Fix stack layout of full code arm64 for object literal.

BUG=

Review URL: https://codereview.chromium.org/1095203005

Cr-Commit-Position: refs/heads/master@{#28055}

diff --git a/src/arm64/full-codegen-arm64.cc b/src/arm64/full-codegen-arm64.cc
index 18c0237..80013e4 100644 (file)
--- a/src/arm64/full-codegen-arm64.cc
+++ b/src/arm64/full-codegen-arm64.cc
@@ -1740,19 +1740,17 @@ void FullCodeGenerator::VisitObjectLiteral(ObjectLiteral* expr) {
           }
           break;
         }
+        __ Peek(x0, 0);
+        __ Push(x0);
+        VisitForStackValue(key);
+        VisitForStackValue(value);
         if (property->emit_store()) {
-          // Duplicate receiver on stack.
-          __ Peek(x0, 0);
-          __ Push(x0);
-          VisitForStackValue(key);
-          VisitForStackValue(value);
           EmitSetHomeObjectIfNeeded(value, 2);
           __ Mov(x0, Smi::FromInt(SLOPPY));  // Language mode
           __ Push(x0);
           __ CallRuntime(Runtime::kSetProperty, 4);
         } else {
-          VisitForEffect(key);
-          VisitForEffect(value);
+          __ Drop(3);
         }
         break;
       case ObjectLiteral::Property::PROTOTYPE:

diff --git a/test/mjsunit/compiler/lazy-deopt-in-literal.js b/test/mjsunit/compiler/lazy-deopt-in-literal.js
new file mode 100644 (file)
index 0000000..0a1481c
--- /dev/null
+++ b/test/mjsunit/compiler/lazy-deopt-in-literal.js
@@ -0,0 +1,20 @@
+// Copyright 2015 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --allow-natives-syntax
+
+function deopt() {
+  %DeoptimizeFunction(fun3);
+}
+
+function fun3() {
+  var r = { 113: deopt(), 113: 7 };
+  return r[113];
+}
+
+fun3();
+fun3();
+%OptimizeFunctionOnNextCall(fun3);
+var y = fun3();
+assertEquals(7, y);