V8 API Reference, 7.2.502.16 (for Deno 0.2.4)
bootstrapper.cc
1 // Copyright 2014 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "src/bootstrapper.h"
6 
7 #include "src/accessors.h"
8 #include "src/api-inl.h"
9 #include "src/api-natives.h"
10 #include "src/base/ieee754.h"
11 #include "src/code-stubs.h"
12 #include "src/compiler.h"
13 #include "src/counters.h"
14 #include "src/debug/debug.h"
15 #include "src/extensions/externalize-string-extension.h"
16 #include "src/extensions/free-buffer-extension.h"
17 #include "src/extensions/gc-extension.h"
18 #include "src/extensions/ignition-statistics-extension.h"
19 #include "src/extensions/statistics-extension.h"
20 #include "src/extensions/trigger-failure-extension.h"
21 #include "src/heap/heap.h"
22 #include "src/isolate-inl.h"
23 #include "src/math-random.h"
24 #include "src/objects/api-callbacks.h"
25 #include "src/objects/arguments.h"
26 #include "src/objects/builtin-function-id.h"
27 #include "src/objects/hash-table-inl.h"
28 #ifdef V8_INTL_SUPPORT
29 #include "src/objects/intl-objects.h"
30 #endif // V8_INTL_SUPPORT
31 #include "src/objects/js-array-buffer-inl.h"
32 #include "src/objects/js-array-inl.h"
33 #ifdef V8_INTL_SUPPORT
34 #include "src/objects/js-break-iterator.h"
35 #include "src/objects/js-collator.h"
36 #include "src/objects/js-date-time-format.h"
37 #include "src/objects/js-list-format.h"
38 #include "src/objects/js-locale.h"
39 #include "src/objects/js-number-format.h"
40 #include "src/objects/js-plural-rules.h"
41 #endif // V8_INTL_SUPPORT
42 #include "src/objects/js-regexp-string-iterator.h"
43 #include "src/objects/js-regexp.h"
44 #ifdef V8_INTL_SUPPORT
45 #include "src/objects/js-relative-time-format.h"
46 #include "src/objects/js-segment-iterator.h"
47 #include "src/objects/js-segmenter.h"
48 #endif // V8_INTL_SUPPORT
49 #include "src/objects/js-weak-refs.h"
50 #include "src/objects/slots-inl.h"
51 #include "src/objects/templates.h"
52 #include "src/snapshot/natives.h"
53 #include "src/snapshot/snapshot.h"
54 #include "src/wasm/wasm-js.h"
55 
56 namespace v8 {
57 namespace internal {
58 
59 void SourceCodeCache::Initialize(Isolate* isolate, bool create_heap_objects) {
60  cache_ = create_heap_objects ? ReadOnlyRoots(isolate).empty_fixed_array()
61  : FixedArray();
62 }
63 
64 void SourceCodeCache::Iterate(RootVisitor* v) {
65  v->VisitRootPointer(Root::kExtensions, nullptr, ObjectSlot(&cache_));
66 }
67 
68 bool SourceCodeCache::Lookup(Isolate* isolate, Vector<const char> name,
69  Handle<SharedFunctionInfo>* handle) {
70  for (int i = 0; i < cache_->length(); i += 2) {
71  SeqOneByteString str = SeqOneByteString::cast(cache_->get(i));
72  if (str->IsUtf8EqualTo(name)) {
73  *handle = Handle<SharedFunctionInfo>(
74  SharedFunctionInfo::cast(cache_->get(i + 1)), isolate);
75  return true;
76  }
77  }
78  return false;
79 }
80 
81 void SourceCodeCache::Add(Isolate* isolate, Vector<const char> name,
82  Handle<SharedFunctionInfo> shared) {
83  Factory* factory = isolate->factory();
84  HandleScope scope(isolate);
85  int length = cache_->length();
86  Handle<FixedArray> new_array = factory->NewFixedArray(length + 2, TENURED);
87  cache_->CopyTo(0, *new_array, 0, cache_->length());
88  cache_ = *new_array;
89  Handle<String> str =
90  factory->NewStringFromOneByte(Vector<const uint8_t>::cast(name), TENURED)
91  .ToHandleChecked();
92  DCHECK(!str.is_null());
93  cache_->set(length, *str);
94  cache_->set(length + 1, *shared);
95  Script::cast(shared->script())->set_type(type_);
96 }
97 
98 Bootstrapper::Bootstrapper(Isolate* isolate)
99  : isolate_(isolate),
100  nesting_(0),
101  extensions_cache_(Script::TYPE_EXTENSION) {}
102 
103 Handle<String> Bootstrapper::GetNativeSource(NativeType type, int index) {
104  NativesExternalStringResource* resource =
105  new NativesExternalStringResource(type, index);
106  Handle<ExternalOneByteString> source_code =
107  isolate_->factory()->NewNativeSourceString(resource);
108  DCHECK(source_code->is_uncached());
109  return source_code;
110 }
111 
112 void Bootstrapper::Initialize(bool create_heap_objects) {
113  extensions_cache_.Initialize(isolate_, create_heap_objects);
114 }
115 
116 
117 static const char* GCFunctionName() {
118  bool flag_given =
119  FLAG_expose_gc_as != nullptr && strlen(FLAG_expose_gc_as) != 0;
120  return flag_given ? FLAG_expose_gc_as : "gc";
121 }
122 
123 v8::Extension* Bootstrapper::free_buffer_extension_ = nullptr;
124 v8::Extension* Bootstrapper::gc_extension_ = nullptr;
125 v8::Extension* Bootstrapper::externalize_string_extension_ = nullptr;
126 v8::Extension* Bootstrapper::statistics_extension_ = nullptr;
127 v8::Extension* Bootstrapper::trigger_failure_extension_ = nullptr;
128 v8::Extension* Bootstrapper::ignition_statistics_extension_ = nullptr;
129 
130 void Bootstrapper::InitializeOncePerProcess() {
131  free_buffer_extension_ = new FreeBufferExtension;
132  v8::RegisterExtension(free_buffer_extension_);
133  gc_extension_ = new GCExtension(GCFunctionName());
134  v8::RegisterExtension(gc_extension_);
135  externalize_string_extension_ = new ExternalizeStringExtension;
136  v8::RegisterExtension(externalize_string_extension_);
137  statistics_extension_ = new StatisticsExtension;
138  v8::RegisterExtension(statistics_extension_);
139  trigger_failure_extension_ = new TriggerFailureExtension;
140  v8::RegisterExtension(trigger_failure_extension_);
141  ignition_statistics_extension_ = new IgnitionStatisticsExtension;
142  v8::RegisterExtension(ignition_statistics_extension_);
143 }
144 
145 
146 void Bootstrapper::TearDownExtensions() {
147  delete free_buffer_extension_;
148  free_buffer_extension_ = nullptr;
149  delete gc_extension_;
150  gc_extension_ = nullptr;
151  delete externalize_string_extension_;
152  externalize_string_extension_ = nullptr;
153  delete statistics_extension_;
154  statistics_extension_ = nullptr;
155  delete trigger_failure_extension_;
156  trigger_failure_extension_ = nullptr;
157  delete ignition_statistics_extension_;
158  ignition_statistics_extension_ = nullptr;
159 }
160 
161 void Bootstrapper::TearDown() {
162  extensions_cache_.Initialize(isolate_, false); // Yes, symmetrical
163 }
164 
165 class Genesis {
166  public:
167  Genesis(Isolate* isolate, MaybeHandle<JSGlobalProxy> maybe_global_proxy,
168  v8::Local<v8::ObjectTemplate> global_proxy_template,
169  size_t context_snapshot_index,
170  v8::DeserializeEmbedderFieldsCallback embedder_fields_deserializer,
171  GlobalContextType context_type);
172  Genesis(Isolate* isolate, MaybeHandle<JSGlobalProxy> maybe_global_proxy,
173  v8::Local<v8::ObjectTemplate> global_proxy_template);
174  ~Genesis() = default;
175 
176  Isolate* isolate() const { return isolate_; }
177  Factory* factory() const { return isolate_->factory(); }
178  Builtins* builtins() const { return isolate_->builtins(); }
179  Heap* heap() const { return isolate_->heap(); }
180 
181  Handle<Context> result() { return result_; }
182 
183  Handle<JSGlobalProxy> global_proxy() { return global_proxy_; }
184 
185  private:
186  Handle<NativeContext> native_context() { return native_context_; }
187 
188  // Creates some basic objects. Used for creating a context from scratch.
189  void CreateRoots();
190  // Creates the empty function. Used for creating a context from scratch.
191  Handle<JSFunction> CreateEmptyFunction();
192  // Returns the %ThrowTypeError% intrinsic function.
193  // See ES#sec-%throwtypeerror% for details.
194  Handle<JSFunction> GetThrowTypeErrorIntrinsic();
195 
196  void CreateSloppyModeFunctionMaps(Handle<JSFunction> empty);
197  void CreateStrictModeFunctionMaps(Handle<JSFunction> empty);
198  void CreateObjectFunction(Handle<JSFunction> empty);
199  void CreateIteratorMaps(Handle<JSFunction> empty);
200  void CreateAsyncIteratorMaps(Handle<JSFunction> empty);
201  void CreateAsyncFunctionMaps(Handle<JSFunction> empty);
202  void CreateJSProxyMaps();
203 
204  // Make the "arguments" and "caller" properties throw a TypeError on access.
205  void AddRestrictedFunctionProperties(Handle<JSFunction> empty);
206 
207  // Creates the global objects using the global proxy and the template passed
208  // in through the API. We call this regardless of whether we are building a
209  // context from scratch or using a deserialized one from the partial snapshot
210  // but in the latter case we don't use the objects it produces directly, as
211  // we have to use the deserialized ones that are linked together with the
212  // rest of the context snapshot. At the end we link the global proxy and the
213  // context to each other.
214  Handle<JSGlobalObject> CreateNewGlobals(
215  v8::Local<v8::ObjectTemplate> global_proxy_template,
216  Handle<JSGlobalProxy> global_proxy);
217  // Similarly, we want to use the global that has been created by the templates
218  // passed through the API. The global from the snapshot is detached from the
219  // other objects in the snapshot.
220  void HookUpGlobalObject(Handle<JSGlobalObject> global_object);
221  // Hooks the given global proxy into the context in the case we do not
222  // replace the global object from the deserialized native context.
223  void HookUpGlobalProxy(Handle<JSGlobalProxy> global_proxy);
224  // The native context has a ScriptContextTable that store declarative bindings
225  // made in script scopes. Add a "this" binding to that table pointing to the
226  // global proxy.
227  void InstallGlobalThisBinding();
228  // New context initialization. Used for creating a context from scratch.
229  void InitializeGlobal(Handle<JSGlobalObject> global_object,
230  Handle<JSFunction> empty_function,
231  GlobalContextType context_type);
232  void InitializeExperimentalGlobal();
233  // Depending on the situation, expose and/or get rid of the utils object.
234  void ConfigureUtilsObject(GlobalContextType context_type);
235 
236 #define DECLARE_FEATURE_INITIALIZATION(id, descr) \
237  void InitializeGlobal_##id();
238 
239  HARMONY_INPROGRESS(DECLARE_FEATURE_INITIALIZATION)
240  HARMONY_STAGED(DECLARE_FEATURE_INITIALIZATION)
241  HARMONY_SHIPPING(DECLARE_FEATURE_INITIALIZATION)
242 #undef DECLARE_FEATURE_INITIALIZATION
243 
244  enum ArrayBufferKind {
245  ARRAY_BUFFER,
246  SHARED_ARRAY_BUFFER,
247  };
248  Handle<JSFunction> CreateArrayBuffer(Handle<String> name,
249  ArrayBufferKind array_buffer_kind);
250  Handle<JSFunction> InstallInternalArray(Handle<JSObject> target,
251  const char* name,
252  ElementsKind elements_kind);
253  bool InstallNatives(GlobalContextType context_type);
254 
255  Handle<JSFunction> InstallTypedArray(const char* name,
256  ElementsKind elements_kind);
257  bool InstallExtraNatives();
258  bool InstallExperimentalExtraNatives();
259  bool InstallDebuggerNatives();
260  void InstallBuiltinFunctionIds();
261  void InstallExperimentalBuiltinFunctionIds();
262  void InitializeNormalizedMapCaches();
263 
264  enum ExtensionTraversalState {
265  UNVISITED, VISITED, INSTALLED
266  };
267 
268  class ExtensionStates {
269  public:
270  ExtensionStates();
271  ExtensionTraversalState get_state(RegisteredExtension* extension);
272  void set_state(RegisteredExtension* extension,
273  ExtensionTraversalState state);
274  private:
275  base::HashMap map_;
276  DISALLOW_COPY_AND_ASSIGN(ExtensionStates);
277  };
278 
279  // Used both for deserialized and from-scratch contexts to add the extensions
280  // provided.
281  static bool InstallExtensions(Isolate* isolate,
282  Handle<Context> native_context,
283  v8::ExtensionConfiguration* extensions);
284  static bool InstallAutoExtensions(Isolate* isolate,
285  ExtensionStates* extension_states);
286  static bool InstallRequestedExtensions(Isolate* isolate,
287  v8::ExtensionConfiguration* extensions,
288  ExtensionStates* extension_states);
289  static bool InstallExtension(Isolate* isolate,
290  const char* name,
291  ExtensionStates* extension_states);
292  static bool InstallExtension(Isolate* isolate,
293  v8::RegisteredExtension* current,
294  ExtensionStates* extension_states);
295  static bool InstallSpecialObjects(Isolate* isolate,
296  Handle<Context> native_context);
297  bool ConfigureApiObject(Handle<JSObject> object,
298  Handle<ObjectTemplateInfo> object_template);
299  bool ConfigureGlobalObjects(
300  v8::Local<v8::ObjectTemplate> global_proxy_template);
301 
302  // Migrates all properties from the 'from' object to the 'to'
303  // object and overrides the prototype in 'to' with the one from
304  // 'from'.
305  void TransferObject(Handle<JSObject> from, Handle<JSObject> to);
306  void TransferNamedProperties(Handle<JSObject> from, Handle<JSObject> to);
307  void TransferIndexedProperties(Handle<JSObject> from, Handle<JSObject> to);
308 
309  static bool CallUtilsFunction(Isolate* isolate, const char* name);
310 
311  static bool CompileExtension(Isolate* isolate, v8::Extension* extension);
312 
313  Isolate* isolate_;
314  Handle<Context> result_;
315  Handle<NativeContext> native_context_;
316  Handle<JSGlobalProxy> global_proxy_;
317 
318  // Temporary function maps needed only during bootstrapping.
319  Handle<Map> strict_function_with_home_object_map_;
320  Handle<Map> strict_function_with_name_and_home_object_map_;
321 
322  // %ThrowTypeError%. See ES#sec-%throwtypeerror% for details.
323  Handle<JSFunction> restricted_properties_thrower_;
324 
325  BootstrapperActive active_;
326  friend class Bootstrapper;
327 };
328 
329 void Bootstrapper::Iterate(RootVisitor* v) {
330  extensions_cache_.Iterate(v);
331  v->Synchronize(VisitorSynchronization::kExtensions);
332 }
333 
334 Handle<Context> Bootstrapper::CreateEnvironment(
335  MaybeHandle<JSGlobalProxy> maybe_global_proxy,
336  v8::Local<v8::ObjectTemplate> global_proxy_template,
337  v8::ExtensionConfiguration* extensions, size_t context_snapshot_index,
338  v8::DeserializeEmbedderFieldsCallback embedder_fields_deserializer,
339  GlobalContextType context_type) {
340  HandleScope scope(isolate_);
341  Handle<Context> env;
342  {
343  Genesis genesis(isolate_, maybe_global_proxy, global_proxy_template,
344  context_snapshot_index, embedder_fields_deserializer,
345  context_type);
346  env = genesis.result();
347  if (env.is_null() || !InstallExtensions(env, extensions)) {
348  return Handle<Context>();
349  }
350  }
351  LogAllMaps();
352  return scope.CloseAndEscape(env);
353 }
354 
355 Handle<JSGlobalProxy> Bootstrapper::NewRemoteContext(
356  MaybeHandle<JSGlobalProxy> maybe_global_proxy,
357  v8::Local<v8::ObjectTemplate> global_proxy_template) {
358  HandleScope scope(isolate_);
359  Handle<JSGlobalProxy> global_proxy;
360  {
361  Genesis genesis(isolate_, maybe_global_proxy, global_proxy_template);
362  global_proxy = genesis.global_proxy();
363  if (global_proxy.is_null()) return Handle<JSGlobalProxy>();
364  }
365  LogAllMaps();
366  return scope.CloseAndEscape(global_proxy);
367 }
368 
369 void Bootstrapper::LogAllMaps() {
370  if (!FLAG_trace_maps || isolate_->initialized_from_snapshot()) return;
371  // Log all created Map objects that are on the heap. For snapshots the Map
372  // logging happens during deserialization in order to avoid printing Maps
373  // multiple times during partial deserialization.
374  LOG(isolate_, LogAllMaps());
375 }
376 
377 void Bootstrapper::DetachGlobal(Handle<Context> env) {
378  isolate_->counters()->errors_thrown_per_context()->AddSample(
379  env->GetErrorsThrown());
380 
381  ReadOnlyRoots roots(isolate_);
382  Handle<JSGlobalProxy> global_proxy(JSGlobalProxy::cast(env->global_proxy()),
383  isolate_);
384  global_proxy->set_native_context(roots.null_value());
385  JSObject::ForceSetPrototype(global_proxy, isolate_->factory()->null_value());
386  global_proxy->map()->SetConstructor(roots.null_value());
387  if (FLAG_track_detached_contexts) {
388  isolate_->AddDetachedContext(env);
389  }
390 }
391 
392 namespace {
393 
394 V8_NOINLINE Handle<SharedFunctionInfo> SimpleCreateSharedFunctionInfo(
395  Isolate* isolate, Builtins::Name builtin_id, Handle<String> name, int len,
396  FunctionKind kind = FunctionKind::kNormalFunction) {
397  Handle<SharedFunctionInfo> shared =
398  isolate->factory()->NewSharedFunctionInfoForBuiltin(name, builtin_id,
399  kind);
400  shared->set_internal_formal_parameter_count(len);
401  shared->set_length(len);
402  return shared;
403 }
404 
405 V8_NOINLINE Handle<SharedFunctionInfo> SimpleCreateBuiltinSharedFunctionInfo(
406  Isolate* isolate, Builtins::Name builtin_id, Handle<String> name, int len) {
407  Handle<SharedFunctionInfo> shared =
408  isolate->factory()->NewSharedFunctionInfoForBuiltin(name, builtin_id,
409  kNormalFunction);
410  shared->set_internal_formal_parameter_count(len);
411  shared->set_length(len);
412  return shared;
413 }
414 
415 V8_NOINLINE Handle<JSFunction> CreateFunction(
416  Isolate* isolate, Handle<String> name, InstanceType type, int instance_size,
417  int inobject_properties, Handle<Object> prototype,
418  Builtins::Name builtin_id) {
419  Handle<JSFunction> result;
420 
421  NewFunctionArgs args = NewFunctionArgs::ForBuiltinWithPrototype(
422  name, prototype, type, instance_size, inobject_properties, builtin_id,
423  IMMUTABLE);
424 
425  result = isolate->factory()->NewFunction(args);
426  // Make the JSFunction's prototype object fast.
427  JSObject::MakePrototypesFast(handle(result->prototype(), isolate),
428  kStartAtReceiver, isolate);
429 
430  // Make the resulting JSFunction object fast.
431  JSObject::MakePrototypesFast(result, kStartAtReceiver, isolate);
432  result->shared()->set_native(true);
433  return result;
434 }
435 
436 V8_NOINLINE Handle<JSFunction> InstallFunction(
437  Isolate* isolate, Handle<JSObject> target, Handle<String> name,
438  InstanceType type, int instance_size, int inobject_properties,
439  Handle<Object> prototype, Builtins::Name call) {
440  Handle<JSFunction> function = CreateFunction(
441  isolate, name, type, instance_size, inobject_properties, prototype, call);
442  JSObject::AddProperty(isolate, target, name, function, DONT_ENUM);
443  return function;
444 }
445 
446 V8_NOINLINE Handle<JSFunction> InstallFunction(
447  Isolate* isolate, Handle<JSObject> target, const char* name,
448  InstanceType type, int instance_size, int inobject_properties,
449  Handle<Object> prototype, Builtins::Name call) {
450  return InstallFunction(isolate, target,
451  isolate->factory()->InternalizeUtf8String(name), type,
452  instance_size, inobject_properties, prototype, call);
453 }
454 
455 V8_NOINLINE Handle<JSFunction> SimpleCreateFunction(Isolate* isolate,
456  Handle<String> name,
457  Builtins::Name call,
458  int len, bool adapt) {
459  NewFunctionArgs args = NewFunctionArgs::ForBuiltinWithoutPrototype(
460  name, call, LanguageMode::kStrict);
461  Handle<JSFunction> fun = isolate->factory()->NewFunction(args);
462  // Make the resulting JSFunction object fast.
463  JSObject::MakePrototypesFast(fun, kStartAtReceiver, isolate);
464  fun->shared()->set_native(true);
465 
466  if (adapt) {
467  fun->shared()->set_internal_formal_parameter_count(len);
468  } else {
469  fun->shared()->DontAdaptArguments();
470  }
471  fun->shared()->set_length(len);
472  return fun;
473 }
474 
475 V8_NOINLINE Handle<JSFunction> InstallFunctionWithBuiltinId(
476  Isolate* isolate, Handle<JSObject> base, const char* name,
477  Builtins::Name call, int len, bool adapt, BuiltinFunctionId id) {
478  DCHECK_NE(BuiltinFunctionId::kInvalidBuiltinFunctionId, id);
479  Handle<String> internalized_name =
480  isolate->factory()->InternalizeUtf8String(name);
481  Handle<JSFunction> fun =
482  SimpleCreateFunction(isolate, internalized_name, call, len, adapt);
483  fun->shared()->set_builtin_function_id(id);
484  JSObject::AddProperty(isolate, base, internalized_name, fun, DONT_ENUM);
485  return fun;
486 }
487 
488 V8_NOINLINE Handle<JSFunction> SimpleInstallFunction(
489  Isolate* isolate, Handle<JSObject> base, const char* name,
490  Builtins::Name call, int len, bool adapt,
491  PropertyAttributes attrs = DONT_ENUM) {
492  // Although function name does not have to be internalized the property name
493  // will be internalized during property addition anyway, so do it here now.
494  Handle<String> internalized_name =
495  isolate->factory()->InternalizeUtf8String(name);
496  Handle<JSFunction> fun =
497  SimpleCreateFunction(isolate, internalized_name, call, len, adapt);
498  JSObject::AddProperty(isolate, base, internalized_name, fun, attrs);
499  return fun;
500 }
501 
502 V8_NOINLINE Handle<JSFunction> InstallFunctionAtSymbol(
503  Isolate* isolate, Handle<JSObject> base, Handle<Symbol> symbol,
504  const char* symbol_string, Builtins::Name call, int len, bool adapt,
505  PropertyAttributes attrs = DONT_ENUM,
506  BuiltinFunctionId id = BuiltinFunctionId::kInvalidBuiltinFunctionId) {
507  Handle<String> internalized_symbol =
508  isolate->factory()->InternalizeUtf8String(symbol_string);
509  Handle<JSFunction> fun =
510  SimpleCreateFunction(isolate, internalized_symbol, call, len, adapt);
511  if (id != BuiltinFunctionId::kInvalidBuiltinFunctionId) {
512  fun->shared()->set_builtin_function_id(id);
513  }
514  JSObject::AddProperty(isolate, base, symbol, fun, attrs);
515  return fun;
516 }
517 
518 V8_NOINLINE void SimpleInstallGetterSetter(Isolate* isolate,
519  Handle<JSObject> base,
520  Handle<String> name,
521  Builtins::Name call_getter,
522  Builtins::Name call_setter,
523  PropertyAttributes attribs) {
524  Handle<String> getter_name =
525  Name::ToFunctionName(isolate, name, isolate->factory()->get_string())
526  .ToHandleChecked();
527  Handle<JSFunction> getter =
528  SimpleCreateFunction(isolate, getter_name, call_getter, 0, true);
529 
530  Handle<String> setter_name =
531  Name::ToFunctionName(isolate, name, isolate->factory()->set_string())
532  .ToHandleChecked();
533  Handle<JSFunction> setter =
534  SimpleCreateFunction(isolate, setter_name, call_setter, 1, true);
535 
536  JSObject::DefineAccessor(base, name, getter, setter, attribs).Check();
537 }
538 
539 V8_NOINLINE Handle<JSFunction> SimpleInstallGetter(
540  Isolate* isolate, Handle<JSObject> base, Handle<Name> name,
541  Handle<Name> property_name, Builtins::Name call, bool adapt) {
542  Handle<String> getter_name =
543  Name::ToFunctionName(isolate, name, isolate->factory()->get_string())
544  .ToHandleChecked();
545  Handle<JSFunction> getter =
546  SimpleCreateFunction(isolate, getter_name, call, 0, adapt);
547 
548  Handle<Object> setter = isolate->factory()->undefined_value();
549 
550  JSObject::DefineAccessor(base, property_name, getter, setter, DONT_ENUM)
551  .Check();
552 
553  return getter;
554 }
555 
556 V8_NOINLINE Handle<JSFunction> SimpleInstallGetter(Isolate* isolate,
557  Handle<JSObject> base,
558  Handle<Name> name,
559  Builtins::Name call,
560  bool adapt) {
561  return SimpleInstallGetter(isolate, base, name, name, call, adapt);
562 }
563 
564 V8_NOINLINE Handle<JSFunction> SimpleInstallGetter(
565  Isolate* isolate, Handle<JSObject> base, Handle<Name> name,
566  Builtins::Name call, bool adapt, BuiltinFunctionId id) {
567  Handle<JSFunction> fun =
568  SimpleInstallGetter(isolate, base, name, call, adapt);
569  fun->shared()->set_builtin_function_id(id);
570  return fun;
571 }
572 
573 V8_NOINLINE void InstallConstant(Isolate* isolate, Handle<JSObject> holder,
574  const char* name, Handle<Object> value) {
575  JSObject::AddProperty(
576  isolate, holder, isolate->factory()->InternalizeUtf8String(name), value,
577  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
578 }
579 
580 V8_NOINLINE void InstallSpeciesGetter(Isolate* isolate,
581  Handle<JSFunction> constructor) {
582  Factory* factory = isolate->factory();
583  // TODO(adamk): We should be able to share a SharedFunctionInfo
584  // between all these JSFunctins.
585  SimpleInstallGetter(isolate, constructor, factory->symbol_species_string(),
586  factory->species_symbol(), Builtins::kReturnReceiver,
587  true);
588 }
589 
590 } // namespace
591 
592 Handle<JSFunction> Genesis::CreateEmptyFunction() {
593  // Allocate the function map first and then patch the prototype later.
594  Handle<Map> empty_function_map = factory()->CreateSloppyFunctionMap(
595  FUNCTION_WITHOUT_PROTOTYPE, MaybeHandle<JSFunction>());
596  empty_function_map->set_is_prototype_map(true);
597  DCHECK(!empty_function_map->is_dictionary_map());
598 
599  // Allocate ScopeInfo for the empty function.
600  Handle<ScopeInfo> scope_info = ScopeInfo::CreateForEmptyFunction(isolate());
601 
602  // Allocate the empty function as the prototype for function according to
603  // ES#sec-properties-of-the-function-prototype-object
604  NewFunctionArgs args = NewFunctionArgs::ForBuiltin(
605  factory()->empty_string(), empty_function_map, Builtins::kEmptyFunction);
606  Handle<JSFunction> empty_function = factory()->NewFunction(args);
607  native_context()->set_empty_function(*empty_function);
608 
609  // --- E m p t y ---
610  Handle<String> source = factory()->NewStringFromStaticChars("() {}");
611  Handle<Script> script = factory()->NewScript(source);
612  script->set_type(Script::TYPE_NATIVE);
613  Handle<WeakFixedArray> infos = factory()->NewWeakFixedArray(2);
614  script->set_shared_function_infos(*infos);
615  empty_function->shared()->set_scope_info(*scope_info);
616  empty_function->shared()->DontAdaptArguments();
617  SharedFunctionInfo::SetScript(handle(empty_function->shared(), isolate()),
618  script, 1);
619 
620  return empty_function;
621 }
622 
623 void Genesis::CreateSloppyModeFunctionMaps(Handle<JSFunction> empty) {
624  Factory* factory = isolate_->factory();
625  Handle<Map> map;
626 
627  //
628  // Allocate maps for sloppy functions without prototype.
629  //
630  map = factory->CreateSloppyFunctionMap(FUNCTION_WITHOUT_PROTOTYPE, empty);
631  native_context()->set_sloppy_function_without_prototype_map(*map);
632 
633  //
634  // Allocate maps for sloppy functions with readonly prototype.
635  //
636  map =
637  factory->CreateSloppyFunctionMap(FUNCTION_WITH_READONLY_PROTOTYPE, empty);
638  native_context()->set_sloppy_function_with_readonly_prototype_map(*map);
639 
640  //
641  // Allocate maps for sloppy functions with writable prototype.
642  //
643  map = factory->CreateSloppyFunctionMap(FUNCTION_WITH_WRITEABLE_PROTOTYPE,
644  empty);
645  native_context()->set_sloppy_function_map(*map);
646 
647  map = factory->CreateSloppyFunctionMap(
648  FUNCTION_WITH_NAME_AND_WRITEABLE_PROTOTYPE, empty);
649  native_context()->set_sloppy_function_with_name_map(*map);
650 }
651 
652 Handle<JSFunction> Genesis::GetThrowTypeErrorIntrinsic() {
653  if (!restricted_properties_thrower_.is_null()) {
654  return restricted_properties_thrower_;
655  }
656  Handle<String> name = factory()->empty_string();
657  NewFunctionArgs args = NewFunctionArgs::ForBuiltinWithoutPrototype(
658  name, Builtins::kStrictPoisonPillThrower, i::LanguageMode::kStrict);
659  Handle<JSFunction> function = factory()->NewFunction(args);
660  function->shared()->DontAdaptArguments();
661 
662  // %ThrowTypeError% must not have a name property.
663  if (JSReceiver::DeleteProperty(function, factory()->name_string())
664  .IsNothing()) {
665  DCHECK(false);
666  }
667 
668  // length needs to be non configurable.
669  Handle<Object> value(Smi::FromInt(function->shared()->GetLength()),
670  isolate());
671  JSObject::SetOwnPropertyIgnoreAttributes(
672  function, factory()->length_string(), value,
673  static_cast<PropertyAttributes>(DONT_ENUM | DONT_DELETE | READ_ONLY))
674  .Assert();
675 
676  if (JSObject::PreventExtensions(function, kThrowOnError).IsNothing()) {
677  DCHECK(false);
678  }
679 
680  JSObject::MigrateSlowToFast(function, 0, "Bootstrapping");
681 
682  restricted_properties_thrower_ = function;
683  return function;
684 }
685 
686 void Genesis::CreateStrictModeFunctionMaps(Handle<JSFunction> empty) {
687  Factory* factory = isolate_->factory();
688  Handle<Map> map;
689 
690  //
691  // Allocate maps for strict functions without prototype.
692  //
693  map = factory->CreateStrictFunctionMap(FUNCTION_WITHOUT_PROTOTYPE, empty);
694  native_context()->set_strict_function_without_prototype_map(*map);
695 
696  map = factory->CreateStrictFunctionMap(METHOD_WITH_NAME, empty);
697  native_context()->set_method_with_name_map(*map);
698 
699  map = factory->CreateStrictFunctionMap(METHOD_WITH_HOME_OBJECT, empty);
700  native_context()->set_method_with_home_object_map(*map);
701 
702  map =
703  factory->CreateStrictFunctionMap(METHOD_WITH_NAME_AND_HOME_OBJECT, empty);
704  native_context()->set_method_with_name_and_home_object_map(*map);
705 
706  //
707  // Allocate maps for strict functions with writable prototype.
708  //
709  map = factory->CreateStrictFunctionMap(FUNCTION_WITH_WRITEABLE_PROTOTYPE,
710  empty);
711  native_context()->set_strict_function_map(*map);
712 
713  map = factory->CreateStrictFunctionMap(
714  FUNCTION_WITH_NAME_AND_WRITEABLE_PROTOTYPE, empty);
715  native_context()->set_strict_function_with_name_map(*map);
716 
717  strict_function_with_home_object_map_ = factory->CreateStrictFunctionMap(
718  FUNCTION_WITH_HOME_OBJECT_AND_WRITEABLE_PROTOTYPE, empty);
719  strict_function_with_name_and_home_object_map_ =
720  factory->CreateStrictFunctionMap(
721  FUNCTION_WITH_NAME_AND_HOME_OBJECT_AND_WRITEABLE_PROTOTYPE, empty);
722 
723  //
724  // Allocate maps for strict functions with readonly prototype.
725  //
726  map =
727  factory->CreateStrictFunctionMap(FUNCTION_WITH_READONLY_PROTOTYPE, empty);
728  native_context()->set_strict_function_with_readonly_prototype_map(*map);
729 
730  //
731  // Allocate map for class functions.
732  //
733  map = factory->CreateClassFunctionMap(empty);
734  native_context()->set_class_function_map(*map);
735 
736  // Now that the strict mode function map is available, set up the
737  // restricted "arguments" and "caller" getters.
738  AddRestrictedFunctionProperties(empty);
739 }
740 
741 void Genesis::CreateObjectFunction(Handle<JSFunction> empty_function) {
742  Factory* factory = isolate_->factory();
743 
744  // --- O b j e c t ---
745  int inobject_properties = JSObject::kInitialGlobalObjectUnusedPropertiesCount;
746  int instance_size =
747  JSObject::kHeaderSize + kPointerSize * inobject_properties;
748 
749  Handle<JSFunction> object_fun = CreateFunction(
750  isolate_, factory->Object_string(), JS_OBJECT_TYPE, instance_size,
751  inobject_properties, factory->null_value(), Builtins::kObjectConstructor);
752  object_fun->shared()->set_length(1);
753  object_fun->shared()->DontAdaptArguments();
754  native_context()->set_object_function(*object_fun);
755 
756  {
757  // Finish setting up Object function's initial map.
758  Map initial_map = object_fun->initial_map();
759  initial_map->set_elements_kind(HOLEY_ELEMENTS);
760  }
761 
762  // Allocate a new prototype for the object function.
763  Handle<JSObject> object_function_prototype =
764  factory->NewFunctionPrototype(object_fun);
765 
766  Handle<Map> map =
767  Map::Copy(isolate(), handle(object_function_prototype->map(), isolate()),
768  "EmptyObjectPrototype");
769  map->set_is_prototype_map(true);
770  // Ban re-setting Object.prototype.__proto__ to prevent Proxy security bug
771  map->set_is_immutable_proto(true);
772  object_function_prototype->set_map(*map);
773 
774  // Complete setting up empty function.
775  {
776  Handle<Map> empty_function_map(empty_function->map(), isolate_);
777  Map::SetPrototype(isolate(), empty_function_map, object_function_prototype);
778  }
779 
780  native_context()->set_initial_object_prototype(*object_function_prototype);
781  JSFunction::SetPrototype(object_fun, object_function_prototype);
782 
783  {
784  // Set up slow map for Object.create(null) instances without in-object
785  // properties.
786  Handle<Map> map(object_fun->initial_map(), isolate_);
787  map = Map::CopyInitialMapNormalized(isolate(), map);
788  Map::SetPrototype(isolate(), map, factory->null_value());
789  native_context()->set_slow_object_with_null_prototype_map(*map);
790 
791  // Set up slow map for literals with too many properties.
792  map = Map::Copy(isolate(), map, "slow_object_with_object_prototype_map");
793  Map::SetPrototype(isolate(), map, object_function_prototype);
794  native_context()->set_slow_object_with_object_prototype_map(*map);
795  }
796 }
797 
798 namespace {
799 
800 Handle<Map> CreateNonConstructorMap(Isolate* isolate, Handle<Map> source_map,
801  Handle<JSObject> prototype,
802  const char* reason) {
803  Handle<Map> map = Map::Copy(isolate, source_map, reason);
804  // Ensure the resulting map has prototype slot (it is necessary for storing
805  // inital map even when the prototype property is not required).
806  if (!map->has_prototype_slot()) {
807  // Re-set the unused property fields after changing the instance size.
808  // TODO(ulan): Do not change instance size after map creation.
809  int unused_property_fields = map->UnusedPropertyFields();
810  map->set_instance_size(map->instance_size() + kPointerSize);
811  // The prototype slot shifts the in-object properties area by one slot.
812  map->SetInObjectPropertiesStartInWords(
813  map->GetInObjectPropertiesStartInWords() + 1);
814  map->set_has_prototype_slot(true);
815  map->SetInObjectUnusedPropertyFields(unused_property_fields);
816  }
817  map->set_is_constructor(false);
818  Map::SetPrototype(isolate, map, prototype);
819  return map;
820 }
821 
822 } // namespace
823 
824 void Genesis::CreateIteratorMaps(Handle<JSFunction> empty) {
825  // Create iterator-related meta-objects.
826  Handle<JSObject> iterator_prototype =
827  factory()->NewJSObject(isolate()->object_function(), TENURED);
828 
829  InstallFunctionAtSymbol(isolate(), iterator_prototype,
830  factory()->iterator_symbol(), "[Symbol.iterator]",
831  Builtins::kReturnReceiver, 0, true);
832  native_context()->set_initial_iterator_prototype(*iterator_prototype);
833 
834  Handle<JSObject> generator_object_prototype =
835  factory()->NewJSObject(isolate()->object_function(), TENURED);
836  native_context()->set_initial_generator_prototype(
837  *generator_object_prototype);
838  JSObject::ForceSetPrototype(generator_object_prototype, iterator_prototype);
839  Handle<JSObject> generator_function_prototype =
840  factory()->NewJSObject(isolate()->object_function(), TENURED);
841  JSObject::ForceSetPrototype(generator_function_prototype, empty);
842 
843  JSObject::AddProperty(isolate(), generator_function_prototype,
844  factory()->to_string_tag_symbol(),
845  factory()->InternalizeUtf8String("GeneratorFunction"),
846  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
847  JSObject::AddProperty(isolate(), generator_function_prototype,
848  factory()->prototype_string(),
849  generator_object_prototype,
850  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
851 
852  JSObject::AddProperty(isolate(), generator_object_prototype,
853  factory()->constructor_string(),
854  generator_function_prototype,
855  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
856  JSObject::AddProperty(isolate(), generator_object_prototype,
857  factory()->to_string_tag_symbol(),
858  factory()->InternalizeUtf8String("Generator"),
859  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
860  SimpleInstallFunction(isolate(), generator_object_prototype, "next",
861  Builtins::kGeneratorPrototypeNext, 1, false);
862  SimpleInstallFunction(isolate(), generator_object_prototype, "return",
863  Builtins::kGeneratorPrototypeReturn, 1, false);
864  SimpleInstallFunction(isolate(), generator_object_prototype, "throw",
865  Builtins::kGeneratorPrototypeThrow, 1, false);
866 
867  // Internal version of generator_prototype_next, flagged as non-native such
868  // that it doesn't show up in Error traces.
869  Handle<JSFunction> generator_next_internal =
870  SimpleCreateFunction(isolate(), factory()->next_string(),
871  Builtins::kGeneratorPrototypeNext, 1, false);
872  generator_next_internal->shared()->set_native(false);
873  native_context()->set_generator_next_internal(*generator_next_internal);
874 
875  // Create maps for generator functions and their prototypes. Store those
876  // maps in the native context. The "prototype" property descriptor is
877  // writable, non-enumerable, and non-configurable (as per ES6 draft
878  // 04-14-15, section 25.2.4.3).
879  // Generator functions do not have "caller" or "arguments" accessors.
880  Handle<Map> map;
881  map = CreateNonConstructorMap(isolate(), isolate()->strict_function_map(),
882  generator_function_prototype,
883  "GeneratorFunction");
884  native_context()->set_generator_function_map(*map);
885 
886  map = CreateNonConstructorMap(
887  isolate(), isolate()->strict_function_with_name_map(),
888  generator_function_prototype, "GeneratorFunction with name");
889  native_context()->set_generator_function_with_name_map(*map);
890 
891  map = CreateNonConstructorMap(
892  isolate(), strict_function_with_home_object_map_,
893  generator_function_prototype, "GeneratorFunction with home object");
894  native_context()->set_generator_function_with_home_object_map(*map);
895 
896  map = CreateNonConstructorMap(isolate(),
897  strict_function_with_name_and_home_object_map_,
898  generator_function_prototype,
899  "GeneratorFunction with name and home object");
900  native_context()->set_generator_function_with_name_and_home_object_map(*map);
901 
902  Handle<JSFunction> object_function(native_context()->object_function(),
903  isolate());
904  Handle<Map> generator_object_prototype_map = Map::Create(isolate(), 0);
905  Map::SetPrototype(isolate(), generator_object_prototype_map,
906  generator_object_prototype);
907  native_context()->set_generator_object_prototype_map(
908  *generator_object_prototype_map);
909 }
910 
911 void Genesis::CreateAsyncIteratorMaps(Handle<JSFunction> empty) {
912  // %AsyncIteratorPrototype%
913  // proposal-async-iteration/#sec-asynciteratorprototype
914  Handle<JSObject> async_iterator_prototype =
915  factory()->NewJSObject(isolate()->object_function(), TENURED);
916 
917  InstallFunctionAtSymbol(
918  isolate(), async_iterator_prototype, factory()->async_iterator_symbol(),
919  "[Symbol.asyncIterator]", Builtins::kReturnReceiver, 0, true);
920 
921  // %AsyncFromSyncIteratorPrototype%
922  // proposal-async-iteration/#sec-%asyncfromsynciteratorprototype%-object
923  Handle<JSObject> async_from_sync_iterator_prototype =
924  factory()->NewJSObject(isolate()->object_function(), TENURED);
925  SimpleInstallFunction(isolate(), async_from_sync_iterator_prototype, "next",
926  Builtins::kAsyncFromSyncIteratorPrototypeNext, 1, true);
927  SimpleInstallFunction(isolate(), async_from_sync_iterator_prototype, "return",
928  Builtins::kAsyncFromSyncIteratorPrototypeReturn, 1,
929  true);
930  SimpleInstallFunction(isolate(), async_from_sync_iterator_prototype, "throw",
931  Builtins::kAsyncFromSyncIteratorPrototypeThrow, 1,
932  true);
933 
934  JSObject::AddProperty(
935  isolate(), async_from_sync_iterator_prototype,
936  factory()->to_string_tag_symbol(),
937  factory()->InternalizeUtf8String("Async-from-Sync Iterator"),
938  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
939 
940  JSObject::ForceSetPrototype(async_from_sync_iterator_prototype,
941  async_iterator_prototype);
942 
943  Handle<Map> async_from_sync_iterator_map = factory()->NewMap(
944  JS_ASYNC_FROM_SYNC_ITERATOR_TYPE, JSAsyncFromSyncIterator::kSize);
945  Map::SetPrototype(isolate(), async_from_sync_iterator_map,
946  async_from_sync_iterator_prototype);
947  native_context()->set_async_from_sync_iterator_map(
948  *async_from_sync_iterator_map);
949 
950  // Async Generators
951  Handle<String> AsyncGeneratorFunction_string =
952  factory()->NewStringFromAsciiChecked("AsyncGeneratorFunction", TENURED);
953 
954  Handle<JSObject> async_generator_object_prototype =
955  factory()->NewJSObject(isolate()->object_function(), TENURED);
956  Handle<JSObject> async_generator_function_prototype =
957  factory()->NewJSObject(isolate()->object_function(), TENURED);
958 
959  // %AsyncGenerator% / %AsyncGeneratorFunction%.prototype
960  JSObject::ForceSetPrototype(async_generator_function_prototype, empty);
961 
962  // The value of AsyncGeneratorFunction.prototype.prototype is the
963  // %AsyncGeneratorPrototype% intrinsic object.
964  // This property has the attributes
965  // { [[Writable]]: false, [[Enumerable]]: false, [[Configurable]]: true }.
966  JSObject::AddProperty(isolate(), async_generator_function_prototype,
967  factory()->prototype_string(),
968  async_generator_object_prototype,
969  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
970  JSObject::AddProperty(isolate(), async_generator_object_prototype,
971  factory()->constructor_string(),
972  async_generator_function_prototype,
973  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
974  JSObject::AddProperty(isolate(), async_generator_function_prototype,
975  factory()->to_string_tag_symbol(),
976  AsyncGeneratorFunction_string,
977  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
978 
979  // %AsyncGeneratorPrototype%
980  JSObject::ForceSetPrototype(async_generator_object_prototype,
981  async_iterator_prototype);
982  native_context()->set_initial_async_generator_prototype(
983  *async_generator_object_prototype);
984 
985  JSObject::AddProperty(isolate(), async_generator_object_prototype,
986  factory()->to_string_tag_symbol(),
987  factory()->InternalizeUtf8String("AsyncGenerator"),
988  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
989  SimpleInstallFunction(isolate(), async_generator_object_prototype, "next",
990  Builtins::kAsyncGeneratorPrototypeNext, 1, false);
991  SimpleInstallFunction(isolate(), async_generator_object_prototype, "return",
992  Builtins::kAsyncGeneratorPrototypeReturn, 1, false);
993  SimpleInstallFunction(isolate(), async_generator_object_prototype, "throw",
994  Builtins::kAsyncGeneratorPrototypeThrow, 1, false);
995 
996  // Create maps for generator functions and their prototypes. Store those
997  // maps in the native context. The "prototype" property descriptor is
998  // writable, non-enumerable, and non-configurable (as per ES6 draft
999  // 04-14-15, section 25.2.4.3).
1000  // Async Generator functions do not have "caller" or "arguments" accessors.
1001  Handle<Map> map;
1002  map = CreateNonConstructorMap(isolate(), isolate()->strict_function_map(),
1003  async_generator_function_prototype,
1004  "AsyncGeneratorFunction");
1005  native_context()->set_async_generator_function_map(*map);
1006 
1007  map = CreateNonConstructorMap(
1008  isolate(), isolate()->strict_function_with_name_map(),
1009  async_generator_function_prototype, "AsyncGeneratorFunction with name");
1010  native_context()->set_async_generator_function_with_name_map(*map);
1011 
1012  map =
1013  CreateNonConstructorMap(isolate(), strict_function_with_home_object_map_,
1014  async_generator_function_prototype,
1015  "AsyncGeneratorFunction with home object");
1016  native_context()->set_async_generator_function_with_home_object_map(*map);
1017 
1018  map = CreateNonConstructorMap(
1019  isolate(), strict_function_with_name_and_home_object_map_,
1020  async_generator_function_prototype,
1021  "AsyncGeneratorFunction with name and home object");
1022  native_context()->set_async_generator_function_with_name_and_home_object_map(
1023  *map);
1024 
1025  Handle<JSFunction> object_function(native_context()->object_function(),
1026  isolate());
1027  Handle<Map> async_generator_object_prototype_map = Map::Create(isolate(), 0);
1028  Map::SetPrototype(isolate(), async_generator_object_prototype_map,
1029  async_generator_object_prototype);
1030  native_context()->set_async_generator_object_prototype_map(
1031  *async_generator_object_prototype_map);
1032 }
1033 
1034 void Genesis::CreateAsyncFunctionMaps(Handle<JSFunction> empty) {
1035  // %AsyncFunctionPrototype% intrinsic
1036  Handle<JSObject> async_function_prototype =
1037  factory()->NewJSObject(isolate()->object_function(), TENURED);
1038  JSObject::ForceSetPrototype(async_function_prototype, empty);
1039 
1040  JSObject::AddProperty(isolate(), async_function_prototype,
1041  factory()->to_string_tag_symbol(),
1042  factory()->InternalizeUtf8String("AsyncFunction"),
1043  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
1044 
1045  Handle<Map> map =
1046  Map::Copy(isolate(), isolate()->strict_function_without_prototype_map(),
1047  "AsyncFunction");
1048  Map::SetPrototype(isolate(), map, async_function_prototype);
1049  native_context()->set_async_function_map(*map);
1050 
1051  map = Map::Copy(isolate(), isolate()->method_with_name_map(),
1052  "AsyncFunction with name");
1053  Map::SetPrototype(isolate(), map, async_function_prototype);
1054  native_context()->set_async_function_with_name_map(*map);
1055 
1056  map = Map::Copy(isolate(), isolate()->method_with_home_object_map(),
1057  "AsyncFunction with home object");
1058  Map::SetPrototype(isolate(), map, async_function_prototype);
1059  native_context()->set_async_function_with_home_object_map(*map);
1060 
1061  map = Map::Copy(isolate(), isolate()->method_with_name_and_home_object_map(),
1062  "AsyncFunction with name and home object");
1063  Map::SetPrototype(isolate(), map, async_function_prototype);
1064  native_context()->set_async_function_with_name_and_home_object_map(*map);
1065 }
1066 
1067 void Genesis::CreateJSProxyMaps() {
1068  // Allocate maps for all Proxy types.
1069  // Next to the default proxy, we need maps indicating callable and
1070  // constructable proxies.
1071  Handle<Map> proxy_map = factory()->NewMap(JS_PROXY_TYPE, JSProxy::kSize,
1072  TERMINAL_FAST_ELEMENTS_KIND);
1073  proxy_map->set_is_dictionary_map(true);
1074  proxy_map->set_may_have_interesting_symbols(true);
1075  native_context()->set_proxy_map(*proxy_map);
1076 
1077  Handle<Map> proxy_callable_map =
1078  Map::Copy(isolate_, proxy_map, "callable Proxy");
1079  proxy_callable_map->set_is_callable(true);
1080  native_context()->set_proxy_callable_map(*proxy_callable_map);
1081  proxy_callable_map->SetConstructor(native_context()->function_function());
1082 
1083  Handle<Map> proxy_constructor_map =
1084  Map::Copy(isolate_, proxy_callable_map, "constructor Proxy");
1085  proxy_constructor_map->set_is_constructor(true);
1086  native_context()->set_proxy_constructor_map(*proxy_constructor_map);
1087 
1088  {
1089  Handle<Map> map =
1090  factory()->NewMap(JS_OBJECT_TYPE, JSProxyRevocableResult::kSize,
1091  TERMINAL_FAST_ELEMENTS_KIND, 2);
1092  Map::EnsureDescriptorSlack(isolate_, map, 2);
1093 
1094  { // proxy
1095  Descriptor d = Descriptor::DataField(isolate(), factory()->proxy_string(),
1096  JSProxyRevocableResult::kProxyIndex,
1097  NONE, Representation::Tagged());
1098  map->AppendDescriptor(&d);
1099  }
1100  { // revoke
1101  Descriptor d = Descriptor::DataField(
1102  isolate(), factory()->revoke_string(),
1103  JSProxyRevocableResult::kRevokeIndex, NONE, Representation::Tagged());
1104  map->AppendDescriptor(&d);
1105  }
1106 
1107  Map::SetPrototype(isolate(), map, isolate()->initial_object_prototype());
1108  map->SetConstructor(native_context()->object_function());
1109 
1110  native_context()->set_proxy_revocable_result_map(*map);
1111  }
1112 }
1113 
1114 namespace {
1115 void ReplaceAccessors(Isolate* isolate, Handle<Map> map, Handle<String> name,
1116  PropertyAttributes attributes,
1117  Handle<AccessorPair> accessor_pair) {
1118  DescriptorArray* descriptors = map->instance_descriptors();
1119  int idx = descriptors->SearchWithCache(isolate, *name, *map);
1120  Descriptor d = Descriptor::AccessorConstant(name, accessor_pair, attributes);
1121  descriptors->Replace(idx, &d);
1122 }
1123 } // namespace
1124 
1125 void Genesis::AddRestrictedFunctionProperties(Handle<JSFunction> empty) {
1126  PropertyAttributes rw_attribs = static_cast<PropertyAttributes>(DONT_ENUM);
1127  Handle<JSFunction> thrower = GetThrowTypeErrorIntrinsic();
1128  Handle<AccessorPair> accessors = factory()->NewAccessorPair();
1129  accessors->set_getter(*thrower);
1130  accessors->set_setter(*thrower);
1131 
1132  Handle<Map> map(empty->map(), isolate());
1133  ReplaceAccessors(isolate(), map, factory()->arguments_string(), rw_attribs,
1134  accessors);
1135  ReplaceAccessors(isolate(), map, factory()->caller_string(), rw_attribs,
1136  accessors);
1137 }
1138 
1139 static void AddToWeakNativeContextList(Isolate* isolate, Context context) {
1140  DCHECK(context->IsNativeContext());
1141  Heap* heap = isolate->heap();
1142 #ifdef DEBUG
1143  { // NOLINT
1144  DCHECK(context->next_context_link()->IsUndefined(isolate));
1145  // Check that context is not in the list yet.
1146  for (Object* current = heap->native_contexts_list();
1147  !current->IsUndefined(isolate);
1148  current = Context::cast(current)->next_context_link()) {
1149  DCHECK(current != context);
1150  }
1151  }
1152 #endif
1153  context->set(Context::NEXT_CONTEXT_LINK, heap->native_contexts_list(),
1154  UPDATE_WEAK_WRITE_BARRIER);
1155  heap->set_native_contexts_list(context);
1156 }
1157 
1158 
1159 void Genesis::CreateRoots() {
1160  // Allocate the native context FixedArray first and then patch the
1161  // closure and extension object later (we need the empty function
1162  // and the global object, but in order to create those, we need the
1163  // native context).
1164  native_context_ = factory()->NewNativeContext();
1165  AddToWeakNativeContextList(isolate(), *native_context());
1166  isolate()->set_context(*native_context());
1167 
1168  // Allocate the message listeners object.
1169  {
1170  Handle<TemplateList> list = TemplateList::New(isolate(), 1);
1171  native_context()->set_message_listeners(*list);
1172  }
1173 }
1174 
1175 
1176 void Genesis::InstallGlobalThisBinding() {
1177  Handle<ScriptContextTable> script_contexts(
1178  native_context()->script_context_table(), isolate());
1179  Handle<ScopeInfo> scope_info = ScopeInfo::CreateGlobalThisBinding(isolate());
1180  Handle<Context> context =
1181  factory()->NewScriptContext(native_context(), scope_info);
1182 
1183  // Go ahead and hook it up while we're at it.
1184  int slot = scope_info->ReceiverContextSlotIndex();
1185  DCHECK_EQ(slot, Context::MIN_CONTEXT_SLOTS);
1186  context->set(slot, native_context()->global_proxy());
1187 
1188  Handle<ScriptContextTable> new_script_contexts =
1189  ScriptContextTable::Extend(script_contexts, context);
1190  native_context()->set_script_context_table(*new_script_contexts);
1191 }
1192 
1193 
1194 Handle<JSGlobalObject> Genesis::CreateNewGlobals(
1195  v8::Local<v8::ObjectTemplate> global_proxy_template,
1196  Handle<JSGlobalProxy> global_proxy) {
1197  // The argument global_proxy_template aka data is an ObjectTemplateInfo.
1198  // It has a constructor pointer that points at global_constructor which is a
1199  // FunctionTemplateInfo.
1200  // The global_proxy_constructor is used to (re)initialize the
1201  // global_proxy. The global_proxy_constructor also has a prototype_template
1202  // pointer that points at js_global_object_template which is an
1203  // ObjectTemplateInfo.
1204  // That in turn has a constructor pointer that points at
1205  // js_global_object_constructor which is a FunctionTemplateInfo.
1206  // js_global_object_constructor is used to make js_global_object_function
1207  // js_global_object_function is used to make the new global_object.
1208  //
1209  // --- G l o b a l ---
1210  // Step 1: Create a fresh JSGlobalObject.
1211  Handle<JSFunction> js_global_object_function;
1212  Handle<ObjectTemplateInfo> js_global_object_template;
1213  if (!global_proxy_template.IsEmpty()) {
1214  // Get prototype template of the global_proxy_template.
1215  Handle<ObjectTemplateInfo> data =
1216  v8::Utils::OpenHandle(*global_proxy_template);
1217  Handle<FunctionTemplateInfo> global_constructor =
1218  Handle<FunctionTemplateInfo>(
1219  FunctionTemplateInfo::cast(data->constructor()), isolate());
1220  Handle<Object> proto_template(global_constructor->GetPrototypeTemplate(),
1221  isolate());
1222  if (!proto_template->IsUndefined(isolate())) {
1223  js_global_object_template =
1224  Handle<ObjectTemplateInfo>::cast(proto_template);
1225  }
1226  }
1227 
1228  if (js_global_object_template.is_null()) {
1229  Handle<String> name = factory()->empty_string();
1230  Handle<JSObject> prototype =
1231  factory()->NewFunctionPrototype(isolate()->object_function());
1232  NewFunctionArgs args = NewFunctionArgs::ForBuiltinWithPrototype(
1233  name, prototype, JS_GLOBAL_OBJECT_TYPE, JSGlobalObject::kSize, 0,
1234  Builtins::kIllegal, MUTABLE);
1235  js_global_object_function = factory()->NewFunction(args);
1236 #ifdef DEBUG
1237  LookupIterator it(isolate(), prototype, factory()->constructor_string(),
1238  LookupIterator::OWN_SKIP_INTERCEPTOR);
1239  Handle<Object> value = Object::GetProperty(&it).ToHandleChecked();
1240  DCHECK(it.IsFound());
1241  DCHECK_EQ(*isolate()->object_function(), *value);
1242 #endif
1243  } else {
1244  Handle<FunctionTemplateInfo> js_global_object_constructor(
1245  FunctionTemplateInfo::cast(js_global_object_template->constructor()),
1246  isolate());
1247  js_global_object_function = ApiNatives::CreateApiFunction(
1248  isolate(), js_global_object_constructor, factory()->the_hole_value(),
1249  JS_GLOBAL_OBJECT_TYPE);
1250  }
1251 
1252  js_global_object_function->initial_map()->set_is_prototype_map(true);
1253  js_global_object_function->initial_map()->set_is_dictionary_map(true);
1254  js_global_object_function->initial_map()->set_may_have_interesting_symbols(
1255  true);
1256  Handle<JSGlobalObject> global_object =
1257  factory()->NewJSGlobalObject(js_global_object_function);
1258 
1259  // Step 2: (re)initialize the global proxy object.
1260  Handle<JSFunction> global_proxy_function;
1261  if (global_proxy_template.IsEmpty()) {
1262  Handle<String> name = factory()->empty_string();
1263  NewFunctionArgs args = NewFunctionArgs::ForBuiltinWithPrototype(
1264  name, factory()->the_hole_value(), JS_GLOBAL_PROXY_TYPE,
1265  JSGlobalProxy::SizeWithEmbedderFields(0), 0, Builtins::kIllegal,
1266  MUTABLE);
1267  global_proxy_function = factory()->NewFunction(args);
1268  } else {
1269  Handle<ObjectTemplateInfo> data =
1270  v8::Utils::OpenHandle(*global_proxy_template);
1271  Handle<FunctionTemplateInfo> global_constructor(
1272  FunctionTemplateInfo::cast(data->constructor()), isolate());
1273  global_proxy_function = ApiNatives::CreateApiFunction(
1274  isolate(), global_constructor, factory()->the_hole_value(),
1275  JS_GLOBAL_PROXY_TYPE);
1276  }
1277  global_proxy_function->initial_map()->set_is_access_check_needed(true);
1278  global_proxy_function->initial_map()->set_has_hidden_prototype(true);
1279  global_proxy_function->initial_map()->set_may_have_interesting_symbols(true);
1280  native_context()->set_global_proxy_function(*global_proxy_function);
1281 
1282  // Set global_proxy.__proto__ to js_global after ConfigureGlobalObjects
1283  // Return the global proxy.
1284 
1285  factory()->ReinitializeJSGlobalProxy(global_proxy, global_proxy_function);
1286 
1287  // Set the native context for the global object.
1288  global_object->set_native_context(*native_context());
1289  global_object->set_global_proxy(*global_proxy);
1290  // Set the native context of the global proxy.
1291  global_proxy->set_native_context(*native_context());
1292  // Set the global proxy of the native context. If the native context has been
1293  // deserialized, the global proxy is already correctly set up by the
1294  // deserializer. Otherwise it's undefined.
1295  DCHECK(native_context()
1296  ->get(Context::GLOBAL_PROXY_INDEX)
1297  ->IsUndefined(isolate()) ||
1298  native_context()->global_proxy() == *global_proxy);
1299  native_context()->set_global_proxy(*global_proxy);
1300 
1301  return global_object;
1302 }
1303 
1304 void Genesis::HookUpGlobalProxy(Handle<JSGlobalProxy> global_proxy) {
1305  // Re-initialize the global proxy with the global proxy function from the
1306  // snapshot, and then set up the link to the native context.
1307  Handle<JSFunction> global_proxy_function(
1308  native_context()->global_proxy_function(), isolate());
1309  factory()->ReinitializeJSGlobalProxy(global_proxy, global_proxy_function);
1310  Handle<JSObject> global_object(
1311  JSObject::cast(native_context()->global_object()), isolate());
1312  JSObject::ForceSetPrototype(global_proxy, global_object);
1313  global_proxy->set_native_context(*native_context());
1314  DCHECK(native_context()->global_proxy() == *global_proxy);
1315 }
1316 
1317 void Genesis::HookUpGlobalObject(Handle<JSGlobalObject> global_object) {
1318  Handle<JSGlobalObject> global_object_from_snapshot(
1319  JSGlobalObject::cast(native_context()->extension()), isolate());
1320  native_context()->set_extension(*global_object);
1321  native_context()->set_security_token(*global_object);
1322 
1323  TransferNamedProperties(global_object_from_snapshot, global_object);
1324  TransferIndexedProperties(global_object_from_snapshot, global_object);
1325 }
1326 
1327 static void InstallWithIntrinsicDefaultProto(Isolate* isolate,
1328  Handle<JSFunction> function,
1329  int context_index) {
1330  Handle<Smi> index(Smi::FromInt(context_index), isolate);
1331  JSObject::AddProperty(isolate, function,
1332  isolate->factory()->native_context_index_symbol(),
1333  index, NONE);
1334  isolate->native_context()->set(context_index, *function);
1335 }
1336 
1337 static void InstallError(Isolate* isolate, Handle<JSObject> global,
1338  Handle<String> name, int context_index) {
1339  Factory* factory = isolate->factory();
1340 
1341  Handle<JSFunction> error_fun = InstallFunction(
1342  isolate, global, name, JS_ERROR_TYPE, JSObject::kHeaderSize, 0,
1343  factory->the_hole_value(), Builtins::kErrorConstructor);
1344  error_fun->shared()->DontAdaptArguments();
1345  error_fun->shared()->set_length(1);
1346 
1347  if (context_index == Context::ERROR_FUNCTION_INDEX) {
1348  SimpleInstallFunction(isolate, error_fun, "captureStackTrace",
1349  Builtins::kErrorCaptureStackTrace, 2, false);
1350  }
1351 
1352  InstallWithIntrinsicDefaultProto(isolate, error_fun, context_index);
1353 
1354  {
1355  // Setup %XXXErrorPrototype%.
1356  Handle<JSObject> prototype(JSObject::cast(error_fun->instance_prototype()),
1357  isolate);
1358 
1359  JSObject::AddProperty(isolate, prototype, factory->name_string(), name,
1360  DONT_ENUM);
1361  JSObject::AddProperty(isolate, prototype, factory->message_string(),
1362  factory->empty_string(), DONT_ENUM);
1363 
1364  if (context_index == Context::ERROR_FUNCTION_INDEX) {
1365  Handle<JSFunction> to_string_fun =
1366  SimpleInstallFunction(isolate, prototype, "toString",
1367  Builtins::kErrorPrototypeToString, 0, true);
1368  isolate->native_context()->set_error_to_string(*to_string_fun);
1369  isolate->native_context()->set_initial_error_prototype(*prototype);
1370  } else {
1371  DCHECK(isolate->native_context()->error_to_string()->IsJSFunction());
1372 
1373  JSObject::AddProperty(isolate, prototype, factory->toString_string(),
1374  isolate->error_to_string(), DONT_ENUM);
1375 
1376  Handle<JSFunction> global_error = isolate->error_function();
1377  CHECK(JSReceiver::SetPrototype(error_fun, global_error, false,
1378  kThrowOnError)
1379  .FromMaybe(false));
1380  CHECK(JSReceiver::SetPrototype(prototype,
1381  handle(global_error->prototype(), isolate),
1382  false, kThrowOnError)
1383  .FromMaybe(false));
1384  }
1385  }
1386 
1387  Handle<Map> initial_map(error_fun->initial_map(), isolate);
1388  Map::EnsureDescriptorSlack(isolate, initial_map, 1);
1389 
1390  {
1391  Handle<AccessorInfo> info = factory->error_stack_accessor();
1392  Descriptor d = Descriptor::AccessorConstant(handle(info->name(), isolate),
1393  info, DONT_ENUM);
1394  initial_map->AppendDescriptor(&d);
1395  }
1396 }
1397 
1398 namespace {
1399 
1400 void InstallMakeError(Isolate* isolate, int builtin_id, int context_index) {
1401  NewFunctionArgs args = NewFunctionArgs::ForBuiltinWithPrototype(
1402  isolate->factory()->empty_string(), isolate->factory()->the_hole_value(),
1403  JS_OBJECT_TYPE, JSObject::kHeaderSize, 0, builtin_id, MUTABLE);
1404 
1405  Handle<JSFunction> function = isolate->factory()->NewFunction(args);
1406  function->shared()->DontAdaptArguments();
1407  isolate->native_context()->set(context_index, *function);
1408 }
1409 
1410 } // namespace
1411 
1412 // This is only called if we are not using snapshots. The equivalent
1413 // work in the snapshot case is done in HookUpGlobalObject.
1414 void Genesis::InitializeGlobal(Handle<JSGlobalObject> global_object,
1415  Handle<JSFunction> empty_function,
1416  GlobalContextType context_type) {
1417  // --- N a t i v e C o n t e x t ---
1418  // Use the empty scope info.
1419  native_context()->set_scope_info(empty_function->shared()->scope_info());
1420  native_context()->set_previous(Context());
1421  // Set extension and global object.
1422  native_context()->set_extension(*global_object);
1423  // Security setup: Set the security token of the native context to the global
1424  // object. This makes the security check between two different contexts fail
1425  // by default even in case of global object reinitialization.
1426  native_context()->set_security_token(*global_object);
1427 
1428  Factory* factory = isolate_->factory();
1429 
1430  Handle<ScriptContextTable> script_context_table =
1431  factory->NewScriptContextTable();
1432  native_context()->set_script_context_table(*script_context_table);
1433  InstallGlobalThisBinding();
1434 
1435  { // --- O b j e c t ---
1436  Handle<String> object_name = factory->Object_string();
1437  Handle<JSFunction> object_function = isolate_->object_function();
1438  JSObject::AddProperty(isolate_, global_object, object_name, object_function,
1439  DONT_ENUM);
1440 
1441  SimpleInstallFunction(isolate_, object_function, "assign",
1442  Builtins::kObjectAssign, 2, false);
1443  SimpleInstallFunction(isolate_, object_function, "getOwnPropertyDescriptor",
1444  Builtins::kObjectGetOwnPropertyDescriptor, 2, false);
1445  SimpleInstallFunction(isolate_, object_function,
1446  "getOwnPropertyDescriptors",
1447  Builtins::kObjectGetOwnPropertyDescriptors, 1, false);
1448  SimpleInstallFunction(isolate_, object_function, "getOwnPropertyNames",
1449  Builtins::kObjectGetOwnPropertyNames, 1, true);
1450  SimpleInstallFunction(isolate_, object_function, "getOwnPropertySymbols",
1451  Builtins::kObjectGetOwnPropertySymbols, 1, false);
1452  SimpleInstallFunction(isolate_, object_function, "is", Builtins::kObjectIs,
1453  2, true);
1454  SimpleInstallFunction(isolate_, object_function, "preventExtensions",
1455  Builtins::kObjectPreventExtensions, 1, false);
1456  SimpleInstallFunction(isolate_, object_function, "seal",
1457  Builtins::kObjectSeal, 1, false);
1458 
1459  Handle<JSFunction> object_create = SimpleInstallFunction(
1460  isolate_, object_function, "create", Builtins::kObjectCreate, 2, false);
1461  native_context()->set_object_create(*object_create);
1462 
1463  Handle<JSFunction> object_define_properties =
1464  SimpleInstallFunction(isolate_, object_function, "defineProperties",
1465  Builtins::kObjectDefineProperties, 2, true);
1466  native_context()->set_object_define_properties(*object_define_properties);
1467 
1468  Handle<JSFunction> object_define_property =
1469  SimpleInstallFunction(isolate_, object_function, "defineProperty",
1470  Builtins::kObjectDefineProperty, 3, true);
1471  native_context()->set_object_define_property(*object_define_property);
1472 
1473  SimpleInstallFunction(isolate_, object_function, "freeze",
1474  Builtins::kObjectFreeze, 1, false);
1475 
1476  Handle<JSFunction> object_get_prototype_of =
1477  SimpleInstallFunction(isolate_, object_function, "getPrototypeOf",
1478  Builtins::kObjectGetPrototypeOf, 1, false);
1479  native_context()->set_object_get_prototype_of(*object_get_prototype_of);
1480  SimpleInstallFunction(isolate_, object_function, "setPrototypeOf",
1481  Builtins::kObjectSetPrototypeOf, 2, false);
1482 
1483  SimpleInstallFunction(isolate_, object_function, "isExtensible",
1484  Builtins::kObjectIsExtensible, 1, false);
1485  SimpleInstallFunction(isolate_, object_function, "isFrozen",
1486  Builtins::kObjectIsFrozen, 1, false);
1487 
1488  Handle<JSFunction> object_is_sealed =
1489  SimpleInstallFunction(isolate_, object_function, "isSealed",
1490  Builtins::kObjectIsSealed, 1, false);
1491  native_context()->set_object_is_sealed(*object_is_sealed);
1492 
1493  Handle<JSFunction> object_keys = SimpleInstallFunction(
1494  isolate_, object_function, "keys", Builtins::kObjectKeys, 1, true);
1495  native_context()->set_object_keys(*object_keys);
1496  SimpleInstallFunction(isolate_, object_function, "entries",
1497  Builtins::kObjectEntries, 1, true);
1498  SimpleInstallFunction(isolate_, object_function, "values",
1499  Builtins::kObjectValues, 1, true);
1500 
1501  SimpleInstallFunction(isolate_, isolate_->initial_object_prototype(),
1502  "__defineGetter__", Builtins::kObjectDefineGetter, 2,
1503  true);
1504  SimpleInstallFunction(isolate_, isolate_->initial_object_prototype(),
1505  "__defineSetter__", Builtins::kObjectDefineSetter, 2,
1506  true);
1507  SimpleInstallFunction(isolate_, isolate_->initial_object_prototype(),
1508  "hasOwnProperty",
1509  Builtins::kObjectPrototypeHasOwnProperty, 1, true);
1510  SimpleInstallFunction(isolate_, isolate_->initial_object_prototype(),
1511  "__lookupGetter__", Builtins::kObjectLookupGetter, 1,
1512  true);
1513  SimpleInstallFunction(isolate_, isolate_->initial_object_prototype(),
1514  "__lookupSetter__", Builtins::kObjectLookupSetter, 1,
1515  true);
1516  SimpleInstallFunction(isolate_, isolate_->initial_object_prototype(),
1517  "isPrototypeOf",
1518  Builtins::kObjectPrototypeIsPrototypeOf, 1, true);
1519  SimpleInstallFunction(
1520  isolate_, isolate_->initial_object_prototype(), "propertyIsEnumerable",
1521  Builtins::kObjectPrototypePropertyIsEnumerable, 1, false);
1522  Handle<JSFunction> object_to_string = SimpleInstallFunction(
1523  isolate_, isolate_->initial_object_prototype(), "toString",
1524  Builtins::kObjectPrototypeToString, 0, true);
1525  native_context()->set_object_to_string(*object_to_string);
1526  Handle<JSFunction> object_value_of = SimpleInstallFunction(
1527  isolate_, isolate_->initial_object_prototype(), "valueOf",
1528  Builtins::kObjectPrototypeValueOf, 0, true);
1529  native_context()->set_object_value_of(*object_value_of);
1530 
1531  SimpleInstallGetterSetter(isolate_, isolate_->initial_object_prototype(),
1532  factory->proto_string(),
1533  Builtins::kObjectPrototypeGetProto,
1534  Builtins::kObjectPrototypeSetProto, DONT_ENUM);
1535 
1536  SimpleInstallFunction(isolate_, isolate_->initial_object_prototype(),
1537  "toLocaleString",
1538  Builtins::kObjectPrototypeToLocaleString, 0, true);
1539  }
1540 
1541  Handle<JSObject> global(native_context()->global_object(), isolate());
1542 
1543  { // --- F u n c t i o n ---
1544  Handle<JSFunction> prototype = empty_function;
1545  Handle<JSFunction> function_fun =
1546  InstallFunction(isolate_, global, "Function", JS_FUNCTION_TYPE,
1547  JSFunction::kSizeWithPrototype, 0, prototype,
1548  Builtins::kFunctionConstructor);
1549  // Function instances are sloppy by default.
1550  function_fun->set_prototype_or_initial_map(
1551  *isolate_->sloppy_function_map());
1552  function_fun->shared()->DontAdaptArguments();
1553  function_fun->shared()->set_length(1);
1554  InstallWithIntrinsicDefaultProto(isolate_, function_fun,
1555  Context::FUNCTION_FUNCTION_INDEX);
1556 
1557  // Setup the methods on the %FunctionPrototype%.
1558  JSObject::AddProperty(isolate_, prototype, factory->constructor_string(),
1559  function_fun, DONT_ENUM);
1560  SimpleInstallFunction(isolate_, prototype, "apply",
1561  Builtins::kFunctionPrototypeApply, 2, false);
1562  SimpleInstallFunction(isolate_, prototype, "bind",
1563  Builtins::kFastFunctionPrototypeBind, 1, false);
1564  SimpleInstallFunction(isolate_, prototype, "call",
1565  Builtins::kFunctionPrototypeCall, 1, false);
1566  SimpleInstallFunction(isolate_, prototype, "toString",
1567  Builtins::kFunctionPrototypeToString, 0, false);
1568 
1569  // Install the @@hasInstance function.
1570  Handle<JSFunction> has_instance = InstallFunctionAtSymbol(
1571  isolate_, prototype, factory->has_instance_symbol(),
1572  "[Symbol.hasInstance]", Builtins::kFunctionPrototypeHasInstance, 1,
1573  true,
1574  static_cast<PropertyAttributes>(DONT_ENUM | DONT_DELETE | READ_ONLY),
1575  BuiltinFunctionId::kFunctionHasInstance);
1576  native_context()->set_function_has_instance(*has_instance);
1577 
1578  // Complete setting up function maps.
1579  {
1580  isolate_->sloppy_function_map()->SetConstructor(*function_fun);
1581  isolate_->sloppy_function_with_name_map()->SetConstructor(*function_fun);
1582  isolate_->sloppy_function_with_readonly_prototype_map()->SetConstructor(
1583  *function_fun);
1584 
1585  isolate_->strict_function_map()->SetConstructor(*function_fun);
1586  isolate_->strict_function_with_name_map()->SetConstructor(*function_fun);
1587  strict_function_with_home_object_map_->SetConstructor(*function_fun);
1588  strict_function_with_name_and_home_object_map_->SetConstructor(
1589  *function_fun);
1590  isolate_->strict_function_with_readonly_prototype_map()->SetConstructor(
1591  *function_fun);
1592 
1593  isolate_->class_function_map()->SetConstructor(*function_fun);
1594  }
1595  }
1596 
1597  { // --- A s y n c F r o m S y n c I t e r a t o r
1598  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
1599  isolate_, Builtins::kAsyncIteratorValueUnwrap, factory->empty_string(),
1600  1);
1601  native_context()->set_async_iterator_value_unwrap_shared_fun(*info);
1602  }
1603 
1604  { // --- A s y n c G e n e r a t o r ---
1605  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
1606  isolate_, Builtins::kAsyncGeneratorAwaitResolveClosure,
1607  factory->empty_string(), 1);
1608  native_context()->set_async_generator_await_resolve_shared_fun(*info);
1609 
1610  info = SimpleCreateSharedFunctionInfo(
1611  isolate_, Builtins::kAsyncGeneratorAwaitRejectClosure,
1612  factory->empty_string(), 1);
1613  native_context()->set_async_generator_await_reject_shared_fun(*info);
1614 
1615  info = SimpleCreateSharedFunctionInfo(
1616  isolate_, Builtins::kAsyncGeneratorYieldResolveClosure,
1617  factory->empty_string(), 1);
1618  native_context()->set_async_generator_yield_resolve_shared_fun(*info);
1619 
1620  info = SimpleCreateSharedFunctionInfo(
1621  isolate_, Builtins::kAsyncGeneratorReturnResolveClosure,
1622  factory->empty_string(), 1);
1623  native_context()->set_async_generator_return_resolve_shared_fun(*info);
1624 
1625  info = SimpleCreateSharedFunctionInfo(
1626  isolate_, Builtins::kAsyncGeneratorReturnClosedResolveClosure,
1627  factory->empty_string(), 1);
1628  native_context()->set_async_generator_return_closed_resolve_shared_fun(
1629  *info);
1630 
1631  info = SimpleCreateSharedFunctionInfo(
1632  isolate_, Builtins::kAsyncGeneratorReturnClosedRejectClosure,
1633  factory->empty_string(), 1);
1634  native_context()->set_async_generator_return_closed_reject_shared_fun(
1635  *info);
1636  }
1637 
1638  { // --- A r r a y ---
1639  Handle<JSFunction> array_function = InstallFunction(
1640  isolate_, global, "Array", JS_ARRAY_TYPE, JSArray::kSize, 0,
1641  isolate_->initial_object_prototype(), Builtins::kArrayConstructor);
1642  array_function->shared()->DontAdaptArguments();
1643  array_function->shared()->set_builtin_function_id(
1644  BuiltinFunctionId::kArrayConstructor);
1645 
1646  // This seems a bit hackish, but we need to make sure Array.length
1647  // is 1.
1648  array_function->shared()->set_length(1);
1649 
1650  Handle<Map> initial_map(array_function->initial_map(), isolate());
1651 
1652  // This assert protects an optimization in
1653  // HGraphBuilder::JSArrayBuilder::EmitMapCode()
1654  DCHECK(initial_map->elements_kind() == GetInitialFastElementsKind());
1655  Map::EnsureDescriptorSlack(isolate_, initial_map, 1);
1656 
1657  PropertyAttributes attribs = static_cast<PropertyAttributes>(
1658  DONT_ENUM | DONT_DELETE);
1659 
1660  STATIC_ASSERT(JSArray::kLengthDescriptorIndex == 0);
1661  { // Add length.
1662  Descriptor d = Descriptor::AccessorConstant(
1663  factory->length_string(), factory->array_length_accessor(), attribs);
1664  initial_map->AppendDescriptor(&d);
1665  }
1666 
1667  InstallWithIntrinsicDefaultProto(isolate_, array_function,
1668  Context::ARRAY_FUNCTION_INDEX);
1669  InstallSpeciesGetter(isolate_, array_function);
1670 
1671  // Cache the array maps, needed by ArrayConstructorStub
1672  CacheInitialJSArrayMaps(native_context(), initial_map);
1673 
1674  // Set up %ArrayPrototype%.
1675  // The %ArrayPrototype% has TERMINAL_FAST_ELEMENTS_KIND in order to ensure
1676  // that constant functions stay constant after turning prototype to setup
1677  // mode and back when constant field tracking is enabled.
1678  Handle<JSArray> proto =
1679  factory->NewJSArray(0, TERMINAL_FAST_ELEMENTS_KIND, TENURED);
1680  JSFunction::SetPrototype(array_function, proto);
1681  native_context()->set_initial_array_prototype(*proto);
1682 
1683  Handle<JSFunction> is_arraylike = SimpleInstallFunction(
1684  isolate_, array_function, "isArray", Builtins::kArrayIsArray, 1, true);
1685  native_context()->set_is_arraylike(*is_arraylike);
1686 
1687  SimpleInstallFunction(isolate_, array_function, "from",
1688  Builtins::kArrayFrom, 1, false);
1689  SimpleInstallFunction(isolate_, array_function, "of", Builtins::kArrayOf, 0,
1690  false);
1691 
1692  JSObject::AddProperty(isolate_, proto, factory->constructor_string(),
1693  array_function, DONT_ENUM);
1694 
1695  SimpleInstallFunction(isolate_, proto, "concat", Builtins::kArrayConcat, 1,
1696  false);
1697  SimpleInstallFunction(isolate_, proto, "copyWithin",
1698  Builtins::kArrayPrototypeCopyWithin, 2, false);
1699  SimpleInstallFunction(isolate_, proto, "fill",
1700  Builtins::kArrayPrototypeFill, 1, false);
1701  SimpleInstallFunction(isolate_, proto, "find",
1702  Builtins::kArrayPrototypeFind, 1, false);
1703  SimpleInstallFunction(isolate_, proto, "findIndex",
1704  Builtins::kArrayPrototypeFindIndex, 1, false);
1705  SimpleInstallFunction(isolate_, proto, "lastIndexOf",
1706  Builtins::kArrayPrototypeLastIndexOf, 1, false);
1707  SimpleInstallFunction(isolate_, proto, "pop", Builtins::kArrayPrototypePop,
1708  0, false);
1709  SimpleInstallFunction(isolate_, proto, "push",
1710  Builtins::kArrayPrototypePush, 1, false);
1711  SimpleInstallFunction(isolate_, proto, "reverse",
1712  Builtins::kArrayPrototypeReverse, 0, false);
1713  SimpleInstallFunction(isolate_, proto, "shift",
1714  Builtins::kArrayPrototypeShift, 0, false);
1715  SimpleInstallFunction(isolate_, proto, "unshift",
1716  Builtins::kArrayPrototypeUnshift, 1, false);
1717  SimpleInstallFunction(isolate_, proto, "slice",
1718  Builtins::kArrayPrototypeSlice, 2, false);
1719  SimpleInstallFunction(isolate_, proto, "sort",
1720  Builtins::kArrayPrototypeSort, 1, false);
1721  SimpleInstallFunction(isolate_, proto, "splice",
1722  Builtins::kArrayPrototypeSplice, 2, false);
1723  SimpleInstallFunction(isolate_, proto, "includes", Builtins::kArrayIncludes,
1724  1, false);
1725  SimpleInstallFunction(isolate_, proto, "indexOf", Builtins::kArrayIndexOf,
1726  1, false);
1727  SimpleInstallFunction(isolate_, proto, "join",
1728  Builtins::kArrayPrototypeJoin, 1, false);
1729  InstallFunctionWithBuiltinId(isolate_, proto, "keys",
1730  Builtins::kArrayPrototypeKeys, 0, true,
1731  BuiltinFunctionId::kArrayKeys);
1732  InstallFunctionWithBuiltinId(isolate_, proto, "entries",
1733  Builtins::kArrayPrototypeEntries, 0, true,
1734  BuiltinFunctionId::kArrayEntries);
1735  InstallFunctionAtSymbol(isolate_, proto, factory->iterator_symbol(),
1736  "values", Builtins::kArrayPrototypeValues, 0, true,
1737  DONT_ENUM, BuiltinFunctionId::kArrayValues);
1738  SimpleInstallFunction(isolate_, proto, "forEach", Builtins::kArrayForEach,
1739  1, false);
1740  SimpleInstallFunction(isolate_, proto, "filter", Builtins::kArrayFilter, 1,
1741  false);
1742  SimpleInstallFunction(isolate_, proto, "map", Builtins::kArrayMap, 1,
1743  false);
1744  SimpleInstallFunction(isolate_, proto, "every", Builtins::kArrayEvery, 1,
1745  false);
1746  SimpleInstallFunction(isolate_, proto, "some", Builtins::kArraySome, 1,
1747  false);
1748  SimpleInstallFunction(isolate_, proto, "reduce", Builtins::kArrayReduce, 1,
1749  false);
1750  SimpleInstallFunction(isolate_, proto, "reduceRight",
1751  Builtins::kArrayReduceRight, 1, false);
1752  SimpleInstallFunction(isolate_, proto, "toLocaleString",
1753  Builtins::kArrayPrototypeToLocaleString, 0, false);
1754  SimpleInstallFunction(isolate_, proto, "toString",
1755  Builtins::kArrayPrototypeToString, 0, false);
1756  }
1757 
1758  { // --- A r r a y I t e r a t o r ---
1759  Handle<JSObject> iterator_prototype(
1760  native_context()->initial_iterator_prototype(), isolate());
1761 
1762  Handle<JSObject> array_iterator_prototype =
1763  factory->NewJSObject(isolate_->object_function(), TENURED);
1764  JSObject::ForceSetPrototype(array_iterator_prototype, iterator_prototype);
1765 
1766  JSObject::AddProperty(
1767  isolate_, array_iterator_prototype, factory->to_string_tag_symbol(),
1768  factory->ArrayIterator_string(),
1769  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
1770 
1771  InstallFunctionWithBuiltinId(isolate_, array_iterator_prototype, "next",
1772  Builtins::kArrayIteratorPrototypeNext, 0, true,
1773  BuiltinFunctionId::kArrayIteratorNext);
1774 
1775  Handle<JSFunction> array_iterator_function =
1776  CreateFunction(isolate_, factory->ArrayIterator_string(),
1777  JS_ARRAY_ITERATOR_TYPE, JSArrayIterator::kSize, 0,
1778  array_iterator_prototype, Builtins::kIllegal);
1779  array_iterator_function->shared()->set_native(false);
1780 
1781  native_context()->set_initial_array_iterator_map(
1782  array_iterator_function->initial_map());
1783  native_context()->set_initial_array_iterator_prototype(
1784  *array_iterator_prototype);
1785  }
1786 
1787  { // --- N u m b e r ---
1788  Handle<JSFunction> number_fun = InstallFunction(
1789  isolate_, global, "Number", JS_VALUE_TYPE, JSValue::kSize, 0,
1790  isolate_->initial_object_prototype(), Builtins::kNumberConstructor);
1791  number_fun->shared()->set_builtin_function_id(
1792  BuiltinFunctionId::kNumberConstructor);
1793  number_fun->shared()->DontAdaptArguments();
1794  number_fun->shared()->set_length(1);
1795  InstallWithIntrinsicDefaultProto(isolate_, number_fun,
1796  Context::NUMBER_FUNCTION_INDEX);
1797 
1798  // Create the %NumberPrototype%
1799  Handle<JSValue> prototype =
1800  Handle<JSValue>::cast(factory->NewJSObject(number_fun, TENURED));
1801  prototype->set_value(Smi::kZero);
1802  JSFunction::SetPrototype(number_fun, prototype);
1803 
1804  // Install the "constructor" property on the {prototype}.
1805  JSObject::AddProperty(isolate_, prototype, factory->constructor_string(),
1806  number_fun, DONT_ENUM);
1807 
1808  // Install the Number.prototype methods.
1809  SimpleInstallFunction(isolate_, prototype, "toExponential",
1810  Builtins::kNumberPrototypeToExponential, 1, false);
1811  SimpleInstallFunction(isolate_, prototype, "toFixed",
1812  Builtins::kNumberPrototypeToFixed, 1, false);
1813  SimpleInstallFunction(isolate_, prototype, "toPrecision",
1814  Builtins::kNumberPrototypeToPrecision, 1, false);
1815  SimpleInstallFunction(isolate_, prototype, "toString",
1816  Builtins::kNumberPrototypeToString, 1, false);
1817  SimpleInstallFunction(isolate_, prototype, "valueOf",
1818  Builtins::kNumberPrototypeValueOf, 0, true);
1819 
1820  SimpleInstallFunction(isolate_, prototype, "toLocaleString",
1821  Builtins::kNumberPrototypeToLocaleString, 0, false);
1822 
1823  // Install the Number functions.
1824  SimpleInstallFunction(isolate_, number_fun, "isFinite",
1825  Builtins::kNumberIsFinite, 1, true);
1826  SimpleInstallFunction(isolate_, number_fun, "isInteger",
1827  Builtins::kNumberIsInteger, 1, true);
1828  SimpleInstallFunction(isolate_, number_fun, "isNaN", Builtins::kNumberIsNaN,
1829  1, true);
1830  SimpleInstallFunction(isolate_, number_fun, "isSafeInteger",
1831  Builtins::kNumberIsSafeInteger, 1, true);
1832 
1833  // Install Number.parseFloat and Global.parseFloat.
1834  Handle<JSFunction> parse_float_fun =
1835  SimpleInstallFunction(isolate_, number_fun, "parseFloat",
1836  Builtins::kNumberParseFloat, 1, true);
1837  JSObject::AddProperty(isolate_, global_object,
1838  factory->InternalizeUtf8String("parseFloat"),
1839  parse_float_fun, DONT_ENUM);
1840 
1841  // Install Number.parseInt and Global.parseInt.
1842  Handle<JSFunction> parse_int_fun = SimpleInstallFunction(
1843  isolate_, number_fun, "parseInt", Builtins::kNumberParseInt, 2, true);
1844  JSObject::AddProperty(isolate_, global_object,
1845  factory->InternalizeUtf8String("parseInt"),
1846  parse_int_fun, DONT_ENUM);
1847 
1848  // Install Number constants
1849  double kMaxValue = 1.7976931348623157e+308;
1850  double kMinValue = 5e-324;
1851  double kMinSafeInteger = -kMaxSafeInteger;
1852  double kEPS = 2.220446049250313e-16;
1853 
1854  Handle<Object> infinity = factory->infinity_value();
1855  Handle<Object> nan = factory->nan_value();
1856  Handle<String> nan_name = factory->InternalizeUtf8String("NaN");
1857 
1858  JSObject::AddProperty(
1859  isolate_, number_fun, factory->InternalizeUtf8String("MAX_VALUE"),
1860  factory->NewNumber(kMaxValue),
1861  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1862  JSObject::AddProperty(
1863  isolate_, number_fun, factory->InternalizeUtf8String("MIN_VALUE"),
1864  factory->NewNumber(kMinValue),
1865  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1866  JSObject::AddProperty(
1867  isolate_, number_fun, nan_name, nan,
1868  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1869  JSObject::AddProperty(
1870  isolate_, number_fun,
1871  factory->InternalizeUtf8String("NEGATIVE_INFINITY"),
1872  factory->NewNumber(-V8_INFINITY),
1873  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1874  JSObject::AddProperty(
1875  isolate_, number_fun,
1876  factory->InternalizeUtf8String("POSITIVE_INFINITY"), infinity,
1877  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1878  JSObject::AddProperty(
1879  isolate_, number_fun,
1880  factory->InternalizeUtf8String("MAX_SAFE_INTEGER"),
1881  factory->NewNumber(kMaxSafeInteger),
1882  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1883  JSObject::AddProperty(
1884  isolate_, number_fun,
1885  factory->InternalizeUtf8String("MIN_SAFE_INTEGER"),
1886  factory->NewNumber(kMinSafeInteger),
1887  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1888  JSObject::AddProperty(
1889  isolate_, number_fun, factory->InternalizeUtf8String("EPSILON"),
1890  factory->NewNumber(kEPS),
1891  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1892 
1893  JSObject::AddProperty(
1894  isolate_, global, factory->InternalizeUtf8String("Infinity"), infinity,
1895  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1896  JSObject::AddProperty(
1897  isolate_, global, nan_name, nan,
1898  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1899  JSObject::AddProperty(
1900  isolate_, global, factory->InternalizeUtf8String("undefined"),
1901  factory->undefined_value(),
1902  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY));
1903  }
1904 
1905  { // --- B o o l e a n ---
1906  Handle<JSFunction> boolean_fun = InstallFunction(
1907  isolate_, global, "Boolean", JS_VALUE_TYPE, JSValue::kSize, 0,
1908  isolate_->initial_object_prototype(), Builtins::kBooleanConstructor);
1909  boolean_fun->shared()->DontAdaptArguments();
1910  boolean_fun->shared()->set_length(1);
1911  InstallWithIntrinsicDefaultProto(isolate_, boolean_fun,
1912  Context::BOOLEAN_FUNCTION_INDEX);
1913 
1914  // Create the %BooleanPrototype%
1915  Handle<JSValue> prototype =
1916  Handle<JSValue>::cast(factory->NewJSObject(boolean_fun, TENURED));
1917  prototype->set_value(ReadOnlyRoots(isolate_).false_value());
1918  JSFunction::SetPrototype(boolean_fun, prototype);
1919 
1920  // Install the "constructor" property on the {prototype}.
1921  JSObject::AddProperty(isolate_, prototype, factory->constructor_string(),
1922  boolean_fun, DONT_ENUM);
1923 
1924  // Install the Boolean.prototype methods.
1925  SimpleInstallFunction(isolate_, prototype, "toString",
1926  Builtins::kBooleanPrototypeToString, 0, true);
1927  SimpleInstallFunction(isolate_, prototype, "valueOf",
1928  Builtins::kBooleanPrototypeValueOf, 0, true);
1929  }
1930 
1931  { // --- S t r i n g ---
1932  Handle<JSFunction> string_fun = InstallFunction(
1933  isolate_, global, "String", JS_VALUE_TYPE, JSValue::kSize, 0,
1934  isolate_->initial_object_prototype(), Builtins::kStringConstructor);
1935  string_fun->shared()->set_builtin_function_id(
1936  BuiltinFunctionId::kStringConstructor);
1937  string_fun->shared()->DontAdaptArguments();
1938  string_fun->shared()->set_length(1);
1939  InstallWithIntrinsicDefaultProto(isolate_, string_fun,
1940  Context::STRING_FUNCTION_INDEX);
1941 
1942  Handle<Map> string_map = Handle<Map>(
1943  native_context()->string_function()->initial_map(), isolate());
1944  string_map->set_elements_kind(FAST_STRING_WRAPPER_ELEMENTS);
1945  Map::EnsureDescriptorSlack(isolate_, string_map, 1);
1946 
1947  PropertyAttributes attribs = static_cast<PropertyAttributes>(
1948  DONT_ENUM | DONT_DELETE | READ_ONLY);
1949 
1950  { // Add length.
1951  Descriptor d = Descriptor::AccessorConstant(
1952  factory->length_string(), factory->string_length_accessor(), attribs);
1953  string_map->AppendDescriptor(&d);
1954  }
1955 
1956  // Install the String.fromCharCode function.
1957  SimpleInstallFunction(isolate_, string_fun, "fromCharCode",
1958  Builtins::kStringFromCharCode, 1, false);
1959 
1960  // Install the String.fromCodePoint function.
1961  SimpleInstallFunction(isolate_, string_fun, "fromCodePoint",
1962  Builtins::kStringFromCodePoint, 1, false);
1963 
1964  // Install the String.raw function.
1965  SimpleInstallFunction(isolate_, string_fun, "raw", Builtins::kStringRaw, 1,
1966  false);
1967 
1968  // Create the %StringPrototype%
1969  Handle<JSValue> prototype =
1970  Handle<JSValue>::cast(factory->NewJSObject(string_fun, TENURED));
1971  prototype->set_value(ReadOnlyRoots(isolate_).empty_string());
1972  JSFunction::SetPrototype(string_fun, prototype);
1973  native_context()->set_initial_string_prototype(*prototype);
1974 
1975  // Install the "constructor" property on the {prototype}.
1976  JSObject::AddProperty(isolate_, prototype, factory->constructor_string(),
1977  string_fun, DONT_ENUM);
1978 
1979  // Install the String.prototype methods.
1980  SimpleInstallFunction(isolate_, prototype, "anchor",
1981  Builtins::kStringPrototypeAnchor, 1, true);
1982  SimpleInstallFunction(isolate_, prototype, "big",
1983  Builtins::kStringPrototypeBig, 0, true);
1984  SimpleInstallFunction(isolate_, prototype, "blink",
1985  Builtins::kStringPrototypeBlink, 0, true);
1986  SimpleInstallFunction(isolate_, prototype, "bold",
1987  Builtins::kStringPrototypeBold, 0, true);
1988  SimpleInstallFunction(isolate_, prototype, "charAt",
1989  Builtins::kStringPrototypeCharAt, 1, true);
1990  SimpleInstallFunction(isolate_, prototype, "charCodeAt",
1991  Builtins::kStringPrototypeCharCodeAt, 1, true);
1992  SimpleInstallFunction(isolate_, prototype, "codePointAt",
1993  Builtins::kStringPrototypeCodePointAt, 1, true);
1994  SimpleInstallFunction(isolate_, prototype, "concat",
1995  Builtins::kStringPrototypeConcat, 1, false);
1996  SimpleInstallFunction(isolate_, prototype, "endsWith",
1997  Builtins::kStringPrototypeEndsWith, 1, false);
1998  SimpleInstallFunction(isolate_, prototype, "fontcolor",
1999  Builtins::kStringPrototypeFontcolor, 1, true);
2000  SimpleInstallFunction(isolate_, prototype, "fontsize",
2001  Builtins::kStringPrototypeFontsize, 1, true);
2002  SimpleInstallFunction(isolate_, prototype, "fixed",
2003  Builtins::kStringPrototypeFixed, 0, true);
2004  SimpleInstallFunction(isolate_, prototype, "includes",
2005  Builtins::kStringPrototypeIncludes, 1, false);
2006  SimpleInstallFunction(isolate_, prototype, "indexOf",
2007  Builtins::kStringPrototypeIndexOf, 1, false);
2008  SimpleInstallFunction(isolate_, prototype, "italics",
2009  Builtins::kStringPrototypeItalics, 0, true);
2010  SimpleInstallFunction(isolate_, prototype, "lastIndexOf",
2011  Builtins::kStringPrototypeLastIndexOf, 1, false);
2012  SimpleInstallFunction(isolate_, prototype, "link",
2013  Builtins::kStringPrototypeLink, 1, true);
2014 #ifdef V8_INTL_SUPPORT
2015  SimpleInstallFunction(isolate_, prototype, "localeCompare",
2016  Builtins::kStringPrototypeLocaleCompare, 1, false);
2017 #else
2018  SimpleInstallFunction(isolate_, prototype, "localeCompare",
2019  Builtins::kStringPrototypeLocaleCompare, 1, true);
2020 #endif // V8_INTL_SUPPORT
2021  SimpleInstallFunction(isolate_, prototype, "match",
2022  Builtins::kStringPrototypeMatch, 1, true);
2023 #ifdef V8_INTL_SUPPORT
2024  SimpleInstallFunction(isolate_, prototype, "normalize",
2025  Builtins::kStringPrototypeNormalizeIntl, 0, false);
2026 #else
2027  SimpleInstallFunction(isolate_, prototype, "normalize",
2028  Builtins::kStringPrototypeNormalize, 0, false);
2029 #endif // V8_INTL_SUPPORT
2030  SimpleInstallFunction(isolate_, prototype, "padEnd",
2031  Builtins::kStringPrototypePadEnd, 1, false);
2032  SimpleInstallFunction(isolate_, prototype, "padStart",
2033  Builtins::kStringPrototypePadStart, 1, false);
2034  SimpleInstallFunction(isolate_, prototype, "repeat",
2035  Builtins::kStringPrototypeRepeat, 1, true);
2036  SimpleInstallFunction(isolate_, prototype, "replace",
2037  Builtins::kStringPrototypeReplace, 2, true);
2038  SimpleInstallFunction(isolate_, prototype, "search",
2039  Builtins::kStringPrototypeSearch, 1, true);
2040  SimpleInstallFunction(isolate_, prototype, "slice",
2041  Builtins::kStringPrototypeSlice, 2, false);
2042  SimpleInstallFunction(isolate_, prototype, "small",
2043  Builtins::kStringPrototypeSmall, 0, true);
2044  SimpleInstallFunction(isolate_, prototype, "split",
2045  Builtins::kStringPrototypeSplit, 2, false);
2046  SimpleInstallFunction(isolate_, prototype, "strike",
2047  Builtins::kStringPrototypeStrike, 0, true);
2048  SimpleInstallFunction(isolate_, prototype, "sub",
2049  Builtins::kStringPrototypeSub, 0, true);
2050  SimpleInstallFunction(isolate_, prototype, "substr",
2051  Builtins::kStringPrototypeSubstr, 2, false);
2052  SimpleInstallFunction(isolate_, prototype, "substring",
2053  Builtins::kStringPrototypeSubstring, 2, false);
2054  SimpleInstallFunction(isolate_, prototype, "sup",
2055  Builtins::kStringPrototypeSup, 0, true);
2056  SimpleInstallFunction(isolate_, prototype, "startsWith",
2057  Builtins::kStringPrototypeStartsWith, 1, false);
2058  SimpleInstallFunction(isolate_, prototype, "toString",
2059  Builtins::kStringPrototypeToString, 0, true);
2060  SimpleInstallFunction(isolate_, prototype, "trim",
2061  Builtins::kStringPrototypeTrim, 0, false);
2062 
2063  // Install `String.prototype.trimStart` with `trimLeft` alias.
2064  Handle<JSFunction> trim_start_fun =
2065  SimpleInstallFunction(isolate_, prototype, "trimStart",
2066  Builtins::kStringPrototypeTrimStart, 0, false);
2067  JSObject::AddProperty(isolate_, prototype,
2068  factory->InternalizeUtf8String("trimLeft"),
2069  trim_start_fun, DONT_ENUM);
2070 
2071  // Install `String.prototype.trimEnd` with `trimRight` alias.
2072  Handle<JSFunction> trim_end_fun =
2073  SimpleInstallFunction(isolate_, prototype, "trimEnd",
2074  Builtins::kStringPrototypeTrimEnd, 0, false);
2075  JSObject::AddProperty(isolate_, prototype,
2076  factory->InternalizeUtf8String("trimRight"),
2077  trim_end_fun, DONT_ENUM);
2078 
2079  SimpleInstallFunction(isolate_, prototype, "toLocaleLowerCase",
2080  Builtins::kStringPrototypeToLocaleLowerCase, 0,
2081  false);
2082  SimpleInstallFunction(isolate_, prototype, "toLocaleUpperCase",
2083  Builtins::kStringPrototypeToLocaleUpperCase, 0,
2084  false);
2085 #ifdef V8_INTL_SUPPORT
2086  SimpleInstallFunction(isolate_, prototype, "toLowerCase",
2087  Builtins::kStringPrototypeToLowerCaseIntl, 0, true);
2088  SimpleInstallFunction(isolate_, prototype, "toUpperCase",
2089  Builtins::kStringPrototypeToUpperCaseIntl, 0, false);
2090 #else
2091  SimpleInstallFunction(isolate_, prototype, "toLowerCase",
2092  Builtins::kStringPrototypeToLowerCase, 0, false);
2093  SimpleInstallFunction(isolate_, prototype, "toUpperCase",
2094  Builtins::kStringPrototypeToUpperCase, 0, false);
2095 #endif
2096  SimpleInstallFunction(isolate_, prototype, "valueOf",
2097  Builtins::kStringPrototypeValueOf, 0, true);
2098 
2099  InstallFunctionAtSymbol(isolate_, prototype, factory->iterator_symbol(),
2100  "[Symbol.iterator]",
2101  Builtins::kStringPrototypeIterator, 0, true,
2102  DONT_ENUM, BuiltinFunctionId::kStringIterator);
2103  }
2104 
2105  { // --- S t r i n g I t e r a t o r ---
2106  Handle<JSObject> iterator_prototype(
2107  native_context()->initial_iterator_prototype(), isolate());
2108 
2109  Handle<JSObject> string_iterator_prototype =
2110  factory->NewJSObject(isolate_->object_function(), TENURED);
2111  JSObject::ForceSetPrototype(string_iterator_prototype, iterator_prototype);
2112 
2113  JSObject::AddProperty(
2114  isolate_, string_iterator_prototype, factory->to_string_tag_symbol(),
2115  factory->InternalizeUtf8String("String Iterator"),
2116  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2117 
2118  InstallFunctionWithBuiltinId(isolate_, string_iterator_prototype, "next",
2119  Builtins::kStringIteratorPrototypeNext, 0,
2120  true, BuiltinFunctionId::kStringIteratorNext);
2121 
2122  Handle<JSFunction> string_iterator_function = CreateFunction(
2123  isolate_, factory->InternalizeUtf8String("StringIterator"),
2124  JS_STRING_ITERATOR_TYPE, JSStringIterator::kSize, 0,
2125  string_iterator_prototype, Builtins::kIllegal);
2126  string_iterator_function->shared()->set_native(false);
2127  native_context()->set_initial_string_iterator_map(
2128  string_iterator_function->initial_map());
2129  native_context()->set_initial_string_iterator_prototype(
2130  *string_iterator_prototype);
2131  }
2132 
2133  { // --- S y m b o l ---
2134  Handle<JSFunction> symbol_fun = InstallFunction(
2135  isolate_, global, "Symbol", JS_VALUE_TYPE, JSValue::kSize, 0,
2136  factory->the_hole_value(), Builtins::kSymbolConstructor);
2137  symbol_fun->shared()->set_builtin_function_id(
2138  BuiltinFunctionId::kSymbolConstructor);
2139  symbol_fun->shared()->set_length(0);
2140  symbol_fun->shared()->DontAdaptArguments();
2141  native_context()->set_symbol_function(*symbol_fun);
2142 
2143  // Install the Symbol.for and Symbol.keyFor functions.
2144  SimpleInstallFunction(isolate_, symbol_fun, "for", Builtins::kSymbolFor, 1,
2145  false);
2146  SimpleInstallFunction(isolate_, symbol_fun, "keyFor",
2147  Builtins::kSymbolKeyFor, 1, false);
2148 
2149  // Install well-known symbols.
2150  InstallConstant(isolate_, symbol_fun, "asyncIterator",
2151  factory->async_iterator_symbol());
2152  InstallConstant(isolate_, symbol_fun, "hasInstance",
2153  factory->has_instance_symbol());
2154  InstallConstant(isolate_, symbol_fun, "isConcatSpreadable",
2155  factory->is_concat_spreadable_symbol());
2156  InstallConstant(isolate_, symbol_fun, "iterator",
2157  factory->iterator_symbol());
2158  InstallConstant(isolate_, symbol_fun, "match", factory->match_symbol());
2159  InstallConstant(isolate_, symbol_fun, "replace", factory->replace_symbol());
2160  InstallConstant(isolate_, symbol_fun, "search", factory->search_symbol());
2161  InstallConstant(isolate_, symbol_fun, "species", factory->species_symbol());
2162  InstallConstant(isolate_, symbol_fun, "split", factory->split_symbol());
2163  InstallConstant(isolate_, symbol_fun, "toPrimitive",
2164  factory->to_primitive_symbol());
2165  InstallConstant(isolate_, symbol_fun, "toStringTag",
2166  factory->to_string_tag_symbol());
2167  InstallConstant(isolate_, symbol_fun, "unscopables",
2168  factory->unscopables_symbol());
2169 
2170  // Setup %SymbolPrototype%.
2171  Handle<JSObject> prototype(JSObject::cast(symbol_fun->instance_prototype()),
2172  isolate());
2173 
2174  // Install the @@toStringTag property on the {prototype}.
2175  JSObject::AddProperty(
2176  isolate_, prototype, factory->to_string_tag_symbol(),
2177  factory->InternalizeUtf8String("Symbol"),
2178  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2179 
2180  // Install the Symbol.prototype methods.
2181  InstallFunctionWithBuiltinId(isolate_, prototype, "toString",
2182  Builtins::kSymbolPrototypeToString, 0, true,
2183  BuiltinFunctionId::kSymbolPrototypeToString);
2184  InstallFunctionWithBuiltinId(isolate_, prototype, "valueOf",
2185  Builtins::kSymbolPrototypeValueOf, 0, true,
2186  BuiltinFunctionId::kSymbolPrototypeValueOf);
2187 
2188  // Install the @@toPrimitive function.
2189  InstallFunctionAtSymbol(
2190  isolate_, prototype, factory->to_primitive_symbol(),
2191  "[Symbol.toPrimitive]", Builtins::kSymbolPrototypeToPrimitive, 1, true,
2192  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2193  }
2194 
2195  { // --- D a t e ---
2196  Handle<JSFunction> date_fun = InstallFunction(
2197  isolate_, global, "Date", JS_DATE_TYPE, JSDate::kSize, 0,
2198  factory->the_hole_value(), Builtins::kDateConstructor);
2199  InstallWithIntrinsicDefaultProto(isolate_, date_fun,
2200  Context::DATE_FUNCTION_INDEX);
2201  date_fun->shared()->set_length(7);
2202  date_fun->shared()->DontAdaptArguments();
2203 
2204  // Install the Date.now, Date.parse and Date.UTC functions.
2205  SimpleInstallFunction(isolate_, date_fun, "now", Builtins::kDateNow, 0,
2206  false);
2207  SimpleInstallFunction(isolate_, date_fun, "parse", Builtins::kDateParse, 1,
2208  false);
2209  SimpleInstallFunction(isolate_, date_fun, "UTC", Builtins::kDateUTC, 7,
2210  false);
2211 
2212  // Setup %DatePrototype%.
2213  Handle<JSObject> prototype(JSObject::cast(date_fun->instance_prototype()),
2214  isolate());
2215 
2216  // Install the Date.prototype methods.
2217  SimpleInstallFunction(isolate_, prototype, "toString",
2218  Builtins::kDatePrototypeToString, 0, false);
2219  SimpleInstallFunction(isolate_, prototype, "toDateString",
2220  Builtins::kDatePrototypeToDateString, 0, false);
2221  SimpleInstallFunction(isolate_, prototype, "toTimeString",
2222  Builtins::kDatePrototypeToTimeString, 0, false);
2223  SimpleInstallFunction(isolate_, prototype, "toISOString",
2224  Builtins::kDatePrototypeToISOString, 0, false);
2225  Handle<JSFunction> to_utc_string =
2226  SimpleInstallFunction(isolate_, prototype, "toUTCString",
2227  Builtins::kDatePrototypeToUTCString, 0, false);
2228  JSObject::AddProperty(isolate_, prototype,
2229  factory->InternalizeUtf8String("toGMTString"),
2230  to_utc_string, DONT_ENUM);
2231  SimpleInstallFunction(isolate_, prototype, "getDate",
2232  Builtins::kDatePrototypeGetDate, 0, true);
2233  SimpleInstallFunction(isolate_, prototype, "setDate",
2234  Builtins::kDatePrototypeSetDate, 1, false);
2235  SimpleInstallFunction(isolate_, prototype, "getDay",
2236  Builtins::kDatePrototypeGetDay, 0, true);
2237  SimpleInstallFunction(isolate_, prototype, "getFullYear",
2238  Builtins::kDatePrototypeGetFullYear, 0, true);
2239  SimpleInstallFunction(isolate_, prototype, "setFullYear",
2240  Builtins::kDatePrototypeSetFullYear, 3, false);
2241  SimpleInstallFunction(isolate_, prototype, "getHours",
2242  Builtins::kDatePrototypeGetHours, 0, true);
2243  SimpleInstallFunction(isolate_, prototype, "setHours",
2244  Builtins::kDatePrototypeSetHours, 4, false);
2245  SimpleInstallFunction(isolate_, prototype, "getMilliseconds",
2246  Builtins::kDatePrototypeGetMilliseconds, 0, true);
2247  SimpleInstallFunction(isolate_, prototype, "setMilliseconds",
2248  Builtins::kDatePrototypeSetMilliseconds, 1, false);
2249  SimpleInstallFunction(isolate_, prototype, "getMinutes",
2250  Builtins::kDatePrototypeGetMinutes, 0, true);
2251  SimpleInstallFunction(isolate_, prototype, "setMinutes",
2252  Builtins::kDatePrototypeSetMinutes, 3, false);
2253  SimpleInstallFunction(isolate_, prototype, "getMonth",
2254  Builtins::kDatePrototypeGetMonth, 0, true);
2255  SimpleInstallFunction(isolate_, prototype, "setMonth",
2256  Builtins::kDatePrototypeSetMonth, 2, false);
2257  SimpleInstallFunction(isolate_, prototype, "getSeconds",
2258  Builtins::kDatePrototypeGetSeconds, 0, true);
2259  SimpleInstallFunction(isolate_, prototype, "setSeconds",
2260  Builtins::kDatePrototypeSetSeconds, 2, false);
2261  SimpleInstallFunction(isolate_, prototype, "getTime",
2262  Builtins::kDatePrototypeGetTime, 0, true);
2263  SimpleInstallFunction(isolate_, prototype, "setTime",
2264  Builtins::kDatePrototypeSetTime, 1, false);
2265  SimpleInstallFunction(isolate_, prototype, "getTimezoneOffset",
2266  Builtins::kDatePrototypeGetTimezoneOffset, 0, true);
2267  SimpleInstallFunction(isolate_, prototype, "getUTCDate",
2268  Builtins::kDatePrototypeGetUTCDate, 0, true);
2269  SimpleInstallFunction(isolate_, prototype, "setUTCDate",
2270  Builtins::kDatePrototypeSetUTCDate, 1, false);
2271  SimpleInstallFunction(isolate_, prototype, "getUTCDay",
2272  Builtins::kDatePrototypeGetUTCDay, 0, true);
2273  SimpleInstallFunction(isolate_, prototype, "getUTCFullYear",
2274  Builtins::kDatePrototypeGetUTCFullYear, 0, true);
2275  SimpleInstallFunction(isolate_, prototype, "setUTCFullYear",
2276  Builtins::kDatePrototypeSetUTCFullYear, 3, false);
2277  SimpleInstallFunction(isolate_, prototype, "getUTCHours",
2278  Builtins::kDatePrototypeGetUTCHours, 0, true);
2279  SimpleInstallFunction(isolate_, prototype, "setUTCHours",
2280  Builtins::kDatePrototypeSetUTCHours, 4, false);
2281  SimpleInstallFunction(isolate_, prototype, "getUTCMilliseconds",
2282  Builtins::kDatePrototypeGetUTCMilliseconds, 0, true);
2283  SimpleInstallFunction(isolate_, prototype, "setUTCMilliseconds",
2284  Builtins::kDatePrototypeSetUTCMilliseconds, 1, false);
2285  SimpleInstallFunction(isolate_, prototype, "getUTCMinutes",
2286  Builtins::kDatePrototypeGetUTCMinutes, 0, true);
2287  SimpleInstallFunction(isolate_, prototype, "setUTCMinutes",
2288  Builtins::kDatePrototypeSetUTCMinutes, 3, false);
2289  SimpleInstallFunction(isolate_, prototype, "getUTCMonth",
2290  Builtins::kDatePrototypeGetUTCMonth, 0, true);
2291  SimpleInstallFunction(isolate_, prototype, "setUTCMonth",
2292  Builtins::kDatePrototypeSetUTCMonth, 2, false);
2293  SimpleInstallFunction(isolate_, prototype, "getUTCSeconds",
2294  Builtins::kDatePrototypeGetUTCSeconds, 0, true);
2295  SimpleInstallFunction(isolate_, prototype, "setUTCSeconds",
2296  Builtins::kDatePrototypeSetUTCSeconds, 2, false);
2297  SimpleInstallFunction(isolate_, prototype, "valueOf",
2298  Builtins::kDatePrototypeValueOf, 0, true);
2299  SimpleInstallFunction(isolate_, prototype, "getYear",
2300  Builtins::kDatePrototypeGetYear, 0, true);
2301  SimpleInstallFunction(isolate_, prototype, "setYear",
2302  Builtins::kDatePrototypeSetYear, 1, false);
2303  SimpleInstallFunction(isolate_, prototype, "toJSON",
2304  Builtins::kDatePrototypeToJson, 1, false);
2305 
2306 #ifdef V8_INTL_SUPPORT
2307  SimpleInstallFunction(isolate_, prototype, "toLocaleString",
2308  Builtins::kDatePrototypeToLocaleString, 0, false);
2309  SimpleInstallFunction(isolate_, prototype, "toLocaleDateString",
2310  Builtins::kDatePrototypeToLocaleDateString, 0, false);
2311  SimpleInstallFunction(isolate_, prototype, "toLocaleTimeString",
2312  Builtins::kDatePrototypeToLocaleTimeString, 0, false);
2313 #else
2314  // Install Intl fallback functions.
2315  SimpleInstallFunction(isolate_, prototype, "toLocaleString",
2316  Builtins::kDatePrototypeToString, 0, false);
2317  SimpleInstallFunction(isolate_, prototype, "toLocaleDateString",
2318  Builtins::kDatePrototypeToDateString, 0, false);
2319  SimpleInstallFunction(isolate_, prototype, "toLocaleTimeString",
2320  Builtins::kDatePrototypeToTimeString, 0, false);
2321 #endif // V8_INTL_SUPPORT
2322 
2323  // Install the @@toPrimitive function.
2324  InstallFunctionAtSymbol(
2325  isolate_, prototype, factory->to_primitive_symbol(),
2326  "[Symbol.toPrimitive]", Builtins::kDatePrototypeToPrimitive, 1, true,
2327  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2328  }
2329 
2330  {
2331  Handle<SharedFunctionInfo> info = SimpleCreateBuiltinSharedFunctionInfo(
2332  isolate_, Builtins::kPromiseGetCapabilitiesExecutor,
2333  factory->empty_string(), 2);
2334  native_context()->set_promise_get_capabilities_executor_shared_fun(*info);
2335  }
2336 
2337  { // -- P r o m i s e
2338  Handle<JSFunction> promise_fun = InstallFunction(
2339  isolate_, global, "Promise", JS_PROMISE_TYPE,
2340  JSPromise::kSizeWithEmbedderFields, 0, factory->the_hole_value(),
2341  Builtins::kPromiseConstructor);
2342  InstallWithIntrinsicDefaultProto(isolate_, promise_fun,
2343  Context::PROMISE_FUNCTION_INDEX);
2344 
2345  Handle<SharedFunctionInfo> shared(promise_fun->shared(), isolate_);
2346  shared->set_internal_formal_parameter_count(1);
2347  shared->set_length(1);
2348 
2349  InstallSpeciesGetter(isolate_, promise_fun);
2350 
2351  Handle<JSFunction> promise_all = InstallFunctionWithBuiltinId(
2352  isolate_, promise_fun, "all", Builtins::kPromiseAll, 1, true,
2353  BuiltinFunctionId::kPromiseAll);
2354  native_context()->set_promise_all(*promise_all);
2355 
2356  InstallFunctionWithBuiltinId(isolate_, promise_fun, "race",
2357  Builtins::kPromiseRace, 1, true,
2358  BuiltinFunctionId::kPromiseRace);
2359 
2360  InstallFunctionWithBuiltinId(isolate_, promise_fun, "resolve",
2361  Builtins::kPromiseResolveTrampoline, 1, true,
2362  BuiltinFunctionId::kPromiseResolve);
2363 
2364  InstallFunctionWithBuiltinId(isolate_, promise_fun, "reject",
2365  Builtins::kPromiseReject, 1, true,
2366  BuiltinFunctionId::kPromiseReject);
2367 
2368  // Setup %PromisePrototype%.
2369  Handle<JSObject> prototype(
2370  JSObject::cast(promise_fun->instance_prototype()), isolate());
2371  native_context()->set_promise_prototype(*prototype);
2372 
2373  // Install the @@toStringTag property on the {prototype}.
2374  JSObject::AddProperty(
2375  isolate_, prototype, factory->to_string_tag_symbol(),
2376  factory->Promise_string(),
2377  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2378 
2379  Handle<JSFunction> promise_then = InstallFunctionWithBuiltinId(
2380  isolate_, prototype, "then", Builtins::kPromisePrototypeThen, 2, true,
2381  BuiltinFunctionId::kPromisePrototypeThen);
2382  native_context()->set_promise_then(*promise_then);
2383 
2384  Handle<JSFunction> promise_catch = InstallFunctionWithBuiltinId(
2385  isolate_, prototype, "catch", Builtins::kPromisePrototypeCatch, 1, true,
2386  BuiltinFunctionId::kPromisePrototypeCatch);
2387  native_context()->set_promise_catch(*promise_catch);
2388 
2389  InstallFunctionWithBuiltinId(isolate_, prototype, "finally",
2390  Builtins::kPromisePrototypeFinally, 1, true,
2391  BuiltinFunctionId::kPromisePrototypeFinally);
2392 
2393  {
2394  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
2395  isolate(), Builtins::kPromiseThenFinally,
2396  isolate_->factory()->empty_string(), 1);
2397  info->set_native(true);
2398  native_context()->set_promise_then_finally_shared_fun(*info);
2399  }
2400 
2401  {
2402  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
2403  isolate(), Builtins::kPromiseCatchFinally,
2404  isolate_->factory()->empty_string(), 1);
2405  info->set_native(true);
2406  native_context()->set_promise_catch_finally_shared_fun(*info);
2407  }
2408 
2409  {
2410  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
2411  isolate(), Builtins::kPromiseValueThunkFinally,
2412  isolate_->factory()->empty_string(), 0);
2413  native_context()->set_promise_value_thunk_finally_shared_fun(*info);
2414  }
2415 
2416  {
2417  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
2418  isolate(), Builtins::kPromiseThrowerFinally,
2419  isolate_->factory()->empty_string(), 0);
2420  native_context()->set_promise_thrower_finally_shared_fun(*info);
2421  }
2422 
2423  // Force the Promise constructor to fast properties, so that we can use the
2424  // fast paths for various things like
2425  //
2426  // x instanceof Promise
2427  //
2428  // etc. We should probably come up with a more principled approach once
2429  // the JavaScript builtins are gone.
2430  JSObject::MigrateSlowToFast(Handle<JSObject>::cast(promise_fun), 0,
2431  "Bootstrapping");
2432 
2433  Handle<Map> prototype_map(prototype->map(), isolate());
2434  Map::SetShouldBeFastPrototypeMap(prototype_map, true, isolate_);
2435 
2436  { // Internal: IsPromise
2437  Handle<JSFunction> function = SimpleCreateFunction(
2438  isolate_, factory->empty_string(), Builtins::kIsPromise, 1, false);
2439  native_context()->set_is_promise(*function);
2440  }
2441 
2442  {
2443  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
2444  isolate_, Builtins::kPromiseCapabilityDefaultResolve,
2445  factory->empty_string(), 1, FunctionKind::kConciseMethod);
2446  info->set_native(true);
2447  info->set_function_map_index(
2448  Context::STRICT_FUNCTION_WITHOUT_PROTOTYPE_MAP_INDEX);
2449  native_context()->set_promise_capability_default_resolve_shared_fun(
2450  *info);
2451 
2452  info = SimpleCreateSharedFunctionInfo(
2453  isolate_, Builtins::kPromiseCapabilityDefaultReject,
2454  factory->empty_string(), 1, FunctionKind::kConciseMethod);
2455  info->set_native(true);
2456  info->set_function_map_index(
2457  Context::STRICT_FUNCTION_WITHOUT_PROTOTYPE_MAP_INDEX);
2458  native_context()->set_promise_capability_default_reject_shared_fun(*info);
2459  }
2460 
2461  {
2462  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
2463  isolate_, Builtins::kPromiseAllResolveElementClosure,
2464  factory->empty_string(), 1);
2465  native_context()->set_promise_all_resolve_element_shared_fun(*info);
2466  }
2467 
2468  // Force the Promise constructor to fast properties, so that we can use the
2469  // fast paths for various things like
2470  //
2471  // x instanceof Promise
2472  //
2473  // etc. We should probably come up with a more principled approach once
2474  // the JavaScript builtins are gone.
2475  JSObject::MigrateSlowToFast(promise_fun, 0, "Bootstrapping");
2476  }
2477 
2478  { // -- R e g E x p
2479  // Builtin functions for RegExp.prototype.
2480  Handle<JSFunction> regexp_fun = InstallFunction(
2481  isolate_, global, "RegExp", JS_REGEXP_TYPE,
2482  JSRegExp::kSize + JSRegExp::kInObjectFieldCount * kPointerSize,
2483  JSRegExp::kInObjectFieldCount, factory->the_hole_value(),
2484  Builtins::kRegExpConstructor);
2485  InstallWithIntrinsicDefaultProto(isolate_, regexp_fun,
2486  Context::REGEXP_FUNCTION_INDEX);
2487 
2488  Handle<SharedFunctionInfo> shared(regexp_fun->shared(), isolate_);
2489  shared->set_internal_formal_parameter_count(2);
2490  shared->set_length(2);
2491 
2492  {
2493  // Setup %RegExpPrototype%.
2494  Handle<JSObject> prototype(
2495  JSObject::cast(regexp_fun->instance_prototype()), isolate());
2496  native_context()->set_regexp_prototype(*prototype);
2497 
2498  {
2499  Handle<JSFunction> fun = SimpleInstallFunction(
2500  isolate_, prototype, "exec", Builtins::kRegExpPrototypeExec, 1,
2501  true, DONT_ENUM);
2502  // Check that index of "exec" function in JSRegExp is correct.
2503  DCHECK_EQ(JSRegExp::kExecFunctionDescriptorIndex,
2504  prototype->map()->LastAdded());
2505 
2506  native_context()->set_regexp_exec_function(*fun);
2507  }
2508 
2509  SimpleInstallGetter(isolate_, prototype, factory->dotAll_string(),
2510  Builtins::kRegExpPrototypeDotAllGetter, true);
2511  SimpleInstallGetter(isolate_, prototype, factory->flags_string(),
2512  Builtins::kRegExpPrototypeFlagsGetter, true);
2513  SimpleInstallGetter(isolate_, prototype, factory->global_string(),
2514  Builtins::kRegExpPrototypeGlobalGetter, true);
2515  SimpleInstallGetter(isolate_, prototype, factory->ignoreCase_string(),
2516  Builtins::kRegExpPrototypeIgnoreCaseGetter, true);
2517  SimpleInstallGetter(isolate_, prototype, factory->multiline_string(),
2518  Builtins::kRegExpPrototypeMultilineGetter, true);
2519  SimpleInstallGetter(isolate_, prototype, factory->source_string(),
2520  Builtins::kRegExpPrototypeSourceGetter, true);
2521  SimpleInstallGetter(isolate_, prototype, factory->sticky_string(),
2522  Builtins::kRegExpPrototypeStickyGetter, true);
2523  SimpleInstallGetter(isolate_, prototype, factory->unicode_string(),
2524  Builtins::kRegExpPrototypeUnicodeGetter, true);
2525 
2526  SimpleInstallFunction(isolate_, prototype, "compile",
2527  Builtins::kRegExpPrototypeCompile, 2, true,
2528  DONT_ENUM);
2529  SimpleInstallFunction(isolate_, prototype, "toString",
2530  Builtins::kRegExpPrototypeToString, 0, false,
2531  DONT_ENUM);
2532  SimpleInstallFunction(isolate_, prototype, "test",
2533  Builtins::kRegExpPrototypeTest, 1, true, DONT_ENUM);
2534 
2535  InstallFunctionAtSymbol(isolate_, prototype, factory->match_symbol(),
2536  "[Symbol.match]", Builtins::kRegExpPrototypeMatch,
2537  1, true);
2538  DCHECK_EQ(JSRegExp::kSymbolMatchFunctionDescriptorIndex,
2539  prototype->map()->LastAdded());
2540 
2541  InstallFunctionAtSymbol(isolate_, prototype, factory->replace_symbol(),
2542  "[Symbol.replace]",
2543  Builtins::kRegExpPrototypeReplace, 2, false);
2544  DCHECK_EQ(JSRegExp::kSymbolReplaceFunctionDescriptorIndex,
2545  prototype->map()->LastAdded());
2546 
2547  InstallFunctionAtSymbol(isolate_, prototype, factory->search_symbol(),
2548  "[Symbol.search]",
2549  Builtins::kRegExpPrototypeSearch, 1, true);
2550  DCHECK_EQ(JSRegExp::kSymbolSearchFunctionDescriptorIndex,
2551  prototype->map()->LastAdded());
2552 
2553  InstallFunctionAtSymbol(isolate_, prototype, factory->split_symbol(),
2554  "[Symbol.split]", Builtins::kRegExpPrototypeSplit,
2555  2, false);
2556  DCHECK_EQ(JSRegExp::kSymbolSplitFunctionDescriptorIndex,
2557  prototype->map()->LastAdded());
2558 
2559  Handle<Map> prototype_map(prototype->map(), isolate());
2560  Map::SetShouldBeFastPrototypeMap(prototype_map, true, isolate_);
2561 
2562  // Store the initial RegExp.prototype map. This is used in fast-path
2563  // checks. Do not alter the prototype after this point.
2564  native_context()->set_regexp_prototype_map(*prototype_map);
2565  }
2566 
2567  {
2568  // RegExp getters and setters.
2569 
2570  InstallSpeciesGetter(isolate_, regexp_fun);
2571 
2572  // Static properties set by a successful match.
2573 
2574  const PropertyAttributes no_enum = DONT_ENUM;
2575  SimpleInstallGetterSetter(isolate_, regexp_fun, factory->input_string(),
2576  Builtins::kRegExpInputGetter,
2577  Builtins::kRegExpInputSetter, no_enum);
2578  SimpleInstallGetterSetter(
2579  isolate_, regexp_fun, factory->InternalizeUtf8String("$_"),
2580  Builtins::kRegExpInputGetter, Builtins::kRegExpInputSetter, no_enum);
2581 
2582  SimpleInstallGetterSetter(
2583  isolate_, regexp_fun, factory->InternalizeUtf8String("lastMatch"),
2584  Builtins::kRegExpLastMatchGetter, Builtins::kEmptyFunction, no_enum);
2585  SimpleInstallGetterSetter(
2586  isolate_, regexp_fun, factory->InternalizeUtf8String("$&"),
2587  Builtins::kRegExpLastMatchGetter, Builtins::kEmptyFunction, no_enum);
2588 
2589  SimpleInstallGetterSetter(
2590  isolate_, regexp_fun, factory->InternalizeUtf8String("lastParen"),
2591  Builtins::kRegExpLastParenGetter, Builtins::kEmptyFunction, no_enum);
2592  SimpleInstallGetterSetter(
2593  isolate_, regexp_fun, factory->InternalizeUtf8String("$+"),
2594  Builtins::kRegExpLastParenGetter, Builtins::kEmptyFunction, no_enum);
2595 
2596  SimpleInstallGetterSetter(isolate_, regexp_fun,
2597  factory->InternalizeUtf8String("leftContext"),
2598  Builtins::kRegExpLeftContextGetter,
2599  Builtins::kEmptyFunction, no_enum);
2600  SimpleInstallGetterSetter(isolate_, regexp_fun,
2601  factory->InternalizeUtf8String("$`"),
2602  Builtins::kRegExpLeftContextGetter,
2603  Builtins::kEmptyFunction, no_enum);
2604 
2605  SimpleInstallGetterSetter(isolate_, regexp_fun,
2606  factory->InternalizeUtf8String("rightContext"),
2607  Builtins::kRegExpRightContextGetter,
2608  Builtins::kEmptyFunction, no_enum);
2609  SimpleInstallGetterSetter(isolate_, regexp_fun,
2610  factory->InternalizeUtf8String("$'"),
2611  Builtins::kRegExpRightContextGetter,
2612  Builtins::kEmptyFunction, no_enum);
2613 
2614 #define INSTALL_CAPTURE_GETTER(i) \
2615  SimpleInstallGetterSetter( \
2616  isolate_, regexp_fun, factory->InternalizeUtf8String("$" #i), \
2617  Builtins::kRegExpCapture##i##Getter, Builtins::kEmptyFunction, no_enum)
2618  INSTALL_CAPTURE_GETTER(1);
2619  INSTALL_CAPTURE_GETTER(2);
2620  INSTALL_CAPTURE_GETTER(3);
2621  INSTALL_CAPTURE_GETTER(4);
2622  INSTALL_CAPTURE_GETTER(5);
2623  INSTALL_CAPTURE_GETTER(6);
2624  INSTALL_CAPTURE_GETTER(7);
2625  INSTALL_CAPTURE_GETTER(8);
2626  INSTALL_CAPTURE_GETTER(9);
2627 #undef INSTALL_CAPTURE_GETTER
2628  }
2629 
2630  DCHECK(regexp_fun->has_initial_map());
2631  Handle<Map> initial_map(regexp_fun->initial_map(), isolate());
2632 
2633  DCHECK_EQ(1, initial_map->GetInObjectProperties());
2634 
2635  Map::EnsureDescriptorSlack(isolate_, initial_map, 1);
2636 
2637  // ECMA-262, section 15.10.7.5.
2638  PropertyAttributes writable =
2639  static_cast<PropertyAttributes>(DONT_ENUM | DONT_DELETE);
2640  Descriptor d = Descriptor::DataField(isolate(), factory->lastIndex_string(),
2641  JSRegExp::kLastIndexFieldIndex,
2642  writable, Representation::Tagged());
2643  initial_map->AppendDescriptor(&d);
2644 
2645  { // Internal: RegExpInternalMatch
2646  Handle<JSFunction> function =
2647  SimpleCreateFunction(isolate_, isolate_->factory()->empty_string(),
2648  Builtins::kRegExpInternalMatch, 2, true);
2649  native_context()->set(Context::REGEXP_INTERNAL_MATCH, *function);
2650  }
2651 
2652  // Create the last match info. One for external use, and one for internal
2653  // use when we don't want to modify the externally visible match info.
2654  Handle<RegExpMatchInfo> last_match_info = factory->NewRegExpMatchInfo();
2655  native_context()->set_regexp_last_match_info(*last_match_info);
2656  Handle<RegExpMatchInfo> internal_match_info = factory->NewRegExpMatchInfo();
2657  native_context()->set_regexp_internal_match_info(*internal_match_info);
2658 
2659  // Force the RegExp constructor to fast properties, so that we can use the
2660  // fast paths for various things like
2661  //
2662  // x instanceof RegExp
2663  //
2664  // etc. We should probably come up with a more principled approach once
2665  // the JavaScript builtins are gone.
2666  JSObject::MigrateSlowToFast(regexp_fun, 0, "Bootstrapping");
2667  }
2668 
2669  { // -- E r r o r
2670  InstallError(isolate_, global, factory->Error_string(),
2671  Context::ERROR_FUNCTION_INDEX);
2672  InstallMakeError(isolate_, Builtins::kMakeError, Context::MAKE_ERROR_INDEX);
2673  }
2674 
2675  { // -- E v a l E r r o r
2676  InstallError(isolate_, global, factory->EvalError_string(),
2677  Context::EVAL_ERROR_FUNCTION_INDEX);
2678  }
2679 
2680  { // -- R a n g e E r r o r
2681  InstallError(isolate_, global, factory->RangeError_string(),
2682  Context::RANGE_ERROR_FUNCTION_INDEX);
2683  InstallMakeError(isolate_, Builtins::kMakeRangeError,
2684  Context::MAKE_RANGE_ERROR_INDEX);
2685  }
2686 
2687  { // -- R e f e r e n c e E r r o r
2688  InstallError(isolate_, global, factory->ReferenceError_string(),
2689  Context::REFERENCE_ERROR_FUNCTION_INDEX);
2690  }
2691 
2692  { // -- S y n t a x E r r o r
2693  InstallError(isolate_, global, factory->SyntaxError_string(),
2694  Context::SYNTAX_ERROR_FUNCTION_INDEX);
2695  InstallMakeError(isolate_, Builtins::kMakeSyntaxError,
2696  Context::MAKE_SYNTAX_ERROR_INDEX);
2697  }
2698 
2699  { // -- T y p e E r r o r
2700  InstallError(isolate_, global, factory->TypeError_string(),
2701  Context::TYPE_ERROR_FUNCTION_INDEX);
2702  InstallMakeError(isolate_, Builtins::kMakeTypeError,
2703  Context::MAKE_TYPE_ERROR_INDEX);
2704  }
2705 
2706  { // -- U R I E r r o r
2707  InstallError(isolate_, global, factory->URIError_string(),
2708  Context::URI_ERROR_FUNCTION_INDEX);
2709  InstallMakeError(isolate_, Builtins::kMakeURIError,
2710  Context::MAKE_URI_ERROR_INDEX);
2711  }
2712 
2713  { // -- C o m p i l e E r r o r
2714  Handle<JSObject> dummy = factory->NewJSObject(isolate_->object_function());
2715  InstallError(isolate_, dummy, factory->CompileError_string(),
2716  Context::WASM_COMPILE_ERROR_FUNCTION_INDEX);
2717 
2718  // -- L i n k E r r o r
2719  InstallError(isolate_, dummy, factory->LinkError_string(),
2720  Context::WASM_LINK_ERROR_FUNCTION_INDEX);
2721 
2722  // -- R u n t i m e E r r o r
2723  InstallError(isolate_, dummy, factory->RuntimeError_string(),
2724  Context::WASM_RUNTIME_ERROR_FUNCTION_INDEX);
2725  }
2726 
2727  // Initialize the embedder data slot.
2728  // TODO(ishell): microtask queue pointer will be moved from native context
2729  // to the embedder data array so we don't need an empty embedder data array.
2730  Handle<EmbedderDataArray> embedder_data = factory->NewEmbedderDataArray(0);
2731  native_context()->set_embedder_data(*embedder_data);
2732 
2733  { // -- J S O N
2734  Handle<String> name = factory->InternalizeUtf8String("JSON");
2735  Handle<JSObject> json_object =
2736  factory->NewJSObject(isolate_->object_function(), TENURED);
2737  JSObject::AddProperty(isolate_, global, name, json_object, DONT_ENUM);
2738  SimpleInstallFunction(isolate_, json_object, "parse", Builtins::kJsonParse,
2739  2, false);
2740  SimpleInstallFunction(isolate_, json_object, "stringify",
2741  Builtins::kJsonStringify, 3, true);
2742  JSObject::AddProperty(
2743  isolate_, json_object, factory->to_string_tag_symbol(),
2744  factory->InternalizeUtf8String("JSON"),
2745  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2746  }
2747 
2748  { // -- M a t h
2749  Handle<String> name = factory->InternalizeUtf8String("Math");
2750  Handle<JSObject> math =
2751  factory->NewJSObject(isolate_->object_function(), TENURED);
2752  JSObject::AddProperty(isolate_, global, name, math, DONT_ENUM);
2753  SimpleInstallFunction(isolate_, math, "abs", Builtins::kMathAbs, 1, true);
2754  SimpleInstallFunction(isolate_, math, "acos", Builtins::kMathAcos, 1, true);
2755  SimpleInstallFunction(isolate_, math, "acosh", Builtins::kMathAcosh, 1,
2756  true);
2757  SimpleInstallFunction(isolate_, math, "asin", Builtins::kMathAsin, 1, true);
2758  SimpleInstallFunction(isolate_, math, "asinh", Builtins::kMathAsinh, 1,
2759  true);
2760  SimpleInstallFunction(isolate_, math, "atan", Builtins::kMathAtan, 1, true);
2761  SimpleInstallFunction(isolate_, math, "atanh", Builtins::kMathAtanh, 1,
2762  true);
2763  SimpleInstallFunction(isolate_, math, "atan2", Builtins::kMathAtan2, 2,
2764  true);
2765  SimpleInstallFunction(isolate_, math, "ceil", Builtins::kMathCeil, 1, true);
2766  SimpleInstallFunction(isolate_, math, "cbrt", Builtins::kMathCbrt, 1, true);
2767  SimpleInstallFunction(isolate_, math, "expm1", Builtins::kMathExpm1, 1,
2768  true);
2769  SimpleInstallFunction(isolate_, math, "clz32", Builtins::kMathClz32, 1,
2770  true);
2771  SimpleInstallFunction(isolate_, math, "cos", Builtins::kMathCos, 1, true);
2772  SimpleInstallFunction(isolate_, math, "cosh", Builtins::kMathCosh, 1, true);
2773  SimpleInstallFunction(isolate_, math, "exp", Builtins::kMathExp, 1, true);
2774  Handle<JSFunction> math_floor = SimpleInstallFunction(
2775  isolate_, math, "floor", Builtins::kMathFloor, 1, true);
2776  native_context()->set_math_floor(*math_floor);
2777  SimpleInstallFunction(isolate_, math, "fround", Builtins::kMathFround, 1,
2778  true);
2779  SimpleInstallFunction(isolate_, math, "hypot", Builtins::kMathHypot, 2,
2780  false);
2781  SimpleInstallFunction(isolate_, math, "imul", Builtins::kMathImul, 2, true);
2782  SimpleInstallFunction(isolate_, math, "log", Builtins::kMathLog, 1, true);
2783  SimpleInstallFunction(isolate_, math, "log1p", Builtins::kMathLog1p, 1,
2784  true);
2785  SimpleInstallFunction(isolate_, math, "log2", Builtins::kMathLog2, 1, true);
2786  SimpleInstallFunction(isolate_, math, "log10", Builtins::kMathLog10, 1,
2787  true);
2788  SimpleInstallFunction(isolate_, math, "max", Builtins::kMathMax, 2, false);
2789  SimpleInstallFunction(isolate_, math, "min", Builtins::kMathMin, 2, false);
2790  Handle<JSFunction> math_pow = SimpleInstallFunction(
2791  isolate_, math, "pow", Builtins::kMathPow, 2, true);
2792  native_context()->set_math_pow(*math_pow);
2793  SimpleInstallFunction(isolate_, math, "random", Builtins::kMathRandom, 0,
2794  true);
2795  SimpleInstallFunction(isolate_, math, "round", Builtins::kMathRound, 1,
2796  true);
2797  SimpleInstallFunction(isolate_, math, "sign", Builtins::kMathSign, 1, true);
2798  SimpleInstallFunction(isolate_, math, "sin", Builtins::kMathSin, 1, true);
2799  SimpleInstallFunction(isolate_, math, "sinh", Builtins::kMathSinh, 1, true);
2800  SimpleInstallFunction(isolate_, math, "sqrt", Builtins::kMathSqrt, 1, true);
2801  SimpleInstallFunction(isolate_, math, "tan", Builtins::kMathTan, 1, true);
2802  SimpleInstallFunction(isolate_, math, "tanh", Builtins::kMathTanh, 1, true);
2803  SimpleInstallFunction(isolate_, math, "trunc", Builtins::kMathTrunc, 1,
2804  true);
2805 
2806  // Install math constants.
2807  double const kE = base::ieee754::exp(1.0);
2808  double const kPI = 3.1415926535897932;
2809  InstallConstant(isolate_, math, "E", factory->NewNumber(kE));
2810  InstallConstant(isolate_, math, "LN10",
2811  factory->NewNumber(base::ieee754::log(10.0)));
2812  InstallConstant(isolate_, math, "LN2",
2813  factory->NewNumber(base::ieee754::log(2.0)));
2814  InstallConstant(isolate_, math, "LOG10E",
2815  factory->NewNumber(base::ieee754::log10(kE)));
2816  InstallConstant(isolate_, math, "LOG2E",
2817  factory->NewNumber(base::ieee754::log2(kE)));
2818  InstallConstant(isolate_, math, "PI", factory->NewNumber(kPI));
2819  InstallConstant(isolate_, math, "SQRT1_2",
2820  factory->NewNumber(std::sqrt(0.5)));
2821  InstallConstant(isolate_, math, "SQRT2",
2822  factory->NewNumber(std::sqrt(2.0)));
2823  JSObject::AddProperty(
2824  isolate_, math, factory->to_string_tag_symbol(),
2825  factory->InternalizeUtf8String("Math"),
2826  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2827  }
2828 
2829  { // -- C o n s o l e
2830  Handle<String> name = factory->InternalizeUtf8String("console");
2831  NewFunctionArgs args = NewFunctionArgs::ForFunctionWithoutCode(
2832  name, isolate_->strict_function_map(), LanguageMode::kStrict);
2833  Handle<JSFunction> cons = factory->NewFunction(args);
2834 
2835  Handle<JSObject> empty = factory->NewJSObject(isolate_->object_function());
2836  JSFunction::SetPrototype(cons, empty);
2837 
2838  Handle<JSObject> console = factory->NewJSObject(cons, TENURED);
2839  DCHECK(console->IsJSObject());
2840  JSObject::AddProperty(isolate_, global, name, console, DONT_ENUM);
2841  SimpleInstallFunction(isolate_, console, "debug", Builtins::kConsoleDebug,
2842  1, false, NONE);
2843  SimpleInstallFunction(isolate_, console, "error", Builtins::kConsoleError,
2844  1, false, NONE);
2845  SimpleInstallFunction(isolate_, console, "info", Builtins::kConsoleInfo, 1,
2846  false, NONE);
2847  SimpleInstallFunction(isolate_, console, "log", Builtins::kConsoleLog, 1,
2848  false, NONE);
2849  SimpleInstallFunction(isolate_, console, "warn", Builtins::kConsoleWarn, 1,
2850  false, NONE);
2851  SimpleInstallFunction(isolate_, console, "dir", Builtins::kConsoleDir, 1,
2852  false, NONE);
2853  SimpleInstallFunction(isolate_, console, "dirxml", Builtins::kConsoleDirXml,
2854  1, false, NONE);
2855  SimpleInstallFunction(isolate_, console, "table", Builtins::kConsoleTable,
2856  1, false, NONE);
2857  SimpleInstallFunction(isolate_, console, "trace", Builtins::kConsoleTrace,
2858  1, false, NONE);
2859  SimpleInstallFunction(isolate_, console, "group", Builtins::kConsoleGroup,
2860  1, false, NONE);
2861  SimpleInstallFunction(isolate_, console, "groupCollapsed",
2862  Builtins::kConsoleGroupCollapsed, 1, false, NONE);
2863  SimpleInstallFunction(isolate_, console, "groupEnd",
2864  Builtins::kConsoleGroupEnd, 1, false, NONE);
2865  SimpleInstallFunction(isolate_, console, "clear", Builtins::kConsoleClear,
2866  1, false, NONE);
2867  SimpleInstallFunction(isolate_, console, "count", Builtins::kConsoleCount,
2868  1, false, NONE);
2869  SimpleInstallFunction(isolate_, console, "countReset",
2870  Builtins::kConsoleCountReset, 1, false, NONE);
2871  SimpleInstallFunction(isolate_, console, "assert",
2872  Builtins::kFastConsoleAssert, 1, false, NONE);
2873  SimpleInstallFunction(isolate_, console, "profile",
2874  Builtins::kConsoleProfile, 1, false, NONE);
2875  SimpleInstallFunction(isolate_, console, "profileEnd",
2876  Builtins::kConsoleProfileEnd, 1, false, NONE);
2877  SimpleInstallFunction(isolate_, console, "time", Builtins::kConsoleTime, 1,
2878  false, NONE);
2879  SimpleInstallFunction(isolate_, console, "timeLog",
2880  Builtins::kConsoleTimeLog, 1, false, NONE);
2881  SimpleInstallFunction(isolate_, console, "timeEnd",
2882  Builtins::kConsoleTimeEnd, 1, false, NONE);
2883  SimpleInstallFunction(isolate_, console, "timeStamp",
2884  Builtins::kConsoleTimeStamp, 1, false, NONE);
2885  SimpleInstallFunction(isolate_, console, "context",
2886  Builtins::kConsoleContext, 1, true, NONE);
2887  JSObject::AddProperty(
2888  isolate_, console, factory->to_string_tag_symbol(),
2889  factory->InternalizeUtf8String("Object"),
2890  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2891  }
2892 
2893 #ifdef V8_INTL_SUPPORT
2894  { // -- I n t l
2895  Handle<String> name = factory->InternalizeUtf8String("Intl");
2896  Handle<JSObject> intl =
2897  factory->NewJSObject(isolate_->object_function(), TENURED);
2898  JSObject::AddProperty(isolate_, global, name, intl, DONT_ENUM);
2899 
2900  SimpleInstallFunction(isolate(), intl, "getCanonicalLocales",
2901  Builtins::kIntlGetCanonicalLocales, 1, false);
2902 
2903  {
2904  Handle<JSFunction> date_time_format_constructor = InstallFunction(
2905  isolate_, intl, "DateTimeFormat", JS_INTL_DATE_TIME_FORMAT_TYPE,
2906  JSDateTimeFormat::kSize, 0, factory->the_hole_value(),
2907  Builtins::kDateTimeFormatConstructor);
2908  date_time_format_constructor->shared()->set_length(0);
2909  date_time_format_constructor->shared()->DontAdaptArguments();
2910  InstallWithIntrinsicDefaultProto(
2911  isolate_, date_time_format_constructor,
2912  Context::INTL_DATE_TIME_FORMAT_FUNCTION_INDEX);
2913 
2914  SimpleInstallFunction(
2915  isolate(), date_time_format_constructor, "supportedLocalesOf",
2916  Builtins::kDateTimeFormatSupportedLocalesOf, 1, false);
2917 
2918  Handle<JSObject> prototype(
2919  JSObject::cast(date_time_format_constructor->prototype()), isolate_);
2920 
2921  // Install the @@toStringTag property on the {prototype}.
