1 // Copyright 2014 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef V8_HEAP_FACTORY_H_
6 #define V8_HEAP_FACTORY_H_
7 
8 // Clients of this interface shouldn't depend on lots of heap internals.
9 // Do not include anything from src/heap here!
10 #include "src/builtins/builtins.h"
11 #include "src/globals.h"
12 #include "src/handles.h"
13 #include "src/heap/heap.h"
14 #include "src/maybe-handles.h"
15 #include "src/messages.h"
16 #include "src/objects/code.h"
17 #include "src/objects/dictionary.h"
18 #include "src/objects/hash-table.h"
19 #include "src/objects/js-array-buffer.h"
20 #include "src/objects/js-array.h"
21 #include "src/objects/js-regexp.h"
22 #include "src/objects/ordered-hash-table.h"
23 #include "src/objects/string.h"
24 
25 namespace v8 {
26 namespace internal {
27 
28 // Forward declarations.
29 class AliasedArgumentsEntry;
30 class ObjectBoilerplateDescription;
31 class BreakPoint;
32 class BreakPointInfo;
33 class CallableTask;
34 class CallbackTask;
35 class CallHandlerInfo;
36 class Expression;
37 class ArrayBoilerplateDescription;
38 class CoverageInfo;
39 class DebugInfo;
40 class EnumCache;
41 class FreshlyAllocatedBigInt;
42 class Isolate;
43 class JSGeneratorObject;
44 class JSMap;
45 class JSMapIterator;
46 class JSModuleNamespace;
47 class JSProxy;
48 class JSSet;
49 class JSSetIterator;
50 class JSWeakMap;
51 class LoadHandler;
52 class ModuleInfo;
53 class NativeContext;
54 class NewFunctionArgs;
55 class PreParsedScopeData;
56 class PromiseResolveThenableJobTask;
57 class RegExpMatchInfo;
58 class ScriptContextTable;
59 class StoreHandler;
60 class TemplateObjectDescription;
61 class UncompiledDataWithoutPreParsedScope;
62 class UncompiledDataWithPreParsedScope;
63 class WasmExportedFunctionData;
64 struct SourceRange;
65 template <typename T>
66 class ZoneVector;
67 
68 enum FunctionMode {
69   kWithNameBit = 1 << 0,
70   kWithHomeObjectBit = 1 << 1,
71   kWithWritablePrototypeBit = 1 << 2,
72   kWithReadonlyPrototypeBit = 1 << 3,
73   kWithPrototypeBits = kWithWritablePrototypeBit | kWithReadonlyPrototypeBit,
74 
75   // Without prototype.
76   FUNCTION_WITHOUT_PROTOTYPE = 0,
77   METHOD_WITH_NAME = kWithNameBit,
78   METHOD_WITH_HOME_OBJECT = kWithHomeObjectBit,
79   METHOD_WITH_NAME_AND_HOME_OBJECT = kWithNameBit | kWithHomeObjectBit,
80 
81   // With writable prototype.
82   FUNCTION_WITH_WRITEABLE_PROTOTYPE = kWithWritablePrototypeBit,
83   FUNCTION_WITH_NAME_AND_WRITEABLE_PROTOTYPE =
84       kWithWritablePrototypeBit | kWithNameBit,
85   FUNCTION_WITH_HOME_OBJECT_AND_WRITEABLE_PROTOTYPE =
86       kWithWritablePrototypeBit | kWithHomeObjectBit,
87   FUNCTION_WITH_NAME_AND_HOME_OBJECT_AND_WRITEABLE_PROTOTYPE =
88       kWithWritablePrototypeBit | kWithNameBit | kWithHomeObjectBit,
89 
90   // With readonly prototype.
91   FUNCTION_WITH_READONLY_PROTOTYPE = kWithReadonlyPrototypeBit,
92   FUNCTION_WITH_NAME_AND_READONLY_PROTOTYPE =
93       kWithReadonlyPrototypeBit | kWithNameBit,
94 };
95 
96 // Interface for handle based allocation.
97 class V8_EXPORT_PRIVATE Factory {
98  public:
99   Handle<Oddball> NewOddball(Handle<Map> map, const char* to_string,
100                              Handle<Object> to_number, const char* type_of,
101                              byte kind,
102                              PretenureFlag pretenure = TENURED_READ_ONLY);
103 
104   // Marks self references within code generation.
105   Handle<Oddball> NewSelfReferenceMarker(PretenureFlag pretenure = TENURED);
106 
107   // Allocates a fixed array-like object with given map and initialized with
108   // undefined values.
109   template <typename T = FixedArray>
110   Handle<T> NewFixedArrayWithMap(Heap::RootListIndex map_root_index, int length,
111                                  PretenureFlag pretenure = NOT_TENURED);
112 
113   // Allocates a weak fixed array-like object with given map and initialized
114   // with undefined values.
115   template <typename T = WeakFixedArray>
116   Handle<T> NewWeakFixedArrayWithMap(Heap::RootListIndex map_root_index,
117                                      int length,
118                                      PretenureFlag pretenure = NOT_TENURED);
119 
120   // Allocates a fixed array initialized with undefined values.
121   Handle<FixedArray> NewFixedArray(int length,
122                                    PretenureFlag pretenure = NOT_TENURED);
123 
124   // Allocates a fixed array which may contain in-place weak references. The
125   // array is initialized with undefined values
126   Handle<WeakFixedArray> NewWeakFixedArray(
127       int length, PretenureFlag pretenure = NOT_TENURED);
128 
129   // Allocates a property array initialized with undefined values.
130   Handle<PropertyArray> NewPropertyArray(int length,
131                                          PretenureFlag pretenure = NOT_TENURED);
132   // Tries allocating a fixed array initialized with undefined values.
133   // In case of an allocation failure (OOM) an empty handle is returned.
134   // The caller has to manually signal an
135   // v8::internal::Heap::FatalProcessOutOfMemory typically by calling
136   // NewFixedArray as a fallback.
137   V8_WARN_UNUSED_RESULT
138   MaybeHandle<FixedArray> TryNewFixedArray(
139       int length, PretenureFlag pretenure = NOT_TENURED);
140 
141   // Allocate a new fixed array with non-existing entries (the hole).
142   Handle<FixedArray> NewFixedArrayWithHoles(
143       int length, PretenureFlag pretenure = NOT_TENURED);
144 
145   // Allocates an uninitialized fixed array. It must be filled by the caller.
146   Handle<FixedArray> NewUninitializedFixedArray(
147       int length, PretenureFlag pretenure = NOT_TENURED);
148 
149   // Allocates a feedback vector whose slots are initialized with undefined
150   // values.
