src/builtins/builtins-array.cc - Issue 2756663002: [csa] Bailout to the runtime for ToInteger conversion in Array.p.indexOf.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/builtins/builtins-array.cc

Issue 2756663002: [csa] Bailout to the runtime for ToInteger conversion in Array.p.indexOf. (Closed)

Patch Set: Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/builtins/builtins-array.cc

diff --git a/src/builtins/builtins-array.cc b/src/builtins/builtins-array.cc

index 3537b4243572f1805de8d7c5197d88ac6c2ff084..31da68205841decc40a619826b4a05a7512c5a94 100644

--- a/src/builtins/builtins-array.cc

+++ b/src/builtins/builtins-array.cc

@@ -2048,33 +2048,26 @@ TF_BUILTIN(ArrayIndexOf, CodeStubAssembler) {

Bind(&init_k);

{

- Label done(this), init_k_smi(this), init_k_heap_num(this),

- init_k_zero(this), init_k_n(this);

- Node* tagged_n = ToInteger(context, start_from);

+ Label done(this), init_k_smi(this), init_k_other(this), init_k_zero(this),

+ init_k_n(this);

- Branch(TaggedIsSmi(tagged_n), &init_k_smi, &init_k_heap_num);

+ Branch(TaggedIsSmi(start_from), &init_k_smi, &init_k_other);

Jarin 2017/03/16 05:55:02 Please explain in a comment what you are doing her

Benedikt Meurer 2017/03/16 05:55:31 Done.

Bind(&init_k_smi);

{

- start_from_var.Bind(SmiUntag(tagged_n));

+ start_from_var.Bind(SmiUntag(start_from));

Goto(&init_k_n);

}

- Bind(&init_k_heap_num);

+ Bind(&init_k_other);

{

- Label do_return_not_found(this);

- // This round is lossless for all valid lengths.

- Node* fp_len = RoundIntPtrToFloat64(len_var.value());

- Node* fp_n = LoadHeapNumberValue(tagged_n);

- GotoIf(Float64GreaterThanOrEqual(fp_n, fp_len), &do_return_not_found);

- start_from_var.Bind(ChangeInt32ToIntPtr(TruncateFloat64ToWord32(fp_n)));

+ // For now only deal with undefined here; we must be really careful with

+ // side-effects from this ToInteger conversion, as the side-effects might

+ // render our assumptions about the receiver being a fast JSArray and the

+ // length invalid.

+ GotoIfNot(IsUndefined(start_from), &call_runtime);

+ start_from_var.Bind(intptr_zero);

Goto(&init_k_n);

- Bind(&do_return_not_found);

- {

- index_var.Bind(intptr_zero);

- Goto(&return_not_found);

- }

}

Bind(&init_k_n);

« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-702058-1.js » ('j') | no next file with comments »