cb9d0fe7f4
When mark-shared-funtion-for-tier-up is enabled, a function could be marked for optimization, then the baseline (FCG) code is flushed by the GC. The next time the function is executed, we shouldn't optimize the code if there isn't baseline code. BUG=chromium:673242 Review-Url: https://codereview.chromium.org/2575333003 Cr-Commit-Position: refs/heads/master@{#41751}
32 lines
867 B
JavaScript
32 lines
867 B
JavaScript
// Copyright 2016 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
// Flags: --mark-shared-functions-for-tier-up --allow-natives-syntax --expose-gc
|
|
|
|
function foo() {
|
|
function bar() {
|
|
}
|
|
return bar;
|
|
}
|
|
|
|
// Mark bar's shared function info for tier-up
|
|
// (but don't optimize).
|
|
var bar = foo();
|
|
%OptimizeFunctionOnNextCall(bar);
|
|
|
|
// Avoid flushing foo (and thereby making bar's shared function info
|
|
// dead) by marking it to be optimized.
|
|
%OptimizeFunctionOnNextCall(foo);
|
|
|
|
// Throw away the JSFunction we have for bar and GC until its code has
|
|
// been flushed.
|
|
bar = null;
|
|
for (var i = 0; i < 6; i++) {
|
|
gc();
|
|
}
|
|
|
|
// Now create a new JSFunction from bar's shared function info and call it,
|
|
// we should not optimize without recompiling the baseline code.
|
|
foo()();
|