introduced by eval.
In the cases where calls to eval have not introduced any variables, we
do not need to perform a runtime call. Instead, we verify that the
context extension objects have not been created and perform a direct
load.
Not implemented for ARM yet and the scope resolution code could use
some better abstractions. I'd like to do that in a separate
changelist.
Review URL: http://codereview.chromium.org/20419
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1298 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
instead of normal JSObjects.
This ensures that __proto__ and accessors on the Object prototype do
not interfere with catch scopes. Also, it fixes the bug that catch
variables were not DontDelete (issue 74).
Next step is to create special lookup routines for context extension
objects and remove the special handling of context extension objects
from the general javascript object lookup routines.
Review URL: http://codereview.chromium.org/18143
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1091 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
calling a stub. The map to check against is unknown when generating
the code, so we patch the map check in the IC initialization code.
Loop nesting is currently not tracked on ARM. I'll file feature
request bug reports for implementing this on ARM and add the number to
the TODOs before I commit.
Review URL: http://codereview.chromium.org/16409
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1015 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
void CodeForStatement(Node* node)
void CodeForSourcePosition(int pos)
The first is used to indicate that code is about to be generated for the given statement and the second is used to indicate that code is about to be generated for the given source position.
Added position information for some statements which was missing whem.
Updated the code generator for ARM to emit source position the same way as for IA-32.
Added an assert to ensure that deferred code stubs will always have a source source position as if it has not it will take whatever source position before which makes no sense.
The passing test on ARM has only been tested using the simulator.
Review URL: http://codereview.chromium.org/14170
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@985 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
operation. I have another version of this change that does not remove the
special inline caches for difference sized strings. The other version is ever
so slightly faster, but the nice thing about this version is that it removes
253 lines of code.
Review URL: http://codereview.chromium.org/8187
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@603 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
accesses (eg, parameters, locals, and the expression stack elements)
and mutation (pushes and pops) go through the virtual frame.
The frame initially contains no state, and directly emits instructions
in the obvious way. It is not currently used for deferred code.
Review URL: http://codereview.chromium.org/7076
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@489 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
underlying string representation of the two strings involved.
- Renamed ascii and two byte string classes to sequential ascii and
sequential two byte, and renamed IsAscii and friends to
IsAsciiRepresentation. This is to make a clear distinction between
strings with an ascii/two-byte representation, of which there is
four, and flat sequential ascii/two-byte string.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@474 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
are evaluated with an extra element on the stack, which needs
to be taken into account when breaking and continuing.
I'll clean up the code and add an abstraction for manipulating
the break stack height in a future CL -- I want to try to get
rid of the separate local variable we keep around for the "state"
when running in a finally block.
Review URL: http://codereview.chromium.org/5625
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@400 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
canonicalize maps for object literals. JSON objects
with the same set of properties names will then
share the same map.
This reduces the amount of generated code associated
with object literals.
- Added a flag canonicalize_object_literal_maps.
(default true)
- Changed the format of a function's literal array.
Only the global context is now stored in the literal prefix.
Review URL: http://codereview.chromium.org/4078
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@371 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
upper case. Moved it into the RelocInfo class together with the associated
is_xxx functions. Renamed is_xxx to IsXxx in the process.
Removed the exit_js_frame mode as it was no longer used.
Patch Set 2 renames RELOC_MODE_COUNT to NUMBER_OF_MODES and fixes a couple of lint errors.
Review URL: http://codereview.chromium.org/3186
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
until a possible debug break location is reached. Currently this is call sites
with calls to code objects and JS return. Source position information in the
code therefore no longer refers to the "first" instruction generated for a
given source position (which was not the case defered code anyway) but to the
first break location after that source position was passed (again defered code
always start with source position information). This doesn't make a difference
for the debugger as it will always be stopped only at debug break locations.
However, this makes the life of the peep-hole optimizer much easier as many
oportunities for posh/pop eliminations where previosly blocked by relocation
information already written to the code object.
Two types of source positions are still collected. Statement positions indicate
the position of the start of the statement leading to this code and (plain)
positions indicate other places typically call sites to help indicate current
position in backtraces. The two different types of positions are also used to
distinguish between step next and step in.
Runs all the tests (including debugger tests) as before.
Moved the checking for the FLAG_debug_info to one place.
I will do the same changes to the ARM codegenerator in a seperate changelist.
Review URL: http://codereview.chromium.org/2957
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@335 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
KeyedLoadIC::GenerateGeneric (on IA32), and the same on ARM.
Re-assignmed FIRST_JS_OBJECT_TYPE to JS_VALUE_TYPE.
Also changed JS_OBJECT_TYPE to FIRST_JS_OBJECT_TYPE in several places where
FIRST_JS_OBJECT_TYPE is intended.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@113 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
__ pop(eax);
...
__ push(eax);
to enable push/pop eliminations.
__ push(eax) must happen before RecordWrite because RecordWrite may destroy
eax value. To be safe, also moved __ push(r0) on ARM to above RecordWrite.
This only affects the case where a context variable is used in a inner scope.
Create a tests for it. It fails if __ push(eax) is after RecordWrite.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@111 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
In the shell sample don't print the result of executing a script, only
evaluating expressions.
Fixed issue when building samples on Windows using a shared V8
library. Added visibility option on Linux build which makes the
generated library 18% smaller.
Changed build system to accept multiple build modes in one build and
generate seperate objects, libraries and executables for each mode.
Removed deferred negation optimization (a * -b => -(a * b)) since this
visibly changes operand conversion order.
Improved parsing performance by introducing stack guard in preparsing.
Without a stack guard preparsing always bails out with stack overflow.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Cleaned up ARM version by removing top of stack caching and by introducing push/pop elimination.
Cleaned up the way runtime functions are called to allow runtime calls with no arguments.
Changed Windows build options to make sure that exceptions are disabled and that optimization flags are enabled.
Added first version of Visual Studio project files.
git-svn-id: http://v8.googlecode.com/svn/trunk@13 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Fixed the handling of '>' and '<=' to use right-to-left conversion and left-to-right evaluation as specified by ECMA-262.
Fixed a branch elimination bug on the ARM platform where incorrect code was generated because of overly aggressive branch elimination.
Improved performance of code that repeatedly assigns the same function to the same property of different objects with the same map.
Untangled DEBUG and ENABLE_DISASSEMBLER defines. The disassembler no longer expects DEBUG to be defined.
Added platform-nullos.cc to serve as the basis for new platform implementations.
git-svn-id: http://v8.googlecode.com/svn/trunk@9 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Added a few samples and support for building them. The samples include a simple shell that can be used to benchmark and test V8.
Changed V8::GetVersion to return the version as a string.
Added source for lazily loaded scripts to snapshots and made serialization non-destructive.
Improved ARM support by fixing the write barrier code to use aligned loads and stores and by removing premature locals optimization that relied on broken support for callee-saved registers (removed).
Refactored the code for marking live objects during garbage collection and the code for allocating objects in paged spaces. Introduced an abstraction for the map word of a heap-allocated object and changed the memory allocator to allocate executable memory only for spaces that may contain code objects.
Moved StringBuilder to utils.h and ScopedLock to platform.h, where they can be used by debugging and logging modules. Added thread-safe message queues for dealing with debugger events.
Fixed the source code reported by toString for certain builtin empty functions and made sure that the prototype property of a function is enumerable.
Improved performance of converting values to condition flags in generated code.
Merged disassembler-{arch} files.
git-svn-id: http://v8.googlecode.com/svn/trunk@8 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
