[v8-dev] [v8] r13083 committed - MIPS: Ensure double arrays are filled with holes when extended from va...

[codesite-noreply]

Revision: 13083
Author:   verwa...@chromium.org
Date:     Thu Nov 29 00:37:41 2012
Log:      MIPS: Ensure double arrays are filled with holes when extended  
from variations of empty arrays.

Port r13056 (9b2c1725)

BUG=
TEST=

Review URL: https://chromiumcodereview.appspot.com/11411253
Patch from Akos Palfi <pal...@homejinni.com>.
http://code.google.com/p/v8/source/detail?r=13083

Modified:
 /branches/bleeding_edge/src/mips/stub-cache-mips.cc

=======================================
--- /branches/bleeding_edge/src/mips/stub-cache-mips.cc	Wed Nov 21 01:54:53  
2012
+++ /branches/bleeding_edge/src/mips/stub-cache-mips.cc	Thu Nov 29 00:37:41  
2012
@@ -4843,14 +4843,31 @@
     __ AllocateInNewSpace(size, elements_reg, scratch1, scratch2, &slow,
                           TAG_OBJECT);

-    // Initialize the new FixedDoubleArray. Leave elements unitialized for
-    // efficiency, they are guaranteed to be initialized before use.
+    // Initialize the new FixedDoubleArray.
     __ LoadRoot(scratch1, Heap::kFixedDoubleArrayMapRootIndex);
     __ sw(scratch1, FieldMemOperand(elements_reg, JSObject::kMapOffset));
     __ li(scratch1,  
Operand(Smi::FromInt(JSArray::kPreallocatedArrayElements)));
     __ sw(scratch1,
           FieldMemOperand(elements_reg, FixedDoubleArray::kLengthOffset));

+    __ li(scratch1, Operand(kHoleNanLower32));
+    __ li(scratch2, Operand(kHoleNanUpper32));
+    for (int i = 1; i < JSArray::kPreallocatedArrayElements; i++) {
+      int offset = FixedDoubleArray::OffsetOfElementAt(i);
+      __ sw(scratch1, FieldMemOperand(elements_reg, offset));
+      __ sw(scratch2, FieldMemOperand(elements_reg, offset +  
kPointerSize));
+    }
+
+    __ StoreNumberToDoubleElements(value_reg,
+                                   key_reg,
+                                   // All registers after this are  
overwritten.
+                                   elements_reg,
+                                   scratch1,
+                                   scratch2,
+                                   scratch3,
+                                   scratch4,
+                                   &transition_elements_kind);
+
     // Install the new backing store in the JSArray.
     __ sw(elements_reg,
           FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
@@ -4863,7 +4880,7 @@
     __ sw(length_reg, FieldMemOperand(receiver_reg,  
JSArray::kLengthOffset));
     __ lw(elements_reg,
           FieldMemOperand(receiver_reg, JSObject::kElementsOffset));
-    __ jmp(&finish_store);
+    __ Ret();

     __ bind(&check_capacity);
     // Make sure that the backing store can hold additional elements.

--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev