Thus, instead of the following profiler records:
1.5% 1.5% LazyCompile: <anonymous>
we'll now have these:
1.5% 1.5% LazyCompile: <anonymous> richards.js:309
Basically, I translated two functions from messages.js into C++.
In the next CL I will update messages.js to use added native functions.
Review URL: http://codereview.chromium.org/19537
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1216 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Changed the name of Runtime_GetPrototype to Runtime_DebugGetPrototype to indicate that it is a debugger related function and changed its implementation to do the correct __proto__ lookup.
Added some more information to the Map debug print.
Review URL: http://codereview.chromium.org/18658
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This can lead to large objects which wastes a lot of space if we normalize properties. We therfore clear the inobject properties when normalizing properties. This is done by adjusting the instance size in the new map and overwriting the inobject properties with a filler.
Review URL: http://codereview.chromium.org/17308
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1051 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
operation. I have another version of this change that does not remove the
special inline caches for difference sized strings. The other version is ever
so slightly faster, but the nice thing about this version is that it removes
253 lines of code.
Review URL: http://codereview.chromium.org/8187
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@603 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
If a map has descendents in the map transition tree that are alive,
it is kept. Only maps such that they and all their descendants
have no live objects are collected. This happens in mark-sweep and
mark-compact garbage collections.
Review URL: http://codereview.chromium.org/8099
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@601 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
- Changed the structure of regexp objects from having two internal
fields to having a single field containing a fixed array, since it's
easier to store the whole fixed array in the cache.
- Move printing of the command to after printing std{err,out} in the
compact progress indicators in the test framework.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@579 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
- Changed WeakReferenceCallback to take a Persistent<Value> instead of
a Persistent<Object>.
- Removed Message::GetUnderline and Message::GetScriptData.
- Added Value::IsDate, Date::Cast and Date::Value.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@564 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00