| Index: src/elements.cc
|
| diff --git a/src/elements.cc b/src/elements.cc
|
| index 9414c931206c14fdc59193e2909e6a5c44adec51..6395e8fa79b0d958f4d06e6c03b7ac2f76361741 100644
|
| --- a/src/elements.cc
|
| +++ b/src/elements.cc
|
| @@ -55,6 +55,9 @@ namespace v8 {
|
| namespace internal {
|
|
|
|
|
| +namespace {
|
| +
|
| +
|
| static const int kPackedSizeNotKnown = -1;
|
|
|
|
|
| @@ -120,9 +123,6 @@ ELEMENTS_LIST(ELEMENTS_TRAITS)
|
| #undef ELEMENTS_TRAITS
|
|
|
|
|
| -ElementsAccessor** ElementsAccessor::elements_accessors_ = NULL;
|
| -
|
| -
|
| static bool HasKey(Handle<FixedArray> array, Handle<Object> key_handle) {
|
| DisallowHeapAllocation no_gc;
|
| Object* key = *key_handle;
|
| @@ -488,46 +488,6 @@ static void TraceTopFrame(Isolate* isolate) {
|
| }
|
|
|
|
|
| -void CheckArrayAbuse(Handle<JSObject> obj, const char* op, uint32_t key,
|
| - bool allow_appending) {
|
| - DisallowHeapAllocation no_allocation;
|
| - Object* raw_length = NULL;
|
| - const char* elements_type = "array";
|
| - if (obj->IsJSArray()) {
|
| - JSArray* array = JSArray::cast(*obj);
|
| - raw_length = array->length();
|
| - } else {
|
| - raw_length = Smi::FromInt(obj->elements()->length());
|
| - elements_type = "object";
|
| - }
|
| -
|
| - if (raw_length->IsNumber()) {
|
| - double n = raw_length->Number();
|
| - if (FastI2D(FastD2UI(n)) == n) {
|
| - int32_t int32_length = DoubleToInt32(n);
|
| - uint32_t compare_length = static_cast<uint32_t>(int32_length);
|
| - if (allow_appending) compare_length++;
|
| - if (key >= compare_length) {
|
| - PrintF("[OOB %s %s (%s length = %d, element accessed = %d) in ",
|
| - elements_type, op, elements_type,
|
| - static_cast<int>(int32_length),
|
| - static_cast<int>(key));
|
| - TraceTopFrame(obj->GetIsolate());
|
| - PrintF("]\n");
|
| - }
|
| - } else {
|
| - PrintF("[%s elements length not integer value in ", elements_type);
|
| - TraceTopFrame(obj->GetIsolate());
|
| - PrintF("]\n");
|
| - }
|
| - } else {
|
| - PrintF("[%s elements length not a number in ", elements_type);
|
| - TraceTopFrame(obj->GetIsolate());
|
| - PrintF("]\n");
|
| - }
|
| -}
|
| -
|
| -
|
| // Base class for element handler implementations. Contains the
|
| // the common logic for objects with different ElementsKinds.
