From 18ea0084a018e0e7810e8ed136a385e1a27261c2 Mon Sep 17 00:00:00 2001
From: "mvstanton@chromium.org" <mvstanton@chromium.org>
Date: Wed, 17 Sep 2014 14:28:48 +0000
Subject: [PATCH] Fix the IsTheHole bug.

For Double constant of non nan, object_ may be uninitialized.

(This patch comes from weiliang.lin@intel.com )

BUG=
R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/565183004

Patch from Chunyang Dai <chunyang.dai@intel.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@24007 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 src/hydrogen-instructions.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/hydrogen-instructions.h b/src/hydrogen-instructions.h
index bcf5492..ab57147 100644
--- a/src/hydrogen-instructions.h
+++ b/src/hydrogen-instructions.h
@@ -3593,7 +3593,8 @@ class HConstant FINAL : public HTemplateInstruction<0> {
     if (HasDoubleValue() && FixedDoubleArray::is_the_hole_nan(double_value_)) {
       return true;
     }
-    return object_.IsKnownGlobal(isolate()->heap()->the_hole_value());
+    return object_.IsInitialized() &&
+           object_.IsKnownGlobal(isolate()->heap()->the_hole_value());
   }
   bool HasNumberValue() const { return has_double_value_; }
   int32_t NumberValueAsInteger32() const {
-- 
2.7.4