Ignore:
Timestamp:
Aug 17, 2008, 1:23:49 PM (17 years ago)
Author:
[email protected]
Message:

JavaScriptCore:

2008-08-17 Geoffrey Garen <[email protected]>

Reviewed by Cameron Zwarich.

Made room for a free word in JSCell.


SunSpider says no change.


I changed JSCallbackObjectData, Arguments, JSArray, and RegExpObject to
store auxiliary data in a secondary structure.

I changed InternalFunction to store the function's name in the property
map.


I changed JSGlobalObjectData to use a virtual destructor, so WebCore's
JSDOMWindowBaseData could inherit from it safely. (It's a strange design
for JSDOMWindowBase to allocate an object that JSGlobalObject deletes,
but that's really our only option, given the size constraint.)


I also added a bunch of compile-time ASSERTs, and removed lots of comments
in JSObject.h because they were often out of date, and they got in the
way of reading what was actually going on.


Also renamed JSArray::getLength to JSArray::length, to match our style
guidelines.

WebCore:

2008-08-17 Geoffrey Garen <[email protected]>

Reviewed by Cameron Zwarich.

Made room for a free word in JSCell.


Changed JSDOMWindowBase to store its auxiliary data in a subclass of
JSGlobalData, so the two could share a pointer.


Added a bunch of ASSERTs, to help catch over-sized objects.

WebKit/mac:

2008-08-17 Geoffrey Garen <[email protected]>

Reviewed by Cameron Zwarich.

Made room for a free word in JSCell.


(Updated for JavaScriptCore changes.)

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/kjs/JSArray.cpp

    r35806 r35807  
    3535
    3636namespace KJS {
     37
     38ASSERT_CLASS_FITS_IN_CELL(JSArray);
    3739
    3840// Overview of JSArray
     
    129131    unsigned initialCapacity = min(initialLength, MIN_SPARSE_ARRAY_INDEX);
    130132
    131     m_length = initialLength;
     133    m_storage = static_cast<ArrayStorage*>(fastZeroedMalloc(storageSize(initialCapacity)));
    132134    m_fastAccessCutoff = 0;
    133     m_storage = static_cast<ArrayStorage*>(fastZeroedMalloc(storageSize(initialCapacity)));
    134135    m_storage->m_vectorLength = initialCapacity;
     136    m_storage->m_length = initialLength;
    135137
    136138    Heap::heap(this)->reportExtraMemoryCost(initialCapacity * sizeof(JSValue*));
     
    144146    unsigned length = list.size();
    145147
    146     m_length = length;
    147148    m_fastAccessCutoff = length;
    148149
     
    152153    storage->m_numValuesInVector = length;
    153154    storage->m_sparseValueMap = 0;
     155    storage->m_length = length;
    154156
    155157    size_t i = 0;
     
    178180    ArrayStorage* storage = m_storage;
    179181
    180     if (i >= m_length) {
     182    if (i >= storage->m_length) {
    181183        if (i > MAX_ARRAY_INDEX)
    182184            return getOwnPropertySlot(exec, Identifier::from(exec, i), slot);
     
    206208{
    207209    if (propertyName == exec->propertyNames().length) {
    208         slot.setValue(jsNumber(exec, getLength()));
     210        slot.setValue(jsNumber(exec, length()));
    209211        return true;
    210212    }
     
    245247    checkConsistency();
    246248
    247     unsigned length = m_length;
     249    unsigned length = m_storage->m_length;
    248250    if (i >= length && i <= MAX_ARRAY_INDEX) {
    249251        length = i + 1;
    250         m_length = length;
     252        m_storage->m_length = length;
    251253    }
    252254
     
    259261        }
    260262        valueSlot = value;
    261         if (++m_storage->m_numValuesInVector == m_length)
    262             m_fastAccessCutoff = m_length;
     263        if (++m_storage->m_numValuesInVector == m_storage->m_length)
     264            m_fastAccessCutoff = m_storage->m_length;
    263265        checkConsistency();
    264266        return;
     
    414416    ArrayStorage* storage = m_storage;
    415417
    416     unsigned usedVectorLength = min(m_length, storage->m_vectorLength);
     418    unsigned usedVectorLength = min(storage->m_length, storage->m_vectorLength);
    417419    for (unsigned i = 0; i < usedVectorLength; ++i) {
    418420        if (storage->m_vector[i])
     
    460462    ArrayStorage* storage = m_storage;
    461463
    462     unsigned length = m_length;
     464    unsigned length = m_storage->m_length;
    463465
    464466    if (newLength < length) {
     
    488490    }
    489491
    490     m_length = newLength;
     492    m_storage->m_length = newLength;
    491493
    492494    checkConsistency();
     
    499501    ArrayStorage* storage = m_storage;
    500502
    501     unsigned usedVectorLength = min(m_length, storage->m_vectorLength);
     503    unsigned usedVectorLength = min(storage->m_length, storage->m_vectorLength);
    502504    for (unsigned i = 0; i < usedVectorLength; ++i) {
    503505        JSValue* value = storage->m_vector[i];
     
    662664    // The maximum tree depth is compiled in - but the caller is clearly up to no good
    663665    // if a larger array is passed.
    664     ASSERT(m_length <= static_cast<unsigned>(std::numeric_limits<int>::max()));
    665     if (m_length > static_cast<unsigned>(std::numeric_limits<int>::max()))
    666         return;
    667 
    668     if (!m_length)
    669         return;
    670 
    671     unsigned usedVectorLength = min(m_length, m_storage->m_vectorLength);
     666    ASSERT(m_storage->m_length <= static_cast<unsigned>(std::numeric_limits<int>::max()));
     667    if (m_storage->m_length > static_cast<unsigned>(std::numeric_limits<int>::max()))
     668        return;
     669
     670    if (!m_storage->m_length)
     671        return;
     672
     673    unsigned usedVectorLength = min(m_storage->m_length, m_storage->m_vectorLength);
    672674
    673675    AVLTree<AVLTreeAbstractorForArrayCompare, 44> tree; // Depth 44 is enough for 2^31 items
     
    766768    ArrayStorage* storage = m_storage;
    767769
    768     unsigned usedVectorLength = min(m_length, storage->m_vectorLength);
     770    unsigned usedVectorLength = min(m_storage->m_length, storage->m_vectorLength);
    769771
    770772    unsigned numDefined = 0;
     
    836838        ASSERT(!m_storage->m_sparseValueMap);
    837839
    838     ASSERT(m_fastAccessCutoff <= m_length);
     840    ASSERT(m_fastAccessCutoff <= m_storage->m_length);
    839841    ASSERT(m_fastAccessCutoff <= m_storage->m_numValuesInVector);
    840842
     
    842844    for (unsigned i = 0; i < m_storage->m_vectorLength; ++i) {
    843845        if (JSValue* value = m_storage->m_vector[i]) {
    844             ASSERT(i < m_length);
     846            ASSERT(i < m_storage->m_length);
    845847            if (type != DestructorConsistencyCheck)
    846848                value->type(); // Likely to crash if the object was deallocated.
     
    858860        for (SparseArrayValueMap::iterator it = m_storage->m_sparseValueMap->begin(); it != end; ++it) {
    859861            unsigned index = it->first;
    860             ASSERT(index < m_length);
     862            ASSERT(index < m_storage->m_length);
    861863            ASSERT(index >= m_storage->m_vectorLength);
    862864            ASSERT(index <= MAX_ARRAY_INDEX);
Note: See TracChangeset for help on using the changeset viewer.