Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(387)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/heap/heap.cc

Issue 1475823003: [runtime] First step to sanitize regexp literal creation. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« src/code-stubs-hydrogen.cc ('K') | « src/full-codegen/x87/full-codegen-x87.cc ('k') | src/ia32/interface-descriptors-ia32.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/heap/heap.h" 5 #include "src/heap/heap.h"
6 6
7 #include "src/accessors.h" 7 #include "src/accessors.h"
8 #include "src/api.h" 8 #include "src/api.h"
9 #include "src/base/bits.h" 9 #include "src/base/bits.h"
10 #include "src/base/once.h" 10 #include "src/base/once.h"
(...skipping 3481 matching lines...) Expand 10 before | Expand all | Expand 10 after
3492 DCHECK(!allocation.To(&obj) || !obj->IsJSGlobalObject()); 3492 DCHECK(!allocation.To(&obj) || !obj->IsJSGlobalObject());
3493 #endif 3493 #endif
3494 return allocation; 3494 return allocation;
3495 } 3495 }
3496 3496
3497 3497
3498 AllocationResult Heap::CopyJSObject(JSObject* source, AllocationSite* site) { 3498 AllocationResult Heap::CopyJSObject(JSObject* source, AllocationSite* site) {
3499 // Make the clone. 3499 // Make the clone.
3500 Map* map = source->map(); 3500 Map* map = source->map();
3501 3501
3502 // We can only clone normal objects or arrays. Copying anything else 3502 // We can only clone regexps, normal objects or arrays. Copying anything else
3503 // will break invariants. 3503 // will break invariants.
3504 CHECK(map->instance_type() == JS_OBJECT_TYPE || 3504 CHECK(map->instance_type() == JS_REGEXP_TYPE ||
3505 map->instance_type() == JS_OBJECT_TYPE ||
3505 map->instance_type() == JS_ARRAY_TYPE); 3506 map->instance_type() == JS_ARRAY_TYPE);
3506 3507
3507 int object_size = map->instance_size(); 3508 int object_size = map->instance_size();
3508 HeapObject* clone = nullptr; 3509 HeapObject* clone = nullptr;
3509 3510
3510 DCHECK(site == NULL || AllocationSite::CanTrack(map->instance_type())); 3511 DCHECK(site == NULL || AllocationSite::CanTrack(map->instance_type()));
3511 3512
3512 int adjusted_object_size = 3513 int adjusted_object_size =
3513 site != NULL ? object_size + AllocationMemento::kSize : object_size; 3514 site != NULL ? object_size + AllocationMemento::kSize : object_size;
3514 AllocationResult allocation = AllocateRaw(adjusted_object_size, NEW_SPACE); 3515 AllocationResult allocation = AllocateRaw(adjusted_object_size, NEW_SPACE);
(...skipping 2646 matching lines...) Expand 10 before | Expand all | Expand 10 after
6161 } 6162 }
6162 6163
6163 6164
6164 // static 6165 // static
6165 int Heap::GetStaticVisitorIdForMap(Map* map) { 6166 int Heap::GetStaticVisitorIdForMap(Map* map) {
6166 return StaticVisitorBase::GetVisitorId(map); 6167 return StaticVisitorBase::GetVisitorId(map);
6167 } 6168 }
6168 6169
6169 } // namespace internal 6170 } // namespace internal
6170 } // namespace v8 6171 } // namespace v8
OLDNEW
« src/code-stubs-hydrogen.cc ('K') | « src/full-codegen/x87/full-codegen-x87.cc ('k') | src/ia32/interface-descriptors-ia32.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698