From 58a3fd366666974868df913ee631721e4925c243 Mon Sep 17 00:00:00 2001 From: "danno@chromium.org" Date: Fri, 17 May 2013 06:58:06 +0000 Subject: [PATCH] Fill in one-word-fillers for the unused property fields. BUG=chromium:240056 Review URL: https://chromiumcodereview.appspot.com/15247003 Patch from Toon Verwaest . git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@14714 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- src/hydrogen.cc | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/hydrogen.cc b/src/hydrogen.cc index feff6f9..a97e083 100644 --- a/src/hydrogen.cc +++ b/src/hydrogen.cc @@ -10934,9 +10934,11 @@ void HOptimizedGraphBuilder::BuildEmitDeepCopy( boilerplate_object->map()->instance_descriptors()); int limit = boilerplate_object->map()->NumberOfOwnDescriptors(); + int copied_fields = 0; for (int i = 0; i < limit; i++) { PropertyDetails details = descriptors->GetDetails(i); if (details.type() != FIELD) continue; + copied_fields++; int index = descriptors->GetFieldIndex(i); int property_offset = boilerplate_object->GetInObjectPropertyOffset(index); Handle name(descriptors->GetKey(i)); @@ -10975,6 +10977,16 @@ void HOptimizedGraphBuilder::BuildEmitDeepCopy( } } + int inobject_properties = boilerplate_object->map()->inobject_properties(); + HInstruction* value_instruction = AddInstruction(new(zone) HConstant( + factory->one_pointer_filler_map(), Representation::Tagged())); + for (int i = copied_fields; i < inobject_properties; i++) { + AddInstruction(new(zone) HStoreNamedField( + object_properties, factory->unknown_field_string(), value_instruction, + true, Representation::Tagged(), + boilerplate_object->GetInObjectPropertyOffset(i))); + } + // Build Allocation Site Info if desired if (create_allocation_site_info) { BuildCreateAllocationSiteInfo(target, JSArray::kSize, original_boilerplate); -- 2.7.4