Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(273)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/compiler/js-native-context-specialization.cc

Issue 2770003002: Set the current context to the function's context when entering to LAP. (Closed)
Patch Set: Crashing at cctest test-accessors/AccessorIC Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/compiler/js-native-context-specialization.h ('k') | src/ia32/code-stubs-ia32.cc » ('j') | src/ic/x64/handler-compiler-x64.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/compiler/js-native-context-specialization.cc
diff --git a/src/compiler/js-native-context-specialization.cc b/src/compiler/js-native-context-specialization.cc
index 742660ffb271b83393c44e1b55c17b4b12863505..1c736194114c6e5bb0ffcc6205868647c2f6cdfe 100644
--- a/src/compiler/js-native-context-specialization.cc
+++ b/src/compiler/js-native-context-specialization.cc
@@ -1435,12 +1435,14 @@ Node* JSNativeContextSpecialization::InlinePropertyGetterCall(
ConvertReceiverMode::kNotNullOrUndefined),
target, receiver, context, frame_state0, *effect, *control);
} else {
+ Node* holder = jsgraph()->Constant(access_info.holder().ToHandleChecked());
DCHECK(access_info.constant()->IsFunctionTemplateInfo());
Handle<FunctionTemplateInfo> function_template_info(
Handle<FunctionTemplateInfo>::cast(access_info.constant()));
DCHECK(!function_template_info->call_code()->IsUndefined(isolate()));
- value = InlineApiCall(receiver, context, target, frame_state0, nullptr,
- effect, control, shared_info, function_template_info);
+ value =
+ InlineApiCall(receiver, holder, context, target, frame_state0, nullptr,
+ effect, control, shared_info, function_template_info);
}
// Remember to rewire the IfException edge if this is inside a try-block.
if (if_exceptions != nullptr) {
@@ -1482,12 +1484,14 @@ Node* JSNativeContextSpecialization::InlinePropertySetterCall(
ConvertReceiverMode::kNotNullOrUndefined),
target, receiver, value, context, frame_state0, *effect, *control);
} else {
+ Node* holder = jsgraph()->Constant(access_info.holder().ToHandleChecked());
DCHECK(access_info.constant()->IsFunctionTemplateInfo());
Handle<FunctionTemplateInfo> function_template_info(
Handle<FunctionTemplateInfo>::cast(access_info.constant()));
DCHECK(!function_template_info->call_code()->IsUndefined(isolate()));
- value = InlineApiCall(receiver, context, target, frame_state0, value,
- effect, control, shared_info, function_template_info);
+ value =
+ InlineApiCall(receiver, holder, context, target, frame_state0, value,
+ effect, control, shared_info, function_template_info);
}
// Remember to rewire the IfException edge if this is inside a try-block.
if (if_exceptions != nullptr) {
@@ -1502,8 +1506,9 @@ Node* JSNativeContextSpecialization::InlinePropertySetterCall(
}
Node* JSNativeContextSpecialization::InlineApiCall(
- Node* receiver, Node* context, Node* target, Node* frame_state, Node* value,
- Node** effect, Node** control, Handle<SharedFunctionInfo> shared_info,
+ Node* receiver, Node* holder, Node* context, Node* target,
+ Node* frame_state, Node* value, Node** effect, Node** control,
+ Handle<SharedFunctionInfo> shared_info,
Handle<FunctionTemplateInfo> function_template_info) {
Handle<CallHandlerInfo> call_handler_info = handle(
CallHandlerInfo::cast(function_template_info->call_code()), isolate());
@@ -1520,7 +1525,7 @@ Node* JSNativeContextSpecialization::InlineApiCall(
CallDescriptor* call_descriptor = Linkage::GetStubCallDescriptor(
isolate(), graph()->zone(), call_interface_descriptor,
call_interface_descriptor.GetStackParameterCount() + argc +
- 1 /* implicit receiver */,
+ 1 /* implicit receiver */ + 1 /* accessor holder */,
CallDescriptor::kNeedsFrameState, Operator::kNoProperties,
MachineType::AnyTagged(), 1);
@@ -1532,9 +1537,10 @@ Node* JSNativeContextSpecialization::InlineApiCall(
Node* code = jsgraph()->HeapConstant(stub.GetCode());
// Add CallApiCallbackStub's register argument as well.
- Node* inputs[11] = {
- code, target, data, receiver /* holder */, function_reference, receiver};
- int index = 6 + argc;
+ Node* inputs[12] = {
+ code, target, data, receiver /* holder */, function_reference,
+ holder, receiver};
+ int index = 7 + argc;
inputs[index++] = context;
inputs[index++] = frame_state;
inputs[index++] = *effect;
@@ -1542,7 +1548,7 @@ Node* JSNativeContextSpecialization::InlineApiCall(
// This needs to stay here because of the edge case described in
// http://crbug.com/675648.
if (value != nullptr) {
- inputs[6] = value;
+ inputs[7] = value;
}
return *effect = *control =
« no previous file with comments | « src/compiler/js-native-context-specialization.h ('k') | src/ia32/code-stubs-ia32.cc » ('j') | src/ic/x64/handler-compiler-x64.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698