src/builtins/builtins-arraybuffer.cc - v8/v8.git - Git at Google

 // Copyright 2016 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "src/builtins/builtins-utils.h"
 #include "src/builtins/builtins.h"
 #include "src/conversions.h"
 #include "src/counters.h"
 #include "src/maybe-handles-inl.h"
 #include "src/objects-inl.h"
 #include "src/objects/js-array-inl.h"

 namespace v8 {
 namespace internal {

 #define CHECK_SHARED(expected, name, method)                                \
   if (name->is_shared() != expected) {                                      \
     THROW_NEW_ERROR_RETURN_FAILURE(                                         \
         isolate,                                                            \
         NewTypeError(MessageTemplate::kIncompatibleMethodReceiver,          \
                      isolate->factory()->NewStringFromAsciiChecked(method), \
                      name));                                                \
   }

 // -----------------------------------------------------------------------------
 // ES6 section 21.1 ArrayBuffer Objects

 namespace {

 Object* ConstructBuffer(Isolate* isolate, Handle<JSFunction> target,
                         Handle<JSReceiver> new_target, Handle<Object> length,
                         bool initialize) {
   Handle<JSObject> result;
   ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, result,
                                      JSObject::New(target, new_target));
   size_t byte_length;
   if (!TryNumberToSize(*length, &byte_length)) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewRangeError(MessageTemplate::kInvalidArrayBufferLength));
   }
   SharedFlag shared_flag =
       (*target == target->native_context()->array_buffer_fun())
           ? SharedFlag::kNotShared
           : SharedFlag::kShared;
   if (!JSArrayBuffer::SetupAllocatingData(Handle<JSArrayBuffer>::cast(result),
                                           isolate, byte_length, initialize,
                                           shared_flag)) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewRangeError(MessageTemplate::kArrayBufferAllocationFailed));
   }
   return *result;
 }

 }  // namespace

 // ES #sec-arraybuffer-constructor
 BUILTIN(ArrayBufferConstructor) {
   HandleScope scope(isolate);
   Handle<JSFunction> target = args.target();
   DCHECK(*target == target->native_context()->array_buffer_fun() ||
          *target == target->native_context()->shared_array_buffer_fun());
   if (args.new_target()->IsUndefined(isolate)) {  // [[Call]]
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewTypeError(MessageTemplate::kConstructorNotFunction,
                               handle(target->shared()->Name(), isolate)));
   } else {  // [[Construct]]
     Handle<JSReceiver> new_target = Handle<JSReceiver>::cast(args.new_target());
     Handle<Object> length = args.atOrUndefined(isolate, 1);

     Handle<Object> number_length;
     ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, number_length,
                                        Object::ToInteger(isolate, length));
     if (number_length->Number() < 0.0) {
       THROW_NEW_ERROR_RETURN_FAILURE(
           isolate, NewRangeError(MessageTemplate::kInvalidArrayBufferLength));
     }

     return ConstructBuffer(isolate, target, new_target, number_length, true);
   }
 }

 // This is a helper to construct an ArrayBuffer with uinitialized memory.
 // This means the caller must ensure the buffer is totally initialized in
 // all cases, or we will expose uinitialized memory to user code.
 BUILTIN(ArrayBufferConstructor_DoNotInitialize) {
   HandleScope scope(isolate);
   Handle<JSFunction> target(isolate->native_context()->array_buffer_fun(),
                             isolate);
   Handle<Object> length = args.atOrUndefined(isolate, 1);
   return ConstructBuffer(isolate, target, target, length, false);
 }

 // ES6 section 24.1.4.1 get ArrayBuffer.prototype.byteLength
 BUILTIN(ArrayBufferPrototypeGetByteLength) {
   const char* const kMethodName = "get ArrayBuffer.prototype.byteLength";
   HandleScope scope(isolate);
   CHECK_RECEIVER(JSArrayBuffer, array_buffer, kMethodName);
   CHECK_SHARED(false, array_buffer, kMethodName);
   // TODO(franzih): According to the ES6 spec, we should throw a TypeError
   // here if the JSArrayBuffer is detached.
   return array_buffer->byte_length();
 }

