Commit Graph

16540 Commits

Author SHA1 Message Date
rmcilroy@chromium.org
53bf126817 Arm64: Ensure that csp is always aligned to 16 byte values even if jssp is not.
Even although the Arm64 specification specifies that csp
only needs to be aligned to 16 bytes if it is dereferenced, some implementations show poor performance if csp is every set to a non-aligned value.  This CL ensures that csp is always aligned to 16 byte values on these platforms and adds checks to ensure this in debug mode.

Also makes the following change:
 - Enable CPU support for arm64 to enable probing of cpu implementer and cpu part.
 - Add ALWAYS_ALIGN_CSP CpuFeature for Arm64 and set it based on runtime probing of the cpu implementer.
 - Rename PrepareForPush and PrepareForPop to PushPreamble and PopPostamble and move PopPostable after the pop.
 -

R=jacob.bramley@arm.com, ulan@chromium.org

Review URL: https://codereview.chromium.org/264773004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21177 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 15:56:17 +00:00
jochen@chromium.org
f6e2d0eb1d Remove strange v8_target_arch=="mac" conditions from gyp files
mac is not an architecture, and it doesn't make sense to compile in both
the ia32 and x64 archs at the same time

BUG=none
R=jkummerow@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/255183002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21176 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 15:25:51 +00:00
jochen@chromium.org
517def0bef Import features.gypi into BUILD.gn
BUG=none
R=brettw@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/261203003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21175 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 15:01:24 +00:00
wingo@igalia.com
ab96529a4a Prevent liveedit on or under generators with open activations
R=yangguo@chromium.org
LOG=N
TEST=mjsunit/harmony/generators-debug-liveedit.js
BUG=

Review URL: https://codereview.chromium.org/266983004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21174 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 14:57:52 +00:00
rossberg@chromium.org
ae0a36ee32 Re^3-land "Ship promises and weak collections"
R=jochen@chromium.org
BUG=

Review URL: https://codereview.chromium.org/266243003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21173 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 14:48:34 +00:00
m.m.capewell@googlemail.com
ec2b42fd7b ARM64: Sign extension on MemOperand for keyed ops
SXTW extend mode is usually cheaper on loads and stores than arithmetic,
so move it to the memory accesses where possible for Keyed loads and
stores.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/268483002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21172 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 14:28:29 +00:00
ishell@chromium.org
9be0c4d378 Fixed jump in non-SSE4.1 implementation of LMathFloor instruction on x64.
BUG=chromium:370384
LOG=N
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/261853009

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21171 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 14:20:46 +00:00
svenpanne@chromium.org
e9e373e8c9 Revert "Removed default Isolate."
This reverts commit r21167, cctest/test-serialize has to be fixed first.

TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/267163002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21170 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 13:06:12 +00:00
verwaest@chromium.org
14c023c7cb Only force creating initial maps when we have prototypes.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/261983007

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21169 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 12:16:24 +00:00
baptiste.afsa@arm.com
4a9d0b0406 ARM64: Introduce TempDoubleRegister as a lithium operand constraint.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/261933002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21168 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 12:11:00 +00:00
svenpanne@chromium.org
9b4bd33551 Removed default Isolate.
There is probably room for more cleanup after this...

BUG=359977
LOG=y
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/262163006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21167 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 11:48:26 +00:00
verwaest@chromium.org
af2be5b4be Pass in the map while creating JSFunction, and set prototype in the client.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/263083008

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21166 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 11:26:35 +00:00
mvstanton@chromium.org
f2903b6f6c Fix for 3303 MultithreadedParallelIsolates has a race condition.
The fix is to make the code aging sequence hang off the isolate.

BUG=v8:3303
R=svenpanne@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/261953002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21165 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 11:25:37 +00:00
marja@chromium.org
43f9c67842 Produce cached data only for scripts which compile without errors.
ScriptCompiler::CompileUnbound handles cached data only when there was no
compilation error, so, if we produce the data for erroneous scripts, the
ScriptData object is leaked.

In addition, producing cached data for erroneous scripts makes little sense.

R=ulan@chromium.org
BUG=370327
LOG=N

Review URL: https://codereview.chromium.org/266423003

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21164 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 11:22:54 +00:00
jochen@chromium.org
0070272321 Move generated math methods from platform to codegen
BUG=none
R=mstarzinger@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/269823006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21163 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 11:14:37 +00:00
verwaest@chromium.org
2716ddd0d7 Pass dependency to HLoadNamedField for array length load
BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/267773004

Patch from Jing Bao <jing.bao@intel.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21162 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 11:05:52 +00:00
m.m.capewell@googlemail.com
cf8d874a4e ARM64: Use the shifter operand to merge in previous shift instructions.
When possible, we transform sequences of code of the form
    lsl x8, x9, #imm
    add x0, x1, x8
into
    add x0, x1, x9 LSL #imm

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/257203002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21161 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 11:00:28 +00:00
mstarzinger@chromium.org
55c077f96e Remove broken %_Log functionality.
R=yangguo@chromium.org
BUG=

Review URL: https://codereview.chromium.org/265283007

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21160 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 09:28:08 +00:00
rmcilroy@chromium.org
5fb7132777 [Android]: Update Makefile.android to use platform-14 as minimum.
The version of the NDK in Chromium only has platform/android-14 and above
(since Chrome only supports API 14 and above).  To make it easier for
developers to use the Chromium NDK to build V8, this CL updates the default
platform version to 14.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/267873002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21159 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 09:08:32 +00:00
ulan@chromium.org
a872ffdabc Do not call setters of read-only accessors.
BUG=
TEST=mjsunit/readonly-accessor
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/271433002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21158 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 08:34:48 +00:00
alph@chromium.org
d56f01ba1c Make sure CPU profiler collects a sample on start.
BUG=369035
LOG=N
R=bmeurer@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/263883008

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21157 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 08:18:09 +00:00
Jacob.Bramley@arm.com
77d6bca46f ARM64: Use default-NaN mode to canonicalize NaNs.
BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/255343004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21156 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 08:05:27 +00:00
bmeurer@chromium.org
96e2fee40e Fix Mac64-debug issue introduced with r21154.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/271443002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21155 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 07:49:21 +00:00
bmeurer@chromium.org
a051bc5762 Next bunch of fixes for check elimination.
- Canonicalize HCheckMapValue with constant map to
  HCheckMaps, and get rid of the special treatment
  during check elimination.
- Track only stable object maps for HConstants and
  add CHECK()s to verify state during code generation.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/263923004

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21154 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-06 07:05:07 +00:00
adamk@chromium.org
9c52caa86e Tighten up Object.observe code to ASSERT that it never deals with globals
After r21126, Object.observe no longer allows observing the global proxy
object. This patch replaces codepaths that used to handle that case with
asserts showing that no such observation happens.

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/261773006

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21151 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 21:44:36 +00:00
adamk@chromium.org
3274485c50 Store JSGlobalProxy's identity hash directly on the proxy itself
Previously, the hash was stored on the underlying global object, since
it was stored in the hidden property table. This patch moves to an
implementation modeled on JSProxy, adding a new 'hash' field to JSGlobalProxy.

This allows storing the global proxy in a Map, Set, WeakMap, or WeakSet and
accessing it even after the proxy has been attached to a new global, which
is Firefox's current behavior and was the consensus of a recent thread on public-script-coord:
http://lists.w3.org/Archives/Public/public-script-coord/2014AprJun/0012.html

R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/254433002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21150 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 18:27:57 +00:00
hpayer@chromium.org
dde49c9dc3 Set max new space size in tests to proper MB value.
Revert "Limit old space size in test which require a large new space."

This reverts commit r21103.

Revert "Remove max space limits in tests."

This reverts commit r21104.

BUG=
R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/263103006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21149 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 16:48:33 +00:00
hpayer@chromium.org
a35bb7586c FLAG_max_new_space_size is in MB.
Plus, cleanup of the space - generation mess. More to do there...

BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/268073004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21148 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 16:33:23 +00:00
machenbach@chromium.org
45681c688d Remove old branch logic from push scripts.
The old temporary branch is not needed anymore. All scripts create a different branch after creating the temporary branch.

This also fixes logging subprocesses and logs a warning to track down script failures due to wrong branches.

BUG=
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/266083003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21147 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 15:16:26 +00:00
marja@chromium.org
98cd283399 Remove symbol preparse data altogether.
Removing it seems to be a clear win on mobile: producing symbol data makes cold
parsing 20-30% slower, and having symbol data doesn't make warm parsing any
faster.

Notes:
- V8 used to produce symbol data, but because of a bug, it was never used until
recently. (See fix https://codereview.chromium.org/172753002 which takes the
symbol data into use again.)
- On desktop, warm parsing is faster if we have symbol data, and producing it
during cold parsing doesn't make parsing substantially slower. However, this
doesn't seem to be the case on mobile.
- The preparse data (cached data) will now contain only the positions of the
lazy functions.

BUG=
R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/261273003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21146 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 14:55:13 +00:00
wingo@igalia.com
275bfa1b61 Relocate suspended generator activations when enabling debug mode
R=yangguo@chromium.org
BUG=v8:3289
LOG=N

Review URL: https://codereview.chromium.org/264973014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21145 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 14:31:51 +00:00
jochen@chromium.org
12b2f9d6de Fix cctest.status typo
TBR=ishell@chromium.org
BUG=none
LOG=n

Review URL: https://codereview.chromium.org/266823004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21144 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 13:56:39 +00:00
jochen@chromium.org
7d2b13b4ca Mark test-cpu-profiler/JsNativeJsRuntimeJsSample as flaky
BUG=v8:3308
LOG=n
TBR=yurys@chromium.org

Review URL: https://codereview.chromium.org/268093002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21143 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 13:29:10 +00:00
jochen@chromium.org
8554da5c68 Revert r21141.
Relocate suspended generator activations when enabling debug mode

BUG=v8:3289
LOG=N
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/262193003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21142 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 13:28:21 +00:00
wingo@igalia.com
9a9943b564 Relocate suspended generator activations when enabling debug mode
R=yangguo@chromium.org
BUG=v8:3289
LOG=N

Review URL: https://codereview.chromium.org/260423002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21141 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 12:57:14 +00:00
jochen@chromium.org
b66afe30fe Add a basic gn file for V8
Currently, the gn support is incomplete and only works from within a
chromium checkout.

See https://code.google.com/p/chromium/wiki/gn for details

We move the BUILD.gn file to v8 nevertheless to make renaming files
easier, as the chromium CQ already now checks the gn build.

BUG=none
R=brettw@chromium.org, machenbach@chromium.org
LOG=y

Review URL: https://codereview.chromium.org/259233002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21140 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 11:06:26 +00:00
bmeurer@chromium.org
785bdf7c1e Don't add code dependencies eagerly for HCheckMaps.
Instead of adding code dependencies on stable during
graph creation, we now add them during code generation
for those HCheckMaps that survived dead code elimination.

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/264973013

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21139 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 11:03:14 +00:00
ishell@chromium.org
5883de41cc Map::TransitionElementsTo() extracted from JSObject::GetElementsTransitionMap().
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/260803002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21138 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 09:57:45 +00:00
svenpanne@chromium.org
96517fbed0 Inlined IsFoundByRuntimeProbingOnly.
It is only used internally at a single place.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/265243004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21137 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 09:52:03 +00:00
yurys@chromium.org
c165fbd298 Remove Message::GetScriptData declaration
This is a left-over after r20683

BUG=None
LOG=N
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/266983003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21136 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 07:43:29 +00:00
yangguo@chromium.org
db904a20da Always initialize the debugger eagerly.
There is no point doing it lazily, since compiling and executing the tiniest piece of code triggers lazy init.
Also removed some dead code.

R=ulan@chromium.org

Review URL: https://codereview.chromium.org/265593004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21135 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 07:10:38 +00:00
machenbach@chromium.org
929b99ed8d Revert "Version 3.26.30 (based on bleeding_edge revision r21129)"
This reverts commit r21130, a faulty automated commit.

BUG=
TBR=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/263083007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21134 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 07:02:13 +00:00
bmeurer@chromium.org
7c1036d424 Various cleanups in check elimination.
- Move IsMapAccess() to HObjectAccess.
- Collect the actual objects instead of HStoreNamedFields in
  effects, and also consider HTransitionElementsKind.
- Fix ownership of HCheckMaps::maps() and HLoadNamedField::maps().
- Avoid heavy copying of the same map sets all the time during
  check elimination, and do something useful with the memory
  instead by slightly bumping the maximum number of tracked
  objects.
- Slightly optimize UniqueSet::Contains().

R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/264693011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21133 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 06:53:19 +00:00
machenbach@chromium.org
b41af2c63f Version 3.26.30 (based on bleeding_edge revision r21129)
Introduce a microtask suppression scope and move microtask methods to isolate (Chromium issue 369503).

Re-enable Object.observe and add enforcement for security invariants.

Move cache line size calculation directly into CPU::FlushICache (Chromium issue 359977).

Generation of our home-grown memmove doesn't depend on serializer state anymore (Chromium issue 359977).

Fix |RunMicrotasks()| leaking reference to the last context being run on.

Object.defineProperty shouldn't be a hint that we're constructing a dictionary (Chromium issue 362870).

Performance and stability improvements on all platforms.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21130 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-05 00:04:56 +00:00
adamk@chromium.org
5ea893074c Fix ObjectNotifierPerformChange leak after r21126
Due to overlapping names of natives and runtime functions, the wrong
context was used for Notifier.prototype.performChange. The leak test
has been augmented to properly cover the leaky case, and the test
now passes.

Also tightened up type checks in runtime.cc and removed Object.observe
functions from knownIssues in fuzz-natives-part2.js.

R=jkummerow@chromium.org

Review URL: https://codereview.chromium.org/264793015

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21129 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-02 21:29:15 +00:00
jochen@chromium.org
4dd8b11171 Introduce a microtask suppression scope and move microtask methods to isolate
BUG=369503
R=adamk@chromium.org
LOG=y
TEST=cctest/test-api/SetAutorunMicrotasks

Review URL: https://codereview.chromium.org/263933002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21128 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-02 19:30:54 +00:00
rafaelw@chromium.org
72a090f3ee Build cleanup following r21126. Marking Native* methods in object-observe.js as knownProblems in fuzz-natives
TBR=verwaest

Review URL: https://codereview.chromium.org/265883009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21127 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-02 17:31:27 +00:00
rafaelw@chromium.org
7c138a7370 Don't leak contexts in Object.observe
The Object.observe API may construct internal structures as a result of API calls. These structures can persist as long as an object that was once observed persists. This patch ensures that these structures are created in the correct context so as to avoid leaking contexts

R=verwaest@chromium.org, dcarney
BUG=

Review URL: https://codereview.chromium.org/263833007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-02 16:13:10 +00:00
rafaelw@chromium.org
699bde3fc5 Update test expectations after re-enabling Object.observe
TBR=verwaest

Review URL: https://codereview.chromium.org/262823008

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21125 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-02 14:17:13 +00:00
rafaelw@chromium.org
1b270ef5ea Re-enable Object.observe and add enforcement for security invariants.
This patch reverts r21062 which disabled Object.observe and the relevant tests.

It also adds enforcement for the following three invariants:

1) No observer may receive a change record describing changes to an object which is in different security origin (context have differing security tokens)

2) No observer may receive a change record whose context's security token is different from that of the object described by the change.

3) Object.getNotifier will return null if the caller and the provided object are in differing security origins

Further, it ensures that the global object can never be observed nor a notifier retrieved for it.

Tests are included.
R=verwaest@chromium.org, rossberg
LOG=Y

Review URL: https://codereview.chromium.org/265503002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21122 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-02 13:55:11 +00:00