9bd7c5e1bd
The RegisterInput (NewTarget) was not correctly visited by the GC. This: - Creates a sentinel safepoint to indicate that the stack is not fully created (we are in the stack guard call). - Generalises RegisterInputs (we assumed only NewTarget before) and save them in the graph. - Pass the register input count via tagged_register_indexes in this case. Fixed: chromium:1407606 Bug: v8:7700 Change-Id: I8f599f8c1a992ee6fd886eec1e289454649dfec8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4171626 Auto-Submit: Victor Gomes <victorgomes@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#85331}
19 lines
550 B
JavaScript
19 lines
550 B
JavaScript
// Copyright 2022 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
//
|
|
// Flags: --allow-natives-syntax --maglev
|
|
|
|
for (let v0 = 0; v0 < 100; v0++) {
|
|
for (let v1 = 0; v1 < 100; v1++) {
|
|
const v4 = new Float64Array(33519);
|
|
}
|
|
for (let v5 = 0; v5 < 100; v5++) {
|
|
function F8( a12) {
|
|
if (!new.target) { throw 'must be called with new'; }
|
|
a12--;
|
|
}
|
|
const v14 = new F8(- -1000000.0);
|
|
}
|
|
}
|