Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(103)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/json-stringifier.h

Issue 1435083003: [JSON stringifier] Correctly load array elements. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-554946.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef V8_JSON_STRINGIFIER_H_ 5 #ifndef V8_JSON_STRINGIFIER_H_
6 #define V8_JSON_STRINGIFIER_H_ 6 #define V8_JSON_STRINGIFIER_H_
7 7
8 #include "src/conversions.h" 8 #include "src/conversions.h"
9 #include "src/lookup.h" 9 #include "src/lookup.h"
10 #include "src/messages.h" 10 #include "src/messages.h"
(...skipping 417 matching lines...) Expand 10 before | Expand all | Expand 10 after
428 428
429 429
430 BasicJsonStringifier::Result BasicJsonStringifier::SerializeJSArray( 430 BasicJsonStringifier::Result BasicJsonStringifier::SerializeJSArray(
431 Handle<JSArray> object) { 431 Handle<JSArray> object) {
432 HandleScope handle_scope(isolate_); 432 HandleScope handle_scope(isolate_);
433 Result stack_push = StackPush(object); 433 Result stack_push = StackPush(object);
434 if (stack_push != SUCCESS) return stack_push; 434 if (stack_push != SUCCESS) return stack_push;
435 uint32_t length = 0; 435 uint32_t length = 0;
436 CHECK(object->length()->ToArrayLength(&length)); 436 CHECK(object->length()->ToArrayLength(&length));
437 builder_.AppendCharacter('['); 437 builder_.AppendCharacter('[');
438 switch (object->GetElementsKind()) { 438 Result result = SerializeJSArraySlow(object, length);
439 case FAST_SMI_ELEMENTS: { 439 if (result != SUCCESS) return result;
440 Handle<FixedArray> elements(
441 FixedArray::cast(object->elements()), isolate_);
442 for (uint32_t i = 0; i < length; i++) {
443 if (i > 0) builder_.AppendCharacter(',');
444 SerializeSmi(Smi::cast(elements->get(i)));
445 }
446 break;
447 }
448 case FAST_DOUBLE_ELEMENTS: {
449 // Empty array is FixedArray but not FixedDoubleArray.
450 if (length == 0) break;
451 Handle<FixedDoubleArray> elements(
452 FixedDoubleArray::cast(object->elements()), isolate_);
453 for (uint32_t i = 0; i < length; i++) {
454 if (i > 0) builder_.AppendCharacter(',');
455 SerializeDouble(elements->get_scalar(i));
456 }
457 break;
458 }
459 case FAST_ELEMENTS: {
460 Handle<FixedArray> elements(
461 FixedArray::cast(object->elements()), isolate_);
462 for (uint32_t i = 0; i < length; i++) {
463 if (i > 0) builder_.AppendCharacter(',');
464 Result result =
465 SerializeElement(isolate_,
466 Handle<Object>(elements->get(i), isolate_),
467 i);
468 if (result == SUCCESS) continue;
469 if (result == UNCHANGED) {
470 builder_.AppendCString("null");
471 } else {
472 return result;
473 }
474 }
475 break;
476 }
477 // TODO(yangguo): The FAST_HOLEY_* cases could be handled in a faster way.
478 // They resemble the non-holey cases except that a prototype chain lookup
479 // is necessary for holes.
480 default: {
481 Result result = SerializeJSArraySlow(object, length);
482 if (result != SUCCESS) return result;
483 break;
484 }
485 }
486 builder_.AppendCharacter(']'); 440 builder_.AppendCharacter(']');
487 StackPop(); 441 StackPop();
488 return SUCCESS; 442 return SUCCESS;
489 } 443 }
490 444
491 445
492 BasicJsonStringifier::Result BasicJsonStringifier::SerializeJSArraySlow( 446 BasicJsonStringifier::Result BasicJsonStringifier::SerializeJSArraySlow(
493 Handle<JSArray> object, uint32_t length) { 447 Handle<JSArray> object, uint32_t length) {
494 for (uint32_t i = 0; i < length; i++) { 448 for (uint32_t i = 0; i < length; i++) {
495 if (i > 0) builder_.AppendCharacter(','); 449 if (i > 0) builder_.AppendCharacter(',');
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after
673 } else { 627 } else {
674 SerializeString_<uc16, uc16>(object); 628 SerializeString_<uc16, uc16>(object);
675 } 629 }
676 } 630 }
677 } 631 }
678 632
679 } // namespace internal 633 } // namespace internal
680 } // namespace v8 634 } // namespace v8
681 635
682 #endif // V8_JSON_STRINGIFIER_H_ 636 #endif // V8_JSON_STRINGIFIER_H_
OLDNEW
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-554946.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698