Skip to content

V
V8
Commit b28f403c authored by fschneider@chromium.org's avatar fschneider@chromium.org
Browse files
Options

Force checking of result on all functions in elements.h that return MaybeObject*. 

Add two missing failure checks found by this.
Review URL: https://chromiumcodereview.appspot.com/10356071

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11530 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
parent 9f04d733
Hide whitespace changes
Inline Side-by-side
Showing with 39 additions and 31 deletions
src/elements.h
View file @ b28f403c
...@@ -60,18 +60,19 @@ class ElementsAccessor { ...@@ -60,18 +60,19 @@ class ElementsAccessor {
// can optionally pass in the backing store to use for the check, which must // can optionally pass in the backing store to use for the check, which must
// be compatible with the ElementsKind of the ElementsAccessor. If // be compatible with the ElementsKind of the ElementsAccessor. If
// backing_store is NULL, the holder->elements() is used as the backing store. // backing_store is NULL, the holder->elements() is used as the backing store.
virtual MaybeObject* Get(Object* receiver, MUST_USE_RESULT virtual MaybeObject* Get(
JSObject* holder, Object* receiver,
uint32_t key, JSObject* holder,
FixedArrayBase* backing_store = NULL) = 0; uint32_t key,
FixedArrayBase* backing_store = NULL) = 0;
// Modifies the length data property as specified for JSArrays and resizes the // Modifies the length data property as specified for JSArrays and resizes the
// underlying backing store accordingly. The method honors the semantics of // underlying backing store accordingly. The method honors the semantics of
// changing array sizes as defined in EcmaScript 5.1 15.4.5.2, i.e. array that // changing array sizes as defined in EcmaScript 5.1 15.4.5.2, i.e. array that
// have non-deletable elements can only be shrunk to the size of highest // have non-deletable elements can only be shrunk to the size of highest
// element that is non-deletable. // element that is non-deletable.
virtual MaybeObject* SetLength(JSArray* holder, MUST_USE_RESULT virtual MaybeObject* SetLength(JSArray* holder,
Object* new_length) = 0; Object* new_length) = 0;
// Modifies both the length and capacity of a JSArray, resizing the underlying // Modifies both the length and capacity of a JSArray, resizing the underlying
// backing store as necessary. This method does NOT honor the semantics of // backing store as necessary. This method does NOT honor the semantics of
...@@ -79,14 +80,14 @@ class ElementsAccessor { ...@@ -79,14 +80,14 @@ class ElementsAccessor {
// elements. This method should only be called for array expansion OR by // elements. This method should only be called for array expansion OR by
// runtime JavaScript code that use InternalArrays and don't care about // runtime JavaScript code that use InternalArrays and don't care about
// EcmaScript 5.1 semantics. // EcmaScript 5.1 semantics.
virtual MaybeObject* SetCapacityAndLength(JSArray* array, MUST_USE_RESULT virtual MaybeObject* SetCapacityAndLength(JSArray* array,
int capacity, int capacity,
int length) = 0; int length) = 0;
// Deletes an element in an object, returning a new elements backing store. // Deletes an element in an object, returning a new elements backing store.
virtual MaybeObject* Delete(JSObject* holder, MUST_USE_RESULT virtual MaybeObject* Delete(JSObject* holder,
uint32_t key, uint32_t key,
JSReceiver::DeleteMode mode) = 0; JSReceiver::DeleteMode mode) = 0;
// If kCopyToEnd is specified as the copy_size to CopyElements, it copies all // If kCopyToEnd is specified as the copy_size to CopyElements, it copies all
// of elements from source after source_start to the destination array. // of elements from source after source_start to the destination array.
