Reviewers: fschneider,
Description:
Fix a bug in deoptimization on x64.
When deoptimizing to just after an ignored (because of a duplicate
property name) object literal property initializer, we incorrectly saw
the value of the initializer expression on the stack in the
unoptimized code. The bug affected x64 only.
[email protected]
BUG=v8:1404
Please review this at http://codereview.chromium.org/7066015/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/x64/full-codegen-x64.cc
Index: src/x64/full-codegen-x64.cc
diff --git a/src/x64/full-codegen-x64.cc b/src/x64/full-codegen-x64.cc
index
e2bdef7d452d0950c8e2b362960fa59101fb2070..bcfbc3864c797fa486a3d37eeaceaf04e6c9b4d0
100644
--- a/src/x64/full-codegen-x64.cc
+++ b/src/x64/full-codegen-x64.cc
@@ -1392,13 +1392,17 @@ void
FullCodeGenerator::VisitObjectLiteral(ObjectLiteral* expr) {
// Fall through.
case ObjectLiteral::Property::COMPUTED:
if (key->handle()->IsSymbol()) {
- VisitForAccumulatorValue(value);
- __ Move(rcx, key->handle());
- __ movq(rdx, Operand(rsp, 0));
if (property->emit_store()) {
- Handle<Code> ic = isolate()->builtins()->StoreIC_Initialize();
+ VisitForAccumulatorValue(value);
+ __ Move(rcx, key->handle());
+ __ movq(rdx, Operand(rsp, 0));
+ Handle<Code> ic = is_strict_mode()
+ ? isolate()->builtins()->StoreIC_Initialize_Strict()
+ : isolate()->builtins()->StoreIC_Initialize();
EmitCallIC(ic, RelocInfo::CODE_TARGET, key->id());
PrepareForBailoutForId(key->id(), NO_REGISTERS);
+ } else {
+ VisitForEffect(value);
}
break;
}
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
