[v8-dev] [v8] r13632 committed - Add additional flags to control array abuse tracing...

[codesite-noreply]

Revision: 13632
Author:   da...@chromium.org
Date:     Fri Feb  8 06:32:38 2013
Log:      Add additional flags to control array abuse tracing
R=jkumme...@chromium.org

Review URL: https://codereview.chromium.org/12211095
http://code.google.com/p/v8/source/detail?r=13632

Modified:
 /branches/bleeding_edge/src/elements.cc
 /branches/bleeding_edge/src/elements.h
 /branches/bleeding_edge/src/flag-definitions.h
 /branches/bleeding_edge/src/objects.cc

=======================================
--- /branches/bleeding_edge/src/elements.cc     Wed Feb  6 23:56:11 2013
+++ /branches/bleeding_edge/src/elements.cc     Fri Feb  8 06:32:38 2013
@@ -504,7 +504,8 @@
 }


-void CheckArrayAbuse(JSObject* obj, const char* op, uint32_t key) {
+void CheckArrayAbuse(JSObject* obj, const char* op, uint32_t key,
+                     bool allow_appending) {
   Object* raw_length = NULL;
   const char* elements_type = "array";
   if (obj->IsJSArray()) {
@@ -519,7 +520,9 @@
     double n = raw_length->Number();
     if (FastI2D(FastD2UI(n)) == n) {
       int32_t int32_length = DoubleToInt32(n);
-      if (key >= static_cast<uint32_t>(int32_length)) {
+      uint32_t compare_length = static_cast<uint32_t>(int32_length);
+      if (allow_appending) compare_length++;
+      if (key >= compare_length) {
         PrintF("[OOB %s %s (%s length = %d, element accessed = %d) in ",
                elements_type, op, elements_type,
                static_cast<int>(int32_length),
@@ -628,8 +631,14 @@
       backing_store = holder->elements();
     }

-    if (FLAG_trace_array_abuse) {
-      CheckArrayAbuse(holder, "element read", key);
+    if (!IsExternalArrayElementsKind(ElementsTraits::Kind) &&
+        FLAG_trace_js_array_abuse) {
+      CheckArrayAbuse(holder, "elements read", key);
+    }
+
+    if (IsExternalArrayElementsKind(ElementsTraits::Kind) &&
+        FLAG_trace_external_array_abuse) {
+      CheckArrayAbuse(holder, "external elements read", key);
     }

     return ElementsAccessorSubclass::GetImpl(
=======================================
--- /branches/bleeding_edge/src/elements.h      Wed Feb  6 23:56:11 2013
+++ /branches/bleeding_edge/src/elements.h      Fri Feb  8 06:32:38 2013
@@ -197,7 +197,8 @@
   DISALLOW_COPY_AND_ASSIGN(ElementsAccessor);
 };

-void CheckArrayAbuse(JSObject* obj, const char* op, uint32_t key);
+void CheckArrayAbuse(JSObject* obj, const char* op, uint32_t key,
+                     bool allow_appending = false);

 } }  // namespace v8::internal

=======================================
--- /branches/bleeding_edge/src/flag-definitions.h      Wed Feb  6 23:56:11 2013
+++ /branches/bleeding_edge/src/flag-definitions.h      Fri Feb  8 06:32:38 2013
@@ -363,7 +363,14 @@

 // debug.cc
 DEFINE_bool(trace_debug_json, false, "trace debugging JSON  
request/response")
-DEFINE_bool(trace_array_abuse, false, "trace out-of-bounds array accesses")
+DEFINE_bool(trace_js_array_abuse, false,
+            "trace out-of-bounds accesses to JS arrays")
+DEFINE_bool(trace_external_array_abuse, false,
+            "trace out-of-bounds-accesses to external arrays")
+DEFINE_bool(trace_array_abuse, false,
+            "trace out-of-bounds accesses to all arrays")
+DEFINE_implication(trace_array_abuse, trace_js_array_abuse)
+DEFINE_implication(trace_array_abuse, trace_external_array_abuse)
 DEFINE_bool(debugger_auto_break, true,
             "automatically set the debug break flag when debugger commands  
are "
             "in the queue")
=======================================
--- /branches/bleeding_edge/src/objects.cc      Wed Feb  6 23:56:11 2013
+++ /branches/bleeding_edge/src/objects.cc      Fri Feb  8 06:32:38 2013
@@ -10405,9 +10405,14 @@
          HasDictionaryArgumentsElements() ||
          (attr & (DONT_DELETE | DONT_ENUM | READ_ONLY)) == 0);
   Isolate* isolate = GetIsolate();
-  if (FLAG_trace_array_abuse) {
-    if (IsExternalArrayElementsKind(GetElementsKind())) {
-      CheckArrayAbuse(this, "external elements write", index);
+  if (FLAG_trace_external_array_abuse &&
+      IsExternalArrayElementsKind(GetElementsKind())) {
+    CheckArrayAbuse(this, "external elements write", index);
+  }
+  if (FLAG_trace_js_array_abuse &&
+      !IsExternalArrayElementsKind(GetElementsKind())) {
+    if (IsJSArray()) {
+      CheckArrayAbuse(this, "elements write", index, true);
     }
   }
   switch (GetElementsKind()) {

--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
--- 
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.