This had to be reverted in r21887.
Firstly, it misses several checks, see
https://codereview.chromium.org/346473002/.
Also, the expression stack is out of sync with full-codegen when the
arguments
are visited, which causes deopts to mess up the frame, leading to crashes
later
on. We don't have a reduced repro for that yet; the full-blown repro is to:
(1) build Chrome with a V8 version containing this patch. You might want to
build in Debug mode with GYP_DEFINES="component=shared_library
v8_optimized_debug=0".
(2) visit http://video.search.yahoo.com/. You might want to run with flags:
out/Debug/chrome --no-sandbox --renderer-cmd-prefix="xterm -e gdb -ex run
-args"
--js-flags="--trace-deopt --print-opt-code --code-comments".
https://codereview.chromium.org/335683002/
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
