michael@0: // In Nanojit, loads and stores have a maximum displacement of 16-bits.  Any
michael@0: // displacements larger than that should be split off into a separate
michael@0: // instruction that adds the displacement to the base pointer.  This
michael@0: // program tests if this is done correctly.
michael@0: //
michael@0: // x.y ends up having a dslot offset of 79988, because of the 20000 array
michael@0: // elements before it.  If Nanojit incorrectly stores this offset into a
michael@0: // 16-bit value it will truncate to 14452 (because 79988 - 65536 == 14452).
michael@0: // This means that the increments in the second loop will be done to one of
michael@0: // the array elements instead of x.y.  And so x.y's final value will be
michael@0: // (99 + 8) instead of 1099.
michael@0: //
michael@0: // Note that setting x.y to 99 and checking its value at the end will
michael@0: // access the correct location because those lines are interpreted.  Phew.
michael@0: 
michael@0: var x = {}
michael@0: for (var i = 0; i < 20000; i++)
michael@0:     x[i] = 0;
michael@0: x.y = 99;            // not traced, correctly accessed
michael@0: 
michael@0: for (var i = 0; i < 1000; ++i) {
michael@0:     x.y++;           // traced, will access an array elem if disp was truncated
michael@0: }
michael@0: assertEq(x.y, 1099); // not traced, correctly accessed
michael@0: