| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "src/builtins.h" | 5 #include "src/builtins.h" |
| 6 | 6 |
| 7 #include "src/api.h" | 7 #include "src/api.h" |
| 8 #include "src/api-arguments.h" | 8 #include "src/api-arguments.h" |
| 9 #include "src/api-natives.h" | 9 #include "src/api-natives.h" |
| 10 #include "src/base/once.h" | 10 #include "src/base/once.h" |
| (...skipping 688 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 699 storage_(isolate->global_handles()->Create(*storage)), | 699 storage_(isolate->global_handles()->Create(*storage)), |
| 700 index_offset_(0u), | 700 index_offset_(0u), |
| 701 bit_field_(FastElementsField::encode(fast_elements) | | 701 bit_field_(FastElementsField::encode(fast_elements) | |
| 702 ExceedsLimitField::encode(false) | | 702 ExceedsLimitField::encode(false) | |
| 703 IsFixedArrayField::encode(storage->IsFixedArray())) { | 703 IsFixedArrayField::encode(storage->IsFixedArray())) { |
| 704 DCHECK(!(this->fast_elements() && !is_fixed_array())); | 704 DCHECK(!(this->fast_elements() && !is_fixed_array())); |
| 705 } | 705 } |
| 706 | 706 |
| 707 ~ArrayConcatVisitor() { clear_storage(); } | 707 ~ArrayConcatVisitor() { clear_storage(); } |
| 708 | 708 |
| 709 bool visit(uint32_t i, Handle<Object> elm) { | 709 MUST_USE_RESULT bool visit(uint32_t i, Handle<Object> elm) { |
| 710 uint32_t index = index_offset_ + i; | 710 uint32_t index = index_offset_ + i; |
| 711 | 711 |
| 712 if (i >= JSObject::kMaxElementCount - index_offset_) { | 712 if (i >= JSObject::kMaxElementCount - index_offset_) { |
| 713 set_exceeds_array_limit(true); | 713 set_exceeds_array_limit(true); |
| 714 // Exception hasn't been thrown at this point. Return true to | 714 // Exception hasn't been thrown at this point. Return true to |
| 715 // break out, and caller will throw. !visit would imply that | 715 // break out, and caller will throw. !visit would imply that |
| 716 // there is already a pending exception. | 716 // there is already a pending exception. |
| 717 return true; | 717 return true; |
| 718 } | 718 } |
| 719 | 719 |
| 720 if (!is_fixed_array()) { | 720 if (!is_fixed_array()) { |
| 721 Handle<Object> element_value; | 721 LookupIterator it(isolate_, storage_, index, LookupIterator::OWN); |
| 722 ASSIGN_RETURN_ON_EXCEPTION_VALUE( | 722 MAYBE_RETURN( |
| 723 isolate_, element_value, | 723 JSReceiver::CreateDataProperty(&it, elm, Object::THROW_ON_ERROR), |
| 724 Object::SetElement(isolate_, storage_, index, elm, STRICT), false); | 724 false); |
| 725 return true; | 725 return true; |
| 726 } | 726 } |
| 727 | 727 |
| 728 if (fast_elements()) { | 728 if (fast_elements()) { |
| 729 if (index < static_cast<uint32_t>(storage_fixed_array()->length())) { | 729 if (index < static_cast<uint32_t>(storage_fixed_array()->length())) { |
| 730 storage_fixed_array()->set(index, *elm); | 730 storage_fixed_array()->set(index, *elm); |
| 731 return true; | 731 return true; |
| 732 } | 732 } |
| 733 // Our initial estimate of length was foiled, possibly by | 733 // Our initial estimate of length was foiled, possibly by |
| 734 // getters on the arrays increasing the length of later arrays | 734 // getters on the arrays increasing the length of later arrays |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 816 if (!new_storage.is_identical_to(slow_storage)) { | 816 if (!new_storage.is_identical_to(slow_storage)) { |
| 817 slow_storage = loop_scope.CloseAndEscape(new_storage); | 817 slow_storage = loop_scope.CloseAndEscape(new_storage); |
| 818 } | 818 } |
| 819 } | 819 } |
| 820 }); | 820 }); |
| 821 clear_storage(); | 821 clear_storage(); |
| 822 set_storage(*slow_storage); | 822 set_storage(*slow_storage); |
| 823 set_fast_elements(false); | 823 set_fast_elements(false); |
| 824 } | 824 } |
| 825 | 825 |
| 826 inline void clear_storage() { | 826 inline void clear_storage() { GlobalHandles::Destroy(storage_.location()); } |
| 827 GlobalHandles::Destroy(Handle<Object>::cast(storage_).location()); | |
| 828 } | |
| 829 | 827 |
| 830 inline void set_storage(FixedArray* storage) { | 828 inline void set_storage(FixedArray* storage) { |
| 831 DCHECK(is_fixed_array()); | 829 DCHECK(is_fixed_array()); |
| 832 storage_ = isolate_->global_handles()->Create(storage); | 830 storage_ = isolate_->global_handles()->Create(storage); |
| 833 } | 831 } |
| 834 | 832 |
| 835 class FastElementsField : public BitField<bool, 0, 1> {}; | 833 class FastElementsField : public BitField<bool, 0, 1> {}; |
| 836 class ExceedsLimitField : public BitField<bool, 1, 1> {}; | 834 class ExceedsLimitField : public BitField<bool, 1, 1> {}; |
| 837 class IsFixedArrayField : public BitField<bool, 2, 1> {}; | 835 class IsFixedArrayField : public BitField<bool, 2, 1> {}; |
| 838 | 836 |
| (...skipping 556 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1395 for (int i = 0; i < argument_count; i++) { | 1393 for (int i = 0; i < argument_count; i++) { |
| 1396 Handle<Object> obj((*args)[i], isolate); | 1394 Handle<Object> obj((*args)[i], isolate); |
| 1397 Maybe<bool> spreadable = IsConcatSpreadable(isolate, obj); | 1395 Maybe<bool> spreadable = IsConcatSpreadable(isolate, obj); |
| 1398 MAYBE_RETURN(spreadable, isolate->heap()->exception()); | 1396 MAYBE_RETURN(spreadable, isolate->heap()->exception()); |
| 1399 if (spreadable.FromJust()) { | 1397 if (spreadable.FromJust()) { |
| 1400 Handle<JSReceiver> object = Handle<JSReceiver>::cast(obj); | 1398 Handle<JSReceiver> object = Handle<JSReceiver>::cast(obj); |
| 1401 if (!IterateElements(isolate, object, &visitor)) { | 1399 if (!IterateElements(isolate, object, &visitor)) { |
| 1402 return isolate->heap()->exception(); | 1400 return isolate->heap()->exception(); |
| 1403 } | 1401 } |
| 1404 } else { | 1402 } else { |
| 1405 visitor.visit(0, obj); | 1403 if (!visitor.visit(0, obj)) return isolate->heap()->exception(); |
| 1406 visitor.increase_index_offset(1); | 1404 visitor.increase_index_offset(1); |
| 1407 } | 1405 } |
| 1408 } | 1406 } |
| 1409 | 1407 |
| 1410 if (visitor.exceeds_array_limit()) { | 1408 if (visitor.exceeds_array_limit()) { |
| 1411 THROW_NEW_ERROR_RETURN_FAILURE( | 1409 THROW_NEW_ERROR_RETURN_FAILURE( |
| 1412 isolate, NewRangeError(MessageTemplate::kInvalidArrayLength)); | 1410 isolate, NewRangeError(MessageTemplate::kInvalidArrayLength)); |
| 1413 } | 1411 } |
| 1414 | 1412 |
| 1415 if (is_array_species) { | 1413 if (is_array_species) { |
| (...skipping 3123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4539 BUILTIN_LIST_C(DEFINE_BUILTIN_ACCESSOR_C) | 4537 BUILTIN_LIST_C(DEFINE_BUILTIN_ACCESSOR_C) |
| 4540 BUILTIN_LIST_A(DEFINE_BUILTIN_ACCESSOR_A) | 4538 BUILTIN_LIST_A(DEFINE_BUILTIN_ACCESSOR_A) |
| 4541 BUILTIN_LIST_H(DEFINE_BUILTIN_ACCESSOR_H) | 4539 BUILTIN_LIST_H(DEFINE_BUILTIN_ACCESSOR_H) |
| 4542 BUILTIN_LIST_DEBUG_A(DEFINE_BUILTIN_ACCESSOR_A) | 4540 BUILTIN_LIST_DEBUG_A(DEFINE_BUILTIN_ACCESSOR_A) |
| 4543 #undef DEFINE_BUILTIN_ACCESSOR_C | 4541 #undef DEFINE_BUILTIN_ACCESSOR_C |
| 4544 #undef DEFINE_BUILTIN_ACCESSOR_A | 4542 #undef DEFINE_BUILTIN_ACCESSOR_A |
| 4545 | 4543 |
| 4546 | 4544 |
| 4547 } // namespace internal | 4545 } // namespace internal |
| 4548 } // namespace v8 | 4546 } // namespace v8 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1814933002:
Throw the right exceptions from setting elements in Array.prototype.concat (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master