Skip to content

Commit 9c0d3a4

Browse files
thibaudmichaudV8 LUCI CQ
thibaudmichaud
authored and
V8 LUCI CQ
committed
Check all store modes for COW backing store access
[email protected] Bug: chromium:1382434 Change-Id: I06d239a70eba125b1074542cb93def2b1f011f81 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4013686 Commit-Queue: Thibaud Michaud <[email protected]> Reviewed-by: Jakob Kummerow <[email protected]> Cr-Commit-Position: refs/heads/main@{#84127}
1 parent 9d3d4ff commit 9c0d3a4

2 files changed

Lines changed: 3 additions & 2 deletions

File tree

src/compiler/heap-refs.h

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,8 @@ class PropertyAccessInfo;
5656
enum class AccessMode { kLoad, kStore, kStoreInLiteral, kHas, kDefine };
5757

5858
inline bool IsAnyStore(AccessMode mode) {
59-
return mode == AccessMode::kStore || mode == AccessMode::kStoreInLiteral;
59+
return mode == AccessMode::kStore || mode == AccessMode::kStoreInLiteral ||
60+
mode == AccessMode::kDefine;
6061
}
6162

6263
enum class OddballType : uint8_t {

src/compiler/js-native-context-specialization.cc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3399,7 +3399,7 @@ JSNativeContextSpecialization::BuildElementAccess(
33993399

34003400
// Don't try to store to a copy-on-write backing store (unless supported by
34013401
// the store mode).
3402-
if (keyed_mode.access_mode() == AccessMode::kStore &&
3402+
if (IsAnyStore(keyed_mode.access_mode()) &&
34033403
IsSmiOrObjectElementsKind(elements_kind) &&
34043404
!IsCOWHandlingStoreMode(keyed_mode.store_mode())) {
34053405
effect = graph()->NewNode(

0 commit comments

Comments
 (0)