151   Handle<FeedbackVector> NewFeedbackVector(
152       Handle<SharedFunctionInfo> shared, PretenureFlag pretenure = NOT_TENURED);
153 
154   // Allocates a fixed array for name-value pairs of boilerplate properties and
155   // calculates the number of properties we need to store in the backing store.
156   Handle<ObjectBoilerplateDescription> NewObjectBoilerplateDescription(
157       int boilerplate, int all_properties, int index_keys, bool has_seen_proto);
158 
159   // Allocate a new uninitialized fixed double array.
160   // The function returns a pre-allocated empty fixed array for length = 0,
161   // so the return type must be the general fixed array class.
162   Handle<FixedArrayBase> NewFixedDoubleArray(
163       int length, PretenureFlag pretenure = NOT_TENURED);
164 
165   // Allocate a new fixed double array with hole values.
166   Handle<FixedArrayBase> NewFixedDoubleArrayWithHoles(
167       int size, PretenureFlag pretenure = NOT_TENURED);
168 
169   // Allocates a FeedbackMedata object and zeroes the data section.
170   Handle<FeedbackMetadata> NewFeedbackMetadata(int slot_count,
171                                                PretenureFlag tenure = TENURED);
172 
173   Handle<FrameArray> NewFrameArray(int number_of_frames,
174                                    PretenureFlag pretenure = NOT_TENURED);
175 
176   Handle<OrderedHashSet> NewOrderedHashSet();
177   Handle<OrderedHashMap> NewOrderedHashMap();
178 
179   Handle<SmallOrderedHashSet> NewSmallOrderedHashSet(
180       int capacity = SmallOrderedHashSet::kMinCapacity,
181       PretenureFlag pretenure = NOT_TENURED);
182   Handle<SmallOrderedHashMap> NewSmallOrderedHashMap(
183       int capacity = SmallOrderedHashMap::kMinCapacity,
184       PretenureFlag pretenure = NOT_TENURED);
185 
186   // Create a new PrototypeInfo struct.
187   Handle<PrototypeInfo> NewPrototypeInfo();
188 
189   // Create a new EnumCache struct.
190   Handle<EnumCache> NewEnumCache(Handle<FixedArray> keys,
191                                  Handle<FixedArray> indices);
192 
193   // Create a new Tuple2 struct.
194   Handle<Tuple2> NewTuple2(Handle<Object> value1, Handle<Object> value2,
195                            PretenureFlag pretenure);
196 
197   // Create a new Tuple3 struct.
198   Handle<Tuple3> NewTuple3(Handle<Object> value1, Handle<Object> value2,
199                            Handle<Object> value3, PretenureFlag pretenure);
200 
201   // Create a new ArrayBoilerplateDescription struct.
202   Handle<ArrayBoilerplateDescription> NewArrayBoilerplateDescription(
203       ElementsKind elements_kind, Handle<FixedArrayBase> constant_values);
204 
205   // Create a new TemplateObjectDescription struct.
206   Handle<TemplateObjectDescription> NewTemplateObjectDescription(
207       Handle<FixedArray> raw_strings, Handle<FixedArray> cooked_strings);
208 
209   // Create a pre-tenured empty AccessorPair.
210   Handle<AccessorPair> NewAccessorPair();
211 
212   // Finds the internalized copy for string in the string table.
213   // If not found, a new string is added to the table and returned.
214   Handle<String> InternalizeUtf8String(Vector<const char> str);
InternalizeUtf8String(const char * str)215   Handle<String> InternalizeUtf8String(const char* str) {
216     return InternalizeUtf8String(CStrVector(str));
217   }
218 
219   Handle<String> InternalizeOneByteString(Vector<const uint8_t> str);
220   Handle<String> InternalizeOneByteString(Handle<SeqOneByteString>, int from,
221                                           int length);
222 
223   Handle<String> InternalizeTwoByteString(Vector<const uc16> str);
224 
225   template <class StringTableKey>
226   Handle<String> InternalizeStringWithKey(StringTableKey* key);
227 
228   // Internalized strings are created in the old generation (data space).
229   inline Handle<String> InternalizeString(Handle<String> string);
230 
231   inline Handle<Name> InternalizeName(Handle<Name> name);
232 
233   // String creation functions.  Most of the string creation functions take
234   // a Heap::PretenureFlag argument to optionally request that they be
235   // allocated in the old generation.  The pretenure flag defaults to
236   // DONT_TENURE.
237   //
238   // Creates a new String object.  There are two String encodings: one-byte and
239   // two-byte.  One should choose between the three string factory functions
240   // based on the encoding of the string buffer that the string is
241   // initialized from.
242   //   - ...FromOneByte initializes the string from a buffer that is Latin1
243   //     encoded (it does not check that the buffer is Latin1 encoded) and
244   //     the result will be Latin1 encoded.
245   //   - ...FromUtf8 initializes the string from a buffer that is UTF-8
246   //     encoded.  If the characters are all ASCII characters, the result
247   //     will be Latin1 encoded, otherwise it will converted to two-byte.
248   //   - ...FromTwoByte initializes the string from a buffer that is two-byte
249   //     encoded.  If the characters are all Latin1 characters, the result
250   //     will be converted to Latin1, otherwise it will be left as two-byte.
251   //
252   // One-byte strings are pretenured when used as keys in the SourceCodeCache.
253   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewStringFromOneByte(
254       Vector<const uint8_t> str, PretenureFlag pretenure = NOT_TENURED);
255 
256   template <size_t N>
257   inline Handle<String> NewStringFromStaticChars(
258       const char (&str)[N], PretenureFlag pretenure = NOT_TENURED) {
259     DCHECK(N == StrLength(str) + 1);
260     return NewStringFromOneByte(STATIC_CHAR_VECTOR(str), pretenure)
261         .ToHandleChecked();
262   }
263 
264   inline Handle<String> NewStringFromAsciiChecked(
265       const char* str, PretenureFlag pretenure = NOT_TENURED) {
266     return NewStringFromOneByte(OneByteVector(str), pretenure)
267         .ToHandleChecked();
268   }
269 
270   // UTF8 strings are pretenured when used for regexp literal patterns and
271   // flags in the parser.
272   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewStringFromUtf8(
273       Vector<const char> str, PretenureFlag pretenure = NOT_TENURED);
274 
275   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewStringFromUtf8SubString(
276       Handle<SeqOneByteString> str, int begin, int end,
277       PretenureFlag pretenure = NOT_TENURED);
278 
279   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewStringFromTwoByte(
280       Vector<const uc16> str, PretenureFlag pretenure = NOT_TENURED);
281 
282   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewStringFromTwoByte(
283       const ZoneVector<uc16>* str, PretenureFlag pretenure = NOT_TENURED);
284 
285   Handle<JSStringIterator> NewJSStringIterator(Handle<String> string);
286 
287   // Allocates an internalized string in old space based on the character
288   // stream.
289   Handle<String> NewInternalizedStringFromUtf8(Vector<const char> str,
290                                                int chars, uint32_t hash_field);
291 
292   Handle<String> NewOneByteInternalizedString(Vector<const uint8_t> str,
293                                               uint32_t hash_field);
294 
295   Handle<String> NewOneByteInternalizedSubString(
296       Handle<SeqOneByteString> string, int offset, int length,
297       uint32_t hash_field);
298 
299   Handle<String> NewTwoByteInternalizedString(Vector<const uc16> str,
300                                               uint32_t hash_field);
301 
302   Handle<String> NewInternalizedStringImpl(Handle<String> string, int chars,
303                                            uint32_t hash_field);
304 
305   // Compute the matching internalized string map for a string if possible.
306   // Empty handle is returned if string is in new space or not flattened.
307   V8_WARN_UNUSED_RESULT MaybeHandle<Map> InternalizedStringMapForString(
308       Handle<String> string);
309 
310   // Creates an internalized copy of an external string. |string| must be
311   // of type StringClass.
312   template <class StringClass>
313   Handle<StringClass> InternalizeExternalString(Handle<String> string);
314 
315   // Allocates and partially initializes an one-byte or two-byte String. The
316   // characters of the string are uninitialized. Currently used in regexp code
317   // only, where they are pretenured.
318   V8_WARN_UNUSED_RESULT MaybeHandle<SeqOneByteString> NewRawOneByteString(
319       int length, PretenureFlag pretenure = NOT_TENURED);
320   V8_WARN_UNUSED_RESULT MaybeHandle<SeqTwoByteString> NewRawTwoByteString(
321       int length, PretenureFlag pretenure = NOT_TENURED);
322 
323   // Creates a single character string where the character has given code.
324   // A cache is used for Latin1 codes.
325   Handle<String> LookupSingleCharacterStringFromCode(uint32_t code);
326 
327   // Create a new cons string object which consists of a pair of strings.
328   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewConsString(Handle<String> left,
329                                                           Handle<String> right);
330 
331   V8_WARN_UNUSED_RESULT Handle<String> NewConsString(Handle<String> left,
332                                                      Handle<String> right,
333                                                      int length, bool one_byte);
334 
335   // Create or lookup a single characters tring made up of a utf16 surrogate
336   // pair.
337   Handle<String> NewSurrogatePairString(uint16_t lead, uint16_t trail);
338 
339   // Create a new string object which holds a proper substring of a string.
340   Handle<String> NewProperSubString(Handle<String> str, int begin, int end);
341 
342   // Create a new string object which holds a substring of a string.
343   inline Handle<String> NewSubString(Handle<String> str, int begin, int end);
344 
345   // Creates a new external String object.  There are two String encodings
346   // in the system: one-byte and two-byte.  Unlike other String types, it does
347   // not make sense to have a UTF-8 factory function for external strings,
348   // because we cannot change the underlying buffer.  Note that these strings
349   // are backed by a string resource that resides outside the V8 heap.
350   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewExternalStringFromOneByte(
351       const ExternalOneByteString::Resource* resource);
352   V8_WARN_UNUSED_RESULT MaybeHandle<String> NewExternalStringFromTwoByte(
353       const ExternalTwoByteString::Resource* resource);
354   // Create a new external string object for one-byte encoded native script.
355   // It does not cache the resource data pointer.
356   Handle<ExternalOneByteString> NewNativeSourceString(
357       const ExternalOneByteString::Resource* resource);
358 
359   // Create a symbol in old or read-only space.
360   Handle<Symbol> NewSymbol(PretenureFlag pretenure = TENURED);
361   Handle<Symbol> NewPrivateSymbol(PretenureFlag pretenure = TENURED);
362   Handle<Symbol> NewPrivateFieldSymbol();
363 
364   // Create a global (but otherwise uninitialized) context.
365   Handle<NativeContext> NewNativeContext();
366 
367   // Create a script context.
368   Handle<Context> NewScriptContext(Handle<NativeContext> outer,
369                                    Handle<ScopeInfo> scope_info);
370 
371   // Create an empty script context table.
372   Handle<ScriptContextTable> NewScriptContextTable();
373 
374   // Create a module context.
375   Handle<Context> NewModuleContext(Handle<Module> module,
376                                    Handle<NativeContext> outer,
377                                    Handle<ScopeInfo> scope_info);
378 
379   // Create a function or eval context.
380   Handle<Context> NewFunctionContext(Handle<Context> outer,
381                                      Handle<ScopeInfo> scope_info);
382 
383   // Create a catch context.
384   Handle<Context> NewCatchContext(Handle<Context> previous,
385                                   Handle<ScopeInfo> scope_info,
386                                   Handle<Object> thrown_object);
387 
388   // Create a 'with' context.
389   Handle<Context> NewWithContext(Handle<Context> previous,
390                                  Handle<ScopeInfo> scope_info,
391                                  Handle<JSReceiver> extension);
392 
393   Handle<Context> NewDebugEvaluateContext(Handle<Context> previous,
394                                           Handle<ScopeInfo> scope_info,
395                                           Handle<JSReceiver> extension,
396                                           Handle<Context> wrapped,
397                                           Handle<StringSet> whitelist);
398 
399   // Create a block context.
400   Handle<Context> NewBlockContext(Handle<Context> previous,
401                                   Handle<ScopeInfo> scope_info);
402 
403   // Create a context that's used by builtin functions.
404   //
405   // These are similar to function context but don't have a previous
406   // context or any scope info. These are used to store spec defined
407   // context values.
408   Handle<Context> NewBuiltinContext(Handle<NativeContext> native_context,
409                                     int length);
410 
411   Handle<Struct> NewStruct(InstanceType type,
412                            PretenureFlag pretenure = NOT_TENURED);
413 
414   Handle<AliasedArgumentsEntry> NewAliasedArgumentsEntry(
415       int aliased_context_slot);
416 
417   Handle<AccessorInfo> NewAccessorInfo();
418 
419   Handle<Script> NewScript(Handle<String> source,
420                            PretenureFlag tenure = TENURED);
421   Handle<Script> NewScriptWithId(Handle<String> source, int script_id,
422                                  PretenureFlag tenure = TENURED);
423   Handle<Script> CloneScript(Handle<Script> script);
424 
425   Handle<BreakPointInfo> NewBreakPointInfo(int source_position);
426   Handle<BreakPoint> NewBreakPoint(int id, Handle<String> condition);
427   Handle<StackFrameInfo> NewStackFrameInfo();
428   Handle<SourcePositionTableWithFrameCache>
429   NewSourcePositionTableWithFrameCache(
430       Handle<ByteArray> source_position_table,
431       Handle<SimpleNumberDictionary> stack_frame_cache);
432 
433   // Allocate various microtasks.
