| Index: src/compiler/js-native-context-specialization.cc
|
| diff --git a/src/compiler/js-native-context-specialization.cc b/src/compiler/js-native-context-specialization.cc
|
| index 25fe15b6c458fb75231659f12bc13182d7bf669f..a377c4eaa9abcc3359ffe629bf3e2419fe661553 100644
|
| --- a/src/compiler/js-native-context-specialization.cc
|
| +++ b/src/compiler/js-native-context-specialization.cc
|
| @@ -1282,6 +1282,12 @@ Reduction JSNativeContextSpecialization::ReduceJSStoreDataPropertyInLiteral(
|
|
|
| DCHECK_EQ(MONOMORPHIC, nexus.ic_state());
|
|
|
| + Map* map = nexus.FindFirstMap();
|
| + if (map == nullptr) {
|
| + // Maps are weakly held in the type feedback vector, we may not have one.
|
| + return NoChange();
|
| + }
|
| +
|
| Handle<Map> receiver_map(nexus.FindFirstMap(), isolate());
|
| Handle<Name> cached_name =
|
| handle(Name::cast(nexus.GetFeedbackExtra()), isolate());
|
|
|
Chromium Code Reviews
Issue 2644733007:
[turbofan] Check for nullptr maps. (Closed)
