Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1154)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/arm/codegen-arm.cc

Issue 636313003: Fix uninitialized FixedArray potentially being left behind by ElementsTransitionGenerator::Generate… (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | src/arm64/codegen-arm64.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/v8.h" 5 #include "src/v8.h"
6 6
7 #if V8_TARGET_ARCH_ARM 7 #if V8_TARGET_ARCH_ARM
8 8
9 #include "src/arm/simulator-arm.h" 9 #include "src/arm/simulator-arm.h"
10 #include "src/codegen.h" 10 #include "src/codegen.h"
(...skipping 586 matching lines...) Expand 10 before | Expand all | Expand 10 after
597 __ str(scratch, MemOperand(array, HeapObject::kMapOffset)); 597 __ str(scratch, MemOperand(array, HeapObject::kMapOffset));
598 598
599 // Prepare for conversion loop. 599 // Prepare for conversion loop.
600 Register src_elements = elements; 600 Register src_elements = elements;
601 Register dst_elements = target_map; 601 Register dst_elements = target_map;
602 Register dst_end = length; 602 Register dst_end = length;
603 Register heap_number_map = scratch; 603 Register heap_number_map = scratch;
604 __ add(src_elements, elements, 604 __ add(src_elements, elements,
605 Operand(FixedDoubleArray::kHeaderSize - kHeapObjectTag + 4)); 605 Operand(FixedDoubleArray::kHeaderSize - kHeapObjectTag + 4));
606 __ add(dst_elements, array, Operand(FixedArray::kHeaderSize)); 606 __ add(dst_elements, array, Operand(FixedArray::kHeaderSize));
607 __ add(dst_end, dst_elements, Operand(length, LSL, 1));
608
609 // Allocating heap numbers in the loop below can fail and cause a jump to
610 // gc_required. We can't leave a partly initialized FixedArray behind,
611 // so pessimistically fill it with holes now.
612 Label initialization_loop, initialization_loop_entry;
613 __ LoadRoot(scratch, Heap::kTheHoleValueRootIndex);
614 __ b(&initialization_loop_entry);
615 __ bind(&initialization_loop);
616 __ str(scratch, MemOperand(dst_elements, kPointerSize, PostIndex));
617 __ bind(&initialization_loop_entry);
618 __ cmp(dst_elements, dst_end);
619 __ b(lt, &initialization_loop);
620
621 __ add(dst_elements, array, Operand(FixedArray::kHeaderSize));
607 __ add(array, array, Operand(kHeapObjectTag)); 622 __ add(array, array, Operand(kHeapObjectTag));
608 __ add(dst_end, dst_elements, Operand(length, LSL, 1));
609 __ LoadRoot(heap_number_map, Heap::kHeapNumberMapRootIndex); 623 __ LoadRoot(heap_number_map, Heap::kHeapNumberMapRootIndex);
610 // Using offsetted addresses in src_elements to fully take advantage of 624 // Using offsetted addresses in src_elements to fully take advantage of
611 // post-indexing. 625 // post-indexing.
612 // dst_elements: begin of destination FixedArray element fields, not tagged 626 // dst_elements: begin of destination FixedArray element fields, not tagged
613 // src_elements: begin of source FixedDoubleArray element fields, 627 // src_elements: begin of source FixedDoubleArray element fields,
614 // not tagged, +4 628 // not tagged, +4
615 // dst_end: end of destination FixedArray, not tagged 629 // dst_end: end of destination FixedArray, not tagged
616 // array: destination FixedArray 630 // array: destination FixedArray
617 // heap_number_map: heap number map 631 // heap_number_map: heap number map
618 __ b(&entry); 632 __ b(&entry);
(...skipping 309 matching lines...) Expand 10 before | Expand all | Expand 10 after
928 patcher.masm()->add(r0, pc, Operand(-8)); 942 patcher.masm()->add(r0, pc, Operand(-8));
929 patcher.masm()->ldr(pc, MemOperand(pc, -4)); 943 patcher.masm()->ldr(pc, MemOperand(pc, -4));
930 patcher.masm()->emit_code_stub_address(stub); 944 patcher.masm()->emit_code_stub_address(stub);
931 } 945 }
932 } 946 }
933 947
934 948
935 } } // namespace v8::internal 949 } } // namespace v8::internal
936 950
937 #endif // V8_TARGET_ARCH_ARM 951 #endif // V8_TARGET_ARCH_ARM
OLDNEW
« no previous file with comments | « no previous file | src/arm64/codegen-arm64.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698