| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Review notes: | 5 // Review notes: |
| 6 // | 6 // |
| 7 // - The use of macros in these inline functions may seem superfluous | 7 // - The use of macros in these inline functions may seem superfluous |
| 8 // but it is absolutely needed to make sure gcc generates optimal | 8 // but it is absolutely needed to make sure gcc generates optimal |
| 9 // code. gcc is not happy when attempting to inline too deep. | 9 // code. gcc is not happy when attempting to inline too deep. |
| 10 // | 10 // |
| (...skipping 7183 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7194 } | 7194 } |
| 7195 } | 7195 } |
| 7196 | 7196 |
| 7197 | 7197 |
| 7198 void JSArray::set_length(Smi* length) { | 7198 void JSArray::set_length(Smi* length) { |
| 7199 // Don't need a write barrier for a Smi. | 7199 // Don't need a write barrier for a Smi. |
| 7200 set_length(static_cast<Object*>(length), SKIP_WRITE_BARRIER); | 7200 set_length(static_cast<Object*>(length), SKIP_WRITE_BARRIER); |
| 7201 } | 7201 } |
| 7202 | 7202 |
| 7203 | 7203 |
| 7204 bool JSArray::SetElementsLengthWouldNormalize( |
| 7205 Heap* heap, Handle<Object> new_length_handle) { |
| 7206 // If the new array won't fit in a some non-trivial fraction of the max old |
| 7207 // space size, then force it to go dictionary mode. |
| 7208 int max_fast_array_size = |
| 7209 static_cast<int>((heap->MaxOldGenerationSize() / kDoubleSize) / 4); |
| 7210 return new_length_handle->IsNumber() && |
| 7211 NumberToInt32(*new_length_handle) >= max_fast_array_size; |
| 7212 } |
| 7213 |
| 7214 |
| 7204 bool JSArray::AllowsSetElementsLength() { | 7215 bool JSArray::AllowsSetElementsLength() { |
| 7205 bool result = elements()->IsFixedArray() || elements()->IsFixedDoubleArray(); | 7216 bool result = elements()->IsFixedArray() || elements()->IsFixedDoubleArray(); |
| 7206 DCHECK(result == !HasExternalArrayElements()); | 7217 DCHECK(result == !HasExternalArrayElements()); |
| 7207 return result; | 7218 return result; |
| 7208 } | 7219 } |
| 7209 | 7220 |
| 7210 | 7221 |
| 7211 void JSArray::SetContent(Handle<JSArray> array, | 7222 void JSArray::SetContent(Handle<JSArray> array, |
| 7212 Handle<FixedArrayBase> storage) { | 7223 Handle<FixedArrayBase> storage) { |
| 7213 EnsureCanContainElements(array, storage, storage->length(), | 7224 EnsureCanContainElements(array, storage, storage->length(), |
| (...skipping 317 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 7531 #undef READ_SHORT_FIELD | 7542 #undef READ_SHORT_FIELD |
| 7532 #undef WRITE_SHORT_FIELD | 7543 #undef WRITE_SHORT_FIELD |
| 7533 #undef READ_BYTE_FIELD | 7544 #undef READ_BYTE_FIELD |
| 7534 #undef WRITE_BYTE_FIELD | 7545 #undef WRITE_BYTE_FIELD |
| 7535 #undef NOBARRIER_READ_BYTE_FIELD | 7546 #undef NOBARRIER_READ_BYTE_FIELD |
| 7536 #undef NOBARRIER_WRITE_BYTE_FIELD | 7547 #undef NOBARRIER_WRITE_BYTE_FIELD |
| 7537 | 7548 |
| 7538 } } // namespace v8::internal | 7549 } } // namespace v8::internal |
| 7539 | 7550 |
| 7540 #endif // V8_OBJECTS_INL_H_ | 7551 #endif // V8_OBJECTS_INL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1086873003:
Array() in optimized code can create with wrong ElementsKind in corner cases. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master