 // ES7 sharedmem 6.3.4.1 get SharedArrayBuffer.prototype.byteLength
 BUILTIN(SharedArrayBufferPrototypeGetByteLength) {
   const char* const kMethodName = "get SharedArrayBuffer.prototype.byteLength";
   HandleScope scope(isolate);
   CHECK_RECEIVER(JSArrayBuffer, array_buffer,
                  "get SharedArrayBuffer.prototype.byteLength");
   CHECK_SHARED(true, array_buffer, kMethodName);
   return array_buffer->byte_length();
 }

 // ES6 section 24.1.3.1 ArrayBuffer.isView ( arg )
 BUILTIN(ArrayBufferIsView) {
   SealHandleScope shs(isolate);
   DCHECK_EQ(2, args.length());
   Object* arg = args[1];
   return isolate->heap()->ToBoolean(arg->IsJSArrayBufferView());
 }

 static Object* SliceHelper(BuiltinArguments args, Isolate* isolate,
                            const char* kMethodName, bool is_shared) {
   HandleScope scope(isolate);
   Handle<Object> start = args.at(1);
   Handle<Object> end = args.atOrUndefined(isolate, 2);

   // * If Type(O) is not Object, throw a TypeError exception.
   // * If O does not have an [[ArrayBufferData]] internal slot, throw a
   //   TypeError exception.
   CHECK_RECEIVER(JSArrayBuffer, array_buffer, kMethodName);
   // * [AB] If IsSharedArrayBuffer(O) is true, throw a TypeError exception.
   // * [SAB] If IsSharedArrayBuffer(O) is false, throw a TypeError exception.
   CHECK_SHARED(is_shared, array_buffer, kMethodName);

   // * [AB] If IsDetachedBuffer(buffer) is true, throw a TypeError exception.
   if (!is_shared && array_buffer->was_neutered()) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewTypeError(MessageTemplate::kDetachedOperation,
                               isolate->factory()->NewStringFromAsciiChecked(
                                   kMethodName)));
   }

   // * [AB] Let len be O.[[ArrayBufferByteLength]].
   // * [SAB] Let len be O.[[ArrayBufferByteLength]].
   double const len = array_buffer->byte_length()->Number();

   // * Let relativeStart be ? ToInteger(start).
   Handle<Object> relative_start;
   ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, relative_start,
                                      Object::ToInteger(isolate, start));

   // * If relativeStart < 0, let first be max((len + relativeStart), 0); else
   //   let first be min(relativeStart, len).
   double const first = (relative_start->Number() < 0)
                            ? Max(len + relative_start->Number(), 0.0)
                            : Min(relative_start->Number(), len);
   Handle<Object> first_obj = isolate->factory()->NewNumber(first);

   // * If end is undefined, let relativeEnd be len; else let relativeEnd be ?
   //   ToInteger(end).
   double relative_end;
   if (end->IsUndefined(isolate)) {
     relative_end = len;
   } else {
     Handle<Object> relative_end_obj;
     ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, relative_end_obj,
                                        Object::ToInteger(isolate, end));
     relative_end = relative_end_obj->Number();
   }

   // * If relativeEnd < 0, let final be max((len + relativeEnd), 0); else let
   //   final be min(relativeEnd, len).
   double const final_ = (relative_end < 0) ? Max(len + relative_end, 0.0)
                                            : Min(relative_end, len);

   // * Let newLen be max(final-first, 0).
   double const new_len = Max(final_ - first, 0.0);
   Handle<Object> new_len_obj = isolate->factory()->NewNumber(new_len);

   // * [AB] Let ctor be ? SpeciesConstructor(O, %ArrayBuffer%).
   // * [SAB] Let ctor be ? SpeciesConstructor(O, %SharedArrayBuffer%).
   Handle<JSFunction> constructor_fun = is_shared
                                            ? isolate->shared_array_buffer_fun()
                                            : isolate->array_buffer_fun();
   Handle<Object> ctor;
   ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
       isolate, ctor,
       Object::SpeciesConstructor(
           isolate, Handle<JSReceiver>::cast(args.receiver()), constructor_fun));

   // * Let new be ? Construct(ctor, newLen).
   Handle<JSReceiver> new_;
   {
     const int argc = 1;

     ScopedVector<Handle<Object>> argv(argc);
     argv[0] = new_len_obj;

     Handle<Object> new_obj;
     ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
         isolate, new_obj, Execution::New(isolate, ctor, argc, argv.start()));

     new_ = Handle<JSReceiver>::cast(new_obj);
   }

   // * If new does not have an [[ArrayBufferData]] internal slot, throw a
   //   TypeError exception.
   if (!new_->IsJSArrayBuffer()) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate,
         NewTypeError(MessageTemplate::kIncompatibleMethodReceiver,
                      isolate->factory()->NewStringFromAsciiChecked(kMethodName),
                      new_));
   }

   // * [AB] If IsSharedArrayBuffer(new) is true, throw a TypeError exception.
   // * [SAB] If IsSharedArrayBuffer(new) is false, throw a TypeError exception.
   Handle<JSArrayBuffer> new_array_buffer = Handle<JSArrayBuffer>::cast(new_);
   CHECK_SHARED(is_shared, new_array_buffer, kMethodName);

   // * [AB] If IsDetachedBuffer(new) is true, throw a TypeError exception.
   if (!is_shared && new_array_buffer->was_neutered()) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewTypeError(MessageTemplate::kDetachedOperation,
                               isolate->factory()->NewStringFromAsciiChecked(
                                   kMethodName)));
   }

   // * [AB] If SameValue(new, O) is true, throw a TypeError exception.
   if (!is_shared && new_->SameValue(*args.receiver())) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewTypeError(MessageTemplate::kArrayBufferSpeciesThis));
   }

   // * [SAB] If new.[[ArrayBufferData]] and O.[[ArrayBufferData]] are the same
   //         Shared Data Block values, throw a TypeError exception.
   if (is_shared &&
       new_array_buffer->backing_store() == array_buffer->backing_store()) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewTypeError(MessageTemplate::kSharedArrayBufferSpeciesThis));
   }

   // * If new.[[ArrayBufferByteLength]] < newLen, throw a TypeError exception.
   if (new_array_buffer->byte_length()->Number() < new_len) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate,
         NewTypeError(is_shared ? MessageTemplate::kSharedArrayBufferTooShort
                                : MessageTemplate::kArrayBufferTooShort));
   }

   // * [AB] NOTE: Side-effects of the above steps may have detached O.
   // * [AB] If IsDetachedBuffer(O) is true, throw a TypeError exception.
   if (!is_shared && array_buffer->was_neutered()) {
     THROW_NEW_ERROR_RETURN_FAILURE(
         isolate, NewTypeError(MessageTemplate::kDetachedOperation,
                               isolate->factory()->NewStringFromAsciiChecked(
                                   kMethodName)));
   }

   // * Let fromBuf be O.[[ArrayBufferData]].
   // * Let toBuf be new.[[ArrayBufferData]].
   // * Perform CopyDataBlockBytes(toBuf, 0, fromBuf, first, newLen).
   size_t first_size = 0, new_len_size = 0;
   CHECK(TryNumberToSize(*first_obj, &first_size));
   CHECK(TryNumberToSize(*new_len_obj, &new_len_size));
   DCHECK(NumberToSize(new_array_buffer->byte_length()) >= new_len_size);

   if (new_len_size != 0) {
     size_t from_byte_length = NumberToSize(array_buffer->byte_length());
     USE(from_byte_length);
     DCHECK(first_size <= from_byte_length);
     DCHECK(from_byte_length - first_size >= new_len_size);
     uint8_t* from_data =
         reinterpret_cast<uint8_t*>(array_buffer->backing_store());
     uint8_t* to_data =
         reinterpret_cast<uint8_t*>(new_array_buffer->backing_store());
     CopyBytes(to_data, from_data + first_size, new_len_size);
   }

   return *new_;
 }

 // ES #sec-sharedarraybuffer.prototype.slice
 BUILTIN(SharedArrayBufferPrototypeSlice) {
   const char* const kMethodName = "SharedArrayBuffer.prototype.slice";
   return SliceHelper(args, isolate, kMethodName, true);
 }

 // ES #sec-arraybuffer.prototype.slice
 // ArrayBuffer.prototype.slice ( start, end )
 BUILTIN(ArrayBufferPrototypeSlice) {
   const char* const kMethodName = "ArrayBuffer.prototype.slice";
   return SliceHelper(args, isolate, kMethodName, false);
 }

 }  // namespace internal
 }  // namespace v8
	// Copyright 2016 the V8 project authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "src/builtins/builtins-utils.h"
	#include "src/builtins/builtins.h"
	#include "src/conversions.h"
	#include "src/counters.h"
	#include "src/maybe-handles-inl.h"
	#include "src/objects-inl.h"
	#include "src/objects/js-array-inl.h"

	namespace v8 {
	namespace internal {

	#define CHECK_SHARED(expected, name, method) \
	if (name->is_shared() != expected) { \
	THROW_NEW_ERROR_RETURN_FAILURE( \
	isolate, \
	NewTypeError(MessageTemplate::kIncompatibleMethodReceiver, \
	isolate->factory()->NewStringFromAsciiChecked(method), \
	name)); \
	}

	// -----------------------------------------------------------------------------
	// ES6 section 21.1 ArrayBuffer Objects

	namespace {

	Object* ConstructBuffer(Isolate* isolate, Handle<JSFunction> target,
	Handle<JSReceiver> new_target, Handle<Object> length,
	bool initialize) {
	Handle<JSObject> result;
	ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, result,
	JSObject::New(target, new_target));
	size_t byte_length;
	if (!TryNumberToSize(*length, &byte_length)) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewRangeError(MessageTemplate::kInvalidArrayBufferLength));
	}
	SharedFlag shared_flag =
	(*target == target->native_context()->array_buffer_fun())
	? SharedFlag::kNotShared
	: SharedFlag::kShared;
	if (!JSArrayBuffer::SetupAllocatingData(Handle<JSArrayBuffer>::cast(result),
	isolate, byte_length, initialize,
	shared_flag)) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewRangeError(MessageTemplate::kArrayBufferAllocationFailed));
	}
	return *result;
	}

	} // namespace

	// ES #sec-arraybuffer-constructor
	BUILTIN(ArrayBufferConstructor) {
	HandleScope scope(isolate);
	Handle<JSFunction> target = args.target();
	DCHECK(*target == target->native_context()->array_buffer_fun() \|\|
	*target == target->native_context()->shared_array_buffer_fun());
	if (args.new_target()->IsUndefined(isolate)) { // [[Call]]
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewTypeError(MessageTemplate::kConstructorNotFunction,
	handle(target->shared()->Name(), isolate)));
	} else { // [[Construct]]
	Handle<JSReceiver> new_target = Handle<JSReceiver>::cast(args.new_target());
	Handle<Object> length = args.atOrUndefined(isolate, 1);

	Handle<Object> number_length;
	ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, number_length,
	Object::ToInteger(isolate, length));
	if (number_length->Number() < 0.0) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewRangeError(MessageTemplate::kInvalidArrayBufferLength));
	}

	return ConstructBuffer(isolate, target, new_target, number_length, true);
	}
	}

	// This is a helper to construct an ArrayBuffer with uinitialized memory.
	// This means the caller must ensure the buffer is totally initialized in
	// all cases, or we will expose uinitialized memory to user code.
	BUILTIN(ArrayBufferConstructor_DoNotInitialize) {
	HandleScope scope(isolate);
	Handle<JSFunction> target(isolate->native_context()->array_buffer_fun(),
	isolate);
	Handle<Object> length = args.atOrUndefined(isolate, 1);
	return ConstructBuffer(isolate, target, target, length, false);
	}

	// ES6 section 24.1.4.1 get ArrayBuffer.prototype.byteLength
	BUILTIN(ArrayBufferPrototypeGetByteLength) {
	const char* const kMethodName = "get ArrayBuffer.prototype.byteLength";
	HandleScope scope(isolate);
	CHECK_RECEIVER(JSArrayBuffer, array_buffer, kMethodName);
	CHECK_SHARED(false, array_buffer, kMethodName);
	// TODO(franzih): According to the ES6 spec, we should throw a TypeError
	// here if the JSArrayBuffer is detached.
	return array_buffer->byte_length();
	}

	// ES7 sharedmem 6.3.4.1 get SharedArrayBuffer.prototype.byteLength
	BUILTIN(SharedArrayBufferPrototypeGetByteLength) {
	const char* const kMethodName = "get SharedArrayBuffer.prototype.byteLength";
	HandleScope scope(isolate);
	CHECK_RECEIVER(JSArrayBuffer, array_buffer,
	"get SharedArrayBuffer.prototype.byteLength");
	CHECK_SHARED(true, array_buffer, kMethodName);
	return array_buffer->byte_length();
	}

	// ES6 section 24.1.3.1 ArrayBuffer.isView ( arg )
	BUILTIN(ArrayBufferIsView) {
	SealHandleScope shs(isolate);
	DCHECK_EQ(2, args.length());
	Object* arg = args[1];
	return isolate->heap()->ToBoolean(arg->IsJSArrayBufferView());
	}

	static Object* SliceHelper(BuiltinArguments args, Isolate* isolate,
	const char* kMethodName, bool is_shared) {
	HandleScope scope(isolate);
	Handle<Object> start = args.at(1);
	Handle<Object> end = args.atOrUndefined(isolate, 2);

	// * If Type(O) is not Object, throw a TypeError exception.
	// * If O does not have an [[ArrayBufferData]] internal slot, throw a
	// TypeError exception.
	CHECK_RECEIVER(JSArrayBuffer, array_buffer, kMethodName);
	// * [AB] If IsSharedArrayBuffer(O) is true, throw a TypeError exception.
	// * [SAB] If IsSharedArrayBuffer(O) is false, throw a TypeError exception.
	CHECK_SHARED(is_shared, array_buffer, kMethodName);

	// * [AB] If IsDetachedBuffer(buffer) is true, throw a TypeError exception.
	if (!is_shared && array_buffer->was_neutered()) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewTypeError(MessageTemplate::kDetachedOperation,
	isolate->factory()->NewStringFromAsciiChecked(
	kMethodName)));
	}

	// * [AB] Let len be O.[[ArrayBufferByteLength]].
	// * [SAB] Let len be O.[[ArrayBufferByteLength]].
	double const len = array_buffer->byte_length()->Number();

	// * Let relativeStart be ? ToInteger(start).
	Handle<Object> relative_start;
	ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, relative_start,
	Object::ToInteger(isolate, start));

	// * If relativeStart < 0, let first be max((len + relativeStart), 0); else
	// let first be min(relativeStart, len).
	double const first = (relative_start->Number() < 0)
	? Max(len + relative_start->Number(), 0.0)
	: Min(relative_start->Number(), len);
	Handle<Object> first_obj = isolate->factory()->NewNumber(first);

	// * If end is undefined, let relativeEnd be len; else let relativeEnd be ?
	// ToInteger(end).
	double relative_end;
	if (end->IsUndefined(isolate)) {
	relative_end = len;
	} else {
	Handle<Object> relative_end_obj;
	ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, relative_end_obj,
	Object::ToInteger(isolate, end));
	relative_end = relative_end_obj->Number();
	}

	// * If relativeEnd < 0, let final be max((len + relativeEnd), 0); else let
	// final be min(relativeEnd, len).
	double const final_ = (relative_end < 0) ? Max(len + relative_end, 0.0)
	: Min(relative_end, len);

	// * Let newLen be max(final-first, 0).
	double const new_len = Max(final_ - first, 0.0);
	Handle<Object> new_len_obj = isolate->factory()->NewNumber(new_len);

	// * [AB] Let ctor be ? SpeciesConstructor(O, %ArrayBuffer%).
	// * [SAB] Let ctor be ? SpeciesConstructor(O, %SharedArrayBuffer%).
	Handle<JSFunction> constructor_fun = is_shared
	? isolate->shared_array_buffer_fun()
	: isolate->array_buffer_fun();
	Handle<Object> ctor;
	ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
	isolate, ctor,
	Object::SpeciesConstructor(
	isolate, Handle<JSReceiver>::cast(args.receiver()), constructor_fun));

	// * Let new be ? Construct(ctor, newLen).
	Handle<JSReceiver> new_;
	{
	const int argc = 1;

	ScopedVector<Handle<Object>> argv(argc);
	argv[0] = new_len_obj;

