Reviewers: Dmitry Lomov (chromium),
Message:
Committed patchset #2 (id:80001) manually as 24973 (presubmit successful).
Description:
allow disabling of ArrayBuffer neutering
BUG=
[email protected]
Committed: https://code.google.com/p/v8/source/detail?r=24973
Please review this at https://codereview.chromium.org/684103002/
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+49, -2 lines):
M include/v8.h
M src/api.cc
M src/objects.h
M src/objects.cc
M src/objects-inl.h
M src/runtime/runtime-typedarray.cc
M test/cctest/test-api.cc
Index: include/v8.h
diff --git a/include/v8.h b/include/v8.h
index
92eb11bceca4c6d91db2c1c546d89a5262418a12..e783727c2db5ad7310136342d1aa9a55cb8f8dc1
100644
--- a/include/v8.h
+++ b/include/v8.h
@@ -2956,10 +2956,15 @@ class V8_EXPORT ArrayBuffer : public Object {
bool IsExternal() const;
/**
+ * Returns true if this ArrayBuffer may be neutered.
+ */
+ bool IsNeuterable() const;
+
+ /**
* Neuters this ArrayBuffer and all its views (typed arrays).
* Neutering sets the byte length of the buffer and all typed arrays to
zero,
* preventing JavaScript from ever accessing underlying backing store.
- * ArrayBuffer should have been externalized.
+ * ArrayBuffer should have been externalized and must be neuterable.
*/
void Neuter();
Index: src/api.cc
diff --git a/src/api.cc b/src/api.cc
index
c04393d8be1ec53c7b6fb0376447c4379e703ec4..6a7c40a06c96cc3246fde4c52f4cf94657e836da
100644
--- a/src/api.cc
+++ b/src/api.cc
@@ -6038,6 +6038,11 @@ bool v8::ArrayBuffer::IsExternal() const {
}
+bool v8::ArrayBuffer::IsNeuterable() const {
+ return Utils::OpenHandle(this)->is_neuterable();
+}
+
+
v8::ArrayBuffer::Contents v8::ArrayBuffer::Externalize() {
i::Handle<i::JSArrayBuffer> obj = Utils::OpenHandle(this);
Utils::ApiCheck(!obj->is_external(),
@@ -6058,6 +6063,8 @@ void v8::ArrayBuffer::Neuter() {
Utils::ApiCheck(obj->is_external(),
"v8::ArrayBuffer::Neuter",
"Only externalized ArrayBuffers can be neutered");
+ Utils::ApiCheck(obj->is_neuterable(), "v8::ArrayBuffer::Neuter",
+ "Only neuterable ArrayBuffers can be neutered");
LOG_API(obj->GetIsolate(), "v8::ArrayBuffer::Neuter()");
ENTER_V8(isolate);
i::Runtime::NeuterArrayBuffer(obj);
Index: src/objects-inl.h
diff --git a/src/objects-inl.h b/src/objects-inl.h
index
c00ecddb565afc5529e44a840c594e9dcf59dfa4..b0996afb82e328fab772a53aaa05f7f3eeb3ddd6
100644
--- a/src/objects-inl.h
+++ b/src/objects-inl.h
@@ -6300,6 +6300,16 @@ void JSArrayBuffer::set_should_be_freed(bool value) {
}
+bool JSArrayBuffer::is_neuterable() {
+ return BooleanBit::get(flag(), kIsNeuterableBit);
+}
+
+
+void JSArrayBuffer::set_is_neuterable(bool value) {
+ set_flag(BooleanBit::set(flag(), kIsNeuterableBit, value));
+}
+
+
ACCESSORS(JSArrayBuffer, weak_next, Object, kWeakNextOffset)
ACCESSORS(JSArrayBuffer, weak_first_view, Object, kWeakFirstViewOffset)
Index: src/objects.cc
diff --git a/src/objects.cc b/src/objects.cc
index
