Array.prototype.concat result length (ES5.1)
Mark S. Miller
erights at google.com
Thu Jul 14 14:14:51 PDT 2011
Would we just be postponing all those same edge cases from 2**32 to 2**53?
On Thu, Jul 14, 2011 at 1:54 PM, Brendan Eich <brendan at mozilla.com> wrote:
> On Jul 14, 2011, at 12:35 PM, Allen Wirfs-Brock wrote:
> > What about the possibility of simply eliminating the range error and the
> Uint32 restriction on the association between array indexed properties and
> the "length" property. Instead replace it with a ToInteger constraint.
> This is essentially how string operations are defined. Implementations
> could still optimize for lengths <2^32 and or any other size they deemed
> I would prefer that. Jeff may agree.
> The uint32 business from ES1 days never paid off beyond allowing certain
> storage optimizations, and even then many (most?) engines do not optimize
> uint32 values. It was a flop on the optimization front, but it sure requires
> extra code in Array's implementation.
> ToInteger matches string and makes full use of the integral domain in the
> number type.
> The edge-case nature of this change suggests we could get away with it,
> even though it's an incompatible change. But we need to be careful that
> we're not turning errors into working code that could be exploited somehow.
> Again there is no memory safety issue, rather "index safety".
> es-discuss mailing list
> es-discuss at mozilla.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the es-discuss