434   Handle<CallableTask> NewCallableTask(Handle<JSReceiver> callable,
435                                        Handle<Context> context);
436   Handle<CallbackTask> NewCallbackTask(Handle<Foreign> callback,
437                                        Handle<Foreign> data);
438   Handle<PromiseResolveThenableJobTask> NewPromiseResolveThenableJobTask(
439       Handle<JSPromise> promise_to_resolve, Handle<JSReceiver> then,
440       Handle<JSReceiver> thenable, Handle<Context> context);
441 
442   // Foreign objects are pretenured when allocated by the bootstrapper.
443   Handle<Foreign> NewForeign(Address addr,
444                              PretenureFlag pretenure = NOT_TENURED);
445 
446   Handle<ByteArray> NewByteArray(int length,
447                                  PretenureFlag pretenure = NOT_TENURED);
448 
449   Handle<BytecodeArray> NewBytecodeArray(int length, const byte* raw_bytecodes,
450                                          int frame_size, int parameter_count,
451                                          Handle<FixedArray> constant_pool);
452 
453   Handle<FixedTypedArrayBase> NewFixedTypedArrayWithExternalPointer(
454       int length, ExternalArrayType array_type, void* external_pointer,
455       PretenureFlag pretenure = NOT_TENURED);
456 
457   Handle<FixedTypedArrayBase> NewFixedTypedArray(
458       size_t length, size_t byte_length, ExternalArrayType array_type,
459       bool initialize, PretenureFlag pretenure = NOT_TENURED);
460 
461   Handle<Cell> NewCell(Handle<Object> value);
462 
463   Handle<PropertyCell> NewPropertyCell(Handle<Name> name,
464                                        PretenureFlag pretenure = TENURED);
465 
466   Handle<FeedbackCell> NewNoClosuresCell(Handle<HeapObject> value);
467   Handle<FeedbackCell> NewOneClosureCell(Handle<HeapObject> value);
468   Handle<FeedbackCell> NewManyClosuresCell(Handle<HeapObject> value);
469 
470   Handle<TransitionArray> NewTransitionArray(int number_of_transitions,
471                                              int slack = 0);
472 
473   // Allocate a tenured AllocationSite. Its payload is null.
474   Handle<AllocationSite> NewAllocationSite(bool with_weak_next);
475 
476   // Allocates and initializes a new Map.
477   Handle<Map> NewMap(InstanceType type, int instance_size,
478                      ElementsKind elements_kind = TERMINAL_FAST_ELEMENTS_KIND,
479                      int inobject_properties = 0);
480   // Initializes the fields of a newly created Map. Exposed for tests and
481   // heap setup; other code should just call NewMap which takes care of it.
482   Map* InitializeMap(Map* map, InstanceType type, int instance_size,
483                      ElementsKind elements_kind, int inobject_properties);
484 
485   // Allocate a block of memory in the given space (filled with a filler).
486   // Used as a fall-back for generated code when the space is full.
487   Handle<HeapObject> NewFillerObject(int size, bool double_align,
488                                      AllocationSpace space);
489 
490   Handle<JSObject> NewFunctionPrototype(Handle<JSFunction> function);
491 
492   // Returns a deep copy of the JavaScript object.
493   // Properties and elements are copied too.
494   Handle<JSObject> CopyJSObject(Handle<JSObject> object);
495   // Same as above, but also takes an AllocationSite to be appended in an
496   // AllocationMemento.
497   Handle<JSObject> CopyJSObjectWithAllocationSite(Handle<JSObject> object,
498                                                   Handle<AllocationSite> site);
499 
500   Handle<FixedArray> CopyFixedArrayWithMap(Handle<FixedArray> array,
501                                            Handle<Map> map);
502 
503   Handle<FixedArray> CopyFixedArrayAndGrow(
504       Handle<FixedArray> array, int grow_by,
505       PretenureFlag pretenure = NOT_TENURED);
506 
507   Handle<WeakFixedArray> CopyWeakFixedArrayAndGrow(
508       Handle<WeakFixedArray> array, int grow_by,
509       PretenureFlag pretenure = NOT_TENURED);
510 
511   Handle<WeakArrayList> CopyWeakArrayListAndGrow(
512       Handle<WeakArrayList> array, int grow_by,
513       PretenureFlag pretenure = NOT_TENURED);
514 
515   Handle<PropertyArray> CopyPropertyArrayAndGrow(
516       Handle<PropertyArray> array, int grow_by,
517       PretenureFlag pretenure = NOT_TENURED);
518 
519   Handle<FixedArray> CopyFixedArrayUpTo(Handle<FixedArray> array, int new_len,
520                                         PretenureFlag pretenure = NOT_TENURED);
521 
522   Handle<FixedArray> CopyFixedArray(Handle<FixedArray> array);
523 
524   // This method expects a COW array in new space, and creates a copy
525   // of it in old space.
526   Handle<FixedArray> CopyAndTenureFixedCOWArray(Handle<FixedArray> array);
527 
528   Handle<FixedDoubleArray> CopyFixedDoubleArray(Handle<FixedDoubleArray> array);
529 
530   Handle<FeedbackVector> CopyFeedbackVector(Handle<FeedbackVector> array);
531 
532   // Numbers (e.g. literals) are pretenured by the parser.
533   // The return value may be a smi or a heap number.
534   Handle<Object> NewNumber(double value, PretenureFlag pretenure = NOT_TENURED);
535 
536   Handle<Object> NewNumberFromInt(int32_t value,
537                                   PretenureFlag pretenure = NOT_TENURED);
538   Handle<Object> NewNumberFromUint(uint32_t value,
539                                    PretenureFlag pretenure = NOT_TENURED);
540   inline Handle<Object> NewNumberFromSize(
541       size_t value, PretenureFlag pretenure = NOT_TENURED);
542   inline Handle<Object> NewNumberFromInt64(
543       int64_t value, PretenureFlag pretenure = NOT_TENURED);
544   inline Handle<HeapNumber> NewHeapNumber(
545       double value, PretenureFlag pretenure = NOT_TENURED);
546   inline Handle<HeapNumber> NewHeapNumberFromBits(
547       uint64_t bits, PretenureFlag pretenure = NOT_TENURED);
548 
549   // Creates heap number object with not yet set value field.
