Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(249)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/compiler/js-inlining.cc

Issue 1781303002: [turbofan] Avoid dereferencing empty handle when inlining a tail call. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-593697-2.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 the V8 project authors. All rights reserved. 1 // Copyright 2014 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/compiler/js-inlining.h" 5 #include "src/compiler/js-inlining.h"
6 6
7 #include "src/ast/ast.h" 7 #include "src/ast/ast.h"
8 #include "src/ast/ast-numbering.h" 8 #include "src/ast/ast-numbering.h"
9 #include "src/ast/scopes.h" 9 #include "src/ast/scopes.h"
10 #include "src/compiler.h" 10 #include "src/compiler.h"
(...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after
258 jsgraph_->common()->StateValues(static_cast<int>(params.size())); 258 jsgraph_->common()->StateValues(static_cast<int>(params.size()));
259 Node* params_node = jsgraph_->graph()->NewNode( 259 Node* params_node = jsgraph_->graph()->NewNode(
260 op_param, static_cast<int>(params.size()), &params.front()); 260 op_param, static_cast<int>(params.size()), &params.front());
261 return jsgraph_->graph()->NewNode(op, params_node, node0, node0, 261 return jsgraph_->graph()->NewNode(op, params_node, node0, node0,
262 jsgraph_->UndefinedConstant(), 262 jsgraph_->UndefinedConstant(),
263 node->InputAt(0), outer_frame_state); 263 node->InputAt(0), outer_frame_state);
264 } 264 }
265 265
266 Node* JSInliner::CreateTailCallerFrameState(Node* node, Node* frame_state) { 266 Node* JSInliner::CreateTailCallerFrameState(Node* node, Node* frame_state) {
267 FrameStateInfo const& frame_info = OpParameter<FrameStateInfo>(frame_state); 267 FrameStateInfo const& frame_info = OpParameter<FrameStateInfo>(frame_state);
268 Handle<SharedFunctionInfo> shared = 268 Handle<SharedFunctionInfo> shared;
269 frame_info.shared_info().ToHandleChecked(); 269 frame_info.shared_info().ToHandle(&shared);
270 270
271 Node* function = frame_state->InputAt(kFrameStateFunctionInput); 271 Node* function = frame_state->InputAt(kFrameStateFunctionInput);
272 272
273 // If we are inlining a tail call drop caller's frame state and an 273 // If we are inlining a tail call drop caller's frame state and an
274 // arguments adaptor if it exists. 274 // arguments adaptor if it exists.
275 frame_state = NodeProperties::GetFrameStateInput(frame_state, 0); 275 frame_state = NodeProperties::GetFrameStateInput(frame_state, 0);
276 if (frame_state->opcode() == IrOpcode::kFrameState) { 276 if (frame_state->opcode() == IrOpcode::kFrameState) {
277 FrameStateInfo state_info = OpParameter<FrameStateInfo>(frame_state); 277 FrameStateInfo const& frame_info = OpParameter<FrameStateInfo>(frame_state);
278 if (state_info.type() == FrameStateType::kArgumentsAdaptor) { 278 if (frame_info.type() == FrameStateType::kArgumentsAdaptor) {
279 frame_state = NodeProperties::GetFrameStateInput(frame_state, 0); 279 frame_state = NodeProperties::GetFrameStateInput(frame_state, 0);
280 } 280 }
281 } 281 }
282 282
283 const FrameStateFunctionInfo* state_info = 283 const FrameStateFunctionInfo* state_info =
284 jsgraph_->common()->CreateFrameStateFunctionInfo( 284 jsgraph_->common()->CreateFrameStateFunctionInfo(
285 FrameStateType::kTailCallerFunction, 0, 0, shared); 285 FrameStateType::kTailCallerFunction, 0, 0, shared);
286 286
287 const Operator* op = jsgraph_->common()->FrameState( 287 const Operator* op = jsgraph_->common()->FrameState(
288 BailoutId(-1), OutputFrameStateCombine::Ignore(), state_info); 288 BailoutId(-1), OutputFrameStateCombine::Ignore(), state_info);
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after
551 node, frame_state, call.formal_arguments(), 551 node, frame_state, call.formal_arguments(),
552 FrameStateType::kArgumentsAdaptor, shared_info); 552 FrameStateType::kArgumentsAdaptor, shared_info);
553 } 553 }
554 554
555 return InlineCall(node, new_target, context, frame_state, start, end); 555 return InlineCall(node, new_target, context, frame_state, start, end);
556 } 556 }
557 557
558 } // namespace compiler 558 } // namespace compiler
559 } // namespace internal 559 } // namespace internal
560 } // namespace v8 560 } // namespace v8
OLDNEW
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-593697-2.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698