Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(321)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/code-stubs.cc

Issue 2122943002: Abort if we ever allocate a non-0-sized packed array (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/code-stub-assembler.cc ('k') | test/cctest/interpreter/bytecode_expectations/Generators.golden » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/code-stubs.h" 5 #include "src/code-stubs.h"
6 6
7 #include <sstream> 7 #include <sstream>
8 8
9 #include "src/bootstrapper.h" 9 #include "src/bootstrapper.h"
10 #include "src/code-factory.h" 10 #include "src/code-factory.h"
(...skipping 4741 matching lines...) Expand 10 before | Expand all | Expand 10 after
4752 Label ok(assembler); 4752 Label ok(assembler);
4753 Label smi_size(assembler); 4753 Label smi_size(assembler);
4754 Label small_smi_size(assembler); 4754 Label small_smi_size(assembler);
4755 Label call_runtime(assembler, Label::kDeferred); 4755 Label call_runtime(assembler, Label::kDeferred);
4756 4756
4757 Node* size = assembler->Parameter( 4757 Node* size = assembler->Parameter(
4758 ArraySingleArgumentConstructorDescriptor::kArraySizeSmiParameterIndex); 4758 ArraySingleArgumentConstructorDescriptor::kArraySizeSmiParameterIndex);
4759 assembler->Branch(assembler->WordIsSmi(size), &smi_size, &call_runtime); 4759 assembler->Branch(assembler->WordIsSmi(size), &smi_size, &call_runtime);
4760 4760
4761 assembler->Bind(&smi_size); 4761 assembler->Bind(&smi_size);
4762 int element_size = 4762
4763 IsFastDoubleElementsKind(elements_kind) ? kDoubleSize : kPointerSize; 4763 if (IsFastPackedElementsKind(elements_kind)) {
4764 int max_fast_elements = 4764 Label abort(assembler, Label::kDeferred);
4765 (Page::kMaxRegularHeapObjectSize - FixedArray::kHeaderSize - 4765 assembler->Branch(
4766 JSArray::kSize - AllocationMemento::kSize) / 4766 assembler->SmiEqual(size, assembler->SmiConstant(Smi::FromInt(0))),
4767 element_size; 4767 &small_smi_size, &abort);
4768 assembler->Branch( 4768
4769 assembler->SmiAboveOrEqual( 4769 assembler->Bind(&abort);
4770 size, assembler->SmiConstant(Smi::FromInt(max_fast_elements))), 4770 Node* reason =
4771 &call_runtime, &small_smi_size); 4771 assembler->SmiConstant(Smi::FromInt(kAllocatingNonEmptyPackedArray));
4772 Node* context = assembler->Parameter(
4773 ArraySingleArgumentConstructorDescriptor::kContextIndex);
4774 assembler->TailCallRuntime(Runtime::kAbort, context, reason);
4775 } else {
4776 int element_size =
4777 IsFastDoubleElementsKind(elements_kind) ? kDoubleSize : kPointerSize;
4778 int max_fast_elements =
4779 (Page::kMaxRegularHeapObjectSize - FixedArray::kHeaderSize -
4780 JSArray::kSize - AllocationMemento::kSize) /
4781 element_size;
4782 assembler->Branch(
4783 assembler->SmiAboveOrEqual(
4784 size, assembler->SmiConstant(Smi::FromInt(max_fast_elements))),
4785 &call_runtime, &small_smi_size);
4786 }
4772 4787
4773 assembler->Bind(&small_smi_size); 4788 assembler->Bind(&small_smi_size);
4774 { 4789 {
4775 Node* array = assembler->AllocateJSArray( 4790 Node* array = assembler->AllocateJSArray(
4776 elements_kind, array_map, size, size, 4791 elements_kind, array_map, size, size,
4777 mode == DONT_TRACK_ALLOCATION_SITE ? nullptr : allocation_site, 4792 mode == DONT_TRACK_ALLOCATION_SITE ? nullptr : allocation_site,
4778 CodeStubAssembler::SMI_PARAMETERS); 4793 CodeStubAssembler::SMI_PARAMETERS);
4779 assembler->Return(array); 4794 assembler->Return(array);
4780 } 4795 }
4781 4796
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after
4860 if (type->Is(Type::UntaggedPointer())) { 4875 if (type->Is(Type::UntaggedPointer())) {
4861 return Representation::External(); 4876 return Representation::External();
4862 } 4877 }
4863 4878
4864 DCHECK(!type->Is(Type::Untagged())); 4879 DCHECK(!type->Is(Type::Untagged()));
4865 return Representation::Tagged(); 4880 return Representation::Tagged();
4866 } 4881 }
4867 4882
4868 } // namespace internal 4883 } // namespace internal
4869 } // namespace v8 4884 } // namespace v8
OLDNEW
« no previous file with comments | « src/code-stub-assembler.cc ('k') | test/cctest/interpreter/bytecode_expectations/Generators.golden » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698