1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-26 12:12:34 +00:00
Commit graph

6 commits

Author SHA1 Message Date
Andreas Kling
1e90379008 LibJS: Introduce "dictionary" mode for object shapes
This is similar to "unique" shapes, which were removed in commit
3d92c26445.

The key difference is that dictionary shapes don't have a serial number,
but instead have a "cacheable" flag.

Shapes become dictionaries after 64 transitions have occurred, at which
point no further transitions occur.

As long as properties are only added to a dictionary shape, it remains
cacheable. (Since if we've cached the shape pointer in an IC somewhere,
we know the IC is still valid.)

Deleting a property from a dictionary shape causes it to become an
uncacheable dictionary.

Note that deleting a property from a non-dictionary shape still performs
a delete transition.

This fixes an issue on Discord where Object.freeze() would eventually
OOM us, since they add more than 16000 properties to a single object
before freezing it.

It also yields a 15% speedup on Octane/pdfjs.js :^)
2023-12-16 14:25:58 +01:00
davidot
2bbea62176 LibJS: Don't update names of resulting functions in object expression
The only cases where the name should be set is if the function comes
from a direct anonymous function expression.
2022-12-14 15:27:08 +00:00
Linus Groh
1856400547 LibJS: Uncomment Object.{freeze,seal}() tests that now pass :^) 2021-07-11 21:58:14 +01:00
Linus Groh
09bd5f8772 LibJS: Rewrite most of Object for spec compliance :^)
This is a huge patch, I know. In hindsight this perhaps could've been
done slightly more incremental, but I started and then fixed everything
until it worked, and here we are. I tried splitting of some completely
unrelated changes into separate commits, however. Anyway.

This is a rewrite of most of Object, and by extension large parts of
Array, Proxy, Reflect, String, TypedArray, and some other things.

What we already had worked fine for about 90% of things, but getting the
last 10% right proved to be increasingly difficult with the current code
that sort of grew organically and is only very loosely based on the
spec - this became especially obvious when we started fixing a large
number of test262 failures.

Key changes include:

- 1:1 matching function names and parameters of all object-related
  functions, to avoid ambiguity. Previously we had things like put(),
  which the spec doesn't have - as a result it wasn't always clear which
  need to be used.
- Better separation between object abstract operations and internal
  methods - the former are always the same, the latter can be overridden
  (and are therefore virtual). The internal methods (i.e. [[Foo]] in the
  spec) are now prefixed with 'internal_' for clarity - again, it was
  previously not always clear which AO a certain method represents,
  get() could've been both Get and [[Get]] (I don't know which one it
  was closer to right now).
  Note that some of the old names have been kept until all code relying
  on them is updated, but they are now simple wrappers around the
  closest matching standard abstract operation.
- Simplifications of the storage layer: functions that write values to
  storage are now prefixed with 'storage_' to make their purpose clear,
  and as they are not part of the spec they should not contain any steps
  specified by it. Much functionality is now covered by the layers above
  it and was removed (e.g. handling of accessors, attribute checks).
- PropertyAttributes has been greatly simplified, and is being replaced
  by PropertyDescriptor - a concept similar to the current
  implementation, but more aligned with the actual spec. See the commit
  message of the previous commit where it was introduced for details.
- As a bonus, and since I had to look at the spec a whole lot anyway, I
  introduced more inline comments with the exact steps from the spec -
  this makes it super easy to verify correctness.
- East-const all the things.

As a result of all of this, things are much more correct but a bit
slower now. Retaining speed wasn't a consideration at all, I have done
no profiling of the new code - there might be low hanging fruits, which
we can then harvest separately.

Special thanks to Idan for helping me with this by tracking down bugs,
updating everything outside of LibJS to work with these changes (LibWeb,
Spreadsheet, HackStudio), as well as providing countless patches to fix
regressions I introduced - there still are very few (we got it down to
5), but we also get many new passing test262 tests in return. :^)

Co-authored-by: Idan Horowitz <idan.horowitz@gmail.com>
2021-07-04 22:07:36 +01:00
Linus Groh
ac3e7ef791 LibJS: Fix crash in Object.{freeze,seal}() with indexed properties
This was failing to take two things into account:

- When constructing a PropertyName from a value, it won't automatically
  convert to Type::Number for something like string "0", even though
  that's how things work internally, since indexed properties are stored
  separately. This will be improved in a future patch, it's a footgun
  and should happen automatically.
- Those can't be looked up on the shape, we have to go through the
  indexed properties instead.

Additionally it now operates on the shape or indexed properties directly
as define_property() was overly strict and would throw if a property was
already non-configurable.

Fixes #6469.
2021-04-20 09:38:22 +02:00
Linus Groh
9af07c7803 LibJS: Implement Object.freeze() and Object.seal() 2021-04-07 09:05:01 +02:00