Changeset 440 for trunk/JavaScriptCore/kjs/JSArray.cpp
- Timestamp:
- 08/18/08 11:14:49 (5 months ago)
- Files:
-
- trunk/JavaScriptCore/kjs/JSArray.cpp (modified) (17 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/JavaScriptCore/kjs/JSArray.cpp
r436 r440 35 35 36 36 namespace KJS { 37 38 ASSERT_CLASS_FITS_IN_CELL(JSArray); 37 39 38 40 // Overview of JSArray … … 129 131 unsigned initialCapacity = min(initialLength, MIN_SPARSE_ARRAY_INDEX); 130 132 131 m_ length = initialLength;133 m_storage = static_cast<ArrayStorage*>(fastZeroedMalloc(storageSize(initialCapacity))); 132 134 m_fastAccessCutoff = 0; 133 m_storage = static_cast<ArrayStorage*>(fastZeroedMalloc(storageSize(initialCapacity)));134 135 m_storage->m_vectorLength = initialCapacity; 136 m_storage->m_length = initialLength; 135 137 136 138 Heap::heap(this)->reportExtraMemoryCost(initialCapacity * sizeof(JSValue*)); … … 144 146 unsigned length = list.size(); 145 147 146 m_length = length;147 148 m_fastAccessCutoff = length; 148 149 … … 152 153 storage->m_numValuesInVector = length; 153 154 storage->m_sparseValueMap = 0; 155 storage->m_length = length; 154 156 155 157 size_t i = 0; … … 174 176 } 175 177 176 JSValue* JSArray::lengthGetter(ExecState* exec, const Identifier&, const PropertySlot& slot)177 {178 return jsNumber(exec, static_cast<JSArray*>(slot.slotBase())->m_length);179 }180 181 178 bool JSArray::getOwnPropertySlot(ExecState* exec, unsigned i, PropertySlot& slot) 182 179 { 183 180 ArrayStorage* storage = m_storage; 184 181 185 if (i >= m_length) {182 if (i >= storage->m_length) { 186 183 if (i > MAX_ARRAY_INDEX) 187 184 return getOwnPropertySlot(exec, Identifier::from(exec, i), slot); … … 211 208 { 212 209 if (propertyName == exec->propertyNames().length) { 213 slot.set Custom(this, lengthGetter);210 slot.setValue(jsNumber(exec, length())); 214 211 return true; 215 212 } … … 250 247 checkConsistency(); 251 248 252 unsigned length = m_ length;249 unsigned length = m_storage->m_length; 253 250 if (i >= length && i <= MAX_ARRAY_INDEX) { 254 251 length = i + 1; 255 m_ length = length;252 m_storage->m_length = length; 256 253 } 257 254 … … 264 261 } 265 262 valueSlot = value; 266 if (++m_storage->m_numValuesInVector == m_ length)267 m_fastAccessCutoff = m_ length;263 if (++m_storage->m_numValuesInVector == m_storage->m_length) 264 m_fastAccessCutoff = m_storage->m_length; 268 265 checkConsistency(); 269 266 return; … … 419 416 ArrayStorage* storage = m_storage; 420 417 421 unsigned usedVectorLength = min( m_length, storage->m_vectorLength);418 unsigned usedVectorLength = min(storage->m_length, storage->m_vectorLength); 422 419 for (unsigned i = 0; i < usedVectorLength; ++i) { 423 420 if (storage->m_vector[i]) … … 465 462 ArrayStorage* storage = m_storage; 466 463 467 unsigned length = m_ length;464 unsigned length = m_storage->m_length; 468 465 469 466 if (newLength < length) { … … 493 490 } 494 491 495 m_ length = newLength;492 m_storage->m_length = newLength; 496 493 497 494 checkConsistency(); … … 504 501 ArrayStorage* storage = m_storage; 505 502 506 unsigned usedVectorLength = min( m_length, storage->m_vectorLength);503 unsigned usedVectorLength = min(storage->m_length, storage->m_vectorLength); 507 504 for (unsigned i = 0; i < usedVectorLength; ++i) { 508 505 JSValue* value = storage->m_vector[i]; … … 667 664 // The maximum tree depth is compiled in - but the caller is clearly up to no good 668 665 // if a larger array is passed. 669 ASSERT(m_ length <= static_cast<unsigned>(std::numeric_limits<int>::max()));670 if (m_ length > static_cast<unsigned>(std::numeric_limits<int>::max()))671 return; 672 673 if (!m_ length)674 return; 675 676 unsigned usedVectorLength = min(m_ length, m_storage->m_vectorLength);666 ASSERT(m_storage->m_length <= static_cast<unsigned>(std::numeric_limits<int>::max())); 667 if (m_storage->m_length > static_cast<unsigned>(std::numeric_limits<int>::max())) 668 return; 669 670 if (!m_storage->m_length) 671 return; 672 673 unsigned usedVectorLength = min(m_storage->m_length, m_storage->m_vectorLength); 677 674 678 675 AVLTree<AVLTreeAbstractorForArrayCompare, 44> tree; // Depth 44 is enough for 2^31 items … … 771 768 ArrayStorage* storage = m_storage; 772 769 773 unsigned usedVectorLength = min(m_ length, storage->m_vectorLength);770 unsigned usedVectorLength = min(m_storage->m_length, storage->m_vectorLength); 774 771 775 772 unsigned numDefined = 0; … … 841 838 ASSERT(!m_storage->m_sparseValueMap); 842 839 843 ASSERT(m_fastAccessCutoff <= m_ length);840 ASSERT(m_fastAccessCutoff <= m_storage->m_length); 844 841 ASSERT(m_fastAccessCutoff <= m_storage->m_numValuesInVector); 845 842 … … 847 844 for (unsigned i = 0; i < m_storage->m_vectorLength; ++i) { 848 845 if (JSValue* value = m_storage->m_vector[i]) { 849 ASSERT(i < m_ length);846 ASSERT(i < m_storage->m_length); 850 847 if (type != DestructorConsistencyCheck) 851 848 value->type(); // Likely to crash if the object was deallocated. … … 863 860 for (SparseArrayValueMap::iterator it = m_storage->m_sparseValueMap->begin(); it != end; ++it) { 864 861 unsigned index = it->first; 865 ASSERT(index < m_ length);862 ASSERT(index < m_storage->m_length); 866 863 ASSERT(index >= m_storage->m_vectorLength); 867 864 ASSERT(index <= MAX_ARRAY_INDEX);
