| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 9411 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 9422 #endif // ENABLE_DISASSEMBLER | 9422 #endif // ENABLE_DISASSEMBLER |
| 9423 | 9423 |
| 9424 | 9424 |
| 9425 MaybeObject* JSObject::SetFastElementsCapacityAndLength( | 9425 MaybeObject* JSObject::SetFastElementsCapacityAndLength( |
| 9426 int capacity, | 9426 int capacity, |
| 9427 int length, | 9427 int length, |
| 9428 SetFastElementsCapacitySmiMode smi_mode) { | 9428 SetFastElementsCapacitySmiMode smi_mode) { |
| 9429 Heap* heap = GetHeap(); | 9429 Heap* heap = GetHeap(); |
| 9430 // We should never end in here with a pixel or external array. | 9430 // We should never end in here with a pixel or external array. |
| 9431 ASSERT(!HasExternalArrayElements()); | 9431 ASSERT(!HasExternalArrayElements()); |
| 9432 ASSERT(!map()->is_observed()); |
| 9432 | 9433 |
| 9433 // Allocate a new fast elements backing store. | 9434 // Allocate a new fast elements backing store. |
| 9434 FixedArray* new_elements; | 9435 FixedArray* new_elements; |
| 9435 MaybeObject* maybe = heap->AllocateUninitializedFixedArray(capacity); | 9436 MaybeObject* maybe = heap->AllocateUninitializedFixedArray(capacity); |
| 9436 if (!maybe->To(&new_elements)) return maybe; | 9437 if (!maybe->To(&new_elements)) return maybe; |
| 9437 | 9438 |
| 9438 ElementsKind elements_kind = GetElementsKind(); | 9439 ElementsKind elements_kind = GetElementsKind(); |
| 9439 ElementsKind new_elements_kind; | 9440 ElementsKind new_elements_kind; |
| 9440 // The resized array has FAST_*_SMI_ELEMENTS if the capacity mode forces it, | 9441 // The resized array has FAST_*_SMI_ELEMENTS if the capacity mode forces it, |
| 9441 // or if it's allowed and the old elements array contained only SMIs. | 9442 // or if it's allowed and the old elements array contained only SMIs. |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 9486 return new_elements; | 9487 return new_elements; |
| 9487 } | 9488 } |
| 9488 | 9489 |
| 9489 | 9490 |
| 9490 MaybeObject* JSObject::SetFastDoubleElementsCapacityAndLength( | 9491 MaybeObject* JSObject::SetFastDoubleElementsCapacityAndLength( |
| 9491 int capacity, | 9492 int capacity, |
| 9492 int length) { | 9493 int length) { |
| 9493 Heap* heap = GetHeap(); | 9494 Heap* heap = GetHeap(); |
| 9494 // We should never end in here with a pixel or external array. | 9495 // We should never end in here with a pixel or external array. |
| 9495 ASSERT(!HasExternalArrayElements()); | 9496 ASSERT(!HasExternalArrayElements()); |
| 9497 ASSERT(!map()->is_observed()); |
| 9496 | 9498 |
| 9497 FixedArrayBase* elems; | 9499 FixedArrayBase* elems; |
| 9498 { MaybeObject* maybe_obj = | 9500 { MaybeObject* maybe_obj = |
| 9499 heap->AllocateUninitializedFixedDoubleArray(capacity); | 9501 heap->AllocateUninitializedFixedDoubleArray(capacity); |
| 9500 if (!maybe_obj->To(&elems)) return maybe_obj; | 9502 if (!maybe_obj->To(&elems)) return maybe_obj; |
| 9501 } | 9503 } |
| 9502 | 9504 |
| 9503 ElementsKind elements_kind = GetElementsKind(); | 9505 ElementsKind elements_kind = GetElementsKind(); |
| 9504 ElementsKind new_elements_kind = elements_kind; | 9506 ElementsKind new_elements_kind = elements_kind; |
| 9505 if (IsHoleyElementsKind(elements_kind)) { | 9507 if (IsHoleyElementsKind(elements_kind)) { |
| (...skipping 1123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 10629 | 10631 |
| 10630 Handle<Object> JSObject::TransitionElementsKind(Handle<JSObject> object, | 10632 Handle<Object> JSObject::TransitionElementsKind(Handle<JSObject> object, |
| 10631 ElementsKind to_kind) { | 10633 ElementsKind to_kind) { |
| 10632 CALL_HEAP_FUNCTION(object->GetIsolate(), | 10634 CALL_HEAP_FUNCTION(object->GetIsolate(), |
| 10633 object->TransitionElementsKind(to_kind), | 10635 object->TransitionElementsKind(to_kind), |
| 10634 Object); | 10636 Object); |
| 10635 } | 10637 } |
| 10636 | 10638 |
| 10637 | 10639 |
| 10638 MaybeObject* JSObject::TransitionElementsKind(ElementsKind to_kind) { | 10640 MaybeObject* JSObject::TransitionElementsKind(ElementsKind to_kind) { |
| 10641 ASSERT(!map()->is_observed()); |
| 10639 ElementsKind from_kind = map()->elements_kind(); | 10642 ElementsKind from_kind = map()->elements_kind(); |
| 10640 | 10643 |
| 10641 if (IsFastHoleyElementsKind(from_kind)) { | 10644 if (IsFastHoleyElementsKind(from_kind)) { |
| 10642 to_kind = GetHoleyElementsKind(to_kind); | 10645 to_kind = GetHoleyElementsKind(to_kind); |
| 10643 } | 10646 } |
| 10644 | 10647 |
| 10645 if (from_kind == to_kind) return this; | 10648 if (from_kind == to_kind) return this; |
| 10646 | 10649 |
| 10647 Isolate* isolate = GetIsolate(); | 10650 Isolate* isolate = GetIsolate(); |
| 10648 if (elements() == isolate->heap()->empty_fixed_array() || | 10651 if (elements() == isolate->heap()->empty_fixed_array() || |
| (...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 10885 } | 10888 } |
| 10886 | 10889 |
| 10887 | 10890 |
| 10888 bool JSObject::ShouldConvertToFastElements() { | 10891 bool JSObject::ShouldConvertToFastElements() { |
| 10889 ASSERT(HasDictionaryElements() || HasDictionaryArgumentsElements()); | 10892 ASSERT(HasDictionaryElements() || HasDictionaryArgumentsElements()); |
| 10890 // If the elements are sparse, we should not go back to fast case. | 10893 // If the elements are sparse, we should not go back to fast case. |
| 10891 if (!HasDenseElements()) return false; | 10894 if (!HasDenseElements()) return false; |
| 10892 // An object requiring access checks is never allowed to have fast | 10895 // An object requiring access checks is never allowed to have fast |
| 10893 // elements. If it had fast elements we would skip security checks. | 10896 // elements. If it had fast elements we would skip security checks. |
| 10894 if (IsAccessCheckNeeded()) return false; | 10897 if (IsAccessCheckNeeded()) return false; |
| 10898 // Observed objects may not go to fast mode because they rely on map checks, |
| 10899 // and for fast elements we sometimes check element kinds only. |
| 10900 if (FLAG_harmony_observation && map()->is_observed()) return false; |
| 10895 | 10901 |
| 10896 FixedArray* elements = FixedArray::cast(this->elements()); | 10902 FixedArray* elements = FixedArray::cast(this->elements()); |
| 10897 SeededNumberDictionary* dictionary = NULL; | 10903 SeededNumberDictionary* dictionary = NULL; |
| 10898 if (elements->map() == GetHeap()->non_strict_arguments_elements_map()) { | 10904 if (elements->map() == GetHeap()->non_strict_arguments_elements_map()) { |
| 10899 dictionary = SeededNumberDictionary::cast(elements->get(1)); | 10905 dictionary = SeededNumberDictionary::cast(elements->get(1)); |
| 10900 } else { | 10906 } else { |
| 10901 dictionary = SeededNumberDictionary::cast(elements); | 10907 dictionary = SeededNumberDictionary::cast(elements); |
| 10902 } | 10908 } |
| 10903 // If an element has been added at a very high index in the elements | 10909 // If an element has been added at a very high index in the elements |
| 10904 // dictionary, we cannot go back to fast case. | 10910 // dictionary, we cannot go back to fast case. |
| (...skipping 3126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 14031 set_year(Smi::FromInt(year), SKIP_WRITE_BARRIER); | 14037 set_year(Smi::FromInt(year), SKIP_WRITE_BARRIER); |
| 14032 set_month(Smi::FromInt(month), SKIP_WRITE_BARRIER); | 14038 set_month(Smi::FromInt(month), SKIP_WRITE_BARRIER); |
| 14033 set_day(Smi::FromInt(day), SKIP_WRITE_BARRIER); | 14039 set_day(Smi::FromInt(day), SKIP_WRITE_BARRIER); |
| 14034 set_weekday(Smi::FromInt(weekday), SKIP_WRITE_BARRIER); | 14040 set_weekday(Smi::FromInt(weekday), SKIP_WRITE_BARRIER); |
| 14035 set_hour(Smi::FromInt(hour), SKIP_WRITE_BARRIER); | 14041 set_hour(Smi::FromInt(hour), SKIP_WRITE_BARRIER); |
| 14036 set_min(Smi::FromInt(min), SKIP_WRITE_BARRIER); | 14042 set_min(Smi::FromInt(min), SKIP_WRITE_BARRIER); |
| 14037 set_sec(Smi::FromInt(sec), SKIP_WRITE_BARRIER); | 14043 set_sec(Smi::FromInt(sec), SKIP_WRITE_BARRIER); |
| 14038 } | 14044 } |
| 14039 | 14045 |
| 14040 } } // namespace v8::internal | 14046 } } // namespace v8::internal |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11477006:
Object.observe: prevent observed objects from using fast elements. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge