From 430122142d84fab5255157accaf3ac518a4d43f4 Mon Sep 17 00:00:00 2001
From: linxiang <linxiang8@huawei.com>
Date: Wed, 22 Sep 2021 14:10:02 +0800
Subject: [PATCH] fix ace2.0 hashcode initialization bugs

Signed-off-by: linxiang <linxiang8@huawei.com>
---
 ecmascript/js_object.h        | 5 +++++
 ecmascript/object_factory.cpp | 1 +
 2 files changed, 6 insertions(+)

diff --git a/ecmascript/js_object.h b/ecmascript/js_object.h
index 127658b16b..7371b866a0 100644
--- a/ecmascript/js_object.h
+++ b/ecmascript/js_object.h
@@ -339,6 +339,10 @@ public:
 
     void SetHash(int32_t hash);
     int32_t GetHash() const;
+    void InitializeHash()
+    {
+        Barriers::SetDynPrimitive<JSTaggedType>(this, ECMAObject::HASH_OFFSET, JSTaggedValue(0).GetRawData());
+    }
 
     void* GetNativePointerField(int32_t index) const;
     void SetNativePointerField(int32_t index, void *data);
@@ -354,6 +358,7 @@ public:
     void VisitObjects([[maybe_unused]] const EcmaObjectRangeVisitor &visitor) const
     {
         // no field in this object
+        Visitor(visitor);
     }
 };
 
diff --git a/ecmascript/object_factory.cpp b/ecmascript/object_factory.cpp
index 7282588009..0e4ed0a300 100644
--- a/ecmascript/object_factory.cpp
+++ b/ecmascript/object_factory.cpp
@@ -290,6 +290,7 @@ JSHandle<JSObject> ObjectFactory::NewJSObject(const JSHandle<JSHClass> &jshclass
     NewObjectHook();
     JSHandle<JSObject> obj(thread_, JSObject::Cast(NewDynObject(jshclass, JSHClass::DEFAULT_CAPACITY_OF_IN_OBJECTS)));
     JSHandle<TaggedArray> emptyArray = EmptyArray();
+    obj->InitializeHash();
     obj->SetElements(thread_, emptyArray, SKIP_BARRIER);
     obj->SetProperties(thread_, emptyArray, SKIP_BARRIER);
     return obj;
-- 
Gitee