| Index: src/ia32/code-stubs-ia32.cc
|
| diff --git a/src/ia32/code-stubs-ia32.cc b/src/ia32/code-stubs-ia32.cc
|
| index 3c02872652980e3e48b43bb0ff6e65ea60f33c37..323ee22df5601eb31b1adcd2e22b387736a0bb57 100644
|
| --- a/src/ia32/code-stubs-ia32.cc
|
| +++ b/src/ia32/code-stubs-ia32.cc
|
| @@ -746,15 +746,24 @@ void TypeRecordingUnaryOpStub::GenerateHeapNumberCodeBitNot(
|
| __ bind(&try_float);
|
| if (mode_ == UNARY_NO_OVERWRITE) {
|
| Label slow_allocate_heapnumber, heapnumber_allocated;
|
| + __ mov(ebx, eax);
|
| __ AllocateHeapNumber(eax, edx, edi, &slow_allocate_heapnumber);
|
| __ jmp(&heapnumber_allocated);
|
|
|
| __ bind(&slow_allocate_heapnumber);
|
| __ EnterInternalFrame();
|
| - __ push(ecx);
|
| + // Push the original HeapNumber on the stack. The integer value can't
|
| + // be stored since it's untagged and not in the smi range (so we can't
|
| + // smi-tag it). We'll recalculate the value after the GC instead.
|
| + __ push(ebx);
|
| __ CallRuntime(Runtime::kNumberAlloc, 0);
|
| - __ pop(ecx);
|
| + // New HeapNumber is in eax.
|
| + __ pop(edx);
|
| __ LeaveInternalFrame();
|
| + // IntegerConvert uses ebx and edi as scratch registers.
|
| + // This conversion won't go slow-case.
|
| + IntegerConvert(masm, edx, CpuFeatures::IsSupported(SSE3), slow);
|
| + __ not_(ecx);
|
|
|
| __ bind(&heapnumber_allocated);
|
| }
|
|
|
Chromium Code Reviews
Issue 7037007:
Fix push of untagged value in type-recording unary op stub. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge