Commit Graph

112 Commits

Author SHA1 Message Date
ager@chromium.org
b4b5e3ca95 Not sure what happened, but my revert did not get everything out. Fixing the problem instead. The issue was using tmp instead of context in two places.
TBR=kasperl

Review URL: http://codereview.chromium.org/20459

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1303 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-18 15:55:24 +00:00
ager@chromium.org
19f04d16c7 Revert eval changes since there is a crash that I don't have the time
to fix now.

TBR=kasperl
Review URL: http://codereview.chromium.org/20458

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1302 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-18 15:34:37 +00:00
ager@chromium.org
a09832ab76 Optimize loads from variables that might be shadowed by variables
introduced by eval.

In the cases where calls to eval have not introduced any variables, we
do not need to perform a runtime call.  Instead, we verify that the
context extension objects have not been created and perform a direct
load.

Not implemented for ARM yet and the scope resolution code could use
some better abstractions.  I'd like to do that in a separate
changelist.
Review URL: http://codereview.chromium.org/20419

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1298 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-02-18 13:04:28 +00:00
ager@chromium.org
8a731355be Make sure that eval and try-catch introduced context extension objects
act as if they have no properties in their prototype chains.

This fixes V8 issue 193:

  http://code.google.com/p/v8/issues/detail?id=193.
Review URL: http://codereview.chromium.org/18709

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1132 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2009-01-23 12:16:03 +00:00
olehougaard
2b72eeedfb Change implementation of eval to make an exact distinction between direct eval and aliased eval.
Review URL: http://codereview.chromium.org/12673

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@860 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-11-27 13:55:06 +00:00
ager@chromium.org
95d1d40077 Revert r819, 821, and 822 which caused a big performance regression
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-11-21 15:01:41 +00:00
olehougaard
a2ec5d90cb Removing assert to make flexo happy.
TBR=ager
Review URL: http://codereview.chromium.org/11565

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@821 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-11-21 13:37:38 +00:00
kasperl@chromium.org
c128b8d9de Improve code for looking up in context slots in runtime.cc and
use safe casting operations to slot access on contexts when
possible.


git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@588 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-24 10:59:40 +00:00
feng@chromium.org
42ef2c3d77 Split window support from V8.
Here is a description of the background and design of split window in Chrome and V8:
https://docs.google.com/a/google.com/Doc?id=chhjkpg_47fwddxbfr

This change list splits the window object into two parts: 1) an inner window object used as the global object of contexts; 2) an outer window object exposed to JavaScript and accessible by the name 'window'. Firefox did it awhile ago, here are some discussions: https://wiki.mozilla.org/Gecko:SplitWindow. One additional benefit of splitting window in Chrome is that accessing global variables don't need security checks anymore, it can improve applications that use many global variables.

V8 support of split window:
  There are a small number of changes on V8 api to support split window:
Security context is removed from V8, so does related API functions;
A global object can be detached from its context and reused by a new context;
Access checks on an object template can be turned on/off by default;
An object can turn on its access checks later;

  V8 has a new object type, ApiGlobalObject, which is the outer window object type. The existing JSGlobalObject becomes the inner window object type. Security checks are moved from JSGlobalObject to ApiGlobalObject. ApiGlobalObject is the one exposed to JavaScript, it is accessible through Context::Global(). ApiGlobalObject's prototype is set to JSGlobalObject so that property lookups are forwarded to JSGlobalObject. ApiGlobalObject forwards all other property access requests to JSGlobalObject, such as SetProperty, DeleteProperty, etc.

  Security token is moved to a global context, and ApiGlobalObject has a reference to its global context. JSGlobalObject has a reference to its global context as well. When accessing properties on a global object in JavaScript, the domain security check is performed by comparing the security token of the lexical context (Top::global_context()) to the token of global object's context. The check is only needed when the receiver is a window object, such as 'window.document'. Accessing global variables, such as 'var foo = 3; foo' does not need checks because the receiver is the inner window object.

  When an outer window is detached from its global context (when a frame navigates away from a page), it is completely detached from the inner window. A new context is created for the new page, and the outer global object is reused. At this point, the access check on the DOMWindow wrapper of the old context is turned on. The code in old context is still able to access DOMWindow properties, but it has to go through domain security checks.


It is debatable on how to implement the outer window object. Currently each property access function has to check if the receiver is ApiGlobalObject type. This approach might be error-prone that one may forget to check the receiver when adding new functions. It is unlikely a performance issue because accessing global variables are more common than 'window.foo' style coding.

I am still working on the ARM port, and I'd like to hear comments and suggestions on the best way to support it in V8.


Review URL: http://codereview.chromium.org/7366

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@540 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-10-21 19:07:58 +00:00
deanm@chromium.org
77196c5771 This is a new static flag system, designed to have all flags in a central place, and compiled into the binary without requiring static constructors for registration. All flags are moved out of the specific modules and into flags.defs, with different sections for debug, release, etc. The flag variables are always defined. For example, a debug flag in release mode still exists, but is read only and set to the default value.
git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@296 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-12 10:19:33 +00:00
christian.plesner.hansen@gmail.com
9bed566bdb Changed copyright header from google inc. to v8 project authors.
Added presubmit step to check copyright.



git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@242 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-09-09 20:08:45 +00:00
christian.plesner.hansen
43d26ecc35 Initial export.
git-svn-id: http://v8.googlecode.com/svn/trunk@2 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2008-07-03 15:10:15 +00:00