550   Handle<HeapNumber> NewHeapNumber(PretenureFlag pretenure = NOT_TENURED);
551 
552   Handle<MutableHeapNumber> NewMutableHeapNumber(
553       PretenureFlag pretenure = NOT_TENURED);
554   inline Handle<MutableHeapNumber> NewMutableHeapNumber(
555       double value, PretenureFlag pretenure = NOT_TENURED);
556   inline Handle<MutableHeapNumber> NewMutableHeapNumberFromBits(
557       uint64_t bits, PretenureFlag pretenure = NOT_TENURED);
558   inline Handle<MutableHeapNumber> NewMutableHeapNumberWithHoleNaN(
559       PretenureFlag pretenure = NOT_TENURED);
560 
561   // Allocates a new BigInt with {length} digits. Only to be used by
562   // MutableBigInt::New*.
563   Handle<FreshlyAllocatedBigInt> NewBigInt(
564       int length, PretenureFlag pretenure = NOT_TENURED);
565 
566   Handle<JSObject> NewArgumentsObject(Handle<JSFunction> callee, int length);
567 
568   // Allocates and initializes a new JavaScript object based on a
569   // constructor.
570   // JS objects are pretenured when allocated by the bootstrapper and
571   // runtime.
572   Handle<JSObject> NewJSObject(Handle<JSFunction> constructor,
573                                PretenureFlag pretenure = NOT_TENURED);
574   // JSObject without a prototype.
575   Handle<JSObject> NewJSObjectWithNullProto(
576       PretenureFlag pretenure = NOT_TENURED);
577 
578   // Global objects are pretenured and initialized based on a constructor.
579   Handle<JSGlobalObject> NewJSGlobalObject(Handle<JSFunction> constructor);
580 
581   // Allocates and initializes a new JavaScript object based on a map.
582   // Passing an allocation site means that a memento will be created that
583   // points to the site.
584   // JS objects are pretenured when allocated by the bootstrapper and
585   // runtime.
586   Handle<JSObject> NewJSObjectFromMap(
587       Handle<Map> map, PretenureFlag pretenure = NOT_TENURED,
588       Handle<AllocationSite> allocation_site = Handle<AllocationSite>::null());
589   Handle<JSObject> NewSlowJSObjectFromMap(
590       Handle<Map> map,
591       int number_of_slow_properties = NameDictionary::kInitialCapacity,
592       PretenureFlag pretenure = NOT_TENURED);
593 
594   // JS arrays are pretenured when allocated by the parser.
595 
596   // Create a JSArray with a specified length and elements initialized
597   // according to the specified mode.
598   Handle<JSArray> NewJSArray(
599       ElementsKind elements_kind, int length, int capacity,
600       ArrayStorageAllocationMode mode = DONT_INITIALIZE_ARRAY_ELEMENTS,
601       PretenureFlag pretenure = NOT_TENURED);
602 
603   Handle<JSArray> NewJSArray(
604       int capacity, ElementsKind elements_kind = TERMINAL_FAST_ELEMENTS_KIND,
605       PretenureFlag pretenure = NOT_TENURED) {
606     if (capacity != 0) {
607       elements_kind = GetHoleyElementsKind(elements_kind);
608     }
609     return NewJSArray(elements_kind, 0, capacity,
610                       INITIALIZE_ARRAY_ELEMENTS_WITH_HOLE, pretenure);
611   }
612 
613   // Create a JSArray with the given elements.
614   Handle<JSArray> NewJSArrayWithElements(Handle<FixedArrayBase> elements,
615                                          ElementsKind elements_kind, int length,
616                                          PretenureFlag pretenure = NOT_TENURED);
617 
618   inline Handle<JSArray> NewJSArrayWithElements(
619       Handle<FixedArrayBase> elements,
620       ElementsKind elements_kind = TERMINAL_FAST_ELEMENTS_KIND,
621       PretenureFlag pretenure = NOT_TENURED);
622 
623   void NewJSArrayStorage(
624       Handle<JSArray> array, int length, int capacity,
625       ArrayStorageAllocationMode mode = DONT_INITIALIZE_ARRAY_ELEMENTS);
626 
627   Handle<JSWeakMap> NewJSWeakMap();
628 
629   Handle<JSGeneratorObject> NewJSGeneratorObject(Handle<JSFunction> function);
630 
631   Handle<JSModuleNamespace> NewJSModuleNamespace();
632 
633   Handle<Module> NewModule(Handle<SharedFunctionInfo> code);
634 
635   Handle<JSArrayBuffer> NewJSArrayBuffer(
636       SharedFlag shared = SharedFlag::kNotShared,
637       PretenureFlag pretenure = NOT_TENURED);
638 
639   static void TypeAndSizeForElementsKind(ElementsKind kind,
640                                          ExternalArrayType* array_type,
641                                          size_t* element_size);
642 
643   Handle<JSTypedArray> NewJSTypedArray(ExternalArrayType type,
644                                        PretenureFlag pretenure = NOT_TENURED);
645 
646   Handle<JSTypedArray> NewJSTypedArray(ElementsKind elements_kind,
647                                        PretenureFlag pretenure = NOT_TENURED);
648 
649   // Creates a new JSTypedArray with the specified buffer.
650   Handle<JSTypedArray> NewJSTypedArray(ExternalArrayType type,
651                                        Handle<JSArrayBuffer> buffer,
652                                        size_t byte_offset, size_t length,
653                                        PretenureFlag pretenure = NOT_TENURED);
654 
655   // Creates a new on-heap JSTypedArray.
656   Handle<JSTypedArray> NewJSTypedArray(ElementsKind elements_kind,
657                                        size_t number_of_elements,
658                                        PretenureFlag pretenure = NOT_TENURED);
659 
660   Handle<JSDataView> NewJSDataView(Handle<JSArrayBuffer> buffer,
661                                    size_t byte_offset, size_t byte_length);
662 
663   Handle<JSIteratorResult> NewJSIteratorResult(Handle<Object> value, bool done);
664   Handle<JSAsyncFromSyncIterator> NewJSAsyncFromSyncIterator(
665       Handle<JSReceiver> sync_iterator, Handle<Object> next);
666 
667   Handle<JSMap> NewJSMap();
668   Handle<JSSet> NewJSSet();
669 
670   Handle<JSMapIterator> NewJSMapIterator(Handle<Map> map,
671                                          Handle<OrderedHashMap> table,
672                                          int index);
673   Handle<JSSetIterator> NewJSSetIterator(Handle<Map> map,
674                                          Handle<OrderedHashSet> table,
675                                          int index);
676 
677   // Allocates a bound function.
678   MaybeHandle<JSBoundFunction> NewJSBoundFunction(
679       Handle<JSReceiver> target_function, Handle<Object> bound_this,
680       Vector<Handle<Object>> bound_args);
681 
682   // Allocates a Harmony proxy.
683   Handle<JSProxy> NewJSProxy(Handle<JSReceiver> target,
684                              Handle<JSReceiver> handler);
685 
686   // Reinitialize an JSGlobalProxy based on a constructor.  The object
687   // must have the same size as objects allocated using the
688   // constructor.  The object is reinitialized and behaves as an
689   // object that has been freshly allocated using the constructor.
690   void ReinitializeJSGlobalProxy(Handle<JSGlobalProxy> global,
691                                  Handle<JSFunction> constructor);
692 
693   Handle<JSGlobalProxy> NewUninitializedJSGlobalProxy(int size);
694 
695   // Creates a new JSFunction according to the given args. This is the function
696   // you'll probably want to use when creating a JSFunction from the runtime.
697   Handle<JSFunction> NewFunction(const NewFunctionArgs& args);
698 
699   // For testing only. Creates a sloppy function without code.
700   Handle<JSFunction> NewFunctionForTest(Handle<String> name);
701 
702   // Function creation from SharedFunctionInfo.
703 
704   Handle<JSFunction> NewFunctionFromSharedFunctionInfo(
705       Handle<Map> initial_map, Handle<SharedFunctionInfo> function_info,
706       Handle<Context> context, Handle<FeedbackCell> feedback_cell,
707       PretenureFlag pretenure = TENURED);
708 
709   Handle<JSFunction> NewFunctionFromSharedFunctionInfo(
710       Handle<SharedFunctionInfo> function_info, Handle<Context> context,
711       Handle<FeedbackCell> feedback_cell, PretenureFlag pretenure = TENURED);
712 
713   Handle<JSFunction> NewFunctionFromSharedFunctionInfo(
714       Handle<Map> initial_map, Handle<SharedFunctionInfo> function_info,
715       Handle<Context> context, PretenureFlag pretenure = TENURED);
716 
717   Handle<JSFunction> NewFunctionFromSharedFunctionInfo(
718       Handle<SharedFunctionInfo> function_info, Handle<Context> context,
719       PretenureFlag pretenure = TENURED);
720 
721   // The choke-point for JSFunction creation. Handles allocation and
722   // initialization. All other utility methods call into this.
723   Handle<JSFunction> NewFunction(Handle<Map> map,
724                                  Handle<SharedFunctionInfo> info,
725                                  Handle<Context> context,
726                                  PretenureFlag pretenure = TENURED);
727 
728   // Create a serialized scope info.
729   Handle<ScopeInfo> NewScopeInfo(int length);
730 
731   Handle<ModuleInfo> NewModuleInfo();
732 
733   Handle<PreParsedScopeData> NewPreParsedScopeData(int length);
734 
735   Handle<UncompiledDataWithoutPreParsedScope>
736   NewUncompiledDataWithoutPreParsedScope(Handle<String> inferred_name,
737                                          int32_t start_position,
738                                          int32_t end_position,
739                                          int32_t function_literal_id);
740 
741   Handle<UncompiledDataWithPreParsedScope> NewUncompiledDataWithPreParsedScope(
742       Handle<String> inferred_name, int32_t start_position,
743       int32_t end_position, int32_t function_literal_id,
744       Handle<PreParsedScopeData>);
745 
746   // Create an External object for V8's external API.
747   Handle<JSObject> NewExternal(void* value);
748 
749   // Creates a new CodeDataContainer for a Code object.
750   Handle<CodeDataContainer> NewCodeDataContainer(int flags);
751 
752   // Allocates a new code object (fully initialized). All header fields of the
753   // returned object are immutable and the code object is write protected.
754   // The reference to the Code object is stored in self_reference.
755   // This allows generated code to reference its own Code object
756   // by containing this handle.
757   Handle<Code> NewCode(const CodeDesc& desc, Code::Kind kind,
758                        Handle<Object> self_reference,
759                        int32_t builtin_index = Builtins::kNoBuiltinId,
760                        MaybeHandle<ByteArray> maybe_source_position_table =
761                            MaybeHandle<ByteArray>(),
762                        MaybeHandle<DeoptimizationData> maybe_deopt_data =
763                            MaybeHandle<DeoptimizationData>(),
764                        Movability movability = kMovable, uint32_t stub_key = 0,
765                        bool is_turbofanned = false, int stack_slots = 0,
766                        int safepoint_table_offset = 0,
767                        int handler_table_offset = 0);
768 
769   // Like NewCode, this function allocates a new code object (fully
770   // initialized). It may return an empty handle if the allocation does not
771   // succeed.
772   V8_WARN_UNUSED_RESULT MaybeHandle<Code> TryNewCode(
773       const CodeDesc& desc, Code::Kind kind, Handle<Object> self_reference,
774       int32_t builtin_index = Builtins::kNoBuiltinId,
775       MaybeHandle<ByteArray> maybe_source_position_table =
776           MaybeHandle<ByteArray>(),
777       MaybeHandle<DeoptimizationData> maybe_deopt_data =
778           MaybeHandle<DeoptimizationData>(),
779       Movability movability = kMovable, uint32_t stub_key = 0,
780       bool is_turbofanned = false, int stack_slots = 0,
781       int safepoint_table_offset = 0, int handler_table_offset = 0);
782 
783   // Allocates a new, empty code object for use by builtin deserialization. The
784   // given {size} argument specifies the size of the entire code object.
785   // Can only be used when code space is unprotected and requires manual
786   // initialization by the caller.
787   Handle<Code> NewCodeForDeserialization(uint32_t size);
788 
789   // Allocates a new code object and initializes it as the trampoline to the
790   // given off-heap entry point.
791   Handle<Code> NewOffHeapTrampolineFor(Handle<Code> code,
792                                        Address off_heap_entry);
793 
794   Handle<Code> CopyCode(Handle<Code> code);
795 
796   Handle<BytecodeArray> CopyBytecodeArray(Handle<BytecodeArray>);
797 
798   // Interface for creating error objects.
