Revision: 20208
Author: verwa...@chromium.org
Date: Mon Mar 24 16:25:48 2014 UTC
Log: Ensure the constant operand for heap-object store-named-field is
not a smi.
BUG=
R=jkumme...@chromium.org
Review URL: https://codereview.chromium.org/210193002
http://code.google.com/p/v8/source/detail?r=20208
Added:
/branches/bleeding_edge/test/mjsunit/regress/regress-store-heapobject.js
Modified:
/branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc
/branches/bleeding_edge/src/x64/lithium-codegen-x64.cc
=======================================
--- /dev/null
+++
/branches/bleeding_edge/test/mjsunit/regress/regress-store-heapobject.js
Mon Mar 24 16:25:48 2014 UTC
@@ -0,0 +1,27 @@
+// Copyright 2014 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --allow-natives-syntax
+
+var o = {a: undefined};
+
+function store(o, v) {
+ o.a = v;
+}
+
+store(o, undefined);
+store(o, undefined);
+
+function f(bool) {
+ var o = {a: undefined};
+ if (bool) {
+ store(o, 1);
+ }
+ return o;
+}
+
+f(false);
+f(false);
+%OptimizeFunctionOnNextCall(f);
+f(true);
=======================================
--- /branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc Mon Mar 24
13:16:23 2014 UTC
+++ /branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc Mon Mar 24
16:25:48 2014 UTC
@@ -4347,7 +4347,7 @@
if (representation.IsHeapObject()) {
if (instr->value()->IsConstantOperand()) {
LConstantOperand* operand_value =
LConstantOperand::cast(instr->value());
- if (IsInteger32(operand_value)) {
+ if (chunk_->LookupConstant(operand_value)->HasSmiValue()) {
DeoptimizeIf(no_condition, instr->environment());
}
} else {
=======================================
--- /branches/bleeding_edge/src/x64/lithium-codegen-x64.cc Mon Mar 24
13:16:23 2014 UTC
+++ /branches/bleeding_edge/src/x64/lithium-codegen-x64.cc Mon Mar 24
16:25:48 2014 UTC
@@ -3953,7 +3953,7 @@
if (representation.IsHeapObject()) {
if (instr->value()->IsConstantOperand()) {
LConstantOperand* operand_value =
LConstantOperand::cast(instr->value());
- if (IsInteger32Constant(operand_value)) {
+ if (chunk_->LookupConstant(operand_value)->HasSmiValue()) {
DeoptimizeIf(no_condition, instr->environment());
}
} else {
--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
