a46d8d1a1b
When we create a new elements array we should initialize it with holes. The capacity of the newly created elements array could be greater than the actual length of the array and we expect the unused slots to be filled with holes. Bug: chromium:1070560 Change-Id: Ia365eed59859e36a9c8b9e27be34f93ab88942bb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2150599 Commit-Queue: Mythri Alle <mythria@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#67180}
17 lines
483 B
JavaScript
17 lines
483 B
JavaScript
// Copyright 2020 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
function f() {
|
|
// Create a FixedDoubleArray
|
|
var arr = [5.65];
|
|
// Force the elements to be EmptyFixedArray
|
|
arr.splice(0);
|
|
// This should create a FixedDoubleArray initialized with holes.
|
|
arr.splice(-4, 9, 10, 20);
|
|
// If the earlier spice didn't create a holes this would fail.
|
|
assertFalse(2 in arr);
|
|
}
|
|
|
|
f();
|