src/heap.cc - Issue 7929001: Initialize pre-allocated fields of JSObject with undefined.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/heap.cc

Issue 7929001: Initialize pre-allocated fields of JSObject with undefined. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge

Patch Set: Created 9 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments.

Jump to:

View side-by-side diff with in-line comments

Index: src/heap.cc

diff --git a/src/heap.cc b/src/heap.cc

index 8c9ebe3ec48e82faac4f51b2c509532c0676d41b..46b26528b4a5490bd715dd7d11f8425540c6ad05 100644

--- a/src/heap.cc

+++ b/src/heap.cc

@@ -3339,20 +3339,24 @@ void Heap::InitializeJSObjectFromMap(JSObject* obj,

// fixed array (eg, Heap::empty_fixed_array()). Currently, the object

// verification code has to cope with (temporarily) invalid objects. See

// for example, JSArray::JSArrayVerify).

- Object* filler;

// We cannot always fill with one_pointer_filler_map because objects

// created from API functions expect their internal fields to be initialized

// with undefined_value.

+ // Pre-allocated fields need to be initialized with undefined_value as well

+ // so that object accesses before the constructor completes (e.g. in the

+ // debugger) will not cause a crash.

if (map->constructor()->IsJSFunction() &&

JSFunction::cast(map->constructor())->shared()->

IsInobjectSlackTrackingInProgress()) {

// We might want to shrink the object later.

ASSERT(obj->GetInternalFieldCount() == 0);

- filler = Heap::one_pointer_filler_map();

+ obj->InitializeBody(map,

+ Heap::undefined_value(),

+ Heap::one_pointer_filler_map());

} else {

- filler = Heap::undefined_value();

+ obj->InitializeBody(map, Heap::undefined_value(), Heap::undefined_value());

Vyacheslav Egorov (Chromium) 2011/09/16 15:33:05 Can be moved outside of the if to avoid code dupli

}

- obj->InitializeBody(map->instance_size(), filler);

}

« no previous file with comments | « no previous file | src/ia32/builtins-ia32.cc » ('j') | src/ia32/builtins-ia32.cc » ('J')