[v8-dev] [v8] r11886 committed - Fix GC bug with missing handle. Bug=133618...

codesite-noreply Wed, 20 Jun 2012 06:40:25 -0700

Revision: 11886
Author:   [email protected]
Date:     Wed Jun 20 06:40:10 2012
Log:      Fix GC bug with missing handle. Bug=133618
Review URL: https://chromiumcodereview.appspot.com/10559083
http://code.google.com/p/v8/source/detail?r=11886


Modified:
 /branches/bleeding_edge/src/arm/lithium-codegen-arm.cc
 /branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc
 /branches/bleeding_edge/src/mips/lithium-codegen-mips.cc
 /branches/bleeding_edge/src/x64/lithium-codegen-x64.cc

=======================================

--- /branches/bleeding_edge/src/arm/lithium-codegen-arm.cc Thu Jun 1407:06:22 2012+++ /branches/bleeding_edge/src/arm/lithium-codegen-arm.cc Wed Jun 2006:40:10 2012

@@ -2597,15 +2597,15 @@
   } else {
     // Negative lookup.
     // Check prototypes.
-    HeapObject* current = HeapObject::cast((*type)->prototype());
+    Handle<HeapObject> current(HeapObject::cast((*type)->prototype()));
     Heap* heap = type->GetHeap();
-    while (current != heap->null_value()) {
-      Handle<HeapObject> link(current);
-      __ LoadHeapObject(result, link);
+    while (*current != heap->null_value()) {
+      __ LoadHeapObject(result, current);
       __ ldr(result, FieldMemOperand(result, HeapObject::kMapOffset));
-      __ cmp(result, Operand(Handle<Map>(JSObject::cast(current)->map())));
+      __ cmp(result, Operand(Handle<Map>(current->map())));
       DeoptimizeIf(ne, env);
-      current = HeapObject::cast(current->map()->prototype());
+      current =

+Handle<HeapObject>(HeapObject::cast(current->map()->prototype()));

     }
     __ LoadRoot(result, Heap::kUndefinedValueRootIndex);
   }
=======================================

--- /branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc Thu Jun 1407:06:22 2012+++ /branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc Wed Jun 2006:40:10 2012

@@ -2327,15 +2327,15 @@
   } else {
     // Negative lookup.
     // Check prototypes.
-    HeapObject* current = HeapObject::cast((*type)->prototype());
+    Handle<HeapObject> current(HeapObject::cast((*type)->prototype()));
     Heap* heap = type->GetHeap();
-    while (current != heap->null_value()) {
-      Handle<HeapObject> link(current);
-      __ LoadHeapObject(result, link);
+    while (*current != heap->null_value()) {
+      __ LoadHeapObject(result, current);
       __ cmp(FieldOperand(result, HeapObject::kMapOffset),
-                          Handle<Map>(JSObject::cast(current)->map()));
+                          Handle<Map>(current->map()));
       DeoptimizeIf(not_equal, env);
-      current = HeapObject::cast(current->map()->prototype());
+      current =

+Handle<HeapObject>(HeapObject::cast(current->map()->prototype()));

     }
     __ mov(result, factory()->undefined_value());
   }
=======================================

--- /branches/bleeding_edge/src/mips/lithium-codegen-mips.cc Mon Jun 1805:54:10 2012+++ /branches/bleeding_edge/src/mips/lithium-codegen-mips.cc Wed Jun 2006:40:10 2012

@@ -2341,15 +2341,14 @@
   } else {
     // Negative lookup.
     // Check prototypes.
-    HeapObject* current = HeapObject::cast((*type)->prototype());
+    Handle<HeapObject> current(HeapObject::cast((*type)->prototype()));
     Heap* heap = type->GetHeap();
-    while (current != heap->null_value()) {
-      Handle<HeapObject> link(current);
-      __ LoadHeapObject(result, link);
+    while (*current != heap->null_value()) {
+      __ LoadHeapObject(result, current);
       __ lw(result, FieldMemOperand(result, HeapObject::kMapOffset));
-      DeoptimizeIf(ne, env,
-          result, Operand(Handle<Map>(JSObject::cast(current)->map())));
-      current = HeapObject::cast(current->map()->prototype());
+      DeoptimizeIf(ne, env, result, Operand(Handle<Map>(current->map())));
+      current =

+Handle<HeapObject>(HeapObject::cast(current->map()->prototype()));

     }
     __ LoadRoot(result, Heap::kUndefinedValueRootIndex);
   }
=======================================

--- /branches/bleeding_edge/src/x64/lithium-codegen-x64.cc Thu Jun 1407:06:22 2012+++ /branches/bleeding_edge/src/x64/lithium-codegen-x64.cc Wed Jun 2006:40:10 2012

@@ -2221,15 +2221,15 @@
   } else {
     // Negative lookup.
     // Check prototypes.
-    HeapObject* current = HeapObject::cast((*type)->prototype());
+    Handle<HeapObject> current(HeapObject::cast((*type)->prototype()));
     Heap* heap = type->GetHeap();
-    while (current != heap->null_value()) {
-      Handle<HeapObject> link(current);
-      __ LoadHeapObject(result, link);
+    while (*current != heap->null_value()) {
+      __ LoadHeapObject(result, current);
       __ Cmp(FieldOperand(result, HeapObject::kMapOffset),
-                          Handle<Map>(JSObject::cast(current)->map()));
+                          Handle<Map>(current->map()));
       DeoptimizeIf(not_equal, env);
-      current = HeapObject::cast(current->map()->prototype());
+      current =

+Handle<HeapObject>(HeapObject::cast(current->map()->prototype()));

     }
     __ LoadRoot(result, Heap::kUndefinedValueRootIndex);
   }

--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev

[v8-dev] [v8] r11886 committed - Fix GC bug with missing handle. Bug=133618...

Reply via email to