Removed a false assertion in ScopeIterator that assumed context extension to never be a JSContextExtensionObject.
The context extension object in a 'with' context is JSContextExtensionObject iff the 'with' statement is generated from a catch block in order to extend its local scope with a variable holding exception object. This is how we differentiate 'catch' scope from 'with' scope.
Chrome bug:
http://code.google.com/p/chromium/issues/detail?id=17229
Review URL: http://codereview.chromium.org/202005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2843 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
When request has 'inlineRefs' option simple type values will be written in the response directly. Variables of other types in addition to 'ref' property containing the value handle will contain some type information.
Review URL: http://codereview.chromium.org/140061
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2253 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
For each frame it is now possible to request information on the scope chain. Each scope in the chain can have one of the types local, global, with and closure. For scopes of type global and with the mirror for the actual global or with object is available. For scopes of type local and closure a plain JavaScript object with the materialized content of the scope is created and its mirror is returned. Depending on the level of possible optimization the content of the materialized local and closure scopes might only contain the names which are actually used.
To iterate the scope chain an iterator ScopeIterator have been added which can provide the type of each scope for each part of the chain. This iterator creates an artificial local scope whenever that is present as the context chain does not include the local scope.
To avoid caching the mirror objects for the materialized the local and closure scopes transient mirrors have been added. They have negative handles and cannot be retrieved by subsequent lookup calls. Their content is part of a single response.
For debugging purposes an additional runtime function DebugPrintScopes is been added.
Added commands 'scopes' and 'scope' to the developer shell and fixed the dir command.
BUG=none
TEST=test/mjsunit/debug-scopes.js
Review URL: http://codereview.chromium.org/123021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2149 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Scripts now have a compilation type which can be host, eval or JSON. Host scripts are compiled through the API, eval scripts are compiled through call to evan and JSON scripts are compiled as a result of calling JSON.parse.
For scripts scripts compiled through eval the JavaScript function in top of the stack and the pc offset into the code is stored in the script object. This makes it possible to calculate the source position of the eval call later when requested. This information can be obtained through the script mirror object and is part of the script mirror JSON serialization for the debugger protocol.
Moved the enumeration ScripType into class Script and remamed to Type. The new compilation type enumeration is also inside the class Script.
This information is now shown when using the scripts command in he developer shell debugger.
Review URL: http://codereview.chromium.org/119108
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2119 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Added a simple initial version of a context mirror object which just holds the user data from the context, and does not preserve handle identity.
A script object now holds a reference to the custom data from the context it was compiled in. This data is included in the debugger protocol for scripts.
Changed the serialization for the scripts command to use the mirror objects instaed of custom serialization. This included passing options from the debugger request to the serializer for including the full source of scripts in the response.
Review URL: http://codereview.chromium.org/111001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1877 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Changed the script break points to be able to handle both break points based on script names and script ids. When break points are set through a script id the position is relative to the script itself. This is different from the script break points set through script names where the line/coulmn offset is taken into account.
This has the side effect that function break points are not converted into script break points for named scripts.
Show the script id in the D8 shell debugger when listing all scripts using the 'scripts' command.
Review URL: http://codereview.chromium.org/40317
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1468 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This imports a Python version of Douglas Crockford's JSMin. JavaScript files can annotate that they want to be run through the minifier. Currently debug and mirror are minified.
This results in ~12k savings on the final binary size.
Review URL: http://codereview.chromium.org/19013
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1179 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Changed the name of Runtime_GetPrototype to Runtime_DebugGetPrototype to indicate that it is a debugger related function and changed its implementation to do the correct __proto__ lookup.
Added some more information to the Map debug print.
Review URL: http://codereview.chromium.org/18658
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Added quoting of the name of the ref property using {"ref":1} instead of {ref:1}. The Chrome C++ JSON parser implementation requires quoted property names.
Changed the JSON format for non finite numbers. The previous formatting using NaN, Infinite and -Infinite caused the Chrome C++ JSON parser implementation to fail. Values "NaN", "Infinite" and "-Infinite" (incuding quotes) are now used.
Reverted changes to DebugLookupResultValue (runtime.cc) from http://codereview.chromium.org/17377. The change caused callback into Chrome with the current V8 context expected to have a DOM Window global object. This is not the case when the debugger context is the active context. This causes properties from interceptors and accessors to be reported as undefined in the debugger.
Review URL: http://codereview.chromium.org/18194
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1101 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
it is assigned a numeric handle. Handles are used to make a 1:1
correspondence between objects and mirrors. Currently the mirrors are
cached in a JavaScript array and when creating a mirror this cache is
checked to see if a mirror already exists for the object. This cache is
cleared when leaving the debugger.
Changed the serialization format to take advantage of these handles. When
an object is serialized referenced objects are represented just by their
handle id serialized as '{ref:<handle>}'. During serialization the
referenced handles are collected and the serializer can provide a
serialization of all the referenced objects.
Removed the special handling of array properties. Indexed properties and
the length property are now rendered as named properties in the
serialization.
Removed the special serialization handling of RegExp properties. The
properties 'source', 'global', 'ignoreCase' and 'multiline' are serialized
with the rest of the properties.
Changed a lot of tests to handle the changed format.
Review URL: http://codereview.chromium.org/18092
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1093 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Changed the serialization format to take advantage of these handles. When an object is serialized referenced objects are represented just by their handle id serialized as '{ref:<handle>}'. During serialization the referenced handles are collected and the serializer can provide a serialization of all the referenced objects.
Removed the special handling of array properties. Indexed properties and the length property are now rendered as named properties in the serialization.
Removed the special serialization handling of RegExp properties. The properties 'source', 'global', 'ignoreCase' and 'multiline' are serialized with the rest of the properties.
Changed a lot of tests to handle the changed format.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1078 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Properties from interceptors are also reflected through PropertyMirror as the distinction did not make sense seen from a JavaScript debugging perspective. The isNative function on a PropertyMirror can be used to check whether a property is defined natively by the host (or V8).
Simplified the local property lookup in the debug runtime call to just call GetProperty as the property is known to be a local property.
Review URL: http://codereview.chromium.org/17377
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1068 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
non-tagged value in register eax was pushed to the stack.
Fixed potential quadratic behavior when converting strings to numbers.
Fixed bug where the return value from Object::SetProperty could end up
being the property holder instead of the written value.
Improved debugger support by allowing nested break points and by
dealing with stack-overflows when compiling functions before setting
break points in them.
git-svn-id: http://v8.googlecode.com/svn/trunk@4 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
