diff options
Diffstat (limited to 'chromium/v8/src/heap/heap.cc')
| -rw-r--r-- | chromium/v8/src/heap/heap.cc | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/chromium/v8/src/heap/heap.cc b/chromium/v8/src/heap/heap.cc index c5c0a7c54ea..458c6c7e094 100644 --- a/chromium/v8/src/heap/heap.cc +++ b/chromium/v8/src/heap/heap.cc @@ -2381,6 +2381,7 @@ AllocationResult Heap::AllocatePartialMap(InstanceType instance_type, Map::ConstructionCounter::encode(Map::kNoSlackTracking); map->set_bit_field3(bit_field3); map->set_weak_cell_cache(Smi::kZero); + map->set_elements_kind(TERMINAL_FAST_ELEMENTS_KIND); return map; } @@ -2388,6 +2389,11 @@ AllocationResult Heap::AllocatePartialMap(InstanceType instance_type, AllocationResult Heap::AllocateMap(InstanceType instance_type, int instance_size, ElementsKind elements_kind) { + STATIC_ASSERT(LAST_JS_OBJECT_TYPE == LAST_TYPE); + DCHECK_IMPLIES(instance_type >= FIRST_JS_OBJECT_TYPE && + !Map::CanHaveFastTransitionableElementsKind(instance_type), + IsDictionaryElementsKind(elements_kind) || + IsTerminalElementsKind(elements_kind)); HeapObject* result = nullptr; AllocationResult allocation = AllocateRaw(Map::kSize, MAP_SPACE); if (!allocation.To(&result)) return allocation; @@ -3760,7 +3766,10 @@ AllocationResult Heap::AllocateFixedArrayWithFiller(int length, AllocationResult Heap::AllocatePropertyArray(int length, PretenureFlag pretenure) { + // Allow length = 0 for the empty_property_array singleton. DCHECK_LE(0, length); + DCHECK_IMPLIES(length == 0, pretenure == TENURED); + DCHECK(!InNewSpace(undefined_value())); HeapObject* result = nullptr; { |