2922  JSObject::AddProperty(
2923  isolate_, prototype, factory->to_string_tag_symbol(),
2924  factory->Object_string(),
2925  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2926 
2927  SimpleInstallFunction(isolate_, prototype, "resolvedOptions",
2928  Builtins::kDateTimeFormatPrototypeResolvedOptions,
2929  0, false);
2930 
2931  SimpleInstallFunction(isolate_, prototype, "formatToParts",
2932  Builtins::kDateTimeFormatPrototypeFormatToParts, 1,
2933  false);
2934 
2935  SimpleInstallGetter(isolate_, prototype,
2936  factory->InternalizeUtf8String("format"),
2937  Builtins::kDateTimeFormatPrototypeFormat, false);
2938  }
2939 
2940  {
2941  Handle<JSFunction> number_format_constructor = InstallFunction(
2942  isolate_, intl, "NumberFormat", JS_INTL_NUMBER_FORMAT_TYPE,
2943  JSNumberFormat::kSize, 0, factory->the_hole_value(),
2944  Builtins::kNumberFormatConstructor);
2945  number_format_constructor->shared()->set_length(0);
2946  number_format_constructor->shared()->DontAdaptArguments();
2947  InstallWithIntrinsicDefaultProto(
2948  isolate_, number_format_constructor,
2949  Context::INTL_NUMBER_FORMAT_FUNCTION_INDEX);
2950 
2951  SimpleInstallFunction(
2952  isolate(), number_format_constructor, "supportedLocalesOf",
2953  Builtins::kNumberFormatSupportedLocalesOf, 1, false);
2954 
2955  Handle<JSObject> prototype(
2956  JSObject::cast(number_format_constructor->prototype()), isolate_);
2957 
2958  // Install the @@toStringTag property on the {prototype}.
2959  JSObject::AddProperty(
2960  isolate_, prototype, factory->to_string_tag_symbol(),
2961  factory->Object_string(),
2962  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2963 
2964  SimpleInstallFunction(isolate_, prototype, "resolvedOptions",
2965  Builtins::kNumberFormatPrototypeResolvedOptions, 0,
2966  false);
2967 
2968  SimpleInstallFunction(isolate_, prototype, "formatToParts",
2969  Builtins::kNumberFormatPrototypeFormatToParts, 1,
2970  false);
2971  SimpleInstallGetter(isolate_, prototype,
2972  factory->InternalizeUtf8String("format"),
2973  Builtins::kNumberFormatPrototypeFormatNumber, false);
2974  }
2975 
2976  {
2977  Handle<JSFunction> collator_constructor = InstallFunction(
2978  isolate_, intl, "Collator", JS_INTL_COLLATOR_TYPE, JSCollator::kSize,
2979  0, factory->the_hole_value(), Builtins::kCollatorConstructor);
2980  collator_constructor->shared()->DontAdaptArguments();
2981  InstallWithIntrinsicDefaultProto(isolate_, collator_constructor,
2982  Context::INTL_COLLATOR_FUNCTION_INDEX);
2983 
2984  SimpleInstallFunction(isolate(), collator_constructor,
2985  "supportedLocalesOf",
2986  Builtins::kCollatorSupportedLocalesOf, 1, false);
2987 
2988  Handle<JSObject> prototype(
2989  JSObject::cast(collator_constructor->prototype()), isolate_);
2990 
2991  // Install the @@toStringTag property on the {prototype}.
2992  JSObject::AddProperty(
2993  isolate_, prototype, factory->to_string_tag_symbol(),
2994  factory->Object_string(),
2995  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
2996 
2997  SimpleInstallFunction(isolate_, prototype, "resolvedOptions",
2998  Builtins::kCollatorPrototypeResolvedOptions, 0,
2999  false);
3000 
3001  SimpleInstallGetter(isolate_, prototype,
3002  factory->InternalizeUtf8String("compare"),
3003  Builtins::kCollatorPrototypeCompare, false);
3004  }
3005 
3006  {
3007  Handle<JSFunction> v8_break_iterator_constructor = InstallFunction(
3008  isolate_, intl, "v8BreakIterator", JS_INTL_V8_BREAK_ITERATOR_TYPE,
3009  JSV8BreakIterator::kSize, 0, factory->the_hole_value(),
3010  Builtins::kV8BreakIteratorConstructor);
3011  v8_break_iterator_constructor->shared()->DontAdaptArguments();
3012 
3013  SimpleInstallFunction(
3014  isolate_, v8_break_iterator_constructor, "supportedLocalesOf",
3015  Builtins::kV8BreakIteratorSupportedLocalesOf, 1, false);
3016 
3017  Handle<JSObject> prototype(
3018  JSObject::cast(v8_break_iterator_constructor->prototype()), isolate_);
3019 
3020  // Install the @@toStringTag property on the {prototype}.
3021  JSObject::AddProperty(
3022  isolate_, prototype, factory->to_string_tag_symbol(),
3023  factory->Object_string(),
3024  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3025 
3026  SimpleInstallFunction(isolate_, prototype, "resolvedOptions",
3027  Builtins::kV8BreakIteratorPrototypeResolvedOptions,
3028  0, false);
3029 
3030  SimpleInstallGetter(isolate_, prototype,
3031  factory->InternalizeUtf8String("adoptText"),
3032  Builtins::kV8BreakIteratorPrototypeAdoptText, false);
3033 
3034  SimpleInstallGetter(isolate_, prototype,
3035  factory->InternalizeUtf8String("first"),
3036  Builtins::kV8BreakIteratorPrototypeFirst, false);
3037 
3038  SimpleInstallGetter(isolate_, prototype,
3039  factory->InternalizeUtf8String("next"),
3040  Builtins::kV8BreakIteratorPrototypeNext, false);
3041 
3042  SimpleInstallGetter(isolate_, prototype,
3043  factory->InternalizeUtf8String("current"),
3044  Builtins::kV8BreakIteratorPrototypeCurrent, false);
3045 
3046  SimpleInstallGetter(isolate_, prototype,
3047  factory->InternalizeUtf8String("breakType"),
3048  Builtins::kV8BreakIteratorPrototypeBreakType, false);
3049  }
3050 
3051  {
3052  Handle<JSFunction> plural_rules_constructor = InstallFunction(
3053  isolate_, intl, "PluralRules", JS_INTL_PLURAL_RULES_TYPE,
3054  JSPluralRules::kSize, 0, factory->the_hole_value(),
3055  Builtins::kPluralRulesConstructor);
3056  plural_rules_constructor->shared()->DontAdaptArguments();
3057 
3058  SimpleInstallFunction(isolate(), plural_rules_constructor,
3059  "supportedLocalesOf",
3060  Builtins::kPluralRulesSupportedLocalesOf, 1, false);
3061 
3062  Handle<JSObject> prototype(
3063  JSObject::cast(plural_rules_constructor->prototype()), isolate_);
3064 
3065  // Install the @@toStringTag property on the {prototype}.
3066  JSObject::AddProperty(
3067  isolate_, prototype, factory->to_string_tag_symbol(),
3068  factory->Object_string(),
3069  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3070 
3071  SimpleInstallFunction(isolate_, prototype, "resolvedOptions",
3072  Builtins::kPluralRulesPrototypeResolvedOptions, 0,
3073  false);
3074 
3075  SimpleInstallFunction(isolate_, prototype, "select",
3076  Builtins::kPluralRulesPrototypeSelect, 1, false);
3077  }
3078  }
3079 #endif // V8_INTL_SUPPORT
3080 
3081  { // -- A r r a y B u f f e r
3082  Handle<String> name = factory->ArrayBuffer_string();
3083  Handle<JSFunction> array_buffer_fun = CreateArrayBuffer(name, ARRAY_BUFFER);
3084  JSObject::AddProperty(isolate_, global, name, array_buffer_fun, DONT_ENUM);
3085  InstallWithIntrinsicDefaultProto(isolate_, array_buffer_fun,
3086  Context::ARRAY_BUFFER_FUN_INDEX);
3087  InstallSpeciesGetter(isolate_, array_buffer_fun);
3088 
3089  Handle<JSFunction> array_buffer_noinit_fun = SimpleCreateFunction(
3090  isolate_,
3091  factory->InternalizeUtf8String(
3092  "arrayBufferConstructor_DoNotInitialize"),
3093  Builtins::kArrayBufferConstructor_DoNotInitialize, 1, false);
3094  native_context()->set_array_buffer_noinit_fun(*array_buffer_noinit_fun);
3095  }
3096 
3097  { // -- S h a r e d A r r a y B u f f e r
3098  Handle<String> name = factory->SharedArrayBuffer_string();
3099  Handle<JSFunction> shared_array_buffer_fun =
3100  CreateArrayBuffer(name, SHARED_ARRAY_BUFFER);
3101  InstallWithIntrinsicDefaultProto(isolate_, shared_array_buffer_fun,
3102  Context::SHARED_ARRAY_BUFFER_FUN_INDEX);
3103  InstallSpeciesGetter(isolate_, shared_array_buffer_fun);
3104  }
3105 
3106  { // -- A t o m i c s
3107  Handle<JSObject> atomics_object =
3108  factory->NewJSObject(isolate_->object_function(), TENURED);
3109  native_context()->set_atomics_object(*atomics_object);
3110 
3111  SimpleInstallFunction(isolate_, atomics_object, "load",
3112  Builtins::kAtomicsLoad, 2, true);
3113  SimpleInstallFunction(isolate_, atomics_object, "store",
3114  Builtins::kAtomicsStore, 3, true);
3115  SimpleInstallFunction(isolate_, atomics_object, "add",
3116  Builtins::kAtomicsAdd, 3, true);
3117  SimpleInstallFunction(isolate_, atomics_object, "sub",
3118  Builtins::kAtomicsSub, 3, true);
3119  SimpleInstallFunction(isolate_, atomics_object, "and",
3120  Builtins::kAtomicsAnd, 3, true);
3121  SimpleInstallFunction(isolate_, atomics_object, "or", Builtins::kAtomicsOr,
3122  3, true);
3123  SimpleInstallFunction(isolate_, atomics_object, "xor",
3124  Builtins::kAtomicsXor, 3, true);
3125  SimpleInstallFunction(isolate_, atomics_object, "exchange",
3126  Builtins::kAtomicsExchange, 3, true);
3127  SimpleInstallFunction(isolate_, atomics_object, "compareExchange",
3128  Builtins::kAtomicsCompareExchange, 4, true);
3129  SimpleInstallFunction(isolate_, atomics_object, "isLockFree",
3130  Builtins::kAtomicsIsLockFree, 1, true);
3131  SimpleInstallFunction(isolate_, atomics_object, "wait",
3132  Builtins::kAtomicsWait, 4, true);
3133  SimpleInstallFunction(isolate_, atomics_object, "wake",
3134  Builtins::kAtomicsWake, 3, true);
3135  SimpleInstallFunction(isolate_, atomics_object, "notify",
3136  Builtins::kAtomicsNotify, 3, true);
3137  }
3138 
3139  { // -- T y p e d A r r a y
3140  Handle<JSFunction> typed_array_fun = CreateFunction(
3141  isolate_, factory->InternalizeUtf8String("TypedArray"),
3142  JS_TYPED_ARRAY_TYPE, JSTypedArray::kHeaderSize, 0,
3143  factory->the_hole_value(), Builtins::kTypedArrayBaseConstructor);
3144  typed_array_fun->shared()->set_native(false);
3145  typed_array_fun->shared()->set_length(0);
3146  InstallSpeciesGetter(isolate_, typed_array_fun);
3147  native_context()->set_typed_array_function(*typed_array_fun);
3148 
3149  SimpleInstallFunction(isolate_, typed_array_fun, "of",
3150  Builtins::kTypedArrayOf, 0, false);
3151  SimpleInstallFunction(isolate_, typed_array_fun, "from",
3152  Builtins::kTypedArrayFrom, 1, false);
3153 
3154  // Setup %TypedArrayPrototype%.
3155  Handle<JSObject> prototype(
3156  JSObject::cast(typed_array_fun->instance_prototype()), isolate());
3157  native_context()->set_typed_array_prototype(*prototype);
3158 
3159  // Install the "buffer", "byteOffset", "byteLength", "length"
3160  // and @@toStringTag getters on the {prototype}.
3161  SimpleInstallGetter(isolate_, prototype, factory->buffer_string(),
3162  Builtins::kTypedArrayPrototypeBuffer, false);
3163  SimpleInstallGetter(isolate_, prototype, factory->byte_length_string(),
3164  Builtins::kTypedArrayPrototypeByteLength, true,
3165  BuiltinFunctionId::kTypedArrayByteLength);
3166  SimpleInstallGetter(isolate_, prototype, factory->byte_offset_string(),
3167  Builtins::kTypedArrayPrototypeByteOffset, true,
3168  BuiltinFunctionId::kTypedArrayByteOffset);
3169  SimpleInstallGetter(isolate_, prototype, factory->length_string(),
3170  Builtins::kTypedArrayPrototypeLength, true,
3171  BuiltinFunctionId::kTypedArrayLength);
3172  SimpleInstallGetter(isolate_, prototype, factory->to_string_tag_symbol(),
3173  Builtins::kTypedArrayPrototypeToStringTag, true,
3174  BuiltinFunctionId::kTypedArrayToStringTag);
3175 
3176  // Install "keys", "values" and "entries" methods on the {prototype}.
3177  InstallFunctionWithBuiltinId(isolate_, prototype, "entries",
3178  Builtins::kTypedArrayPrototypeEntries, 0, true,
3179  BuiltinFunctionId::kTypedArrayEntries);
3180 
3181  InstallFunctionWithBuiltinId(isolate_, prototype, "keys",
3182  Builtins::kTypedArrayPrototypeKeys, 0, true,
3183  BuiltinFunctionId::kTypedArrayKeys);
3184 
3185  Handle<JSFunction> values = InstallFunctionWithBuiltinId(
3186  isolate_, prototype, "values", Builtins::kTypedArrayPrototypeValues, 0,
3187  true, BuiltinFunctionId::kTypedArrayValues);
3188  JSObject::AddProperty(isolate_, prototype, factory->iterator_symbol(),
3189  values, DONT_ENUM);
3190 
3191  // TODO(caitp): alphasort accessors/methods
3192  SimpleInstallFunction(isolate_, prototype, "copyWithin",
3193  Builtins::kTypedArrayPrototypeCopyWithin, 2, false);
3194  SimpleInstallFunction(isolate_, prototype, "every",
3195  Builtins::kTypedArrayPrototypeEvery, 1, false);
3196  SimpleInstallFunction(isolate_, prototype, "fill",
3197  Builtins::kTypedArrayPrototypeFill, 1, false);
3198  SimpleInstallFunction(isolate_, prototype, "filter",
3199  Builtins::kTypedArrayPrototypeFilter, 1, false);
3200  SimpleInstallFunction(isolate_, prototype, "find",
3201  Builtins::kTypedArrayPrototypeFind, 1, false);
3202  SimpleInstallFunction(isolate_, prototype, "findIndex",
3203  Builtins::kTypedArrayPrototypeFindIndex, 1, false);
3204  SimpleInstallFunction(isolate_, prototype, "forEach",
3205  Builtins::kTypedArrayPrototypeForEach, 1, false);
3206  SimpleInstallFunction(isolate_, prototype, "includes",
3207  Builtins::kTypedArrayPrototypeIncludes, 1, false);
3208  SimpleInstallFunction(isolate_, prototype, "indexOf",
3209  Builtins::kTypedArrayPrototypeIndexOf, 1, false);
3210  SimpleInstallFunction(isolate_, prototype, "lastIndexOf",
3211  Builtins::kTypedArrayPrototypeLastIndexOf, 1, false);
3212  SimpleInstallFunction(isolate_, prototype, "map",
3213  Builtins::kTypedArrayPrototypeMap, 1, false);
3214  SimpleInstallFunction(isolate_, prototype, "reverse",
3215  Builtins::kTypedArrayPrototypeReverse, 0, false);
3216  SimpleInstallFunction(isolate_, prototype, "reduce",
3217  Builtins::kTypedArrayPrototypeReduce, 1, false);
3218  SimpleInstallFunction(isolate_, prototype, "reduceRight",
3219  Builtins::kTypedArrayPrototypeReduceRight, 1, false);
3220  SimpleInstallFunction(isolate_, prototype, "set",
3221  Builtins::kTypedArrayPrototypeSet, 1, false);
3222  SimpleInstallFunction(isolate_, prototype, "slice",
3223  Builtins::kTypedArrayPrototypeSlice, 2, false);
3224  SimpleInstallFunction(isolate_, prototype, "some",
3225  Builtins::kTypedArrayPrototypeSome, 1, false);
3226  SimpleInstallFunction(isolate_, prototype, "sort",
3227  Builtins::kTypedArrayPrototypeSort, 1, false);
3228  SimpleInstallFunction(isolate_, prototype, "subarray",
3229  Builtins::kTypedArrayPrototypeSubArray, 2, false);
3230  }
3231 
3232  { // -- T y p e d A r r a y s
3233 #define INSTALL_TYPED_ARRAY(Type, type, TYPE, ctype) \
3234  { \
3235  Handle<JSFunction> fun = \
3236  InstallTypedArray(#Type "Array", TYPE##_ELEMENTS); \
3237  InstallWithIntrinsicDefaultProto(isolate_, fun, \
3238  Context::TYPE##_ARRAY_FUN_INDEX); \
3239  }
3240  TYPED_ARRAYS(INSTALL_TYPED_ARRAY)
3241 #undef INSTALL_TYPED_ARRAY
3242  }
3243 
3244  { // -- D a t a V i e w
3245  Handle<JSFunction> data_view_fun = InstallFunction(
3246  isolate_, global, "DataView", JS_DATA_VIEW_TYPE,
3247  JSDataView::kSizeWithEmbedderFields, 0, factory->the_hole_value(),
3248  Builtins::kDataViewConstructor);
3249  InstallWithIntrinsicDefaultProto(isolate_, data_view_fun,
3250  Context::DATA_VIEW_FUN_INDEX);
3251  data_view_fun->shared()->set_length(1);
3252  data_view_fun->shared()->DontAdaptArguments();
3253 
3254  // Setup %DataViewPrototype%.
3255  Handle<JSObject> prototype(
3256  JSObject::cast(data_view_fun->instance_prototype()), isolate());
3257 
3258  // Install the @@toStringTag property on the {prototype}.
3259  JSObject::AddProperty(
3260  isolate_, prototype, factory->to_string_tag_symbol(),
3261  factory->InternalizeUtf8String("DataView"),
3262  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3263 
3264  // Install the "buffer", "byteOffset" and "byteLength" getters
3265  // on the {prototype}.
3266  SimpleInstallGetter(isolate_, prototype, factory->buffer_string(),
3267  Builtins::kDataViewPrototypeGetBuffer, false,
3268  BuiltinFunctionId::kDataViewBuffer);
3269  SimpleInstallGetter(isolate_, prototype, factory->byte_length_string(),
3270  Builtins::kDataViewPrototypeGetByteLength, false,
3271  BuiltinFunctionId::kDataViewByteLength);
3272  SimpleInstallGetter(isolate_, prototype, factory->byte_offset_string(),
3273  Builtins::kDataViewPrototypeGetByteOffset, false,
3274  BuiltinFunctionId::kDataViewByteOffset);
3275 
3276  SimpleInstallFunction(isolate_, prototype, "getInt8",
3277  Builtins::kDataViewPrototypeGetInt8, 1, false);
3278  SimpleInstallFunction(isolate_, prototype, "setInt8",
3279  Builtins::kDataViewPrototypeSetInt8, 2, false);
3280  SimpleInstallFunction(isolate_, prototype, "getUint8",
3281  Builtins::kDataViewPrototypeGetUint8, 1, false);
3282  SimpleInstallFunction(isolate_, prototype, "setUint8",
3283  Builtins::kDataViewPrototypeSetUint8, 2, false);
3284  SimpleInstallFunction(isolate_, prototype, "getInt16",
3285  Builtins::kDataViewPrototypeGetInt16, 1, false);
3286  SimpleInstallFunction(isolate_, prototype, "setInt16",
3287  Builtins::kDataViewPrototypeSetInt16, 2, false);
3288  SimpleInstallFunction(isolate_, prototype, "getUint16",
3289  Builtins::kDataViewPrototypeGetUint16, 1, false);
3290  SimpleInstallFunction(isolate_, prototype, "setUint16",
3291  Builtins::kDataViewPrototypeSetUint16, 2, false);
3292  SimpleInstallFunction(isolate_, prototype, "getInt32",
3293  Builtins::kDataViewPrototypeGetInt32, 1, false);
3294  SimpleInstallFunction(isolate_, prototype, "setInt32",
3295  Builtins::kDataViewPrototypeSetInt32, 2, false);
3296  SimpleInstallFunction(isolate_, prototype, "getUint32",
3297  Builtins::kDataViewPrototypeGetUint32, 1, false);
3298  SimpleInstallFunction(isolate_, prototype, "setUint32",
3299  Builtins::kDataViewPrototypeSetUint32, 2, false);
3300  SimpleInstallFunction(isolate_, prototype, "getFloat32",
3301  Builtins::kDataViewPrototypeGetFloat32, 1, false);
3302  SimpleInstallFunction(isolate_, prototype, "setFloat32",
3303  Builtins::kDataViewPrototypeSetFloat32, 2, false);
3304  SimpleInstallFunction(isolate_, prototype, "getFloat64",
3305  Builtins::kDataViewPrototypeGetFloat64, 1, false);
3306  SimpleInstallFunction(isolate_, prototype, "setFloat64",
3307  Builtins::kDataViewPrototypeSetFloat64, 2, false);
3308  SimpleInstallFunction(isolate_, prototype, "getBigInt64",
3309  Builtins::kDataViewPrototypeGetBigInt64, 1, false);
3310  SimpleInstallFunction(isolate_, prototype, "setBigInt64",
3311  Builtins::kDataViewPrototypeSetBigInt64, 2, false);
3312  SimpleInstallFunction(isolate_, prototype, "getBigUint64",
3313  Builtins::kDataViewPrototypeGetBigUint64, 1, false);
3314  SimpleInstallFunction(isolate_, prototype, "setBigUint64",
3315  Builtins::kDataViewPrototypeSetBigUint64, 2, false);
3316  }
3317 
3318  { // -- M a p
3319  Handle<JSFunction> js_map_fun =
3320  InstallFunction(isolate_, global, "Map", JS_MAP_TYPE, JSMap::kSize, 0,
3321  factory->the_hole_value(), Builtins::kMapConstructor);
3322  InstallWithIntrinsicDefaultProto(isolate_, js_map_fun,
3323  Context::JS_MAP_FUN_INDEX);
3324 
3325  Handle<SharedFunctionInfo> shared(js_map_fun->shared(), isolate_);
3326  shared->DontAdaptArguments();
3327  shared->set_length(0);
3328 
3329  // Setup %MapPrototype%.
3330  Handle<JSObject> prototype(JSObject::cast(js_map_fun->instance_prototype()),
3331  isolate());
3332 
3333  // Install the @@toStringTag property on the {prototype}.
3334  JSObject::AddProperty(
3335  isolate_, prototype, factory->to_string_tag_symbol(),
3336  factory->Map_string(),
3337  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3338 
3339  Handle<JSFunction> map_get = SimpleInstallFunction(
3340  isolate_, prototype, "get", Builtins::kMapPrototypeGet, 1, true);
3341  native_context()->set_map_get(*map_get);
3342 
3343  Handle<JSFunction> map_set = SimpleInstallFunction(
3344  isolate_, prototype, "set", Builtins::kMapPrototypeSet, 2, true);
3345  // Check that index of "set" function in JSCollection is correct.
3346  DCHECK_EQ(JSCollection::kAddFunctionDescriptorIndex,
3347  prototype->map()->LastAdded());
3348  native_context()->set_map_set(*map_set);
3349 
3350  Handle<JSFunction> map_has = SimpleInstallFunction(
3351  isolate_, prototype, "has", Builtins::kMapPrototypeHas, 1, true);
3352  native_context()->set_map_has(*map_has);
3353 
3354  Handle<JSFunction> map_delete = SimpleInstallFunction(
3355  isolate_, prototype, "delete", Builtins::kMapPrototypeDelete, 1, true);
3356  native_context()->set_map_delete(*map_delete);
3357 
3358  SimpleInstallFunction(isolate_, prototype, "clear",
3359  Builtins::kMapPrototypeClear, 0, true);
3360  Handle<JSFunction> entries =
3361  SimpleInstallFunction(isolate_, prototype, "entries",
3362  Builtins::kMapPrototypeEntries, 0, true);
3363  JSObject::AddProperty(isolate_, prototype, factory->iterator_symbol(),
3364  entries, DONT_ENUM);
3365  SimpleInstallFunction(isolate_, prototype, "forEach",
3366  Builtins::kMapPrototypeForEach, 1, false);
3367  SimpleInstallFunction(isolate_, prototype, "keys",
3368  Builtins::kMapPrototypeKeys, 0, true);
3369  SimpleInstallGetter(
3370  isolate_, prototype, factory->InternalizeUtf8String("size"),
3371  Builtins::kMapPrototypeGetSize, true, BuiltinFunctionId::kMapSize);
3372  SimpleInstallFunction(isolate_, prototype, "values",
3373  Builtins::kMapPrototypeValues, 0, true);
3374 
3375  native_context()->set_initial_map_prototype_map(prototype->map());
3376 
3377  InstallSpeciesGetter(isolate_, js_map_fun);
3378  }
3379 
3380  { // -- B i g I n t
3381  Handle<JSFunction> bigint_fun = InstallFunction(
3382  isolate_, global, "BigInt", JS_VALUE_TYPE, JSValue::kSize, 0,
3383  factory->the_hole_value(), Builtins::kBigIntConstructor);
3384  bigint_fun->shared()->set_builtin_function_id(
3385  BuiltinFunctionId::kBigIntConstructor);
3386  bigint_fun->shared()->DontAdaptArguments();
3387  bigint_fun->shared()->set_length(1);
3388  InstallWithIntrinsicDefaultProto(isolate_, bigint_fun,
3389  Context::BIGINT_FUNCTION_INDEX);
3390 
3391  // Install the properties of the BigInt constructor.
3392  // asUintN(bits, bigint)
3393  SimpleInstallFunction(isolate_, bigint_fun, "asUintN",
3394  Builtins::kBigIntAsUintN, 2, false);
3395  // asIntN(bits, bigint)
3396  SimpleInstallFunction(isolate_, bigint_fun, "asIntN",
3397  Builtins::kBigIntAsIntN, 2, false);
3398 
3399  // Set up the %BigIntPrototype%.
3400  Handle<JSObject> prototype(JSObject::cast(bigint_fun->instance_prototype()),
3401  isolate_);
3402  JSFunction::SetPrototype(bigint_fun, prototype);
3403 
3404  // Install the properties of the BigInt.prototype.
3405  // "constructor" is created implicitly by InstallFunction() above.
3406  // toLocaleString([reserved1 [, reserved2]])
3407  SimpleInstallFunction(isolate_, prototype, "toLocaleString",
3408  Builtins::kBigIntPrototypeToLocaleString, 0, false);
3409  // toString([radix])
3410  SimpleInstallFunction(isolate_, prototype, "toString",
3411  Builtins::kBigIntPrototypeToString, 0, false);
3412  // valueOf()
3413  SimpleInstallFunction(isolate_, prototype, "valueOf",
3414  Builtins::kBigIntPrototypeValueOf, 0, false);
3415  // @@toStringTag
3416  JSObject::AddProperty(
3417  isolate_, prototype, factory->to_string_tag_symbol(),
3418  factory->BigInt_string(),
3419  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3420  }
3421 
3422  { // -- S e t
3423  Handle<JSFunction> js_set_fun =
3424  InstallFunction(isolate_, global, "Set", JS_SET_TYPE, JSSet::kSize, 0,
3425  factory->the_hole_value(), Builtins::kSetConstructor);
3426  InstallWithIntrinsicDefaultProto(isolate_, js_set_fun,
3427  Context::JS_SET_FUN_INDEX);
3428 
3429  Handle<SharedFunctionInfo> shared(js_set_fun->shared(), isolate_);
3430  shared->DontAdaptArguments();
3431  shared->set_length(0);
3432 
3433  // Setup %SetPrototype%.
3434  Handle<JSObject> prototype(JSObject::cast(js_set_fun->instance_prototype()),
3435  isolate());
3436 
3437  // Install the @@toStringTag property on the {prototype}.
3438  JSObject::AddProperty(
3439  isolate_, prototype, factory->to_string_tag_symbol(),
3440  factory->Set_string(),
3441  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3442 
3443  Handle<JSFunction> set_has = SimpleInstallFunction(
3444  isolate_, prototype, "has", Builtins::kSetPrototypeHas, 1, true);
3445  native_context()->set_set_has(*set_has);
3446 
3447  Handle<JSFunction> set_add = SimpleInstallFunction(
3448  isolate_, prototype, "add", Builtins::kSetPrototypeAdd, 1, true);
3449  // Check that index of "add" function in JSCollection is correct.
3450  DCHECK_EQ(JSCollection::kAddFunctionDescriptorIndex,
3451  prototype->map()->LastAdded());
3452  native_context()->set_set_add(*set_add);
3453 
3454  Handle<JSFunction> set_delete = SimpleInstallFunction(
3455  isolate_, prototype, "delete", Builtins::kSetPrototypeDelete, 1, true);
3456  native_context()->set_set_delete(*set_delete);
3457 
3458  SimpleInstallFunction(isolate_, prototype, "clear",
3459  Builtins::kSetPrototypeClear, 0, true);
3460  SimpleInstallFunction(isolate_, prototype, "entries",
3461  Builtins::kSetPrototypeEntries, 0, true);
3462  SimpleInstallFunction(isolate_, prototype, "forEach",
3463  Builtins::kSetPrototypeForEach, 1, false);
3464  SimpleInstallGetter(
3465  isolate_, prototype, factory->InternalizeUtf8String("size"),
3466  Builtins::kSetPrototypeGetSize, true, BuiltinFunctionId::kSetSize);
3467  Handle<JSFunction> values = SimpleInstallFunction(
3468  isolate_, prototype, "values", Builtins::kSetPrototypeValues, 0, true);
3469  JSObject::AddProperty(isolate_, prototype, factory->keys_string(), values,
3470  DONT_ENUM);
3471  JSObject::AddProperty(isolate_, prototype, factory->iterator_symbol(),
3472  values, DONT_ENUM);
3473 
3474  native_context()->set_initial_set_prototype_map(prototype->map());
3475  native_context()->set_initial_set_prototype(*prototype);
3476 
3477  InstallSpeciesGetter(isolate_, js_set_fun);
3478  }
3479 
3480  { // -- J S M o d u l e N a m e s p a c e
3481  Handle<Map> map = factory->NewMap(
3482  JS_MODULE_NAMESPACE_TYPE, JSModuleNamespace::kSize,
3483  TERMINAL_FAST_ELEMENTS_KIND, JSModuleNamespace::kInObjectFieldCount);
3484  Map::SetPrototype(isolate(), map, isolate_->factory()->null_value());
3485  Map::EnsureDescriptorSlack(isolate_, map, 1);
3486  native_context()->set_js_module_namespace_map(*map);
3487 
3488  { // Install @@toStringTag.
3489  PropertyAttributes attribs =
3490  static_cast<PropertyAttributes>(DONT_DELETE | DONT_ENUM | READ_ONLY);
3491  Descriptor d =
3492  Descriptor::DataField(isolate(), factory->to_string_tag_symbol(),
3493  JSModuleNamespace::kToStringTagFieldIndex,
3494  attribs, Representation::Tagged());
3495  map->AppendDescriptor(&d);
3496  }
3497  }
3498 
3499  { // -- I t e r a t o r R e s u l t
3500  Handle<Map> map = factory->NewMap(JS_OBJECT_TYPE, JSIteratorResult::kSize,
3501  TERMINAL_FAST_ELEMENTS_KIND, 2);
3502  Map::SetPrototype(isolate(), map, isolate_->initial_object_prototype());
3503  Map::EnsureDescriptorSlack(isolate_, map, 2);
3504 
3505  { // value
3506  Descriptor d = Descriptor::DataField(isolate(), factory->value_string(),
3507  JSIteratorResult::kValueIndex, NONE,
3508  Representation::Tagged());
3509  map->AppendDescriptor(&d);
3510  }
3511 
3512  { // done
3513  Descriptor d = Descriptor::DataField(isolate(), factory->done_string(),
3514  JSIteratorResult::kDoneIndex, NONE,
3515  Representation::Tagged());
3516  map->AppendDescriptor(&d);
3517  }
3518 
3519  map->SetConstructor(native_context()->object_function());
3520  native_context()->set_iterator_result_map(*map);
3521  }
3522 
3523  { // -- W e a k M a p
3524  Handle<JSFunction> cons = InstallFunction(
3525  isolate_, global, "WeakMap", JS_WEAK_MAP_TYPE, JSWeakMap::kSize, 0,
3526  factory->the_hole_value(), Builtins::kWeakMapConstructor);
3527  InstallWithIntrinsicDefaultProto(isolate_, cons,
3528  Context::JS_WEAK_MAP_FUN_INDEX);
3529 
3530  Handle<SharedFunctionInfo> shared(cons->shared(), isolate_);
3531  shared->DontAdaptArguments();
3532  shared->set_length(0);
3533 
3534  // Setup %WeakMapPrototype%.
3535  Handle<JSObject> prototype(JSObject::cast(cons->instance_prototype()),
3536  isolate());
3537 
3538  SimpleInstallFunction(isolate_, prototype, "delete",
3539  Builtins::kWeakMapPrototypeDelete, 1, true);
3540  Handle<JSFunction> weakmap_get = SimpleInstallFunction(
3541  isolate_, prototype, "get", Builtins::kWeakMapGet, 1, true);
3542  native_context()->set_weakmap_get(*weakmap_get);
3543 
3544  Handle<JSFunction> weakmap_set = SimpleInstallFunction(
3545  isolate_, prototype, "set", Builtins::kWeakMapPrototypeSet, 2, true);
3546  // Check that index of "set" function in JSWeakCollection is correct.
3547  DCHECK_EQ(JSWeakCollection::kAddFunctionDescriptorIndex,
3548  prototype->map()->LastAdded());
3549 
3550  native_context()->set_weakmap_set(*weakmap_set);
3551  SimpleInstallFunction(isolate_, prototype, "has", Builtins::kWeakMapHas, 1,
3552  true);
3553 
3554  JSObject::AddProperty(
3555  isolate_, prototype, factory->to_string_tag_symbol(),
3556  factory->InternalizeUtf8String("WeakMap"),
3557  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3558 
3559  native_context()->set_initial_weakmap_prototype_map(prototype->map());
3560  }
3561 
3562  { // -- W e a k S e t
3563  Handle<JSFunction> cons = InstallFunction(
3564  isolate_, global, "WeakSet", JS_WEAK_SET_TYPE, JSWeakSet::kSize, 0,
3565  factory->the_hole_value(), Builtins::kWeakSetConstructor);
3566  InstallWithIntrinsicDefaultProto(isolate_, cons,
3567  Context::JS_WEAK_SET_FUN_INDEX);
3568 
3569  Handle<SharedFunctionInfo> shared(cons->shared(), isolate_);
3570  shared->DontAdaptArguments();
3571  shared->set_length(0);
3572 
3573  // Setup %WeakSetPrototype%.
3574  Handle<JSObject> prototype(JSObject::cast(cons->instance_prototype()),
3575  isolate());
3576 
3577  SimpleInstallFunction(isolate_, prototype, "delete",
3578  Builtins::kWeakSetPrototypeDelete, 1, true);
3579  SimpleInstallFunction(isolate_, prototype, "has", Builtins::kWeakSetHas, 1,
3580  true);
3581 
3582  Handle<JSFunction> weakset_add = SimpleInstallFunction(
3583  isolate_, prototype, "add", Builtins::kWeakSetPrototypeAdd, 1, true);
3584  // Check that index of "add" function in JSWeakCollection is correct.
3585  DCHECK_EQ(JSWeakCollection::kAddFunctionDescriptorIndex,
3586  prototype->map()->LastAdded());
3587 
3588  native_context()->set_weakset_add(*weakset_add);
3589 
3590  JSObject::AddProperty(
3591  isolate_, prototype, factory->to_string_tag_symbol(),
3592  factory->InternalizeUtf8String("WeakSet"),
3593  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
3594 
3595  native_context()->set_initial_weakset_prototype_map(prototype->map());
3596  }
3597 
3598  { // -- P r o x y
3599  CreateJSProxyMaps();
3600  // Proxy function map has prototype slot for storing initial map but does
3601  // not have a prototype property.