799   Handle<Object> NewError(Handle<JSFunction> constructor,
800                           Handle<String> message);
801 
802   Handle<Object> NewInvalidStringLengthError();
803 
804   inline Handle<Object> NewURIError();
805 
806   Handle<Object> NewError(Handle<JSFunction> constructor,
807                           MessageTemplate::Template template_index,
808                           Handle<Object> arg0 = Handle<Object>(),
809                           Handle<Object> arg1 = Handle<Object>(),
810                           Handle<Object> arg2 = Handle<Object>());
811 
812 #define DECLARE_ERROR(NAME)                                          \
813   Handle<Object> New##NAME(MessageTemplate::Template template_index, \
814                            Handle<Object> arg0 = Handle<Object>(),   \
815                            Handle<Object> arg1 = Handle<Object>(),   \
816                            Handle<Object> arg2 = Handle<Object>());
817   DECLARE_ERROR(Error)
818   DECLARE_ERROR(EvalError)
819   DECLARE_ERROR(RangeError)
820   DECLARE_ERROR(ReferenceError)
821   DECLARE_ERROR(SyntaxError)
822   DECLARE_ERROR(TypeError)
823   DECLARE_ERROR(WasmCompileError)
824   DECLARE_ERROR(WasmLinkError)
825   DECLARE_ERROR(WasmRuntimeError)
826 #undef DECLARE_ERROR
827 
828   Handle<String> NumberToString(Handle<Object> number, bool check_cache = true);
829   Handle<String> NumberToString(Smi* number, bool check_cache = true);
830 
831   inline Handle<String> Uint32ToString(uint32_t value,
832                                        bool check_cache = false);
833 
834 #define ROOT_ACCESSOR(type, name, camel_name) inline Handle<type> name();
835   ROOT_LIST(ROOT_ACCESSOR)
836 #undef ROOT_ACCESSOR
837 
838 #define STRUCT_MAP_ACCESSOR(NAME, Name, name) inline Handle<Map> name##_map();
839   STRUCT_LIST(STRUCT_MAP_ACCESSOR)
840 #undef STRUCT_MAP_ACCESSOR
841 
842 #define ALLOCATION_SITE_MAP_ACCESSOR(NAME, Name, Size, name) \
843   inline Handle<Map> name##_map();
844   ALLOCATION_SITE_LIST(ALLOCATION_SITE_MAP_ACCESSOR)
845 #undef ALLOCATION_SITE_MAP_ACCESSOR
846 
847 #define DATA_HANDLER_MAP_ACCESSOR(NAME, Name, Size, name) \
848   inline Handle<Map> name##_map();
849   DATA_HANDLER_LIST(DATA_HANDLER_MAP_ACCESSOR)
850 #undef DATA_HANDLER_MAP_ACCESSOR
851 
852 #define STRING_ACCESSOR(name, str) inline Handle<String> name();
853   INTERNALIZED_STRING_LIST(STRING_ACCESSOR)
854 #undef STRING_ACCESSOR
855 
856 #define SYMBOL_ACCESSOR(name) inline Handle<Symbol> name();
857   PRIVATE_SYMBOL_LIST(SYMBOL_ACCESSOR)
858 #undef SYMBOL_ACCESSOR
859 
860 #define SYMBOL_ACCESSOR(name, description) inline Handle<Symbol> name();
861   PUBLIC_SYMBOL_LIST(SYMBOL_ACCESSOR)
862   WELL_KNOWN_SYMBOL_LIST(SYMBOL_ACCESSOR)
863 #undef SYMBOL_ACCESSOR
864 
865 #define ACCESSOR_INFO_ACCESSOR(accessor_name, AccessorName) \
866   inline Handle<AccessorInfo> accessor_name##_accessor();
867   ACCESSOR_INFO_LIST(ACCESSOR_INFO_ACCESSOR)
868 #undef ACCESSOR_INFO_ACCESSOR
869 
870   // Allocates a new SharedFunctionInfo object.
871   Handle<SharedFunctionInfo> NewSharedFunctionInfoForApiFunction(
872       MaybeHandle<String> maybe_name,
873       Handle<FunctionTemplateInfo> function_template_info, FunctionKind kind);
874 
875   Handle<SharedFunctionInfo> NewSharedFunctionInfoForBuiltin(
876       MaybeHandle<String> name, int builtin_index,
877       FunctionKind kind = kNormalFunction);
878 
879   Handle<SharedFunctionInfo> NewSharedFunctionInfoForLiteral(
880       FunctionLiteral* literal, Handle<Script> script, bool is_toplevel);
881 
IsFunctionModeWithPrototype(FunctionMode function_mode)882   static bool IsFunctionModeWithPrototype(FunctionMode function_mode) {
883     return (function_mode & kWithPrototypeBits) != 0;
884   }
885 
IsFunctionModeWithWritablePrototype(FunctionMode function_mode)886   static bool IsFunctionModeWithWritablePrototype(FunctionMode function_mode) {
887     return (function_mode & kWithWritablePrototypeBit) != 0;
888   }
889 
IsFunctionModeWithName(FunctionMode function_mode)890   static bool IsFunctionModeWithName(FunctionMode function_mode) {
891     return (function_mode & kWithNameBit) != 0;
892   }
893 
IsFunctionModeWithHomeObject(FunctionMode function_mode)894   static bool IsFunctionModeWithHomeObject(FunctionMode function_mode) {
895     return (function_mode & kWithHomeObjectBit) != 0;
896   }
897 
898   Handle<Map> CreateSloppyFunctionMap(
899       FunctionMode function_mode, MaybeHandle<JSFunction> maybe_empty_function);
900 
901   Handle<Map> CreateStrictFunctionMap(FunctionMode function_mode,
902                                       Handle<JSFunction> empty_function);
903 
904   Handle<Map> CreateClassFunctionMap(Handle<JSFunction> empty_function);
905 
906   // Allocates a new JSMessageObject object.
907   Handle<JSMessageObject> NewJSMessageObject(MessageTemplate::Template message,
908                                              Handle<Object> argument,
909                                              int start_position,
910                                              int end_position,
911                                              Handle<Script> script,
912                                              Handle<Object> stack_frames);
913 
914   Handle<DebugInfo> NewDebugInfo(Handle<SharedFunctionInfo> shared);
915 
916   Handle<CoverageInfo> NewCoverageInfo(const ZoneVector<SourceRange>& slots);
917 
918   // Return a map for given number of properties using the map cache in the
919   // native context.
920   Handle<Map> ObjectLiteralMapFromCache(Handle<NativeContext> native_context,
921                                         int number_of_properties);
922 
923   Handle<LoadHandler> NewLoadHandler(int data_count);
924   Handle<StoreHandler> NewStoreHandler(int data_count);
925 
926   Handle<RegExpMatchInfo> NewRegExpMatchInfo();
927 
928   // Creates a new FixedArray that holds the data associated with the
929   // atom regexp and stores it in the regexp.
930   void SetRegExpAtomData(Handle<JSRegExp> regexp, JSRegExp::Type type,
931                          Handle<String> source, JSRegExp::Flags flags,
932                          Handle<Object> match_pattern);
933 
934   // Creates a new FixedArray that holds the data associated with the
935   // irregexp regexp and stores it in the regexp.
936   void SetRegExpIrregexpData(Handle<JSRegExp> regexp, JSRegExp::Type type,
937                              Handle<String> source, JSRegExp::Flags flags,
938                              int capture_count);
939 
940   // Returns the value for a known global constant (a property of the global
941   // object which is neither configurable nor writable) like 'undefined'.
942   // Returns a null handle when the given name is unknown.
943   Handle<Object> GlobalConstantFor(Handle<Name> name);
944 
945   // Converts the given boolean condition to JavaScript boolean value.
