[ic] Properly handle handler misses in GenericPropertyLoad.

The AccessorAssembler::GenericPropertyLoad case went to %KeyedGetProperty when the actual handler that we found in the stub cache would miss. In this case we would always fall into the same trap all the time, since no one updates the stub cache. BUG=v8:5269 R=ishell@chromium.org Change-Id: I90fd83337c320f194dc31a69716627d047a6b070 Also-By: ishell@chromium.org Reviewed-on: https://chromium-review.googlesource.com/488147Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#44914}

[ic] Properly handle handler misses in GenericPropertyLoad.
The AccessorAssembler::GenericPropertyLoad case went to %KeyedGetProperty when the actual handler that we found in the stub cache would miss. In this case we would always fall into the same trap all the time, since no one updates the stub cache. BUG=v8:5269 R=ishell@chromium.org Change-Id: I90fd83337c320f194dc31a69716627d047a6b070 Also-By: ishell@chromium.org Reviewed-on: https://chromium-review.googlesource.com/488147Reviewed-by: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#44914}
0991f9d2 · Benedikt Meurer · c1699fde · 0991f9d2
Commit 0991f9d2 authored Apr 27, 2017 by Benedikt Meurer
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

accessor-assembler.cc src/ic/accessor-assembler.cc +4 -1

No files found.
--- a/src/ic/accessor-assembler.cc
+++ b/src/ic/accessor-assembler.cc
@@ -1521,7 +1521,10 @@ void AccessorAssembler::GenericPropertyLoad(Node* receiver, Node* receiver_map,
    TryProbeStubCache(isolate()->load_stub_cache(), receiver, key,
                      &found_handler, &var_handler, &stub_cache_miss);
    BIND(&found_handler);
-    { HandleLoadICHandlerCase(p, var_handler.value(), slow, &direct_exit); }
+    {
+      HandleLoadICHandlerCase(p, var_handler.value(), &stub_cache_miss,
+                              &direct_exit);
+    }

    BIND(&stub_cache_miss);
    {