3602  Handle<Map> proxy_function_map = Map::Copy(
3603  isolate_, isolate_->strict_function_without_prototype_map(), "Proxy");
3604  proxy_function_map->set_is_constructor(true);
3605 
3606  Handle<String> name = factory->Proxy_string();
3607 
3608  NewFunctionArgs args = NewFunctionArgs::ForBuiltin(
3609  name, proxy_function_map, Builtins::kProxyConstructor);
3610  Handle<JSFunction> proxy_function = factory->NewFunction(args);
3611 
3612  isolate_->proxy_map()->SetConstructor(*proxy_function);
3613 
3614  proxy_function->shared()->set_internal_formal_parameter_count(2);
3615  proxy_function->shared()->set_length(2);
3616 
3617  native_context()->set_proxy_function(*proxy_function);
3618  JSObject::AddProperty(isolate_, global, name, proxy_function, DONT_ENUM);
3619 
3620  DCHECK(!proxy_function->has_prototype_property());
3621 
3622  SimpleInstallFunction(isolate_, proxy_function, "revocable",
3623  Builtins::kProxyRevocable, 2, true);
3624 
3625  { // Internal: ProxyRevoke
3626  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
3627  isolate_, Builtins::kProxyRevoke, factory->empty_string(), 0);
3628  native_context()->set_proxy_revoke_shared_fun(*info);
3629  }
3630  }
3631 
3632  { // -- R e f l e c t
3633  Handle<String> reflect_string = factory->InternalizeUtf8String("Reflect");
3634  Handle<JSObject> reflect =
3635  factory->NewJSObject(isolate_->object_function(), TENURED);
3636  JSObject::AddProperty(isolate_, global, reflect_string, reflect, DONT_ENUM);
3637 
3638  Handle<JSFunction> define_property =
3639  SimpleInstallFunction(isolate_, reflect, "defineProperty",
3640  Builtins::kReflectDefineProperty, 3, true);
3641  native_context()->set_reflect_define_property(*define_property);
3642 
3643  Handle<JSFunction> delete_property =
3644  SimpleInstallFunction(isolate_, reflect, "deleteProperty",
3645  Builtins::kReflectDeleteProperty, 2, true);
3646  native_context()->set_reflect_delete_property(*delete_property);
3647 
3648  Handle<JSFunction> apply = SimpleInstallFunction(
3649  isolate_, reflect, "apply", Builtins::kReflectApply, 3, false);
3650  native_context()->set_reflect_apply(*apply);
3651 
3652  Handle<JSFunction> construct = SimpleInstallFunction(
3653  isolate_, reflect, "construct", Builtins::kReflectConstruct, 2, false);
3654  native_context()->set_reflect_construct(*construct);
3655 
3656  SimpleInstallFunction(isolate_, reflect, "get", Builtins::kReflectGet, 2,
3657  false);
3658  SimpleInstallFunction(isolate_, reflect, "getOwnPropertyDescriptor",
3659  Builtins::kReflectGetOwnPropertyDescriptor, 2, true);
3660  SimpleInstallFunction(isolate_, reflect, "getPrototypeOf",
3661  Builtins::kReflectGetPrototypeOf, 1, true);
3662  SimpleInstallFunction(isolate_, reflect, "has", Builtins::kReflectHas, 2,
3663  true);
3664  SimpleInstallFunction(isolate_, reflect, "isExtensible",
3665  Builtins::kReflectIsExtensible, 1, true);
3666  SimpleInstallFunction(isolate_, reflect, "ownKeys",
3667  Builtins::kReflectOwnKeys, 1, true);
3668  SimpleInstallFunction(isolate_, reflect, "preventExtensions",
3669  Builtins::kReflectPreventExtensions, 1, true);
3670  SimpleInstallFunction(isolate_, reflect, "set", Builtins::kReflectSet, 3,
3671  false);
3672  SimpleInstallFunction(isolate_, reflect, "setPrototypeOf",
3673  Builtins::kReflectSetPrototypeOf, 2, true);
3674  }
3675 
3676  { // --- B o u n d F u n c t i o n
3677  Handle<Map> map =
3678  factory->NewMap(JS_BOUND_FUNCTION_TYPE, JSBoundFunction::kSize,
3679  TERMINAL_FAST_ELEMENTS_KIND, 0);
3680  map->SetConstructor(native_context()->object_function());
3681  map->set_is_callable(true);
3682  Map::SetPrototype(isolate(), map, empty_function);
3683 
3684  PropertyAttributes roc_attribs =
3685  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY);
3686  Map::EnsureDescriptorSlack(isolate_, map, 2);
3687 
3688  { // length
3689  Descriptor d = Descriptor::AccessorConstant(
3690  factory->length_string(), factory->bound_function_length_accessor(),
3691  roc_attribs);
3692  map->AppendDescriptor(&d);
3693  }
3694 
3695  { // name
3696  Descriptor d = Descriptor::AccessorConstant(
3697  factory->name_string(), factory->bound_function_name_accessor(),
3698  roc_attribs);
3699  map->AppendDescriptor(&d);
3700  }
3701  native_context()->set_bound_function_without_constructor_map(*map);
3702 
3703  map = Map::Copy(isolate_, map, "IsConstructor");
3704  map->set_is_constructor(true);
3705  native_context()->set_bound_function_with_constructor_map(*map);
3706  }
3707 
3708  { // --- sloppy arguments map
3709  Handle<String> arguments_string = factory->Arguments_string();
3710  NewFunctionArgs args = NewFunctionArgs::ForBuiltinWithPrototype(
3711  arguments_string, isolate_->initial_object_prototype(),
3712  JS_ARGUMENTS_TYPE, JSSloppyArgumentsObject::kSize, 2,
3713  Builtins::kIllegal, MUTABLE);
3714  Handle<JSFunction> function = factory->NewFunction(args);
3715  Handle<Map> map(function->initial_map(), isolate());
3716 
3717  // Create the descriptor array for the arguments object.
3718  Map::EnsureDescriptorSlack(isolate_, map, 2);
3719 
3720  { // length
3721  Descriptor d =
3722  Descriptor::DataField(isolate(), factory->length_string(),
3723  JSSloppyArgumentsObject::kLengthIndex,
3724  DONT_ENUM, Representation::Tagged());
3725  map->AppendDescriptor(&d);
3726  }
3727  { // callee
3728  Descriptor d =
3729  Descriptor::DataField(isolate(), factory->callee_string(),
3730  JSSloppyArgumentsObject::kCalleeIndex,
3731  DONT_ENUM, Representation::Tagged());
3732  map->AppendDescriptor(&d);
3733  }
3734  // @@iterator method is added later.
3735 
3736  native_context()->set_sloppy_arguments_map(*map);
3737 
3738  DCHECK(!map->is_dictionary_map());
3739  DCHECK(IsObjectElementsKind(map->elements_kind()));
3740  }
3741 
3742  { // --- fast and slow aliased arguments map
3743  Handle<Map> map = isolate_->sloppy_arguments_map();
3744  map = Map::Copy(isolate_, map, "FastAliasedArguments");
3745  map->set_elements_kind(FAST_SLOPPY_ARGUMENTS_ELEMENTS);
3746  DCHECK_EQ(2, map->GetInObjectProperties());
3747  native_context()->set_fast_aliased_arguments_map(*map);
3748 
3749  map = Map::Copy(isolate_, map, "SlowAliasedArguments");
3750  map->set_elements_kind(SLOW_SLOPPY_ARGUMENTS_ELEMENTS);
3751  DCHECK_EQ(2, map->GetInObjectProperties());
3752  native_context()->set_slow_aliased_arguments_map(*map);
3753  }
3754 
3755  { // --- strict mode arguments map
3756  const PropertyAttributes attributes =
3757  static_cast<PropertyAttributes>(DONT_ENUM | DONT_DELETE | READ_ONLY);
3758 
3759  // Create the ThrowTypeError function.
3760  Handle<AccessorPair> callee = factory->NewAccessorPair();
3761 
3762  Handle<JSFunction> poison = GetThrowTypeErrorIntrinsic();
3763 
3764  // Install the ThrowTypeError function.
3765  callee->set_getter(*poison);
3766  callee->set_setter(*poison);
3767 
3768  // Create the map. Allocate one in-object field for length.
3769  Handle<Map> map = factory->NewMap(
3770  JS_ARGUMENTS_TYPE, JSStrictArgumentsObject::kSize, PACKED_ELEMENTS, 1);
3771  // Create the descriptor array for the arguments object.
3772  Map::EnsureDescriptorSlack(isolate_, map, 2);
3773 
3774  { // length
3775  Descriptor d =
3776  Descriptor::DataField(isolate(), factory->length_string(),
3777  JSStrictArgumentsObject::kLengthIndex,
3778  DONT_ENUM, Representation::Tagged());
3779  map->AppendDescriptor(&d);
3780  }
3781  { // callee
3782  Descriptor d = Descriptor::AccessorConstant(factory->callee_string(),
3783  callee, attributes);
3784  map->AppendDescriptor(&d);
3785  }
3786  // @@iterator method is added later.
3787 
3788  DCHECK_EQ(native_context()->object_function()->prototype(),
3789  *isolate_->initial_object_prototype());
3790  Map::SetPrototype(isolate(), map, isolate_->initial_object_prototype());
3791 
3792  // Copy constructor from the sloppy arguments boilerplate.
3793  map->SetConstructor(
3794  native_context()->sloppy_arguments_map()->GetConstructor());
3795 
3796  native_context()->set_strict_arguments_map(*map);
3797 
3798  DCHECK(!map->is_dictionary_map());
3799  DCHECK(IsObjectElementsKind(map->elements_kind()));
3800  }
3801 
3802  { // --- context extension
3803  // Create a function for the context extension objects.
3804  Handle<JSFunction> context_extension_fun =
3805  CreateFunction(isolate_, factory->empty_string(),
3806  JS_CONTEXT_EXTENSION_OBJECT_TYPE, JSObject::kHeaderSize,
3807  0, factory->the_hole_value(), Builtins::kIllegal);
3808  native_context()->set_context_extension_function(*context_extension_fun);
3809  }
3810 
3811  {
3812  // Set up the call-as-function delegate.
3813  Handle<JSFunction> delegate =
3814  SimpleCreateFunction(isolate_, factory->empty_string(),
3815  Builtins::kHandleApiCallAsFunction, 0, false);
3816  native_context()->set_call_as_function_delegate(*delegate);
3817  }
3818 
3819  {
3820  // Set up the call-as-constructor delegate.
3821  Handle<JSFunction> delegate =
3822  SimpleCreateFunction(isolate_, factory->empty_string(),
3823  Builtins::kHandleApiCallAsConstructor, 0, false);
3824  native_context()->set_call_as_constructor_delegate(*delegate);
3825  }
3826 } // NOLINT(readability/fn_size)
3827 
3828 Handle<JSFunction> Genesis::InstallTypedArray(const char* name,
3829  ElementsKind elements_kind) {
3830  Handle<JSObject> global =
3831  Handle<JSObject>(native_context()->global_object(), isolate());
3832 
3833  Handle<JSObject> typed_array_prototype = isolate()->typed_array_prototype();
3834  Handle<JSFunction> typed_array_function = isolate()->typed_array_function();
3835 
3836  Handle<JSFunction> result = InstallFunction(
3837  isolate(), global, name, JS_TYPED_ARRAY_TYPE,
3838  JSTypedArray::kSizeWithEmbedderFields, 0, factory()->the_hole_value(),
3839  Builtins::kTypedArrayConstructor);
3840  result->initial_map()->set_elements_kind(elements_kind);
3841 
3842  result->shared()->DontAdaptArguments();
3843  result->shared()->set_length(3);
3844 
3845  CHECK(JSObject::SetPrototype(result, typed_array_function, false, kDontThrow)
3846  .FromJust());
3847 
3848  Handle<Smi> bytes_per_element(
3849  Smi::FromInt(1 << ElementsKindToShiftSize(elements_kind)), isolate());
3850 
3851  InstallConstant(isolate(), result, "BYTES_PER_ELEMENT", bytes_per_element);
3852 
3853  // Setup prototype object.
3854  DCHECK(result->prototype()->IsJSObject());
3855  Handle<JSObject> prototype(JSObject::cast(result->prototype()), isolate());
3856 
3857  CHECK(JSObject::SetPrototype(prototype, typed_array_prototype, false,
3858  kDontThrow)
3859  .FromJust());
3860 
3861  InstallConstant(isolate(), prototype, "BYTES_PER_ELEMENT", bytes_per_element);
3862  return result;
3863 }
3864 
3865 
3866 void Genesis::InitializeExperimentalGlobal() {
3867 #define FEATURE_INITIALIZE_GLOBAL(id, descr) InitializeGlobal_##id();
3868 
3869  HARMONY_INPROGRESS(FEATURE_INITIALIZE_GLOBAL)
3870  HARMONY_STAGED(FEATURE_INITIALIZE_GLOBAL)
3871  HARMONY_SHIPPING(FEATURE_INITIALIZE_GLOBAL)
3872 #undef FEATURE_INITIALIZE_GLOBAL
3873 }
3874 
3875 bool Bootstrapper::CompileBuiltin(Isolate* isolate, int index) {
3876  Vector<const char> name = Natives::GetScriptName(index);
3877  Handle<String> source_code =
3878  isolate->bootstrapper()->GetNativeSource(CORE, index);
3879 
3880  // We pass in extras_utils so that builtin code can set it up for later use
3881  // by actual extras code, compiled with CompileExtraBuiltin.
3882  Handle<Object> global = isolate->global_object();
3883  Handle<Object> utils = isolate->natives_utils_object();
3884  Handle<Object> extras_utils = isolate->extras_utils_object();
3885  Handle<Object> args[] = {global, utils, extras_utils};
3886 
3887  return Bootstrapper::CompileNative(isolate, name, source_code,
3888  arraysize(args), args, NATIVES_CODE);
3889 }
3890 
3891 
3892 bool Bootstrapper::CompileExtraBuiltin(Isolate* isolate, int index) {
3893  HandleScope scope(isolate);
3894  Vector<const char> name = ExtraNatives::GetScriptName(index);
3895  Handle<String> source_code =
3896  isolate->bootstrapper()->GetNativeSource(EXTRAS, index);
3897  Handle<Object> global = isolate->global_object();
3898  Handle<Object> binding = isolate->extras_binding_object();
3899  Handle<Object> extras_utils = isolate->extras_utils_object();
3900  Handle<Object> args[] = {global, binding, extras_utils};
3901  return Bootstrapper::CompileNative(isolate, name, source_code,
3902  arraysize(args), args, EXTENSION_CODE);
3903 }
3904 
3905 
3906 bool Bootstrapper::CompileExperimentalExtraBuiltin(Isolate* isolate,
3907  int index) {
3908  HandleScope scope(isolate);
3909  Vector<const char> name = ExperimentalExtraNatives::GetScriptName(index);
3910  Handle<String> source_code =
3911  isolate->bootstrapper()->GetNativeSource(EXPERIMENTAL_EXTRAS, index);
3912  Handle<Object> global = isolate->global_object();
3913  Handle<Object> binding = isolate->extras_binding_object();
3914  Handle<Object> extras_utils = isolate->extras_utils_object();
3915  Handle<Object> args[] = {global, binding, extras_utils};
3916  return Bootstrapper::CompileNative(isolate, name, source_code,
3917  arraysize(args), args, EXTENSION_CODE);
3918 }
3919 
3920 bool Bootstrapper::CompileNative(Isolate* isolate, Vector<const char> name,
3921  Handle<String> source, int argc,
3922  Handle<Object> argv[],
3923  NativesFlag natives_flag) {
3924  SuppressDebug compiling_natives(isolate->debug());
3925 
3926  Handle<Context> context(isolate->context(), isolate);
3927  Handle<String> script_name =
3928  isolate->factory()->NewStringFromUtf8(name).ToHandleChecked();
3929  MaybeHandle<SharedFunctionInfo> maybe_function_info =
3930  Compiler::GetSharedFunctionInfoForScript(
3931  isolate, source, Compiler::ScriptDetails(script_name),
3932  ScriptOriginOptions(), nullptr, nullptr,
3933  ScriptCompiler::kNoCompileOptions, ScriptCompiler::kNoCacheNoReason,
3934  natives_flag);
3935  Handle<SharedFunctionInfo> function_info;
3936  if (!maybe_function_info.ToHandle(&function_info)) return false;
3937 
3938  DCHECK(context->IsNativeContext());
3939 
3940  Handle<JSFunction> fun =
3941  isolate->factory()->NewFunctionFromSharedFunctionInfo(function_info,
3942  context);
3943  Handle<Object> receiver = isolate->factory()->undefined_value();
3944 
3945  // For non-extension scripts, run script to get the function wrapper.
3946  Handle<Object> wrapper;
3947  if (!Execution::TryCall(isolate, fun, receiver, 0, nullptr,
3948  Execution::MessageHandling::kKeepPending, nullptr)
3949  .ToHandle(&wrapper)) {
3950  return false;
3951  }
3952  // Then run the function wrapper.
3953  return !Execution::TryCall(isolate, Handle<JSFunction>::cast(wrapper),
3954  receiver, argc, argv,
3955  Execution::MessageHandling::kKeepPending, nullptr)
3956  .is_null();
3957 }
3958 
3959 
3960 bool Genesis::CallUtilsFunction(Isolate* isolate, const char* name) {
3961  Handle<JSObject> utils =
3962  Handle<JSObject>::cast(isolate->natives_utils_object());
3963  Handle<String> name_string = isolate->factory()->InternalizeUtf8String(name);
3964  Handle<Object> fun = JSObject::GetDataProperty(utils, name_string);
3965  Handle<Object> receiver = isolate->factory()->undefined_value();
3966  Handle<Object> args[] = {utils};
3967  return !Execution::TryCall(isolate, fun, receiver, 1, args,
3968  Execution::MessageHandling::kKeepPending, nullptr)
3969  .is_null();
3970 }
3971 
3972 
3973 bool Genesis::CompileExtension(Isolate* isolate, v8::Extension* extension) {
3974  Factory* factory = isolate->factory();
3975  HandleScope scope(isolate);
3976  Handle<SharedFunctionInfo> function_info;
3977 
3978  Handle<String> source =
3979  isolate->factory()
3980  ->NewExternalStringFromOneByte(extension->source())
3981  .ToHandleChecked();
3982  DCHECK(source->IsOneByteRepresentation());
3983 
3984  // If we can't find the function in the cache, we compile a new
3985  // function and insert it into the cache.
3986  Vector<const char> name = CStrVector(extension->name());
3987  SourceCodeCache* cache = isolate->bootstrapper()->extensions_cache();
3988  Handle<Context> context(isolate->context(), isolate);
3989  DCHECK(context->IsNativeContext());
3990 
3991  if (!cache->Lookup(isolate, name, &function_info)) {
3992  Handle<String> script_name =
3993  factory->NewStringFromUtf8(name).ToHandleChecked();
3994  MaybeHandle<SharedFunctionInfo> maybe_function_info =
3995  Compiler::GetSharedFunctionInfoForScript(
3996  isolate, source, Compiler::ScriptDetails(script_name),
3997  ScriptOriginOptions(), extension, nullptr,
3998  ScriptCompiler::kNoCompileOptions,
3999  ScriptCompiler::kNoCacheBecauseV8Extension, EXTENSION_CODE);
4000  if (!maybe_function_info.ToHandle(&function_info)) return false;
4001  cache->Add(isolate, name, function_info);
4002  }
4003 
4004  // Set up the function context. Conceptually, we should clone the
4005  // function before overwriting the context but since we're in a
4006  // single-threaded environment it is not strictly necessary.
4007  Handle<JSFunction> fun =
4008  factory->NewFunctionFromSharedFunctionInfo(function_info, context);
4009 
4010  // Call function using either the runtime object or the global
4011  // object as the receiver. Provide no parameters.
4012  Handle<Object> receiver = isolate->global_object();
4013  return !Execution::TryCall(isolate, fun, receiver, 0, nullptr,
4014  Execution::MessageHandling::kKeepPending, nullptr)
4015  .is_null();
4016 }
4017 
4018 static Handle<JSObject> ResolveBuiltinIdHolder(Isolate* isolate,
4019  Handle<Context> native_context,
4020  const char* holder_expr) {
4021  Factory* factory = isolate->factory();
4022  Handle<JSGlobalObject> global(native_context->global_object(), isolate);
4023  const char* period_pos = strchr(holder_expr, '.');
4024  if (period_pos == nullptr) {
4025  return Handle<JSObject>::cast(
4026  Object::GetPropertyOrElement(
4027  isolate, global, factory->InternalizeUtf8String(holder_expr))
4028  .ToHandleChecked());
4029  }
4030  const char* inner = period_pos + 1;
4031  DCHECK(!strchr(inner, '.'));
4032  Vector<const char> property(holder_expr,
4033  static_cast<int>(period_pos - holder_expr));
4034  Handle<String> property_string = factory->InternalizeUtf8String(property);
4035  DCHECK(!property_string.is_null());
4036  Handle<JSObject> object = Handle<JSObject>::cast(
4037  JSReceiver::GetProperty(isolate, global, property_string)
4038  .ToHandleChecked());
4039  if (strcmp("prototype", inner) == 0) {
4040  Handle<JSFunction> function = Handle<JSFunction>::cast(object);
4041  return Handle<JSObject>(JSObject::cast(function->prototype()), isolate);
4042  }
4043  Handle<String> inner_string = factory->InternalizeUtf8String(inner);
4044  DCHECK(!inner_string.is_null());
4045  Handle<Object> value =
4046  JSReceiver::GetProperty(isolate, object, inner_string).ToHandleChecked();
4047  return Handle<JSObject>::cast(value);
4048 }
4049 
4050 void Genesis::ConfigureUtilsObject(GlobalContextType context_type) {
4051  switch (context_type) {
4052  // We still need the utils object to find debug functions.
4053  case DEBUG_CONTEXT:
4054  return;
4055  // Expose the natives in global if a valid name for it is specified.
4056  case FULL_CONTEXT: {
4057  // We still need the utils object after deserialization.
4058  if (isolate()->serializer_enabled()) return;
4059  if (FLAG_expose_natives_as == nullptr) break;
4060  if (strlen(FLAG_expose_natives_as) == 0) break;
4061  HandleScope scope(isolate());
4062  Handle<String> natives_key =
4063  factory()->InternalizeUtf8String(FLAG_expose_natives_as);
4064  uint32_t dummy_index;
4065  if (natives_key->AsArrayIndex(&dummy_index)) break;
4066  Handle<Object> utils = isolate()->natives_utils_object();
4067  Handle<JSObject> global = isolate()->global_object();
4068  JSObject::AddProperty(isolate(), global, natives_key, utils, DONT_ENUM);
4069  break;
4070  }
4071  }
4072 
4073  // The utils object can be removed for cases that reach this point.
4074  HeapObject* undefined = ReadOnlyRoots(heap()).undefined_value();
4075  native_context()->set_natives_utils_object(undefined);
4076  native_context()->set_extras_utils_object(undefined);
4077 }
4078 
4079 
4080 void Bootstrapper::ExportFromRuntime(Isolate* isolate,
4081  Handle<JSObject> container) {
4082  Factory* factory = isolate->factory();
4083  HandleScope scope(isolate);
4084  Handle<NativeContext> native_context = isolate->native_context();
4085 #define EXPORT_PRIVATE_SYMBOL(_, NAME) \
4086  Handle<String> NAME##_name = factory->InternalizeUtf8String(#NAME); \
4087  JSObject::AddProperty(isolate, container, NAME##_name, factory->NAME(), NONE);
4088  PRIVATE_SYMBOL_LIST_GENERATOR(EXPORT_PRIVATE_SYMBOL, /* not used */)
4089 #undef EXPORT_PRIVATE_SYMBOL
4090 
4091 #define EXPORT_PUBLIC_SYMBOL(_, NAME, DESCRIPTION) \
4092  Handle<String> NAME##_name = factory->InternalizeUtf8String(#NAME); \
4093  JSObject::AddProperty(isolate, container, NAME##_name, factory->NAME(), NONE);
4094  PUBLIC_SYMBOL_LIST_GENERATOR(EXPORT_PUBLIC_SYMBOL, /* not used */)
4095  WELL_KNOWN_SYMBOL_LIST_GENERATOR(EXPORT_PUBLIC_SYMBOL, /* not used */)
4096 #undef EXPORT_PUBLIC_SYMBOL
4097 
4098  Handle<JSObject> iterator_prototype(
4099  native_context->initial_iterator_prototype(), isolate);
4100 
4101  JSObject::AddProperty(isolate, container,
4102  factory->InternalizeUtf8String("IteratorPrototype"),
4103  iterator_prototype, NONE);
4104 
4105  {
4106  PrototypeIterator iter(isolate, native_context->generator_function_map());
4107  Handle<JSObject> generator_function_prototype(iter.GetCurrent<JSObject>(),
4108  isolate);
4109 
4110  JSObject::AddProperty(
4111  isolate, container,
4112  factory->InternalizeUtf8String("GeneratorFunctionPrototype"),
4113  generator_function_prototype, NONE);
4114 
4115  Handle<JSFunction> generator_function_function = InstallFunction(
4116  isolate, container, "GeneratorFunction", JS_FUNCTION_TYPE,
4117  JSFunction::kSizeWithPrototype, 0, generator_function_prototype,
4118  Builtins::kGeneratorFunctionConstructor);
4119  generator_function_function->set_prototype_or_initial_map(
4120  native_context->generator_function_map());
4121  generator_function_function->shared()->DontAdaptArguments();
4122  generator_function_function->shared()->set_length(1);
4123  InstallWithIntrinsicDefaultProto(
4124  isolate, generator_function_function,
4125  Context::GENERATOR_FUNCTION_FUNCTION_INDEX);
4126 
4127  JSObject::ForceSetPrototype(generator_function_function,
4128  isolate->function_function());
4129  JSObject::AddProperty(
4130  isolate, generator_function_prototype, factory->constructor_string(),
4131  generator_function_function,
4132  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4133 
4134  native_context->generator_function_map()->SetConstructor(
4135  *generator_function_function);
4136  }
4137 
4138  {
4139  PrototypeIterator iter(isolate,
4140  native_context->async_generator_function_map());
4141  Handle<JSObject> async_generator_function_prototype(
4142  iter.GetCurrent<JSObject>(), isolate);
4143 
4144  Handle<JSFunction> async_generator_function_function = InstallFunction(
4145  isolate, container, "AsyncGeneratorFunction", JS_FUNCTION_TYPE,
4146  JSFunction::kSizeWithPrototype, 0, async_generator_function_prototype,
4147  Builtins::kAsyncGeneratorFunctionConstructor);
4148  async_generator_function_function->set_prototype_or_initial_map(
4149  native_context->async_generator_function_map());
4150  async_generator_function_function->shared()->DontAdaptArguments();
4151  async_generator_function_function->shared()->set_length(1);
4152  InstallWithIntrinsicDefaultProto(
4153  isolate, async_generator_function_function,
4154  Context::ASYNC_GENERATOR_FUNCTION_FUNCTION_INDEX);
4155 
4156  JSObject::ForceSetPrototype(async_generator_function_function,
4157  isolate->function_function());
4158 
4159  JSObject::AddProperty(
4160  isolate, async_generator_function_prototype,
4161  factory->constructor_string(), async_generator_function_function,
4162  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4163 
4164  native_context->async_generator_function_map()->SetConstructor(
4165  *async_generator_function_function);
4166  }
4167 
4168  { // -- S e t I t e r a t o r
4169  Handle<String> name = factory->SetIterator_string();
4170 
4171  // Setup %SetIteratorPrototype%.
4172  Handle<JSObject> prototype =
4173  factory->NewJSObject(isolate->object_function(), TENURED);
4174  JSObject::ForceSetPrototype(prototype, iterator_prototype);
4175 
4176  // Install the @@toStringTag property on the {prototype}.
4177  JSObject::AddProperty(
4178  isolate, prototype, factory->to_string_tag_symbol(), name,
4179  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4180 
4181  // Install the next function on the {prototype}.
4182  InstallFunctionWithBuiltinId(isolate, prototype, "next",
4183  Builtins::kSetIteratorPrototypeNext, 0, true,
4184  BuiltinFunctionId::kSetIteratorNext);
4185  native_context->set_initial_set_iterator_prototype(*prototype);
4186 
4187  // Setup SetIterator constructor.
4188  Handle<JSFunction> set_iterator_function = InstallFunction(
4189  isolate, container, "SetIterator", JS_SET_VALUE_ITERATOR_TYPE,
4190  JSSetIterator::kSize, 0, prototype, Builtins::kIllegal);
4191  set_iterator_function->shared()->set_native(false);
4192 
4193  Handle<Map> set_value_iterator_map(set_iterator_function->initial_map(),
4194  isolate);
4195  native_context->set_set_value_iterator_map(*set_value_iterator_map);
4196 
4197  Handle<Map> set_key_value_iterator_map = Map::Copy(
4198  isolate, set_value_iterator_map, "JS_SET_KEY_VALUE_ITERATOR_TYPE");
4199  set_key_value_iterator_map->set_instance_type(
4200  JS_SET_KEY_VALUE_ITERATOR_TYPE);
4201  native_context->set_set_key_value_iterator_map(*set_key_value_iterator_map);
4202  }
4203 
4204  { // -- M a p I t e r a t o r
4205  Handle<String> name = factory->MapIterator_string();
4206 
4207  // Setup %MapIteratorPrototype%.
4208  Handle<JSObject> prototype =
4209  factory->NewJSObject(isolate->object_function(), TENURED);
4210  JSObject::ForceSetPrototype(prototype, iterator_prototype);
4211 
4212  // Install the @@toStringTag property on the {prototype}.
4213  JSObject::AddProperty(
4214  isolate, prototype, factory->to_string_tag_symbol(), name,
4215  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4216 
4217  // Install the next function on the {prototype}.
4218  InstallFunctionWithBuiltinId(isolate, prototype, "next",
4219  Builtins::kMapIteratorPrototypeNext, 0, true,
4220  BuiltinFunctionId::kMapIteratorNext);
4221  native_context->set_initial_map_iterator_prototype(*prototype);
4222 
4223  // Setup MapIterator constructor.
4224  Handle<JSFunction> map_iterator_function = InstallFunction(
4225  isolate, container, "MapIterator", JS_MAP_KEY_ITERATOR_TYPE,
4226  JSMapIterator::kSize, 0, prototype, Builtins::kIllegal);
4227  map_iterator_function->shared()->set_native(false);
4228 
4229  Handle<Map> map_key_iterator_map(map_iterator_function->initial_map(),
4230  isolate);
4231  native_context->set_map_key_iterator_map(*map_key_iterator_map);
4232 
4233  Handle<Map> map_key_value_iterator_map = Map::Copy(
4234  isolate, map_key_iterator_map, "JS_MAP_KEY_VALUE_ITERATOR_TYPE");
4235  map_key_value_iterator_map->set_instance_type(
4236  JS_MAP_KEY_VALUE_ITERATOR_TYPE);
4237  native_context->set_map_key_value_iterator_map(*map_key_value_iterator_map);
4238 
4239  Handle<Map> map_value_iterator_map =
4240  Map::Copy(isolate, map_key_iterator_map, "JS_MAP_VALUE_ITERATOR_TYPE");
4241  map_value_iterator_map->set_instance_type(JS_MAP_VALUE_ITERATOR_TYPE);
4242  native_context->set_map_value_iterator_map(*map_value_iterator_map);
4243  }
4244 
4245  { // -- A s y n c F u n c t i o n
4246  // Builtin functions for AsyncFunction.
4247  PrototypeIterator iter(isolate, native_context->async_function_map());
4248  Handle<JSObject> async_function_prototype(iter.GetCurrent<JSObject>(),
4249  isolate);
4250 
4251  Handle<JSFunction> async_function_constructor = InstallFunction(
4252  isolate, container, "AsyncFunction", JS_FUNCTION_TYPE,
4253  JSFunction::kSizeWithPrototype, 0, async_function_prototype,
4254  Builtins::kAsyncFunctionConstructor);
4255  async_function_constructor->set_prototype_or_initial_map(
4256  native_context->async_function_map());
4257  async_function_constructor->shared()->DontAdaptArguments();
4258  async_function_constructor->shared()->set_length(1);
4259  native_context->set_async_function_constructor(*async_function_constructor);
4260  JSObject::ForceSetPrototype(async_function_constructor,
4261  isolate->function_function());
4262 
4263  JSObject::AddProperty(
4264  isolate, async_function_prototype, factory->constructor_string(),
4265  async_function_constructor,
4266  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4267 
4268  JSFunction::SetPrototype(async_function_constructor,
4269  async_function_prototype);
4270 
4271  // Async functions don't have a prototype, but they use generator objects
4272  // under the hood to model the suspend/resume (in await). Instead of using
4273  // the "prototype" / initial_map machinery (like for (async) generators),
4274  // there's one global (per native context) map here that is used for the
4275  // async function generator objects. These objects never escape to user
4276  // JavaScript anyways.
4277  Handle<Map> async_function_object_map = factory->NewMap(
4278  JS_ASYNC_FUNCTION_OBJECT_TYPE, JSAsyncFunctionObject::kSize);
4279  native_context->set_async_function_object_map(*async_function_object_map);
4280 
4281  {
4282  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
4283  isolate, Builtins::kAsyncFunctionAwaitRejectClosure,
4284  factory->empty_string(), 1);
4285  native_context->set_async_function_await_reject_shared_fun(*info);
4286  }
4287 
4288  {
4289  Handle<SharedFunctionInfo> info = SimpleCreateSharedFunctionInfo(
4290  isolate, Builtins::kAsyncFunctionAwaitResolveClosure,
4291  factory->empty_string(), 1);
4292  native_context->set_async_function_await_resolve_shared_fun(*info);
4293  }
4294  }
4295 
4296  { // -- C a l l S i t e
4297  // Builtin functions for CallSite.
4298 
4299  // CallSites are a special case; the constructor is for our private use
4300  // only, therefore we set it up as a builtin that throws. Internally, we use
4301  // CallSiteUtils::Construct to create CallSite objects.
4302 
4303  Handle<JSFunction> callsite_fun = InstallFunction(
4304  isolate, container, "CallSite", JS_OBJECT_TYPE, JSObject::kHeaderSize,
4305  0, factory->the_hole_value(), Builtins::kUnsupportedThrower);
4306  callsite_fun->shared()->DontAdaptArguments();
4307  isolate->native_context()->set_callsite_function(*callsite_fun);
4308 
4309  {
4310  // Setup CallSite.prototype.