946   Handle<Object> ToBoolean(bool value);
947 
948   // Converts the given ToPrimitive hint to it's string representation.
949   Handle<String> ToPrimitiveHintString(ToPrimitiveHint hint);
950 
951   Handle<JSPromise> NewJSPromise(PretenureFlag pretenure = NOT_TENURED);
952 
953   Handle<CallHandlerInfo> NewCallHandlerInfo(bool has_no_side_effect = false);
954 
NewForTest(Handle<Map> map,PretenureFlag pretenure)955   HeapObject* NewForTest(Handle<Map> map, PretenureFlag pretenure) {
956     return New(map, pretenure);
957   }
958 
959  private:
isolate()960   Isolate* isolate() {
961     // Downcast to the privately inherited sub-class using c-style casts to
962     // avoid undefined behavior (as static_cast cannot cast across private
963     // bases).
964     return (Isolate*)this;  // NOLINT(readability/casting)
965   }
966 
967   HeapObject* AllocateRawWithImmortalMap(
968       int size, PretenureFlag pretenure, Map* map,
969       AllocationAlignment alignment = kWordAligned);
970   HeapObject* AllocateRawWithAllocationSite(
971       Handle<Map> map, PretenureFlag pretenure,
972       Handle<AllocationSite> allocation_site);
973 
974   // Allocate memory for an uninitialized array (e.g., a FixedArray or similar).
975   HeapObject* AllocateRawArray(int size, PretenureFlag pretenure);
976   HeapObject* AllocateRawFixedArray(int length, PretenureFlag pretenure);
977   HeapObject* AllocateRawWeakArrayList(int length, PretenureFlag pretenure);
978   Handle<FixedArray> NewFixedArrayWithFiller(Heap::RootListIndex map_root_index,
979                                              int length, Object* filler,
980                                              PretenureFlag pretenure);
981 
982   // Creates a heap object based on the map. The fields of the heap object are
983   // not initialized, it's the responsibility of the caller to do that.
984   HeapObject* New(Handle<Map> map, PretenureFlag pretenure);
985 
986   template <typename T>
987   Handle<T> CopyArrayWithMap(Handle<T> src, Handle<Map> map);
988   template <typename T>
989   Handle<T> CopyArrayAndGrow(Handle<T> src, int grow_by,
990                              PretenureFlag pretenure);
991 
992   template <bool is_one_byte, typename T>
993   Handle<String> AllocateInternalizedStringImpl(T t, int chars,
994                                                 uint32_t hash_field);
995 
996   Handle<SeqOneByteString> AllocateRawOneByteInternalizedString(
997       int length, uint32_t hash_field);
998 
999   Handle<String> AllocateTwoByteInternalizedString(Vector<const uc16> str,
1000                                                    uint32_t hash_field);
1001 
1002   MaybeHandle<String> NewStringFromTwoByte(const uc16* string, int length,
1003                                            PretenureFlag pretenure);
1004 
1005   // Attempt to find the number in a small cache.  If we finds it, return
1006   // the string representation of the number.  Otherwise return undefined.
1007   Handle<Object> NumberToStringCacheGet(Object* number, int hash);
1008 
1009   // Update the cache with a new number-string pair.
1010   Handle<String> NumberToStringCacheSet(Handle<Object> number, int hash,
1011                                         const char* string, bool check_cache);
1012 
1013   // Create a JSArray with no elements and no length.
1014   Handle<JSArray> NewJSArray(ElementsKind elements_kind,
1015                              PretenureFlag pretenure = NOT_TENURED);
1016 
1017   Handle<JSPromise> NewJSPromiseWithoutHook(
1018       PretenureFlag pretenure = NOT_TENURED);
1019 
1020   Handle<SharedFunctionInfo> NewSharedFunctionInfo(
1021       MaybeHandle<String> name, MaybeHandle<HeapObject> maybe_function_data,
1022       int maybe_builtin_index, FunctionKind kind = kNormalFunction);
1023 
1024   void InitializeAllocationMemento(AllocationMemento* memento,
1025                                    AllocationSite* allocation_site);
1026 
1027   // Initializes a JSObject based on its map.
1028   void InitializeJSObjectFromMap(Handle<JSObject> obj,
1029                                  Handle<Object> properties, Handle<Map> map);
1030   // Initializes JSObject body starting at given offset.
1031   void InitializeJSObjectBody(Handle<JSObject> obj, Handle<Map> map,
1032                               int start_offset);
1033 };
1034 
1035 // Utility class to simplify argument handling around JSFunction creation.
1036 class NewFunctionArgs final {
1037  public:
1038   static NewFunctionArgs ForWasm(
1039       Handle<String> name,
1040       Handle<WasmExportedFunctionData> exported_function_data, Handle<Map> map);
1041   static NewFunctionArgs ForBuiltin(Handle<String> name, Handle<Map> map,
1042                                     int builtin_id);
1043   static NewFunctionArgs ForFunctionWithoutCode(Handle<String> name,
1044                                                 Handle<Map> map,
1045                                                 LanguageMode language_mode);
1046   static NewFunctionArgs ForBuiltinWithPrototype(
1047       Handle<String> name, Handle<Object> prototype, InstanceType type,
1048       int instance_size, int inobject_properties, int builtin_id,
1049       MutableMode prototype_mutability);
1050   static NewFunctionArgs ForBuiltinWithoutPrototype(Handle<String> name,
1051                                                     int builtin_id,
1052                                                     LanguageMode language_mode);
1053 
1054   Handle<Map> GetMap(Isolate* isolate) const;
1055 
1056  private:
NewFunctionArgs()1057   NewFunctionArgs() {}  // Use the static factory constructors.
1058 
1059   void SetShouldCreateAndSetInitialMap();
1060   void SetShouldSetPrototype();
1061   void SetShouldSetLanguageMode();
1062 
1063   // Sentinel value.
1064   static const int kUninitialized = -1;
1065 
1066   Handle<String> name_;
1067   MaybeHandle<Map> maybe_map_;
1068   MaybeHandle<WasmExportedFunctionData> maybe_exported_function_data_;
1069 
1070   bool should_create_and_set_initial_map_ = false;
1071   InstanceType type_;
1072   int instance_size_ = kUninitialized;
1073   int inobject_properties_ = kUninitialized;
1074 
1075   bool should_set_prototype_ = false;
1076   MaybeHandle<Object> maybe_prototype_;
1077 
1078   bool should_set_language_mode_ = false;
1079   LanguageMode language_mode_;
1080 
1081   int maybe_builtin_id_ = kUninitialized;
1082 
1083   MutableMode prototype_mutability_;
1084 
1085   friend class Factory;
1086 };
1087 
1088 }  // namespace internal
1089 }  // namespace v8
1090 
1091 #endif  // V8_HEAP_FACTORY_H_
1092