| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/objects.h" | 5 #include "src/objects.h" |
| 6 | 6 |
| 7 #include "src/bootstrapper.h" | 7 #include "src/bootstrapper.h" |
| 8 #include "src/disasm.h" | 8 #include "src/disasm.h" |
| 9 #include "src/disassembler.h" | 9 #include "src/disassembler.h" |
| 10 #include "src/field-type.h" | 10 #include "src/field-type.h" |
| (...skipping 754 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 765 } | 765 } |
| 766 } | 766 } |
| 767 | 767 |
| 768 | 768 |
| 769 void JSArray::JSArrayVerify() { | 769 void JSArray::JSArrayVerify() { |
| 770 JSObjectVerify(); | 770 JSObjectVerify(); |
| 771 Isolate* isolate = GetIsolate(); | 771 Isolate* isolate = GetIsolate(); |
| 772 CHECK(length()->IsNumber() || length()->IsUndefined(isolate)); | 772 CHECK(length()->IsNumber() || length()->IsUndefined(isolate)); |
| 773 // If a GC was caused while constructing this array, the elements | 773 // If a GC was caused while constructing this array, the elements |
| 774 // pointer may point to a one pointer filler map. | 774 // pointer may point to a one pointer filler map. |
| 775 if (ElementsAreSafeToExamine()) { | 775 if (!ElementsAreSafeToExamine()) return; |
| 776 CHECK(elements()->IsUndefined(isolate) || elements()->IsFixedArray() || | 776 if (elements()->IsUndefined(isolate)) return; |
| 777 elements()->IsFixedDoubleArray()); | 777 CHECK(elements()->IsFixedArray() || elements()->IsFixedDoubleArray()); |
| 778 if (!length()->IsNumber()) return; |
| 779 // Verify that the length and the elements backing store are in sync. |
| 780 if (length()->IsSmi() && HasFastElements()) { |
| 781 int size = Smi::cast(length())->value(); |
| 782 // Holey / Packed backing stores might have slack or might have not been |
| 783 // properly initialized yet. |
| 784 CHECK(size <= elements()->length() || |
| 785 elements() == isolate->heap()->empty_fixed_array()); |
| 786 } else { |
| 787 CHECK(HasDictionaryElements()); |
| 788 uint32_t size; |
| 789 CHECK(length()->ToArrayLength(&size)); |
| 790 if (size != 0) { |
| 791 SeededNumberDictionary* dict = SeededNumberDictionary::cast(elements()); |
| 792 // The dictionary can never have more elements than the array length. |
| 793 CHECK(static_cast<uint32_t>(dict->NumberOfElements()) <= size); |
| 794 } |
| 778 } | 795 } |
| 779 } | 796 } |
| 780 | 797 |
| 781 | 798 |
| 782 void JSSet::JSSetVerify() { | 799 void JSSet::JSSetVerify() { |
| 783 CHECK(IsJSSet()); | 800 CHECK(IsJSSet()); |
| 784 JSObjectVerify(); | 801 JSObjectVerify(); |
| 785 VerifyHeapPointer(table()); | 802 VerifyHeapPointer(table()); |
| 786 CHECK(table()->IsOrderedHashTable() || table()->IsUndefined(GetIsolate())); | 803 CHECK(table()->IsOrderedHashTable() || table()->IsUndefined(GetIsolate())); |
| 787 // TODO(arv): Verify OrderedHashTable too. | 804 // TODO(arv): Verify OrderedHashTable too. |
| (...skipping 670 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1458 | 1475 |
| 1459 // Both are done at the same time. | 1476 // Both are done at the same time. |
| 1460 CHECK_EQ(new_it.done(), old_it.done()); | 1477 CHECK_EQ(new_it.done(), old_it.done()); |
| 1461 } | 1478 } |
| 1462 | 1479 |
| 1463 | 1480 |
| 1464 #endif // DEBUG | 1481 #endif // DEBUG |
| 1465 | 1482 |
| 1466 } // namespace internal | 1483 } // namespace internal |
| 1467 } // namespace v8 | 1484 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2431133003:
Add more JSArray verification for --verify-heap (Closed)
