Ensure CopyElementsImpl is always executed so it fills in holes even if...

Ensure CopyElementsImpl is always executed so it fills in holes even if from_size is 0. Allow FixedDoubleArray::cast to also support FixedArray with size 0. Review URL: https://chromiumcodereview.appspot.com/11280054 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13000 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Ensure CopyElementsImpl is always executed so it fills in holes even if...
Ensure CopyElementsImpl is always executed so it fills in holes even if from_size is 0. Allow FixedDoubleArray::cast to also support FixedArray with size 0. Review URL: https://chromiumcodereview.appspot.com/11280054 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13000 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
08cfda49 · verwaest@chromium.org · 3326b845 · 08cfda49 · 08cfda49 · 08cfda49
Commit 08cfda49 authored Nov 19, 2012 by verwaest@chromium.org
Showing with 22 additions and 13 deletions

elements.cc src/elements.cc +10 -12

objects-inl.h src/objects-inl.h +7 -0

objects.h src/objects.h +1 -0

array-store-and-grow.js test/mjsunit/array-store-and-grow.js +4 -1

No files found.
--- a/src/elements.cc
+++ b/src/elements.cc
@@ -696,9 +696,6 @@ class ElementsAccessorBase : public ElementsAccessor {
        }
      }
    }
-    if (from->length() == 0 || copy_size == 0) {
-      return from;
-    }
    return ElementsAccessorSubclass::CopyElementsImpl(
        from, from_start, to, to_kind, to_start, packed_size, copy_size);
  }
@@ -1022,17 +1019,17 @@ class FastSmiOrObjectElementsAccessor
            packed_size != kPackedSizeNotKnown) {
          CopyPackedSmiToDoubleElements(
              FixedArray::cast(from), from_start,
-              FixedDoubleArray::cast(to), to_start,
+              FixedDoubleArray::castOrEmptyFixedArray(to), to_start,
              packed_size, copy_size);
        } else {
          CopySmiToDoubleElements(
              FixedArray::cast(from), from_start,
-              FixedDoubleArray::cast(to), to_start, copy_size);
+              FixedDoubleArray::castOrEmptyFixedArray(to), to_start, copy_size);
        }
      } else {
        CopyObjectToDoubleElements(
            FixedArray::cast(from), from_start,
-            FixedDoubleArray::cast(to), to_start, copy_size);
+            FixedDoubleArray::castOrEmptyFixedArray(to), to_start, copy_size);
      }
    } else {
      UNREACHABLE();
@@ -1136,13 +1133,13 @@ class FastDoubleElementsAccessor
      case FAST_HOLEY_SMI_ELEMENTS:
      case FAST_HOLEY_ELEMENTS:
        return CopyDoubleToObjectElements(
-            FixedDoubleArray::cast(from), from_start, FixedArray::cast(to),
-            to_kind, to_start, copy_size);
+            FixedDoubleArray::castOrEmptyFixedArray(from), from_start,
+            FixedArray::cast(to), to_kind, to_start, copy_size);
      case FAST_DOUBLE_ELEMENTS:
      case FAST_HOLEY_DOUBLE_ELEMENTS:
-        CopyDoubleToDoubleElements(FixedDoubleArray::cast(from), from_start,
-                                   FixedDoubleArray::cast(to),
-                                   to_start, copy_size);
+        CopyDoubleToDoubleElements(
+            FixedDoubleArray::castOrEmptyFixedArray(from), from_start,
+            FixedDoubleArray::castOrEmptyFixedArray(to), to_start, copy_size);
        return from;
      default:
        UNREACHABLE();
@@ -1476,7 +1473,8 @@ class DictionaryElementsAccessor
      case FAST_HOLEY_DOUBLE_ELEMENTS:
        CopyDictionaryToDoubleElements(
            SeededNumberDictionary::cast(from), from_start,
-            FixedDoubleArray::cast(to), to_start, copy_size);
+            FixedDoubleArray::castOrEmptyFixedArray(to), to_start,
+            copy_size);
        return from;
      default:
        UNREACHABLE();

--- a/src/objects-inl.h
+++ b/src/objects-inl.h
@@ -2342,6 +2342,13 @@ void SeededNumberDictionary::set_requires_slow_elements() {
 // Cast operations


+FixedDoubleArray* FixedDoubleArray::castOrEmptyFixedArray(Object* object) {
+  ASSERT(object == HeapObject::cast(object)->GetHeap()->empty_fixed_array() ||
+         object->IsFixedDoubleArray());
+  return reinterpret_cast<FixedDoubleArray*>(object);
+}
+
+
 CAST_ACCESSOR(FixedArray)
 CAST_ACCESSOR(FixedDoubleArray)
 CAST_ACCESSOR(DescriptorArray)

--- a/src/objects.h
+++ b/src/objects.h
@@ -2488,6 +2488,7 @@ class FixedDoubleArray: public FixedArrayBase {

  // Casting.
  static inline FixedDoubleArray* cast(Object* obj);
+  static inline FixedDoubleArray* castOrEmptyFixedArray(Object* obj);

  // Maximal allowed size, in bytes, of a single FixedDoubleArray.
  // Prevents overflowing size computations, as well as extreme memory

--- a/test/mjsunit/array-store-and-grow.js
+++ b/test/mjsunit/array-store-and-grow.js
@@ -99,7 +99,10 @@ array_store_5(a, 1, 0.5);
 a = makeCOW();
 array_store_5(a, 1, 0.5);
 assertEquals(0.5, a[1]);
-assertEquals(0.5, array_store_5([], 1, 0.5));
+a = [];
+assertEquals(0.5, array_store_5(a, 1, 0.5));
+assertEquals(undefined, a[0]);
+assertEquals(0.5, a[1]);

 function array_store_6(a,b,c) {
  return (a[b] = c);