Reviewers: danno,
Description:
Force checking of result on all functions in elements.h that return
MaybeObject*.
Add two missing failure checks found by this.
Please review this at https://chromiumcodereview.appspot.com/10356071/
SVN Base: http://v8.googlecode.com/svn/branches/bleeding_edge/
Affected files:
M src/elements.h
M src/objects.cc
Index: src/elements.h
===================================================================
--- src/elements.h (revision 11528)
+++ src/elements.h (working copy)
@@ -60,18 +60,19 @@
// can optionally pass in the backing store to use for the check, which
must
// be compatible with the ElementsKind of the ElementsAccessor. If
// backing_store is NULL, the holder->elements() is used as the backing
store.
- virtual MaybeObject* Get(Object* receiver,
- JSObject* holder,
- uint32_t key,
- FixedArrayBase* backing_store = NULL) = 0;
+ MUST_USE_RESULT virtual MaybeObject* Get(
+ Object* receiver,
+ JSObject* holder,
+ uint32_t key,
+ FixedArrayBase* backing_store = NULL) = 0;
// Modifies the length data property as specified for JSArrays and
resizes the
// underlying backing store accordingly. The method honors the semantics
of
// changing array sizes as defined in EcmaScript 5.1 15.4.5.2, i.e.
array that
// have non-deletable elements can only be shrunk to the size of highest
// element that is non-deletable.
- virtual MaybeObject* SetLength(JSArray* holder,
- Object* new_length) = 0;
+ MUST_USE_RESULT virtual MaybeObject* SetLength(JSArray* holder,
+ Object* new_length) = 0;
// Modifies both the length and capacity of a JSArray, resizing the
underlying
// backing store as necessary. This method does NOT honor the semantics
of
@@ -79,12 +80,12 @@
// elements. This method should only be called for array expansion OR by
// runtime JavaScript code that use InternalArrays and don't care about
// EcmaScript 5.1 semantics.
- virtual MaybeObject* SetCapacityAndLength(JSArray* array,
+ MUST_USE_RESULT virtual MaybeObject* SetCapacityAndLength(JSArray* array,
int capacity,
int length) = 0;
// Deletes an element in an object, returning a new elements backing
store.
- virtual MaybeObject* Delete(JSObject* holder,
+ MUST_USE_RESULT virtual MaybeObject* Delete(JSObject* holder,
uint32_t key,
JSReceiver::DeleteMode mode) = 0;
@@ -101,26 +102,28 @@
// the source JSObject or JSArray in source_holder. If the holder's
backing
// store is available, it can be passed in source and source_holder is
// ignored.
- virtual MaybeObject* CopyElements(JSObject* source_holder,
- uint32_t source_start,
- FixedArrayBase* destination,
- ElementsKind destination_kind,
- uint32_t destination_start,
- int copy_size,
- FixedArrayBase* source = NULL) = 0;
+ MUST_USE_RESULT virtual MaybeObject* CopyElements(
+ JSObject* source_holder,
+ uint32_t source_start,
+ FixedArrayBase* destination,
+ ElementsKind destination_kind,
+ uint32_t destination_start,
+ int copy_size,
+ FixedArrayBase* source = NULL) = 0;
- MaybeObject* CopyElements(JSObject* from_holder,
- FixedArrayBase* to,
- ElementsKind to_kind,
- FixedArrayBase* from = NULL) {
+ MUST_USE_RESULT MaybeObject* CopyElements(JSObject* from_holder,
+ FixedArrayBase* to,
+ ElementsKind to_kind,
+ FixedArrayBase* from = NULL) {
return CopyElements(from_holder, 0, to, to_kind, 0,
kCopyToEndAndInitializeToHole, from);
}
- virtual MaybeObject* AddElementsToFixedArray(Object* receiver,
- JSObject* holder,
- FixedArray* to,
- FixedArrayBase* from =
NULL) = 0;
+ MUST_USE_RESULT virtual MaybeObject* AddElementsToFixedArray(
+ Object* receiver,
+ JSObject* holder,
+ FixedArray* to,
+ FixedArrayBase* from = NULL) = 0;
// Returns a shared ElementsAccessor for the specified ElementsKind.
static ElementsAccessor* ForKind(ElementsKind elements_kind) {
Index: src/objects.cc
===================================================================
--- src/objects.cc (revision 11528)
+++ src/objects.cc (working copy)
@@ -8621,8 +8621,10 @@
ElementsKind to_kind = (elements_kind == FAST_SMI_ONLY_ELEMENTS)
? FAST_SMI_ONLY_ELEMENTS
: FAST_ELEMENTS;
- // int copy_size = Min(old_elements_raw->length(),
new_elements->length());
- accessor->CopyElements(this, new_elements, to_kind);
+ { MaybeObject* maybe_failure =
+ accessor->CopyElements(this, new_elements, to_kind);
+ if (maybe_failure->IsFailure()) return maybe_failure;
+ }
if (elements_kind != NON_STRICT_ARGUMENTS_ELEMENTS) {
set_map_and_elements(new_map, new_elements);
} else {
@@ -8666,7 +8668,10 @@
FixedArrayBase* old_elements = elements();
ElementsKind elements_kind = GetElementsKind();
ElementsAccessor* accessor = ElementsAccessor::ForKind(elements_kind);
- accessor->CopyElements(this, elems, FAST_DOUBLE_ELEMENTS);
+ { MaybeObject* maybe_failure =
+ accessor->CopyElements(this, elems, FAST_DOUBLE_ELEMENTS);
+ if (maybe_failure->IsFailure()) return maybe_failure;
+ }
if (elements_kind != NON_STRICT_ARGUMENTS_ELEMENTS) {
set_map_and_elements(new_map, elems);
} else {
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