4311  Handle<JSObject> prototype(
4312  JSObject::cast(callsite_fun->instance_prototype()), isolate);
4313 
4314  struct FunctionInfo {
4315  const char* name;
4316  Builtins::Name id;
4317  };
4318 
4319  FunctionInfo infos[] = {
4320  {"getColumnNumber", Builtins::kCallSitePrototypeGetColumnNumber},
4321  {"getEvalOrigin", Builtins::kCallSitePrototypeGetEvalOrigin},
4322  {"getFileName", Builtins::kCallSitePrototypeGetFileName},
4323  {"getFunction", Builtins::kCallSitePrototypeGetFunction},
4324  {"getFunctionName", Builtins::kCallSitePrototypeGetFunctionName},
4325  {"getLineNumber", Builtins::kCallSitePrototypeGetLineNumber},
4326  {"getMethodName", Builtins::kCallSitePrototypeGetMethodName},
4327  {"getPosition", Builtins::kCallSitePrototypeGetPosition},
4328  {"getPromiseIndex", Builtins::kCallSitePrototypeGetPromiseIndex},
4329  {"getScriptNameOrSourceURL",
4330  Builtins::kCallSitePrototypeGetScriptNameOrSourceURL},
4331  {"getThis", Builtins::kCallSitePrototypeGetThis},
4332  {"getTypeName", Builtins::kCallSitePrototypeGetTypeName},
4333  {"isAsync", Builtins::kCallSitePrototypeIsAsync},
4334  {"isConstructor", Builtins::kCallSitePrototypeIsConstructor},
4335  {"isEval", Builtins::kCallSitePrototypeIsEval},
4336  {"isNative", Builtins::kCallSitePrototypeIsNative},
4337  {"isPromiseAll", Builtins::kCallSitePrototypeIsPromiseAll},
4338  {"isToplevel", Builtins::kCallSitePrototypeIsToplevel},
4339  {"toString", Builtins::kCallSitePrototypeToString}};
4340 
4341  PropertyAttributes attrs =
4342  static_cast<PropertyAttributes>(DONT_ENUM | DONT_DELETE | READ_ONLY);
4343 
4344  Handle<JSFunction> fun;
4345  for (const FunctionInfo& info : infos) {
4346  SimpleInstallFunction(isolate, prototype, info.name, info.id, 0, true,
4347  attrs);
4348  }
4349  }
4350  }
4351 }
4352 
4353 
4354 #define EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(id) \
4355  void Genesis::InitializeGlobal_##id() {}
4356 
4357 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_namespace_exports)
4358 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_public_fields)
4359 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_private_fields)
4360 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_private_methods)
4361 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_static_fields)
4362 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_class_fields)
4363 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_dynamic_import)
4364 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_import_meta)
4365 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_numeric_separator)
4366 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_json_stringify)
4367 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_regexp_sequence)
4368 EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE(harmony_await_optimization)
4369 
4370 #undef EMPTY_INITIALIZE_GLOBAL_FOR_FEATURE
4371 
4372 void Genesis::InitializeGlobal_harmony_global() {
4373  if (!FLAG_harmony_global) return;
4374 
4375  Factory* factory = isolate()->factory();
4376  Handle<JSGlobalObject> global(native_context()->global_object(), isolate());
4377  Handle<JSGlobalProxy> global_proxy(native_context()->global_proxy(),
4378  isolate());
4379  JSObject::AddProperty(isolate_, global, factory->globalThis_string(),
4380  global_proxy, DONT_ENUM);
4381 }
4382 
4383 void Genesis::InitializeGlobal_harmony_sharedarraybuffer() {
4384  if (!FLAG_harmony_sharedarraybuffer) return;
4385 
4386  Handle<JSGlobalObject> global(native_context()->global_object(), isolate());
4387  Factory* factory = isolate()->factory();
4388 
4389  {
4390  Handle<String> name = factory->InternalizeUtf8String("SharedArrayBuffer");
4391  JSObject::AddProperty(isolate_, global, name,
4392  isolate()->shared_array_buffer_fun(), DONT_ENUM);
4393  }
4394 
4395  {
4396  Handle<String> name = factory->InternalizeUtf8String("Atomics");
4397  JSObject::AddProperty(isolate_, global, name, isolate()->atomics_object(),
4398  DONT_ENUM);
4399  JSObject::AddProperty(
4400  isolate_, isolate()->atomics_object(), factory->to_string_tag_symbol(),
4401  name, static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4402  }
4403 }
4404 
4405 void Genesis::InitializeGlobal_harmony_array_prototype_values() {
4406  if (!FLAG_harmony_array_prototype_values) return;
4407  Handle<JSFunction> array_constructor(native_context()->array_function(),
4408  isolate());
4409  Handle<JSObject> array_prototype(
4410  JSObject::cast(array_constructor->instance_prototype()), isolate());
4411  Handle<Object> values_iterator =
4412  JSObject::GetProperty(isolate(), array_prototype,
4413  factory()->iterator_symbol())
4414  .ToHandleChecked();
4415  DCHECK(values_iterator->IsJSFunction());
4416  JSObject::AddProperty(isolate(), array_prototype, factory()->values_string(),
4417  values_iterator, DONT_ENUM);
4418 
4419  Handle<Object> unscopables =
4420  JSObject::GetProperty(isolate(), array_prototype,
4421  factory()->unscopables_symbol())
4422  .ToHandleChecked();
4423  DCHECK(unscopables->IsJSObject());
4424  JSObject::AddProperty(isolate(), Handle<JSObject>::cast(unscopables),
4425  factory()->values_string(), factory()->true_value(),
4426  NONE);
4427 }
4428 
4429 void Genesis::InitializeGlobal_harmony_array_flat() {
4430  if (!FLAG_harmony_array_flat) return;
4431  Handle<JSFunction> array_constructor(native_context()->array_function(),
4432  isolate());
4433  Handle<JSObject> array_prototype(
4434  JSObject::cast(array_constructor->instance_prototype()), isolate());
4435  SimpleInstallFunction(isolate(), array_prototype, "flat",
4436  Builtins::kArrayPrototypeFlat, 0, false, DONT_ENUM);
4437  SimpleInstallFunction(isolate(), array_prototype, "flatMap",
4438  Builtins::kArrayPrototypeFlatMap, 1, false, DONT_ENUM);
4439 }
4440 
4441 void Genesis::InitializeGlobal_harmony_symbol_description() {
4442  if (!FLAG_harmony_symbol_description) return;
4443 
4444  // Symbol.prototype.description
4445  Handle<JSFunction> symbol_fun(native_context()->symbol_function(), isolate());
4446  Handle<JSObject> symbol_prototype(
4447  JSObject::cast(symbol_fun->instance_prototype()), isolate());
4448  SimpleInstallGetter(isolate(), symbol_prototype,
4449  factory()->InternalizeUtf8String("description"),
4450  Builtins::kSymbolPrototypeDescriptionGetter, true);
4451 }
4452 
4453 void Genesis::InitializeGlobal_harmony_string_matchall() {
4454  if (!FLAG_harmony_string_matchall) return;
4455 
4456  { // String.prototype.matchAll
4457  Handle<JSFunction> string_fun(native_context()->string_function(),
4458  isolate());
4459  Handle<JSObject> string_prototype(
4460  JSObject::cast(string_fun->instance_prototype()), isolate());
4461 
4462  SimpleInstallFunction(isolate(), string_prototype, "matchAll",
4463  Builtins::kStringPrototypeMatchAll, 1, true);
4464  }
4465 
4466  { // RegExp.prototype[@@matchAll]
4467  Handle<JSFunction> regexp_fun(native_context()->regexp_function(),
4468  isolate());
4469  Handle<JSObject> regexp_prototype(
4470  JSObject::cast(regexp_fun->instance_prototype()), isolate());
4471  InstallFunctionAtSymbol(isolate(), regexp_prototype,
4472  factory()->match_all_symbol(), "[Symbol.matchAll]",
4473  Builtins::kRegExpPrototypeMatchAll, 1, true);
4474  Handle<Map> regexp_prototype_map(regexp_prototype->map(), isolate());
4475  Map::SetShouldBeFastPrototypeMap(regexp_prototype_map, true, isolate());
4476  native_context()->set_regexp_prototype_map(*regexp_prototype_map);
4477  DCHECK_EQ(JSRegExp::kSymbolMatchAllFunctionDescriptorIndex,
4478  regexp_prototype->map()->LastAdded());
4479  }
4480 
4481  { // --- R e g E x p S t r i n g I t e r a t o r ---
4482  Handle<JSObject> iterator_prototype(
4483  native_context()->initial_iterator_prototype(), isolate());
4484 
4485  Handle<JSObject> regexp_string_iterator_prototype =
4486  factory()->NewJSObject(isolate()->object_function(), TENURED);
4487  JSObject::ForceSetPrototype(regexp_string_iterator_prototype,
4488  iterator_prototype);
4489 
4490  JSObject::AddProperty(
4491  isolate(), regexp_string_iterator_prototype,
4492  factory()->to_string_tag_symbol(),
4493  factory()->InternalizeUtf8String("RegExp String Iterator"),
4494  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4495 
4496  SimpleInstallFunction(isolate(), regexp_string_iterator_prototype, "next",
4497  Builtins::kRegExpStringIteratorPrototypeNext, 0,
4498  true);
4499 
4500  Handle<JSFunction> regexp_string_iterator_function = CreateFunction(
4501  isolate(), factory()->InternalizeUtf8String("RegExpStringIterator"),
4502  JS_REGEXP_STRING_ITERATOR_TYPE, JSRegExpStringIterator::kSize, 0,
4503  regexp_string_iterator_prototype, Builtins::kIllegal);
4504  regexp_string_iterator_function->shared()->set_native(false);
4505  native_context()->set_initial_regexp_string_iterator_prototype_map(
4506  regexp_string_iterator_function->initial_map());
4507  }
4508 
4509  { // @@matchAll Symbol
4510  Handle<JSFunction> symbol_fun(native_context()->symbol_function(),
4511  isolate());
4512  InstallConstant(isolate(), symbol_fun, "matchAll",
4513  factory()->match_all_symbol());
4514  }
4515 }
4516 
4517 void Genesis::InitializeGlobal_harmony_weak_refs() {
4518  if (!FLAG_harmony_weak_refs) return;
4519 
4520  Factory* factory = isolate()->factory();
4521  Handle<JSGlobalObject> global(native_context()->global_object(), isolate());
4522 
4523  {
4524  // Create %WeakFactoryPrototype%
4525  Handle<String> weak_factory_name = factory->WeakFactory_string();
4526  Handle<JSObject> weak_factory_prototype =
4527  factory->NewJSObject(isolate()->object_function(), TENURED);
4528 
4529  // Create %WeakFactory%
4530  Handle<JSFunction> weak_factory_fun =
4531  CreateFunction(isolate(), weak_factory_name, JS_WEAK_FACTORY_TYPE,
4532  JSWeakFactory::kSize, 0, weak_factory_prototype,
4533  Builtins::kWeakFactoryConstructor);
4534 
4535  weak_factory_fun->shared()->DontAdaptArguments();
4536  weak_factory_fun->shared()->set_length(1);
4537 
4538  // Install the "constructor" property on the prototype.
4539  JSObject::AddProperty(isolate(), weak_factory_prototype,
4540  factory->constructor_string(), weak_factory_fun,
4541  DONT_ENUM);
4542 
4543  JSObject::AddProperty(
4544  isolate(), weak_factory_prototype, factory->to_string_tag_symbol(),
4545  weak_factory_name,
4546  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4547 
4548  JSObject::AddProperty(isolate(), global, weak_factory_name,
4549  weak_factory_fun, DONT_ENUM);
4550 
4551  SimpleInstallFunction(isolate(), weak_factory_prototype, "makeCell",
4552  Builtins::kWeakFactoryMakeCell, 2, false);
4553 
4554  SimpleInstallFunction(isolate(), weak_factory_prototype, "makeRef",
4555  Builtins::kWeakFactoryMakeRef, 2, false);
4556 
4557  SimpleInstallFunction(isolate(), weak_factory_prototype, "cleanupSome",
4558  Builtins::kWeakFactoryCleanupSome, 0, false);
4559  }
4560  {
4561  // Create %WeakCellPrototype%
4562  Handle<Map> weak_cell_map =
4563  factory->NewMap(JS_WEAK_CELL_TYPE, JSWeakCell::kSize);
4564  native_context()->set_js_weak_cell_map(*weak_cell_map);
4565 
4566  Handle<JSObject> weak_cell_prototype =
4567  factory->NewJSObject(isolate()->object_function(), TENURED);
4568  Map::SetPrototype(isolate(), weak_cell_map, weak_cell_prototype);
4569 
4570  JSObject::AddProperty(
4571  isolate(), weak_cell_prototype, factory->to_string_tag_symbol(),
4572  factory->WeakCell_string(),
4573  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4574 
4575  SimpleInstallGetter(isolate(), weak_cell_prototype,
4576  factory->InternalizeUtf8String("holdings"),
4577  Builtins::kWeakCellHoldingsGetter, false);
4578  SimpleInstallFunction(isolate(), weak_cell_prototype, "clear",
4579  Builtins::kWeakCellClear, 0, false);
4580 
4581  // Create %WeakRefPrototype%
4582  Handle<Map> weak_ref_map =
4583  factory->NewMap(JS_WEAK_REF_TYPE, JSWeakRef::kSize);
4584  native_context()->set_js_weak_ref_map(*weak_ref_map);
4585 
4586  Handle<JSObject> weak_ref_prototype =
4587  factory->NewJSObject(isolate()->object_function(), TENURED);
4588  Map::SetPrototype(isolate(), weak_ref_map, weak_ref_prototype);
4589  JSObject::ForceSetPrototype(weak_ref_prototype, weak_cell_prototype);
4590 
4591  JSObject::AddProperty(
4592  isolate(), weak_ref_prototype, factory->to_string_tag_symbol(),
4593  factory->WeakRef_string(),
4594  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4595 
4596  SimpleInstallFunction(isolate(), weak_ref_prototype, "deref",
4597  Builtins::kWeakRefDeref, 0, false);
4598  }
4599 
4600  {
4601  // Create cleanup iterator for JSWeakFactory.
4602  Handle<JSObject> iterator_prototype(
4603  native_context()->initial_iterator_prototype(), isolate());
4604 
4605  Handle<JSObject> cleanup_iterator_prototype =
4606  factory->NewJSObject(isolate()->object_function(), TENURED);
4607  JSObject::ForceSetPrototype(cleanup_iterator_prototype, iterator_prototype);
4608 
4609  JSObject::AddProperty(
4610  isolate(), cleanup_iterator_prototype, factory->to_string_tag_symbol(),
4611  factory->NewStringFromAsciiChecked("JSWeakFactoryCleanupIterator"),
4612  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4613 
4614  SimpleInstallFunction(isolate(), cleanup_iterator_prototype, "next",
4615  Builtins::kWeakFactoryCleanupIteratorNext, 0, true);
4616  Handle<Map> cleanup_iterator_map =
4617  factory->NewMap(JS_WEAK_FACTORY_CLEANUP_ITERATOR_TYPE,
4618  JSWeakFactoryCleanupIterator::kSize);
4619  Map::SetPrototype(isolate(), cleanup_iterator_map,
4620  cleanup_iterator_prototype);
4621  native_context()->set_js_weak_factory_cleanup_iterator_map(
4622  *cleanup_iterator_map);
4623  }
4624 }
4625 
4626 #ifdef V8_INTL_SUPPORT
4627 void Genesis::InitializeGlobal_harmony_intl_list_format() {
4628  if (!FLAG_harmony_intl_list_format) return;
4629  Handle<JSObject> intl = Handle<JSObject>::cast(
4630  JSReceiver::GetProperty(
4631  isolate(),
4632  Handle<JSReceiver>(native_context()->global_object(), isolate()),
4633  factory()->InternalizeUtf8String("Intl"))
4634  .ToHandleChecked());
4635 
4636  Handle<JSFunction> list_format_fun =
4637  InstallFunction(isolate(), intl, "ListFormat", JS_INTL_LIST_FORMAT_TYPE,
4638  JSListFormat::kSize, 0, factory()->the_hole_value(),
4639  Builtins::kListFormatConstructor);
4640  list_format_fun->shared()->set_length(0);
4641  list_format_fun->shared()->DontAdaptArguments();
4642 
4643  SimpleInstallFunction(isolate(), list_format_fun, "supportedLocalesOf",
4644  Builtins::kListFormatSupportedLocalesOf, 1, false);
4645 
4646  // Setup %ListFormatPrototype%.
4647  Handle<JSObject> prototype(
4648  JSObject::cast(list_format_fun->instance_prototype()), isolate());
4649 
4650  // Install the @@toStringTag property on the {prototype}.
4651  JSObject::AddProperty(isolate(), prototype, factory()->to_string_tag_symbol(),
4652  factory()->InternalizeUtf8String("Intl.ListFormat"),
4653  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4654 
4655  SimpleInstallFunction(isolate(), prototype, "resolvedOptions",
4656  Builtins::kListFormatPrototypeResolvedOptions, 0,
4657  false);
4658  SimpleInstallFunction(isolate(), prototype, "format",
4659  Builtins::kListFormatPrototypeFormat, 1, false);
4660  SimpleInstallFunction(isolate(), prototype, "formatToParts",
4661  Builtins::kListFormatPrototypeFormatToParts, 1, false);
4662 }
4663 
4664 void Genesis::InitializeGlobal_harmony_locale() {
4665  if (!FLAG_harmony_locale) return;
4666 
4667  Handle<JSObject> intl = Handle<JSObject>::cast(
4668  JSReceiver::GetProperty(
4669  isolate(),
4670  Handle<JSReceiver>(native_context()->global_object(), isolate()),
4671  factory()->InternalizeUtf8String("Intl"))
4672  .ToHandleChecked());
4673 
4674  Handle<JSFunction> locale_fun = InstallFunction(
4675  isolate(), intl, "Locale", JS_INTL_LOCALE_TYPE, JSLocale::kSize, 0,
4676  factory()->the_hole_value(), Builtins::kLocaleConstructor);
4677  InstallWithIntrinsicDefaultProto(isolate(), locale_fun,
4678  Context::INTL_LOCALE_FUNCTION_INDEX);
4679  locale_fun->shared()->set_length(1);
4680  locale_fun->shared()->DontAdaptArguments();
4681 
4682  // Setup %LocalePrototype%.
4683  Handle<JSObject> prototype(JSObject::cast(locale_fun->instance_prototype()),
4684  isolate());
4685 
4686  // Install the @@toStringTag property on the {prototype}.
4687  JSObject::AddProperty(isolate(), prototype, factory()->to_string_tag_symbol(),
4688  factory()->InternalizeUtf8String("Intl.Locale"),
4689  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4690 
4691  SimpleInstallFunction(isolate(), prototype, "toString",
4692  Builtins::kLocalePrototypeToString, 0, false);
4693  SimpleInstallFunction(isolate(), prototype, "maximize",
4694  Builtins::kLocalePrototypeMaximize, 0, false);
4695  SimpleInstallFunction(isolate(), prototype, "minimize",
4696  Builtins::kLocalePrototypeMinimize, 0, false);
4697  // Base locale getters.
4698  SimpleInstallGetter(isolate(), prototype,
4699  factory()->InternalizeUtf8String("language"),
4700  Builtins::kLocalePrototypeLanguage, true);
4701  SimpleInstallGetter(isolate(), prototype,
4702  factory()->InternalizeUtf8String("script"),
4703  Builtins::kLocalePrototypeScript, true);
4704  SimpleInstallGetter(isolate(), prototype,
4705  factory()->InternalizeUtf8String("region"),
4706  Builtins::kLocalePrototypeRegion, true);
4707  SimpleInstallGetter(isolate(), prototype,
4708  factory()->InternalizeUtf8String("baseName"),
4709  Builtins::kLocalePrototypeBaseName, true);
4710  // Unicode extension getters.
4711  SimpleInstallGetter(isolate(), prototype,
4712  factory()->InternalizeUtf8String("calendar"),
4713  Builtins::kLocalePrototypeCalendar, true);
4714  SimpleInstallGetter(isolate(), prototype,
4715  factory()->InternalizeUtf8String("caseFirst"),
4716  Builtins::kLocalePrototypeCaseFirst, true);
4717  SimpleInstallGetter(isolate(), prototype,
4718  factory()->InternalizeUtf8String("collation"),
4719  Builtins::kLocalePrototypeCollation, true);
4720  SimpleInstallGetter(isolate(), prototype,
4721  factory()->InternalizeUtf8String("hourCycle"),
4722  Builtins::kLocalePrototypeHourCycle, true);
4723  SimpleInstallGetter(isolate(), prototype,
4724  factory()->InternalizeUtf8String("numeric"),
4725  Builtins::kLocalePrototypeNumeric, true);
4726  SimpleInstallGetter(isolate(), prototype,
4727  factory()->InternalizeUtf8String("numberingSystem"),
4728  Builtins::kLocalePrototypeNumberingSystem, true);
4729 }
4730 
4731 void Genesis::InitializeGlobal_harmony_intl_relative_time_format() {
4732  if (!FLAG_harmony_intl_relative_time_format) return;
4733  Handle<JSObject> intl = Handle<JSObject>::cast(
4734  JSReceiver::GetProperty(
4735  isolate(),
4736  Handle<JSReceiver>(native_context()->global_object(), isolate()),
4737  factory()->InternalizeUtf8String("Intl"))
4738  .ToHandleChecked());
4739 
4740  Handle<JSFunction> relative_time_format_fun = InstallFunction(
4741  isolate(), intl, "RelativeTimeFormat", JS_INTL_RELATIVE_TIME_FORMAT_TYPE,
4742  JSRelativeTimeFormat::kSize, 0, factory()->the_hole_value(),
4743  Builtins::kRelativeTimeFormatConstructor);
4744  relative_time_format_fun->shared()->set_length(0);
4745  relative_time_format_fun->shared()->DontAdaptArguments();
4746 
4747  SimpleInstallFunction(
4748  isolate(), relative_time_format_fun, "supportedLocalesOf",
4749  Builtins::kRelativeTimeFormatSupportedLocalesOf, 1, false);
4750 
4751  // Setup %RelativeTimeFormatPrototype%.
4752  Handle<JSObject> prototype(
4753  JSObject::cast(relative_time_format_fun->instance_prototype()),
4754  isolate());
4755 
4756  // Install the @@toStringTag property on the {prototype}.
4757  JSObject::AddProperty(
4758  isolate(), prototype, factory()->to_string_tag_symbol(),
4759  factory()->InternalizeUtf8String("Intl.RelativeTimeFormat"),
4760  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4761 
4762  SimpleInstallFunction(isolate(), prototype, "resolvedOptions",
4763  Builtins::kRelativeTimeFormatPrototypeResolvedOptions,
4764  0, false);
4765  SimpleInstallFunction(isolate(), prototype, "format",
4766  Builtins::kRelativeTimeFormatPrototypeFormat, 2, false);
4767  SimpleInstallFunction(isolate(), prototype, "formatToParts",
4768  Builtins::kRelativeTimeFormatPrototypeFormatToParts, 2,
4769  false);
4770 }
4771 
4772 void Genesis::InitializeGlobal_harmony_intl_segmenter() {
4773  if (!FLAG_harmony_intl_segmenter) return;
4774  Handle<JSObject> intl = Handle<JSObject>::cast(
4775  JSReceiver::GetProperty(
4776  isolate(),
4777  Handle<JSReceiver>(native_context()->global_object(), isolate()),
4778  factory()->InternalizeUtf8String("Intl"))
4779  .ToHandleChecked());
4780 
4781  Handle<JSFunction> segmenter_fun = InstallFunction(
4782  isolate(), intl, "Segmenter", JS_INTL_SEGMENTER_TYPE, JSSegmenter::kSize,
4783  0, factory()->the_hole_value(), Builtins::kSegmenterConstructor);
4784  segmenter_fun->shared()->set_length(0);
4785  segmenter_fun->shared()->DontAdaptArguments();
4786 
4787  SimpleInstallFunction(isolate(), segmenter_fun, "supportedLocalesOf",
4788  Builtins::kSegmenterSupportedLocalesOf, 1, false);
4789 
4790  {
4791  // Setup %SegmenterPrototype%.
4792  Handle<JSObject> prototype(
4793  JSObject::cast(segmenter_fun->instance_prototype()), isolate());
4794 
4795  // Install the @@toStringTag property on the {prototype}.
4796  JSObject::AddProperty(
4797  isolate(), prototype, factory()->to_string_tag_symbol(),
4798  factory()->NewStringFromStaticChars("Intl.Segmenter"),
4799  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4800 
4801  SimpleInstallFunction(isolate(), prototype, "resolvedOptions",
4802  Builtins::kSegmenterPrototypeResolvedOptions, 0,
4803  false);
4804 
4805  SimpleInstallFunction(isolate(), prototype, "segment",
4806  Builtins::kSegmenterPrototypeSegment, 1, false);
4807  }
4808 
4809  {
4810  // Setup %SegmentIteratorPrototype%.
4811  Handle<String> name = factory()->SegmentIterator_string();
4812  Handle<JSObject> iterator_prototype(
4813  native_context()->initial_iterator_prototype(), isolate());
4814 
4815  Handle<JSObject> prototype =
4816  factory()->NewJSObject(isolate()->object_function(), TENURED);
4817  JSObject::ForceSetPrototype(prototype, iterator_prototype);
4818 
4819  // Install the @@toStringTag property on the {prototype}.
4820  JSObject::AddProperty(
4821  isolate(), prototype, factory()->to_string_tag_symbol(), name,
4822  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4823 
4824  SimpleInstallFunction(isolate(), prototype, "next",
4825  Builtins::kSegmentIteratorPrototypeNext, 0, false);
4826 
4827  SimpleInstallFunction(isolate(), prototype, "following",
4828  Builtins::kSegmentIteratorPrototypeFollowing, 0,
4829  false);
4830 
4831  SimpleInstallFunction(isolate(), prototype, "preceding",
4832  Builtins::kSegmentIteratorPrototypePreceding, 0,
4833  false);
4834 
4835  SimpleInstallGetter(isolate(), prototype,
4836  factory()->InternalizeUtf8String("position"),
4837  Builtins::kSegmentIteratorPrototypePosition, false);
4838 
4839  SimpleInstallGetter(isolate(), prototype,
4840  factory()->InternalizeUtf8String("breakType"),
4841  Builtins::kSegmentIteratorPrototypeBreakType, false);
4842 
4843  // Setup SegmentIterator constructor.
4844  Handle<String> name_string =
4845  Name::ToFunctionName(
4846  isolate(),
4847  isolate()->factory()->InternalizeUtf8String("SegmentIterator"))
4848  .ToHandleChecked();
4849  Handle<JSFunction> segment_iterator_fun = CreateFunction(
4850  isolate(), name_string, JS_INTL_SEGMENT_ITERATOR_TYPE,
4851  JSSegmentIterator::kSize, 0, prototype, Builtins::kIllegal);
4852  segment_iterator_fun->shared()->set_native(false);
4853 
4854  Handle<Map> segment_iterator_map(segment_iterator_fun->initial_map(),
4855  isolate());
4856  native_context()->set_intl_segment_iterator_map(*segment_iterator_map);
4857  }
4858 }
4859 
4860 #endif // V8_INTL_SUPPORT
4861 
4862 void Genesis::InitializeGlobal_harmony_object_from_entries() {
4863  if (!FLAG_harmony_object_from_entries) return;
4864  SimpleInstallFunction(isolate(), isolate()->object_function(), "fromEntries",
4865  Builtins::kObjectFromEntries, 1, false);
4866 }
4867 
4868 Handle<JSFunction> Genesis::CreateArrayBuffer(
4869  Handle<String> name, ArrayBufferKind array_buffer_kind) {
4870  // Create the %ArrayBufferPrototype%
4871  // Setup the {prototype} with the given {name} for @@toStringTag.
4872  Handle<JSObject> prototype =
4873  factory()->NewJSObject(isolate()->object_function(), TENURED);
4874  JSObject::AddProperty(isolate(), prototype, factory()->to_string_tag_symbol(),
4875  name,
4876  static_cast<PropertyAttributes>(DONT_ENUM | READ_ONLY));
4877 
4878  // Allocate the constructor with the given {prototype}.
4879  Handle<JSFunction> array_buffer_fun =
4880  CreateFunction(isolate(), name, JS_ARRAY_BUFFER_TYPE,
4881  JSArrayBuffer::kSizeWithEmbedderFields, 0, prototype,
4882  Builtins::kArrayBufferConstructor);
4883  array_buffer_fun->shared()->DontAdaptArguments();
4884  array_buffer_fun->shared()->set_length(1);
4885 
4886  // Install the "constructor" property on the {prototype}.
4887  JSObject::AddProperty(isolate(), prototype, factory()->constructor_string(),
4888  array_buffer_fun, DONT_ENUM);
4889 
4890  switch (array_buffer_kind) {
4891  case ARRAY_BUFFER:
4892  InstallFunctionWithBuiltinId(isolate(), array_buffer_fun, "isView",
4893  Builtins::kArrayBufferIsView, 1, true,
4894  BuiltinFunctionId::kArrayBufferIsView);
4895 
4896  // Install the "byteLength" getter on the {prototype}.
4897  SimpleInstallGetter(isolate(), prototype, factory()->byte_length_string(),
4898  Builtins::kArrayBufferPrototypeGetByteLength, false,
4899  BuiltinFunctionId::kArrayBufferByteLength);
4900 
4901  SimpleInstallFunction(isolate(), prototype, "slice",
4902  Builtins::kArrayBufferPrototypeSlice, 2, true);
4903  break;
4904 
4905  case SHARED_ARRAY_BUFFER:
4906  // Install the "byteLength" getter on the {prototype}.
4907  SimpleInstallGetter(isolate(), prototype, factory()->byte_length_string(),
4908  Builtins::kSharedArrayBufferPrototypeGetByteLength,
4909  false,
4910  BuiltinFunctionId::kSharedArrayBufferByteLength);
4911 
4912  SimpleInstallFunction(isolate(), prototype, "slice",
4913  Builtins::kSharedArrayBufferPrototypeSlice, 2,
4914  true);
4915  break;
4916  }
4917 
4918  return array_buffer_fun;
4919 }
4920 
4921 
4922 Handle<JSFunction> Genesis::InstallInternalArray(Handle<JSObject> target,
4923  const char* name,
4924  ElementsKind elements_kind) {
4925  // --- I n t e r n a l A r r a y ---
4926  // An array constructor on the builtins object that works like
4927  // the public Array constructor, except that its prototype
4928  // doesn't inherit from Object.prototype.
4929  // To be used only for internal work by builtins. Instances
4930  // must not be leaked to user code.
4931  Handle<JSObject> prototype =
4932  factory()->NewJSObject(isolate()->object_function(), TENURED);
4933  Handle<JSFunction> array_function =
4934  InstallFunction(isolate(), target, name, JS_ARRAY_TYPE, JSArray::kSize, 0,
4935  prototype, Builtins::kInternalArrayConstructor);
4936 
4937  array_function->shared()->DontAdaptArguments();
4938 
4939  Handle<Map> original_map(array_function->initial_map(), isolate());
4940  Handle<Map> initial_map = Map::Copy(isolate(), original_map, "InternalArray");
4941  initial_map->set_elements_kind(elements_kind);
4942  JSFunction::SetInitialMap(array_function, initial_map, prototype);
4943 
4944  // Make "length" magic on instances.
4945  Map::EnsureDescriptorSlack(isolate(), initial_map, 1);
4946 
4947  PropertyAttributes attribs = static_cast<PropertyAttributes>(
4948  DONT_ENUM | DONT_DELETE);
4949 
4950  { // Add length.
4951  Descriptor d = Descriptor::AccessorConstant(
4952  factory()->length_string(), factory()->array_length_accessor(),
4953  attribs);
4954  initial_map->AppendDescriptor(&d);
4955  }
4956 
4957  return array_function;
4958 }
4959 
4960 bool Genesis::InstallNatives(GlobalContextType context_type) {
4961  HandleScope scope(isolate());
4962 
4963  // Set up the utils object as shared container between native scripts.
4964  Handle<JSObject> utils = factory()->NewJSObject(isolate()->object_function());
4965  JSObject::NormalizeProperties(utils, CLEAR_INOBJECT_PROPERTIES, 16,
4966  "utils container for native scripts");
4967  native_context()->set_natives_utils_object(*utils);
4968 
4969  // Set up the extras utils object as a shared container between native
4970  // scripts and extras. (Extras consume things added there by native scripts.)
4971  Handle<JSObject> extras_utils =
4972  factory()->NewJSObject(isolate()->object_function());
4973  native_context()->set_extras_utils_object(*extras_utils);
4974 
4975  InstallInternalArray(extras_utils, "InternalPackedArray", PACKED_ELEMENTS);
4976 
4977  // v8.createPromise(parent)
4978  Handle<JSFunction> promise_internal_constructor =
4979  SimpleCreateFunction(isolate(), factory()->empty_string(),
4980  Builtins::kPromiseInternalConstructor, 1, true);
4981  promise_internal_constructor->shared()->set_native(false);
4982  JSObject::AddProperty(isolate(), extras_utils,
4983  factory()->InternalizeUtf8String("createPromise"),
4984  promise_internal_constructor, DONT_ENUM);
4985 
4986  // v8.rejectPromise(promise, reason)
4987  Handle<JSFunction> promise_internal_reject =
4988  SimpleCreateFunction(isolate(), factory()->empty_string(),
4989  Builtins::kPromiseInternalReject, 2, true);
4990  promise_internal_reject->shared()->set_native(false);
4991  JSObject::AddProperty(isolate(), extras_utils,
4992  factory()->InternalizeUtf8String("rejectPromise"),
4993  promise_internal_reject, DONT_ENUM);
4994 
4995  // v8.resolvePromise(promise, resolution)
4996  Handle<JSFunction> promise_internal_resolve =
4997  SimpleCreateFunction(isolate(), factory()->empty_string(),
4998  Builtins::kPromiseInternalResolve, 2, true);
4999  promise_internal_resolve->shared()->set_native(false);
5000  JSObject::AddProperty(isolate(), extras_utils,
5001  factory()->InternalizeUtf8String("resolvePromise"),
5002  promise_internal_resolve, DONT_ENUM);
5003 
5004  JSObject::AddProperty(isolate(), extras_utils,
5005  factory()->InternalizeUtf8String("isPromise"),
5006  isolate()->is_promise(), DONT_ENUM);
5007 
5008  int builtin_index = Natives::GetDebuggerCount();
5009  // Only run prologue.js at this point.
5010  DCHECK_EQ(builtin_index, Natives::GetIndex("prologue"));
5011  if (!Bootstrapper::CompileBuiltin(isolate(), builtin_index++)) return false;
5012 
5013  {
5014  // Builtin function for OpaqueReference -- a JSValue-based object,
5015  // that keeps its field isolated from JavaScript code. It may store
5016  // objects, that JavaScript code may not access.
5017  Handle<JSObject> prototype =
5018  factory()->NewJSObject(isolate()->object_function(), TENURED);
5019  Handle<JSFunction> opaque_reference_fun =
5020  CreateFunction(isolate(), factory()->empty_string(), JS_VALUE_TYPE,
5021  JSValue::kSize, 0, prototype, Builtins::kIllegal);
5022  native_context()->set_opaque_reference_function(*opaque_reference_fun);
5023  }
5024 
5025  // InternalArrays should not use Smi-Only array optimizations. There are too
5026  // many places in the C++ runtime code (e.g. RegEx) that assume that
5027  // elements in InternalArrays can be set to non-Smi values without going
5028  // through a common bottleneck that would make the SMI_ONLY -> FAST_ELEMENT
5029  // transition easy to trap. Moreover, they rarely are smi-only.
5030  {
5031  HandleScope scope(isolate());
5032  Handle<JSObject> utils =
5033  Handle<JSObject>::cast(isolate()->natives_utils_object());
5034  Handle<JSFunction> array_function =
5035  InstallInternalArray(utils, "InternalArray", HOLEY_ELEMENTS);
5036  native_context()->set_internal_array_function(*array_function);
5037  }
5038 
5039  // Run the rest of the native scripts.
5040  while (builtin_index < Natives::GetBuiltinsCount()) {
5041  if (!Bootstrapper::CompileBuiltin(isolate(), builtin_index++)) return false;
5042  }
5043 
5044  if (!CallUtilsFunction(isolate(), "PostNatives")) return false;
5045  auto fast_template_instantiations_cache = isolate()->factory()->NewFixedArray(
5046  TemplateInfo::kFastTemplateInstantiationsCacheSize);
5047  native_context()->set_fast_template_instantiations_cache(
5048  *fast_template_instantiations_cache);
5049 
5050  auto slow_template_instantiations_cache = SimpleNumberDictionary::New(
5051  isolate(), ApiNatives::kInitialFunctionCacheSize);
5052  native_context()->set_slow_template_instantiations_cache(
5053  *slow_template_instantiations_cache);
5054 
5055  // Store the map for the %ObjectPrototype% after the natives has been compiled
5056  // and the Object function has been set up.
5057  {
5058  Handle<JSFunction> object_function(native_context()->object_function(),
5059  isolate());
5060  DCHECK(JSObject::cast(object_function->initial_map()->prototype())
5061  ->HasFastProperties());
5062  native_context()->set_object_function_prototype_map(
5063  HeapObject::cast(object_function->initial_map()->prototype())->map());
5064  }
5065 
5066  // Store the map for the %StringPrototype% after the natives has been compiled
5067  // and the String function has been set up.
5068  Handle<JSFunction> string_function(native_context()->string_function(),
5069  isolate());
5070  JSObject* string_function_prototype =
5071  JSObject::cast(string_function->initial_map()->prototype());
5072  DCHECK(string_function_prototype->HasFastProperties());
5073  native_context()->set_string_function_prototype_map(
5074  string_function_prototype->map());
5075 
5076  Handle<JSGlobalObject> global_object =
5077  handle(native_context()->global_object(), isolate());
5078 
5079  // Install Global.decodeURI.
5080  InstallFunctionWithBuiltinId(isolate(), global_object, "decodeURI",
5081  Builtins::kGlobalDecodeURI, 1, false,
5082  BuiltinFunctionId::kGlobalDecodeURI);
5083 
5084  // Install Global.decodeURIComponent.
5085  InstallFunctionWithBuiltinId(isolate(), global_object, "decodeURIComponent",
5086  Builtins::kGlobalDecodeURIComponent, 1, false,
5087  BuiltinFunctionId::kGlobalDecodeURIComponent);
5088 
5089  // Install Global.encodeURI.
5090  InstallFunctionWithBuiltinId(isolate(), global_object, "encodeURI",
5091  Builtins::kGlobalEncodeURI, 1, false,
5092  BuiltinFunctionId::kGlobalEncodeURI);
5093 
5094  // Install Global.encodeURIComponent.
5095  InstallFunctionWithBuiltinId(isolate(), global_object, "encodeURIComponent",
5096  Builtins::kGlobalEncodeURIComponent, 1, false,
5097  BuiltinFunctionId::kGlobalEncodeURIComponent);
5098 
5099  // Install Global.escape.
5100  InstallFunctionWithBuiltinId(isolate(), global_object, "escape",
5101  Builtins::kGlobalEscape, 1, false,
5102  BuiltinFunctionId::kGlobalEscape);
5103 
5104  // Install Global.unescape.
5105  InstallFunctionWithBuiltinId(isolate(), global_object, "unescape",
5106  Builtins::kGlobalUnescape, 1, false,
5107  BuiltinFunctionId::kGlobalUnescape);
5108 
5109  // Install Global.eval.
5110  {
5111  Handle<JSFunction> eval = SimpleInstallFunction(
5112  isolate(), global_object, "eval", Builtins::kGlobalEval, 1, false);
5113  native_context()->set_global_eval_fun(*eval);
5114  }
5115 
5116  // Install Global.isFinite
5117  InstallFunctionWithBuiltinId(isolate(), global_object, "isFinite",
5118  Builtins::kGlobalIsFinite, 1, true,
5119  BuiltinFunctionId::kGlobalIsFinite);
5120 
5121  // Install Global.isNaN
5122  InstallFunctionWithBuiltinId(isolate(), global_object, "isNaN",
5123  Builtins::kGlobalIsNaN, 1, true,
5124  BuiltinFunctionId::kGlobalIsNaN);
5125 
5126  // Install Array builtin functions.
5127  {
5128  Handle<JSFunction> array_constructor(native_context()->array_function(),
5129  isolate());
5130  Handle<JSArray> proto(JSArray::cast(array_constructor->prototype()),
5131  isolate());
5132 
5133  // Verification of important array prototype properties.
5134  Object* length = proto->length();
5135  CHECK(length->IsSmi());
5136  CHECK_EQ(Smi::ToInt(length), 0);
5137  CHECK(proto->HasSmiOrObjectElements());
5138  // This is necessary to enable fast checks for absence of elements
5139  // on Array.prototype and below.
5140  proto->set_elements(ReadOnlyRoots(heap()).empty_fixed_array());
5141  }
5142 
5143  // Install InternalArray.prototype.concat
5144  {
5145  Handle<JSFunction> array_constructor(
5146  native_context()->internal_array_function(), isolate());
5147  Handle<JSObject> proto(JSObject::cast(array_constructor->prototype()),
5148  isolate());
5149  SimpleInstallFunction(isolate(), proto, "concat", Builtins::kArrayConcat, 1,
5150  false);
5151  }
5152 
5153  InstallBuiltinFunctionIds();
5154 
5155  // Create a map for accessor property descriptors (a variant of JSObject
5156  // that predefines four properties get, set, configurable and enumerable).
5157  {
5158  // AccessorPropertyDescriptor initial map.
5159  Handle<Map> map =
5160  factory()->NewMap(JS_OBJECT_TYPE, JSAccessorPropertyDescriptor::kSize,
5161  TERMINAL_FAST_ELEMENTS_KIND, 4);
5162  // Create the descriptor array for the property descriptor object.
