ricow@chromium.org
f74a08d8ee
Added Object.defineProperty + needed internal functionality:
...
DefineOwnProperty (changed to allow for redefinition of existing property)
SameValue
Extra info on propertydescriptor
GetProperty
HasProperty
Currently the DefineOrRedefineAccessorProperty deletes the existing
property on the object if it is a dataproperty (FIELD or NORMAL) and
adds a new one. This can potentially be optimized.
Review URL: http://codereview.chromium.org/555149
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3786 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-02-03 13:10:03 +00:00
ager@chromium.org
c4bd2aa054
Add missing access checks to Object.getOwnPropertyNames.
...
Makes webkit layout test: http/tests/security/cross-frame-access-enumeration.html fail.
Review URL: http://codereview.chromium.org/561019
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3771 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-02-02 13:48:54 +00:00
lrn@chromium.org
29229e9b8c
Fix a bug that Math.round() returns incorrect results for huge integers.
...
Review URL: http://codereview.chromium.org/567011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3764 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-02-02 09:14:22 +00:00
serya@chromium.org
9239bbdd91
Removing redundant stub for runtime native calls.
...
Review URL: http://codereview.chromium.org/543207
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-29 12:41:11 +00:00
kasperl@chromium.org
048fe9b980
RFC: Try to be much more careful with where we skip the write barrier by:
...
1. Avoid using SKIP_WRITE_BARRIER when we don't have to (smis).
2. Check and document the remaining uses of SKIP_WRITE_BARRIER.
3. Only allow GetWriteBarrierMode when in an AssertNoAllocation scope.
The only functional change should be in DeepCopyBoilerplate where we
no longer use the write barrier mode (because of allocations). I'm
running benchmarks to see if this has a measurable impact on performance.
Review URL: http://codereview.chromium.org/558041
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3743 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-29 11:46:55 +00:00
kmillikin@chromium.org
e7528c4ac6
Propagate receiver from initial call site to code generator.
...
When doing lazy compilation of methods, allow the code generator to know the
(initial) receiver at the (initial) call site.
Review URL: http://codereview.chromium.org/551189
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3739 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-29 09:52:51 +00:00
antonm@chromium.org
29af9c54a4
Merge ObjectIterator::has_next and ObjectIterator::next methods.
...
This reduces chances of improper usage, see http://code.google.com/p/v8/issues/detail?id=586
for more details.
BUG=586
Review URL: http://codereview.chromium.org/555072
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-25 22:53:18 +00:00
mikhail.naganov@gmail.com
999e3fca90
Fix issue 553: function frame is skipped in profile when compare stub is called.
...
The problem appeared due to a fact that stubs doesn't create a stack
frame, reusing the stack frame of the caller function. When building
stack traces, the current function is retrieved from PC, and its
callees are retrieved by traversing the stack backwards. Thus, for
stubs, the stub itself was discovered via PC, and then stub's caller's
caller was retrieved from stack.
To fix this problem, a pointer to JSFunction object is now captured
from the topmost stack frame, and is saved into stack trace log
record. Then a simple heuristics is applied whether a referred
function should be added to decoded stack, or not, to avoid reporting
the same function twice (from PC and from the pointer.)
BUG=553
TEST=added to mjsunit/tools/tickprocessor
Review URL: http://codereview.chromium.org/546089
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3673 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-21 16:42:41 +00:00
vitalyr@chromium.org
80c81d96d4
Fix issue 582: preserve construct stub on first allocation in case we can't optimize it.
...
BUG=582
TEST=cctest/test-api/NativeFunctionConstructCall
Review URL: http://codereview.chromium.org/546088
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3659 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-20 14:43:12 +00:00
antonm@chromium.org
d89bc5322a
Fix a build.
...
Some tests still fail.
TBR=ager@chromium.org
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3647 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-19 13:15:52 +00:00
ricow@chromium.org
4667efc0df
Added Extensible property to objects and made methods for extracting and setting it.
...
Also added one method to runtime to get the extensible value
Additionally, added a check on the number of arguments in the start of GetOwnProperty.
Review URL: http://codereview.chromium.org/545116
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3646 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-19 12:56:36 +00:00
mikhail.naganov@gmail.com
a3c0f20035
Submit Object.getOwnPropertyNames patch by Pavel Feldman. See http://codereview.chromium.org/549050 .
...
Add copyright to regression test to fix build broken by r3619.
TBR=sgjesse@chromium.org
Review URL: http://codereview.chromium.org/542092
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3620 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-15 15:34:32 +00:00
fschneider@chromium.org
d234b0e2ad
Fix bug in keyed load stub for strings.
...
Instead of returning the empty string when indexing
a string out of bounds we now correctly return undefined.
Review URL: http://codereview.chromium.org/542089
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3611 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-15 12:00:21 +00:00
ager@chromium.org
41475c17ff
Fix crash when using Object.getOwnPropertyDescriptor on an API defined
...
callback property.
Return undefined for Object.getOwnPropertyDescriptor on an API defined
callback properties for now.
Review URL: http://codereview.chromium.org/542074
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3605 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-14 14:32:19 +00:00
ricow@chromium.org
19e49e1740
Enabled es5conform tests for new array methods and corrected errors that was discovered by enabling these.
...
Added new es5 methods:
GetOwnPropertyDescriptor
GetOwnProperty
FromPropertyDescriptor
Review URL: http://codereview.chromium.org/546032
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3595 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-13 12:10:57 +00:00
antonm@chromium.org
4377037336
Reverting temporary reverts 3586 and 3588 back.
...
TBR=kasperl@chromium.org
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3589 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-12 23:42:36 +00:00
antonm@chromium.org
6cabd63572
Temporary backing out r3538 to see impact on DOM benchmarks.
...
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3586 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-12 16:57:18 +00:00
sgjesse@chromium.org
91cfb3730a
Add generated code for ascii string comparison
...
Careted a stub for string comparison and used part of the code from that to inline string comparison in the compare stub.
Review URL: http://codereview.chromium.org/525115
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3569 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-08 11:58:15 +00:00
lrn@chromium.org
2cb1f8271f
Fix potential length-miscalculation in %StringBuilderConcat.
...
Review URL: http://codereview.chromium.org/521074
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3568 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-08 11:27:37 +00:00
lrn@chromium.org
40d6cbca89
Forgot patch to make it compiler on Linux.
...
Review URL: http://codereview.chromium.org/525087
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3562 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-07 14:04:56 +00:00
lrn@chromium.org
dddadf9f7e
Fixed potential length miscalculations by limiting max size of arrays and strings.
...
Review URL: http://codereview.chromium.org/525064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3560 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-07 13:17:18 +00:00
fschneider@chromium.org
c4416d628d
Fix runtime function StringCharAt where an argument was not checked.
...
Review URL: http://codereview.chromium.org/523126
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3559 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-07 12:31:45 +00:00
fschneider@chromium.org
903301248e
Improve keyed loads on strings by using a new stub.
...
Instead of going through a runtime function for keyed loads
on strings we invoke a separate specialized stub that
assumes string as receiver type and the key to be a number.
The stub calls a JS builtin function to return the corresponding one-character string.
Review URL: http://codereview.chromium.org/521041
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3556 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-07 10:25:20 +00:00
sgjesse@chromium.org
3d36c712aa
Use generated code to create sub strings.
...
Added a stub to allocate and fill a string object with a substring from another string.
Use the rep movs instruction to copy the string data as it turned out to be the fastest way.
While preparing this I experimented with some SSE2 instructions, so the instructions movdqa and movdqu are still in the IA-32 assembler even though they are not used.
Review URL: http://codereview.chromium.org/525085
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3554 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-07 09:59:37 +00:00
kasperl@chromium.org
1fdbaa1d10
Improve performance of Array.prototype.join and String.prototype.substring
...
by tweaking the JavaScript implementation of these functions.
Review URL: http://codereview.chromium.org/519061
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3545 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-06 14:40:21 +00:00
bak@chromium.org
0ba452b5c6
- Fixed a bug in the array concat implementation causing the elements in the result to be lost.