...@@ -101,26 +102,28 @@ class ElementsAccessor { ...@@ -101,26 +102,28 @@ class ElementsAccessor {
// the source JSObject or JSArray in source_holder. If the holder's backing // the source JSObject or JSArray in source_holder. If the holder's backing
// store is available, it can be passed in source and source_holder is // store is available, it can be passed in source and source_holder is
// ignored. // ignored.
virtual MaybeObject* CopyElements(JSObject* source_holder, MUST_USE_RESULT virtual MaybeObject* CopyElements(
uint32_t source_start, JSObject* source_holder,
FixedArrayBase* destination, uint32_t source_start,
ElementsKind destination_kind, FixedArrayBase* destination,
uint32_t destination_start, ElementsKind destination_kind,
int copy_size, uint32_t destination_start,
FixedArrayBase* source = NULL) = 0; int copy_size,
FixedArrayBase* source = NULL) = 0;
MaybeObject* CopyElements(JSObject* from_holder,
FixedArrayBase* to, MUST_USE_RESULT MaybeObject* CopyElements(JSObject* from_holder,
ElementsKind to_kind, FixedArrayBase* to,
FixedArrayBase* from = NULL) { ElementsKind to_kind,
FixedArrayBase* from = NULL) {
return CopyElements(from_holder, 0, to, to_kind, 0, return CopyElements(from_holder, 0, to, to_kind, 0,
kCopyToEndAndInitializeToHole, from); kCopyToEndAndInitializeToHole, from);
} }
virtual MaybeObject* AddElementsToFixedArray(Object* receiver, MUST_USE_RESULT virtual MaybeObject* AddElementsToFixedArray(
JSObject* holder, Object* receiver,
FixedArray* to, JSObject* holder,
FixedArrayBase* from = NULL) = 0; FixedArray* to,
FixedArrayBase* from = NULL) = 0;
// Returns a shared ElementsAccessor for the specified ElementsKind. // Returns a shared ElementsAccessor for the specified ElementsKind.
static ElementsAccessor* ForKind(ElementsKind elements_kind) { static ElementsAccessor* ForKind(ElementsKind elements_kind) {
......
src/objects.cc
View file @ b28f403c
...@@ -8621,8 +8621,10 @@ MaybeObject* JSObject::SetFastElementsCapacityAndLength( ...@@ -8621,8 +8621,10 @@ MaybeObject* JSObject::SetFastElementsCapacityAndLength(
ElementsKind to_kind = (elements_kind == FAST_SMI_ONLY_ELEMENTS) ElementsKind to_kind = (elements_kind == FAST_SMI_ONLY_ELEMENTS)
? FAST_SMI_ONLY_ELEMENTS ? FAST_SMI_ONLY_ELEMENTS
: FAST_ELEMENTS; : FAST_ELEMENTS;
// int copy_size = Min(old_elements_raw->length(), new_elements->length()); { MaybeObject* maybe_obj =
accessor->CopyElements(this, new_elements, to_kind); accessor->CopyElements(this, new_elements, to_kind);
if (maybe_obj->IsFailure()) return maybe_obj;
}
if (elements_kind != NON_STRICT_ARGUMENTS_ELEMENTS) { if (elements_kind != NON_STRICT_ARGUMENTS_ELEMENTS) {
set_map_and_elements(new_map, new_elements); set_map_and_elements(new_map, new_elements);
} else { } else {
...@@ -8666,7 +8668,10 @@ MaybeObject* JSObject::SetFastDoubleElementsCapacityAndLength( ...@@ -8666,7 +8668,10 @@ MaybeObject* JSObject::SetFastDoubleElementsCapacityAndLength(
FixedArrayBase* old_elements = elements(); FixedArrayBase* old_elements = elements();
ElementsKind elements_kind = GetElementsKind(); ElementsKind elements_kind = GetElementsKind();
ElementsAccessor* accessor = ElementsAccessor::ForKind(elements_kind); ElementsAccessor* accessor = ElementsAccessor::ForKind(elements_kind);
accessor->CopyElements(this, elems, FAST_DOUBLE_ELEMENTS); { MaybeObject* maybe_obj =
accessor->CopyElements(this, elems, FAST_DOUBLE_ELEMENTS);
if (maybe_obj->IsFailure()) return maybe_obj;
}
if (elements_kind != NON_STRICT_ARGUMENTS_ELEMENTS) { if (elements_kind != NON_STRICT_ARGUMENTS_ELEMENTS) {
set_map_and_elements(new_map, elems); set_map_and_elements(new_map, elems);
} else { } else {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment