a90671f1b9
This fixes stack unwinding to always recompute the stack pointer for interpreted frames. For frames materialized by the deoptimizer we elide the handler frame in between, hence arguments being pushed on the stack will no longer be pushed into the handler frame but into the interpreted frame directly. R=jarin@chromium.org TEST=mjsunit/regress/regress-crbug-662830 BUG=chromium:662830 Review-Url: https://codereview.chromium.org/2517203003 Cr-Commit-Position: refs/heads/master@{#41170}
20 lines
415 B
JavaScript
20 lines
415 B
JavaScript
// Copyright 2016 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
// Flags: --allow-natives-syntax
|
|
|
|
function f() {
|
|
%_DeoptimizeNow();
|
|
throw 1;
|
|
}
|
|
|
|
function g() {
|
|
try { f(); } catch(e) { }
|
|
for (var i = 0; i < 3; ++i) if (i === 1) %OptimizeOsr();
|
|
%_DeoptimizeNow();
|
|
}
|
|
|
|
%OptimizeFunctionOnNextCall(g);
|
|
g();
|