Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(180)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/elements.cc

Issue 1804963002: [builtins] Fix Array.prototype.concat bug (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: polishing corner cases and making tests work Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/elements.h ('k') | test/mjsunit/array-concat.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/elements.h" 5 #include "src/elements.h"
6 6
7 #include "src/arguments.h" 7 #include "src/arguments.h"
8 #include "src/conversions.h" 8 #include "src/conversions.h"
9 #include "src/factory.h" 9 #include "src/factory.h"
10 #include "src/messages.h" 10 #include "src/messages.h"
(...skipping 529 matching lines...) Expand 10 before | Expand all | Expand 10 after
540 backing_store, filter); 540 backing_store, filter);
541 } 541 }
542 542
543 static bool HasElementImpl(Handle<JSObject> holder, uint32_t index, 543 static bool HasElementImpl(Handle<JSObject> holder, uint32_t index,
544 Handle<FixedArrayBase> backing_store, 544 Handle<FixedArrayBase> backing_store,
545 PropertyFilter filter) { 545 PropertyFilter filter) {
546 return ElementsAccessorSubclass::GetEntryForIndexImpl( 546 return ElementsAccessorSubclass::GetEntryForIndexImpl(
547 *holder, *backing_store, index, filter) != kMaxUInt32; 547 *holder, *backing_store, index, filter) != kMaxUInt32;
548 } 548 }
549 549
550 bool HasAccessors(JSObject* holder) final {
551 return ElementsAccessorSubclass::HasAccessorsImpl(holder,
552 holder->elements());
553 }
554
555 static bool HasAccessorsImpl(JSObject* holder,
556 FixedArrayBase* backing_store) {
557 return false;
558 }
559
550 Handle<Object> Get(Handle<JSObject> holder, uint32_t entry) final { 560 Handle<Object> Get(Handle<JSObject> holder, uint32_t entry) final {
551 return ElementsAccessorSubclass::GetImpl(holder, entry); 561 return ElementsAccessorSubclass::GetImpl(holder, entry);
552 } 562 }
553 563
554 static Handle<Object> GetImpl(Handle<JSObject> holder, uint32_t entry) { 564 static Handle<Object> GetImpl(Handle<JSObject> holder, uint32_t entry) {
555 return ElementsAccessorSubclass::GetImpl(holder->elements(), entry); 565 return ElementsAccessorSubclass::GetImpl(holder->elements(), entry);
556 } 566 }
557 567
558 static Handle<Object> GetImpl(FixedArrayBase* backing_store, uint32_t entry) { 568 static Handle<Object> GetImpl(FixedArrayBase* backing_store, uint32_t entry) {
559 Isolate* isolate = backing_store->GetIsolate(); 569 Isolate* isolate = backing_store->GetIsolate();
(...skipping 527 matching lines...) Expand 10 before | Expand all | Expand 10 after
1087 SeededNumberDictionary::cast(obj->elements())); 1097 SeededNumberDictionary::cast(obj->elements()));
1088 uint32_t index = GetIndexForEntryImpl(*dict, entry); 1098 uint32_t index = GetIndexForEntryImpl(*dict, entry);
1089 Handle<Object> result = SeededNumberDictionary::DeleteProperty(dict, entry); 1099 Handle<Object> result = SeededNumberDictionary::DeleteProperty(dict, entry);
1090 USE(result); 1100 USE(result);
1091 DCHECK(result->IsTrue()); 1101 DCHECK(result->IsTrue());
1092 Handle<FixedArray> new_elements = 1102 Handle<FixedArray> new_elements =
1093 SeededNumberDictionary::Shrink(dict, index); 1103 SeededNumberDictionary::Shrink(dict, index);
1094 obj->set_elements(*new_elements); 1104 obj->set_elements(*new_elements);
1095 } 1105 }
1096 1106
1107 static bool HasAccessorsImpl(JSObject* holder,
1108 FixedArrayBase* backing_store) {
1109 SeededNumberDictionary* dict = SeededNumberDictionary::cast(backing_store);
1110 if (!dict->requires_slow_elements()) return false;
1111 int capacity = dict->Capacity();
1112 for (int i = 0; i < capacity; i++) {
1113 Object* key = dict->KeyAt(i);
1114 if (!dict->IsKey(key)) continue;
1115 DCHECK(!dict->IsDeleted(i));
1116 PropertyDetails details = dict->DetailsAt(i);
1117 if (details.type() == ACCESSOR_CONSTANT) return true;
1118 }
1119 return false;
1120 }
1121
1097 static Object* GetRaw(FixedArrayBase* store, uint32_t entry) { 1122 static Object* GetRaw(FixedArrayBase* store, uint32_t entry) {
1098 SeededNumberDictionary* backing_store = SeededNumberDictionary::cast(store); 1123 SeededNumberDictionary* backing_store = SeededNumberDictionary::cast(store);
1099 return backing_store->ValueAt(entry); 1124 return backing_store->ValueAt(entry);
1100 } 1125 }
1101 1126
1102 static Handle<Object> GetImpl(Handle<JSObject> holder, uint32_t entry) { 1127 static Handle<Object> GetImpl(Handle<JSObject> holder, uint32_t entry) {
1103 return GetImpl(holder->elements(), entry); 1128 return GetImpl(holder->elements(), entry);
1104 } 1129 }
1105 1130
1106 static Handle<Object> GetImpl(FixedArrayBase* backing_store, uint32_t entry) { 1131 static Handle<Object> GetImpl(FixedArrayBase* backing_store, uint32_t entry) {
(...skipping 885 matching lines...) Expand 10 before | Expand all | Expand 10 after
1992 uint32_t entry) { 2017 uint32_t entry) {
1993 return PropertyDetails(DONT_DELETE, DATA, 0, PropertyCellType::kNoCell); 2018 return PropertyDetails(DONT_DELETE, DATA, 0, PropertyCellType::kNoCell);
1994 } 2019 }
1995 2020
1996 static bool HasElementImpl(Handle<JSObject> holder, uint32_t index, 2021 static bool HasElementImpl(Handle<JSObject> holder, uint32_t index,
1997 Handle<FixedArrayBase> backing_store, 2022 Handle<FixedArrayBase> backing_store,
1998 PropertyFilter filter) { 2023 PropertyFilter filter) {
1999 return index < AccessorClass::GetCapacityImpl(*holder, *backing_store); 2024 return index < AccessorClass::GetCapacityImpl(*holder, *backing_store);
2000 } 2025 }
2001 2026
2027 static bool HasAccessorsImpl(JSObject* holder,
2028 FixedArrayBase* backing_store) {
2029 return false;
2030 }
2031
2002 static void SetLengthImpl(Isolate* isolate, Handle<JSArray> array, 2032 static void SetLengthImpl(Isolate* isolate, Handle<JSArray> array,
2003 uint32_t length, 2033 uint32_t length,
2004 Handle<FixedArrayBase> backing_store) { 2034 Handle<FixedArrayBase> backing_store) {
2005 // External arrays do not support changing their length. 2035 // External arrays do not support changing their length.
2006 UNREACHABLE(); 2036 UNREACHABLE();
2007 } 2037 }
2008 2038
2009 static void DeleteImpl(Handle<JSObject> obj, uint32_t entry) { 2039 static void DeleteImpl(Handle<JSObject> obj, uint32_t entry) {
2010 UNREACHABLE(); 2040 UNREACHABLE();
2011 } 2041 }
(...skipping 150 matching lines...) Expand 10 before | Expand all | Expand 10 after
2162 FixedArray* parameter_map = FixedArray::cast(parameters); 2192 FixedArray* parameter_map = FixedArray::cast(parameters);
2163 uint32_t length = parameter_map->length() - 2; 2193 uint32_t length = parameter_map->length() - 2;
2164 if (entry < length) { 2194 if (entry < length) {
2165 return !GetParameterMapArg(parameter_map, entry)->IsTheHole(); 2195 return !GetParameterMapArg(parameter_map, entry)->IsTheHole();
2166 } 2196 }
2167 2197
2168 FixedArrayBase* arguments = FixedArrayBase::cast(parameter_map->get(1)); 2198 FixedArrayBase* arguments = FixedArrayBase::cast(parameter_map->get(1));
2169 return ArgumentsAccessor::HasEntryImpl(arguments, entry - length); 2199 return ArgumentsAccessor::HasEntryImpl(arguments, entry - length);
2170 } 2200 }
2171 2201
2202 static bool HasAccessorsImpl(JSObject* holder,
2203 FixedArrayBase* backing_store) {
2204 FixedArray* parameter_map = FixedArray::cast(backing_store);
2205 FixedArrayBase* arguments = FixedArrayBase::cast(parameter_map->get(1));
2206 return ArgumentsAccessor::HasAccessorsImpl(holder, arguments);
2207 }
2208
2172 static uint32_t GetIndexForEntryImpl(FixedArrayBase* parameters, 2209 static uint32_t GetIndexForEntryImpl(FixedArrayBase* parameters,
2173 uint32_t entry) { 2210 uint32_t entry) {
2174 FixedArray* parameter_map = FixedArray::cast(parameters); 2211 FixedArray* parameter_map = FixedArray::cast(parameters);
2175 uint32_t length = parameter_map->length() - 2; 2212 uint32_t length = parameter_map->length() - 2;
2176 if (entry < length) return entry; 2213 if (entry < length) return entry;
2177 2214
2178 FixedArray* arguments = FixedArray::cast(parameter_map->get(1)); 2215 FixedArray* arguments = FixedArray::cast(parameter_map->get(1));
2179 return ArgumentsAccessor::GetIndexForEntryImpl(arguments, entry - length); 2216 return ArgumentsAccessor::GetIndexForEntryImpl(arguments, entry - length);
2180 } 2217 }
2181 2218
(...skipping 419 matching lines...) Expand 10 before | Expand all | Expand 10 after
2601 2638
2602 class SlowStringWrapperElementsAccessor 2639 class SlowStringWrapperElementsAccessor
2603 : public StringWrapperElementsAccessor< 2640 : public StringWrapperElementsAccessor<
2604 SlowStringWrapperElementsAccessor, DictionaryElementsAccessor, 2641 SlowStringWrapperElementsAccessor, DictionaryElementsAccessor,
2605 ElementsKindTraits<SLOW_STRING_WRAPPER_ELEMENTS>> { 2642 ElementsKindTraits<SLOW_STRING_WRAPPER_ELEMENTS>> {
2606 public: 2643 public:
2607 explicit SlowStringWrapperElementsAccessor(const char* name) 2644 explicit SlowStringWrapperElementsAccessor(const char* name)
2608 : StringWrapperElementsAccessor< 2645 : StringWrapperElementsAccessor<
2609 SlowStringWrapperElementsAccessor, DictionaryElementsAccessor, 2646 SlowStringWrapperElementsAccessor, DictionaryElementsAccessor,
2610 ElementsKindTraits<SLOW_STRING_WRAPPER_ELEMENTS>>(name) {} 2647 ElementsKindTraits<SLOW_STRING_WRAPPER_ELEMENTS>>(name) {}
2648
2649 static bool HasAccessorsImpl(JSObject* holder,
2650 FixedArrayBase* backing_store) {
2651 return DictionaryElementsAccessor::HasAccessorsImpl(holder, backing_store);
2652 }
2611 }; 2653 };
2612 2654
2613 } // namespace 2655 } // namespace
2614 2656
2615 2657
2616 void CheckArrayAbuse(Handle<JSObject> obj, const char* op, uint32_t index, 2658 void CheckArrayAbuse(Handle<JSObject> obj, const char* op, uint32_t index,
2617 bool allow_appending) { 2659 bool allow_appending) {
2618 DisallowHeapAllocation no_allocation; 2660 DisallowHeapAllocation no_allocation;
2619 Object* raw_length = NULL; 2661 Object* raw_length = NULL;
2620 const char* elements_type = "array"; 2662 const char* elements_type = "array";
(...skipping 202 matching lines...) Expand 10 before | Expand all | Expand 10 after
2823 } 2865 }
2824 } 2866 }
2825 2867
2826 DCHECK(j == result_len); 2868 DCHECK(j == result_len);
2827 return result_array; 2869 return result_array;
2828 } 2870 }
2829 2871
2830 ElementsAccessor** ElementsAccessor::elements_accessors_ = NULL; 2872 ElementsAccessor** ElementsAccessor::elements_accessors_ = NULL;
2831 } // namespace internal 2873 } // namespace internal
2832 } // namespace v8 2874 } // namespace v8
OLDNEW
« no previous file with comments | « src/elements.h ('k') | test/mjsunit/array-concat.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698