Revision: 20723
Author: [email protected]
Date: Mon Apr 14 11:58:18 2014 UTC
Log: Fix result of LCodeGen::DoWrapReceiver for strict functions and
builtins.
BUG=362128
LOG=Y
TEST=mjsunit/regress/regress-362128
[email protected]
Review URL: https://codereview.chromium.org/226363007
http://code.google.com/p/v8/source/detail?r=20723
Added:
/branches/bleeding_edge/test/mjsunit/regress/regress-362128.js
Modified:
/branches/bleeding_edge/src/arm64/lithium-codegen-arm64.cc
=======================================
--- /dev/null
+++ /branches/bleeding_edge/test/mjsunit/regress/regress-362128.js Mon Apr
14 11:58:18 2014 UTC
@@ -0,0 +1,37 @@
+// Copyright 2014 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+// Flags: --allow-natives-syntax
+
+function genM() {
+ "use strict";
+ return function () {
+ return this.field;
+ };
+}
+
+function genR() {
+ var x = {
+ field: 10
+ }
+ return x;
+}
+
+method = {};
+receiver = {};
+
+method = genM("A");
+receiver = genR("A");
+
+var foo = (function () {
+ return function suspect (name) {
+ "use strict";
+ return method.apply(receiver, arguments);
+ }
+})();
+
+foo("a", "b", "c");
+foo("a", "b", "c");
+foo("a", "b", "c");
+%OptimizeFunctionOnNextCall(foo);
+foo("a", "b", "c");
=======================================
--- /branches/bleeding_edge/src/arm64/lithium-codegen-arm64.cc Mon Apr 14
08:24:15 2014 UTC
+++ /branches/bleeding_edge/src/arm64/lithium-codegen-arm64.cc Mon Apr 14
11:58:18 2014 UTC
@@ -5822,7 +5822,7 @@
// If the receiver is null or undefined, we have to pass the global
object as
// a receiver to normal functions. Values have to be passed unchanged to
// builtins and strict-mode functions.
- Label global_object, done;
+ Label global_object, done, copy_receiver;
if (!instr->hydrogen()->known_function()) {
__ Ldr(result, FieldMemOperand(function,
@@ -5833,10 +5833,10 @@
FieldMemOperand(result,
SharedFunctionInfo::kCompilerHintsOffset));
// Do not transform the receiver to object for strict mode functions.
- __ Tbnz(result, SharedFunctionInfo::kStrictModeFunction, &done);
+ __ Tbnz(result, SharedFunctionInfo::kStrictModeFunction,
©_receiver);
// Do not transform the receiver to object for builtins.
- __ Tbnz(result, SharedFunctionInfo::kNative, &done);
+ __ Tbnz(result, SharedFunctionInfo::kNative, ©_receiver);
}
// Normal function. Replace undefined or null with global receiver.
@@ -5846,15 +5846,17 @@
// Deoptimize if the receiver is not a JS object.
DeoptimizeIfSmi(receiver, instr->environment());
__ CompareObjectType(receiver, result, result, FIRST_SPEC_OBJECT_TYPE);
- __ Mov(result, receiver);
- __ B(ge, &done);
+ __ B(ge, ©_receiver);
Deoptimize(instr->environment());
__ Bind(&global_object);
__ Ldr(result, FieldMemOperand(function, JSFunction::kContextOffset));
__ Ldr(result, ContextMemOperand(result, Context::GLOBAL_OBJECT_INDEX));
__ Ldr(result, FieldMemOperand(result,
GlobalObject::kGlobalReceiverOffset));
+ __ B(&done);
+ __ Bind(©_receiver);
+ __ Mov(result, receiver);
__ Bind(&done);
}
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
