[v8-dev] Use entry rather than index in ElementsAccessor::Get (issue 1230213002 by verwaest@chromium.org)

[verwaest]

Reviewers: Igor Sheludko,

Message:
ptal
Description:
Use entry rather than index in ElementsAccessor::Get

BUG=v8:4137, v8:4177
LOG=n

Please review this at https://codereview.chromium.org/1230213002/

Base URL: https://chromium.googlesource.com/v8/v8.git@master

Affected files (+25, -33 lines):
  M src/elements.h
  M src/elements.cc


Index: src/elements.cc
diff --git a/src/elements.cc b/src/elements.cc
index  
4e8031c06d5819d51a95d2c0aed557fe741044a8..1e1b7b6392a1764e1453f7ccd0f7688771f145b1  
100644
--- a/src/elements.cc
+++ b/src/elements.cc
@@ -548,27 +548,6 @@ class ElementsAccessorBase : public ElementsAccessor {
                *holder, *backing_store, index) != kMaxUInt32;
   }

-  virtual Handle<Object> Get(Handle<JSObject> holder, uint32_t index) {
-    if (!IsExternalArrayElementsKind(ElementsTraits::Kind) &&
-        FLAG_trace_js_array_abuse) {
-      CheckArrayAbuse(holder, "elements read", index);
-    }
-
-    if (IsExternalArrayElementsKind(ElementsTraits::Kind) &&
-        FLAG_trace_external_array_abuse) {
-      CheckArrayAbuse(holder, "external elements read", index);
-    }
-
-    uint32_t entry = ElementsAccessorSubclass::GetEntryForIndexImpl(
-        *holder, holder->elements(), index);
-
-    if (entry == kMaxUInt32) {
-      return holder->GetIsolate()->factory()->the_hole_value();
-    }
-
-    return ElementsAccessorSubclass::GetImpl(handle(holder->elements()),  
entry);
-  }
-
   virtual Handle<Object> Get(Handle<FixedArrayBase> backing_store,
                              uint32_t entry) final {
     return ElementsAccessorSubclass::GetImpl(backing_store, entry);
@@ -576,8 +555,8 @@ class ElementsAccessorBase : public ElementsAccessor {

   static Handle<Object> GetImpl(Handle<FixedArrayBase> backing_store,
                                 uint32_t entry) {
-    return BackingStore::get(Handle<BackingStore>::cast(backing_store),
-                             entry);
+    uint32_t index = GetIndexForEntryImpl(*backing_store, entry);
+    return BackingStore::get(Handle<BackingStore>::cast(backing_store),  
index);
   }

   virtual void Set(FixedArrayBase* backing_store, uint32_t entry,
@@ -834,11 +813,17 @@ class ElementsAccessorBase : public ElementsAccessor {
   static uint32_t GetEntryForIndexImpl(JSObject* holder,
                                        FixedArrayBase* backing_store,
                                        uint32_t index) {
-    return index < ElementsAccessorSubclass::GetCapacityImpl(holder,
-                                                              
backing_store) &&
-                   !BackingStore::cast(backing_store)->is_the_hole(index)
-               ? index
-               : kMaxUInt32;
+    if (IsHoleyElementsKind(kind())) {
+      return index < ElementsAccessorSubclass::GetCapacityImpl(holder,
+                                                                
backing_store) &&
+                     !BackingStore::cast(backing_store)->is_the_hole(index)
+                 ? index
+                 : kMaxUInt32;
+    } else {
+      Smi* smi_length = Smi::cast(JSArray::cast(holder)->length());
+      uint32_t length = static_cast<uint32_t>(smi_length->value());
+      return index < length ? index : kMaxUInt32;
+    }
   }

   virtual uint32_t GetEntryForIndex(JSObject* holder,
@@ -1370,8 +1355,8 @@ class TypedElementsAccessor

   static Handle<Object> GetImpl(Handle<FixedArrayBase> backing_store,
                                 uint32_t entry) {
-    return BackingStore::get(Handle<BackingStore>::cast(backing_store),
-                             entry);
+    uint32_t index = GetIndexForEntryImpl(*backing_store, entry);
+    return BackingStore::get(Handle<BackingStore>::cast(backing_store),  
index);
   }

   static PropertyDetails GetDetailsImpl(FixedArrayBase* backing_store,
@@ -1389,6 +1374,11 @@ class TypedElementsAccessor
     UNREACHABLE();
   }

+  static uint32_t GetIndexForEntryImpl(FixedArrayBase* backing_store,
+                                       uint32_t entry) {
+    return entry;
+  }
+
   static uint32_t GetEntryForIndexImpl(JSObject* holder,
                                        FixedArrayBase* backing_store,
                                        uint32_t index) {
@@ -1430,7 +1420,9 @@ class SloppyArgumentsElementsAccessor
  public:
   explicit SloppyArgumentsElementsAccessor(const char* name)
       : ElementsAccessorBase<SloppyArgumentsElementsAccessorSubclass,
-                             KindTraits>(name) {}
+                             KindTraits>(name) {
+    USE(KindTraits::Kind);
+  }

   static Handle<Object> GetImpl(Handle<FixedArrayBase> parameters,
                                 uint32_t entry) {
@@ -1448,7 +1440,8 @@ class SloppyArgumentsElementsAccessor
       // Object is not mapped, defer to the arguments.
       Handle<FixedArray> arguments(FixedArray::cast(parameter_map->get(1)),
                                    isolate);
-      Handle<Object> result = ArgumentsAccessor::GetImpl(arguments, entry);
+      Handle<Object> result =
+          ArgumentsAccessor::GetImpl(arguments, entry - length);
       // Elements of the arguments object in slow mode might be slow  
aliases.
       if (result->IsAliasedArgumentsEntry()) {
         DisallowHeapAllocation no_gc;
Index: src/elements.h
diff --git a/src/elements.h b/src/elements.h
index  
49accc31f3d0f7b0e77e32b4b406a58ab83d340a..511b636c3de8082ed2c5dfe16251e7d5e8da08c1  
100644
--- a/src/elements.h
+++ b/src/elements.h
@@ -38,7 +38,6 @@ class ElementsAccessor {
     return HasElement(holder, index, handle(holder->elements()));
   }

-  virtual Handle<Object> Get(Handle<JSObject> holder, uint32_t index) = 0;
   virtual Handle<Object> Get(Handle<FixedArrayBase> backing_store,
                              uint32_t entry) = 0;



--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
--- 
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.