Generally we only care whether the next object is a hidden prototype.
It's simpler to check whether the current object has a hidden prototype
instead of walking to the next prototype and checking its map.
BUG=
Review URL: https://codereview.chromium.org/1675223002
Cr-Commit-Position: refs/heads/master@{#33816}
This was inconsistent in the spec in case of has vs get, set. Removing
receiver==holder simplifies the lookup; so tentatively removing this
additional check which was broken until yesterday anyway. See
https://github.com/tc39/ecma262/issues/347 for more information.
Review URL: https://codereview.chromium.org/1660903002
Cr-Commit-Position: refs/heads/master@{#33701}
This includes 2 fixes:
1) We didn't properly advance the holder when checking whether
Receiver==Holder, so we'd inadvertently block loading the property if
the first property we find is on the typed array.
2) Reflect.get may cause any object on the prototype chain of the holder
to be the receiver; so we need to recheck for this special state for
each object we perform lookup on.
Review URL: https://codereview.chromium.org/1651913005
Cr-Commit-Position: refs/heads/master@{#33689}
String wrappers (new String("foo")) are special objects: their string
characters are accessed like elements, and they also have an elements
backing store. This used to require a bunch of explicit checks like:
if (obj->IsJSValue() && JSValue::cast(obj)->value()->IsString()) {
/* Handle string characters */
}
// Handle regular elements (for string wrappers and other objects)
obj->GetElementsAccessor()->Whatever(...);
This CL introduces new ElementsKinds for string wrapper objects (one for
fast elements, one for dictionary elements), which allow folding the
special-casing into new StringWrapperElementsAccessors.
No observable change in behavior is intended.
Review URL: https://codereview.chromium.org/1612323003
Cr-Commit-Position: refs/heads/master@{#33616}
This replace HeapType with a dedicated class that implements just what we need for field type tracking. In the next CL, I plan to remove FieldType::Iterator because FieldType can iterate over at most one map.
The ultimate plan is to get rid of templates in types.(h|cc) and remove type-inl.h.
TBR=rossberg@chromium.org
Review URL: https://codereview.chromium.org/1636013002
Cr-Commit-Position: refs/heads/master@{#33521}
This removes the lookup-inl.h header file, which actually would break
compilation if included more than once in the codebase. It only holds
methods used solely in the lookup.cc compilation unit.
R=verwaest@chromium.org
Review URL: https://codereview.chromium.org/1375843004
Cr-Commit-Position: refs/heads/master@{#31104}
Continuing unification of properties/elements handling, the new
LookupIterator::PropertyOrElement(..., Handle<Object> key, ...) takes
any Object and does the required ToPrimitive/ToName/ToArrayIndex
conversions on it.
Review URL: https://codereview.chromium.org/1375943002
Cr-Commit-Position: refs/heads/master@{#31023}
Whenever a generalization is computed, the inputs must be checked for being cleared, and if they are, the generalization must be Type::Any.
Hopefully this fixes Chromium issue 527994 as well.
BUG=v8:4325,chromium:527994
LOG=n
Review URL: https://codereview.chromium.org/1361103002
Cr-Commit-Position: refs/heads/master@{#30887}
This CL us a pure refactoring that makes an empty compilation unit
including just "isolate.h" or "contexts.h" but not "objects-inl.h"
compile without warnings or errors. This is needed to further reduce
the header dependency tangle.
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1322883002
Cr-Commit-Position: refs/heads/master@{#30500}
Only walk the heap clearing KeyedStoreICs when the dictionary in question belongs to an object that's used as a prototype.
This is a temporary mitigation until we have a way to clear such ICs without having to walk the heap.
BUG=v8:4335
LOG=y
R=yangguo@chromium.org
Review URL: https://codereview.chromium.org/1275363002
Cr-Commit-Position: refs/heads/master@{#30076}
For now it uses a pretty slow path for accessing strings by wrapping it into a new temporary wrapper.
BUG=v8:4042, v8:3088
LOG=y
Review URL: https://codereview.chromium.org/1221303019
Cr-Commit-Position: refs/heads/master@{#29576}
This change changes bootstrapping semantics for intercepted global objects. Unlike before, we'll now also call into the interceptor during bootstrapping. This affects properties loaded from within the runtime, such as global.Array and global.Symbol. The embedder will need to make sure that those values are the expected values during bootstrapping.
BUG=chromium:505998
LOG=n
Review URL: https://codereview.chromium.org/1220813005
Cr-Commit-Position: refs/heads/master@{#29414}
This is a first step towards disentangling the backend code. In the future we should just use ElementsAccessors.
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/1177043012
Cr-Commit-Position: refs/heads/master@{#29111}
Reason for revert:
Blocks revert of https://codereview.chromium.org/1175973002
Original issue's description:
> Replace SetObjectProperty / DefineObjectProperty with less powerful alternatives where relevant.
>
> @yangguo: please look at the debugger part of the CL.
> @ishell: please look at the rest.
>
> Additionally:
> - Ensure the LookupIterator for named properties does not accidentally get indexes in.
> - Fix the return value for typed array assignments to be the incoming value.
>
> BUG=v8:4137
> LOG=n
>
> Committed: https://crrev.com/15aa811f8fe2708a757c3b53ca89db736aa8b222
> Cr-Commit-Position: refs/heads/master@{#28954}
TBR=yangguo@chromium.org,verwaest@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:4137
Review URL: https://codereview.chromium.org/1181733002
Cr-Commit-Position: refs/heads/master@{#28957}
@yangguo: please look at the debugger part of the CL.
@ishell: please look at the rest.
Additionally:
- Ensure the LookupIterator for named properties does not accidentally get indexes in.
- Fix the return value for typed array assignments to be the incoming value.
BUG=v8:4137
LOG=n
Review URL: https://codereview.chromium.org/1178503004
Cr-Commit-Position: refs/heads/master@{#28954}