5163  Map::EnsureDescriptorSlack(isolate(), map, 4);
5164 
5165  { // get
5166  Descriptor d =
5167  Descriptor::DataField(isolate(), factory()->get_string(),
5168  JSAccessorPropertyDescriptor::kGetIndex, NONE,
5169  Representation::Tagged());
5170  map->AppendDescriptor(&d);
5171  }
5172  { // set
5173  Descriptor d =
5174  Descriptor::DataField(isolate(), factory()->set_string(),
5175  JSAccessorPropertyDescriptor::kSetIndex, NONE,
5176  Representation::Tagged());
5177  map->AppendDescriptor(&d);
5178  }
5179  { // enumerable
5180  Descriptor d =
5181  Descriptor::DataField(isolate(), factory()->enumerable_string(),
5182  JSAccessorPropertyDescriptor::kEnumerableIndex,
5183  NONE, Representation::Tagged());
5184  map->AppendDescriptor(&d);
5185  }
5186  { // configurable
5187  Descriptor d = Descriptor::DataField(
5188  isolate(), factory()->configurable_string(),
5189  JSAccessorPropertyDescriptor::kConfigurableIndex, NONE,
5190  Representation::Tagged());
5191  map->AppendDescriptor(&d);
5192  }
5193 
5194  Map::SetPrototype(isolate(), map, isolate()->initial_object_prototype());
5195  map->SetConstructor(native_context()->object_function());
5196 
5197  native_context()->set_accessor_property_descriptor_map(*map);
5198  }
5199 
5200  // Create a map for data property descriptors (a variant of JSObject
5201  // that predefines four properties value, writable, configurable and
5202  // enumerable).
5203  {
5204  // DataPropertyDescriptor initial map.
5205  Handle<Map> map =
5206  factory()->NewMap(JS_OBJECT_TYPE, JSDataPropertyDescriptor::kSize,
5207  TERMINAL_FAST_ELEMENTS_KIND, 4);
5208  // Create the descriptor array for the property descriptor object.
5209  Map::EnsureDescriptorSlack(isolate(), map, 4);
5210 
5211  { // value
5212  Descriptor d =
5213  Descriptor::DataField(isolate(), factory()->value_string(),
5214  JSDataPropertyDescriptor::kValueIndex, NONE,
5215  Representation::Tagged());
5216  map->AppendDescriptor(&d);
5217  }
5218  { // writable
5219  Descriptor d =
5220  Descriptor::DataField(isolate(), factory()->writable_string(),
5221  JSDataPropertyDescriptor::kWritableIndex, NONE,
5222  Representation::Tagged());
5223  map->AppendDescriptor(&d);
5224  }
5225  { // enumerable
5226  Descriptor d =
5227  Descriptor::DataField(isolate(), factory()->enumerable_string(),
5228  JSDataPropertyDescriptor::kEnumerableIndex,
5229  NONE, Representation::Tagged());
5230  map->AppendDescriptor(&d);
5231  }
5232  { // configurable
5233  Descriptor d =
5234  Descriptor::DataField(isolate(), factory()->configurable_string(),
5235  JSDataPropertyDescriptor::kConfigurableIndex,
5236  NONE, Representation::Tagged());
5237  map->AppendDescriptor(&d);
5238  }
5239 
5240  Map::SetPrototype(isolate(), map, isolate()->initial_object_prototype());
5241  map->SetConstructor(native_context()->object_function());
5242 
5243  native_context()->set_data_property_descriptor_map(*map);
5244  }
5245 
5246  // Create a constructor for RegExp results (a variant of Array that
5247  // predefines the properties index, input, and groups).
5248  {
5249  // JSRegExpResult initial map.
5250 
5251  // Find global.Array.prototype to inherit from.
5252  Handle<JSFunction> array_constructor(native_context()->array_function(),
5253  isolate());
5254  Handle<JSObject> array_prototype(
5255  JSObject::cast(array_constructor->instance_prototype()), isolate());
5256 
5257  // Add initial map.
5258  Handle<Map> initial_map = factory()->NewMap(
5259  JS_ARRAY_TYPE, JSRegExpResult::kSize, TERMINAL_FAST_ELEMENTS_KIND,
5260  JSRegExpResult::kInObjectPropertyCount);
5261  initial_map->SetConstructor(*array_constructor);
5262 
5263  // Set prototype on map.
5264  initial_map->set_has_non_instance_prototype(false);
5265  Map::SetPrototype(isolate(), initial_map, array_prototype);
5266 
5267  // Update map with length accessor from Array and add "index", "input" and
5268  // "groups".
5269  Map::EnsureDescriptorSlack(isolate(), initial_map,
5270  JSRegExpResult::kInObjectPropertyCount + 1);
5271 
5272  // length descriptor.
5273  {
5274  JSFunction* array_function = native_context()->array_function();
5275  Handle<DescriptorArray> array_descriptors(
5276  array_function->initial_map()->instance_descriptors(), isolate());
5277  Handle<String> length = factory()->length_string();
5278  int old = array_descriptors->SearchWithCache(
5279  isolate(), *length, array_function->initial_map());
5280  DCHECK_NE(old, DescriptorArray::kNotFound);
5281  Descriptor d = Descriptor::AccessorConstant(
5282  length, handle(array_descriptors->GetStrongValue(old), isolate()),
5283  array_descriptors->GetDetails(old).attributes());
5284  initial_map->AppendDescriptor(&d);
5285  }
5286 
5287  // index descriptor.
5288  {
5289  Descriptor d = Descriptor::DataField(isolate(), factory()->index_string(),
5290  JSRegExpResult::kIndexIndex, NONE,
5291  Representation::Tagged());
5292  initial_map->AppendDescriptor(&d);
5293  }
5294 
5295  // input descriptor.
5296  {
5297  Descriptor d = Descriptor::DataField(isolate(), factory()->input_string(),
5298  JSRegExpResult::kInputIndex, NONE,
5299  Representation::Tagged());
5300  initial_map->AppendDescriptor(&d);
5301  }
5302 
5303  // groups descriptor.
5304  {
5305  Descriptor d = Descriptor::DataField(
5306  isolate(), factory()->groups_string(), JSRegExpResult::kGroupsIndex,
5307  NONE, Representation::Tagged());
5308  initial_map->AppendDescriptor(&d);
5309  }
5310 
5311  native_context()->set_regexp_result_map(*initial_map);
5312  }
5313 
5314  // Add @@iterator method to the arguments object maps.
5315  {
5316  PropertyAttributes attribs = DONT_ENUM;
5317  Handle<AccessorInfo> arguments_iterator =
5318  factory()->arguments_iterator_accessor();
5319  {
5320  Descriptor d = Descriptor::AccessorConstant(factory()->iterator_symbol(),
5321  arguments_iterator, attribs);
5322  Handle<Map> map(native_context()->sloppy_arguments_map(), isolate());
5323  Map::EnsureDescriptorSlack(isolate(), map, 1);
5324  map->AppendDescriptor(&d);
5325  }
5326  {
5327  Descriptor d = Descriptor::AccessorConstant(factory()->iterator_symbol(),
5328  arguments_iterator, attribs);
5329  Handle<Map> map(native_context()->fast_aliased_arguments_map(),
5330  isolate());
5331  Map::EnsureDescriptorSlack(isolate(), map, 1);
5332  map->AppendDescriptor(&d);
5333  }
5334  {
5335  Descriptor d = Descriptor::AccessorConstant(factory()->iterator_symbol(),
5336  arguments_iterator, attribs);
5337  Handle<Map> map(native_context()->slow_aliased_arguments_map(),
5338  isolate());
5339  Map::EnsureDescriptorSlack(isolate(), map, 1);
5340  map->AppendDescriptor(&d);
5341  }
5342  {
5343  Descriptor d = Descriptor::AccessorConstant(factory()->iterator_symbol(),
5344  arguments_iterator, attribs);
5345  Handle<Map> map(native_context()->strict_arguments_map(), isolate());
5346  Map::EnsureDescriptorSlack(isolate(), map, 1);
5347  map->AppendDescriptor(&d);
5348  }
5349  }
5350 
5351  return true;
5352 }
5353 
5354 bool Genesis::InstallExtraNatives() {
5355  HandleScope scope(isolate());
5356 
5357  Handle<JSObject> extras_binding =
5358  factory()->NewJSObject(isolate()->object_function());
5359 
5360  // binding.isTraceCategoryEnabled(category)
5361  SimpleInstallFunction(isolate(), extras_binding, "isTraceCategoryEnabled",
5362  Builtins::kIsTraceCategoryEnabled, 1, true);
5363 
5364  // binding.trace(phase, category, name, id, data)
5365  SimpleInstallFunction(isolate(), extras_binding, "trace", Builtins::kTrace, 5,
5366  true);
5367 
5368  native_context()->set_extras_binding_object(*extras_binding);
5369 
5370  for (int i = ExtraNatives::GetDebuggerCount();
5371  i < ExtraNatives::GetBuiltinsCount(); i++) {
5372  if (!Bootstrapper::CompileExtraBuiltin(isolate(), i)) return false;
5373  }
5374 
5375  return true;
5376 }
5377 
5378 
5379 bool Genesis::InstallExperimentalExtraNatives() {
5380  for (int i = ExperimentalExtraNatives::GetDebuggerCount();
5381  i < ExperimentalExtraNatives::GetBuiltinsCount(); i++) {
5382  if (!Bootstrapper::CompileExperimentalExtraBuiltin(isolate(), i))
5383  return false;
5384  }
5385 
5386  return true;
5387 }
5388 
5389 
5390 bool Genesis::InstallDebuggerNatives() {
5391  for (int i = 0; i < Natives::GetDebuggerCount(); ++i) {
5392  if (!Bootstrapper::CompileBuiltin(isolate(), i)) return false;
5393  }
5394  return true;
5395 }
5396 
5397 static void InstallBuiltinFunctionId(Isolate* isolate, Handle<JSObject> holder,
5398  const char* function_name,
5399  BuiltinFunctionId id) {
5400  Handle<Object> function_object =
5401  JSReceiver::GetProperty(isolate, holder, function_name).ToHandleChecked();
5402  Handle<JSFunction> function = Handle<JSFunction>::cast(function_object);
5403  function->shared()->set_builtin_function_id(id);
5404 }
5405 
5406 #define INSTALL_BUILTIN_ID(holder_expr, fun_name, name) \
5407  {#holder_expr, #fun_name, BuiltinFunctionId::k##name},
5408 
5409 void Genesis::InstallBuiltinFunctionIds() {
5410  HandleScope scope(isolate());
5411  struct BuiltinFunctionIds {
5412  const char* holder_expr;
5413  const char* fun_name;
5414  BuiltinFunctionId id;
5415  };
5416 
5417  const BuiltinFunctionIds builtins[] = {
5418  FUNCTIONS_WITH_ID_LIST(INSTALL_BUILTIN_ID)};
5419 
5420  for (const BuiltinFunctionIds& builtin : builtins) {
5421  Handle<JSObject> holder = ResolveBuiltinIdHolder(
5422  isolate(), native_context(), builtin.holder_expr);
5423  InstallBuiltinFunctionId(isolate(), holder, builtin.fun_name, builtin.id);
5424  }
5425 }
5426 
5427 #undef INSTALL_BUILTIN_ID
5428 
5429 
5430 void Genesis::InitializeNormalizedMapCaches() {
5431  Handle<NormalizedMapCache> cache = NormalizedMapCache::New(isolate());
5432  native_context()->set_normalized_map_cache(*cache);
5433 }
5434 
5435 
5436 bool Bootstrapper::InstallExtensions(Handle<Context> native_context,
5437  v8::ExtensionConfiguration* extensions) {
5438  // Don't install extensions into the snapshot.
5439  if (isolate_->serializer_enabled()) return true;
5440  BootstrapperActive active(this);
5441  SaveContext saved_context(isolate_);
5442  isolate_->set_context(*native_context);
5443  return Genesis::InstallExtensions(isolate_, native_context, extensions) &&
5444  Genesis::InstallSpecialObjects(isolate_, native_context);
5445 }
5446 
5447 bool Genesis::InstallSpecialObjects(Isolate* isolate,
5448  Handle<Context> native_context) {
5449  HandleScope scope(isolate);
5450 
5451  Handle<JSObject> Error = isolate->error_function();
5452  Handle<String> name = isolate->factory()->stackTraceLimit_string();
5453  Handle<Smi> stack_trace_limit(Smi::FromInt(FLAG_stack_trace_limit), isolate);
5454  JSObject::AddProperty(isolate, Error, name, stack_trace_limit, NONE);
5455 
5456  if (FLAG_expose_wasm) {
5457  // Install the internal data structures into the isolate and expose on
5458  // the global object.
5459  WasmJs::Install(isolate, true);
5460  } else if (FLAG_validate_asm) {
5461  // Install the internal data structures only; these are needed for asm.js
5462  // translated to WASM to work correctly.
5463  WasmJs::Install(isolate, false);
5464  }
5465 
5466  return true;
5467 }
5468 
5469 
5470 static uint32_t Hash(RegisteredExtension* extension) {
5471  return v8::internal::ComputePointerHash(extension);
5472 }
5473 
5474 Genesis::ExtensionStates::ExtensionStates() : map_(8) {}
5475 
5476 Genesis::ExtensionTraversalState Genesis::ExtensionStates::get_state(
5477  RegisteredExtension* extension) {
5478  base::HashMap::Entry* entry = map_.Lookup(extension, Hash(extension));
5479  if (entry == nullptr) {
5480  return UNVISITED;
5481  }
5482  return static_cast<ExtensionTraversalState>(
5483  reinterpret_cast<intptr_t>(entry->value));
5484 }
5485 
5486 void Genesis::ExtensionStates::set_state(RegisteredExtension* extension,
5487  ExtensionTraversalState state) {
5488  map_.LookupOrInsert(extension, Hash(extension))->value =
5489  reinterpret_cast<void*>(static_cast<intptr_t>(state));
5490 }
5491 
5492 bool Genesis::InstallExtensions(Isolate* isolate,
5493  Handle<Context> native_context,
5494  v8::ExtensionConfiguration* extensions) {
5495  ExtensionStates extension_states; // All extensions have state UNVISITED.
5496  return InstallAutoExtensions(isolate, &extension_states) &&
5497  (!FLAG_expose_free_buffer ||
5498  InstallExtension(isolate, "v8/free-buffer", &extension_states)) &&
5499  (!FLAG_expose_gc ||
5500  InstallExtension(isolate, "v8/gc", &extension_states)) &&
5501  (!FLAG_expose_externalize_string ||
5502  InstallExtension(isolate, "v8/externalize", &extension_states)) &&
5503  (!FLAG_gc_stats ||
5504  InstallExtension(isolate, "v8/statistics", &extension_states)) &&
5505  (!FLAG_expose_trigger_failure ||
5506  InstallExtension(isolate, "v8/trigger-failure", &extension_states)) &&
5507  (!FLAG_trace_ignition_dispatches ||
5508  InstallExtension(isolate, "v8/ignition-statistics",
5509  &extension_states)) &&
5510  InstallRequestedExtensions(isolate, extensions, &extension_states);
5511 }
5512 
5513 
5514 bool Genesis::InstallAutoExtensions(Isolate* isolate,
5515  ExtensionStates* extension_states) {
5516  for (v8::RegisteredExtension* it = v8::RegisteredExtension::first_extension();
5517  it != nullptr; it = it->next()) {
5518  if (it->extension()->auto_enable() &&
5519  !InstallExtension(isolate, it, extension_states)) {
5520  return false;
5521  }
5522  }
5523  return true;
5524 }
5525 
5526 
5527 bool Genesis::InstallRequestedExtensions(Isolate* isolate,
5528  v8::ExtensionConfiguration* extensions,
5529  ExtensionStates* extension_states) {
5530  for (const char** it = extensions->begin(); it != extensions->end(); ++it) {
5531  if (!InstallExtension(isolate, *it, extension_states)) return false;
5532  }
5533  return true;
5534 }
5535 
5536 
5537 // Installs a named extension. This methods is unoptimized and does
5538 // not scale well if we want to support a large number of extensions.
5539 bool Genesis::InstallExtension(Isolate* isolate,
5540  const char* name,
5541  ExtensionStates* extension_states) {
5542  for (v8::RegisteredExtension* it = v8::RegisteredExtension::first_extension();
5543  it != nullptr; it = it->next()) {
5544  if (strcmp(name, it->extension()->name()) == 0) {
5545  return InstallExtension(isolate, it, extension_states);
5546  }
5547  }
5548  return Utils::ApiCheck(false,
5549  "v8::Context::New()",
5550  "Cannot find required extension");
5551 }
5552 
5553 
5554 bool Genesis::InstallExtension(Isolate* isolate,
5555  v8::RegisteredExtension* current,
5556  ExtensionStates* extension_states) {
5557  HandleScope scope(isolate);
5558 
5559  if (extension_states->get_state(current) == INSTALLED) return true;
5560  // The current node has already been visited so there must be a
5561  // cycle in the dependency graph; fail.
5562  if (!Utils::ApiCheck(extension_states->get_state(current) != VISITED,
5563  "v8::Context::New()",
5564  "Circular extension dependency")) {
5565  return false;
5566  }
5567  DCHECK(extension_states->get_state(current) == UNVISITED);
5568  extension_states->set_state(current, VISITED);
5569  v8::Extension* extension = current->extension();
5570  // Install the extension's dependencies
5571  for (int i = 0; i < extension->dependency_count(); i++) {
5572  if (!InstallExtension(isolate,
5573  extension->dependencies()[i],
5574  extension_states)) {
5575  return false;
5576  }
5577  }
5578  // We do not expect this to throw an exception. Change this if it does.
5579  bool result = CompileExtension(isolate, extension);
5580  DCHECK(isolate->has_pending_exception() != result);
5581  if (!result) {
5582  // We print out the name of the extension that fail to install.
5583  // When an error is thrown during bootstrapping we automatically print
5584  // the line number at which this happened to the console in the isolate
5585  // error throwing functionality.
5586  base::OS::PrintError("Error installing extension '%s'.\n",
5587  current->extension()->name());
5588  isolate->clear_pending_exception();
5589  }
5590  extension_states->set_state(current, INSTALLED);
5591  return result;
5592 }
5593 
5594 
5595 bool Genesis::ConfigureGlobalObjects(
5596  v8::Local<v8::ObjectTemplate> global_proxy_template) {
5597  Handle<JSObject> global_proxy(
5598  JSObject::cast(native_context()->global_proxy()), isolate());
5599  Handle<JSObject> global_object(
5600  JSObject::cast(native_context()->global_object()), isolate());
5601 
5602  if (!global_proxy_template.IsEmpty()) {
5603  // Configure the global proxy object.
5604  Handle<ObjectTemplateInfo> global_proxy_data =
5605  v8::Utils::OpenHandle(*global_proxy_template);
5606  if (!ConfigureApiObject(global_proxy, global_proxy_data)) return false;
5607 
5608  // Configure the global object.
5609  Handle<FunctionTemplateInfo> proxy_constructor(
5610  FunctionTemplateInfo::cast(global_proxy_data->constructor()),
5611  isolate());
5612  if (!proxy_constructor->GetPrototypeTemplate()->IsUndefined(isolate())) {
5613  Handle<ObjectTemplateInfo> global_object_data(
5614  ObjectTemplateInfo::cast(proxy_constructor->GetPrototypeTemplate()),
5615  isolate());
5616  if (!ConfigureApiObject(global_object, global_object_data)) return false;
5617  }
5618  }
5619 
5620  JSObject::ForceSetPrototype(global_proxy, global_object);
5621 
5622  native_context()->set_array_buffer_map(
5623  native_context()->array_buffer_fun()->initial_map());
5624 
5625  Handle<JSFunction> js_map_fun(native_context()->js_map_fun(), isolate());
5626  Handle<JSFunction> js_set_fun(native_context()->js_set_fun(), isolate());
5627  // Force the Map/Set constructor to fast properties, so that we can use the
5628  // fast paths for various things like
5629  //
5630  // x instanceof Map
5631  // x instanceof Set
5632  //
5633  // etc. We should probably come up with a more principled approach once
5634  // the JavaScript builtins are gone.
5635  JSObject::MigrateSlowToFast(js_map_fun, 0, "Bootstrapping");
5636  JSObject::MigrateSlowToFast(js_set_fun, 0, "Bootstrapping");
5637 
5638  native_context()->set_js_map_map(js_map_fun->initial_map());
5639  native_context()->set_js_set_map(js_set_fun->initial_map());
5640 
5641  return true;
5642 }
5643 
5644 
5645 bool Genesis::ConfigureApiObject(Handle<JSObject> object,
5646  Handle<ObjectTemplateInfo> object_template) {
5647  DCHECK(!object_template.is_null());
5648  DCHECK(FunctionTemplateInfo::cast(object_template->constructor())
5649  ->IsTemplateFor(object->map()));;
5650 
5651  MaybeHandle<JSObject> maybe_obj =
5652  ApiNatives::InstantiateObject(object->GetIsolate(), object_template);
5653  Handle<JSObject> obj;
5654  if (!maybe_obj.ToHandle(&obj)) {
5655  DCHECK(isolate()->has_pending_exception());
5656  isolate()->clear_pending_exception();
5657  return false;
5658  }
5659  TransferObject(obj, object);
5660  return true;
5661 }
5662 
5663 
5664 void Genesis::TransferNamedProperties(Handle<JSObject> from,
5665  Handle<JSObject> to) {
5666  // If JSObject::AddProperty asserts due to already existing property,
5667  // it is likely due to both global objects sharing property name(s).
5668  // Merging those two global objects is impossible.
5669  // The global template must not create properties that already exist
5670  // in the snapshotted global object.
5671  if (from->HasFastProperties()) {
5672  Handle<DescriptorArray> descs =
5673  Handle<DescriptorArray>(from->map()->instance_descriptors(), isolate());
5674  for (int i = 0; i < from->map()->NumberOfOwnDescriptors(); i++) {
5675  PropertyDetails details = descs->GetDetails(i);
5676  if (details.location() == kField) {
5677  if (details.kind() == kData) {
5678  HandleScope inner(isolate());
5679  Handle<Name> key = Handle<Name>(descs->GetKey(i), isolate());
5680  FieldIndex index = FieldIndex::ForDescriptor(from->map(), i);
5681  Handle<Object> value =
5682  JSObject::FastPropertyAt(from, details.representation(), index);
5683  JSObject::AddProperty(isolate(), to, key, value,
5684  details.attributes());
5685  } else {
5686  DCHECK_EQ(kAccessor, details.kind());
5687  UNREACHABLE();
5688  }
5689 
5690  } else {
5691  DCHECK_EQ(kDescriptor, details.location());
5692  if (details.kind() == kData) {
5693  DCHECK(!FLAG_track_constant_fields);
5694  HandleScope inner(isolate());
5695  Handle<Name> key = Handle<Name>(descs->GetKey(i), isolate());
5696  Handle<Object> value(descs->GetStrongValue(i), isolate());
5697  JSObject::AddProperty(isolate(), to, key, value,
5698  details.attributes());
5699  } else {
5700  DCHECK_EQ(kAccessor, details.kind());
5701  Handle<Name> key(descs->GetKey(i), isolate());
5702  LookupIterator it(isolate(), to, key,
5703  LookupIterator::OWN_SKIP_INTERCEPTOR);
5704  CHECK_NE(LookupIterator::ACCESS_CHECK, it.state());
5705  // If the property is already there we skip it
5706  if (it.IsFound()) continue;
5707  HandleScope inner(isolate());
5708  DCHECK(!to->HasFastProperties());
5709  // Add to dictionary.
5710  Handle<Object> value(descs->GetStrongValue(i), isolate());
5711  PropertyDetails d(kAccessor, details.attributes(),
5712  PropertyCellType::kMutable);
5713  JSObject::SetNormalizedProperty(to, key, value, d);
5714  }
5715  }
5716  }
5717  } else if (from->IsJSGlobalObject()) {
5718  // Copy all keys and values in enumeration order.
5719  Handle<GlobalDictionary> properties(
5720  JSGlobalObject::cast(*from)->global_dictionary(), isolate());
5721  Handle<FixedArray> indices =
5722  GlobalDictionary::IterationIndices(isolate(), properties);
5723  for (int i = 0; i < indices->length(); i++) {
5724  int index = Smi::ToInt(indices->get(i));
5725  // If the property is already there we skip it.
5726  Handle<PropertyCell> cell(properties->CellAt(index), isolate());
5727  Handle<Name> key(cell->name(), isolate());
5728  LookupIterator it(isolate(), to, key,
5729  LookupIterator::OWN_SKIP_INTERCEPTOR);
5730  CHECK_NE(LookupIterator::ACCESS_CHECK, it.state());
5731  if (it.IsFound()) continue;
5732  // Set the property.
5733  Handle<Object> value(cell->value(), isolate());
5734  if (value->IsTheHole(isolate())) continue;
5735  PropertyDetails details = cell->property_details();
5736  if (details.kind() != kData) continue;
5737  JSObject::AddProperty(isolate(), to, key, value, details.attributes());
5738  }
5739  } else {
5740  // Copy all keys and values in enumeration order.
5741  Handle<NameDictionary> properties =
5742  Handle<NameDictionary>(from->property_dictionary(), isolate());
5743  Handle<FixedArray> key_indices =
5744  NameDictionary::IterationIndices(isolate(), properties);
5745  ReadOnlyRoots roots(isolate());
5746  for (int i = 0; i < key_indices->length(); i++) {
5747  int key_index = Smi::ToInt(key_indices->get(i));
5748  Object* raw_key = properties->KeyAt(key_index);
5749  DCHECK(properties->IsKey(roots, raw_key));
5750  DCHECK(raw_key->IsName());
5751  // If the property is already there we skip it.
5752  Handle<Name> key(Name::cast(raw_key), isolate());
5753  LookupIterator it(isolate(), to, key,
5754  LookupIterator::OWN_SKIP_INTERCEPTOR);
5755  CHECK_NE(LookupIterator::ACCESS_CHECK, it.state());
5756  if (it.IsFound()) continue;
5757  // Set the property.
5758  Handle<Object> value =
5759  Handle<Object>(properties->ValueAt(key_index), isolate());
5760  DCHECK(!value->IsCell());
5761  DCHECK(!value->IsTheHole(isolate()));
5762  PropertyDetails details = properties->DetailsAt(key_index);
5763  DCHECK_EQ(kData, details.kind());
5764  JSObject::AddProperty(isolate(), to, key, value, details.attributes());
5765  }
5766  }
5767 }
5768 
5769 
5770 void Genesis::TransferIndexedProperties(Handle<JSObject> from,
5771  Handle<JSObject> to) {
5772  // Cloning the elements array is sufficient.
5773  Handle<FixedArray> from_elements =
5774  Handle<FixedArray>(FixedArray::cast(from->elements()), isolate());
5775  Handle<FixedArray> to_elements = factory()->CopyFixedArray(from_elements);
5776  to->set_elements(*to_elements);
5777 }
5778 
5779 
5780 void Genesis::TransferObject(Handle<JSObject> from, Handle<JSObject> to) {
5781  HandleScope outer(isolate());
5782 
5783  DCHECK(!from->IsJSArray());
5784  DCHECK(!to->IsJSArray());
5785 
5786  TransferNamedProperties(from, to);
5787  TransferIndexedProperties(from, to);
5788 
5789  // Transfer the prototype (new map is needed).
5790  Handle<Object> proto(from->map()->prototype(), isolate());
5791  JSObject::ForceSetPrototype(to, proto);
5792 }
5793 
5794 
5795 Genesis::Genesis(
5796  Isolate* isolate, MaybeHandle<JSGlobalProxy> maybe_global_proxy,
5797  v8::Local<v8::ObjectTemplate> global_proxy_template,
5798  size_t context_snapshot_index,
5799  v8::DeserializeEmbedderFieldsCallback embedder_fields_deserializer,
5800  GlobalContextType context_type)
5801  : isolate_(isolate), active_(isolate->bootstrapper()) {
5802  result_ = Handle<Context>::null();
5803  global_proxy_ = Handle<JSGlobalProxy>::null();
5804 
5805  // Before creating the roots we must save the context and restore it
5806  // on all function exits.
5807  SaveContext saved_context(isolate);
5808 
5809  // The deserializer needs to hook up references to the global proxy.
5810  // Create an uninitialized global proxy now if we don't have one
5811  // and initialize it later in CreateNewGlobals.
5812  Handle<JSGlobalProxy> global_proxy;
5813  if (!maybe_global_proxy.ToHandle(&global_proxy)) {
5814  int instance_size = 0;
5815  if (context_snapshot_index > 0) {
5816  // The global proxy function to reinitialize this global proxy is in the
5817  // context that is yet to be deserialized. We need to prepare a global
5818  // proxy of the correct size.
5819  Object* size = isolate->heap()->serialized_global_proxy_sizes()->get(
5820  static_cast<int>(context_snapshot_index) - 1);
5821  instance_size = Smi::ToInt(size);
5822  } else {
5823  instance_size = JSGlobalProxy::SizeWithEmbedderFields(
5824  global_proxy_template.IsEmpty()
5825  ? 0
5826  : global_proxy_template->InternalFieldCount());
5827  }
5828  global_proxy =
5829  isolate->factory()->NewUninitializedJSGlobalProxy(instance_size);
5830  }
5831 
5832  // We can only de-serialize a context if the isolate was initialized from
5833  // a snapshot. Otherwise we have to build the context from scratch.
5834  // Also create a context from scratch to expose natives, if required by flag.
5835  DCHECK(native_context_.is_null());
5836  if (isolate->initialized_from_snapshot()) {
5837  Handle<Context> context;
5838  if (Snapshot::NewContextFromSnapshot(isolate, global_proxy,
5839  context_snapshot_index,
5840  embedder_fields_deserializer)
5841  .ToHandle(&context)) {
5842  native_context_ = Handle<NativeContext>::cast(context);
5843  }
5844  }
5845 
5846  if (!native_context().is_null()) {
5847  AddToWeakNativeContextList(isolate, *native_context());
5848  isolate->set_context(*native_context());
5849  isolate->counters()->contexts_created_by_snapshot()->Increment();
5850 
5851  if (context_snapshot_index == 0) {
5852  Handle<JSGlobalObject> global_object =
5853  CreateNewGlobals(global_proxy_template, global_proxy);
5854  HookUpGlobalObject(global_object);
5855 
5856  if (!ConfigureGlobalObjects(global_proxy_template)) return;
5857  } else {
5858  // The global proxy needs to be integrated into the native context.
5859  HookUpGlobalProxy(global_proxy);
5860  }
5861  DCHECK(!global_proxy->IsDetachedFrom(native_context()->global_object()));
5862  } else {
5863  base::ElapsedTimer timer;
5864  if (FLAG_profile_deserialization) timer.Start();
5865  DCHECK_EQ(0u, context_snapshot_index);
5866  // We get here if there was no context snapshot.
5867  CreateRoots();
5868  MathRandom::InitializeContext(isolate, native_context());
5869  Handle<JSFunction> empty_function = CreateEmptyFunction();
5870  CreateSloppyModeFunctionMaps(empty_function);
5871  CreateStrictModeFunctionMaps(empty_function);
5872  CreateObjectFunction(empty_function);
5873  CreateIteratorMaps(empty_function);
5874  CreateAsyncIteratorMaps(empty_function);
5875  CreateAsyncFunctionMaps(empty_function);
5876  Handle<JSGlobalObject> global_object =
5877  CreateNewGlobals(global_proxy_template, global_proxy);
5878  InitializeGlobal(global_object, empty_function, context_type);
5879  InitializeNormalizedMapCaches();
5880 
5881  if (!InstallNatives(context_type)) return;
5882  if (!InstallExtraNatives()) return;
5883  if (!ConfigureGlobalObjects(global_proxy_template)) return;
5884 
5885  isolate->counters()->contexts_created_from_scratch()->Increment();
5886 
5887  if (FLAG_profile_deserialization) {
5888  double ms = timer.Elapsed().InMillisecondsF();
5889  i::PrintF("[Initializing context from scratch took %0.3f ms]\n", ms);
5890  }
5891  }
5892 
5893  native_context()->set_microtask_queue(isolate->default_microtask_queue());
5894 
5895  // Install experimental natives. Do not include them into the
5896  // snapshot as we should be able to turn them off at runtime. Re-installing
5897  // them after they have already been deserialized would also fail.
5898  if (context_type == FULL_CONTEXT) {
5899  if (!isolate->serializer_enabled()) {
5900  InitializeExperimentalGlobal();
5901 
5902  if (FLAG_experimental_extras) {
5903  if (!InstallExperimentalExtraNatives()) return;
5904  }
5905 
5906  // Store String.prototype's map again in case it has been changed by
5907  // experimental natives.
5908  Handle<JSFunction> string_function(native_context()->string_function(),
5909  isolate);
5910  JSObject* string_function_prototype =
5911  JSObject::cast(string_function->initial_map()->prototype());
5912  DCHECK(string_function_prototype->HasFastProperties());
5913  native_context()->set_string_function_prototype_map(
5914  string_function_prototype->map());
5915  }
5916  } else if (context_type == DEBUG_CONTEXT) {
5917  DCHECK(!isolate->serializer_enabled());
5918  InitializeExperimentalGlobal();
5919  if (!InstallDebuggerNatives()) return;
5920  }
5921 
5922  if (FLAG_disallow_code_generation_from_strings) {
5923  native_context()->set_allow_code_gen_from_strings(
5924  ReadOnlyRoots(isolate).false_value());
5925  }
5926 
5927  ConfigureUtilsObject(context_type);
5928 
5929  // We created new functions, which may require debug instrumentation.
5930  if (isolate->debug()->is_active()) {
5931  isolate->debug()->InstallDebugBreakTrampoline();
5932  }
5933 
5934  native_context()->ResetErrorsThrown();
5935  result_ = native_context();
5936 }
5937 
5938 Genesis::Genesis(Isolate* isolate,
5939  MaybeHandle<JSGlobalProxy> maybe_global_proxy,
5940  v8::Local<v8::ObjectTemplate> global_proxy_template)
5941  : isolate_(isolate), active_(isolate->bootstrapper()) {
5942  result_ = Handle<Context>::null();
5943  global_proxy_ = Handle<JSGlobalProxy>::null();
5944 
5945  // Before creating the roots we must save the context and restore it
5946  // on all function exits.
5947  SaveContext saved_context(isolate);
5948 
5949  const int proxy_size = JSGlobalProxy::SizeWithEmbedderFields(
5950  global_proxy_template->InternalFieldCount());
5951 
5952  Handle<JSGlobalProxy> global_proxy;
5953  if (!maybe_global_proxy.ToHandle(&global_proxy)) {
5954  global_proxy = factory()->NewUninitializedJSGlobalProxy(proxy_size);
5955  }
5956 
5957  // Create a remote object as the global object.
5958  Handle<ObjectTemplateInfo> global_proxy_data =
5959  Utils::OpenHandle(*global_proxy_template);
5960  Handle<FunctionTemplateInfo> global_constructor(
5961  FunctionTemplateInfo::cast(global_proxy_data->constructor()), isolate);
5962 
5963  Handle<ObjectTemplateInfo> global_object_template(
5964  ObjectTemplateInfo::cast(global_constructor->GetPrototypeTemplate()),
5965  isolate);
5966  Handle<JSObject> global_object =
5967  ApiNatives::InstantiateRemoteObject(
5968  global_object_template).ToHandleChecked();
5969 
5970  // (Re)initialize the global proxy object.
5971  DCHECK_EQ(global_proxy_data->embedder_field_count(),
5972  global_proxy_template->InternalFieldCount());
5973  Handle<Map> global_proxy_map = isolate->factory()->NewMap(
5974  JS_GLOBAL_PROXY_TYPE, proxy_size, TERMINAL_FAST_ELEMENTS_KIND);
5975  global_proxy_map->set_is_access_check_needed(true);
5976  global_proxy_map->set_has_hidden_prototype(true);
5977  global_proxy_map->set_may_have_interesting_symbols(true);
5978 
5979  // A remote global proxy has no native context.
5980  global_proxy->set_native_context(ReadOnlyRoots(heap()).null_value());
5981 
5982  // Configure the hidden prototype chain of the global proxy.
5983  JSObject::ForceSetPrototype(global_proxy, global_object);
5984  global_proxy->map()->SetConstructor(*global_constructor);
5985  // TODO(dcheng): This is a hack. Why does this need to be manually called
5986  // here? Line 4812 should have taken care of it?
5987  global_proxy->map()->set_has_hidden_prototype(true);
5988 
5989  global_proxy_ = global_proxy;
5990 }
5991 
5992 // Support for thread preemption.
5993 
5994 // Reserve space for statics needing saving and restoring.
5995 int Bootstrapper::ArchiveSpacePerThread() {
5996  return sizeof(NestingCounterType);
5997 }
5998 
5999 
6000 // Archive statics that are thread-local.
6001 char* Bootstrapper::ArchiveState(char* to) {
6002  *reinterpret_cast<NestingCounterType*>(to) = nesting_;
6003  nesting_ = 0;
6004  return to + sizeof(NestingCounterType);
6005 }
6006 
6007 
6008 // Restore statics that are thread-local.
6009 char* Bootstrapper::RestoreState(char* from) {
6010  nesting_ = *reinterpret_cast<NestingCounterType*>(from);
6011  return from + sizeof(NestingCounterType);
6012 }
6013 
6014 
6015 // Called when the top-level V8 mutex is destroyed.
6016 void Bootstrapper::FreeThreadResources() {
6017  DCHECK(!IsActive());
6018 }
6019 
6020 } // namespace internal
6021 } // namespace v8
v8::Local::IsEmpty
V8_INLINE bool IsEmpty() const
Definition: v8.h:195
v8::Local
Definition: v8.h:85
v8
Definition: libplatform.h:13
v8::ObjectTemplate::InternalFieldCount
int InternalFieldCount()
Definition: api.cc:1969
uint32_t