From CallDescriptors::InitializeForIsolate in the code-stub-x64.cc, the
rax'
representation is Representation::Integer32().
You're absolutely right, rax is raw integer. I was confused by another code.
There is a corner case when rbx is -1, rdx is -8, and rcx might be -1,
-2, -3,
The intention is to check against big number of arguments that overflow the
stack. Since we are not accounting for return address and frame setup
anyway, it
can happen that we overflow the stack by small constant amount. That should
be
safe and in my opinion is not worth slowing down the common code path with
additional checks.
I uploaded the fix: https://codereview.chromium.org/239703012/
Thanks for finding this bug!
https://codereview.chromium.org/236633006/
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