...
Review URL: http://codereview.chromium.org/523055
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3538 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-05 12:33:55 +00:00
kasperl@chromium.org
15fe7a8ad6
Make the ResolvePossiblyDirectEval faster by avoiding the
...
stack traversal code.
Review URL: http://codereview.chromium.org/523051
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3533 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2010-01-05 09:38:02 +00:00
fschneider@chromium.org
fd03f6c153
Faster handling of string indexing using [] with a SMI index.
...
Instead of falling back to calling GetObjectProperty we call GetCharAt
directly if the object is a string and the key in a SMI.
Review URL: http://codereview.chromium.org/522015
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3528 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-12-28 13:01:03 +00:00
kasperl@chromium.org
b1721d4c3e
Improve performance of allocating closures for nested
...
functions by allocating them in new space without
entering the runtime system.
Review URL: http://codereview.chromium.org/506037
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3477 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-12-16 15:43:20 +00:00
iposva@chromium.org
fe952d7237
- Ensure the stack trace limit is not negative.
...
- Enable fuzzing of the CollectStackTrace runtime call.
Review URL: http://codereview.chromium.org/491005
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3451 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-12-10 18:33:34 +00:00
fschneider@chromium.org
4dee8d81bd
Create literal boilerplate as part of cloning in the top-level compiler.
...
When generating code for object and array literals we performed
the check if the a boilerplate already exists in generated code.
In the top-level compiler we now do this check in a new runtime
function. This makes the generated code more compact for top-level code.
Review URL: http://codereview.chromium.org/465148
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3437 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-12-09 13:06:08 +00:00
kmillikin@chromium.org
7266bd0b9a
Fix issue 540 by handling the case that a declaration is in the
...
arguments object.
See http://code.google.com/p/v8/issues/detail?id=540
Review URL: http://codereview.chromium.org/460070
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3421 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-12-04 11:59:09 +00:00
mikhail.naganov@gmail.com
d84d47961a
When executing 'profile' request, delegate to api function, not to internal one.
...
Review URL: http://codereview.chromium.org/466006
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3403 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-12-03 08:44:33 +00:00
sgjesse@chromium.org
53fbd5932a
Perform string add in generated code on IA-32 platforms
...
This adds a code stub which can do most of what Heap::AllocateConsString can do. It bails out if the result cannot fit in new space or if the result is a short (flat) string and one argument is an ascii string and the other a two byte string. It also bails out if adding two one character strings as Heap::AllocateConsString has special handling of this utilizing the symbol table. The stub is used both for the binary add operation and for StringAdd calls from runtime JavaScript files. Extended the string add test to cover all sizes of flat result stings.
Review URL: http://codereview.chromium.org/442024
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3400 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-12-03 07:56:21 +00:00
mikhail.naganov@gmail.com
dd38c22699
Add pause / resume profiling commands to debugger protocol.
...
This allows to profile "unresponsive" web pages in the same way
as it is possible to break into them with the debugger.
BUG=http://code.google.com/p/chromium/issues/detail?id=28689
Review URL: http://codereview.chromium.org/450011
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3382 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-30 14:56:20 +00:00
antonm@chromium.org
93d6199de0
When processing global vars initialization account for the case of splitted
...
global object (using hidden prototypes):
1) setters might be not on the global object itself, but on its prototypes;
2) if property on one of prototypes is readonly, we could shadow it.
Review URL: http://codereview.chromium.org/434035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3362 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-25 15:45:37 +00:00
sgjesse@chromium.org
4bc5aee624
Fix compilation error in r3350
...
TBR=ager@chromium.org
Review URL: http://codereview.chromium.org/435021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3352 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-24 14:45:27 +00:00
sgjesse@chromium.org
eb4d261e24
Remove the different length string types
...
The different length string types was used to encode the string length and the hash in one field. This is now split into two fields one for length and one for hash. The hash field still encodes the array index of the string if it has one. If an array index is encoded in the hash field the string length is added to the top bits of the hash field to avoid a hash value of zero.
On 32-bit this causes an additional 4 bytes to be used for all string objects. On 64-bit this will be half on average dur to pointer alignment.
