[v8-dev] Fix LBoundsCheck on x64 to handle (stack slot + constant) correctly (issue 10959009)

Thu, 20 Sep 2012 02:42:24 -0700 

Reviewers: Toon Verwaest,

Message:
PTAL.

Description:
Fix LBoundsCheck on x64 to handle (stack slot + constant) correctly

BUG=150729


Please review this at https://codereview.chromium.org/10959009/

SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge

Affected files:
  M src/x64/lithium-codegen-x64.cc
  A + test/mjsunit/regress/regress-crbug-150729.js


Index: src/x64/lithium-codegen-x64.cc
diff --git a/src/x64/lithium-codegen-x64.cc b/src/x64/lithium-codegen-x64.cc
index 8e887cd915f0e68b5a9d110796caa96b6e752629..cab8d377b0a1291076ffafa12aa49d38aa7e227c 100644 
--- a/src/x64/lithium-codegen-x64.cc
+++ b/src/x64/lithium-codegen-x64.cc
@@ -3774,11 +3774,17 @@ void LCodeGen::DoBoundsCheck(LBoundsCheck* instr) {
       __ cmpq(reg, reg2);
     }
   } else {
+    Operand length = ToOperand(instr->length());
     if (instr->index()->IsConstantOperand()) {
-      __ cmpq(ToOperand(instr->length()),
- Immediate(ToInteger32(LConstantOperand::cast(instr->index())))); 
+      int constant_index =
+          ToInteger32(LConstantOperand::cast(instr->index()));
+      if (instr->hydrogen()->length()->representation().IsTagged()) {
+        __ Cmp(length, Smi::FromInt(constant_index));
+      } else {
+        __ cmpq(length, Immediate(constant_index));
+      }
     } else {
-      __ cmpq(ToOperand(instr->length()), ToRegister(instr->index()));
+      __ cmpq(length, ToRegister(instr->index()));
     }
   }
   DeoptimizeIf(below_equal, instr->environment());
Index: test/mjsunit/regress/regress-crbug-150729.js
diff --git a/test/mjsunit/regress/regress-1898.js b/test/mjsunit/regress/regress-crbug-150729.js 
similarity index 89%
copy from test/mjsunit/regress/regress-1898.js
copy to test/mjsunit/regress/regress-crbug-150729.js
index 5440446fbf78ca593e8748cd54ea2aefad047542..15aa587d184a1fdc67f0c47bae4137beffb266f2 100644 
--- a/test/mjsunit/regress/regress-1898.js
+++ b/test/mjsunit/regress/regress-crbug-150729.js
@@ -27,11 +27,13 @@

 // Flags: --allow-natives-syntax

-function f(x) {
-  Math.log(Math.min(0.1, Math.abs(x)));
+var t = 0;
+function burn() {
+  i = [t, 1];
+  var M = [i[0], Math.cos(t) + i[7074959]];
+  t += .05;
+}
+for (var j = 0; j < 5; j++) {
+  if (j == 2) %OptimizeFunctionOnNextCall(burn);
+  burn();
 }
-
-f(0.1);
-f(0.1);
-%OptimizeFunctionOnNextCall(f);
-f(0.1);


--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev

Reply via email to