WriteBarrierMode mode = result_elms->GetWriteBarrierMode(no_gc);
+
+  // Fill newly created array.
+  for (int i = 0; i < result_len; i++) {
+    result_elms->set(i,
+                     GetElementToMove(k + i, elms, prototype),
+                     mode);
+  }
+
+  // Set elements.
+  result_array->set_elements(result_elms);
+
+  // Set the length.
+  result_array->set_length(Smi::FromInt(result_len));
+  return result_array;
+}
+
+
+BUILTIN(ArraySplice) {
+  JSArray* array = JSArray::cast(*args.receiver());
+  ASSERT(array->HasFastElements());
+
+  int len = Smi::cast(array->length())->value();
+
+  int n_arguments = args.length() - 1;
+
+  // SpiderMonkey and JSC return undefined in the case where no
+  // arguments are given instead of using the implicit undefined
+  // arguments.  This does not follow ECMA-262, but we do the same for
+  // compatibility.
+  // TraceMonkey follows ECMA-262 though.
+  if (n_arguments == 0) {
+    return Heap::undefined_value();
+  }
+
+  int relativeStart = 0;
+  Object* arg1 = args[1];
+  if (arg1->IsSmi()) {
+    relativeStart = Smi::cast(arg1)->value();
+  } else if (!arg1->IsUndefined()) {
+    return CallJsBuiltin("ArraySplice", args);
+  }
+  int actualStart = (relativeStart < 0) ? Max(len + relativeStart, 0)
+                                        : Min(relativeStart, len);
+
+  // SpiderMonkey, TraceMonkey and JSC treat the case where no delete count is
+  // given differently from when an undefined delete count is given.
+  // This does not follow ECMA-262, but we do the same for
+  // compatibility.
+  int deleteCount = len;
+  if (n_arguments > 1) {
+    Object* arg2 = args[2];
+    if (arg2->IsSmi()) {
+      deleteCount = Smi::cast(arg2)->value();
+    } else {
+      return CallJsBuiltin("ArraySplice", args);
+    }
+  }
+  int actualDeleteCount = Min(Max(deleteCount, 0), len - actualStart);
+
+  JSFunction* array_function =
+      Top::context()->global_context()->array_function();
+
+  // Allocate result array.
+  Object* result = Heap::AllocateJSObject(array_function);
+  if (result->IsFailure()) return result;
+  JSArray* result_array = JSArray::cast(result);
+
+  result = Heap::AllocateFixedArrayWithHoles(actualDeleteCount);
+  if (result->IsFailure()) return result;
+  FixedArray* result_elms = FixedArray::cast(result);
+
+  FixedArray* elms = FixedArray::cast(array->elements());
+
+  // Fetch the prototype.
+  JSObject* prototype = JSObject::cast(array_function->prototype());
+
+  AssertNoAllocation no_gc;
+  WriteBarrierMode mode = result_elms->GetWriteBarrierMode(no_gc);
+
+  // Fill newly created array.
+  for (int k = 0; k < actualDeleteCount; k++) {
+    result_elms->set(k,
+                     GetElementToMove(actualStart + k, elms, prototype),
+                     mode);
+  }
+
+  // Set elements.
+  result_array->set_elements(result_elms);
+
+  // Set the length.
+  result_array->set_length(Smi::FromInt(actualDeleteCount));
+
+  int itemCount = (n_arguments > 1) ? (n_arguments - 2) : 0;
+
+  int new_length = len - actualDeleteCount + itemCount;
+
+  mode = elms->GetWriteBarrierMode(no_gc);
+  if (itemCount < actualDeleteCount) {
+    // Shrink the array.
+    for (int k = actualStart; k < (len - actualDeleteCount); k++) {
+      elms->set(k + itemCount,
+                GetElementToMove(k + actualDeleteCount, elms, prototype),
+                mode);
+    }
+
+    for (int k = len; k > new_length; k--) {
+      elms->set(k - 1, Heap::the_hole_value());
+    }
+  } else if (itemCount > actualDeleteCount) {
+    // Currently fixed arrays cannot grow too big, so
+    // we should never hit this case.
+    ASSERT((itemCount - actualDeleteCount) <= (Smi::kMaxValue - len));
+
+    FixedArray* source_elms = elms;
+
+    // Check if array need to grow.
+    if (new_length > elms->length()) {
+      // New backing storage is needed.
+      int capacity = new_length + (new_length >> 1) + 16;
+      Object* obj = Heap::AllocateFixedArrayWithHoles(capacity);
+      if (obj->IsFailure()) return obj;
+
+      FixedArray* new_elms = FixedArray::cast(obj);
+      mode = new_elms->GetWriteBarrierMode(no_gc);
+
+      // Copy the part before actualStart as is.
+      for (int k = 0; k < actualStart; k++) {
+        new_elms->set(k, elms->get(k), mode);
+      }
+
+      source_elms = elms;
+      elms = new_elms;
+      array->set_elements(elms);
+    }
+
+    for (int k = len - actualDeleteCount; k > actualStart; k--) {
+      elms->set(k + itemCount - 1,
+                GetElementToMove(k + actualDeleteCount - 1,
+                                 source_elms,
+                                 prototype),
+                mode);
+    }
+  }
+
+  for (int k = actualStart; k < actualStart + itemCount; k++) {
+    elms->set(k, args[3 + k - actualStart], mode);
+  }
+
+  // Set the length.
+  array->set_length(Smi::FromInt(new_length));
+
+  return result_array;
+}
+
+
 // -----------------------------------------------------------------------------
 //
 
 
 // Returns the holder JSObject if the function can legally be called
 // with this receiver.  Returns Heap::null_value() if the call is
 // illegal.  Any arguments that don't fit the expected type is
 // overwritten with undefined.  Arguments that do fit the expected
 // type is overwritten with the object in the prototype chain that
 // actually has that type.
@@ skipping 119 matching lines @@
 BUILTIN(HandleApiCall) {
   return HandleApiCallHelper<false>(args);
 }
 
 
 BUILTIN(HandleApiCallConstruct) {
   return HandleApiCallHelper<true>(args);
 }
 
 
+#ifdef DEBUG
+
+static void VerifyTypeCheck(Handle<JSObject> object,
+                            Handle<JSFunction> function) {
+  FunctionTemplateInfo* info =
+      FunctionTemplateInfo::cast(function->shared()->function_data());
+  if (info->signature()->IsUndefined()) return;
+  SignatureInfo* signature = SignatureInfo::cast(info->signature());
+  Object* receiver_type = signature->receiver();
+  if (receiver_type->IsUndefined()) return;
+  FunctionTemplateInfo* type = FunctionTemplateInfo::cast(receiver_type);
+  ASSERT(object->IsInstanceOf(type));
+}
+
+#endif
+
+
+BUILTIN(FastHandleApiCall) {
+  ASSERT(!CalledAsConstructor());
+  const bool is_construct = false;
+
+  // We expect four more arguments: function, callback, call data, and holder.
+  const int args_length = args.length() - 4;
+  ASSERT(args_length >= 0);
+
+  Handle<JSFunction> function = args.at<JSFunction>(args_length);
+  Object* callback_obj = args[args_length + 1];
+  Handle<Object> data_handle = args.at<Object>(args_length + 2);
+  Handle<JSObject> checked_holder = args.at<JSObject>(args_length + 3);
+
+#ifdef DEBUG
+  VerifyTypeCheck(checked_holder, function);
+#endif
+
+  v8::Local<v8::Object> holder = v8::Utils::ToLocal(checked_holder);
+  v8::Local<v8::Function> callee = v8::Utils::ToLocal(function);
+  v8::InvocationCallback callback =
+      v8::ToCData<v8::InvocationCallback>(callback_obj);
+  v8::Local<v8::Value> data = v8::Utils::ToLocal(data_handle);
+
+  v8::Arguments new_args = v8::ImplementationUtilities::NewArguments(
+      data,
+      holder,
+      callee,
+      is_construct,
+      reinterpret_cast<void**>(&args[0] - 1),
+      args_length - 1);
+
+  HandleScope scope;
+  Object* result;
+  v8::Handle<v8::Value> value;
+  {
+    // Leaving JavaScript.
+    VMState state(EXTERNAL);
+#ifdef ENABLE_LOGGING_AND_PROFILING
+    state.set_external_callback(v8::ToCData<Address>(callback_obj));
+#endif
+    value = callback(new_args);
+  }
+  if (value.IsEmpty()) {
+    result = Heap::undefined_value();
+  } else {
+    result = *reinterpret_cast<Object**>(*value);
+  }
+
+  RETURN_IF_SCHEDULED_EXCEPTION();
+  return result;
+}
+
+
 // Helper function to handle calls to non-function objects created through the
 // API. The object can be called as either a constructor (using new) or just as
 // a function (without new).
 static Object* HandleApiCallAsFunctionOrConstructor(
     bool is_construct_call,
     BuiltinArguments<NO_EXTRA_ARGUMENTS> args) {
   // Non-functions are never called as constructors. Even if this is an object
   // called as a constructor the delegate call is not a construct call.
   ASSERT(!CalledAsConstructor());
 
