Error, ReferenceError, etc. are given a stack property that gives a
stack trace. Here's an example stack trace:
ReferenceError: FAIL is not defined
at Constraint.execute (deltablue.js:527)
at Constraint.recalculate (deltablue.js:426)
at Planner.addPropagate (deltablue.js:703)
at Constraint.satisfy (deltablue.js:186)
at Planner.incrementalAdd (deltablue.js:593)
at Constraint.addConstraint (deltablue.js:164)
at Constraint.BinaryConstraint (deltablue.js:348)
at Constraint.EqualityConstraint (deltablue.js:517)
at chainTest (deltablue.js:809)
at deltaBlue (deltablue.js:881)
at deltablue.js:888
If Error.prepareStackTrace holds a function this function is used to
format the stack trace, for instance allowing code generators to
customize the way stack traces are reported to make them easier to
process.
Next step: performance measurements to see if it is feasible to turn
this on by default.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2302 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Marsaglia's multiply-with-carry instead of mixing the
bits obtained from calling the system random() twice.
This seems to be a bit faster and gives a better
distribution than the system random() in particular on
Windows.
Review URL: http://codereview.chromium.org/126113
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2159 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
For each frame it is now possible to request information on the scope chain. Each scope in the chain can have one of the types local, global, with and closure. For scopes of type global and with the mirror for the actual global or with object is available. For scopes of type local and closure a plain JavaScript object with the materialized content of the scope is created and its mirror is returned. Depending on the level of possible optimization the content of the materialized local and closure scopes might only contain the names which are actually used.
To iterate the scope chain an iterator ScopeIterator have been added which can provide the type of each scope for each part of the chain. This iterator creates an artificial local scope whenever that is present as the context chain does not include the local scope.
To avoid caching the mirror objects for the materialized the local and closure scopes transient mirrors have been added. They have negative handles and cannot be retrieved by subsequent lookup calls. Their content is part of a single response.
For debugging purposes an additional runtime function DebugPrintScopes is been added.
Added commands 'scopes' and 'scope' to the developer shell and fixed the dir command.
BUG=none
TEST=test/mjsunit/debug-scopes.js
Review URL: http://codereview.chromium.org/123021
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2149 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
interceptors and dont-delete attributes.
Minor change to the behavior of eval: throw exception when calling
eval in a context for which the global has been detached. This
matches the behavior of both Firefox and Safari post navigation in the
browser.
Review URL: http://codereview.chromium.org/118374
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2118 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
called from within a loop or not. In the past we lost the
information if a call site went megamorphic before a lazily
compiled callee was called for the first time. Now we track
that correctly (this is an issue that affects richards).
We still don't manage to track the in-loop state through a
constructor call, since constructor calls use LoadICs instead
of CallICs. This issue affects delta-blue. So in this patch
we assume that lazy compilations that don't happen through a
CallIC happen from inside a loop. I have an idea to fix this
but this patch is big enough already.
With our improved tracking of in-loop state I have switched
off the inlining of in-object loads for code that is not in
a loop. This benefits compile speed. One issue is that
eagerly compiled code now doesn't get the in-object loads
inlined. We need to eagerly compile less code to fix this.
Review URL: http://codereview.chromium.org/115744
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2046 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This issue was raised by Brett Wilson while reviewing my changelist for readability. Craig Silverstein (one of C++ SG maintainers) confirmed that we should declare one namespace per line. Our way of namespaces closing seems not violating style guides (there is no clear agreement on it), so I left it intact.
Review URL: http://codereview.chromium.org/115756
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@2038 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
When loaded scripts are requested this cache is filled with all the script objects in the heap. Hereafter its content is kept in sync with the active scripts in the heap through the notifications of new scripts compiled and by using weak handles to get notified when a script is collected.
Through the tracking of collected scripts the debugger event OnScriptCollected have been added to notify a debugger that a script previously returned through the scripts command is no longer in use.
Make the ComputeIntegerHash globally available.
Moved clearing of the mirror cache to when debugger is really left. Previously recursive invocations of the debugger cause the mirror cache to be cleared causing handles to become either stale or reference other objects.
Review URL: http://codereview.chromium.org/115462
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1988 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
ENABLE_DEBUGGER_SUPPORT is enabled by default unless it is on Android platform.
On Android platform, it can also enabled by passing -DENABLE_DEBUGGER_SUPPORT flag to the compiler.
This should not affect any existing build (I hope, cross my fingers) except the build in real Android environment (in other word, it only affects me now).
There are lot of room for code refactoring in stead of using #ifdef all over the place. I will leave this to v8 folks.
Review URL: http://codereview.chromium.org/77035
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1745 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
resource to NULL when removing it from the symbol table. This makes
sure that the debugger can recognize the external string as being
"deleted". Now, whenever an external resource is deleted, the
resource pointer is set to NULL.
This is really a workaround of a debugger problem. We need to make
sure that the debugger only finds scripts in the heap that are
actually live.
Review URL: http://codereview.chromium.org/69029
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1734 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
a reason to stack allocate large chunks of stack space.
- Runtime_GetCFrames used to allocate a frame size of 52040 bytes.
- PreallocatedMemoryThread::Run used to allocate 32784 bytes.
- Fixed StringStream overflow conditions.
Review URL: http://codereview.chromium.org/67197
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1729 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Currently function name inference is wired with AST optimization pass to avoid introducing another pass over AST. A better solution would be to rewrite AST visitors so they can be naturally combined together in a single pass, as their current implementation doesn't allow it.
For examples of cases where function names can be inferred, see the tests file.
Review URL: http://codereview.chromium.org/62146
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1696 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Each thread running V8 code is assigned an id in thread local storage the first time V8 code is run in it. The thread information returned to the debugger contains the number of threads, the id of each of these threads and which one is the current thread.
Added a threads command to the developer shell debugger for showing information on threads.
Review URL: http://codereview.chromium.org/48009
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1523 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
an object that holds a setter. If there are no store ics then no
flushing is done. The implementation has been tweaked so that no ICs
are cleared during normal context creation.
This may cost us some performance but I'm submitting it as it is and
if there are problems we can either decide to be smarter about when,
what and/or how we clear, or back this change out altogether.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This is mainly to avoid these scripts showing up in the debugger when showing normal scripts.
Removed the check for the empty script in the debugger function returning loaded scripts as this check only filtered out the empty script from the debugger context and not empty scripts in all other contexts. Also this filter did not take the script for the empty function into account.
Review URL: http://codereview.chromium.org/39322
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1443 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
1418, and 1419 from bleeding_edge until we have a fix
for the crashers we see on the distributed test infra-
structure.
We know that revision 1383 is causing issues, but I
had to revert some of the other recent RegExp changes
in order to get this part out.
Review URL: http://codereview.chromium.org/39186
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1429 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
surrounding context to figure out if the variable could be global. If
the variable could be global we check context extension objects at
runtime and use a global LoadIC if no variables have been introduced
by eval.
Fix crash bug when loading function arguments from inside eval. The
shadowed variable in the DYNAMIC_LOCAL case does not rewrite to a slot in
that case.
Review URL: http://codereview.chromium.org/28027
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Moved the registrered debug event listener from the context to a global handle in the Debugger class. Storing it in the context did not make much sense.
Changed a lot of tests to handle the API change.
BUG=1242707
Review URL: http://codereview.chromium.org/19753
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1212 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Changed the name of Runtime_GetPrototype to Runtime_DebugGetPrototype to indicate that it is a debugger related function and changed its implementation to do the correct __proto__ lookup.
Added some more information to the Map debug print.
Review URL: http://codereview.chromium.org/18658
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1126 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Added quoting of the name of the ref property using {"ref":1} instead of {ref:1}. The Chrome C++ JSON parser implementation requires quoted property names.
Changed the JSON format for non finite numbers. The previous formatting using NaN, Infinite and -Infinite caused the Chrome C++ JSON parser implementation to fail. Values "NaN", "Infinite" and "-Infinite" (incuding quotes) are now used.
Reverted changes to DebugLookupResultValue (runtime.cc) from http://codereview.chromium.org/17377. The change caused callback into Chrome with the current V8 context expected to have a DOM Window global object. This is not the case when the debugger context is the active context. This causes properties from interceptors and accessors to be reported as undefined in the debugger.
Review URL: http://codereview.chromium.org/18194
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1101 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
instead of normal JSObjects.
This ensures that __proto__ and accessors on the Object prototype do
not interfere with catch scopes. Also, it fixes the bug that catch
variables were not DontDelete (issue 74).
Next step is to create special lookup routines for context extension
objects and remove the special handling of context extension objects
from the general javascript object lookup routines.
Review URL: http://codereview.chromium.org/18143
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1091 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The problem is that Disable/EnableAccessCheck on an object may chnage its constructor's behavior
if object's map is the same as constructor's initial map. By copying maps, the constructor's
initial map is not changed.
Review URL: http://codereview.chromium.org/18067
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1087 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Properties from interceptors are also reflected through PropertyMirror as the distinction did not make sense seen from a JavaScript debugging perspective. The isNative function on a PropertyMirror can be used to check whether a property is defined natively by the host (or V8).
Simplified the local property lookup in the debug runtime call to just call GetProperty as the property is known to be a local property.
Review URL: http://codereview.chromium.org/17377
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1068 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This can lead to large objects which wastes a lot of space if we normalize properties. We therfore clear the inobject properties when normalizing properties. This is done by adjusting the instance size in the new map and overwriting the inobject properties with a filler.
Review URL: http://codereview.chromium.org/17308
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1051 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
The performance of Array::concat is critical of jQuery benchmark from
http://www.dromaeo.com. Our current implementation in JavaScript is very
generic and is several times slower than JSC and SpiderMonkey.
Re-implement Array::concat in C++ to take advantage of underlying implementation
details. This cuts dom-travesal-jquery execution time by half.
We may want to move Array specific implementation into a separate source file,
say jsarray.cc.
Review URL: http://codereview.chromium.org/7990
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@625 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
If a map has descendents in the map transition tree that are alive,
it is kept. Only maps such that they and all their descendants
have no live objects are collected. This happens in mark-sweep and
mark-compact garbage collections.
Review URL: http://codereview.chromium.org/8099
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@601 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
- Changed WeakReferenceCallback to take a Persistent<Value> instead of
a Persistent<Object>.
- Removed Message::GetUnderline and Message::GetScriptData.
- Added Value::IsDate, Date::Cast and Date::Value.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@564 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr
This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.
V8 support of split window:
There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;
V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.
Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.
When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.
It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.
I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.
Review URL: http://codereview.chromium.org/7366
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
- Reduce it to half size if the pattern is ASCII, saving on initialization
- If pattern is ASCII and subject is not, any non-ASCII char can cause a
full pattern-length shift, even if we haven't indexed the entire pattern.
- Use memset to initialize buffer in the common case where the pattern is
shorter than the max significant suffix limit.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@519 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
* Patch from Erik Corry to separate BM-algoritm into special case
functions. Also changes condition for bailing out of simple search.
* Added simple search with no bailout for very short patterns.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00