projects / platform / upstream / v8.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4ef5915)
Fix the IsTheHole bug.
authormvstanton@chromium.org <mvstanton@chromium.org>
Wed, 17 Sep 2014 14:28:48 +0000 (14:28 +0000)
committermvstanton@chromium.org <mvstanton@chromium.org>
Wed, 17 Sep 2014 14:28:48 +0000 (14:28 +0000)
For Double constant of non nan, object_ may be uninitialized.

(This patch comes from weiliang.lin@intel.com )

BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/565183004

Patch from Chunyang Dai <chunyang.dai@intel.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24007 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

src/hydrogen-instructions.h patch | blob | history

diff --git a/src/hydrogen-instructions.h b/src/hydrogen-instructions.h
index bcf5492..ab57147 100644 (file)
--- a/src/hydrogen-instructions.h
+++ b/src/hydrogen-instructions.h
@@ -3593,7 +3593,8 @@ class HConstant FINAL : public HTemplateInstruction<0> {
     if (HasDoubleValue() && FixedDoubleArray::is_the_hole_nan(double_value_)) {
       return true;
     }
-    return object_.IsKnownGlobal(isolate()->heap()->the_hole_value());
+    return object_.IsInitialized() &&
+           object_.IsKnownGlobal(isolate()->heap()->the_hole_value());
   }
   bool HasNumberValue() const { return has_double_value_; }
   int32_t NumberValueAsInteger32() const {
Domain: Web Framework / Web Engine;