AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
cb0de11d80
v8/test/mjsunit/regress/regress-crbug-644631.js
adamk 58325e616d [turbofan] Switch from a whitelist to a blacklist for NeedsFrameStateInput 
The whitelist is populated with those inline intrinsics that are lowered
in JSIntrinsicInlining and were not previously blacklisted. Thus the only
additional FrameStates this CL adds are those where the caller tries to
call the INLINE version of an intrinsic but ends up calling the RUNTIME
version instead.

R=bmeurer@chromium.org
BUG=chromium:644631

Review-Url: https://codereview.chromium.org/2331543002
Cr-Commit-Position: refs/heads/master@{#39357}
2016-09-12 16:12:57 +00:00

13 lines
313 B
JavaScript
Raw Blame History

// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --turbo --always-opt
function f() {
new Int8Array(new ArrayBuffer(2147483648));
}
// Should not crash
assertThrows(f, RangeError);
Reference in New Issue View Git Blame Copy Permalink