| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/isolate.h" | 5 #include "src/isolate.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 | 8 |
| 9 #include <fstream> // NOLINT(readability/streams) | 9 #include <fstream> // NOLINT(readability/streams) |
| 10 #include <sstream> | 10 #include <sstream> |
| (...skipping 2529 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2540 if (!iter.IsAtEnd()) { | 2540 if (!iter.IsAtEnd()) { |
| 2541 DCHECK_EQ(false, cell_reports_intact); | 2541 DCHECK_EQ(false, cell_reports_intact); |
| 2542 return cell_reports_intact; | 2542 return cell_reports_intact; |
| 2543 } | 2543 } |
| 2544 | 2544 |
| 2545 #endif | 2545 #endif |
| 2546 | 2546 |
| 2547 return cell_reports_intact; | 2547 return cell_reports_intact; |
| 2548 } | 2548 } |
| 2549 | 2549 |
| 2550 bool Isolate::IsArraySpeciesLookupChainIntact() { | |
| 2551 if (!FLAG_harmony_species) return true; | |
| 2552 // Note: It would be nice to have debug checks to make sure that the | |
| 2553 // species protector is accurate, but this would be hard to do for most of | |
| 2554 // what the protector stands for: | |
| 2555 // - You'd need to traverse the heap to check that no Array instance has | |
| 2556 // a constructor property | |
| 2557 // - To check that Array[Symbol.species] == Array, JS code has to execute, | |
| 2558 // but JS cannot be invoked in callstack overflow situations | |
| 2559 // All that could be checked reliably is that | |
| 2560 // Array.prototype.constructor == Array. Given that limitation, no check is | |
| 2561 // done here. In place, there are mjsunit tests harmony/array-species* which | |
| 2562 // ensure that behavior is correct in various invalid protector cases. | |
| 2563 | |
| 2564 PropertyCell* species_cell = heap()->species_protector(); | |
| 2565 return species_cell->value()->IsSmi() && | |
| 2566 Smi::cast(species_cell->value())->value() == kArrayProtectorValid; | |
| 2567 } | |
| 2568 | |
| 2569 void Isolate::InvalidateArraySpeciesProtector() { | 2550 void Isolate::InvalidateArraySpeciesProtector() { |
| 2570 if (!FLAG_harmony_species) return; | 2551 if (!FLAG_harmony_species) return; |
| 2571 DCHECK(factory()->species_protector()->value()->IsSmi()); | 2552 DCHECK(factory()->species_protector()->value()->IsSmi()); |
| 2572 DCHECK(IsArraySpeciesLookupChainIntact()); | 2553 DCHECK(IsArraySpeciesLookupChainIntact()); |
| 2573 PropertyCell::SetValueWithInvalidation( | 2554 PropertyCell::SetValueWithInvalidation( |
| 2574 factory()->species_protector(), | 2555 factory()->species_protector(), |
| 2575 handle(Smi::FromInt(kArrayProtectorInvalid), this)); | 2556 handle(Smi::FromInt(kArrayProtectorInvalid), this)); |
| 2576 DCHECK(!IsArraySpeciesLookupChainIntact()); | 2557 DCHECK(!IsArraySpeciesLookupChainIntact()); |
| 2577 } | 2558 } |
| 2578 | 2559 |
| (...skipping 412 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2991 // Then check whether this scope intercepts. | 2972 // Then check whether this scope intercepts. |
| 2992 if ((flag & intercept_mask_)) { | 2973 if ((flag & intercept_mask_)) { |
| 2993 intercepted_flags_ |= flag; | 2974 intercepted_flags_ |= flag; |
| 2994 return true; | 2975 return true; |
| 2995 } | 2976 } |
| 2996 return false; | 2977 return false; |
| 2997 } | 2978 } |
| 2998 | 2979 |
| 2999 } // namespace internal | 2980 } // namespace internal |
| 3000 } // namespace v8 | 2981 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1977943002:
Version 5.1.281.36 (cherry-pick) (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@5.1