review.tizen.org Git - platform/upstream/v8.git/commit

author	mstarzinger <mstarzinger@chromium.org>
	Wed, 3 Jun 2015 11:32:25 +0000 (04:32 -0700)
committer	Commit bot <commit-bot@chromium.org>
	Wed, 3 Jun 2015 11:32:31 +0000 (11:32 +0000)
commit	68beef53c36d8640b453da4169548cbbd61c91a9
tree	f5ca1b85ebeaeddbccbe92dc71a5446b02d70f6e	tree \| snapshot
parent	daba339a84c75f5edac6f60eb079b563970260b9	commit \| diff

Fix arrow functions requiring context without slots.

This fixes a corner-case where arrow functions that require a context
allocate none, because there are no additional slots allocated. Note
that this didn't happen with true function scopes because they always
had at least the receiver slot.

The outcome was a context chain that no longer was in sync with the
scope chain, hence context slot loads were bogus. This is observable
using the DYNAMIC_LOCAL optimization in all compilers.

R=rossberg@chromium.org,wingo@igalia.com
TEST=mjsunit/harmony/regress/regress-4160
BUG=v8:4160
LOG=N

Review URL: https://codereview.chromium.org/1146063006

Cr-Commit-Position: refs/heads/master@{#28788}

src/arm/full-codegen-arm.cc		diff \| blob \| history
src/arm64/full-codegen-arm64.cc		diff \| blob \| history
src/code-stubs.h		diff \| blob \| history
src/compiler/ast-graph-builder.cc		diff \| blob \| history
src/ia32/full-codegen-ia32.cc		diff \| blob \| history
src/mips/full-codegen-mips.cc		diff \| blob \| history
src/mips64/full-codegen-mips64.cc		diff \| blob \| history
src/ppc/full-codegen-ppc.cc		diff \| blob \| history
src/x64/full-codegen-x64.cc		diff \| blob \| history
src/x87/full-codegen-x87.cc		diff \| blob \| history
test/mjsunit/harmony/regress/regress-4160.js	[new file with mode: 0644]	blob