c0814a80cb0e184db7cc4e880a697b560bd85a11..ea07582481a4baff42ad7f8e9a24978991a3a2e9
100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -16365,13 +16365,15 @@ void JSDate::SetCachedFields(int64_t
local_time_ms, DateCache* date_cache) {
void JSArrayBuffer::Neuter() {
- DCHECK(is_external());
+ CHECK(is_neuterable());
+ CHECK(is_external());
set_backing_store(NULL);
set_byte_length(Smi::FromInt(0));
}
void JSArrayBufferView::NeuterView() {
+ CHECK(JSArrayBuffer::cast(buffer())->is_neuterable());
set_byte_offset(Smi::FromInt(0));
set_byte_length(Smi::FromInt(0));
}
Index: src/objects.h
diff --git a/src/objects.h b/src/objects.h
index
f6c4d19e66e485354f85a2dba7f90cbc76249011..d513f979226806e4be9ae6f5c69b0c64996c1e1b
100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -9961,6 +9961,9 @@ class JSArrayBuffer: public JSObject {
inline bool should_be_freed();
inline void set_should_be_freed(bool value);
+ inline bool is_neuterable();
+ inline void set_is_neuterable(bool value);
+
// [weak_next]: linked list of array buffers.
DECL_ACCESSORS(weak_next, Object)
@@ -9990,6 +9993,7 @@ class JSArrayBuffer: public JSObject {
// Bit position in a flag
static const int kIsExternalBit = 0;
static const int kShouldBeFreed = 1;
+ static const int kIsNeuterableBit = 2;
DISALLOW_IMPLICIT_CONSTRUCTORS(JSArrayBuffer);
};
Index: src/runtime/runtime-typedarray.cc
diff --git a/src/runtime/runtime-typedarray.cc
b/src/runtime/runtime-typedarray.cc
index
d702ff99d63c1b3ee0741dae6e1eb9fb56b185a8..cd2c0eb9fa1a3b5ca90b85b0c949b7f383c92b25
100644
--- a/src/runtime/runtime-typedarray.cc
+++ b/src/runtime/runtime-typedarray.cc
@@ -44,6 +44,7 @@ void Runtime::SetupArrayBuffer(Isolate* isolate,
array_buffer->set_backing_store(data);
array_buffer->set_flag(Smi::FromInt(0));
array_buffer->set_is_external(is_external);
+ array_buffer->set_is_neuterable(true);
Handle<Object> byte_length =
isolate->factory()->NewNumberFromSize(allocated_length);
Index: test/cctest/test-api.cc
diff --git a/test/cctest/test-api.cc b/test/cctest/test-api.cc
index
717cfb340b21417ec0d296cb68829c1238d63ca0..11393f097ef71be37efbba73753ac9dc362ac6ab
100644
--- a/test/cctest/test-api.cc
+++ b/test/cctest/test-api.cc
@@ -3293,6 +3293,24 @@ THREADED_TEST(ArrayBuffer_External) {
}
+THREADED_TEST(ArrayBuffer_DisableNeuter) {
+ LocalContext env;
+ v8::Isolate* isolate = env->GetIsolate();
+ v8::HandleScope handle_scope(isolate);
+
+ i::ScopedVector<uint8_t> my_data(100);
+ memset(my_data.start(), 0, 100);
+ Local<v8::ArrayBuffer> ab =
+ v8::ArrayBuffer::New(isolate, my_data.start(), 100);
+ CHECK(ab->IsNeuterable());
+
+ i::Handle<i::JSArrayBuffer> buf = v8::Utils::OpenHandle(*ab);
+ buf->set_is_neuterable(false);
+
+ CHECK(!ab->IsNeuterable());
+}
+
+
static void CheckDataViewIsNeutered(v8::Handle<v8::DataView> dv) {
CHECK_EQ(0, static_cast<int>(dv->ByteLength()));
CHECK_EQ(0, static_cast<int>(dv->ByteOffset()));
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
