Revision: 15104
Author: [email protected]
Date: Wed Jun 12 16:40:46 2013
Log: MIPS: Fix for bug 245480. Calling new Array(a) with a single
argument could result in creating a holey array with a packed elements kind.
Port r15095 (4a97e1e4)
BUG=
Review URL: https://codereview.chromium.org/16861003
http://code.google.com/p/v8/source/detail?r=15104
Modified:
/branches/bleeding_edge/src/mips/lithium-codegen-mips.cc
=======================================
--- /branches/bleeding_edge/src/mips/lithium-codegen-mips.cc Wed Jun 12
16:39:22 2013
+++ /branches/bleeding_edge/src/mips/lithium-codegen-mips.cc Wed Jun 12
16:40:46 2013
@@ -3903,8 +3903,25 @@
ArrayNoArgumentConstructorStub stub(kind, disable_allocation_sites);
CallCode(stub.GetCode(isolate()), RelocInfo::CONSTRUCT_CALL, instr);
} else if (instr->arity() == 1) {
+ Label done;
+ if (IsFastPackedElementsKind(kind)) {
+ Label packed_case;
+ // We might need a change here,
+ // look at the first argument.
+ __ lw(t1, MemOperand(sp, 0));
+ __ Branch(&packed_case, eq, t1, Operand(zero_reg));
+
+ ElementsKind holey_kind = GetHoleyElementsKind(kind);
+ ArraySingleArgumentConstructorStub stub(holey_kind,
+ disable_allocation_sites);
+ CallCode(stub.GetCode(isolate()), RelocInfo::CONSTRUCT_CALL, instr);
+ __ jmp(&done);
+ __ bind(&packed_case);
+ }
+
ArraySingleArgumentConstructorStub stub(kind,
disable_allocation_sites);
CallCode(stub.GetCode(isolate()), RelocInfo::CONSTRUCT_CALL, instr);
+ __ bind(&done);
} else {
ArrayNArgumentsConstructorStub stub(kind, disable_allocation_sites);
CallCode(stub.GetCode(isolate()), RelocInfo::CONSTRUCT_CALL, instr);
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