|
| // Subclasses must specialize method for which the element
|
| @@ -1742,29 +1702,6 @@ class FastSloppyArgumentsElementsAccessor
|
| };
|
|
|
|
|
| -void ElementsAccessor::InitializeOncePerProcess() {
|
| - static ElementsAccessor* accessor_array[] = {
|
| -#define ACCESSOR_ARRAY(Class, Kind, Store) new Class(#Kind),
|
| - ELEMENTS_LIST(ACCESSOR_ARRAY)
|
| -#undef ACCESSOR_ARRAY
|
| - };
|
| -
|
| - STATIC_ASSERT((sizeof(accessor_array) / sizeof(*accessor_array)) ==
|
| - kElementsKindCount);
|
| -
|
| - elements_accessors_ = accessor_array;
|
| -}
|
| -
|
| -
|
| -void ElementsAccessor::TearDown() {
|
| - if (elements_accessors_ == NULL) return;
|
| -#define ACCESSOR_DELETE(Class, Kind, Store) delete elements_accessors_[Kind];
|
| - ELEMENTS_LIST(ACCESSOR_DELETE)
|
| -#undef ACCESSOR_DELETE
|
| - elements_accessors_ = NULL;
|
| -}
|
| -
|
| -
|
| template <typename ElementsAccessorSubclass, typename ElementsKindTraits>
|
| void ElementsAccessorBase<ElementsAccessorSubclass, ElementsKindTraits>::
|
| SetLengthImpl(Handle<JSArray> array, uint32_t length,
|
| @@ -1809,6 +1746,46 @@ void ElementsAccessorBase<ElementsAccessorSubclass, ElementsKindTraits>::
|
| array->set_length(Smi::FromInt(length));
|
| JSObject::ValidateElements(array);
|
| }
|
| +} // namespace
|
| +
|
| +
|
| +void CheckArrayAbuse(Handle<JSObject> obj, const char* op, uint32_t key,
|
| + bool allow_appending) {
|
| + DisallowHeapAllocation no_allocation;
|
| + Object* raw_length = NULL;
|
| + const char* elements_type = "array";
|
| + if (obj->IsJSArray()) {
|
| + JSArray* array = JSArray::cast(*obj);
|
| + raw_length = array->length();
|
| + } else {
|
| + raw_length = Smi::FromInt(obj->elements()->length());
|
| + elements_type = "object";
|
| + }
|
| +
|
| + if (raw_length->IsNumber()) {
|
| + double n = raw_length->Number();
|
| + if (FastI2D(FastD2UI(n)) == n) {
|
| + int32_t int32_length = DoubleToInt32(n);
|
| + uint32_t compare_length = static_cast<uint32_t>(int32_length);
|
| + if (allow_appending) compare_length++;
|
| + if (key >= compare_length) {
|
| + PrintF("[OOB %s %s (%s length = %d, element accessed = %d) in ",
|
| + elements_type, op, elements_type, static_cast<int>(int32_length),
|
| + static_cast<int>(key));
|
| + TraceTopFrame(obj->GetIsolate());
|
| + PrintF("]\n");
|
| + }
|
| + } else {
|
| + PrintF("[%s elements length not integer value in ", elements_type);
|
| + TraceTopFrame(obj->GetIsolate());
|
| + PrintF("]\n");
|
| + }
|
| + } else {
|
| + PrintF("[%s elements length not a number in ", elements_type);
|
| + TraceTopFrame(obj->GetIsolate());
|
| + PrintF("]\n");
|
| + }
|
| +}
|
|
|
|
|
| MaybeHandle<Object> ArrayConstructInitializeElements(Handle<JSArray> array,
|
| @@ -1901,5 +1878,30 @@ MaybeHandle<Object> ArrayConstructInitializeElements(Handle<JSArray> array,
|
| return array;
|
| }
|
|
|
| +
|
| +void ElementsAccessor::InitializeOncePerProcess() {
|
| + static ElementsAccessor* accessor_array[] = {
|
| +#define ACCESSOR_ARRAY(Class, Kind, Store) new Class(#Kind),
|
| + ELEMENTS_LIST(ACCESSOR_ARRAY)
|
| +#undef ACCESSOR_ARRAY
|
| + };
|
| +
|
| + STATIC_ASSERT((sizeof(accessor_array) / sizeof(*accessor_array)) ==
|
| + kElementsKindCount);
|
| +
|
| + elements_accessors_ = accessor_array;
|
| +}
|
| +
|
| +
|
| +void ElementsAccessor::TearDown() {
|
| + if (elements_accessors_ == NULL) return;
|
| +#define ACCESSOR_DELETE(Class, Kind, Store) delete elements_accessors_[Kind];
|
| + ELEMENTS_LIST(ACCESSOR_DELETE)
|
| +#undef ACCESSOR_DELETE
|
| + elements_accessors_ = NULL;
|
| +}
|
| +
|
| +
|
| +ElementsAccessor** ElementsAccessor::elements_accessors_ = NULL;
|
| } // namespace internal
|
| } // namespace v8
|
|
|
Chromium Code Reviews
Issue 1221363002:
Wrap elements.cc in an anonymous namespace (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master