Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(109)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/heap.cc

Issue 7929001: Initialize pre-allocated fields of JSObject with undefined. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Added ARM port. Created 9 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/arm/macro-assembler-arm.cc ('k') | src/ia32/builtins-ia32.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2011 the V8 project authors. All rights reserved. 1 // Copyright 2011 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 3325 matching lines...) Expand 10 before | Expand all | Expand 10 after
3336 // according to the object's initial map. For example, if the map's 3336 // according to the object's initial map. For example, if the map's
3337 // instance type is JS_ARRAY_TYPE, the length field should be initialized 3337 // instance type is JS_ARRAY_TYPE, the length field should be initialized
3338 // to a number (eg, Smi::FromInt(0)) and the elements initialized to a 3338 // to a number (eg, Smi::FromInt(0)) and the elements initialized to a
3339 // fixed array (eg, Heap::empty_fixed_array()). Currently, the object 3339 // fixed array (eg, Heap::empty_fixed_array()). Currently, the object
3340 // verification code has to cope with (temporarily) invalid objects. See 3340 // verification code has to cope with (temporarily) invalid objects. See
3341 // for example, JSArray::JSArrayVerify). 3341 // for example, JSArray::JSArrayVerify).
3342 Object* filler; 3342 Object* filler;
3343 // We cannot always fill with one_pointer_filler_map because objects 3343 // We cannot always fill with one_pointer_filler_map because objects
3344 // created from API functions expect their internal fields to be initialized 3344 // created from API functions expect their internal fields to be initialized
3345 // with undefined_value. 3345 // with undefined_value.
3346 // Pre-allocated fields need to be initialized with undefined_value as well
3347 // so that object accesses before the constructor completes (e.g. in the
3348 // debugger) will not cause a crash.
3346 if (map->constructor()->IsJSFunction() && 3349 if (map->constructor()->IsJSFunction() &&
3347 JSFunction::cast(map->constructor())->shared()-> 3350 JSFunction::cast(map->constructor())->shared()->
3348 IsInobjectSlackTrackingInProgress()) { 3351 IsInobjectSlackTrackingInProgress()) {
3349 // We might want to shrink the object later. 3352 // We might want to shrink the object later.
3350 ASSERT(obj->GetInternalFieldCount() == 0); 3353 ASSERT(obj->GetInternalFieldCount() == 0);
3351 filler = Heap::one_pointer_filler_map(); 3354 filler = Heap::one_pointer_filler_map();
3352 } else { 3355 } else {
3353 filler = Heap::undefined_value(); 3356 filler = Heap::undefined_value();
3354 } 3357 }
3355 obj->InitializeBody(map->instance_size(), filler); 3358 obj->InitializeBody(map, Heap::undefined_value(), filler);
3356 } 3359 }
3357 3360
3358 3361
3359 MaybeObject* Heap::AllocateJSObjectFromMap(Map* map, PretenureFlag pretenure) { 3362 MaybeObject* Heap::AllocateJSObjectFromMap(Map* map, PretenureFlag pretenure) {
3360 // JSFunctions should be allocated using AllocateFunction to be 3363 // JSFunctions should be allocated using AllocateFunction to be
3361 // properly initialized. 3364 // properly initialized.
3362 ASSERT(map->instance_type() != JS_FUNCTION_TYPE); 3365 ASSERT(map->instance_type() != JS_FUNCTION_TYPE);
3363 3366
3364 // Both types of global objects should be allocated using 3367 // Both types of global objects should be allocated using
3365 // AllocateGlobalObject to be properly initialized. 3368 // AllocateGlobalObject to be properly initialized.
(...skipping 2923 matching lines...) Expand 10 before | Expand all | Expand 10 after
6289 } 6292 }
6290 6293
6291 6294
6292 void ExternalStringTable::TearDown() { 6295 void ExternalStringTable::TearDown() {
6293 new_space_strings_.Free(); 6296 new_space_strings_.Free();
6294 old_space_strings_.Free(); 6297 old_space_strings_.Free();
6295 } 6298 }
6296 6299
6297 6300
6298 } } // namespace v8::internal 6301 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « src/arm/macro-assembler-arm.cc ('k') | src/ia32/builtins-ia32.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698