1// Copyright 2013 the V8 project authors. All rights reserved.
2// Copyright (C) 2005, 2006, 2007, 2008, 2009 Apple Inc. All rights reserved.
3//
4// Redistribution and use in source and binary forms, with or without
5// modification, are permitted provided that the following conditions
6// are met:
7// 1.  Redistributions of source code must retain the above copyright
8//     notice, this list of conditions and the following disclaimer.
9// 2.  Redistributions in binary form must reproduce the above copyright
10//     notice, this list of conditions and the following disclaimer in the
11//     documentation and/or other materials provided with the distribution.
12//
13// THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS'' AND ANY
14// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
16// DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS BE LIABLE FOR ANY
17// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
18// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
19// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
20// ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
22// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23
24description(
25"Tests that attempts by the DFG simplification to short-circuit a Phantom to a GetLocal on a variable that is SetLocal'd in the same block, and where the predecessor block(s) make no mention of that variable, do not result in crashes."
26);
27
28function baz() {
29    // Do something that prevents inlining.
30    return function() { }
31}
32
33function stuff(z) { }
34
35function foo(x, y) {
36    var a = arguments; // Force arguments to be captured, so that x is captured.
37    baz();
38    var z = x;
39    stuff(z); // Force a Flush, and then a Phantom on the GetLocal of x.
40    return 42;
41}
42
43var o = {
44    g: function(x) { }
45};
46
47function thingy(o) {
48    var p = {};
49    var result;
50    // Trick to delay control flow graph simplification until after the flush of x above gets turned into a phantom.
51    if (o.g)
52        p.f = true;
53    if (p.f) {
54        // Basic block that stores to x in foo(), which is a captured variable, with
55        // the predecessor block making no mention of x.
56        result = foo("hello", 2);
57    }
58    return result;
59}
60
61for (var i = 0; i < 200; ++i)
62    shouldBe("thingy(o)", "42");
63