Review URL: http://codereview.chromium.org/436001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3350 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-24 14:10:06 +00:00
erik.corry@gmail.com
43e8d5fa7f
Some optimizations for packer.js.
...
Review URL: http://codereview.chromium.org/409007
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3336 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-20 10:11:45 +00:00
ager@chromium.org
3cf9ce4736
Fix crash in string replace with regexp. If the suffix of the subject
...
string is larger than 2047 chars we will encode the slice as two Smis
instead of one. The calculation of the max size of the string builder
did not take this into account.
BUG=http://code.google.com/p/v8/issues/detail?id=515
Review URL: http://codereview.chromium.org/402056
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3334 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-18 18:48:04 +00:00
lrn@chromium.org
1bc9a21e9a
Sorry, this should have gone to http://codereview.chromium.org/391014
...
I added some tests and swapped the lhs and rhs of the && operator in v8natives.js as requested.
Review URL: http://codereview.chromium.org/384132
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3319 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-17 13:54:05 +00:00
erik.corry@gmail.com
41749529dd
Speed up charCodeAt on very large cons strings, by insisting on
...
flattening the strings and not trying too hard to traverse a big
cons tree from generated code.
Review URL: http://codereview.chromium.org/402008
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3317 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-17 10:28:04 +00:00
christian.plesner.hansen@gmail.com
d5ca1178cb
Fixed a few cases where allocators did not respect always_allocate,
...
potentially leading to bogus FatalProcessOutOfMemory situations. Also
fixed a few cases where callers relied on getting a NewSpace object
back (to avoid write barrier overhead) which they can't when
always_allocate is in effect.
Review URL: http://codereview.chromium.org/391018
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3285 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-11 15:25:51 +00:00
lrn@chromium.org
d53f05e3e2
Fix warnings on Win64.
...
Set warning level to /W3 and change implicit conversions from size_t
to int. Most "fixes" are simply manifesting the implicit casts or using
a special strlen replacement that returns int.
Review URL: http://codereview.chromium.org/390004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3273 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-11 09:50:06 +00:00
yurys@chromium.org
cd9660f77c
All hidden properties of an object are stored in a value of a regular property with empty name. This property may confuse user if returned among regular properties. It should not be exposed directly by ObjectMirror. Should we want an access to these properties from debugger we need to implement an explicit method for that.
...
Current patch filters the hidden_symbol from property names returned to ObjectMirror.
See http://crbug.com/26491
Review URL: http://codereview.chromium.org/390001
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3265 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-10 16:13:21 +00:00
sgjesse@chromium.org
851b9b2f73
Remove sliced string string type
...
As a first step to reduce the complexity of the string hierachy the sliced string type is removed. Whenever a sub-string is created it is allocated as a fresh flat string.
Review URL: http://codereview.chromium.org/385004
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3259 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-10 13:23:05 +00:00
christian.plesner.hansen@gmail.com
a1b2f47600
Reverting 3174. Aka reapplying 3150, 3151 and 3159. Aka api accessor
...
ics.
Review URL: http://codereview.chromium.org/341082
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3209 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-04 08:51:48 +00:00
sgjesse@chromium.org
b4c11d0816
Don't use string slices when processing RexExp replace (re-apply r3153)
...
Re-apply r3153 with a fix for issue 490. Except for the change in line 1756 and the added test this change is identical to http://codereview.chromium.org/342015 .
BUG=490
TEST=test/mjsunit/regress/regress-490.js
Review URL: http://codereview.chromium.org/341064
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3197 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-11-02 12:21:43 +00:00
sgjesse@chromium.org
be769f6a24
Reverting 3159, 3151 and 3150
...
TBR=christian.plesner.hansen@gmail.com
Review URL: http://codereview.chromium.org/343035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3174 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-29 13:17:11 +00:00
sgjesse@chromium.org
9b6a1cca5d
Reverting 3153
...
TBR=erik.corry@gmail.com
Review URL: http://codereview.chromium.org/341031
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@3170 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-10-29 07:31:23 +00:00