BASELINE: Update Chromium to 106.0.5249.126

Change-Id: Ib0bb21c437a7d1686e21c33f2d329f2ac425b7ab Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/438936 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
author: Allan Sandfeld Jensen <allan.jensen@qt.io> 2022-09-29 16:16:15 +0200
committer: Allan Sandfeld Jensen <allan.jensen@qt.io> 2022-11-09 10:04:06 +0000
commit: a95a7417ad456115a1ef2da4bb8320531c0821f1 (patch)
tree: edcd59279e486d2fd4a8f88a7ed025bcf925c6e6 /chromium/v8/src/builtins/builtins-shared-array.cc
parent: 33fc33aa94d4add0878ec30dc818e34e1dd3cc2a (diff)
download: qtwebengine-chromium-a95a7417ad456115a1ef2da4bb8320531c0821f1.tar.gz
1 files changed, 49 insertions, 0 deletions
diff --git a/chromium/v8/src/builtins/builtins-shared-array.cc b/chromium/v8/src/builtins/builtins-shared-array.cc
new file mode 100644
index 00000000000..d1f0e4250e8
--- /dev/null
+++ b/chromium/v8/src/builtins/builtins-shared-array.cc
@@ -0,0 +1,49 @@
+// Copyright 2022 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "src/builtins/accessors.h"
+#include "src/builtins/builtins-utils-inl.h"
+#include "src/objects/js-shared-array-inl.h"
+
+namespace v8 {
+namespace internal {
+
+// We cannot allocate large objects with |AllocationType::kSharedOld|,
+// see |HeapAllocator::AllocateRawLargeInternal|.
+constexpr int kMaxJSSharedArraySize = (1 << 14) - 2;
+static_assert(FixedArray::SizeFor(kMaxJSSharedArraySize) <=
+              kMaxRegularHeapObjectSize);
+
+BUILTIN(SharedArrayConstructor) {
+  DCHECK(FLAG_shared_string_table);
+
+  HandleScope scope(isolate);
+  auto* factory = isolate->factory();
+
+  Handle<Object> length_arg = args.atOrUndefined(isolate, 1);
+  Handle<Object> length_number;
+  ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, length_number,
+                                     Object::ToInteger(isolate, length_arg));
+  if (!length_number->IsSmi()) {
+    THROW_NEW_ERROR_RETURN_FAILURE(
+        isolate, NewRangeError(MessageTemplate::kSharedArraySizeOutOfRange));
+  }
+
+  int length = Handle<Smi>::cast(length_number)->value();
+  if (length < 0 || length > kMaxJSSharedArraySize) {
+    THROW_NEW_ERROR_RETURN_FAILURE(
+        isolate, NewRangeError(MessageTemplate::kSharedArraySizeOutOfRange));
+  }
+
+  Handle<FixedArrayBase> storage =
+      factory->NewFixedArray(length, AllocationType::kSharedOld);
+  Handle<JSSharedArray> instance = Handle<JSSharedArray>::cast(
+      factory->NewJSObject(args.target(), AllocationType::kSharedOld));
+  instance->set_elements(*storage);
+
+  return *instance;
+}
+
+}  // namespace internal
+}  // namespace v8
author	Allan Sandfeld Jensen <allan.jensen@qt.io>	2022-09-29 16:16:15 +0200
committer	Allan Sandfeld Jensen <allan.jensen@qt.io>	2022-11-09 10:04:06 +0000
commit	a95a7417ad456115a1ef2da4bb8320531c0821f1 (patch)
tree	edcd59279e486d2fd4a8f88a7ed025bcf925c6e6 /chromium/v8/src/builtins/builtins-shared-array.cc
parent	33fc33aa94d4add0878ec30dc818e34e1dd3cc2a (diff)
download	qtwebengine-chromium-a95a7417ad456115a1ef2da4bb8320531c0821f1.tar.gz