http://codereview.chromium.org/7039037/diff/1/src/json-parser.cc File src/json-parser.cc (right):
http://codereview.chromium.org/7039037/diff/1/src/json-parser.cc#newcode46 src/json-parser.cc:46: is_sequential_ascii_ = true; That what is not the case? That strings can change, or that the code is interrupted? In either case, it's not true. The MakeExternal api function can be called from a weak callback triggered by GC, so any time you do allocation (since this is Handle code), your string representation could potentially change. It probably doesn't happen, but I can't guarantee that it isn't a security problem if it does. I.e., you can only cache the string shape for the duration of a AssertNoAllocation guard. ALternatively, put a guard on the MakeExternal api function that disallows it during GC (which is a very reasonable thing to do anyway - GC callbacks should be restricted in what they can do, and they currently aren't). Obviously if you allow preemption (any stack-guards), things can change at that time too, but you don't do that here. http://codereview.chromium.org/7039037/diff/8001/src/json-parser.cc#newcode347 src/json-parser.cc:347: number_ = StringToDouble(isolate()->unicode_cache(), You only need an ASCII buffer (we have already established that it is a number literal, so all characters are ASCII). http://codereview.chromium.org/7039037/diff/8001/src/json-parser.cc#newcode348 src/json-parser.cc:348: *value, res -> result. http://codereview.chromium.org/7039037/diff/8001/src/json-parser.cc#newcode354 src/json-parser.cc:354: Just drop the last argument (i.e., let it default to 0.0). We know that the string isn't empty anyway. http://codereview.chromium.org/7039037/diff/8001/src/json-parser.cc#newcode478 src/json-parser.cc:478: length); I guess that's ok ... for now. http://codereview.chromium.org/7039037/ -- v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev
