Revision: 10320
Author: [email protected]
Date: Tue Jan 3 01:39:34 2012
Log: Undo allocation of half-formed array during elements transition
[email protected]
BUG=none
TEST=no asserts in debug tests with smi-only-array on
Review URL: http://codereview.chromium.org/9015023
http://code.google.com/p/v8/source/detail?r=10320
Modified:
/branches/bleeding_edge/src/arm/builtins-arm.cc
/branches/bleeding_edge/src/ia32/builtins-ia32.cc
/branches/bleeding_edge/src/x64/builtins-x64.cc
=======================================
--- /branches/bleeding_edge/src/arm/builtins-arm.cc Thu Dec 29 04:19:34 2011
+++ /branches/bleeding_edge/src/arm/builtins-arm.cc Tue Jan 3 01:39:34 2012
@@ -1,4 +1,4 @@
-// Copyright 2011 the V8 project authors. All rights reserved.
+// Copyright 2012 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
@@ -316,7 +316,8 @@
static void ArrayNativeCode(MacroAssembler* masm,
Label* call_generic_code) {
Counters* counters = masm->isolate()->counters();
- Label argc_one_or_more, argc_two_or_more, not_empty_array, empty_array;
+ Label argc_one_or_more, argc_two_or_more, not_empty_array, empty_array,
+ has_non_smi_element;
// Check for array construction with zero arguments or one.
__ cmp(r0, Operand(0, RelocInfo::NONE));
@@ -415,7 +416,7 @@
__ bind(&loop);
__ ldr(r2, MemOperand(r7, kPointerSize, PostIndex));
if (FLAG_smi_only_arrays) {
- __ JumpIfNotSmi(r2, call_generic_code);
+ __ JumpIfNotSmi(r2, &has_non_smi_element);
}
__ str(r2, MemOperand(r5, -kPointerSize, PreIndex));
__ bind(&entry);
@@ -431,6 +432,10 @@
__ add(sp, sp, Operand(kPointerSize));
__ mov(r0, r3);
__ Jump(lr);
+
+ __ bind(&has_non_smi_element);
+ __ UndoAllocationInNewSpace(r3, r4);
+ __ b(call_generic_code);
}
=======================================
--- /branches/bleeding_edge/src/ia32/builtins-ia32.cc Thu Dec 29 04:19:34
2011
+++ /branches/bleeding_edge/src/ia32/builtins-ia32.cc Tue Jan 3 01:39:34
2012
@@ -1,4 +1,4 @@
-// Copyright 2011 the V8 project authors. All rights reserved.
+// Copyright 2012 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
@@ -1297,6 +1297,7 @@
__ bind(&has_non_smi_element);
// Throw away the array that's only been partially constructed.
__ pop(eax);
+ __ UndoAllocationInNewSpace(eax);
// Restore argc and constructor before running the generic code.
__ bind(&prepare_generic_code_call);
=======================================
--- /branches/bleeding_edge/src/x64/builtins-x64.cc Thu Dec 29 04:19:34 2011
+++ /branches/bleeding_edge/src/x64/builtins-x64.cc Tue Jan 3 01:39:34 2012
@@ -1,4 +1,4 @@
-// Copyright 2011 the V8 project authors. All rights reserved.
+// Copyright 2012 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
@@ -1199,7 +1199,8 @@
// a construct call and a normal call.
static void ArrayNativeCode(MacroAssembler* masm,
Label *call_generic_code) {
- Label argc_one_or_more, argc_two_or_more, empty_array, not_empty_array;
+ Label argc_one_or_more, argc_two_or_more, empty_array, not_empty_array,
+ has_non_smi_element;
// Check for array construction with zero arguments.
__ testq(rax, rax);
@@ -1306,7 +1307,7 @@
__ bind(&loop);
__ movq(kScratchRegister, Operand(r9, rcx, times_pointer_size, 0));
if (FLAG_smi_only_arrays) {
- __ JumpIfNotSmi(kScratchRegister, call_generic_code);
+ __ JumpIfNotSmi(kScratchRegister, &has_non_smi_element);
}
__ movq(Operand(rdx, 0), kScratchRegister);
__ addq(rdx, Immediate(kPointerSize));
@@ -1324,6 +1325,10 @@
__ push(rcx);
__ movq(rax, rbx);
__ ret(0);
+
+ __ bind(&has_non_smi_element);
+ __ UndoAllocationInNewSpace(rbx);
+ __ jmp(call_generic_code);
}
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