	Handle<Object> new_obj;
	ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
	isolate, new_obj, Execution::New(isolate, ctor, argc, argv.start()));

	new_ = Handle<JSReceiver>::cast(new_obj);
	}

	// * If new does not have an [[ArrayBufferData]] internal slot, throw a
	// TypeError exception.
	if (!new_->IsJSArrayBuffer()) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate,
	NewTypeError(MessageTemplate::kIncompatibleMethodReceiver,
	isolate->factory()->NewStringFromAsciiChecked(kMethodName),
	new_));
	}

	// * [AB] If IsSharedArrayBuffer(new) is true, throw a TypeError exception.
	// * [SAB] If IsSharedArrayBuffer(new) is false, throw a TypeError exception.
	Handle<JSArrayBuffer> new_array_buffer = Handle<JSArrayBuffer>::cast(new_);
	CHECK_SHARED(is_shared, new_array_buffer, kMethodName);

	// * [AB] If IsDetachedBuffer(new) is true, throw a TypeError exception.
	if (!is_shared && new_array_buffer->was_neutered()) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewTypeError(MessageTemplate::kDetachedOperation,
	isolate->factory()->NewStringFromAsciiChecked(
	kMethodName)));
	}

	// * [AB] If SameValue(new, O) is true, throw a TypeError exception.
	if (!is_shared && new_->SameValue(*args.receiver())) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewTypeError(MessageTemplate::kArrayBufferSpeciesThis));
	}

	// * [SAB] If new.[[ArrayBufferData]] and O.[[ArrayBufferData]] are the same
	// Shared Data Block values, throw a TypeError exception.
	if (is_shared &&
	new_array_buffer->backing_store() == array_buffer->backing_store()) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewTypeError(MessageTemplate::kSharedArrayBufferSpeciesThis));
	}

	// * If new.[[ArrayBufferByteLength]] < newLen, throw a TypeError exception.
	if (new_array_buffer->byte_length()->Number() < new_len) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate,
	NewTypeError(is_shared ? MessageTemplate::kSharedArrayBufferTooShort
	: MessageTemplate::kArrayBufferTooShort));
	}

	// * [AB] NOTE: Side-effects of the above steps may have detached O.
	// * [AB] If IsDetachedBuffer(O) is true, throw a TypeError exception.
	if (!is_shared && array_buffer->was_neutered()) {
	THROW_NEW_ERROR_RETURN_FAILURE(
	isolate, NewTypeError(MessageTemplate::kDetachedOperation,
	isolate->factory()->NewStringFromAsciiChecked(
	kMethodName)));
	}

	// * Let fromBuf be O.[[ArrayBufferData]].
	// * Let toBuf be new.[[ArrayBufferData]].
	// * Perform CopyDataBlockBytes(toBuf, 0, fromBuf, first, newLen).
	size_t first_size = 0, new_len_size = 0;
	CHECK(TryNumberToSize(*first_obj, &first_size));
	CHECK(TryNumberToSize(*new_len_obj, &new_len_size));
	DCHECK(NumberToSize(new_array_buffer->byte_length()) >= new_len_size);

	if (new_len_size != 0) {
	size_t from_byte_length = NumberToSize(array_buffer->byte_length());
	USE(from_byte_length);
	DCHECK(first_size <= from_byte_length);
	DCHECK(from_byte_length - first_size >= new_len_size);
	uint8_t* from_data =
	reinterpret_cast<uint8_t*>(array_buffer->backing_store());
	uint8_t* to_data =
	reinterpret_cast<uint8_t*>(new_array_buffer->backing_store());
	CopyBytes(to_data, from_data + first_size, new_len_size);
	}

	return *new_;
	}

	// ES #sec-sharedarraybuffer.prototype.slice
	BUILTIN(SharedArrayBufferPrototypeSlice) {
	const char* const kMethodName = "SharedArrayBuffer.prototype.slice";
	return SliceHelper(args, isolate, kMethodName, true);
	}

	// ES #sec-arraybuffer.prototype.slice
	// ArrayBuffer.prototype.slice ( start, end )
	BUILTIN(ArrayBufferPrototypeSlice) {
	const char* const kMethodName = "ArrayBuffer.prototype.slice";
	return SliceHelper(args, isolate, kMethodName, false);
	}

	} // namespace internal
	} // namespace v8