Handle Object.observe notifications for setting Array.length

src/accessors.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 77 matching lines @@
   JSValue* wrapper = JSValue::cast(value);
   ASSERT(Isolate::Current()->context()->native_context()->number_function()->
       has_initial_map());
   Map* number_map = Isolate::Current()->context()->native_context()->
       number_function()->initial_map();
   if (wrapper->map() == number_map) return wrapper->value();
   return value;
 }
 
 
+static MaybeObject* ArraySetLengthObserved(Isolate* isolate,
+                                           Handle<JSArray> array,
+                                           Handle<Object> new_length_handle) {
+  List<Handle<String> > indices;
+  List<Handle<Object> > old_values;
+  Handle<Object> old_length_handle(array->length(), isolate);
+  uint32_t old_length;
+  CHECK(old_length_handle->ToArrayIndex(&old_length));
+  uint32_t new_length;
+  CHECK(new_length_handle->ToArrayIndex(&new_length));
+  for (uint32_t len = old_length; len > new_length; --len) {

[rossberg, 2012/11/08 14:56:28]

If you want to avoid the off-by-one nuisance below, I think you could make this

for (uint32_t len = old_length-1; len+1 > new_length; --len)

[adamk, 2012/11/08 15:11:23]

Nope: first of all, need to add an if statement now to check that old_length >
0. And even then, this won't terminate if new_length is 0. The last time
through, len will be 0, so len + 1 is 1. Then on the last iteration, --len is
2^32.

[rossberg, 2012/11/08 15:16:12]

Note the +1. ;)

+    PropertyAttributes attributes = array->GetLocalElementAttribute(len - 1);
+    if (attributes == ABSENT) continue;
+    // A non-configurable property will cause the truncation operation to
+    // stop at this index.
+    if (attributes == DONT_DELETE) break;
+    // TODO(adamk): Don't fetch the old value if it's an accessor.
+    old_values.Add(Object::GetElement(array, len - 1));
+    indices.Add(isolate->factory()->Uint32ToString(len - 1));
+  }
+
+  MaybeObject* result = array->SetElementsLength(*new_length_handle);
+  Handle<Object> hresult;
+  if (!result->ToHandle(&hresult)) return result;
+
+  CHECK(array->length()->ToArrayIndex(&new_length));
+  if (old_length != new_length) {
+    for (int i = 0; i < indices.length(); ++i) {
+      JSObject::EnqueueChangeRecord(
+          array, "deleted", indices[i], old_values[i]);
+    }
+    JSObject::EnqueueChangeRecord(
+        array, "updated", isolate->factory()->length_symbol(),
+        old_length_handle);
+  }
+  return *hresult;
+}
+
+
 MaybeObject* Accessors::ArraySetLength(JSObject* object, Object* value, void*) {
   Isolate* isolate = object->GetIsolate();
 
   // This means one of the object's prototypes is a JSArray and the
   // object does not have a 'length' property.  Calling SetProperty
   // causes an infinite loop.
   if (!object->IsJSArray()) {
     return object->SetLocalPropertyIgnoreAttributes(
         isolate->heap()->length_symbol(), value, NONE);
   }
 
   value = FlattenNumber(value);
 
   // Need to call methods that may trigger GC.
   HandleScope scope(isolate);
 
   // Protect raw pointers.
-  Handle<JSObject> object_handle(object, isolate);
+  Handle<JSArray> array_handle(JSArray::cast(object), isolate);
   Handle<Object> value_handle(value, isolate);
 
   bool has_exception;
   Handle<Object> uint32_v = Execution::ToUint32(value_handle, &has_exception);
   if (has_exception) return Failure::Exception();
   Handle<Object> number_v = Execution::ToNumber(value_handle, &has_exception);
   if (has_exception) return Failure::Exception();
 
   if (uint32_v->Number() == number_v->Number()) {
-    return Handle<JSArray>::cast(object_handle)->SetElementsLength(*uint32_v);
+    if (FLAG_harmony_observation && array_handle->map()->is_observed()) {
+      return ArraySetLengthObserved(isolate, array_handle, uint32_v);
+    } else {
+      return array_handle->SetElementsLength(*uint32_v);
+    }
   }
   return isolate->Throw(
       *isolate->factory()->NewRangeError("invalid_array_length",
                                          HandleVector<Object>(NULL, 0)));
 }
 
 
 const AccessorDescriptor Accessors::ArrayLength = {
   ArrayGetLength,
   ArraySetLength,
@@ skipping 712 matching lines @@
   info->set_data(Smi::FromInt(index));
   Handle<Object> getter = v8::FromCData(&ModuleGetExport);
   Handle<Object> setter = v8::FromCData(&ModuleSetExport);
   info->set_getter(*getter);
   if (!(attributes & ReadOnly)) info->set_setter(*setter);
   return info;
 }
 
 
 } }  // namespace v8::internal