Materializing a frame element on the stack by pushing it can cause the...

src/virtual-frame.cc

 // Copyright 2009 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 195 matching lines @@
     new_element.set_copied();
   }
   if (elements_[index].is_register()) {
     Unuse(elements_[index].reg());
   }
   new_element.set_static_type(elements_[index].static_type());
   elements_[index] = new_element;
 }
 
 
-// Clear the dirty bits for the range of elements in
-// [min(stack_pointer_ + 1,begin), end).
-void VirtualFrame::SyncRange(int begin, int end) {
-  ASSERT(begin >= 0);
-  ASSERT(end <= elements_.length());
-  if (begin > stack_pointer_) {
-    // Elements between stack_pointer_ + 1 and begin must also be synced.
-    for (int i = stack_pointer_ + 1; i < end; i++) {
-      SyncElementByPushing(i);
-    }
-  } else if (end <= stack_pointer_ + 1) {
-    for (int i = begin; i < end; i++) {
-      if (!elements_[i].is_synced()) {
-          SyncElementBelowStackPointer(i);
-      }
-    }
-  } else {
-    // Split into two ranges that each satisfy a condition above.
-    SyncRange(begin, stack_pointer_ + 1);
-    SyncRange(stack_pointer_ + 1, end);
-  }
-}
-
-
 // Clear the dirty bit for the element at a given index.
 void VirtualFrame::SyncElementAt(int index) {
   if (index <= stack_pointer_) {
-    if (!elements_[index].is_synced()) {
-      SyncElementBelowStackPointer(index);
-    }
+    if (!elements_[index].is_synced()) SyncElementBelowStackPointer(index);
+  } else if (index == stack_pointer_ + 1) {
+    SyncElementByPushing(index);
   } else {
-    for (int i = stack_pointer_ + 1; i <= index; i++) {
-      SyncElementByPushing(i);
-    }
+    SyncRange(stack_pointer_ + 1, index);
   }
 }
 
 
 // Make the type of all elements be MEMORY.
 void VirtualFrame::SpillAll() {
   for (int i = 0; i < elements_.length(); i++) {
     SpillElementAt(i);
   }
 }
@@ skipping 43 matching lines @@
     elements_[i].set_static_type(target.static_type());
   }
 }
 
 
 void VirtualFrame::PrepareForCall(int spilled_args, int dropped_args) {
   ASSERT(height() >= dropped_args);
   ASSERT(height() >= spilled_args);
   ASSERT(dropped_args <= spilled_args);
 
-  SyncRange(0, elements_.length());
+  SyncRange(0, elements_.length() - 1);
   // Spill registers.
   for (int i = 0; i < kNumRegisters; i++) {
     if (is_used(i)) {
       SpillElementAt(register_locations_[i]);
     }
   }
 
   // Spill the arguments.
   for (int i = elements_.length() - spilled_args; i < elements_.length(); i++) {
     if (!elements_[i].is_memory()) {
@@ skipping 203 matching lines @@
 #endif
   if (stack_pointer_ != other->stack_pointer_) return false;
   for (int i = 0; i < elements_.length(); i++) {
     if (!elements_[i].Equals(other->elements_[i])) return false;
   }
 
   return true;
 }
 
 } }  // namespace v8::internal