New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 756305 link

Starred by 2 users
Status: Fixed
Owner:
mstarzinger@chromium.org
Closed: Sep 2017
Cc:
bmeu...@chromium.org
brajkumar@chromium.org
jarin@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Unexpected deoptimization info in v8

Reported by june901...@gmail.com, Aug 17 2017 
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36

Steps to reproduce the problem:
1. run a poc.html

What is the expected behavior?
maybe throw RangeError due to invalid length of string.

What went wrong?
crash occurs.

Crashed report ID: 

How much crashed? Just one tab

Is it a problem with a plugin? N/A 

Did this work before? N/A 

Chrome version: 60.0.3112.90  Channel: stable
OS Version: 10.0
Flash Version:
poc.html
222 bytes View Download

Comment 1 by brajkumar@chromium.org, Aug 18 2017

Cc: brajkumar@chromium.org
Components: Blink>JavaScript
Labels: -Type-Bug -Pri-2 hasbisect-per-revision M-62 Needs-Triage-M60 HasTestcase OS-Linux OS-Mac Pri-1 Type-Bug-Regression
Owner: bmeu...@chromium.org
Status: Assigned (was: Unconfirmed)
Able to reproduce on Windows-10, Ubuntu 14.04 and Mac OS 10.12.6 using chrome stable M60-60.0.3112.90.

Bisect Information:
----------------------
Good build: 56.0.2916.0
Bad Build : 56.0.2918.0

Change Log URL: 
https://chromium.googlesource.com/chromium/src/+log/fb027e734b0b86cbe440c70d6a62f63fa5c4b7b9..57a98173a830e5dca4d162e4588bc71320a4685d

From the above change log suspecting below change
https://chromium.googlesource.com/v8/v8/+/ddba89c433170aa4618bc551da4c18327dfb6a81

bmeurer@ - Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

Comment 2 by bmeu...@chromium.org, Aug 18 2017

Cc: bmeu...@chromium.org
Owner: mstarzinger@chromium.org
I'm OOO next week. Looks related to my change. mstarzinger@ can you take a look? Thanks.

Comment 3 by mstarzinger@chromium.org, Sep 5 2017

Components: -Blink>JavaScript Blink>JavaScript>Compiler
Status: Fixed (was: Assigned)
This is fixed as of 961a2c885d82502e7c90915883443435d27762d0 and hence fixed on M62. It removed the ability to generate optimized code without deoptimization support. Unfortunately this is not something that can be merged back to M61.

Sign in to add a comment