@@ skipping 163 matching lines @@
 
 static void Generate_KeyedLoadIC_ExternalFloatArray(MacroAssembler* masm) {
   KeyedLoadIC::GenerateExternalArray(masm, kExternalFloatArray);
 }
 
 
 static void Generate_KeyedLoadIC_PreMonomorphic(MacroAssembler* masm) {
   KeyedLoadIC::GeneratePreMonomorphic(masm);
 }
 
+static void Generate_KeyedLoadIC_IndexedInterceptor(MacroAssembler* masm) {
+  KeyedLoadIC::GenerateIndexedInterceptor(masm);
+}
+
 
 static void Generate_StoreIC_Initialize(MacroAssembler* masm) {
   StoreIC::GenerateInitialize(masm);
 }
 
 
 static void Generate_StoreIC_Miss(MacroAssembler* masm) {
   StoreIC::GenerateMiss(masm);
 }
 
 
-static void Generate_StoreIC_ExtendStorage(MacroAssembler* masm) {
-  StoreIC::GenerateExtendStorage(masm);
-}
-
 static void Generate_StoreIC_Megamorphic(MacroAssembler* masm) {
   StoreIC::GenerateMegamorphic(masm);
 }
 
 
+static void Generate_StoreIC_ArrayLength(MacroAssembler* masm) {
+  StoreIC::GenerateArrayLength(masm);
+}
+
+
 static void Generate_KeyedStoreIC_Generic(MacroAssembler* masm) {
   KeyedStoreIC::GenerateGeneric(masm);
 }
 
 
 static void Generate_KeyedStoreIC_ExternalByteArray(MacroAssembler* masm) {
   KeyedStoreIC::GenerateExternalArray(masm, kExternalByteArray);
 }
 
 
@@ skipping 23 matching lines @@
     MacroAssembler* masm) {
   KeyedStoreIC::GenerateExternalArray(masm, kExternalUnsignedIntArray);
 }
 
 
 static void Generate_KeyedStoreIC_ExternalFloatArray(MacroAssembler* masm) {
   KeyedStoreIC::GenerateExternalArray(masm, kExternalFloatArray);
 }
 
 
-static void Generate_KeyedStoreIC_ExtendStorage(MacroAssembler* masm) {
-  KeyedStoreIC::GenerateExtendStorage(masm);
-}
-
-
 static void Generate_KeyedStoreIC_Miss(MacroAssembler* masm) {
   KeyedStoreIC::GenerateMiss(masm);
 }
 
 
 static void Generate_KeyedStoreIC_Initialize(MacroAssembler* masm) {
   KeyedStoreIC::GenerateInitialize(masm);
 }
 
 
@@ skipping 124 matching lines @@
       Object* code;
       {
         // During startup it's OK to always allocate and defer GC to later.
         // This simplifies things because we don't need to retry.
         AlwaysAllocateScope __scope__;
         code = Heap::CreateCode(desc, NULL, flags, masm.CodeObject());
         if (code->IsFailure()) {
           v8::internal::V8::FatalProcessOutOfMemory("CreateCode");
         }
       }
-      // Add any unresolved jumps or calls to the fixup list in the
-      // bootstrapper.
-      Bootstrapper::AddFixup(Code::cast(code), &masm);
       // Log the event and add the code to the builtins array.
       LOG(CodeCreateEvent(Logger::BUILTIN_TAG,
                           Code::cast(code), functions[i].s_name));
       builtins_[i] = code;
 #ifdef ENABLE_DISASSEMBLER
       if (FLAG_print_builtin_code) {
         PrintF("Builtin: %s\n", functions[i].s_name);
         Code::cast(code)->Disassemble(functions[i].s_name);
         PrintF("\n");
       }
@@ skipping 27 matching lines @@
       if (entry->contains(pc)) {
         return names_[i];
       }
     }
   }
   return NULL;
 }
 
 
 } }  // namespace v8::internal